1 /***************************************************************************
2 * Copyright (C) 2006, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
27 #include "replacements.h"
31 #include "arm7_9_common.h"
35 #include "arm_simulator.h"
36 #include "arm_disassembler.h"
39 #include "binarybuffer.h"
40 #include "time_support.h"
41 #include "breakpoints.h"
47 #include <sys/types.h>
53 int xscale_register_commands(struct command_context_s *cmd_ctx);
55 /* forward declarations */
56 int xscale_target_create(struct target_s *target, Jim_Interp *interp);
57 int xscale_init_target(struct command_context_s *cmd_ctx, struct target_s *target);
58 int xscale_quit(void);
60 int xscale_arch_state(struct target_s *target);
61 int xscale_poll(target_t *target);
62 int xscale_halt(target_t *target);
63 int xscale_resume(struct target_s *target, int current, u32 address, int handle_breakpoints, int debug_execution);
64 int xscale_step(struct target_s *target, int current, u32 address, int handle_breakpoints);
65 int xscale_debug_entry(target_t *target);
66 int xscale_restore_context(target_t *target);
68 int xscale_assert_reset(target_t *target);
69 int xscale_deassert_reset(target_t *target);
70 int xscale_soft_reset_halt(struct target_s *target);
72 int xscale_set_reg_u32(reg_t *reg, u32 value);
74 int xscale_read_core_reg(struct target_s *target, int num, enum armv4_5_mode mode);
75 int xscale_write_core_reg(struct target_s *target, int num, enum armv4_5_mode mode, u32 value);
77 int xscale_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
78 int xscale_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
79 int xscale_bulk_write_memory(target_t *target, u32 address, u32 count, u8 *buffer);
81 int xscale_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
82 int xscale_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
83 int xscale_set_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
84 int xscale_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
85 int xscale_add_watchpoint(struct target_s *target, watchpoint_t *watchpoint);
86 int xscale_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint);
87 void xscale_enable_watchpoints(struct target_s *target);
88 void xscale_enable_breakpoints(struct target_s *target);
89 static int xscale_virt2phys(struct target_s *target, u32 virtual, u32 *physical);
90 static int xscale_mmu(struct target_s *target, int *enabled);
92 int xscale_read_trace(target_t *target);
94 target_type_t xscale_target =
99 .arch_state = xscale_arch_state,
101 .target_request_data = NULL,
104 .resume = xscale_resume,
107 .assert_reset = xscale_assert_reset,
108 .deassert_reset = xscale_deassert_reset,
109 .soft_reset_halt = xscale_soft_reset_halt,
111 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
113 .read_memory = xscale_read_memory,
114 .write_memory = xscale_write_memory,
115 .bulk_write_memory = xscale_bulk_write_memory,
116 .checksum_memory = arm7_9_checksum_memory,
117 .blank_check_memory = arm7_9_blank_check_memory,
119 .run_algorithm = armv4_5_run_algorithm,
121 .add_breakpoint = xscale_add_breakpoint,
122 .remove_breakpoint = xscale_remove_breakpoint,
123 .add_watchpoint = xscale_add_watchpoint,
124 .remove_watchpoint = xscale_remove_watchpoint,
126 .register_commands = xscale_register_commands,
127 .target_create = xscale_target_create,
128 .init_target = xscale_init_target,
131 .virt2phys = xscale_virt2phys,
135 char* xscale_reg_list[] =
137 "XSCALE_MAINID", /* 0 */
147 "XSCALE_IBCR0", /* 10 */
157 "XSCALE_RX", /* 20 */
161 xscale_reg_t xscale_reg_arch_info[] =
163 {XSCALE_MAINID, NULL},
164 {XSCALE_CACHETYPE, NULL},
166 {XSCALE_AUXCTRL, NULL},
172 {XSCALE_CPACCESS, NULL},
173 {XSCALE_IBCR0, NULL},
174 {XSCALE_IBCR1, NULL},
177 {XSCALE_DBCON, NULL},
178 {XSCALE_TBREG, NULL},
179 {XSCALE_CHKPT0, NULL},
180 {XSCALE_CHKPT1, NULL},
181 {XSCALE_DCSR, NULL}, /* DCSR accessed via JTAG or SW */
182 {-1, NULL}, /* TX accessed via JTAG */
183 {-1, NULL}, /* RX accessed via JTAG */
184 {-1, NULL}, /* TXRXCTRL implicit access via JTAG */
187 int xscale_reg_arch_type = -1;
189 int xscale_get_reg(reg_t *reg);
190 int xscale_set_reg(reg_t *reg, u8 *buf);
192 int xscale_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, xscale_common_t **xscale_p)
194 armv4_5_common_t *armv4_5 = target->arch_info;
