1 /***************************************************************************
2 * Copyright (C) 2006, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
27 #include "replacements.h"
31 #include "arm7_9_common.h"
35 #include "arm_simulator.h"
36 #include "arm_disassembler.h"
39 #include "binarybuffer.h"
40 #include "time_support.h"
41 #include "breakpoints.h"
47 #include <sys/types.h>
53 int xscale_register_commands(struct command_context_s *cmd_ctx);
55 /* forward declarations */
56 int xscale_target_create(struct target_s *target, Jim_Interp *interp);
57 int xscale_init_target(struct command_context_s *cmd_ctx, struct target_s *target);
58 int xscale_quit(void);
60 int xscale_arch_state(struct target_s *target);
61 int xscale_poll(target_t *target);
62 int xscale_halt(target_t *target);
63 int xscale_resume(struct target_s *target, int current, u32 address, int handle_breakpoints, int debug_execution);
64 int xscale_step(struct target_s *target, int current, u32 address, int handle_breakpoints);
65 int xscale_debug_entry(target_t *target);
66 int xscale_restore_context(target_t *target);
68 int xscale_assert_reset(target_t *target);
69 int xscale_deassert_reset(target_t *target);
70 int xscale_soft_reset_halt(struct target_s *target);
72 int xscale_set_reg_u32(reg_t *reg, u32 value);
74 int xscale_read_core_reg(struct target_s *target, int num, enum armv4_5_mode mode);
75 int xscale_write_core_reg(struct target_s *target, int num, enum armv4_5_mode mode, u32 value);
77 int xscale_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
78 int xscale_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
79 int xscale_bulk_write_memory(target_t *target, u32 address, u32 count, u8 *buffer);
81 int xscale_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
82 int xscale_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
83 int xscale_set_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
84 int xscale_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
85 int xscale_add_watchpoint(struct target_s *target, watchpoint_t *watchpoint);
86 int xscale_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint);
87 void xscale_enable_watchpoints(struct target_s *target);
88 void xscale_enable_breakpoints(struct target_s *target);
89 static int xscale_virt2phys(struct target_s *target, u32 virtual, u32 *physical);
90 static int xscale_mmu(struct target_s *target, int *enabled);
92 int xscale_read_trace(target_t *target);
94 target_type_t xscale_target =
99 .arch_state = xscale_arch_state,
101 .target_request_data = NULL,
104 .resume = xscale_resume,
107 .assert_reset = xscale_assert_reset,
108 .deassert_reset = xscale_deassert_reset,
109 .soft_reset_halt = xscale_soft_reset_halt,
111 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
113 .read_memory = xscale_read_memory,
114 .write_memory = xscale_write_memory,
115 .bulk_write_memory = xscale_bulk_write_memory,
116 .checksum_memory = arm7_9_checksum_memory,
117 .blank_check_memory = arm7_9_blank_check_memory,
119 .run_algorithm = armv4_5_run_algorithm,
121 .add_breakpoint = xscale_add_breakpoint,
122 .remove_breakpoint = xscale_remove_breakpoint,
123 .add_watchpoint = xscale_add_watchpoint,
124 .remove_watchpoint = xscale_remove_watchpoint,
126 .register_commands = xscale_register_commands,
127 .target_create = xscale_target_create,
128 .init_target = xscale_init_target,
131 .virt2phys = xscale_virt2phys,
135 char* xscale_reg_list[] =
137 "XSCALE_MAINID", /* 0 */
147 "XSCALE_IBCR0", /* 10 */
157 "XSCALE_RX", /* 20 */
161 xscale_reg_t xscale_reg_arch_info[] =
163 {XSCALE_MAINID, NULL},
164 {XSCALE_CACHETYPE, NULL},
166 {XSCALE_AUXCTRL, NULL},
172 {XSCALE_CPACCESS, NULL},
173 {XSCALE_IBCR0, NULL},
174 {XSCALE_IBCR1, NULL},
177 {XSCALE_DBCON, NULL},
178 {XSCALE_TBREG, NULL},
179 {XSCALE_CHKPT0, NULL},
180 {XSCALE_CHKPT1, NULL},
181 {XSCALE_DCSR, NULL}, /* DCSR accessed via JTAG or SW */
182 {-1, NULL}, /* TX accessed via JTAG */
183 {-1, NULL}, /* RX accessed via JTAG */
184 {-1, NULL}, /* TXRXCTRL implicit access via JTAG */
187 int xscale_reg_arch_type = -1;
189 int xscale_get_reg(reg_t *reg);
190 int xscale_set_reg(reg_t *reg, u8 *buf);
192 int xscale_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, xscale_common_t **xscale_p)
194 armv4_5_common_t *armv4_5 = target->arch_info;
195 xscale_common_t *xscale = armv4_5->arch_info;
197 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
199 LOG_ERROR("target isn't an XScale target");
203 if (xscale->common_magic != XSCALE_COMMON_MAGIC)
205 LOG_ERROR("target isn't an XScale target");
209 *armv4_5_p = armv4_5;
215 int xscale_jtag_set_instr(jtag_tap_t *tap, u32 new_instr)
220 if (buf_get_u32(tap->cur_instr, 0, tap->ir_length) != new_instr)
225 field.num_bits = tap->ir_length;
226 field.out_value = calloc(CEIL(field.num_bits, 8), 1);
227 buf_set_u32(field.out_value, 0, field.num_bits, new_instr);
230 field.in_value = tmp;
232 jtag_add_ir_scan(1, &field, TAP_INVALID);
234 jtag_check_value_mask(&field, tap->expected, tap->expected_mask);
236 free(field.out_value);
242 int xscale_read_dcsr(target_t *target)
244 armv4_5_common_t *armv4_5 = target->arch_info;
245 xscale_common_t *xscale = armv4_5->arch_info;
249 scan_field_t fields[3];
251 u8 field0_check_value = 0x2;
252 u8 field0_check_mask = 0x7;
254 u8 field2_check_value = 0x0;
255 u8 field2_check_mask = 0x1;
257 jtag_add_end_state(TAP_DRPAUSE);
258 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dcsr);
260 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
261 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
263 fields[0].tap = xscale->jtag_info.tap;
264 fields[0].num_bits = 3;
265 fields[0].out_value = &field0;
267 fields[0].in_value = &tmp;
269 fields[1].tap = xscale->jtag_info.tap;
270 fields[1].num_bits = 32;
271 fields[1].out_value = NULL;
272 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
275 fields[2].tap = xscale->jtag_info.tap;
276 fields[2].num_bits = 1;
277 fields[2].out_value = &field2;
279 fields[2].in_value = &tmp2;
281 jtag_add_dr_scan(3, fields, TAP_INVALID);
283 jtag_check_value_mask(fields+0, &field0_check_value, &field0_check_mask);
284 jtag_check_value_mask(fields+2, &field2_check_value, &field2_check_mask);
286 if ((retval = jtag_execute_queue()) != ERROR_OK)
288 LOG_ERROR("JTAG error while reading DCSR");
292 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
293 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
295 /* write the register with the value we just read
296 * on this second pass, only the first bit of field0 is guaranteed to be 0)
298 field0_check_mask = 0x1;
299 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
300 fields[1].in_value = NULL;
302 jtag_add_end_state(TAP_IDLE);
304 jtag_add_dr_scan(3, fields, TAP_INVALID);
306 /* DANGER!!! this must be here. It will make sure that the arguments
307 * to jtag_set_check_value() does not go out of scope! */
308 return jtag_execute_queue();
311 int xscale_receive(target_t *target, u32 *buffer, int num_words)
314 return ERROR_INVALID_ARGUMENTS;
317 armv4_5_common_t *armv4_5 = target->arch_info;
318 xscale_common_t *xscale = armv4_5->arch_info;
321 scan_field_t fields[3];
323 u8 *field0 = malloc(num_words * 1);
324 u8 field0_check_value = 0x2;
325 u8 field0_check_mask = 0x6;
326 u32 *field1 = malloc(num_words * 4);
327 u8 field2_check_value = 0x0;
328 u8 field2_check_mask = 0x1;
330 int words_scheduled = 0;
334 path[0] = TAP_DRSELECT;
335 path[1] = TAP_DRCAPTURE;
336 path[2] = TAP_DRSHIFT;
338 fields[0].tap = xscale->jtag_info.tap;
339 fields[0].num_bits = 3;
340 fields[0].out_value = NULL;
342 fields[0].in_value = &tmp2;
344 fields[1].tap = xscale->jtag_info.tap;
345 fields[1].num_bits = 32;
346 fields[1].out_value = NULL;
348 fields[1].in_value = tmp;
351 fields[2].tap = xscale->jtag_info.tap;
352 fields[2].num_bits = 1;
353 fields[2].out_value = NULL;
355 fields[2].in_value = &tmp3;
357 jtag_add_end_state(TAP_IDLE);
358 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dbgtx);
359 jtag_add_runtest(1, TAP_INVALID); /* ensures that we're in the TAP_IDLE state as the above could be a no-op */
361 /* repeat until all words have been collected */
363 while (words_done < num_words)
367 for (i = words_done; i < num_words; i++)
369 fields[0].in_value = &field0[i];
371 jtag_add_pathmove(3, path);
372 jtag_add_dr_scan_now(3, fields, TAP_IDLE);
374 jtag_check_value_mask(fields+0, &field0_check_value, &field0_check_mask);
375 jtag_check_value_mask(fields+2, &field2_check_value, &field2_check_mask);
377 field1[i]=buf_get_u32(tmp, 0, 32);
382 if ((retval = jtag_execute_queue()) != ERROR_OK)
384 LOG_ERROR("JTAG error while receiving data from debug handler");
388 /* examine results */
389 for (i = words_done; i < num_words; i++)
391 if (!(field0[0] & 1))
393 /* move backwards if necessary */
395 for (j = i; j < num_words - 1; j++)
397 field0[j] = field0[j+1];
398 field1[j] = field1[j+1];
403 if (words_scheduled==0)
405 if (attempts++==1000)
407 LOG_ERROR("Failed to receiving data from debug handler after 1000 attempts");
408 retval=ERROR_TARGET_TIMEOUT;
413 words_done += words_scheduled;
416 for (i = 0; i < num_words; i++)
417 *(buffer++) = buf_get_u32((u8*)&field1[i], 0, 32);
424 int xscale_read_tx(target_t *target, int consume)
426 armv4_5_common_t *armv4_5 = target->arch_info;
427 xscale_common_t *xscale = armv4_5->arch_info;
429 tap_state_t noconsume_path[6];
432 struct timeval timeout, now;
434 scan_field_t fields[3];
436 u8 field0_check_value = 0x2;
437 u8 field0_check_mask = 0x6;
438 u8 field2_check_value = 0x0;
439 u8 field2_check_mask = 0x1;
441 jtag_add_end_state(TAP_IDLE);
443 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dbgtx);
445 path[0] = TAP_DRSELECT;
446 path[1] = TAP_DRCAPTURE;
447 path[2] = TAP_DRSHIFT;
449 noconsume_path[0] = TAP_DRSELECT;
450 noconsume_path[1] = TAP_DRCAPTURE;
451 noconsume_path[2] = TAP_DREXIT1;
452 noconsume_path[3] = TAP_DRPAUSE;
453 noconsume_path[4] = TAP_DREXIT2;
454 noconsume_path[5] = TAP_DRSHIFT;
456 fields[0].tap = xscale->jtag_info.tap;
457 fields[0].num_bits = 3;
458 fields[0].out_value = NULL;
459 fields[0].in_value = &field0_in;
461 fields[1].tap = xscale->jtag_info.tap;
462 fields[1].num_bits = 32;
463 fields[1].out_value = NULL;
464 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_TX].value;
467 fields[2].tap = xscale->jtag_info.tap;
468 fields[2].num_bits = 1;
469 fields[2].out_value = NULL;
471 fields[2].in_value = &tmp;
473 gettimeofday(&timeout, NULL);
474 timeval_add_time(&timeout, 1, 0);
478 /* if we want to consume the register content (i.e. clear TX_READY),
479 * we have to go straight from Capture-DR to Shift-DR
