1 /***************************************************************************
2 * Copyright (C) 2006, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2009 Michael Schwingen *
9 * michael@schwingen.org *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
31 #include "target_type.h"
32 #include "arm7_9_common.h"
33 #include "arm_simulator.h"
34 #include "arm_disassembler.h"
35 #include "time_support.h"
40 * Important XScale documents available as of October 2009 include:
42 * Intel XScale® Core Developer’s Manual, January 2004
43 * Order Number: 273473-002
44 * This has a chapter detailing debug facilities, and punts some
45 * details to chip-specific microarchitecture documentats.
47 * Hot-Debug for Intel XScale® Core Debug White Paper, May 2005
48 * Document Number: 273539-005
49 * Less detailed than the developer's manual, but summarizes those
50 * missing details (for most XScales) and gives LOTS of notes about
51 * debugger/handler interaction issues. Presents a simpler reset
52 * and load-handler sequence than the arch doc. (Note, OpenOCD
53 * doesn't currently support "Hot-Debug" as defined there.)
55 * Chip-specific microarchitecture documents may also be useful.
59 /* forward declarations */
60 static int xscale_resume(struct target_s *, int current,
61 uint32_t address, int handle_breakpoints, int debug_execution);
62 static int xscale_debug_entry(target_t *);
63 static int xscale_restore_context(target_t *);
64 static int xscale_get_reg(reg_t *reg);
65 static int xscale_set_reg(reg_t *reg, uint8_t *buf);
66 static int xscale_set_breakpoint(struct target_s *, breakpoint_t *);
67 static int xscale_set_watchpoint(struct target_s *, watchpoint_t *);
68 static int xscale_unset_breakpoint(struct target_s *, breakpoint_t *);
69 static int xscale_read_trace(target_t *);
72 static char *const xscale_reg_list[] =
74 "XSCALE_MAINID", /* 0 */
84 "XSCALE_IBCR0", /* 10 */
98 static const xscale_reg_t xscale_reg_arch_info[] =
100 {XSCALE_MAINID, NULL},
101 {XSCALE_CACHETYPE, NULL},
103 {XSCALE_AUXCTRL, NULL},
109 {XSCALE_CPACCESS, NULL},
110 {XSCALE_IBCR0, NULL},
111 {XSCALE_IBCR1, NULL},
114 {XSCALE_DBCON, NULL},
115 {XSCALE_TBREG, NULL},
116 {XSCALE_CHKPT0, NULL},
117 {XSCALE_CHKPT1, NULL},
118 {XSCALE_DCSR, NULL}, /* DCSR accessed via JTAG or SW */
119 {-1, NULL}, /* TX accessed via JTAG */
120 {-1, NULL}, /* RX accessed via JTAG */
121 {-1, NULL}, /* TXRXCTRL implicit access via JTAG */
124 static int xscale_reg_arch_type = -1;
126 /* convenience wrapper to access XScale specific registers */
127 static int xscale_set_reg_u32(reg_t *reg, uint32_t value)
131 buf_set_u32(buf, 0, 32, value);
133 return xscale_set_reg(reg, buf);
137 static int xscale_get_arch_pointers(target_t *target,
138 armv4_5_common_t **armv4_5_p, xscale_common_t **xscale_p)
140 armv4_5_common_t *armv4_5 = target->arch_info;
141 xscale_common_t *xscale = armv4_5->arch_info;
143 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
145 LOG_ERROR("target isn't an XScale target");
149 if (xscale->common_magic != XSCALE_COMMON_MAGIC)
151 LOG_ERROR("target isn't an XScale target");
155 *armv4_5_p = armv4_5;
161 static int xscale_jtag_set_instr(jtag_tap_t *tap, uint32_t new_instr)
166 if (buf_get_u32(tap->cur_instr, 0, tap->ir_length) != new_instr)
171 field.num_bits = tap->ir_length;
172 field.out_value = calloc(CEIL(field.num_bits, 8), 1);
173 buf_set_u32(field.out_value, 0, field.num_bits, new_instr);
176 field.in_value = tmp;
178 jtag_add_ir_scan(1, &field, jtag_get_end_state());
180 /* FIX!!!! isn't this check superfluous? verify_ircapture handles this? */
181 jtag_check_value_mask(&field, tap->expected, tap->expected_mask);
183 free(field.out_value);
189 static int xscale_read_dcsr(target_t *target)
191 armv4_5_common_t *armv4_5 = target->arch_info;
192 xscale_common_t *xscale = armv4_5->arch_info;
196 scan_field_t fields[3];
197 uint8_t field0 = 0x0;
198 uint8_t field0_check_value = 0x2;
199 uint8_t field0_check_mask = 0x7;
200 uint8_t field2 = 0x0;
201 uint8_t field2_check_value = 0x0;
202 uint8_t field2_check_mask = 0x1;
204 jtag_set_end_state(TAP_DRPAUSE);
205 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
207 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
208 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
210 fields[0].tap = target->tap;
211 fields[0].num_bits = 3;
212 fields[0].out_value = &field0;
214 fields[0].in_value = &tmp;
216 fields[1].tap = target->tap;
217 fields[1].num_bits = 32;
218 fields[1].out_value = NULL;
219 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
221 fields[2].tap = target->tap;
222 fields[2].num_bits = 1;
223 fields[2].out_value = &field2;
225 fields[2].in_value = &tmp2;
227 jtag_add_dr_scan(3, fields, jtag_get_end_state());
229 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
230 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
232 if ((retval = jtag_execute_queue()) != ERROR_OK)
234 LOG_ERROR("JTAG error while reading DCSR");
238 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
239 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
241 /* write the register with the value we just read
242 * on this second pass, only the first bit of field0 is guaranteed to be 0)
244 field0_check_mask = 0x1;
245 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
246 fields[1].in_value = NULL;
248 jtag_set_end_state(TAP_IDLE);
250 jtag_add_dr_scan(3, fields, jtag_get_end_state());
252 /* DANGER!!! this must be here. It will make sure that the arguments
253 * to jtag_set_check_value() does not go out of scope! */
254 return jtag_execute_queue();
258 static void xscale_getbuf(jtag_callback_data_t arg)
260 uint8_t *in = (uint8_t *)arg;
261 *((uint32_t *)in) = buf_get_u32(in, 0, 32);
264 static int xscale_receive(target_t *target, uint32_t *buffer, int num_words)
267 return ERROR_INVALID_ARGUMENTS;
269 int retval = ERROR_OK;
271 scan_field_t fields[3];
272 uint8_t *field0 = malloc(num_words * 1);
273 uint8_t field0_check_value = 0x2;
274 uint8_t field0_check_mask = 0x6;
275 uint32_t *field1 = malloc(num_words * 4);
276 uint8_t field2_check_value = 0x0;
277 uint8_t field2_check_mask = 0x1;
279 int words_scheduled = 0;
283 path[0] = TAP_DRSELECT;
284 path[1] = TAP_DRCAPTURE;
285 path[2] = TAP_DRSHIFT;
287 fields[0].tap = target->tap;
288 fields[0].num_bits = 3;
289 fields[0].out_value = NULL;
290 fields[0].in_value = NULL;
291 fields[0].check_value = &field0_check_value;
292 fields[0].check_mask = &field0_check_mask;
294 fields[1].tap = target->tap;
295 fields[1].num_bits = 32;
296 fields[1].out_value = NULL;
297 fields[1].check_value = NULL;
298 fields[1].check_mask = NULL;
300 fields[2].tap = target->tap;
301 fields[2].num_bits = 1;
302 fields[2].out_value = NULL;
303 fields[2].in_value = NULL;
304 fields[2].check_value = &field2_check_value;
305 fields[2].check_mask = &field2_check_mask;
307 jtag_set_end_state(TAP_IDLE);
308 xscale_jtag_set_instr(target->tap, XSCALE_DBGTX);
309 jtag_add_runtest(1, jtag_get_end_state()); /* ensures that we're in the TAP_IDLE state as the above could be a no-op */
311 /* repeat until all words have been collected */
313 while (words_done < num_words)
317 for (i = words_done; i < num_words; i++)
319 fields[0].in_value = &field0[i];
321 jtag_add_pathmove(3, path);
323 fields[1].in_value = (uint8_t *)(field1 + i);
325 jtag_add_dr_scan_check(3, fields, jtag_set_end_state(TAP_IDLE));
327 jtag_add_callback(xscale_getbuf, (jtag_callback_data_t)(field1 + i));
332 if ((retval = jtag_execute_queue()) != ERROR_OK)
334 LOG_ERROR("JTAG error while receiving data from debug handler");
338 /* examine results */
339 for (i = words_done; i < num_words; i++)
341 if (!(field0[0] & 1))
343 /* move backwards if necessary */
345 for (j = i; j < num_words - 1; j++)
347 field0[j] = field0[j + 1];
348 field1[j] = field1[j + 1];
353 if (words_scheduled == 0)
355 if (attempts++==1000)
357 LOG_ERROR("Failed to receiving data from debug handler after 1000 attempts");
358 retval = ERROR_TARGET_TIMEOUT;
363 words_done += words_scheduled;
366 for (i = 0; i < num_words; i++)
367 *(buffer++) = buf_get_u32((uint8_t*)&field1[i], 0, 32);
374 static int xscale_read_tx(target_t *target, int consume)
376 armv4_5_common_t *armv4_5 = target->arch_info;
377 xscale_common_t *xscale = armv4_5->arch_info;
379 tap_state_t noconsume_path[6];
382 struct timeval timeout, now;
384 scan_field_t fields[3];
385 uint8_t field0_in = 0x0;
386 uint8_t field0_check_value = 0x2;
387 uint8_t field0_check_mask = 0x6;
388 uint8_t field2_check_value = 0x0;
389 uint8_t field2_check_mask = 0x1;
391 jtag_set_end_state(TAP_IDLE);
393 xscale_jtag_set_instr(target->tap, XSCALE_DBGTX);
395 path[0] = TAP_DRSELECT;
396 path[1] = TAP_DRCAPTURE;
397 path[2] = TAP_DRSHIFT;
399 noconsume_path[0] = TAP_DRSELECT;
400 noconsume_path[1] = TAP_DRCAPTURE;
401 noconsume_path[2] = TAP_DREXIT1;
402 noconsume_path[3] = TAP_DRPAUSE;
403 noconsume_path[4] = TAP_DREXIT2;
404 noconsume_path[5] = TAP_DRSHIFT;
406 fields[0].tap = target->tap;
407 fields[0].num_bits = 3;
408 fields[0].out_value = NULL;
409 fields[0].in_value = &field0_in;
411 fields[1].tap = target->tap;
412 fields[1].num_bits = 32;
413 fields[1].out_value = NULL;
414 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_TX].value;
416 fields[2].tap = target->tap;
417 fields[2].num_bits = 1;
418 fields[2].out_value = NULL;
420 fields[2].in_value = &tmp;
422 gettimeofday(&timeout, NULL);
423 timeval_add_time(&timeout, 1, 0);
427 /* if we want to consume the register content (i.e. clear TX_READY),
428 * we have to go straight from Capture-DR to Shift-DR
429 * otherwise, we go from Capture-DR to Exit1-DR to Pause-DR
432 jtag_add_pathmove(3, path);
435 jtag_add_pathmove(sizeof(noconsume_path)/sizeof(*noconsume_path), noconsume_path);
438 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
440 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
441 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
443 if ((retval = jtag_execute_queue()) != ERROR_OK)
445 LOG_ERROR("JTAG error while reading TX");
446 return ERROR_TARGET_TIMEOUT;
449 gettimeofday(&now, NULL);
450 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
452 LOG_ERROR("time out reading TX register");
453 return ERROR_TARGET_TIMEOUT;
455 if (!((!(field0_in & 1)) && consume))
459 if (debug_level >= 3)
461 LOG_DEBUG("waiting 100ms");
462 alive_sleep(100); /* avoid flooding the logs */
470 if (!(field0_in & 1))
471 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
476 static int xscale_write_rx(target_t *target)
478 armv4_5_common_t *armv4_5 = target->arch_info;
479 xscale_common_t *xscale = armv4_5->arch_info;
482 struct timeval timeout, now;
484 scan_field_t fields[3];
485 uint8_t field0_out = 0x0;
486 uint8_t field0_in = 0x0;
487 uint8_t field0_check_value = 0x2;
488 uint8_t field0_check_mask = 0x6;
489 uint8_t field2 = 0x0;
490 uint8_t field2_check_value = 0x0;
491 uint8_t field2_check_mask = 0x1;
493 jtag_set_end_state(TAP_IDLE);