195 xscale_common_t *xscale = armv4_5->arch_info;
197 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
199 LOG_ERROR("target isn't an XScale target");
203 if (xscale->common_magic != XSCALE_COMMON_MAGIC)
205 LOG_ERROR("target isn't an XScale target");
209 *armv4_5_p = armv4_5;
215 int xscale_jtag_set_instr(int chain_pos, u32 new_instr)
217 jtag_device_t *device = jtag_get_device(chain_pos);
221 if (buf_get_u32(device->cur_instr, 0, device->ir_length) != new_instr)
225 field.device = chain_pos;
226 field.num_bits = device->ir_length;
227 field.out_value = calloc(CEIL(field.num_bits, 8), 1);
228 buf_set_u32(field.out_value, 0, field.num_bits, new_instr);
229 field.out_mask = NULL;
230 field.in_value = NULL;
231 jtag_set_check_value(&field, device->expected, device->expected_mask, NULL);
233 jtag_add_ir_scan(1, &field, -1);
235 free(field.out_value);
241 int xscale_read_dcsr(target_t *target)
243 armv4_5_common_t *armv4_5 = target->arch_info;
244 xscale_common_t *xscale = armv4_5->arch_info;
248 scan_field_t fields[3];
250 u8 field0_check_value = 0x2;
251 u8 field0_check_mask = 0x7;
253 u8 field2_check_value = 0x0;
254 u8 field2_check_mask = 0x1;
256 jtag_add_end_state(TAP_PD);
257 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.dcsr);
259 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
260 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
262 fields[0].device = xscale->jtag_info.chain_pos;
263 fields[0].num_bits = 3;
264 fields[0].out_value = &field0;
265 fields[0].out_mask = NULL;
266 fields[0].in_value = NULL;
267 jtag_set_check_value(fields+0, &field0_check_value, &field0_check_mask, NULL);
269 fields[1].device = xscale->jtag_info.chain_pos;
270 fields[1].num_bits = 32;
271 fields[1].out_value = NULL;
272 fields[1].out_mask = NULL;
273 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
274 fields[1].in_handler = NULL;
275 fields[1].in_handler_priv = NULL;
276 fields[1].in_check_value = NULL;
277 fields[1].in_check_mask = NULL;
279 fields[2].device = xscale->jtag_info.chain_pos;
280 fields[2].num_bits = 1;
281 fields[2].out_value = &field2;
282 fields[2].out_mask = NULL;
283 fields[2].in_value = NULL;
284 jtag_set_check_value(fields+2, &field2_check_value, &field2_check_mask, NULL);
286 jtag_add_dr_scan(3, fields, -1);
288 if ((retval = jtag_execute_queue()) != ERROR_OK)
290 LOG_ERROR("JTAG error while reading DCSR");
294 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
295 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
297 /* write the register with the value we just read
298 * on this second pass, only the first bit of field0 is guaranteed to be 0)
300 field0_check_mask = 0x1;
301 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
302 fields[1].in_value = NULL;
304 jtag_add_end_state(TAP_RTI);
306 jtag_add_dr_scan(3, fields, -1);
308 /* DANGER!!! this must be here. It will make sure that the arguments
309 * to jtag_set_check_value() does not go out of scope! */
310 return jtag_execute_queue();
313 int xscale_receive(target_t *target, u32 *buffer, int num_words)
316 return ERROR_INVALID_ARGUMENTS;
319 armv4_5_common_t *armv4_5 = target->arch_info;
320 xscale_common_t *xscale = armv4_5->arch_info;
322 enum tap_state path[3];
323 scan_field_t fields[3];
325 u8 *field0 = malloc(num_words * 1);
326 u8 field0_check_value = 0x2;
327 u8 field0_check_mask = 0x6;
328 u32 *field1 = malloc(num_words * 4);
329 u8 field2_check_value = 0x0;
330 u8 field2_check_mask = 0x1;
332 int words_scheduled = 0;
340 fields[0].device = xscale->jtag_info.chain_pos;
341 fields[0].num_bits = 3;
342 fields[0].out_value = NULL;
343 fields[0].out_mask = NULL;
344 fields[0].in_value = NULL;
345 jtag_set_check_value(fields+0, &field0_check_value, &field0_check_mask, NULL);
347 fields[1].device = xscale->jtag_info.chain_pos;
348 fields[1].num_bits = 32;
349 fields[1].out_value = NULL;
350 fields[1].out_mask = NULL;
351 fields[1].in_value = NULL;
352 fields[1].in_handler = NULL;
353 fields[1].in_handler_priv = NULL;
354 fields[1].in_check_value = NULL;
355 fields[1].in_check_mask = NULL;
359 fields[2].device = xscale->jtag_info.chain_pos;
360 fields[2].num_bits = 1;
361 fields[2].out_value = NULL;
362 fields[2].out_mask = NULL;
363 fields[2].in_value = NULL;
364 jtag_set_check_value(fields+2, &field2_check_value, &field2_check_mask, NULL);