480 * otherwise, we go from Capture-DR to Exit1-DR to Pause-DR
483 jtag_add_pathmove(3, path);
486 jtag_add_pathmove(sizeof(noconsume_path)/sizeof(*noconsume_path), noconsume_path);
489 jtag_add_dr_scan(3, fields, TAP_IDLE);
491 jtag_check_value_mask(fields+0, &field0_check_value, &field0_check_mask);
492 jtag_check_value_mask(fields+2, &field2_check_value, &field2_check_mask);
494 if ((retval = jtag_execute_queue()) != ERROR_OK)
496 LOG_ERROR("JTAG error while reading TX");
497 return ERROR_TARGET_TIMEOUT;
500 gettimeofday(&now, NULL);
501 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
503 LOG_ERROR("time out reading TX register");
504 return ERROR_TARGET_TIMEOUT;
506 if (!((!(field0_in & 1)) && consume))
512 LOG_DEBUG("waiting 100ms");
513 alive_sleep(100); /* avoid flooding the logs */
521 if (!(field0_in & 1))
522 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
527 int xscale_write_rx(target_t *target)
529 armv4_5_common_t *armv4_5 = target->arch_info;
530 xscale_common_t *xscale = armv4_5->arch_info;
533 struct timeval timeout, now;
535 scan_field_t fields[3];
538 u8 field0_check_value = 0x2;
539 u8 field0_check_mask = 0x6;
541 u8 field2_check_value = 0x0;
542 u8 field2_check_mask = 0x1;
544 jtag_add_end_state(TAP_IDLE);
546 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dbgrx);
548 fields[0].tap = xscale->jtag_info.tap;
549 fields[0].num_bits = 3;
550 fields[0].out_value = &field0_out;
551 fields[0].in_value = &field0_in;
553 fields[1].tap = xscale->jtag_info.tap;
554 fields[1].num_bits = 32;
555 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_RX].value;
556 fields[1].in_value = NULL;
559 fields[2].tap = xscale->jtag_info.tap;
560 fields[2].num_bits = 1;
561 fields[2].out_value = &field2;
563 fields[2].in_value = &tmp;
565 gettimeofday(&timeout, NULL);
566 timeval_add_time(&timeout, 1, 0);
568 /* poll until rx_read is low */
569 LOG_DEBUG("polling RX");
572 jtag_add_dr_scan(3, fields, TAP_IDLE);
574 jtag_check_value_mask(fields+0, &field0_check_value, &field0_check_mask);
575 jtag_check_value_mask(fields+2, &field2_check_value, &field2_check_mask);
577 if ((retval = jtag_execute_queue()) != ERROR_OK)
579 LOG_ERROR("JTAG error while writing RX");
583 gettimeofday(&now, NULL);
584 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
586 LOG_ERROR("time out writing RX register");
587 return ERROR_TARGET_TIMEOUT;
589 if (!(field0_in & 1))
593 LOG_DEBUG("waiting 100ms");
594 alive_sleep(100); /* avoid flooding the logs */
604 jtag_add_dr_scan(3, fields, TAP_IDLE);
606 if ((retval = jtag_execute_queue()) != ERROR_OK)
608 LOG_ERROR("JTAG error while writing RX");
615 /* send count elements of size byte to the debug handler */
616 int xscale_send(target_t *target, u8 *buffer, int count, int size)
618 armv4_5_common_t *armv4_5 = target->arch_info;
619 xscale_common_t *xscale = armv4_5->arch_info;
627 jtag_add_end_state(TAP_IDLE);
629 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dbgrx);
636 int endianness = target->endianness;
637 while (done_count++ < count)
642 if (endianness == TARGET_LITTLE_ENDIAN)
644 t[1]=le_to_h_u32(buffer);
647 t[1]=be_to_h_u32(buffer);
651 if (endianness == TARGET_LITTLE_ENDIAN)
653 t[1]=le_to_h_u16(buffer);
656 t[1]=be_to_h_u16(buffer);
663 LOG_ERROR("BUG: size neither 4, 2 nor 1");
666 jtag_add_dr_out(xscale->jtag_info.tap,
674 if ((retval = jtag_execute_queue()) != ERROR_OK)
676 LOG_ERROR("JTAG error while sending data to debug handler");
683 int xscale_send_u32(target_t *target, u32 value)
685 armv4_5_common_t *armv4_5 = target->arch_info;
686 xscale_common_t *xscale = armv4_5->arch_info;
688 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
689 return xscale_write_rx(target);
692 int xscale_write_dcsr(target_t *target, int hold_rst, int ext_dbg_brk)
694 armv4_5_common_t *armv4_5 = target->arch_info;
695 xscale_common_t *xscale = armv4_5->arch_info;
699 scan_field_t fields[3];
701 u8 field0_check_value = 0x2;
702 u8 field0_check_mask = 0x7;
704 u8 field2_check_value = 0x0;
705 u8 field2_check_mask = 0x1;
708 xscale->hold_rst = hold_rst;
710 if (ext_dbg_brk != -1)
711 xscale->external_debug_break = ext_dbg_brk;
713 jtag_add_end_state(TAP_IDLE);
714 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dcsr);
716 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
717 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
719 fields[0].tap = xscale->jtag_info.tap;
720 fields[0].num_bits = 3;
721 fields[0].out_value = &field0;
723 fields[0].in_value = &tmp;
725 fields[1].tap = xscale->jtag_info.tap;
726 fields[1].num_bits = 32;
727 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
728 fields[1].in_value = NULL;
731 fields[2].tap = xscale->jtag_info.tap;
732 fields[2].num_bits = 1;
733 fields[2].out_value = &field2;
735 fields[2].in_value = &tmp2;
737 jtag_add_dr_scan(3, fields, TAP_INVALID);
739 jtag_check_value_mask(fields+0, &field0_check_value, &field0_check_mask);
740 jtag_check_value_mask(fields+2, &field2_check_value, &field2_check_mask);
742 if ((retval = jtag_execute_queue()) != ERROR_OK)
744 LOG_ERROR("JTAG error while writing DCSR");
748 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
749 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
754 /* parity of the number of bits 0 if even; 1 if odd. for 32 bit words */
755 unsigned int parity (unsigned int v)
762 LOG_DEBUG("parity of 0x%x is %i", ov, (0x6996 >> v) & 1);
763 return (0x6996 >> v) & 1;
766 int xscale_load_ic(target_t *target, int mini, u32 va, u32 buffer[8])
768 armv4_5_common_t *armv4_5 = target->arch_info;
769 xscale_common_t *xscale = armv4_5->arch_info;
774 scan_field_t fields[2];
776 LOG_DEBUG("loading miniIC at 0x%8.8x", va);
778 jtag_add_end_state(TAP_IDLE);
779 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.ldic); /* LDIC */
781 /* CMD is b010 for Main IC and b011 for Mini IC */
783 buf_set_u32(&cmd, 0, 3, 0x3);
785 buf_set_u32(&cmd, 0, 3, 0x2);
787 buf_set_u32(&cmd, 3, 3, 0x0);
789 /* virtual address of desired cache line */
790 buf_set_u32(packet, 0, 27, va >> 5);
792 fields[0].tap = xscale->jtag_info.tap;
793 fields[0].num_bits = 6;
794 fields[0].out_value = &cmd;
796 fields[0].in_value = NULL;
802 fields[1].tap = xscale->jtag_info.tap;
803 fields[1].num_bits = 27;
804 fields[1].out_value = packet;
806 fields[1].in_value = NULL;
812 jtag_add_dr_scan(2, fields, TAP_INVALID);
814 fields[0].num_bits = 32;
815 fields[0].out_value = packet;
817 fields[1].num_bits = 1;
818 fields[1].out_value = &cmd;
820 for (word = 0; word < 8; word++)
822 buf_set_u32(packet, 0, 32, buffer[word]);
825 memcpy(&value, packet, sizeof(u32));
828 jtag_add_dr_scan(2, fields, TAP_INVALID);
831 jtag_execute_queue();
836 int xscale_invalidate_ic_line(target_t *target, u32 va)
838 armv4_5_common_t *armv4_5 = target->arch_info;
839 xscale_common_t *xscale = armv4_5->arch_info;
843 scan_field_t fields[2];
845 jtag_add_end_state(TAP_IDLE);
846 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.ldic); /* LDIC */
848 /* CMD for invalidate IC line b000, bits [6:4] b000 */
849 buf_set_u32(&cmd, 0, 6, 0x0);
851 /* virtual address of desired cache line */
852 buf_set_u32(packet, 0, 27, va >> 5);
854 fields[0].tap = xscale->jtag_info.tap;
855 fields[0].num_bits = 6;
856 fields[0].out_value = &cmd;
858 fields[0].in_value = NULL;
864 fields[1].tap = xscale->jtag_info.tap;
865 fields[1].num_bits = 27;
866 fields[1].out_value = packet;
868 fields[1].in_value = NULL;
874 jtag_add_dr_scan(2, fields, TAP_INVALID);
879 int xscale_update_vectors(target_t *target)
881 armv4_5_common_t *armv4_5 = target->arch_info;
882 xscale_common_t *xscale = armv4_5->arch_info;
886 u32 low_reset_branch, high_reset_branch;
888 for (i = 1; i < 8; i++)
890 /* if there's a static vector specified for this exception, override */
891 if (xscale->static_high_vectors_set & (1 << i))
893 xscale->high_vectors[i] = xscale->static_high_vectors[i];
897 retval=target_read_u32(target, 0xffff0000 + 4*i, &xscale->high_vectors[i]);
898 if (retval == ERROR_TARGET_TIMEOUT)
900 if (retval!=ERROR_OK)
902 /* Some of these reads will fail as part of normal execution */
903 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
908 for (i = 1; i < 8; i++)
910 if (xscale->static_low_vectors_set & (1 << i))
912 xscale->low_vectors[i] = xscale->static_low_vectors[i];
916 retval=target_read_u32(target, 0x0 + 4*i, &xscale->low_vectors[i]);
917 if (retval == ERROR_TARGET_TIMEOUT)
919 if (retval!=ERROR_OK)
921 /* Some of these reads will fail as part of normal execution */
922 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
927 /* calculate branches to debug handler */
928 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
929 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
931 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
932 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
934 /* invalidate and load exception vectors in mini i-cache */
935 xscale_invalidate_ic_line(target, 0x0);
936 xscale_invalidate_ic_line(target, 0xffff0000);
938 xscale_load_ic(target, 1, 0x0, xscale->low_vectors);
939 xscale_load_ic(target, 1, 0xffff0000, xscale->high_vectors);
944 int xscale_arch_state(struct target_s *target)
946 armv4_5_common_t *armv4_5 = target->arch_info;
947 xscale_common_t *xscale = armv4_5->arch_info;
951 "disabled", "enabled"
954 char *arch_dbg_reason[] =
956 "", "\n(processor reset)", "\n(trace buffer full)"
959 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
961 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
965 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
966 "cpsr: 0x%8.8x pc: 0x%8.8x\n"
967 "MMU: %s, D-Cache: %s, I-Cache: %s"
969 armv4_5_state_strings[armv4_5->core_state],
970 Jim_Nvp_value2name_simple( nvp_target_debug_reason, target->debug_reason )->name ,
971 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
972 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
973 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
974 state[xscale->armv4_5_mmu.mmu_enabled],
975 state[xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
976 state[xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled],
977 arch_dbg_reason[xscale->arch_debug_reason]);
982 int xscale_poll(target_t *target)
985 armv4_5_common_t *armv4_5 = target->arch_info;
986 xscale_common_t *xscale = armv4_5->arch_info;
988 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_DEBUG_RUNNING))
990 enum target_state previous_state = target->state;
991 if ((retval = xscale_read_tx(target, 0)) == ERROR_OK)
994 /* there's data to read from the tx register, we entered debug state */
995 xscale->handler_running = 1;