495 xscale_jtag_set_instr(target->tap, XSCALE_DBGRX);
497 fields[0].tap = target->tap;
498 fields[0].num_bits = 3;
499 fields[0].out_value = &field0_out;
500 fields[0].in_value = &field0_in;
502 fields[1].tap = target->tap;
503 fields[1].num_bits = 32;
504 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_RX].value;
505 fields[1].in_value = NULL;
507 fields[2].tap = target->tap;
508 fields[2].num_bits = 1;
509 fields[2].out_value = &field2;
511 fields[2].in_value = &tmp;
513 gettimeofday(&timeout, NULL);
514 timeval_add_time(&timeout, 1, 0);
516 /* poll until rx_read is low */
517 LOG_DEBUG("polling RX");
520 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
522 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
523 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
525 if ((retval = jtag_execute_queue()) != ERROR_OK)
527 LOG_ERROR("JTAG error while writing RX");
531 gettimeofday(&now, NULL);
532 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
534 LOG_ERROR("time out writing RX register");
535 return ERROR_TARGET_TIMEOUT;
537 if (!(field0_in & 1))
539 if (debug_level >= 3)
541 LOG_DEBUG("waiting 100ms");
542 alive_sleep(100); /* avoid flooding the logs */
552 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
554 if ((retval = jtag_execute_queue()) != ERROR_OK)
556 LOG_ERROR("JTAG error while writing RX");
563 /* send count elements of size byte to the debug handler */
564 static int xscale_send(target_t *target, uint8_t *buffer, int count, int size)
571 jtag_set_end_state(TAP_IDLE);
573 xscale_jtag_set_instr(target->tap, XSCALE_DBGRX);
580 int endianness = target->endianness;
581 while (done_count++ < count)
586 if (endianness == TARGET_LITTLE_ENDIAN)
588 t[1]=le_to_h_u32(buffer);
591 t[1]=be_to_h_u32(buffer);
595 if (endianness == TARGET_LITTLE_ENDIAN)
597 t[1]=le_to_h_u16(buffer);
600 t[1]=be_to_h_u16(buffer);
607 LOG_ERROR("BUG: size neither 4, 2 nor 1");
610 jtag_add_dr_out(target->tap,
614 jtag_set_end_state(TAP_IDLE));
618 if ((retval = jtag_execute_queue()) != ERROR_OK)
620 LOG_ERROR("JTAG error while sending data to debug handler");
627 static int xscale_send_u32(target_t *target, uint32_t value)
629 armv4_5_common_t *armv4_5 = target->arch_info;
630 xscale_common_t *xscale = armv4_5->arch_info;
632 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
633 return xscale_write_rx(target);
636 static int xscale_write_dcsr(target_t *target, int hold_rst, int ext_dbg_brk)
638 armv4_5_common_t *armv4_5 = target->arch_info;
639 xscale_common_t *xscale = armv4_5->arch_info;
643 scan_field_t fields[3];
644 uint8_t field0 = 0x0;
645 uint8_t field0_check_value = 0x2;
646 uint8_t field0_check_mask = 0x7;
647 uint8_t field2 = 0x0;
648 uint8_t field2_check_value = 0x0;
649 uint8_t field2_check_mask = 0x1;
652 xscale->hold_rst = hold_rst;
654 if (ext_dbg_brk != -1)
655 xscale->external_debug_break = ext_dbg_brk;
657 jtag_set_end_state(TAP_IDLE);
658 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
660 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
661 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
663 fields[0].tap = target->tap;
664 fields[0].num_bits = 3;
665 fields[0].out_value = &field0;
667 fields[0].in_value = &tmp;
669 fields[1].tap = target->tap;
670 fields[1].num_bits = 32;
671 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
672 fields[1].in_value = NULL;
674 fields[2].tap = target->tap;
675 fields[2].num_bits = 1;
676 fields[2].out_value = &field2;
678 fields[2].in_value = &tmp2;
680 jtag_add_dr_scan(3, fields, jtag_get_end_state());
682 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
683 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
685 if ((retval = jtag_execute_queue()) != ERROR_OK)
687 LOG_ERROR("JTAG error while writing DCSR");
691 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
692 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
697 /* parity of the number of bits 0 if even; 1 if odd. for 32 bit words */
698 static unsigned int parity (unsigned int v)
700 // unsigned int ov = v;
705 // LOG_DEBUG("parity of 0x%x is %i", ov, (0x6996 >> v) & 1);
706 return (0x6996 >> v) & 1;
709 static int xscale_load_ic(target_t *target, uint32_t va, uint32_t buffer[8])
714 scan_field_t fields[2];
716 LOG_DEBUG("loading miniIC at 0x%8.8" PRIx32 "", va);
719 jtag_set_end_state(TAP_IDLE);
720 xscale_jtag_set_instr(target->tap, XSCALE_LDIC);
722 /* CMD is b011 to load a cacheline into the Mini ICache.
723 * Loading into the main ICache is deprecated, and unused.
724 * It's followed by three zero bits, and 27 address bits.
726 buf_set_u32(&cmd, 0, 6, 0x3);
728 /* virtual address of desired cache line */
729 buf_set_u32(packet, 0, 27, va >> 5);
731 fields[0].tap = target->tap;
732 fields[0].num_bits = 6;
733 fields[0].out_value = &cmd;
734 fields[0].in_value = NULL;
736 fields[1].tap = target->tap;
737 fields[1].num_bits = 27;
738 fields[1].out_value = packet;
739 fields[1].in_value = NULL;
741 jtag_add_dr_scan(2, fields, jtag_get_end_state());
743 /* rest of packet is a cacheline: 8 instructions, with parity */
744 fields[0].num_bits = 32;
745 fields[0].out_value = packet;
747 fields[1].num_bits = 1;
748 fields[1].out_value = &cmd;
750 for (word = 0; word < 8; word++)
752 buf_set_u32(packet, 0, 32, buffer[word]);
755 memcpy(&value, packet, sizeof(uint32_t));
758 jtag_add_dr_scan(2, fields, jtag_get_end_state());
761 return jtag_execute_queue();
764 static int xscale_invalidate_ic_line(target_t *target, uint32_t va)
768 scan_field_t fields[2];
770 jtag_set_end_state(TAP_IDLE);
771 xscale_jtag_set_instr(target->tap, XSCALE_LDIC);
773 /* CMD for invalidate IC line b000, bits [6:4] b000 */
774 buf_set_u32(&cmd, 0, 6, 0x0);
776 /* virtual address of desired cache line */
777 buf_set_u32(packet, 0, 27, va >> 5);
779 fields[0].tap = target->tap;
780 fields[0].num_bits = 6;
781 fields[0].out_value = &cmd;
782 fields[0].in_value = NULL;
784 fields[1].tap = target->tap;
785 fields[1].num_bits = 27;
786 fields[1].out_value = packet;
787 fields[1].in_value = NULL;
789 jtag_add_dr_scan(2, fields, jtag_get_end_state());
794 static int xscale_update_vectors(target_t *target)
796 armv4_5_common_t *armv4_5 = target->arch_info;
797 xscale_common_t *xscale = armv4_5->arch_info;
801 uint32_t low_reset_branch, high_reset_branch;
803 for (i = 1; i < 8; i++)
805 /* if there's a static vector specified for this exception, override */
806 if (xscale->static_high_vectors_set & (1 << i))
808 xscale->high_vectors[i] = xscale->static_high_vectors[i];
812 retval = target_read_u32(target, 0xffff0000 + 4*i, &xscale->high_vectors[i]);
813 if (retval == ERROR_TARGET_TIMEOUT)
815 if (retval != ERROR_OK)
817 /* Some of these reads will fail as part of normal execution */
818 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
823 for (i = 1; i < 8; i++)
825 if (xscale->static_low_vectors_set & (1 << i))
827 xscale->low_vectors[i] = xscale->static_low_vectors[i];
831 retval = target_read_u32(target, 0x0 + 4*i, &xscale->low_vectors[i]);
832 if (retval == ERROR_TARGET_TIMEOUT)
834 if (retval != ERROR_OK)
836 /* Some of these reads will fail as part of normal execution */
837 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
842 /* calculate branches to debug handler */
843 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
844 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
846 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
847 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
849 /* invalidate and load exception vectors in mini i-cache */
850 xscale_invalidate_ic_line(target, 0x0);
851 xscale_invalidate_ic_line(target, 0xffff0000);
853 xscale_load_ic(target, 0x0, xscale->low_vectors);
854 xscale_load_ic(target, 0xffff0000, xscale->high_vectors);
859 static int xscale_arch_state(struct target_s *target)
861 armv4_5_common_t *armv4_5 = target->arch_info;
862 xscale_common_t *xscale = armv4_5->arch_info;
864 static const char *state[] =
866 "disabled", "enabled"
869 static const char *arch_dbg_reason[] =
871 "", "\n(processor reset)", "\n(trace buffer full)"
874 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
876 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
880 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
881 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
882 "MMU: %s, D-Cache: %s, I-Cache: %s"
884 armv4_5_state_strings[armv4_5->core_state],
885 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name ,
886 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
887 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
888 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
889 state[xscale->armv4_5_mmu.mmu_enabled],
890 state[xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
891 state[xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled],
892 arch_dbg_reason[xscale->arch_debug_reason]);
897 static int xscale_poll(target_t *target)
899 int retval = ERROR_OK;
900 armv4_5_common_t *armv4_5 = target->arch_info;
901 xscale_common_t *xscale = armv4_5->arch_info;
903 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_DEBUG_RUNNING))
905 enum target_state previous_state = target->state;
906 if ((retval = xscale_read_tx(target, 0)) == ERROR_OK)
909 /* there's data to read from the tx register, we entered debug state */
910 xscale->handler_running = 1;
912 target->state = TARGET_HALTED;
914 /* process debug entry, fetching current mode regs */
915 retval = xscale_debug_entry(target);
917 else if (retval != ERROR_TARGET_RESOURCE_NOT_AVAILABLE)
919 LOG_USER("error while polling TX register, reset CPU");
920 /* here we "lie" so GDB won't get stuck and a reset can be perfomed */
921 target->state = TARGET_HALTED;
924 /* debug_entry could have overwritten target state (i.e. immediate resume)
925 * don't signal event handlers in that case
927 if (target->state != TARGET_HALTED)
930 /* if target was running, signal that we halted
931 * otherwise we reentered from debug execution */
932 if (previous_state == TARGET_RUNNING)
933 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
935 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
941 static int xscale_debug_entry(target_t *target)
943 armv4_5_common_t *armv4_5 = target->arch_info;
944 xscale_common_t *xscale = armv4_5->arch_info;
952 /* clear external dbg break (will be written on next DCSR read) */
953 xscale->external_debug_break = 0;
954 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
957 /* get r0, pc, r1 to r7 and cpsr */
958 if ((retval = xscale_receive(target, buffer, 10)) != ERROR_OK)
961 /* move r0 from buffer to register cache */
962 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, buffer[0]);
963 armv4_5->core_cache->reg_list[0].dirty = 1;
964 armv4_5->core_cache->reg_list[0].valid = 1;
965 LOG_DEBUG("r0: 0x%8.8" PRIx32 "", buffer[0]);
967 /* move pc from buffer to register cache */
968 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, buffer[1]);