366 jtag_add_end_state(TAP_RTI);
367 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.dbgtx);
368 jtag_add_runtest(1, -1); /* ensures that we're in the TAP_RTI state as the above could be a no-op */
370 /* repeat until all words have been collected */
372 while (words_done < num_words)
376 for (i = words_done; i < num_words; i++)
378 fields[0].in_value = &field0[i];
379 fields[1].in_handler = buf_to_u32_handler;
380 fields[1].in_handler_priv = (u8*)&field1[i];
382 jtag_add_pathmove(3, path);
383 jtag_add_dr_scan(3, fields, TAP_RTI);
387 if ((retval = jtag_execute_queue()) != ERROR_OK)
389 LOG_ERROR("JTAG error while receiving data from debug handler");
393 /* examine results */
394 for (i = words_done; i < num_words; i++)
396 if (!(field0[0] & 1))
398 /* move backwards if necessary */
400 for (j = i; j < num_words - 1; j++)
402 field0[j] = field0[j+1];
403 field1[j] = field1[j+1];
408 if (words_scheduled==0)
410 if (attempts++==1000)
412 LOG_ERROR("Failed to receiving data from debug handler after 1000 attempts");
413 retval=ERROR_TARGET_TIMEOUT;
418 words_done += words_scheduled;
421 for (i = 0; i < num_words; i++)
422 *(buffer++) = buf_get_u32((u8*)&field1[i], 0, 32);
429 int xscale_read_tx(target_t *target, int consume)
431 armv4_5_common_t *armv4_5 = target->arch_info;
432 xscale_common_t *xscale = armv4_5->arch_info;
433 enum tap_state path[3];
434 enum tap_state noconsume_path[6];
437 struct timeval timeout, now;
439 scan_field_t fields[3];
441 u8 field0_check_value = 0x2;
442 u8 field0_check_mask = 0x6;
443 u8 field2_check_value = 0x0;
444 u8 field2_check_mask = 0x1;
446 jtag_add_end_state(TAP_RTI);
448 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.dbgtx);
454 noconsume_path[0] = TAP_SDS;
455 noconsume_path[1] = TAP_CD;
456 noconsume_path[2] = TAP_E1D;
457 noconsume_path[3] = TAP_PD;
458 noconsume_path[4] = TAP_E2D;
459 noconsume_path[5] = TAP_SD;
461 fields[0].device = xscale->jtag_info.chain_pos;
462 fields[0].num_bits = 3;
463 fields[0].out_value = NULL;
464 fields[0].out_mask = NULL;
465 fields[0].in_value = &field0_in;
466 jtag_set_check_value(fields+0, &field0_check_value, &field0_check_mask, NULL);
468 fields[1].device = xscale->jtag_info.chain_pos;
469 fields[1].num_bits = 32;
470 fields[1].out_value = NULL;
471 fields[1].out_mask = NULL;
472 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_TX].value;
473 fields[1].in_handler = NULL;
474 fields[1].in_handler_priv = NULL;
475 fields[1].in_check_value = NULL;
476 fields[1].in_check_mask = NULL;
480 fields[2].device = xscale->jtag_info.chain_pos;
481 fields[2].num_bits = 1;
482 fields[2].out_value = NULL;
483 fields[2].out_mask = NULL;
484 fields[2].in_value = NULL;
485 jtag_set_check_value(fields+2, &field2_check_value, &field2_check_mask, NULL);
487 gettimeofday(&timeout, NULL);
488 timeval_add_time(&timeout, 1, 0);
492 /* if we want to consume the register content (i.e. clear TX_READY),
493 * we have to go straight from Capture-DR to Shift-DR
494 * otherwise, we go from Capture-DR to Exit1-DR to Pause-DR
497 jtag_add_pathmove(3, path);
500 jtag_add_pathmove(sizeof(noconsume_path)/sizeof(*noconsume_path), noconsume_path);
503 jtag_add_dr_scan(3, fields, TAP_RTI);
505 if ((retval = jtag_execute_queue()) != ERROR_OK)
507 LOG_ERROR("JTAG error while reading TX");
508 return ERROR_TARGET_TIMEOUT;
511 gettimeofday(&now, NULL);
512 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
514 LOG_ERROR("time out reading TX register");
515 return ERROR_TARGET_TIMEOUT;
517 if (!((!(field0_in & 1)) && consume))
523 LOG_DEBUG("waiting 100ms");
524 alive_sleep(100); /* avoid flooding the logs */
532 if (!(field0_in & 1))
533 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
538 int xscale_write_rx(target_t *target)
540 armv4_5_common_t *armv4_5 = target->arch_info;
541 xscale_common_t *xscale = armv4_5->arch_info;
544 struct timeval timeout, now;
546 scan_field_t fields[3];
549 u8 field0_check_value = 0x2;
550 u8 field0_check_mask = 0x6;
552 u8 field2_check_value = 0x0;
553 u8 field2_check_mask = 0x1;
555 jtag_add_end_state(TAP_RTI);
557 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.dbgrx);
559 fields[0].device = xscale->jtag_info.chain_pos;
560 fields[0].num_bits = 3;
561 fields[0].out_value = &field0_out;