997 target->state = TARGET_HALTED;
999 /* process debug entry, fetching current mode regs */
1000 retval = xscale_debug_entry(target);
1002 else if (retval != ERROR_TARGET_RESOURCE_NOT_AVAILABLE)
1004 LOG_USER("error while polling TX register, reset CPU");
1005 /* here we "lie" so GDB won't get stuck and a reset can be perfomed */
1006 target->state = TARGET_HALTED;
1009 /* debug_entry could have overwritten target state (i.e. immediate resume)
1010 * don't signal event handlers in that case
1012 if (target->state != TARGET_HALTED)
1015 /* if target was running, signal that we halted
1016 * otherwise we reentered from debug execution */
1017 if (previous_state == TARGET_RUNNING)
1018 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1020 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
1026 int xscale_debug_entry(target_t *target)
1028 armv4_5_common_t *armv4_5 = target->arch_info;
1029 xscale_common_t *xscale = armv4_5->arch_info;
1037 /* clear external dbg break (will be written on next DCSR read) */
1038 xscale->external_debug_break = 0;
1039 if ((retval=xscale_read_dcsr(target))!=ERROR_OK)
1042 /* get r0, pc, r1 to r7 and cpsr */
1043 if ((retval=xscale_receive(target, buffer, 10))!=ERROR_OK)
1046 /* move r0 from buffer to register cache */
1047 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, buffer[0]);
1048 armv4_5->core_cache->reg_list[15].dirty = 1;
1049 armv4_5->core_cache->reg_list[15].valid = 1;
1050 LOG_DEBUG("r0: 0x%8.8x", buffer[0]);
1052 /* move pc from buffer to register cache */
1053 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, buffer[1]);
1054 armv4_5->core_cache->reg_list[15].dirty = 1;
1055 armv4_5->core_cache->reg_list[15].valid = 1;
1056 LOG_DEBUG("pc: 0x%8.8x", buffer[1]);
1058 /* move data from buffer to register cache */
1059 for (i = 1; i <= 7; i++)
1061 buf_set_u32(armv4_5->core_cache->reg_list[i].value, 0, 32, buffer[1 + i]);
1062 armv4_5->core_cache->reg_list[i].dirty = 1;
1063 armv4_5->core_cache->reg_list[i].valid = 1;
1064 LOG_DEBUG("r%i: 0x%8.8x", i, buffer[i + 1]);
1067 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, buffer[9]);
1068 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
1069 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
1070 LOG_DEBUG("cpsr: 0x%8.8x", buffer[9]);
1072 armv4_5->core_mode = buffer[9] & 0x1f;
1073 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
1075 target->state = TARGET_UNKNOWN;
1076 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1077 return ERROR_TARGET_FAILURE;
1079 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
1081 if (buffer[9] & 0x20)
1082 armv4_5->core_state = ARMV4_5_STATE_THUMB;
1084 armv4_5->core_state = ARMV4_5_STATE_ARM;
1087 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1090 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1091 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
1093 xscale_receive(target, buffer, 8);
1094 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1095 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1096 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1100 /* r8 to r14, but no spsr */
1101 xscale_receive(target, buffer, 7);
1104 /* move data from buffer to register cache */
1105 for (i = 8; i <= 14; i++)
1107 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, buffer[i - 8]);
1108 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1109 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1112 /* examine debug reason */
1113 xscale_read_dcsr(target);
1114 moe = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 2, 3);
1116 /* stored PC (for calculating fixup) */
1117 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1121 case 0x0: /* Processor reset */
1122 target->debug_reason = DBG_REASON_DBGRQ;
1123 xscale->arch_debug_reason = XSCALE_DBG_REASON_RESET;
1126 case 0x1: /* Instruction breakpoint hit */
1127 target->debug_reason = DBG_REASON_BREAKPOINT;
1128 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1131 case 0x2: /* Data breakpoint hit */
1132 target->debug_reason = DBG_REASON_WATCHPOINT;
1133 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1136 case 0x3: /* BKPT instruction executed */
1137 target->debug_reason = DBG_REASON_BREAKPOINT;
1138 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1141 case 0x4: /* Ext. debug event */
1142 target->debug_reason = DBG_REASON_DBGRQ;
1143 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1146 case 0x5: /* Vector trap occured */
1147 target->debug_reason = DBG_REASON_BREAKPOINT;
1148 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1151 case 0x6: /* Trace buffer full break */
1152 target->debug_reason = DBG_REASON_DBGRQ;
1153 xscale->arch_debug_reason = XSCALE_DBG_REASON_TB_FULL;
1156 case 0x7: /* Reserved */
1158 LOG_ERROR("Method of Entry is 'Reserved'");
1163 /* apply PC fixup */
1164 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
1166 /* on the first debug entry, identify cache type */
1167 if (xscale->armv4_5_mmu.armv4_5_cache.ctype == -1)
1171 /* read cp15 cache type register */
1172 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CACHETYPE]);
1173 cache_type_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CACHETYPE].value, 0, 32);
1175 armv4_5_identify_cache(cache_type_reg, &xscale->armv4_5_mmu.armv4_5_cache);
1178 /* examine MMU and Cache settings */
1179 /* read cp15 control register */
1180 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
1181 xscale->cp15_control_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
1182 xscale->armv4_5_mmu.mmu_enabled = (xscale->cp15_control_reg & 0x1U) ? 1 : 0;
1183 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (xscale->cp15_control_reg & 0x4U) ? 1 : 0;
1184 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (xscale->cp15_control_reg & 0x1000U) ? 1 : 0;
1186 /* tracing enabled, read collected trace data */
1187 if (xscale->trace.buffer_enabled)
1189 xscale_read_trace(target);
1190 xscale->trace.buffer_fill--;
1192 /* resume if we're still collecting trace data */
1193 if ((xscale->arch_debug_reason == XSCALE_DBG_REASON_TB_FULL)
1194 && (xscale->trace.buffer_fill > 0))
1196 xscale_resume(target, 1, 0x0, 1, 0);
1200 xscale->trace.buffer_enabled = 0;
1207 int xscale_halt(target_t *target)
1209 armv4_5_common_t *armv4_5 = target->arch_info;
1210 xscale_common_t *xscale = armv4_5->arch_info;
1212 LOG_DEBUG("target->state: %s",
1213 Jim_Nvp_value2name_simple( nvp_target_state, target->state )->name);
1215 if (target->state == TARGET_HALTED)
1217 LOG_DEBUG("target was already halted");
1220 else if (target->state == TARGET_UNKNOWN)
1222 /* this must not happen for a xscale target */
1223 LOG_ERROR("target was in unknown state when halt was requested");
1224 return ERROR_TARGET_INVALID;
1226 else if (target->state == TARGET_RESET)
1228 LOG_DEBUG("target->state == TARGET_RESET");
1232 /* assert external dbg break */
1233 xscale->external_debug_break = 1;
1234 xscale_read_dcsr(target);
1236 target->debug_reason = DBG_REASON_DBGRQ;
1242 int xscale_enable_single_step(struct target_s *target, u32 next_pc)
1244 armv4_5_common_t *armv4_5 = target->arch_info;
1245 xscale_common_t *xscale= armv4_5->arch_info;
1246 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1249 if (xscale->ibcr0_used)
1251 breakpoint_t *ibcr0_bp = breakpoint_find(target, buf_get_u32(ibcr0->value, 0, 32) & 0xfffffffe);
1255 xscale_unset_breakpoint(target, ibcr0_bp);
1259 LOG_ERROR("BUG: xscale->ibcr0_used is set, but no breakpoint with that address found");
1264 if ((retval=xscale_set_reg_u32(ibcr0, next_pc | 0x1))!=ERROR_OK)
1270 int xscale_disable_single_step(struct target_s *target)
1272 armv4_5_common_t *armv4_5 = target->arch_info;
1273 xscale_common_t *xscale= armv4_5->arch_info;
1274 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1277 if ((retval=xscale_set_reg_u32(ibcr0, 0x0))!=ERROR_OK)
1283 int xscale_resume(struct target_s *target, int current, u32 address, int handle_breakpoints, int debug_execution)
1285 armv4_5_common_t *armv4_5 = target->arch_info;
1286 xscale_common_t *xscale= armv4_5->arch_info;
1287 breakpoint_t *breakpoint = target->breakpoints;
1296 if (target->state != TARGET_HALTED)
1298 LOG_WARNING("target not halted");
1299 return ERROR_TARGET_NOT_HALTED;
1302 if (!debug_execution)
1304 target_free_all_working_areas(target);
1307 /* update vector tables */
1308 if ((retval=xscale_update_vectors(target))!=ERROR_OK)
1311 /* current = 1: continue on current pc, otherwise continue at <address> */
1313 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1315 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1317 /* if we're at the reset vector, we have to simulate the branch */
1318 if (current_pc == 0x0)
1320 arm_simulate_step(target, NULL);
1321 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1324 /* the front-end may request us not to handle breakpoints */
1325 if (handle_breakpoints)
1327 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1331 /* there's a breakpoint at the current PC, we have to step over it */
1332 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
1333 xscale_unset_breakpoint(target, breakpoint);
1335 /* calculate PC of next instruction */
1336 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1339 target_read_u32(target, current_pc, ¤t_opcode);
1340 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8x", current_opcode);
1343 LOG_DEBUG("enable single-step");
1344 xscale_enable_single_step(target, next_pc);
1346 /* restore banked registers */
1347 xscale_restore_context(target);
1349 /* send resume request (command 0x30 or 0x31)
1350 * clean the trace buffer if it is to be enabled (0x62) */
1351 if (xscale->trace.buffer_enabled)
1353 xscale_send_u32(target, 0x62);
1354 xscale_send_u32(target, 0x31);
1357 xscale_send_u32(target, 0x30);
1360 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1361 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1363 for (i = 7; i >= 0; i--)
1366 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1367 LOG_DEBUG("writing r%i with value 0x%8.8x", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1371 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1372 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1374 /* wait for and process debug entry */
1375 xscale_debug_entry(target);
1377 LOG_DEBUG("disable single-step");
1378 xscale_disable_single_step(target);
1380 LOG_DEBUG("set breakpoint at 0x%8.8x", breakpoint->address);
1381 xscale_set_breakpoint(target, breakpoint);
1385 /* enable any pending breakpoints and watchpoints */
1386 xscale_enable_breakpoints(target);
1387 xscale_enable_watchpoints(target);