969 armv4_5->core_cache->reg_list[15].dirty = 1;
970 armv4_5->core_cache->reg_list[15].valid = 1;
971 LOG_DEBUG("pc: 0x%8.8" PRIx32 "", buffer[1]);
973 /* move data from buffer to register cache */
974 for (i = 1; i <= 7; i++)
976 buf_set_u32(armv4_5->core_cache->reg_list[i].value, 0, 32, buffer[1 + i]);
977 armv4_5->core_cache->reg_list[i].dirty = 1;
978 armv4_5->core_cache->reg_list[i].valid = 1;
979 LOG_DEBUG("r%i: 0x%8.8" PRIx32 "", i, buffer[i + 1]);
982 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, buffer[9]);
983 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
984 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
985 LOG_DEBUG("cpsr: 0x%8.8" PRIx32 "", buffer[9]);
987 armv4_5->core_mode = buffer[9] & 0x1f;
988 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
990 target->state = TARGET_UNKNOWN;
991 LOG_ERROR("cpsr contains invalid mode value - communication failure");
992 return ERROR_TARGET_FAILURE;
994 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
996 if (buffer[9] & 0x20)
997 armv4_5->core_state = ARMV4_5_STATE_THUMB;
999 armv4_5->core_state = ARMV4_5_STATE_ARM;
1002 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1005 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1006 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
1008 xscale_receive(target, buffer, 8);
1009 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1010 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1011 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1015 /* r8 to r14, but no spsr */
1016 xscale_receive(target, buffer, 7);
1019 /* move data from buffer to register cache */
1020 for (i = 8; i <= 14; i++)
1022 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, buffer[i - 8]);
1023 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1024 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1027 /* examine debug reason */
1028 xscale_read_dcsr(target);
1029 moe = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 2, 3);
1031 /* stored PC (for calculating fixup) */
1032 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1036 case 0x0: /* Processor reset */
1037 target->debug_reason = DBG_REASON_DBGRQ;
1038 xscale->arch_debug_reason = XSCALE_DBG_REASON_RESET;
1041 case 0x1: /* Instruction breakpoint hit */
1042 target->debug_reason = DBG_REASON_BREAKPOINT;
1043 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1046 case 0x2: /* Data breakpoint hit */
1047 target->debug_reason = DBG_REASON_WATCHPOINT;
1048 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1051 case 0x3: /* BKPT instruction executed */
1052 target->debug_reason = DBG_REASON_BREAKPOINT;
1053 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1056 case 0x4: /* Ext. debug event */
1057 target->debug_reason = DBG_REASON_DBGRQ;
1058 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1061 case 0x5: /* Vector trap occured */
1062 target->debug_reason = DBG_REASON_BREAKPOINT;
1063 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1066 case 0x6: /* Trace buffer full break */
1067 target->debug_reason = DBG_REASON_DBGRQ;
1068 xscale->arch_debug_reason = XSCALE_DBG_REASON_TB_FULL;
1071 case 0x7: /* Reserved (may flag Hot-Debug support) */
1073 LOG_ERROR("Method of Entry is 'Reserved'");
1078 /* apply PC fixup */
1079 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
1081 /* on the first debug entry, identify cache type */
1082 if (xscale->armv4_5_mmu.armv4_5_cache.ctype == -1)
1084 uint32_t cache_type_reg;
1086 /* read cp15 cache type register */
1087 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CACHETYPE]);
1088 cache_type_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CACHETYPE].value, 0, 32);
1090 armv4_5_identify_cache(cache_type_reg, &xscale->armv4_5_mmu.armv4_5_cache);
1093 /* examine MMU and Cache settings */
1094 /* read cp15 control register */
1095 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
1096 xscale->cp15_control_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
1097 xscale->armv4_5_mmu.mmu_enabled = (xscale->cp15_control_reg & 0x1U) ? 1 : 0;
1098 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (xscale->cp15_control_reg & 0x4U) ? 1 : 0;
1099 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (xscale->cp15_control_reg & 0x1000U) ? 1 : 0;
1101 /* tracing enabled, read collected trace data */
1102 if (xscale->trace.buffer_enabled)
1104 xscale_read_trace(target);
1105 xscale->trace.buffer_fill--;
1107 /* resume if we're still collecting trace data */
1108 if ((xscale->arch_debug_reason == XSCALE_DBG_REASON_TB_FULL)
1109 && (xscale->trace.buffer_fill > 0))
1111 xscale_resume(target, 1, 0x0, 1, 0);
1115 xscale->trace.buffer_enabled = 0;
1122 static int xscale_halt(target_t *target)
1124 armv4_5_common_t *armv4_5 = target->arch_info;
1125 xscale_common_t *xscale = armv4_5->arch_info;
1127 LOG_DEBUG("target->state: %s",
1128 target_state_name(target));
1130 if (target->state == TARGET_HALTED)
1132 LOG_DEBUG("target was already halted");
1135 else if (target->state == TARGET_UNKNOWN)
1137 /* this must not happen for a xscale target */
1138 LOG_ERROR("target was in unknown state when halt was requested");
1139 return ERROR_TARGET_INVALID;
1141 else if (target->state == TARGET_RESET)
1143 LOG_DEBUG("target->state == TARGET_RESET");
1147 /* assert external dbg break */
1148 xscale->external_debug_break = 1;
1149 xscale_read_dcsr(target);
1151 target->debug_reason = DBG_REASON_DBGRQ;
1157 static int xscale_enable_single_step(struct target_s *target, uint32_t next_pc)
1159 armv4_5_common_t *armv4_5 = target->arch_info;
1160 xscale_common_t *xscale= armv4_5->arch_info;
1161 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1164 if (xscale->ibcr0_used)
1166 breakpoint_t *ibcr0_bp = breakpoint_find(target, buf_get_u32(ibcr0->value, 0, 32) & 0xfffffffe);
1170 xscale_unset_breakpoint(target, ibcr0_bp);
1174 LOG_ERROR("BUG: xscale->ibcr0_used is set, but no breakpoint with that address found");
1179 if ((retval = xscale_set_reg_u32(ibcr0, next_pc | 0x1)) != ERROR_OK)
1185 static int xscale_disable_single_step(struct target_s *target)
1187 armv4_5_common_t *armv4_5 = target->arch_info;
1188 xscale_common_t *xscale= armv4_5->arch_info;
1189 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1192 if ((retval = xscale_set_reg_u32(ibcr0, 0x0)) != ERROR_OK)
1198 static void xscale_enable_watchpoints(struct target_s *target)
1200 watchpoint_t *watchpoint = target->watchpoints;
1204 if (watchpoint->set == 0)
1205 xscale_set_watchpoint(target, watchpoint);
1206 watchpoint = watchpoint->next;
1210 static void xscale_enable_breakpoints(struct target_s *target)
1212 breakpoint_t *breakpoint = target->breakpoints;
1214 /* set any pending breakpoints */
1217 if (breakpoint->set == 0)
1218 xscale_set_breakpoint(target, breakpoint);
1219 breakpoint = breakpoint->next;
1223 static int xscale_resume(struct target_s *target, int current,
1224 uint32_t address, int handle_breakpoints, int debug_execution)
1226 armv4_5_common_t *armv4_5 = target->arch_info;
1227 xscale_common_t *xscale= armv4_5->arch_info;
1228 breakpoint_t *breakpoint = target->breakpoints;
1230 uint32_t current_pc;
1237 if (target->state != TARGET_HALTED)
1239 LOG_WARNING("target not halted");
1240 return ERROR_TARGET_NOT_HALTED;
1243 if (!debug_execution)
1245 target_free_all_working_areas(target);
1248 /* update vector tables */
1249 if ((retval = xscale_update_vectors(target)) != ERROR_OK)
1252 /* current = 1: continue on current pc, otherwise continue at <address> */
1254 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1256 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1258 /* if we're at the reset vector, we have to simulate the branch */
1259 if (current_pc == 0x0)
1261 arm_simulate_step(target, NULL);
1262 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1265 /* the front-end may request us not to handle breakpoints */
1266 if (handle_breakpoints)
1268 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1272 /* there's a breakpoint at the current PC, we have to step over it */
1273 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1274 xscale_unset_breakpoint(target, breakpoint);
1276 /* calculate PC of next instruction */
1277 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1279 uint32_t current_opcode;
1280 target_read_u32(target, current_pc, ¤t_opcode);
1281 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1284 LOG_DEBUG("enable single-step");
1285 xscale_enable_single_step(target, next_pc);
1287 /* restore banked registers */
1288 xscale_restore_context(target);
1290 /* send resume request (command 0x30 or 0x31)
1291 * clean the trace buffer if it is to be enabled (0x62) */
1292 if (xscale->trace.buffer_enabled)
1294 xscale_send_u32(target, 0x62);
1295 xscale_send_u32(target, 0x31);
1298 xscale_send_u32(target, 0x30);
1301 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1302 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1304 for (i = 7; i >= 0; i--)
1307 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1308 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1312 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1313 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1315 /* wait for and process debug entry */
1316 xscale_debug_entry(target);
1318 LOG_DEBUG("disable single-step");
1319 xscale_disable_single_step(target);
1321 LOG_DEBUG("set breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1322 xscale_set_breakpoint(target, breakpoint);
1326 /* enable any pending breakpoints and watchpoints */
1327 xscale_enable_breakpoints(target);
1328 xscale_enable_watchpoints(target);
1330 /* restore banked registers */
1331 xscale_restore_context(target);
1333 /* send resume request (command 0x30 or 0x31)
1334 * clean the trace buffer if it is to be enabled (0x62) */
1335 if (xscale->trace.buffer_enabled)
1337 xscale_send_u32(target, 0x62);
1338 xscale_send_u32(target, 0x31);
1341 xscale_send_u32(target, 0x30);
1344 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1345 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1347 for (i = 7; i >= 0; i--)
1350 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1351 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1355 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1356 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1358 target->debug_reason = DBG_REASON_NOTHALTED;
1360 if (!debug_execution)
1362 /* registers are now invalid */
1363 armv4_5_invalidate_core_regs(target);
1364 target->state = TARGET_RUNNING;
1365 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1369 target->state = TARGET_DEBUG_RUNNING;
1370 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1373 LOG_DEBUG("target resumed");
1375 xscale->handler_running = 1;
1380 static int xscale_step_inner(struct target_s *target, int current,
1381 uint32_t address, int handle_breakpoints)
1383 armv4_5_common_t *armv4_5 = target->arch_info;