562 fields[0].out_mask = NULL;
563 fields[0].in_value = &field0_in;
564 jtag_set_check_value(fields+0, &field0_check_value, &field0_check_mask, NULL);
566 fields[1].device = xscale->jtag_info.chain_pos;
567 fields[1].num_bits = 32;
568 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_RX].value;
569 fields[1].out_mask = NULL;
570 fields[1].in_value = NULL;
571 fields[1].in_handler = NULL;
572 fields[1].in_handler_priv = NULL;
573 fields[1].in_check_value = NULL;
574 fields[1].in_check_mask = NULL;
578 fields[2].device = xscale->jtag_info.chain_pos;
579 fields[2].num_bits = 1;
580 fields[2].out_value = &field2;
581 fields[2].out_mask = NULL;
582 fields[2].in_value = NULL;
583 jtag_set_check_value(fields+2, &field2_check_value, &field2_check_mask, NULL);
585 gettimeofday(&timeout, NULL);
586 timeval_add_time(&timeout, 1, 0);
588 /* poll until rx_read is low */
589 LOG_DEBUG("polling RX");
592 jtag_add_dr_scan(3, fields, TAP_RTI);
594 if ((retval = jtag_execute_queue()) != ERROR_OK)
596 LOG_ERROR("JTAG error while writing RX");
600 gettimeofday(&now, NULL);
601 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
603 LOG_ERROR("time out writing RX register");
604 return ERROR_TARGET_TIMEOUT;
606 if (!(field0_in & 1))
610 LOG_DEBUG("waiting 100ms");
611 alive_sleep(100); /* avoid flooding the logs */
621 jtag_add_dr_scan(3, fields, TAP_RTI);
623 if ((retval = jtag_execute_queue()) != ERROR_OK)
625 LOG_ERROR("JTAG error while writing RX");
632 /* send count elements of size byte to the debug handler */
633 int xscale_send(target_t *target, u8 *buffer, int count, int size)
635 armv4_5_common_t *armv4_5 = target->arch_info;
636 xscale_common_t *xscale = armv4_5->arch_info;
644 jtag_add_end_state(TAP_RTI);
646 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.dbgrx);
653 int endianness = target->endianness;
654 while (done_count++ < count)
659 if (endianness == TARGET_LITTLE_ENDIAN)
661 t[1]=le_to_h_u32(buffer);
664 t[1]=be_to_h_u32(buffer);
668 if (endianness == TARGET_LITTLE_ENDIAN)
670 t[1]=le_to_h_u16(buffer);
673 t[1]=be_to_h_u16(buffer);
680 LOG_ERROR("BUG: size neither 4, 2 nor 1");
683 jtag_add_dr_out(xscale->jtag_info.chain_pos,
691 if ((retval = jtag_execute_queue()) != ERROR_OK)
693 LOG_ERROR("JTAG error while sending data to debug handler");
700 int xscale_send_u32(target_t *target, u32 value)
702 armv4_5_common_t *armv4_5 = target->arch_info;
703 xscale_common_t *xscale = armv4_5->arch_info;
705 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
706 return xscale_write_rx(target);
709 int xscale_write_dcsr(target_t *target, int hold_rst, int ext_dbg_brk)
711 armv4_5_common_t *armv4_5 = target->arch_info;
712 xscale_common_t *xscale = armv4_5->arch_info;
716 scan_field_t fields[3];
718 u8 field0_check_value = 0x2;
719 u8 field0_check_mask = 0x7;
721 u8 field2_check_value = 0x0;
722 u8 field2_check_mask = 0x1;
725 xscale->hold_rst = hold_rst;
727 if (ext_dbg_brk != -1)
728 xscale->external_debug_break = ext_dbg_brk;
730 jtag_add_end_state(TAP_RTI);
731 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.dcsr);
733 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
734 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
736 fields[0].device = xscale->jtag_info.chain_pos;
737 fields[0].num_bits = 3;
738 fields[0].out_value = &field0;
739 fields[0].out_mask = NULL;
740 fields[0].in_value = NULL;
741 jtag_set_check_value(fields+0, &field0_check_value, &field0_check_mask, NULL);
743 fields[1].device = xscale->jtag_info.chain_pos;
744 fields[1].num_bits = 32;
745 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
746 fields[1].out_mask = NULL;
747 fields[1].in_value = NULL;
748 fields[1].in_handler = NULL;
749 fields[1].in_handler_priv = NULL;
750 fields[1].in_check_value = NULL;
751 fields[1].in_check_mask = NULL;
755 fields[2].device = xscale->jtag_info.chain_pos;
756 fields[2].num_bits = 1;
757 fields[2].out_value = &field2;
758 fields[2].out_mask = NULL;
759 fields[2].in_value = NULL;
760 jtag_set_check_value(fields+2, &field2_check_value, &field2_check_mask, NULL);
762 jtag_add_dr_scan(3, fields, -1);
764 if ((retval = jtag_execute_queue()) != ERROR_OK)
766 LOG_ERROR("JTAG error while writing DCSR");
770 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
771 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