1389 /* restore banked registers */
1390 xscale_restore_context(target);
1392 /* send resume request (command 0x30 or 0x31)
1393 * clean the trace buffer if it is to be enabled (0x62) */
1394 if (xscale->trace.buffer_enabled)
1396 xscale_send_u32(target, 0x62);
1397 xscale_send_u32(target, 0x31);
1400 xscale_send_u32(target, 0x30);
1403 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1404 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1406 for (i = 7; i >= 0; i--)
1409 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1410 LOG_DEBUG("writing r%i with value 0x%8.8x", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1414 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1415 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1417 target->debug_reason = DBG_REASON_NOTHALTED;
1419 if (!debug_execution)
1421 /* registers are now invalid */
1422 armv4_5_invalidate_core_regs(target);
1423 target->state = TARGET_RUNNING;
1424 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1428 target->state = TARGET_DEBUG_RUNNING;
1429 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1432 LOG_DEBUG("target resumed");
1434 xscale->handler_running = 1;
1439 static int xscale_step_inner(struct target_s *target, int current, u32 address, int handle_breakpoints)
1441 armv4_5_common_t *armv4_5 = target->arch_info;
1442 xscale_common_t *xscale = armv4_5->arch_info;
1448 target->debug_reason = DBG_REASON_SINGLESTEP;
1450 /* calculate PC of next instruction */
1451 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1453 u32 current_opcode, current_pc;
1454 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1456 target_read_u32(target, current_pc, ¤t_opcode);
1457 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8x", current_opcode);
1461 LOG_DEBUG("enable single-step");
1462 if ((retval=xscale_enable_single_step(target, next_pc))!=ERROR_OK)
1465 /* restore banked registers */
1466 if ((retval=xscale_restore_context(target))!=ERROR_OK)
1469 /* send resume request (command 0x30 or 0x31)
1470 * clean the trace buffer if it is to be enabled (0x62) */
1471 if (xscale->trace.buffer_enabled)
1473 if ((retval=xscale_send_u32(target, 0x62))!=ERROR_OK)
1475 if ((retval=xscale_send_u32(target, 0x31))!=ERROR_OK)
1479 if ((retval=xscale_send_u32(target, 0x30))!=ERROR_OK)
1483 if ((retval=xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32)))!=ERROR_OK)
1485 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1487 for (i = 7; i >= 0; i--)
1490 if ((retval=xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32)))!=ERROR_OK)
1492 LOG_DEBUG("writing r%i with value 0x%8.8x", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1496 if ((retval=xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32)))!=ERROR_OK)
1498 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1500 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1502 /* registers are now invalid */
1503 if ((retval=armv4_5_invalidate_core_regs(target))!=ERROR_OK)
1506 /* wait for and process debug entry */
1507 if ((retval=xscale_debug_entry(target))!=ERROR_OK)
1510 LOG_DEBUG("disable single-step");
1511 if ((retval=xscale_disable_single_step(target))!=ERROR_OK)
1514 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1519 int xscale_step(struct target_s *target, int current, u32 address, int handle_breakpoints)
1521 armv4_5_common_t *armv4_5 = target->arch_info;
1522 breakpoint_t *breakpoint = target->breakpoints;
1527 if (target->state != TARGET_HALTED)
1529 LOG_WARNING("target not halted");
1530 return ERROR_TARGET_NOT_HALTED;
1533 /* current = 1: continue on current pc, otherwise continue at <address> */
1535 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1537 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1539 /* if we're at the reset vector, we have to simulate the step */
1540 if (current_pc == 0x0)
1542 if ((retval=arm_simulate_step(target, NULL))!=ERROR_OK)
1544 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1546 target->debug_reason = DBG_REASON_SINGLESTEP;
1547 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1552 /* the front-end may request us not to handle breakpoints */
1553 if (handle_breakpoints)
1554 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1556 if ((retval=xscale_unset_breakpoint(target, breakpoint))!=ERROR_OK)
1560 retval = xscale_step_inner(target, current, address, handle_breakpoints);
1564 xscale_set_breakpoint(target, breakpoint);
1567 LOG_DEBUG("target stepped");
1573 int xscale_assert_reset(target_t *target)
1575 armv4_5_common_t *armv4_5 = target->arch_info;
1576 xscale_common_t *xscale = armv4_5->arch_info;
1578 LOG_DEBUG("target->state: %s",
1579 Jim_Nvp_value2name_simple( nvp_target_state, target->state )->name);
1581 /* select DCSR instruction (set endstate to R-T-I to ensure we don't
1582 * end up in T-L-R, which would reset JTAG
1584 jtag_add_end_state(TAP_IDLE);
1585 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dcsr);
1587 /* set Hold reset, Halt mode and Trap Reset */
1588 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1589 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1590 xscale_write_dcsr(target, 1, 0);
1592 /* select BYPASS, because having DCSR selected caused problems on the PXA27x */
1593 xscale_jtag_set_instr(xscale->jtag_info.tap, 0x7f);
1594 jtag_execute_queue();
1597 jtag_add_reset(0, 1);
1599 /* sleep 1ms, to be sure we fulfill any requirements */
1600 jtag_add_sleep(1000);
1601 jtag_execute_queue();
1603 target->state = TARGET_RESET;
1605 if (target->reset_halt)
1608 if ((retval = target_halt(target))!=ERROR_OK)
1615 int xscale_deassert_reset(target_t *target)
1617 armv4_5_common_t *armv4_5 = target->arch_info;
1618 xscale_common_t *xscale = armv4_5->arch_info;
1620 fileio_t debug_handler;
1628 breakpoint_t *breakpoint = target->breakpoints;
1632 xscale->ibcr_available = 2;
1633 xscale->ibcr0_used = 0;
1634 xscale->ibcr1_used = 0;
1636 xscale->dbr_available = 2;
1637 xscale->dbr0_used = 0;
1638 xscale->dbr1_used = 0;
1640 /* mark all hardware breakpoints as unset */
1643 if (breakpoint->type == BKPT_HARD)
1645 breakpoint->set = 0;
1647 breakpoint = breakpoint->next;
1650 if (!xscale->handler_installed)
1653 jtag_add_reset(0, 0);
1655 /* wait 300ms; 150 and 100ms were not enough */
1656 jtag_add_sleep(300*1000);
1658 jtag_add_runtest(2030, TAP_IDLE);
1659 jtag_execute_queue();
1661 /* set Hold reset, Halt mode and Trap Reset */
1662 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1663 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1664 xscale_write_dcsr(target, 1, 0);
1666 /* Load debug handler */
1667 if (fileio_open(&debug_handler, "xscale/debug_handler.bin", FILEIO_READ, FILEIO_BINARY) != ERROR_OK)
1672 if ((binary_size = debug_handler.size) % 4)
1674 LOG_ERROR("debug_handler.bin: size not a multiple of 4");
1678 if (binary_size > 0x800)
1680 LOG_ERROR("debug_handler.bin: larger than 2kb");
1684 binary_size = CEIL(binary_size, 32) * 32;
1686 address = xscale->handler_address;
1687 while (binary_size > 0)
1692 if ((retval = fileio_read(&debug_handler, 32, buffer, &buf_cnt)) != ERROR_OK)
1697 for (i = 0; i < buf_cnt; i += 4)
1699 /* convert LE buffer to host-endian u32 */
1700 cache_line[i / 4] = le_to_h_u32(&buffer[i]);
1703 for (; buf_cnt < 32; buf_cnt += 4)
1705 cache_line[buf_cnt / 4] = 0xe1a08008;
1708 /* only load addresses other than the reset vectors */
1709 if ((address % 0x400) != 0x0)
1711 xscale_load_ic(target, 1, address, cache_line);
1715 binary_size -= buf_cnt;
1718 xscale_load_ic(target, 1, 0x0, xscale->low_vectors);
1719 xscale_load_ic(target, 1, 0xffff0000, xscale->high_vectors);
1721 jtag_add_runtest(30, TAP_IDLE);
1723 jtag_add_sleep(100000);
1725 /* set Hold reset, Halt mode and Trap Reset */
1726 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1727 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1728 xscale_write_dcsr(target, 1, 0);
1730 /* clear Hold reset to let the target run (should enter debug handler) */
1731 xscale_write_dcsr(target, 0, 1);
1732 target->state = TARGET_RUNNING;
1734 if (!target->reset_halt)
1736 jtag_add_sleep(10000);
1738 /* we should have entered debug now */
1739 xscale_debug_entry(target);
1740 target->state = TARGET_HALTED;
1742 /* resume the target */
1743 xscale_resume(target, 1, 0x0, 1, 0);
1746 fileio_close(&debug_handler);
1750 jtag_add_reset(0, 0);
1756 int xscale_soft_reset_halt(struct target_s *target)
1761 int xscale_read_core_reg(struct target_s *target, int num, enum armv4_5_mode mode)
1766 int xscale_write_core_reg(struct target_s *target, int num, enum armv4_5_mode mode, u32 value)
1772 int xscale_full_context(target_t *target)
1774 armv4_5_common_t *armv4_5 = target->arch_info;
1782 if (target->state != TARGET_HALTED)
1784 LOG_WARNING("target not halted");
1785 return ERROR_TARGET_NOT_HALTED;
1788 buffer = malloc(4 * 8);
1790 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1791 * we can't enter User mode on an XScale (unpredictable),
1792 * but User shares registers with SYS
1794 for(i = 1; i < 7; i++)
1798 /* check if there are invalid registers in the current mode
1800 for (j = 0; j <= 16; j++)
1802 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1810 /* request banked registers */
1811 xscale_send_u32(target, 0x0);
1814 tmp_cpsr |= armv4_5_number_to_mode(i);
1815 tmp_cpsr |= 0xc0; /* I/F bits */
1817 /* send CPSR for desired mode */
1818 xscale_send_u32(target, tmp_cpsr);
1820 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1821 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1823 xscale_receive(target, buffer, 8);
1824 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1825 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1826 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1830 xscale_receive(target, buffer, 7);
1833 /* move data from buffer to register cache */
1834 for (j = 8; j <= 14; j++)
1836 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value, 0, 32, buffer[j - 8]);
1837 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1838 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1848 int xscale_restore_context(target_t *target)
1850 armv4_5_common_t *armv4_5 = target->arch_info;
1856 if (target->state != TARGET_HALTED)
1858 LOG_WARNING("target not halted");
1859 return ERROR_TARGET_NOT_HALTED;
1862 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1863 * we can't enter User mode on an XScale (unpredictable),
1864 * but User shares registers with SYS
1866 for(i = 1; i < 7; i++)
1870 /* check if there are invalid registers in the current mode
1872 for (j = 8; j <= 14; j++)
1874 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty == 1)