1384 xscale_common_t *xscale = armv4_5->arch_info;
1390 target->debug_reason = DBG_REASON_SINGLESTEP;
1392 /* calculate PC of next instruction */
1393 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1395 uint32_t current_opcode, current_pc;
1396 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1398 target_read_u32(target, current_pc, ¤t_opcode);
1399 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1403 LOG_DEBUG("enable single-step");
1404 if ((retval = xscale_enable_single_step(target, next_pc)) != ERROR_OK)
1407 /* restore banked registers */
1408 if ((retval = xscale_restore_context(target)) != ERROR_OK)
1411 /* send resume request (command 0x30 or 0x31)
1412 * clean the trace buffer if it is to be enabled (0x62) */
1413 if (xscale->trace.buffer_enabled)
1415 if ((retval = xscale_send_u32(target, 0x62)) != ERROR_OK)
1417 if ((retval = xscale_send_u32(target, 0x31)) != ERROR_OK)
1421 if ((retval = xscale_send_u32(target, 0x30)) != ERROR_OK)
1425 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32))) != ERROR_OK)
1427 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1429 for (i = 7; i >= 0; i--)
1432 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32))) != ERROR_OK)
1434 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1438 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))) != ERROR_OK)
1440 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1442 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1444 /* registers are now invalid */
1445 if ((retval = armv4_5_invalidate_core_regs(target)) != ERROR_OK)
1448 /* wait for and process debug entry */
1449 if ((retval = xscale_debug_entry(target)) != ERROR_OK)
1452 LOG_DEBUG("disable single-step");
1453 if ((retval = xscale_disable_single_step(target)) != ERROR_OK)
1456 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1461 static int xscale_step(struct target_s *target, int current,
1462 uint32_t address, int handle_breakpoints)
1464 armv4_5_common_t *armv4_5 = target->arch_info;
1465 breakpoint_t *breakpoint = target->breakpoints;
1467 uint32_t current_pc;
1470 if (target->state != TARGET_HALTED)
1472 LOG_WARNING("target not halted");
1473 return ERROR_TARGET_NOT_HALTED;
1476 /* current = 1: continue on current pc, otherwise continue at <address> */
1478 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1480 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1482 /* if we're at the reset vector, we have to simulate the step */
1483 if (current_pc == 0x0)
1485 if ((retval = arm_simulate_step(target, NULL)) != ERROR_OK)
1487 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1489 target->debug_reason = DBG_REASON_SINGLESTEP;
1490 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1495 /* the front-end may request us not to handle breakpoints */
1496 if (handle_breakpoints)
1497 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1499 if ((retval = xscale_unset_breakpoint(target, breakpoint)) != ERROR_OK)
1503 retval = xscale_step_inner(target, current, address, handle_breakpoints);
1507 xscale_set_breakpoint(target, breakpoint);
1510 LOG_DEBUG("target stepped");
1516 static int xscale_assert_reset(target_t *target)
1518 armv4_5_common_t *armv4_5 = target->arch_info;
1519 xscale_common_t *xscale = armv4_5->arch_info;
1521 LOG_DEBUG("target->state: %s",
1522 target_state_name(target));
1524 /* select DCSR instruction (set endstate to R-T-I to ensure we don't
1525 * end up in T-L-R, which would reset JTAG
1527 jtag_set_end_state(TAP_IDLE);
1528 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
1530 /* set Hold reset, Halt mode and Trap Reset */
1531 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1532 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1533 xscale_write_dcsr(target, 1, 0);
1535 /* select BYPASS, because having DCSR selected caused problems on the PXA27x */
1536 xscale_jtag_set_instr(target->tap, 0x7f);
1537 jtag_execute_queue();
1540 jtag_add_reset(0, 1);
1542 /* sleep 1ms, to be sure we fulfill any requirements */
1543 jtag_add_sleep(1000);
1544 jtag_execute_queue();
1546 target->state = TARGET_RESET;
1548 if (target->reset_halt)
1551 if ((retval = target_halt(target)) != ERROR_OK)
1558 static int xscale_deassert_reset(target_t *target)
1560 armv4_5_common_t *armv4_5 = target->arch_info;
1561 xscale_common_t *xscale = armv4_5->arch_info;
1562 breakpoint_t *breakpoint = target->breakpoints;
1566 xscale->ibcr_available = 2;
1567 xscale->ibcr0_used = 0;
1568 xscale->ibcr1_used = 0;
1570 xscale->dbr_available = 2;
1571 xscale->dbr0_used = 0;
1572 xscale->dbr1_used = 0;
1574 /* mark all hardware breakpoints as unset */
1577 if (breakpoint->type == BKPT_HARD)
1579 breakpoint->set = 0;
1581 breakpoint = breakpoint->next;
1584 if (!xscale->handler_installed)
1588 const uint8_t *buffer = xscale_debug_handler;
1592 jtag_add_reset(0, 0);
1594 /* wait 300ms; 150 and 100ms were not enough */
1595 jtag_add_sleep(300*1000);
1597 jtag_add_runtest(2030, jtag_set_end_state(TAP_IDLE));
1598 jtag_execute_queue();
1600 /* set Hold reset, Halt mode and Trap Reset */
1601 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1602 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1603 xscale_write_dcsr(target, 1, 0);
1605 /* Load the debug handler into the mini-icache. Since
1606 * it's using halt mode (not monitor mode), it runs in
1607 * "Special Debug State" for access to registers, memory,
1608 * coprocessors, trace data, etc.
1610 * REVISIT: *assumes* we've had a SRST+TRST reset so the
1611 * mini-icache contents have been invalidated. Safest to
1612 * force that, so writing new contents is reliable...
1614 address = xscale->handler_address;
1615 for (unsigned binary_size = xscale_debug_handler_size;
1617 binary_size -= buf_cnt, buffer += buf_cnt)
1619 uint32_t cache_line[8];
1622 buf_cnt = binary_size;
1626 for (i = 0; i < buf_cnt; i += 4)
1628 /* convert LE buffer to host-endian uint32_t */
1629 cache_line[i / 4] = le_to_h_u32(&buffer[i]);
1632 for (; i < 32; i += 4)
1634 cache_line[i / 4] = 0xe1a08008;
1637 /* only load addresses other than the reset vectors */
1638 if ((address % 0x400) != 0x0)
1640 retval = xscale_load_ic(target, address,
1642 if (retval != ERROR_OK)
1649 retval = xscale_load_ic(target, 0x0,
1650 xscale->low_vectors);
1651 if (retval != ERROR_OK)
1653 retval = xscale_load_ic(target, 0xffff0000,
1654 xscale->high_vectors);
1655 if (retval != ERROR_OK)
1658 jtag_add_runtest(30, jtag_set_end_state(TAP_IDLE));
1660 jtag_add_sleep(100000);
1662 /* set Hold reset, Halt mode and Trap Reset */
1663 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1664 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1665 xscale_write_dcsr(target, 1, 0);
1667 /* clear Hold reset to let the target run (should enter debug handler) */
1668 xscale_write_dcsr(target, 0, 1);
1669 target->state = TARGET_RUNNING;
1671 if (!target->reset_halt)
1673 jtag_add_sleep(10000);
1675 /* we should have entered debug now */
1676 xscale_debug_entry(target);
1677 target->state = TARGET_HALTED;
1679 /* resume the target */
1680 xscale_resume(target, 1, 0x0, 1, 0);
1685 jtag_add_reset(0, 0);
1691 static int xscale_read_core_reg(struct target_s *target, int num,
1692 enum armv4_5_mode mode)
1694 LOG_ERROR("not implemented");
1698 static int xscale_write_core_reg(struct target_s *target, int num,
1699 enum armv4_5_mode mode, uint32_t value)
1701 LOG_ERROR("not implemented");
1705 static int xscale_full_context(target_t *target)
1707 armv4_5_common_t *armv4_5 = target->arch_info;
1715 if (target->state != TARGET_HALTED)
1717 LOG_WARNING("target not halted");
1718 return ERROR_TARGET_NOT_HALTED;
1721 buffer = malloc(4 * 8);
1723 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1724 * we can't enter User mode on an XScale (unpredictable),
1725 * but User shares registers with SYS
1727 for (i = 1; i < 7; i++)
1731 /* check if there are invalid registers in the current mode
1733 for (j = 0; j <= 16; j++)
1735 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1743 /* request banked registers */
1744 xscale_send_u32(target, 0x0);
1747 tmp_cpsr |= armv4_5_number_to_mode(i);
1748 tmp_cpsr |= 0xc0; /* I/F bits */
1750 /* send CPSR for desired mode */
1751 xscale_send_u32(target, tmp_cpsr);
1753 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1754 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1756 xscale_receive(target, buffer, 8);
1757 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1758 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1759 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1763 xscale_receive(target, buffer, 7);
1766 /* move data from buffer to register cache */
1767 for (j = 8; j <= 14; j++)
1769 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value, 0, 32, buffer[j - 8]);
1770 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1771 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1781 static int xscale_restore_context(target_t *target)
1783 armv4_5_common_t *armv4_5 = target->arch_info;
1787 if (target->state != TARGET_HALTED)
1789 LOG_WARNING("target not halted");
1790 return ERROR_TARGET_NOT_HALTED;
1793 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1794 * we can't enter User mode on an XScale (unpredictable),
1795 * but User shares registers with SYS
1797 for (i = 1; i < 7; i++)
1801 /* check if there are invalid registers in the current mode
1803 for (j = 8; j <= 14; j++)
1805 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty == 1)
1809 /* if not USR/SYS, check if the SPSR needs to be written */
1810 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1812 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty == 1)
1820 /* send banked registers */
1821 xscale_send_u32(target, 0x1);
1824 tmp_cpsr |= armv4_5_number_to_mode(i);
1825 tmp_cpsr |= 0xc0; /* I/F bits */
1827 /* send CPSR for desired mode */
1828 xscale_send_u32(target, tmp_cpsr);
1830 /* send banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1831 for (j = 8; j <= 14; j++)
1833 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, j).value, 0, 32));
1834 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1837 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1839 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32));
1840 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1848 static int xscale_read_memory(struct target_s *target, uint32_t address,
1849 uint32_t size, uint32_t count, uint8_t *buffer)
1851 armv4_5_common_t *armv4_5 = target->arch_info;
1852 xscale_common_t *xscale = armv4_5->arch_info;
1857 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32, address, size, count);
1859 if (target->state != TARGET_HALTED)
1861 LOG_WARNING("target not halted");
1862 return ERROR_TARGET_NOT_HALTED;
1865 /* sanitize arguments */
1866 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1867 return ERROR_INVALID_ARGUMENTS;
1869 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1870 return ERROR_TARGET_UNALIGNED_ACCESS;