776 /* parity of the number of bits 0 if even; 1 if odd. for 32 bit words */
777 unsigned int parity (unsigned int v)
784 LOG_DEBUG("parity of 0x%x is %i", ov, (0x6996 >> v) & 1);
785 return (0x6996 >> v) & 1;
788 int xscale_load_ic(target_t *target, int mini, u32 va, u32 buffer[8])
790 armv4_5_common_t *armv4_5 = target->arch_info;
791 xscale_common_t *xscale = armv4_5->arch_info;
796 scan_field_t fields[2];
798 LOG_DEBUG("loading miniIC at 0x%8.8x", va);
800 jtag_add_end_state(TAP_RTI);
801 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.ldic); /* LDIC */
803 /* CMD is b010 for Main IC and b011 for Mini IC */
805 buf_set_u32(&cmd, 0, 3, 0x3);
807 buf_set_u32(&cmd, 0, 3, 0x2);
809 buf_set_u32(&cmd, 3, 3, 0x0);
811 /* virtual address of desired cache line */
812 buf_set_u32(packet, 0, 27, va >> 5);
814 fields[0].device = xscale->jtag_info.chain_pos;
815 fields[0].num_bits = 6;
816 fields[0].out_value = &cmd;
817 fields[0].out_mask = NULL;
818 fields[0].in_value = NULL;
819 fields[0].in_check_value = NULL;
820 fields[0].in_check_mask = NULL;
821 fields[0].in_handler = NULL;
822 fields[0].in_handler_priv = NULL;
824 fields[1].device = xscale->jtag_info.chain_pos;
825 fields[1].num_bits = 27;
826 fields[1].out_value = packet;
827 fields[1].out_mask = NULL;
828 fields[1].in_value = NULL;
829 fields[1].in_check_value = NULL;
830 fields[1].in_check_mask = NULL;
831 fields[1].in_handler = NULL;
832 fields[1].in_handler_priv = NULL;
834 jtag_add_dr_scan(2, fields, -1);
836 fields[0].num_bits = 32;
837 fields[0].out_value = packet;
839 fields[1].num_bits = 1;
840 fields[1].out_value = &cmd;
842 for (word = 0; word < 8; word++)
844 buf_set_u32(packet, 0, 32, buffer[word]);
845 cmd = parity(*((u32*)packet));
846 jtag_add_dr_scan(2, fields, -1);
849 jtag_execute_queue();
854 int xscale_invalidate_ic_line(target_t *target, u32 va)
856 armv4_5_common_t *armv4_5 = target->arch_info;
857 xscale_common_t *xscale = armv4_5->arch_info;
861 scan_field_t fields[2];
863 jtag_add_end_state(TAP_RTI);
864 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.ldic); /* LDIC */
866 /* CMD for invalidate IC line b000, bits [6:4] b000 */
867 buf_set_u32(&cmd, 0, 6, 0x0);
869 /* virtual address of desired cache line */
870 buf_set_u32(packet, 0, 27, va >> 5);
872 fields[0].device = xscale->jtag_info.chain_pos;
873 fields[0].num_bits = 6;
874 fields[0].out_value = &cmd;
875 fields[0].out_mask = NULL;
876 fields[0].in_value = NULL;
877 fields[0].in_check_value = NULL;
878 fields[0].in_check_mask = NULL;
879 fields[0].in_handler = NULL;
880 fields[0].in_handler_priv = NULL;
882 fields[1].device = xscale->jtag_info.chain_pos;
883 fields[1].num_bits = 27;
884 fields[1].out_value = packet;
885 fields[1].out_mask = NULL;
886 fields[1].in_value = NULL;
887 fields[1].in_check_value = NULL;
888 fields[1].in_check_mask = NULL;
889 fields[1].in_handler = NULL;
890 fields[1].in_handler_priv = NULL;
892 jtag_add_dr_scan(2, fields, -1);
897 int xscale_update_vectors(target_t *target)
899 armv4_5_common_t *armv4_5 = target->arch_info;
900 xscale_common_t *xscale = armv4_5->arch_info;
904 u32 low_reset_branch, high_reset_branch;
906 for (i = 1; i < 8; i++)
908 /* if there's a static vector specified for this exception, override */
909 if (xscale->static_high_vectors_set & (1 << i))
911 xscale->high_vectors[i] = xscale->static_high_vectors[i];
915 retval=target_read_u32(target, 0xffff0000 + 4*i, &xscale->high_vectors[i]);
916 if (retval == ERROR_TARGET_TIMEOUT)
918 if (retval!=ERROR_OK)
920 /* Some of these reads will fail as part of normal execution */
921 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
926 for (i = 1; i < 8; i++)
928 if (xscale->static_low_vectors_set & (1 << i))
930 xscale->low_vectors[i] = xscale->static_low_vectors[i];
934 retval=target_read_u32(target, 0x0 + 4*i, &xscale->low_vectors[i]);
935 if (retval == ERROR_TARGET_TIMEOUT)
937 if (retval!=ERROR_OK)
939 /* Some of these reads will fail as part of normal execution */
940 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
945 /* calculate branches to debug handler */
946 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
947 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
949 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
950 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