1878 /* if not USR/SYS, check if the SPSR needs to be written */
1879 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1881 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty == 1)
1889 /* send banked registers */
1890 xscale_send_u32(target, 0x1);
1893 tmp_cpsr |= armv4_5_number_to_mode(i);
1894 tmp_cpsr |= 0xc0; /* I/F bits */
1896 /* send CPSR for desired mode */
1897 xscale_send_u32(target, tmp_cpsr);
1899 /* send banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1900 for (j = 8; j <= 14; j++)
1902 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, j).value, 0, 32));
1903 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1906 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1908 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32));
1909 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1917 int xscale_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1919 armv4_5_common_t *armv4_5 = target->arch_info;
1920 xscale_common_t *xscale = armv4_5->arch_info;
1925 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
1927 if (target->state != TARGET_HALTED)
1929 LOG_WARNING("target not halted");
1930 return ERROR_TARGET_NOT_HALTED;
1933 /* sanitize arguments */
1934 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1935 return ERROR_INVALID_ARGUMENTS;
1937 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1938 return ERROR_TARGET_UNALIGNED_ACCESS;
1940 /* send memory read request (command 0x1n, n: access size) */
1941 if ((retval=xscale_send_u32(target, 0x10 | size))!=ERROR_OK)
1944 /* send base address for read request */
1945 if ((retval=xscale_send_u32(target, address))!=ERROR_OK)
1948 /* send number of requested data words */
1949 if ((retval=xscale_send_u32(target, count))!=ERROR_OK)
1952 /* receive data from target (count times 32-bit words in host endianness) */
1953 buf32 = malloc(4 * count);
1954 if ((retval=xscale_receive(target, buf32, count))!=ERROR_OK)
1957 /* extract data from host-endian buffer into byte stream */
1958 for (i = 0; i < count; i++)
1963 target_buffer_set_u32(target, buffer, buf32[i]);
1967 target_buffer_set_u16(target, buffer, buf32[i] & 0xffff);
1971 *buffer++ = buf32[i] & 0xff;
1974 LOG_ERROR("should never get here");
1981 /* examine DCSR, to see if Sticky Abort (SA) got set */
1982 if ((retval=xscale_read_dcsr(target))!=ERROR_OK)
1984 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
1987 if ((retval=xscale_send_u32(target, 0x60))!=ERROR_OK)
1990 return ERROR_TARGET_DATA_ABORT;
1996 int xscale_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1998 armv4_5_common_t *armv4_5 = target->arch_info;
1999 xscale_common_t *xscale = armv4_5->arch_info;
2002 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
2004 if (target->state != TARGET_HALTED)
2006 LOG_WARNING("target not halted");
2007 return ERROR_TARGET_NOT_HALTED;
2010 /* sanitize arguments */
2011 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2012 return ERROR_INVALID_ARGUMENTS;
2014 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2015 return ERROR_TARGET_UNALIGNED_ACCESS;
2017 /* send memory write request (command 0x2n, n: access size) */
2018 if ((retval=xscale_send_u32(target, 0x20 | size))!=ERROR_OK)
2021 /* send base address for read request */
2022 if ((retval=xscale_send_u32(target, address))!=ERROR_OK)
2025 /* send number of requested data words to be written*/
2026 if ((retval=xscale_send_u32(target, count))!=ERROR_OK)
2029 /* extract data from host-endian buffer into byte stream */
2031 for (i = 0; i < count; i++)
2036 value = target_buffer_get_u32(target, buffer);
2037 xscale_send_u32(target, value);
2041 value = target_buffer_get_u16(target, buffer);
2042 xscale_send_u32(target, value);
2047 xscale_send_u32(target, value);
2051 LOG_ERROR("should never get here");
2056 if ((retval=xscale_send(target, buffer, count, size))!=ERROR_OK)
2059 /* examine DCSR, to see if Sticky Abort (SA) got set */
2060 if ((retval=xscale_read_dcsr(target))!=ERROR_OK)
2062 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
2065 if ((retval=xscale_send_u32(target, 0x60))!=ERROR_OK)
2068 return ERROR_TARGET_DATA_ABORT;
2074 int xscale_bulk_write_memory(target_t *target, u32 address, u32 count, u8 *buffer)
2076 return xscale_write_memory(target, address, 4, count, buffer);
2079 u32 xscale_get_ttb(target_t *target)
2081 armv4_5_common_t *armv4_5 = target->arch_info;
2082 xscale_common_t *xscale = armv4_5->arch_info;
2085 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_TTB]);
2086 ttb = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_TTB].value, 0, 32);
2091 void xscale_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
2093 armv4_5_common_t *armv4_5 = target->arch_info;
2094 xscale_common_t *xscale = armv4_5->arch_info;
2097 /* read cp15 control register */
2098 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2099 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2102 cp15_control &= ~0x1U;
2107 xscale_send_u32(target, 0x50);
2108 xscale_send_u32(target, xscale->cache_clean_address);
2110 /* invalidate DCache */
2111 xscale_send_u32(target, 0x51);
2113 cp15_control &= ~0x4U;
2118 /* invalidate ICache */
2119 xscale_send_u32(target, 0x52);
2120 cp15_control &= ~0x1000U;
2123 /* write new cp15 control register */
2124 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2126 /* execute cpwait to ensure outstanding operations complete */
2127 xscale_send_u32(target, 0x53);
2130 void xscale_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
2132 armv4_5_common_t *armv4_5 = target->arch_info;
2133 xscale_common_t *xscale = armv4_5->arch_info;
2136 /* read cp15 control register */
2137 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2138 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2141 cp15_control |= 0x1U;
2144 cp15_control |= 0x4U;
2147 cp15_control |= 0x1000U;
2149 /* write new cp15 control register */
2150 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2152 /* execute cpwait to ensure outstanding operations complete */
2153 xscale_send_u32(target, 0x53);
2156 int xscale_set_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2159 armv4_5_common_t *armv4_5 = target->arch_info;
2160 xscale_common_t *xscale = armv4_5->arch_info;
2162 if (target->state != TARGET_HALTED)
2164 LOG_WARNING("target not halted");
2165 return ERROR_TARGET_NOT_HALTED;
2168 if (breakpoint->set)
2170 LOG_WARNING("breakpoint already set");
2174 if (breakpoint->type == BKPT_HARD)
2176 u32 value = breakpoint->address | 1;
2177 if (!xscale->ibcr0_used)
2179 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], value);
2180 xscale->ibcr0_used = 1;
2181 breakpoint->set = 1; /* breakpoint set on first breakpoint register */
2183 else if (!xscale->ibcr1_used)
2185 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], value);
2186 xscale->ibcr1_used = 1;
2187 breakpoint->set = 2; /* breakpoint set on second breakpoint register */
2191 LOG_ERROR("BUG: no hardware comparator available");
2195 else if (breakpoint->type == BKPT_SOFT)
2197 if (breakpoint->length == 4)
2199 /* keep the original instruction in target endianness */
2200 if((retval = target->type->read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2204 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2205 if((retval = target_write_u32(target, breakpoint->address, xscale->arm_bkpt)) != ERROR_OK)
2212 /* keep the original instruction in target endianness */
2213 if((retval = target->type->read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2217 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2218 if((retval = target_write_u32(target, breakpoint->address, xscale->thumb_bkpt)) != ERROR_OK)
2223 breakpoint->set = 1;
2229 int xscale_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2231 armv4_5_common_t *armv4_5 = target->arch_info;
2232 xscale_common_t *xscale = armv4_5->arch_info;
2234 if (target->state != TARGET_HALTED)
2236 LOG_WARNING("target not halted");
2237 return ERROR_TARGET_NOT_HALTED;
2240 if ((breakpoint->type == BKPT_HARD) && (xscale->ibcr_available < 1))
2242 LOG_INFO("no breakpoint unit available for hardware breakpoint");
2243 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2246 if ((breakpoint->length != 2) && (breakpoint->length != 4))
2248 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
2249 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2252 if (breakpoint->type == BKPT_HARD)
2254 xscale->ibcr_available--;
2260 int xscale_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2263 armv4_5_common_t *armv4_5 = target->arch_info;
2264 xscale_common_t *xscale = armv4_5->arch_info;
2266 if (target->state != TARGET_HALTED)
2268 LOG_WARNING("target not halted");
2269 return ERROR_TARGET_NOT_HALTED;
2272 if (!breakpoint->set)
2274 LOG_WARNING("breakpoint not set");
2278 if (breakpoint->type == BKPT_HARD)
2280 if (breakpoint->set == 1)
2282 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], 0x0);
2283 xscale->ibcr0_used = 0;
2285 else if (breakpoint->set == 2)
2287 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], 0x0);
2288 xscale->ibcr1_used = 0;
2290 breakpoint->set = 0;
2294 /* restore original instruction (kept in target endianness) */
2295 if (breakpoint->length == 4)
2297 if((retval = target->type->write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2304 if((retval = target->type->write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2309 breakpoint->set = 0;
2315 int xscale_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2317 armv4_5_common_t *armv4_5 = target->arch_info;
2318 xscale_common_t *xscale = armv4_5->arch_info;
2320 if (target->state != TARGET_HALTED)
2322 LOG_WARNING("target not halted");
2323 return ERROR_TARGET_NOT_HALTED;
2326 if (breakpoint->set)
2328 xscale_unset_breakpoint(target, breakpoint);
2331 if (breakpoint->type == BKPT_HARD)
2332 xscale->ibcr_available++;
2337 int xscale_set_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2339 armv4_5_common_t *armv4_5 = target->arch_info;
2340 xscale_common_t *xscale = armv4_5->arch_info;
2342 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2343 u32 dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2345 if (target->state != TARGET_HALTED)
2347 LOG_WARNING("target not halted");
2348 return ERROR_TARGET_NOT_HALTED;
2351 xscale_get_reg(dbcon);
2353 switch (watchpoint->rw)
2365 LOG_ERROR("BUG: watchpoint->rw neither read, write nor access");
2368 if (!xscale->dbr0_used)
2370 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR0], watchpoint->address);
2371 dbcon_value |= enable;
2372 xscale_set_reg_u32(dbcon, dbcon_value);
2373 watchpoint->set = 1;
2374 xscale->dbr0_used = 1;