1872 /* send memory read request (command 0x1n, n: access size) */
1873 if ((retval = xscale_send_u32(target, 0x10 | size)) != ERROR_OK)
1876 /* send base address for read request */
1877 if ((retval = xscale_send_u32(target, address)) != ERROR_OK)
1880 /* send number of requested data words */
1881 if ((retval = xscale_send_u32(target, count)) != ERROR_OK)
1884 /* receive data from target (count times 32-bit words in host endianness) */
1885 buf32 = malloc(4 * count);
1886 if ((retval = xscale_receive(target, buf32, count)) != ERROR_OK)
1889 /* extract data from host-endian buffer into byte stream */
1890 for (i = 0; i < count; i++)
1895 target_buffer_set_u32(target, buffer, buf32[i]);
1899 target_buffer_set_u16(target, buffer, buf32[i] & 0xffff);
1903 *buffer++ = buf32[i] & 0xff;
1906 LOG_ERROR("should never get here");
1913 /* examine DCSR, to see if Sticky Abort (SA) got set */
1914 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
1916 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
1919 if ((retval = xscale_send_u32(target, 0x60)) != ERROR_OK)
1922 return ERROR_TARGET_DATA_ABORT;
1928 static int xscale_write_memory(struct target_s *target, uint32_t address,
1929 uint32_t size, uint32_t count, uint8_t *buffer)
1931 armv4_5_common_t *armv4_5 = target->arch_info;
1932 xscale_common_t *xscale = armv4_5->arch_info;
1935 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32, address, size, count);
1937 if (target->state != TARGET_HALTED)
1939 LOG_WARNING("target not halted");
1940 return ERROR_TARGET_NOT_HALTED;
1943 /* sanitize arguments */
1944 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1945 return ERROR_INVALID_ARGUMENTS;
1947 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1948 return ERROR_TARGET_UNALIGNED_ACCESS;
1950 /* send memory write request (command 0x2n, n: access size) */
1951 if ((retval = xscale_send_u32(target, 0x20 | size)) != ERROR_OK)
1954 /* send base address for read request */
1955 if ((retval = xscale_send_u32(target, address)) != ERROR_OK)
1958 /* send number of requested data words to be written*/
1959 if ((retval = xscale_send_u32(target, count)) != ERROR_OK)
1962 /* extract data from host-endian buffer into byte stream */
1964 for (i = 0; i < count; i++)
1969 value = target_buffer_get_u32(target, buffer);
1970 xscale_send_u32(target, value);
1974 value = target_buffer_get_u16(target, buffer);
1975 xscale_send_u32(target, value);
1980 xscale_send_u32(target, value);
1984 LOG_ERROR("should never get here");
1989 if ((retval = xscale_send(target, buffer, count, size)) != ERROR_OK)
1992 /* examine DCSR, to see if Sticky Abort (SA) got set */
1993 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
1995 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
1998 if ((retval = xscale_send_u32(target, 0x60)) != ERROR_OK)
2001 return ERROR_TARGET_DATA_ABORT;
2007 static int xscale_bulk_write_memory(target_t *target, uint32_t address,
2008 uint32_t count, uint8_t *buffer)
2010 return xscale_write_memory(target, address, 4, count, buffer);
2013 static uint32_t xscale_get_ttb(target_t *target)
2015 armv4_5_common_t *armv4_5 = target->arch_info;
2016 xscale_common_t *xscale = armv4_5->arch_info;
2019 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_TTB]);
2020 ttb = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_TTB].value, 0, 32);
2025 static void xscale_disable_mmu_caches(target_t *target, int mmu,
2026 int d_u_cache, int i_cache)
2028 armv4_5_common_t *armv4_5 = target->arch_info;
2029 xscale_common_t *xscale = armv4_5->arch_info;
2030 uint32_t cp15_control;
2032 /* read cp15 control register */
2033 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2034 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2037 cp15_control &= ~0x1U;
2042 xscale_send_u32(target, 0x50);
2043 xscale_send_u32(target, xscale->cache_clean_address);
2045 /* invalidate DCache */
2046 xscale_send_u32(target, 0x51);
2048 cp15_control &= ~0x4U;
2053 /* invalidate ICache */
2054 xscale_send_u32(target, 0x52);
2055 cp15_control &= ~0x1000U;
2058 /* write new cp15 control register */
2059 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2061 /* execute cpwait to ensure outstanding operations complete */
2062 xscale_send_u32(target, 0x53);
2065 static void xscale_enable_mmu_caches(target_t *target, int mmu,
2066 int d_u_cache, int i_cache)
2068 armv4_5_common_t *armv4_5 = target->arch_info;
2069 xscale_common_t *xscale = armv4_5->arch_info;
2070 uint32_t cp15_control;
2072 /* read cp15 control register */
2073 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2074 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2077 cp15_control |= 0x1U;
2080 cp15_control |= 0x4U;
2083 cp15_control |= 0x1000U;
2085 /* write new cp15 control register */
2086 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2088 /* execute cpwait to ensure outstanding operations complete */
2089 xscale_send_u32(target, 0x53);
2092 static int xscale_set_breakpoint(struct target_s *target,
2093 breakpoint_t *breakpoint)
2096 armv4_5_common_t *armv4_5 = target->arch_info;
2097 xscale_common_t *xscale = armv4_5->arch_info;
2099 if (target->state != TARGET_HALTED)
2101 LOG_WARNING("target not halted");
2102 return ERROR_TARGET_NOT_HALTED;
2105 if (breakpoint->set)
2107 LOG_WARNING("breakpoint already set");
2111 if (breakpoint->type == BKPT_HARD)
2113 uint32_t value = breakpoint->address | 1;
2114 if (!xscale->ibcr0_used)
2116 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], value);
2117 xscale->ibcr0_used = 1;
2118 breakpoint->set = 1; /* breakpoint set on first breakpoint register */
2120 else if (!xscale->ibcr1_used)
2122 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], value);
2123 xscale->ibcr1_used = 1;
2124 breakpoint->set = 2; /* breakpoint set on second breakpoint register */
2128 LOG_ERROR("BUG: no hardware comparator available");
2132 else if (breakpoint->type == BKPT_SOFT)
2134 if (breakpoint->length == 4)
2136 /* keep the original instruction in target endianness */
2137 if ((retval = target_read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2141 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2142 if ((retval = target_write_u32(target, breakpoint->address, xscale->arm_bkpt)) != ERROR_OK)
2149 /* keep the original instruction in target endianness */
2150 if ((retval = target_read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2154 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2155 if ((retval = target_write_u32(target, breakpoint->address, xscale->thumb_bkpt)) != ERROR_OK)
2160 breakpoint->set = 1;
2166 static int xscale_add_breakpoint(struct target_s *target,
2167 breakpoint_t *breakpoint)
2169 armv4_5_common_t *armv4_5 = target->arch_info;
2170 xscale_common_t *xscale = armv4_5->arch_info;
2172 if (target->state != TARGET_HALTED)
2174 LOG_WARNING("target not halted");
2175 return ERROR_TARGET_NOT_HALTED;
2178 if ((breakpoint->type == BKPT_HARD) && (xscale->ibcr_available < 1))
2180 LOG_INFO("no breakpoint unit available for hardware breakpoint");
2181 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2184 if ((breakpoint->length != 2) && (breakpoint->length != 4))
2186 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
2187 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2190 if (breakpoint->type == BKPT_HARD)
2192 xscale->ibcr_available--;
2198 static int xscale_unset_breakpoint(struct target_s *target,
2199 breakpoint_t *breakpoint)
2202 armv4_5_common_t *armv4_5 = target->arch_info;
2203 xscale_common_t *xscale = armv4_5->arch_info;
2205 if (target->state != TARGET_HALTED)
2207 LOG_WARNING("target not halted");
2208 return ERROR_TARGET_NOT_HALTED;
2211 if (!breakpoint->set)
2213 LOG_WARNING("breakpoint not set");
2217 if (breakpoint->type == BKPT_HARD)
2219 if (breakpoint->set == 1)
2221 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], 0x0);
2222 xscale->ibcr0_used = 0;
2224 else if (breakpoint->set == 2)
2226 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], 0x0);
2227 xscale->ibcr1_used = 0;
2229 breakpoint->set = 0;
2233 /* restore original instruction (kept in target endianness) */
2234 if (breakpoint->length == 4)
2236 if ((retval = target_write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2243 if ((retval = target_write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2248 breakpoint->set = 0;
2254 static int xscale_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2256 armv4_5_common_t *armv4_5 = target->arch_info;
2257 xscale_common_t *xscale = armv4_5->arch_info;
2259 if (target->state != TARGET_HALTED)
2261 LOG_WARNING("target not halted");
2262 return ERROR_TARGET_NOT_HALTED;
2265 if (breakpoint->set)
2267 xscale_unset_breakpoint(target, breakpoint);
2270 if (breakpoint->type == BKPT_HARD)
2271 xscale->ibcr_available++;
2276 static int xscale_set_watchpoint(struct target_s *target,
2277 watchpoint_t *watchpoint)
2279 armv4_5_common_t *armv4_5 = target->arch_info;
2280 xscale_common_t *xscale = armv4_5->arch_info;
2282 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2283 uint32_t dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2285 if (target->state != TARGET_HALTED)
2287 LOG_WARNING("target not halted");
2288 return ERROR_TARGET_NOT_HALTED;
2291 xscale_get_reg(dbcon);
2293 switch (watchpoint->rw)
2305 LOG_ERROR("BUG: watchpoint->rw neither read, write nor access");
2308 if (!xscale->dbr0_used)
2310 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR0], watchpoint->address);
2311 dbcon_value |= enable;
2312 xscale_set_reg_u32(dbcon, dbcon_value);
2313 watchpoint->set = 1;
2314 xscale->dbr0_used = 1;
2316 else if (!xscale->dbr1_used)
2318 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR1], watchpoint->address);
2319 dbcon_value |= enable << 2;
2320 xscale_set_reg_u32(dbcon, dbcon_value);
2321 watchpoint->set = 2;
2322 xscale->dbr1_used = 1;
2326 LOG_ERROR("BUG: no hardware comparator available");
2333 static int xscale_add_watchpoint(struct target_s *target,
2334 watchpoint_t *watchpoint)
2336 armv4_5_common_t *armv4_5 = target->arch_info;
2337 xscale_common_t *xscale = armv4_5->arch_info;
2339 if (target->state != TARGET_HALTED)
2341 LOG_WARNING("target not halted");
2342 return ERROR_TARGET_NOT_HALTED;
2345 if (xscale->dbr_available < 1)
2347 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2350 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
2352 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2355 xscale->dbr_available--;
2360 static int xscale_unset_watchpoint(struct target_s *target,
2361 watchpoint_t *watchpoint)
2363 armv4_5_common_t *armv4_5 = target->arch_info;
2364 xscale_common_t *xscale = armv4_5->arch_info;
2365 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2366 uint32_t dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2368 if (target->state != TARGET_HALTED)
2370 LOG_WARNING("target not halted");
2371 return ERROR_TARGET_NOT_HALTED;