952 /* invalidate and load exception vectors in mini i-cache */
953 xscale_invalidate_ic_line(target, 0x0);
954 xscale_invalidate_ic_line(target, 0xffff0000);
956 xscale_load_ic(target, 1, 0x0, xscale->low_vectors);
957 xscale_load_ic(target, 1, 0xffff0000, xscale->high_vectors);
962 int xscale_arch_state(struct target_s *target)
964 armv4_5_common_t *armv4_5 = target->arch_info;
965 xscale_common_t *xscale = armv4_5->arch_info;
969 "disabled", "enabled"
972 char *arch_dbg_reason[] =
974 "", "\n(processor reset)", "\n(trace buffer full)"
977 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
979 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
983 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
984 "cpsr: 0x%8.8x pc: 0x%8.8x\n"
985 "MMU: %s, D-Cache: %s, I-Cache: %s"
987 armv4_5_state_strings[armv4_5->core_state],
988 Jim_Nvp_value2name_simple( nvp_target_debug_reason, target->debug_reason )->name ,
989 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
990 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
991 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
992 state[xscale->armv4_5_mmu.mmu_enabled],
993 state[xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
994 state[xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled],
995 arch_dbg_reason[xscale->arch_debug_reason]);
1000 int xscale_poll(target_t *target)
1002 int retval=ERROR_OK;
1003 armv4_5_common_t *armv4_5 = target->arch_info;
1004 xscale_common_t *xscale = armv4_5->arch_info;
1006 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_DEBUG_RUNNING))
1008 enum target_state previous_state = target->state;
1009 if ((retval = xscale_read_tx(target, 0)) == ERROR_OK)
1012 /* there's data to read from the tx register, we entered debug state */
1013 xscale->handler_running = 1;
1015 target->state = TARGET_HALTED;
1017 /* process debug entry, fetching current mode regs */
1018 retval = xscale_debug_entry(target);
1020 else if (retval != ERROR_TARGET_RESOURCE_NOT_AVAILABLE)
1022 LOG_USER("error while polling TX register, reset CPU");
1023 /* here we "lie" so GDB won't get stuck and a reset can be perfomed */
1024 target->state = TARGET_HALTED;
1027 /* debug_entry could have overwritten target state (i.e. immediate resume)
1028 * don't signal event handlers in that case
1030 if (target->state != TARGET_HALTED)
1033 /* if target was running, signal that we halted
1034 * otherwise we reentered from debug execution */
1035 if (previous_state == TARGET_RUNNING)
1036 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1038 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
1044 int xscale_debug_entry(target_t *target)
1046 armv4_5_common_t *armv4_5 = target->arch_info;
1047 xscale_common_t *xscale = armv4_5->arch_info;
1055 /* clear external dbg break (will be written on next DCSR read) */
1056 xscale->external_debug_break = 0;
1057 if ((retval=xscale_read_dcsr(target))!=ERROR_OK)
1060 /* get r0, pc, r1 to r7 and cpsr */
1061 if ((retval=xscale_receive(target, buffer, 10))!=ERROR_OK)
1064 /* move r0 from buffer to register cache */
1065 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, buffer[0]);
1066 armv4_5->core_cache->reg_list[15].dirty = 1;
1067 armv4_5->core_cache->reg_list[15].valid = 1;
1068 LOG_DEBUG("r0: 0x%8.8x", buffer[0]);
1070 /* move pc from buffer to register cache */
1071 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, buffer[1]);
1072 armv4_5->core_cache->reg_list[15].dirty = 1;
1073 armv4_5->core_cache->reg_list[15].valid = 1;
1074 LOG_DEBUG("pc: 0x%8.8x", buffer[1]);
1076 /* move data from buffer to register cache */
1077 for (i = 1; i <= 7; i++)
1079 buf_set_u32(armv4_5->core_cache->reg_list[i].value, 0, 32, buffer[1 + i]);
1080 armv4_5->core_cache->reg_list[i].dirty = 1;
1081 armv4_5->core_cache->reg_list[i].valid = 1;
1082 LOG_DEBUG("r%i: 0x%8.8x", i, buffer[i + 1]);
1085 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, buffer[9]);
1086 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
1087 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
1088 LOG_DEBUG("cpsr: 0x%8.8x", buffer[9]);
1090 armv4_5->core_mode = buffer[9] & 0x1f;
1091 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
1093 target->state = TARGET_UNKNOWN;
1094 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1095 return ERROR_TARGET_FAILURE;