2376 else if (!xscale->dbr1_used)
2378 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR1], watchpoint->address);
2379 dbcon_value |= enable << 2;
2380 xscale_set_reg_u32(dbcon, dbcon_value);
2381 watchpoint->set = 2;
2382 xscale->dbr1_used = 1;
2386 LOG_ERROR("BUG: no hardware comparator available");
2393 int xscale_add_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2395 armv4_5_common_t *armv4_5 = target->arch_info;
2396 xscale_common_t *xscale = armv4_5->arch_info;
2398 if (target->state != TARGET_HALTED)
2400 LOG_WARNING("target not halted");
2401 return ERROR_TARGET_NOT_HALTED;
2404 if (xscale->dbr_available < 1)
2406 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2409 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
2411 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2414 xscale->dbr_available--;
2419 int xscale_unset_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2421 armv4_5_common_t *armv4_5 = target->arch_info;
2422 xscale_common_t *xscale = armv4_5->arch_info;
2423 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2424 u32 dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2426 if (target->state != TARGET_HALTED)
2428 LOG_WARNING("target not halted");
2429 return ERROR_TARGET_NOT_HALTED;
2432 if (!watchpoint->set)
2434 LOG_WARNING("breakpoint not set");
2438 if (watchpoint->set == 1)
2440 dbcon_value &= ~0x3;
2441 xscale_set_reg_u32(dbcon, dbcon_value);
2442 xscale->dbr0_used = 0;
2444 else if (watchpoint->set == 2)
2446 dbcon_value &= ~0xc;
2447 xscale_set_reg_u32(dbcon, dbcon_value);
2448 xscale->dbr1_used = 0;
2450 watchpoint->set = 0;
2455 int xscale_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2457 armv4_5_common_t *armv4_5 = target->arch_info;
2458 xscale_common_t *xscale = armv4_5->arch_info;
2460 if (target->state != TARGET_HALTED)
2462 LOG_WARNING("target not halted");
2463 return ERROR_TARGET_NOT_HALTED;
2466 if (watchpoint->set)
2468 xscale_unset_watchpoint(target, watchpoint);
2471 xscale->dbr_available++;
2476 void xscale_enable_watchpoints(struct target_s *target)
2478 watchpoint_t *watchpoint = target->watchpoints;
2482 if (watchpoint->set == 0)
2483 xscale_set_watchpoint(target, watchpoint);
2484 watchpoint = watchpoint->next;
2488 void xscale_enable_breakpoints(struct target_s *target)
2490 breakpoint_t *breakpoint = target->breakpoints;
2492 /* set any pending breakpoints */
2495 if (breakpoint->set == 0)
2496 xscale_set_breakpoint(target, breakpoint);
2497 breakpoint = breakpoint->next;
2501 int xscale_get_reg(reg_t *reg)
2503 xscale_reg_t *arch_info = reg->arch_info;
2504 target_t *target = arch_info->target;
2505 armv4_5_common_t *armv4_5 = target->arch_info;
2506 xscale_common_t *xscale = armv4_5->arch_info;
2508 /* DCSR, TX and RX are accessible via JTAG */
2509 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2511 return xscale_read_dcsr(arch_info->target);
2513 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2515 /* 1 = consume register content */
2516 return xscale_read_tx(arch_info->target, 1);
2518 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2520 /* can't read from RX register (host -> debug handler) */
2523 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2525 /* can't (explicitly) read from TXRXCTRL register */
2528 else /* Other DBG registers have to be transfered by the debug handler */
2530 /* send CP read request (command 0x40) */
2531 xscale_send_u32(target, 0x40);
2533 /* send CP register number */
2534 xscale_send_u32(target, arch_info->dbg_handler_number);
2536 /* read register value */
2537 xscale_read_tx(target, 1);
2538 buf_cpy(xscale->reg_cache->reg_list[XSCALE_TX].value, reg->value, 32);
2547 int xscale_set_reg(reg_t *reg, u8* buf)
2549 xscale_reg_t *arch_info = reg->arch_info;
2550 target_t *target = arch_info->target;
2551 armv4_5_common_t *armv4_5 = target->arch_info;
2552 xscale_common_t *xscale = armv4_5->arch_info;
2553 u32 value = buf_get_u32(buf, 0, 32);
2555 /* DCSR, TX and RX are accessible via JTAG */
2556 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2558 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32, value);
2559 return xscale_write_dcsr(arch_info->target, -1, -1);
2561 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2563 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
2564 return xscale_write_rx(arch_info->target);
2566 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2568 /* can't write to TX register (debug-handler -> host) */
2571 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2573 /* can't (explicitly) write to TXRXCTRL register */
2576 else /* Other DBG registers have to be transfered by the debug handler */
2578 /* send CP write request (command 0x41) */
2579 xscale_send_u32(target, 0x41);
2581 /* send CP register number */
2582 xscale_send_u32(target, arch_info->dbg_handler_number);
2584 /* send CP register value */
2585 xscale_send_u32(target, value);
2586 buf_set_u32(reg->value, 0, 32, value);
2592 /* convenience wrapper to access XScale specific registers */
2593 int xscale_set_reg_u32(reg_t *reg, u32 value)
2597 buf_set_u32(buf, 0, 32, value);
2599 return xscale_set_reg(reg, buf);
2602 int xscale_write_dcsr_sw(target_t *target, u32 value)
2604 /* get pointers to arch-specific information */
2605 armv4_5_common_t *armv4_5 = target->arch_info;
2606 xscale_common_t *xscale = armv4_5->arch_info;
2607 reg_t *dcsr = &xscale->reg_cache->reg_list[XSCALE_DCSR];
2608 xscale_reg_t *dcsr_arch_info = dcsr->arch_info;
2610 /* send CP write request (command 0x41) */
2611 xscale_send_u32(target, 0x41);
2613 /* send CP register number */
2614 xscale_send_u32(target, dcsr_arch_info->dbg_handler_number);
2616 /* send CP register value */
2617 xscale_send_u32(target, value);
2618 buf_set_u32(dcsr->value, 0, 32, value);
2623 int xscale_read_trace(target_t *target)
2625 /* get pointers to arch-specific information */
2626 armv4_5_common_t *armv4_5 = target->arch_info;
2627 xscale_common_t *xscale = armv4_5->arch_info;
2628 xscale_trace_data_t **trace_data_p;
2630 /* 258 words from debug handler
2631 * 256 trace buffer entries
2632 * 2 checkpoint addresses
2634 u32 trace_buffer[258];
2635 int is_address[256];
2638 if (target->state != TARGET_HALTED)
2640 LOG_WARNING("target must be stopped to read trace data");
2641 return ERROR_TARGET_NOT_HALTED;
2644 /* send read trace buffer command (command 0x61) */
2645 xscale_send_u32(target, 0x61);
2647 /* receive trace buffer content */
2648 xscale_receive(target, trace_buffer, 258);
2650 /* parse buffer backwards to identify address entries */
2651 for (i = 255; i >= 0; i--)
2654 if (((trace_buffer[i] & 0xf0) == 0x90) ||
2655 ((trace_buffer[i] & 0xf0) == 0xd0))
2658 is_address[--i] = 1;
2660 is_address[--i] = 1;
2662 is_address[--i] = 1;
2664 is_address[--i] = 1;
2669 /* search first non-zero entry */
2670 for (j = 0; (j < 256) && (trace_buffer[j] == 0) && (!is_address[j]); j++)
2675 LOG_DEBUG("no trace data collected");
2676 return ERROR_XSCALE_NO_TRACE_DATA;
2679 for (trace_data_p = &xscale->trace.data; *trace_data_p; trace_data_p = &(*trace_data_p)->next)
2682 *trace_data_p = malloc(sizeof(xscale_trace_data_t));
2683 (*trace_data_p)->next = NULL;
2684 (*trace_data_p)->chkpt0 = trace_buffer[256];
2685 (*trace_data_p)->chkpt1 = trace_buffer[257];
2686 (*trace_data_p)->last_instruction = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2687 (*trace_data_p)->entries = malloc(sizeof(xscale_trace_entry_t) * (256 - j));
2688 (*trace_data_p)->depth = 256 - j;
2690 for (i = j; i < 256; i++)
2692 (*trace_data_p)->entries[i - j].data = trace_buffer[i];
2694 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_ADDRESS;
2696 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_MESSAGE;
2702 int xscale_read_instruction(target_t *target, arm_instruction_t *instruction)
2704 /* get pointers to arch-specific information */
2705 armv4_5_common_t *armv4_5 = target->arch_info;
2706 xscale_common_t *xscale = armv4_5->arch_info;
2713 if (!xscale->trace.image)
2714 return ERROR_TRACE_IMAGE_UNAVAILABLE;
2716 /* search for the section the current instruction belongs to */
2717 for (i = 0; i < xscale->trace.image->num_sections; i++)
2719 if ((xscale->trace.image->sections[i].base_address <= xscale->trace.current_pc) &&
2720 (xscale->trace.image->sections[i].base_address + xscale->trace.image->sections[i].size > xscale->trace.current_pc))
2729 /* current instruction couldn't be found in the image */
2730 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2733 if (xscale->trace.core_state == ARMV4_5_STATE_ARM)
2736 if ((retval = image_read_section(xscale->trace.image, section,
2737 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2738 4, buf, &size_read)) != ERROR_OK)
2740 LOG_ERROR("error while reading instruction: %i", retval);
2741 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2743 opcode = target_buffer_get_u32(target, buf);
2744 arm_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2746 else if (xscale->trace.core_state == ARMV4_5_STATE_THUMB)
2749 if ((retval = image_read_section(xscale->trace.image, section,
2750 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2751 2, buf, &size_read)) != ERROR_OK)
2753 LOG_ERROR("error while reading instruction: %i", retval);
2754 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2756 opcode = target_buffer_get_u16(target, buf);
2757 thumb_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2761 LOG_ERROR("BUG: unknown core state encountered");
2768 int xscale_branch_address(xscale_trace_data_t *trace_data, int i, u32 *target)
2770 /* if there are less than four entries prior to the indirect branch message
2771 * we can't extract the address */
2777 *target = (trace_data->entries[i-1].data) | (trace_data->entries[i-2].data << 8) |
2778 (trace_data->entries[i-3].data << 16) | (trace_data->entries[i-4].data << 24);
2783 int xscale_analyze_trace(target_t *target, command_context_t *cmd_ctx)
2785 /* get pointers to arch-specific information */
2786 armv4_5_common_t *armv4_5 = target->arch_info;
2787 xscale_common_t *xscale = armv4_5->arch_info;
2790 xscale_trace_data_t *trace_data = xscale->trace.data;
2799 xscale->trace.core_state = ARMV4_5_STATE_ARM;
2804 for (i = 0; i < trace_data->depth; i++)
2810 if (trace_data->entries[i].type == XSCALE_TRACE_ADDRESS)
2813 switch ((trace_data->entries[i].data & 0xf0) >> 4)
2815 case 0: /* Exceptions */
2823 exception = (trace_data->entries[i].data & 0x70) >> 4;
2825 next_pc = (trace_data->entries[i].data & 0xf0) >> 2;
2826 command_print(cmd_ctx, "--- exception %i ---", (trace_data->entries[i].data & 0xf0) >> 4);