2374 if (!watchpoint->set)
2376 LOG_WARNING("breakpoint not set");
2380 if (watchpoint->set == 1)
2382 dbcon_value &= ~0x3;
2383 xscale_set_reg_u32(dbcon, dbcon_value);
2384 xscale->dbr0_used = 0;
2386 else if (watchpoint->set == 2)
2388 dbcon_value &= ~0xc;
2389 xscale_set_reg_u32(dbcon, dbcon_value);
2390 xscale->dbr1_used = 0;
2392 watchpoint->set = 0;
2397 static int xscale_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2399 armv4_5_common_t *armv4_5 = target->arch_info;
2400 xscale_common_t *xscale = armv4_5->arch_info;
2402 if (target->state != TARGET_HALTED)
2404 LOG_WARNING("target not halted");
2405 return ERROR_TARGET_NOT_HALTED;
2408 if (watchpoint->set)
2410 xscale_unset_watchpoint(target, watchpoint);
2413 xscale->dbr_available++;
2418 static int xscale_get_reg(reg_t *reg)
2420 xscale_reg_t *arch_info = reg->arch_info;
2421 target_t *target = arch_info->target;
2422 armv4_5_common_t *armv4_5 = target->arch_info;
2423 xscale_common_t *xscale = armv4_5->arch_info;
2425 /* DCSR, TX and RX are accessible via JTAG */
2426 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2428 return xscale_read_dcsr(arch_info->target);
2430 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2432 /* 1 = consume register content */
2433 return xscale_read_tx(arch_info->target, 1);
2435 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2437 /* can't read from RX register (host -> debug handler) */
2440 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2442 /* can't (explicitly) read from TXRXCTRL register */
2445 else /* Other DBG registers have to be transfered by the debug handler */
2447 /* send CP read request (command 0x40) */
2448 xscale_send_u32(target, 0x40);
2450 /* send CP register number */
2451 xscale_send_u32(target, arch_info->dbg_handler_number);
2453 /* read register value */
2454 xscale_read_tx(target, 1);
2455 buf_cpy(xscale->reg_cache->reg_list[XSCALE_TX].value, reg->value, 32);
2464 static int xscale_set_reg(reg_t *reg, uint8_t* buf)
2466 xscale_reg_t *arch_info = reg->arch_info;
2467 target_t *target = arch_info->target;
2468 armv4_5_common_t *armv4_5 = target->arch_info;
2469 xscale_common_t *xscale = armv4_5->arch_info;
2470 uint32_t value = buf_get_u32(buf, 0, 32);
2472 /* DCSR, TX and RX are accessible via JTAG */
2473 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2475 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32, value);
2476 return xscale_write_dcsr(arch_info->target, -1, -1);
2478 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2480 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
2481 return xscale_write_rx(arch_info->target);
2483 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2485 /* can't write to TX register (debug-handler -> host) */
2488 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2490 /* can't (explicitly) write to TXRXCTRL register */
2493 else /* Other DBG registers have to be transfered by the debug handler */
2495 /* send CP write request (command 0x41) */
2496 xscale_send_u32(target, 0x41);
2498 /* send CP register number */
2499 xscale_send_u32(target, arch_info->dbg_handler_number);
2501 /* send CP register value */
2502 xscale_send_u32(target, value);
2503 buf_set_u32(reg->value, 0, 32, value);
2509 static int xscale_write_dcsr_sw(target_t *target, uint32_t value)
2511 /* get pointers to arch-specific information */
2512 armv4_5_common_t *armv4_5 = target->arch_info;
2513 xscale_common_t *xscale = armv4_5->arch_info;
2514 reg_t *dcsr = &xscale->reg_cache->reg_list[XSCALE_DCSR];
2515 xscale_reg_t *dcsr_arch_info = dcsr->arch_info;
2517 /* send CP write request (command 0x41) */
2518 xscale_send_u32(target, 0x41);
2520 /* send CP register number */
2521 xscale_send_u32(target, dcsr_arch_info->dbg_handler_number);
2523 /* send CP register value */
2524 xscale_send_u32(target, value);
2525 buf_set_u32(dcsr->value, 0, 32, value);
2530 static int xscale_read_trace(target_t *target)
2532 /* get pointers to arch-specific information */
2533 armv4_5_common_t *armv4_5 = target->arch_info;
2534 xscale_common_t *xscale = armv4_5->arch_info;
2535 xscale_trace_data_t **trace_data_p;
2537 /* 258 words from debug handler
2538 * 256 trace buffer entries
2539 * 2 checkpoint addresses
2541 uint32_t trace_buffer[258];
2542 int is_address[256];
2545 if (target->state != TARGET_HALTED)
2547 LOG_WARNING("target must be stopped to read trace data");
2548 return ERROR_TARGET_NOT_HALTED;
2551 /* send read trace buffer command (command 0x61) */
2552 xscale_send_u32(target, 0x61);
2554 /* receive trace buffer content */
2555 xscale_receive(target, trace_buffer, 258);
2557 /* parse buffer backwards to identify address entries */
2558 for (i = 255; i >= 0; i--)
2561 if (((trace_buffer[i] & 0xf0) == 0x90) ||
2562 ((trace_buffer[i] & 0xf0) == 0xd0))
2565 is_address[--i] = 1;
2567 is_address[--i] = 1;
2569 is_address[--i] = 1;
2571 is_address[--i] = 1;
2576 /* search first non-zero entry */
2577 for (j = 0; (j < 256) && (trace_buffer[j] == 0) && (!is_address[j]); j++)
2582 LOG_DEBUG("no trace data collected");
2583 return ERROR_XSCALE_NO_TRACE_DATA;
2586 for (trace_data_p = &xscale->trace.data; *trace_data_p; trace_data_p = &(*trace_data_p)->next)
2589 *trace_data_p = malloc(sizeof(xscale_trace_data_t));
2590 (*trace_data_p)->next = NULL;
2591 (*trace_data_p)->chkpt0 = trace_buffer[256];
2592 (*trace_data_p)->chkpt1 = trace_buffer[257];
2593 (*trace_data_p)->last_instruction = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2594 (*trace_data_p)->entries = malloc(sizeof(xscale_trace_entry_t) * (256 - j));
2595 (*trace_data_p)->depth = 256 - j;
2597 for (i = j; i < 256; i++)
2599 (*trace_data_p)->entries[i - j].data = trace_buffer[i];
2601 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_ADDRESS;
2603 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_MESSAGE;
2609 static int xscale_read_instruction(target_t *target,
2610 arm_instruction_t *instruction)
2612 /* get pointers to arch-specific information */
2613 armv4_5_common_t *armv4_5 = target->arch_info;
2614 xscale_common_t *xscale = armv4_5->arch_info;
2621 if (!xscale->trace.image)
2622 return ERROR_TRACE_IMAGE_UNAVAILABLE;
2624 /* search for the section the current instruction belongs to */
2625 for (i = 0; i < xscale->trace.image->num_sections; i++)
2627 if ((xscale->trace.image->sections[i].base_address <= xscale->trace.current_pc) &&
2628 (xscale->trace.image->sections[i].base_address + xscale->trace.image->sections[i].size > xscale->trace.current_pc))
2637 /* current instruction couldn't be found in the image */
2638 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2641 if (xscale->trace.core_state == ARMV4_5_STATE_ARM)
2644 if ((retval = image_read_section(xscale->trace.image, section,
2645 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2646 4, buf, &size_read)) != ERROR_OK)
2648 LOG_ERROR("error while reading instruction: %i", retval);
2649 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2651 opcode = target_buffer_get_u32(target, buf);
2652 arm_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2654 else if (xscale->trace.core_state == ARMV4_5_STATE_THUMB)
2657 if ((retval = image_read_section(xscale->trace.image, section,
2658 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2659 2, buf, &size_read)) != ERROR_OK)
2661 LOG_ERROR("error while reading instruction: %i", retval);
2662 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2664 opcode = target_buffer_get_u16(target, buf);
2665 thumb_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2669 LOG_ERROR("BUG: unknown core state encountered");
2676 static int xscale_branch_address(xscale_trace_data_t *trace_data,
2677 int i, uint32_t *target)
2679 /* if there are less than four entries prior to the indirect branch message
2680 * we can't extract the address */
2686 *target = (trace_data->entries[i-1].data) | (trace_data->entries[i-2].data << 8) |
2687 (trace_data->entries[i-3].data << 16) | (trace_data->entries[i-4].data << 24);
2692 static int xscale_analyze_trace(target_t *target, command_context_t *cmd_ctx)
2694 /* get pointers to arch-specific information */
2695 armv4_5_common_t *armv4_5 = target->arch_info;
2696 xscale_common_t *xscale = armv4_5->arch_info;
2698 uint32_t next_pc = 0x0;
2699 xscale_trace_data_t *trace_data = xscale->trace.data;
2708 xscale->trace.core_state = ARMV4_5_STATE_ARM;
2713 for (i = 0; i < trace_data->depth; i++)
2719 if (trace_data->entries[i].type == XSCALE_TRACE_ADDRESS)
2722 switch ((trace_data->entries[i].data & 0xf0) >> 4)
2724 case 0: /* Exceptions */
2732 exception = (trace_data->entries[i].data & 0x70) >> 4;
2734 next_pc = (trace_data->entries[i].data & 0xf0) >> 2;
2735 command_print(cmd_ctx, "--- exception %i ---", (trace_data->entries[i].data & 0xf0) >> 4);
2737 case 8: /* Direct Branch */
2740 case 9: /* Indirect Branch */
2742 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2747 case 13: /* Checkpointed Indirect Branch */
2748 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2751 if (((chkpt == 0) && (next_pc != trace_data->chkpt0))
2752 || ((chkpt == 1) && (next_pc != trace_data->chkpt1)))
2753 LOG_WARNING("checkpointed indirect branch target address doesn't match checkpoint");
2755 /* explicit fall-through */
2756 case 12: /* Checkpointed Direct Branch */
2761 next_pc = trace_data->chkpt0;
2764 else if (chkpt == 1)
2767 next_pc = trace_data->chkpt0;
2772 LOG_WARNING("more than two checkpointed branches encountered");
2775 case 15: /* Roll-over */
2778 default: /* Reserved */
2779 command_print(cmd_ctx, "--- reserved trace message ---");
2780 LOG_ERROR("BUG: trace message %i is reserved", (trace_data->entries[i].data & 0xf0) >> 4);
2784 if (xscale->trace.pc_ok)
2786 int executed = (trace_data->entries[i].data & 0xf) + rollover * 16;
2787 arm_instruction_t instruction;
2789 if ((exception == 6) || (exception == 7))
2791 /* IRQ or FIQ exception, no instruction executed */
2795 while (executed-- >= 0)
2797 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2799 /* can't continue tracing with no image available */
2800 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2804 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2806 /* TODO: handle incomplete images */
2810 /* a precise abort on a load to the PC is included in the incremental
2811 * word count, other instructions causing data aborts are not included
2813 if ((executed == 0) && (exception == 4)
2814 && ((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDM)))
2816 if ((instruction.type == ARM_LDM)
2817 && ((instruction.info.load_store_multiple.register_list & 0x8000) == 0))
2821 else if (((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDRSH))
2822 && (instruction.info.load_store.Rd != 15))
2828 /* only the last instruction executed
2829 * (the one that caused the control flow change)
2830 * could be a taken branch
2832 if (((executed == -1) && (branch == 1)) &&
2833 (((instruction.type == ARM_B) ||