1097 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
1099 if (buffer[9] & 0x20)
1100 armv4_5->core_state = ARMV4_5_STATE_THUMB;
1102 armv4_5->core_state = ARMV4_5_STATE_ARM;
1105 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1108 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1109 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
1111 xscale_receive(target, buffer, 8);
1112 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1113 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1114 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1118 /* r8 to r14, but no spsr */
1119 xscale_receive(target, buffer, 7);
1122 /* move data from buffer to register cache */
1123 for (i = 8; i <= 14; i++)
1125 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, buffer[i - 8]);
1126 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1127 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1130 /* examine debug reason */
1131 xscale_read_dcsr(target);
1132 moe = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 2, 3);
1134 /* stored PC (for calculating fixup) */
1135 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1139 case 0x0: /* Processor reset */
1140 target->debug_reason = DBG_REASON_DBGRQ;
1141 xscale->arch_debug_reason = XSCALE_DBG_REASON_RESET;
1144 case 0x1: /* Instruction breakpoint hit */
1145 target->debug_reason = DBG_REASON_BREAKPOINT;
1146 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1149 case 0x2: /* Data breakpoint hit */
1150 target->debug_reason = DBG_REASON_WATCHPOINT;
1151 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1154 case 0x3: /* BKPT instruction executed */
1155 target->debug_reason = DBG_REASON_BREAKPOINT;
1156 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1159 case 0x4: /* Ext. debug event */
1160 target->debug_reason = DBG_REASON_DBGRQ;
1161 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1164 case 0x5: /* Vector trap occured */
1165 target->debug_reason = DBG_REASON_BREAKPOINT;
1166 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1169 case 0x6: /* Trace buffer full break */
1170 target->debug_reason = DBG_REASON_DBGRQ;
1171 xscale->arch_debug_reason = XSCALE_DBG_REASON_TB_FULL;
1174 case 0x7: /* Reserved */
1176 LOG_ERROR("Method of Entry is 'Reserved'");
1181 /* apply PC fixup */
1182 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
1184 /* on the first debug entry, identify cache type */
1185 if (xscale->armv4_5_mmu.armv4_5_cache.ctype == -1)
1189 /* read cp15 cache type register */
1190 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CACHETYPE]);
1191 cache_type_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CACHETYPE].value, 0, 32);
1193 armv4_5_identify_cache(cache_type_reg, &xscale->armv4_5_mmu.armv4_5_cache);
1196 /* examine MMU and Cache settings */
1197 /* read cp15 control register */
1198 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
1199 xscale->cp15_control_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
1200 xscale->armv4_5_mmu.mmu_enabled = (xscale->cp15_control_reg & 0x1U) ? 1 : 0;
1201 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (xscale->cp15_control_reg & 0x4U) ? 1 : 0;
1202 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (xscale->cp15_control_reg & 0x1000U) ? 1 : 0;
1204 /* tracing enabled, read collected trace data */
1205 if (xscale->trace.buffer_enabled)
1207 xscale_read_trace(target);
1208 xscale->trace.buffer_fill--;
1210 /* resume if we're still collecting trace data */
1211 if ((xscale->arch_debug_reason == XSCALE_DBG_REASON_TB_FULL)
1212 && (xscale->trace.buffer_fill > 0))
1214 xscale_resume(target, 1, 0x0, 1, 0);
1218 xscale->trace.buffer_enabled = 0;
1225 int xscale_halt(target_t *target)
1227 armv4_5_common_t *armv4_5 = target->arch_info;
1228 xscale_common_t *xscale = armv4_5->arch_info;
1230 LOG_DEBUG("target->state: %s",
1231 Jim_Nvp_value2name_simple( nvp_target_state, target->state )->name);
1233 if (target->state == TARGET_HALTED)
1235 LOG_DEBUG("target was already halted");
1238 else if (target->state == TARGET_UNKNOWN)
1240 /* this must not happen for a xscale target */
1241 LOG_ERROR("target was in unknown state when halt was requested");
1242 return ERROR_TARGET_INVALID;
1244 else if (target->state == TARGET_RESET)