2828 case 8: /* Direct Branch */
2831 case 9: /* Indirect Branch */
2833 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2838 case 13: /* Checkpointed Indirect Branch */
2839 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2842 if (((chkpt == 0) && (next_pc != trace_data->chkpt0))
2843 || ((chkpt == 1) && (next_pc != trace_data->chkpt1)))
2844 LOG_WARNING("checkpointed indirect branch target address doesn't match checkpoint");
2846 /* explicit fall-through */
2847 case 12: /* Checkpointed Direct Branch */
2852 next_pc = trace_data->chkpt0;
2855 else if (chkpt == 1)
2858 next_pc = trace_data->chkpt0;
2863 LOG_WARNING("more than two checkpointed branches encountered");
2866 case 15: /* Roll-over */
2869 default: /* Reserved */
2870 command_print(cmd_ctx, "--- reserved trace message ---");
2871 LOG_ERROR("BUG: trace message %i is reserved", (trace_data->entries[i].data & 0xf0) >> 4);
2875 if (xscale->trace.pc_ok)
2877 int executed = (trace_data->entries[i].data & 0xf) + rollover * 16;
2878 arm_instruction_t instruction;
2880 if ((exception == 6) || (exception == 7))
2882 /* IRQ or FIQ exception, no instruction executed */
2886 while (executed-- >= 0)
2888 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2890 /* can't continue tracing with no image available */
2891 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2895 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2897 /* TODO: handle incomplete images */
2901 /* a precise abort on a load to the PC is included in the incremental
2902 * word count, other instructions causing data aborts are not included
2904 if ((executed == 0) && (exception == 4)
2905 && ((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDM)))
2907 if ((instruction.type == ARM_LDM)
2908 && ((instruction.info.load_store_multiple.register_list & 0x8000) == 0))
2912 else if (((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDRSH))
2913 && (instruction.info.load_store.Rd != 15))
2919 /* only the last instruction executed
2920 * (the one that caused the control flow change)
2921 * could be a taken branch
2923 if (((executed == -1) && (branch == 1)) &&
2924 (((instruction.type == ARM_B) ||
2925 (instruction.type == ARM_BL) ||
2926 (instruction.type == ARM_BLX)) &&
2927 (instruction.info.b_bl_bx_blx.target_address != 0xffffffff)))
2929 xscale->trace.current_pc = instruction.info.b_bl_bx_blx.target_address;
2933 xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2;
2935 command_print(cmd_ctx, "%s", instruction.text);
2943 xscale->trace.current_pc = next_pc;
2944 xscale->trace.pc_ok = 1;
2948 for (; xscale->trace.current_pc < trace_data->last_instruction; xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2)
2950 arm_instruction_t instruction;
2951 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2953 /* can't continue tracing with no image available */
2954 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2958 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2960 /* TODO: handle incomplete images */
2963 command_print(cmd_ctx, "%s", instruction.text);
2966 trace_data = trace_data->next;
2972 void xscale_build_reg_cache(target_t *target)
2974 /* get pointers to arch-specific information */
2975 armv4_5_common_t *armv4_5 = target->arch_info;
2976 xscale_common_t *xscale = armv4_5->arch_info;
2978 reg_cache_t **cache_p = register_get_last_cache_p(&target->reg_cache);
2979 xscale_reg_t *arch_info = malloc(sizeof(xscale_reg_arch_info));
2981 int num_regs = sizeof(xscale_reg_arch_info) / sizeof(xscale_reg_t);
2983 (*cache_p) = armv4_5_build_reg_cache(target, armv4_5);
2984 armv4_5->core_cache = (*cache_p);
2986 /* register a register arch-type for XScale dbg registers only once */
2987 if (xscale_reg_arch_type == -1)
2988 xscale_reg_arch_type = register_reg_arch_type(xscale_get_reg, xscale_set_reg);
2990 (*cache_p)->next = malloc(sizeof(reg_cache_t));
2991 cache_p = &(*cache_p)->next;
2993 /* fill in values for the xscale reg cache */
2994 (*cache_p)->name = "XScale registers";
2995 (*cache_p)->next = NULL;
2996 (*cache_p)->reg_list = malloc(num_regs * sizeof(reg_t));
2997 (*cache_p)->num_regs = num_regs;
2999 for (i = 0; i < num_regs; i++)
3001 (*cache_p)->reg_list[i].name = xscale_reg_list[i];
3002 (*cache_p)->reg_list[i].value = calloc(4, 1);
3003 (*cache_p)->reg_list[i].dirty = 0;
3004 (*cache_p)->reg_list[i].valid = 0;
3005 (*cache_p)->reg_list[i].size = 32;
3006 (*cache_p)->reg_list[i].bitfield_desc = NULL;
3007 (*cache_p)->reg_list[i].num_bitfields = 0;
3008 (*cache_p)->reg_list[i].arch_info = &arch_info[i];
3009 (*cache_p)->reg_list[i].arch_type = xscale_reg_arch_type;
3010 arch_info[i] = xscale_reg_arch_info[i];
3011 arch_info[i].target = target;
3014 xscale->reg_cache = (*cache_p);
3017 int xscale_init_target(struct command_context_s *cmd_ctx, struct target_s *target)
3022 int xscale_quit(void)
3027 int xscale_init_arch_info(target_t *target, xscale_common_t *xscale, jtag_tap_t *tap, const char *variant)
3029 armv4_5_common_t *armv4_5;
3030 u32 high_reset_branch, low_reset_branch;
3033 armv4_5 = &xscale->armv4_5_common;
3035 /* store architecture specfic data (none so far) */
3036 xscale->arch_info = NULL;
3037 xscale->common_magic = XSCALE_COMMON_MAGIC;
3039 /* remember the variant (PXA25x, PXA27x, IXP42x, ...) */
3040 xscale->variant = strdup(variant);
3042 /* prepare JTAG information for the new target */
3043 xscale->jtag_info.tap = tap;
3045 xscale->jtag_info.dbgrx = 0x02;
3046 xscale->jtag_info.dbgtx = 0x10;
3047 xscale->jtag_info.dcsr = 0x09;
3048 xscale->jtag_info.ldic = 0x07;
3050 if ((strcmp(xscale->variant, "pxa250") == 0) ||
3051 (strcmp(xscale->variant, "pxa255") == 0) ||
3052 (strcmp(xscale->variant, "pxa26x") == 0))
3054 xscale->jtag_info.ir_length = 5;
3056 else if ((strcmp(xscale->variant, "pxa27x") == 0) ||
3057 (strcmp(xscale->variant, "ixp42x") == 0) ||
3058 (strcmp(xscale->variant, "ixp45x") == 0) ||
3059 (strcmp(xscale->variant, "ixp46x") == 0))
3061 xscale->jtag_info.ir_length = 7;
3064 /* the debug handler isn't installed (and thus not running) at this time */
3065 xscale->handler_installed = 0;
3066 xscale->handler_running = 0;
3067 xscale->handler_address = 0xfe000800;
3069 /* clear the vectors we keep locally for reference */
3070 memset(xscale->low_vectors, 0, sizeof(xscale->low_vectors));
3071 memset(xscale->high_vectors, 0, sizeof(xscale->high_vectors));
3073 /* no user-specified vectors have been configured yet */
3074 xscale->static_low_vectors_set = 0x0;
3075 xscale->static_high_vectors_set = 0x0;
3077 /* calculate branches to debug handler */
3078 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
3079 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
3081 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
3082 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
3084 for (i = 1; i <= 7; i++)
3086 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3087 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3090 /* 64kB aligned region used for DCache cleaning */
3091 xscale->cache_clean_address = 0xfffe0000;
3093 xscale->hold_rst = 0;
3094 xscale->external_debug_break = 0;
3096 xscale->ibcr_available = 2;
3097 xscale->ibcr0_used = 0;
3098 xscale->ibcr1_used = 0;
3100 xscale->dbr_available = 2;
3101 xscale->dbr0_used = 0;
3102 xscale->dbr1_used = 0;
3104 xscale->arm_bkpt = ARMV5_BKPT(0x0);
3105 xscale->thumb_bkpt = ARMV5_T_BKPT(0x0) & 0xffff;
3107 xscale->vector_catch = 0x1;
3109 xscale->trace.capture_status = TRACE_IDLE;
3110 xscale->trace.data = NULL;
3111 xscale->trace.image = NULL;
3112 xscale->trace.buffer_enabled = 0;
3113 xscale->trace.buffer_fill = 0;
3115 /* prepare ARMv4/5 specific information */
3116 armv4_5->arch_info = xscale;
3117 armv4_5->read_core_reg = xscale_read_core_reg;
3118 armv4_5->write_core_reg = xscale_write_core_reg;
3119 armv4_5->full_context = xscale_full_context;
3121 armv4_5_init_arch_info(target, armv4_5);
3123 xscale->armv4_5_mmu.armv4_5_cache.ctype = -1;
3124 xscale->armv4_5_mmu.get_ttb = xscale_get_ttb;
3125 xscale->armv4_5_mmu.read_memory = xscale_read_memory;
3126 xscale->armv4_5_mmu.write_memory = xscale_write_memory;
3127 xscale->armv4_5_mmu.disable_mmu_caches = xscale_disable_mmu_caches;
3128 xscale->armv4_5_mmu.enable_mmu_caches = xscale_enable_mmu_caches;
3129 xscale->armv4_5_mmu.has_tiny_pages = 1;
3130 xscale->armv4_5_mmu.mmu_enabled = 0;
3135 /* target xscale <endianess> <startup_mode> <chain_pos> <variant> */
3136 int xscale_target_create(struct target_s *target, Jim_Interp *interp)
3138 xscale_common_t *xscale = calloc(1,sizeof(xscale_common_t));
3140 xscale_init_arch_info(target, xscale, target->tap, target->variant);
3141 xscale_build_reg_cache(target);
3146 int xscale_handle_debug_handler_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3148 target_t *target = NULL;
3149 armv4_5_common_t *armv4_5;
3150 xscale_common_t *xscale;
3152 u32 handler_address;
3156 LOG_ERROR("'xscale debug_handler <target#> <address>' command takes two required operands");
3160 if ((target = get_target_by_num(strtoul(args[0], NULL, 0))) == NULL)
3162 LOG_ERROR("no target '%s' configured", args[0]);
3166 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3171 handler_address = strtoul(args[1], NULL, 0);
3173 if (((handler_address >= 0x800) && (handler_address <= 0x1fef800)) ||
3174 ((handler_address >= 0xfe000800) && (handler_address <= 0xfffff800)))
3176 xscale->handler_address = handler_address;
3180 LOG_ERROR("xscale debug_handler <address> must be between 0x800 and 0x1fef800 or between 0xfe000800 and 0xfffff800");
3187 int xscale_handle_cache_clean_address_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3189 target_t *target = NULL;
3190 armv4_5_common_t *armv4_5;
3191 xscale_common_t *xscale;
3193 u32 cache_clean_address;
3197 return ERROR_COMMAND_SYNTAX_ERROR;
3200 if ((target = get_target_by_num(strtoul(args[0], NULL, 0))) == NULL)
3202 LOG_ERROR("no target '%s' configured", args[0]);
3206 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3211 cache_clean_address = strtoul(args[1], NULL, 0);
3213 if (cache_clean_address & 0xffff)
3215 LOG_ERROR("xscale cache_clean_address <address> must be 64kb aligned");
3219 xscale->cache_clean_address = cache_clean_address;
3225 int xscale_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3227 target_t *target = get_current_target(cmd_ctx);
3228 armv4_5_common_t *armv4_5;
3229 xscale_common_t *xscale;
3231 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3236 return armv4_5_handle_cache_info_command(cmd_ctx, &xscale->armv4_5_mmu.armv4_5_cache);
3239 static int xscale_virt2phys(struct target_s *target, u32 virtual, u32 *physical)