2834 (instruction.type == ARM_BL) ||
2835 (instruction.type == ARM_BLX)) &&
2836 (instruction.info.b_bl_bx_blx.target_address != 0xffffffff)))
2838 xscale->trace.current_pc = instruction.info.b_bl_bx_blx.target_address;
2842 xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2;
2844 command_print(cmd_ctx, "%s", instruction.text);
2852 xscale->trace.current_pc = next_pc;
2853 xscale->trace.pc_ok = 1;
2857 for (; xscale->trace.current_pc < trace_data->last_instruction; xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2)
2859 arm_instruction_t instruction;
2860 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2862 /* can't continue tracing with no image available */
2863 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2867 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2869 /* TODO: handle incomplete images */
2872 command_print(cmd_ctx, "%s", instruction.text);
2875 trace_data = trace_data->next;
2881 static void xscale_build_reg_cache(target_t *target)
2883 /* get pointers to arch-specific information */
2884 armv4_5_common_t *armv4_5 = target->arch_info;
2885 xscale_common_t *xscale = armv4_5->arch_info;
2887 reg_cache_t **cache_p = register_get_last_cache_p(&target->reg_cache);
2888 xscale_reg_t *arch_info = malloc(sizeof(xscale_reg_arch_info));
2890 int num_regs = sizeof(xscale_reg_arch_info) / sizeof(xscale_reg_t);
2892 (*cache_p) = armv4_5_build_reg_cache(target, armv4_5);
2893 armv4_5->core_cache = (*cache_p);
2895 /* register a register arch-type for XScale dbg registers only once */
2896 if (xscale_reg_arch_type == -1)
2897 xscale_reg_arch_type = register_reg_arch_type(xscale_get_reg, xscale_set_reg);
2899 (*cache_p)->next = malloc(sizeof(reg_cache_t));
2900 cache_p = &(*cache_p)->next;
2902 /* fill in values for the xscale reg cache */
2903 (*cache_p)->name = "XScale registers";
2904 (*cache_p)->next = NULL;
2905 (*cache_p)->reg_list = malloc(num_regs * sizeof(reg_t));
2906 (*cache_p)->num_regs = num_regs;
2908 for (i = 0; i < num_regs; i++)
2910 (*cache_p)->reg_list[i].name = xscale_reg_list[i];
2911 (*cache_p)->reg_list[i].value = calloc(4, 1);
2912 (*cache_p)->reg_list[i].dirty = 0;
2913 (*cache_p)->reg_list[i].valid = 0;
2914 (*cache_p)->reg_list[i].size = 32;
2915 (*cache_p)->reg_list[i].bitfield_desc = NULL;
2916 (*cache_p)->reg_list[i].num_bitfields = 0;
2917 (*cache_p)->reg_list[i].arch_info = &arch_info[i];
2918 (*cache_p)->reg_list[i].arch_type = xscale_reg_arch_type;
2919 arch_info[i] = xscale_reg_arch_info[i];
2920 arch_info[i].target = target;
2923 xscale->reg_cache = (*cache_p);
2926 static int xscale_init_target(struct command_context_s *cmd_ctx,
2927 struct target_s *target)
2929 xscale_build_reg_cache(target);
2933 static int xscale_quit(void)
2935 jtag_add_runtest(100, TAP_RESET);
2939 static int xscale_init_arch_info(target_t *target,
2940 xscale_common_t *xscale, jtag_tap_t *tap, const char *variant)
2942 armv4_5_common_t *armv4_5;
2943 uint32_t high_reset_branch, low_reset_branch;
2946 armv4_5 = &xscale->armv4_5_common;
2948 /* store architecture specfic data (none so far) */
2949 xscale->arch_info = NULL;
2950 xscale->common_magic = XSCALE_COMMON_MAGIC;
2952 /* we don't really *need* variant info ... */
2956 if (strcmp(variant, "pxa250") == 0
2957 || strcmp(variant, "pxa255") == 0
2958 || strcmp(variant, "pxa26x") == 0)
2960 else if (strcmp(variant, "pxa27x") == 0
2961 || strcmp(variant, "ixp42x") == 0
2962 || strcmp(variant, "ixp45x") == 0
2963 || strcmp(variant, "ixp46x") == 0)
2966 LOG_WARNING("%s: unrecognized variant %s",
2967 tap->dotted_name, variant);
2969 if (ir_length && ir_length != tap->ir_length) {
2970 LOG_WARNING("%s: IR length for %s is %d; fixing",
2971 tap->dotted_name, variant, ir_length);
2972 tap->ir_length = ir_length;
2976 /* the debug handler isn't installed (and thus not running) at this time */
2977 xscale->handler_installed = 0;
2978 xscale->handler_running = 0;
2979 xscale->handler_address = 0xfe000800;
2981 /* clear the vectors we keep locally for reference */
2982 memset(xscale->low_vectors, 0, sizeof(xscale->low_vectors));
2983 memset(xscale->high_vectors, 0, sizeof(xscale->high_vectors));
2985 /* no user-specified vectors have been configured yet */
2986 xscale->static_low_vectors_set = 0x0;
2987 xscale->static_high_vectors_set = 0x0;
2989 /* calculate branches to debug handler */
2990 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
2991 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
2993 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
2994 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
2996 for (i = 1; i <= 7; i++)
2998 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
2999 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3002 /* 64kB aligned region used for DCache cleaning */
3003 xscale->cache_clean_address = 0xfffe0000;
3005 xscale->hold_rst = 0;
3006 xscale->external_debug_break = 0;
3008 xscale->ibcr_available = 2;
3009 xscale->ibcr0_used = 0;
3010 xscale->ibcr1_used = 0;
3012 xscale->dbr_available = 2;
3013 xscale->dbr0_used = 0;
3014 xscale->dbr1_used = 0;
3016 xscale->arm_bkpt = ARMV5_BKPT(0x0);
3017 xscale->thumb_bkpt = ARMV5_T_BKPT(0x0) & 0xffff;
3019 xscale->vector_catch = 0x1;
3021 xscale->trace.capture_status = TRACE_IDLE;
3022 xscale->trace.data = NULL;
3023 xscale->trace.image = NULL;
3024 xscale->trace.buffer_enabled = 0;
3025 xscale->trace.buffer_fill = 0;
3027 /* prepare ARMv4/5 specific information */
3028 armv4_5->arch_info = xscale;
3029 armv4_5->read_core_reg = xscale_read_core_reg;
3030 armv4_5->write_core_reg = xscale_write_core_reg;
3031 armv4_5->full_context = xscale_full_context;
3033 armv4_5_init_arch_info(target, armv4_5);
3035 xscale->armv4_5_mmu.armv4_5_cache.ctype = -1;
3036 xscale->armv4_5_mmu.get_ttb = xscale_get_ttb;
3037 xscale->armv4_5_mmu.read_memory = xscale_read_memory;
3038 xscale->armv4_5_mmu.write_memory = xscale_write_memory;
3039 xscale->armv4_5_mmu.disable_mmu_caches = xscale_disable_mmu_caches;
3040 xscale->armv4_5_mmu.enable_mmu_caches = xscale_enable_mmu_caches;
3041 xscale->armv4_5_mmu.has_tiny_pages = 1;
3042 xscale->armv4_5_mmu.mmu_enabled = 0;
3047 static int xscale_target_create(struct target_s *target, Jim_Interp *interp)
3049 xscale_common_t *xscale;
3051 if (xscale_debug_handler_size > 0x800) {
3052 LOG_ERROR("debug_handler.bin: larger than 2kb");
3056 xscale = calloc(1, sizeof(*xscale));
3060 return xscale_init_arch_info(target, xscale, target->tap,
3065 xscale_handle_debug_handler_command(struct command_context_s *cmd_ctx,
3066 char *cmd, char **args, int argc)
3068 target_t *target = NULL;
3069 armv4_5_common_t *armv4_5;
3070 xscale_common_t *xscale;
3072 uint32_t handler_address;
3076 LOG_ERROR("'xscale debug_handler <target#> <address>' command takes two required operands");
3080 if ((target = get_target(args[0])) == NULL)
3082 LOG_ERROR("target '%s' not defined", args[0]);
3086 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3091 handler_address = strtoul(args[1], NULL, 0);
3093 if (((handler_address >= 0x800) && (handler_address <= 0x1fef800)) ||
3094 ((handler_address >= 0xfe000800) && (handler_address <= 0xfffff800)))
3096 xscale->handler_address = handler_address;
3100 LOG_ERROR("xscale debug_handler <address> must be between 0x800 and 0x1fef800 or between 0xfe000800 and 0xfffff800");
3108 xscale_handle_cache_clean_address_command(struct command_context_s *cmd_ctx,
3109 char *cmd, char **args, int argc)
3111 target_t *target = NULL;
3112 armv4_5_common_t *armv4_5;
3113 xscale_common_t *xscale;
3115 uint32_t cache_clean_address;
3119 return ERROR_COMMAND_SYNTAX_ERROR;
3122 target = get_target(args[0]);
3125 LOG_ERROR("target '%s' not defined", args[0]);
3129 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3134 cache_clean_address = strtoul(args[1], NULL, 0);
3136 if (cache_clean_address & 0xffff)
3138 LOG_ERROR("xscale cache_clean_address <address> must be 64kb aligned");
3142 xscale->cache_clean_address = cache_clean_address;
3149 xscale_handle_cache_info_command(struct command_context_s *cmd_ctx,
3150 char *cmd, char **args, int argc)
3152 target_t *target = get_current_target(cmd_ctx);
3153 armv4_5_common_t *armv4_5;
3154 xscale_common_t *xscale;
3156 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3161 return armv4_5_handle_cache_info_command(cmd_ctx, &xscale->armv4_5_mmu.armv4_5_cache);
3164 static int xscale_virt2phys(struct target_s *target,
3165 uint32_t virtual, uint32_t *physical)
3167 armv4_5_common_t *armv4_5;
3168 xscale_common_t *xscale;
3175 if ((retval = xscale_get_arch_pointers(target, &armv4_5, &xscale)) != ERROR_OK)
3179 uint32_t ret = armv4_5_mmu_translate_va(target, &xscale->armv4_5_mmu, virtual, &type, &cb, &domain, &ap);
3188 static int xscale_mmu(struct target_s *target, int *enabled)
3190 armv4_5_common_t *armv4_5 = target->arch_info;
3191 xscale_common_t *xscale = armv4_5->arch_info;
3193 if (target->state != TARGET_HALTED)
3195 LOG_ERROR("Target not halted");
3196 return ERROR_TARGET_INVALID;
3198 *enabled = xscale->armv4_5_mmu.mmu_enabled;
3202 static int xscale_handle_mmu_command(command_context_t *cmd_ctx,
3203 char *cmd, char **args, int argc)
3205 target_t *target = get_current_target(cmd_ctx);
3206 armv4_5_common_t *armv4_5;
3207 xscale_common_t *xscale;
3209 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3214 if (target->state != TARGET_HALTED)
3216 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3222 if (strcmp("enable", args[0]) == 0)
3224 xscale_enable_mmu_caches(target, 1, 0, 0);
3225 xscale->armv4_5_mmu.mmu_enabled = 1;
3227 else if (strcmp("disable", args[0]) == 0)
3229 xscale_disable_mmu_caches(target, 1, 0, 0);
3230 xscale->armv4_5_mmu.mmu_enabled = 0;
3234 command_print(cmd_ctx, "mmu %s", (xscale->armv4_5_mmu.mmu_enabled) ? "enabled" : "disabled");
3239 static int xscale_handle_idcache_command(command_context_t *cmd_ctx,
3240 char *cmd, char **args, int argc)
3242 target_t *target = get_current_target(cmd_ctx);
3243 armv4_5_common_t *armv4_5;
3244 xscale_common_t *xscale;
3245 int icache = 0, dcache = 0;
3247 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3252 if (target->state != TARGET_HALTED)
3254 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3258 if (strcmp(cmd, "icache") == 0)
3260 else if (strcmp(cmd, "dcache") == 0)
3265 if (strcmp("enable", args[0]) == 0)
3267 xscale_enable_mmu_caches(target, 0, dcache, icache);
3270 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 1;
3272 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 1;
3274 else if (strcmp("disable", args[0]) == 0)
3276 xscale_disable_mmu_caches(target, 0, dcache, icache);
3279 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
3281 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
3286 command_print(cmd_ctx, "icache %s", (xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled) ? "enabled" : "disabled");
3289 command_print(cmd_ctx, "dcache %s", (xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) ? "enabled" : "disabled");
3294 static int xscale_handle_vector_catch_command(command_context_t *cmd_ctx,
3295 char *cmd, char **args, int argc)
3297 target_t *target = get_current_target(cmd_ctx);
3298 armv4_5_common_t *armv4_5;
3299 xscale_common_t *xscale;
3301 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3308 command_print(cmd_ctx, "usage: xscale vector_catch [mask]");
3312 xscale->vector_catch = strtoul(args[0], NULL, 0);
3313 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 8, xscale->vector_catch);
3314 xscale_write_dcsr(target, -1, -1);
3317 command_print(cmd_ctx, "vector catch mask: 0x%2.2x", xscale->vector_catch);
3323 static int xscale_handle_vector_table_command(command_context_t *cmd_ctx,
3324 char *cmd, char **args, int argc)
3326 target_t *target = get_current_target(cmd_ctx);
3327 armv4_5_common_t *armv4_5;
3328 xscale_common_t *xscale;
3331 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3336 if (argc == 0) /* print current settings */
3340 command_print(cmd_ctx, "active user-set static vectors:");
3341 for (idx = 1; idx < 8; idx++)
3342 if (xscale->static_low_vectors_set & (1 << idx))
3343 command_print(cmd_ctx, "low %d: 0x%" PRIx32, idx, xscale->static_low_vectors[idx]);
3344 for (idx = 1; idx < 8; idx++)
3345 if (xscale->static_high_vectors_set & (1 << idx))
3346 command_print(cmd_ctx, "high %d: 0x%" PRIx32, idx, xscale->static_high_vectors[idx]);
3356 idx = strtoul(args[1], NULL, 0);
3357 vec = strtoul(args[2], NULL, 0);
3359 if (idx < 1 || idx >= 8)
3362 if (!err && strcmp(args[0], "low") == 0)
3364 xscale->static_low_vectors_set |= (1<<idx);
3365 xscale->static_low_vectors[idx] = vec;
3367 else if (!err && (strcmp(args[0], "high") == 0))
3369 xscale->static_high_vectors_set |= (1<<idx);
3370 xscale->static_high_vectors[idx] = vec;
3377 command_print(cmd_ctx, "usage: xscale vector_table <high|low> <index> <code>");
3384 xscale_handle_trace_buffer_command(struct command_context_s *cmd_ctx,
3385 char *cmd, char **args, int argc)
3387 target_t *target = get_current_target(cmd_ctx);
3388 armv4_5_common_t *armv4_5;
3389 xscale_common_t *xscale;
3390 uint32_t dcsr_value;
3392 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3397 if (target->state != TARGET_HALTED)
3399 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3403 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
3405 xscale_trace_data_t *td, *next_td;
3406 xscale->trace.buffer_enabled = 1;
3408 /* free old trace data */
3409 td = xscale->trace.data;
3419 xscale->trace.data = NULL;
3421 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
3423 xscale->trace.buffer_enabled = 0;
3426 if ((argc >= 2) && (strcmp("fill", args[1]) == 0))
3429 xscale->trace.buffer_fill = strtoul(args[2], NULL, 0);
3431 xscale->trace.buffer_fill = 1;
3433 else if ((argc >= 2) && (strcmp("wrap", args[1]) == 0))
3435 xscale->trace.buffer_fill = -1;
3438 if (xscale->trace.buffer_enabled)
3440 /* if we enable the trace buffer in fill-once
3441 * mode we know the address of the first instruction */
3442 xscale->trace.pc_ok = 1;
3443 xscale->trace.current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
3447 /* otherwise the address is unknown, and we have no known good PC */
3448 xscale->trace.pc_ok = 0;
3451 command_print(cmd_ctx, "trace buffer %s (%s)",
3452 (xscale->trace.buffer_enabled) ? "enabled" : "disabled",
3453 (xscale->trace.buffer_fill > 0) ? "fill" : "wrap");
3455 dcsr_value = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32);
3456 if (xscale->trace.buffer_fill >= 0)
3457 xscale_write_dcsr_sw(target, (dcsr_value & 0xfffffffc) | 2);
3459 xscale_write_dcsr_sw(target, dcsr_value & 0xfffffffc);
3465 xscale_handle_trace_image_command(struct command_context_s *cmd_ctx,
3466 char *cmd, char **args, int argc)
3469 armv4_5_common_t *armv4_5;
3470 xscale_common_t *xscale;
3474 command_print(cmd_ctx, "usage: xscale trace_image <file> [base address] [type]");
3478 target = get_current_target(cmd_ctx);
3480 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3485 if (xscale->trace.image)
3487 image_close(xscale->trace.image);
3488 free(xscale->trace.image);
3489 command_print(cmd_ctx, "previously loaded image found and closed");
3492 xscale->trace.image = malloc(sizeof(image_t));
3493 xscale->trace.image->base_address_set = 0;
3494 xscale->trace.image->start_address_set = 0;
3496 /* a base address isn't always necessary, default to 0x0 (i.e. don't relocate) */
3499 xscale->trace.image->base_address_set = 1;
3500 xscale->trace.image->base_address = strtoul(args[1], NULL, 0);
3504 xscale->trace.image->base_address_set = 0;
3507 if (image_open(xscale->trace.image, args[0], (argc >= 3) ? args[2] : NULL) != ERROR_OK)
3509 free(xscale->trace.image);
3510 xscale->trace.image = NULL;
3517 static int xscale_handle_dump_trace_command(struct command_context_s *cmd_ctx,
3518 char *cmd, char **args, int argc)
3520 target_t *target = get_current_target(cmd_ctx);
3521 armv4_5_common_t *armv4_5;
3522 xscale_common_t *xscale;
3523 xscale_trace_data_t *trace_data;
3526 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3531 if (target->state != TARGET_HALTED)
3533 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3539 command_print(cmd_ctx, "usage: xscale dump_trace <file>");
3543 trace_data = xscale->trace.data;
3547 command_print(cmd_ctx, "no trace data collected");
3551 if (fileio_open(&file, args[0], FILEIO_WRITE, FILEIO_BINARY) != ERROR_OK)
3560 fileio_write_u32(&file, trace_data->chkpt0);
3561 fileio_write_u32(&file, trace_data->chkpt1);
3562 fileio_write_u32(&file, trace_data->last_instruction);
3563 fileio_write_u32(&file, trace_data->depth);
3565 for (i = 0; i < trace_data->depth; i++)
3566 fileio_write_u32(&file, trace_data->entries[i].data | ((trace_data->entries[i].type & 0xffff) << 16));
3568 trace_data = trace_data->next;
3571 fileio_close(&file);
3577 xscale_handle_analyze_trace_buffer_command(struct command_context_s *cmd_ctx,
3578 char *cmd, char **args, int argc)
3580 target_t *target = get_current_target(cmd_ctx);
3581 armv4_5_common_t *armv4_5;
3582 xscale_common_t *xscale;
3584 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3589 xscale_analyze_trace(target, cmd_ctx);
3594 static int xscale_handle_cp15(command_context_t *cmd_ctx,
3595 char *cmd, char **args, int argc)
3597 target_t *target = get_current_target(cmd_ctx);
3598 armv4_5_common_t *armv4_5;
3599 xscale_common_t *xscale;
3601 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3606 if (target->state != TARGET_HALTED)
3608 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3611 uint32_t reg_no = 0;
3615 reg_no = strtoul(args[0], NULL, 0);
3616 /*translate from xscale cp15 register no to openocd register*/
3620 reg_no = XSCALE_MAINID;
3623 reg_no = XSCALE_CTRL;
3626 reg_no = XSCALE_TTB;
3629 reg_no = XSCALE_DAC;
3632 reg_no = XSCALE_FSR;
3635 reg_no = XSCALE_FAR;
3638 reg_no = XSCALE_PID;
3641 reg_no = XSCALE_CPACCESS;
3644 command_print(cmd_ctx, "invalid register number");
3645 return ERROR_INVALID_ARGUMENTS;
3647 reg = &xscale->reg_cache->reg_list[reg_no];
3654 /* read cp15 control register */
3655 xscale_get_reg(reg);
3656 value = buf_get_u32(reg->value, 0, 32);
3657 command_print(cmd_ctx, "%s (/%i): 0x%" PRIx32 "", reg->name, (int)(reg->size), value);
3662 uint32_t value = strtoul(args[1], NULL, 0);
3664 /* send CP write request (command 0x41) */
3665 xscale_send_u32(target, 0x41);
3667 /* send CP register number */
3668 xscale_send_u32(target, reg_no);
3670 /* send CP register value */
3671 xscale_send_u32(target, value);
3673 /* execute cpwait to ensure outstanding operations complete */
3674 xscale_send_u32(target, 0x53);
3678 command_print(cmd_ctx, "usage: cp15 [register]<, [value]>");
3684 static int xscale_register_commands(struct command_context_s *cmd_ctx)
3686 command_t *xscale_cmd;
3688 xscale_cmd = register_command(cmd_ctx, NULL, "xscale", NULL, COMMAND_ANY, "xscale specific commands");
3690 register_command(cmd_ctx, xscale_cmd, "debug_handler", xscale_handle_debug_handler_command, COMMAND_ANY, "'xscale debug_handler <target#> <address>' command takes two required operands");
3691 register_command(cmd_ctx, xscale_cmd, "cache_clean_address", xscale_handle_cache_clean_address_command, COMMAND_ANY, NULL);
3693 register_command(cmd_ctx, xscale_cmd, "cache_info", xscale_handle_cache_info_command, COMMAND_EXEC, NULL);
3694 register_command(cmd_ctx, xscale_cmd, "mmu", xscale_handle_mmu_command, COMMAND_EXEC, "['enable'|'disable'] the MMU");
3695 register_command(cmd_ctx, xscale_cmd, "icache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the ICache");
3696 register_command(cmd_ctx, xscale_cmd, "dcache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the DCache");
3698 register_command(cmd_ctx, xscale_cmd, "vector_catch", xscale_handle_vector_catch_command, COMMAND_EXEC, "<mask> of vectors that should be catched");
3699 register_command(cmd_ctx, xscale_cmd, "vector_table", xscale_handle_vector_table_command, COMMAND_EXEC, "<high|low> <index> <code> set static code for exception handler entry");
3701 register_command(cmd_ctx, xscale_cmd, "trace_buffer", xscale_handle_trace_buffer_command, COMMAND_EXEC, "<enable | disable> ['fill' [n]|'wrap']");
3703 register_command(cmd_ctx, xscale_cmd, "dump_trace", xscale_handle_dump_trace_command, COMMAND_EXEC, "dump content of trace buffer to <file>");
3704 register_command(cmd_ctx, xscale_cmd, "analyze_trace", xscale_handle_analyze_trace_buffer_command, COMMAND_EXEC, "analyze content of trace buffer");
3705 register_command(cmd_ctx, xscale_cmd, "trace_image", xscale_handle_trace_image_command,
3706 COMMAND_EXEC, "load image from <file> [base address]");
3708 register_command(cmd_ctx, xscale_cmd, "cp15", xscale_handle_cp15, COMMAND_EXEC, "access coproc 15 <register> [value]");
3710 armv4_5_register_commands(cmd_ctx);
3715 target_type_t xscale_target =
3719 .poll = xscale_poll,
3720 .arch_state = xscale_arch_state,
3722 .target_request_data = NULL,
3724 .halt = xscale_halt,
3725 .resume = xscale_resume,
3726 .step = xscale_step,
3728 .assert_reset = xscale_assert_reset,
3729 .deassert_reset = xscale_deassert_reset,
3730 .soft_reset_halt = NULL,
3732 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
3734 .read_memory = xscale_read_memory,
3735 .write_memory = xscale_write_memory,
3736 .bulk_write_memory = xscale_bulk_write_memory,
3737 .checksum_memory = arm7_9_checksum_memory,
3738 .blank_check_memory = arm7_9_blank_check_memory,
3740 .run_algorithm = armv4_5_run_algorithm,
3742 .add_breakpoint = xscale_add_breakpoint,
3743 .remove_breakpoint = xscale_remove_breakpoint,
3744 .add_watchpoint = xscale_add_watchpoint,
3745 .remove_watchpoint = xscale_remove_watchpoint,
3747 .register_commands = xscale_register_commands,
3748 .target_create = xscale_target_create,
3749 .init_target = xscale_init_target,
3750 .quit = xscale_quit,
3752 .virt2phys = xscale_virt2phys,
projects / fw / openocd / blob