3241 armv4_5_common_t *armv4_5;
3242 xscale_common_t *xscale;
3249 if ((retval = xscale_get_arch_pointers(target, &armv4_5, &xscale)) != ERROR_OK)
3253 u32 ret = armv4_5_mmu_translate_va(target, &xscale->armv4_5_mmu, virtual, &type, &cb, &domain, &ap);
3262 static int xscale_mmu(struct target_s *target, int *enabled)
3264 armv4_5_common_t *armv4_5 = target->arch_info;
3265 xscale_common_t *xscale = armv4_5->arch_info;
3267 if (target->state != TARGET_HALTED)
3269 LOG_ERROR("Target not halted");
3270 return ERROR_TARGET_INVALID;
3272 *enabled = xscale->armv4_5_mmu.mmu_enabled;
3276 int xscale_handle_mmu_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
3278 target_t *target = get_current_target(cmd_ctx);
3279 armv4_5_common_t *armv4_5;
3280 xscale_common_t *xscale;
3282 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3287 if (target->state != TARGET_HALTED)
3289 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3295 if (strcmp("enable", args[0]) == 0)
3297 xscale_enable_mmu_caches(target, 1, 0, 0);
3298 xscale->armv4_5_mmu.mmu_enabled = 1;
3300 else if (strcmp("disable", args[0]) == 0)
3302 xscale_disable_mmu_caches(target, 1, 0, 0);
3303 xscale->armv4_5_mmu.mmu_enabled = 0;
3307 command_print(cmd_ctx, "mmu %s", (xscale->armv4_5_mmu.mmu_enabled) ? "enabled" : "disabled");
3312 int xscale_handle_idcache_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
3314 target_t *target = get_current_target(cmd_ctx);
3315 armv4_5_common_t *armv4_5;
3316 xscale_common_t *xscale;
3317 int icache = 0, dcache = 0;
3319 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3324 if (target->state != TARGET_HALTED)
3326 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3330 if (strcmp(cmd, "icache") == 0)
3332 else if (strcmp(cmd, "dcache") == 0)
3337 if (strcmp("enable", args[0]) == 0)
3339 xscale_enable_mmu_caches(target, 0, dcache, icache);
3342 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 1;
3344 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 1;
3346 else if (strcmp("disable", args[0]) == 0)
3348 xscale_disable_mmu_caches(target, 0, dcache, icache);
3351 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
3353 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
3358 command_print(cmd_ctx, "icache %s", (xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled) ? "enabled" : "disabled");
3361 command_print(cmd_ctx, "dcache %s", (xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) ? "enabled" : "disabled");
3366 int xscale_handle_vector_catch_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
3368 target_t *target = get_current_target(cmd_ctx);
3369 armv4_5_common_t *armv4_5;
3370 xscale_common_t *xscale;
3372 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3379 command_print(cmd_ctx, "usage: xscale vector_catch [mask]");
3383 xscale->vector_catch = strtoul(args[0], NULL, 0);
3384 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 8, xscale->vector_catch);
3385 xscale_write_dcsr(target, -1, -1);
3388 command_print(cmd_ctx, "vector catch mask: 0x%2.2x", xscale->vector_catch);
3394 int xscale_handle_trace_buffer_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3396 target_t *target = get_current_target(cmd_ctx);
3397 armv4_5_common_t *armv4_5;
3398 xscale_common_t *xscale;
3401 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3406 if (target->state != TARGET_HALTED)
3408 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3412 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
3414 xscale_trace_data_t *td, *next_td;
3415 xscale->trace.buffer_enabled = 1;
3417 /* free old trace data */
3418 td = xscale->trace.data;
3428 xscale->trace.data = NULL;
3430 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
3432 xscale->trace.buffer_enabled = 0;
3435 if ((argc >= 2) && (strcmp("fill", args[1]) == 0))
3438 xscale->trace.buffer_fill = strtoul(args[2], NULL, 0);
3440 xscale->trace.buffer_fill = 1;
3442 else if ((argc >= 2) && (strcmp("wrap", args[1]) == 0))
3444 xscale->trace.buffer_fill = -1;
3447 if (xscale->trace.buffer_enabled)
3449 /* if we enable the trace buffer in fill-once
3450 * mode we know the address of the first instruction */
3451 xscale->trace.pc_ok = 1;
3452 xscale->trace.current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
3456 /* otherwise the address is unknown, and we have no known good PC */
3457 xscale->trace.pc_ok = 0;
3460 command_print(cmd_ctx, "trace buffer %s (%s)",
3461 (xscale->trace.buffer_enabled) ? "enabled" : "disabled",
3462 (xscale->trace.buffer_fill > 0) ? "fill" : "wrap");
3464 dcsr_value = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32);
3465 if (xscale->trace.buffer_fill >= 0)
3466 xscale_write_dcsr_sw(target, (dcsr_value & 0xfffffffc) | 2);
3468 xscale_write_dcsr_sw(target, dcsr_value & 0xfffffffc);
3473 int xscale_handle_trace_image_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3476 armv4_5_common_t *armv4_5;
3477 xscale_common_t *xscale;
3481 command_print(cmd_ctx, "usage: xscale trace_image <file> [base address] [type]");
3485 target = get_current_target(cmd_ctx);
3487 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3492 if (xscale->trace.image)
3494 image_close(xscale->trace.image);
3495 free(xscale->trace.image);
3496 command_print(cmd_ctx, "previously loaded image found and closed");
3499 xscale->trace.image = malloc(sizeof(image_t));
3500 xscale->trace.image->base_address_set = 0;
3501 xscale->trace.image->start_address_set = 0;
3503 /* a base address isn't always necessary, default to 0x0 (i.e. don't relocate) */
3506 xscale->trace.image->base_address_set = 1;
3507 xscale->trace.image->base_address = strtoul(args[1], NULL, 0);
3511 xscale->trace.image->base_address_set = 0;
3514 if (image_open(xscale->trace.image, args[0], (argc >= 3) ? args[2] : NULL) != ERROR_OK)
3516 free(xscale->trace.image);
3517 xscale->trace.image = NULL;
3524 int xscale_handle_dump_trace_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3526 target_t *target = get_current_target(cmd_ctx);
3527 armv4_5_common_t *armv4_5;
3528 xscale_common_t *xscale;
3529 xscale_trace_data_t *trace_data;
3532 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3537 if (target->state != TARGET_HALTED)
3539 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3545 command_print(cmd_ctx, "usage: xscale dump_trace <file>");
3549 trace_data = xscale->trace.data;
3553 command_print(cmd_ctx, "no trace data collected");
3557 if (fileio_open(&file, args[0], FILEIO_WRITE, FILEIO_BINARY) != ERROR_OK)
3566 fileio_write_u32(&file, trace_data->chkpt0);
3567 fileio_write_u32(&file, trace_data->chkpt1);
3568 fileio_write_u32(&file, trace_data->last_instruction);
3569 fileio_write_u32(&file, trace_data->depth);
3571 for (i = 0; i < trace_data->depth; i++)
3572 fileio_write_u32(&file, trace_data->entries[i].data | ((trace_data->entries[i].type & 0xffff) << 16));
3574 trace_data = trace_data->next;
3577 fileio_close(&file);
3582 int xscale_handle_analyze_trace_buffer_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3584 target_t *target = get_current_target(cmd_ctx);
3585 armv4_5_common_t *armv4_5;
3586 xscale_common_t *xscale;
3588 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3593 xscale_analyze_trace(target, cmd_ctx);
3598 int xscale_handle_cp15(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
3600 target_t *target = get_current_target(cmd_ctx);
3601 armv4_5_common_t *armv4_5;
3602 xscale_common_t *xscale;
3604 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3609 if (target->state != TARGET_HALTED)
3611 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3618 reg_no = strtoul(args[0], NULL, 0);
3619 /*translate from xscale cp15 register no to openocd register*/
3623 reg_no = XSCALE_MAINID;
3626 reg_no = XSCALE_CTRL;
3629 reg_no = XSCALE_TTB;
3632 reg_no = XSCALE_DAC;
3635 reg_no = XSCALE_FSR;
3638 reg_no = XSCALE_FAR;
3641 reg_no = XSCALE_PID;
3644 reg_no = XSCALE_CPACCESS;
3647 command_print(cmd_ctx, "invalid register number");
3648 return ERROR_INVALID_ARGUMENTS;
3650 reg = &xscale->reg_cache->reg_list[reg_no];
3657 /* read cp15 control register */
3658 xscale_get_reg(reg);
3659 value = buf_get_u32(reg->value, 0, 32);
3660 command_print(cmd_ctx, "%s (/%i): 0x%x", reg->name, reg->size, value);
3665 u32 value = strtoul(args[1], NULL, 0);
3667 /* send CP write request (command 0x41) */
3668 xscale_send_u32(target, 0x41);
3670 /* send CP register number */
3671 xscale_send_u32(target, reg_no);
3673 /* send CP register value */
3674 xscale_send_u32(target, value);
3676 /* execute cpwait to ensure outstanding operations complete */
3677 xscale_send_u32(target, 0x53);
3681 command_print(cmd_ctx, "usage: cp15 [register]<, [value]>");
3687 int xscale_register_commands(struct command_context_s *cmd_ctx)
3689 command_t *xscale_cmd;
3691 xscale_cmd = register_command(cmd_ctx, NULL, "xscale", NULL, COMMAND_ANY, "xscale specific commands");
3693 register_command(cmd_ctx, xscale_cmd, "debug_handler", xscale_handle_debug_handler_command, COMMAND_ANY, "'xscale debug_handler <target#> <address>' command takes two required operands");
3694 register_command(cmd_ctx, xscale_cmd, "cache_clean_address", xscale_handle_cache_clean_address_command, COMMAND_ANY, NULL);
3696 register_command(cmd_ctx, xscale_cmd, "cache_info", xscale_handle_cache_info_command, COMMAND_EXEC, NULL);
3697 register_command(cmd_ctx, xscale_cmd, "mmu", xscale_handle_mmu_command, COMMAND_EXEC, "['enable'|'disable'] the MMU");
3698 register_command(cmd_ctx, xscale_cmd, "icache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the ICache");
3699 register_command(cmd_ctx, xscale_cmd, "dcache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the DCache");
3701 register_command(cmd_ctx, xscale_cmd, "vector_catch", xscale_handle_vector_catch_command, COMMAND_EXEC, "<mask> of vectors that should be catched");
3703 register_command(cmd_ctx, xscale_cmd, "trace_buffer", xscale_handle_trace_buffer_command, COMMAND_EXEC, "<enable|disable> ['fill' [n]|'wrap']");
3705 register_command(cmd_ctx, xscale_cmd, "dump_trace", xscale_handle_dump_trace_command, COMMAND_EXEC, "dump content of trace buffer to <file>");
3706 register_command(cmd_ctx, xscale_cmd, "analyze_trace", xscale_handle_analyze_trace_buffer_command, COMMAND_EXEC, "analyze content of trace buffer");
3707 register_command(cmd_ctx, xscale_cmd, "trace_image", xscale_handle_trace_image_command,
3708 COMMAND_EXEC, "load image from <file> [base address]");
3710 register_command(cmd_ctx, xscale_cmd, "cp15", xscale_handle_cp15, COMMAND_EXEC, "access coproc 15 <register> [value]");
3712 armv4_5_register_commands(cmd_ctx);
projects / fw / openocd / blob