1246 LOG_DEBUG("target->state == TARGET_RESET");
1250 /* assert external dbg break */
1251 xscale->external_debug_break = 1;
1252 xscale_read_dcsr(target);
1254 target->debug_reason = DBG_REASON_DBGRQ;
1260 int xscale_enable_single_step(struct target_s *target, u32 next_pc)
1262 armv4_5_common_t *armv4_5 = target->arch_info;
1263 xscale_common_t *xscale= armv4_5->arch_info;
1264 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1267 if (xscale->ibcr0_used)
1269 breakpoint_t *ibcr0_bp = breakpoint_find(target, buf_get_u32(ibcr0->value, 0, 32) & 0xfffffffe);
1273 xscale_unset_breakpoint(target, ibcr0_bp);
1277 LOG_ERROR("BUG: xscale->ibcr0_used is set, but no breakpoint with that address found");
1282 if ((retval=xscale_set_reg_u32(ibcr0, next_pc | 0x1))!=ERROR_OK)
1288 int xscale_disable_single_step(struct target_s *target)
1290 armv4_5_common_t *armv4_5 = target->arch_info;
1291 xscale_common_t *xscale= armv4_5->arch_info;
1292 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1295 if ((retval=xscale_set_reg_u32(ibcr0, 0x0))!=ERROR_OK)
1301 int xscale_resume(struct target_s *target, int current, u32 address, int handle_breakpoints, int debug_execution)
1303 armv4_5_common_t *armv4_5 = target->arch_info;
1304 xscale_common_t *xscale= armv4_5->arch_info;
1305 breakpoint_t *breakpoint = target->breakpoints;
1314 if (target->state != TARGET_HALTED)
1316 LOG_WARNING("target not halted");
1317 return ERROR_TARGET_NOT_HALTED;
1320 if (!debug_execution)
1322 target_free_all_working_areas(target);
1325 /* update vector tables */
1326 if ((retval=xscale_update_vectors(target))!=ERROR_OK)
1329 /* current = 1: continue on current pc, otherwise continue at <address> */
1331 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1333 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1335 /* if we're at the reset vector, we have to simulate the branch */
1336 if (current_pc == 0x0)
1338 arm_simulate_step(target, NULL);
1339 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1342 /* the front-end may request us not to handle breakpoints */
1343 if (handle_breakpoints)
1345 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1349 /* there's a breakpoint at the current PC, we have to step over it */
1350 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
1351 xscale_unset_breakpoint(target, breakpoint);
1353 /* calculate PC of next instruction */
1354 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1357 target_read_u32(target, current_pc, ¤t_opcode);
1358 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8x", current_opcode);
1361 LOG_DEBUG("enable single-step");
1362 xscale_enable_single_step(target, next_pc);
1364 /* restore banked registers */
1365 xscale_restore_context(target);
1367 /* send resume request (command 0x30 or 0x31)
1368 * clean the trace buffer if it is to be enabled (0x62) */
1369 if (xscale->trace.buffer_enabled)
1371 xscale_send_u32(target, 0x62);
1372 xscale_send_u32(target, 0x31);
1375 xscale_send_u32(target, 0x30);
1378 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1379 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1381 for (i = 7; i >= 0; i--)
1384 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1385 LOG_DEBUG("writing r%i with value 0x%8.8x", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1389 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1390 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1392 /* wait for and process debug entry */
1393 xscale_debug_entry(target);
1395 LOG_DEBUG("disable single-step");
1396 xscale_disable_single_step(target);
1398 LOG_DEBUG("set breakpoint at 0x%8.8x", breakpoint->address);
1399 xscale_set_breakpoint(target, breakpoint);
1403 /* enable any pending breakpoints and watchpoints */
1404 xscale_enable_breakpoints(target);
1405 xscale_enable_watchpoints(target);
1407 /* restore banked registers */
1408 xscale_restore_context(target);
1410 /* send resume request (command 0x30 or 0x31)
1411 * clean the trace buffer if it is to be enabled (0x62) */
1412 if (xscale->trace.buffer_enabled)
1414 xscale_send_u32(target, 0x62);
1415 xscale_send_u32(target, 0x31);
1418 xscale_send_u32(target, 0x30);
1421 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1422 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1424 for (i = 7; i >= 0; i--)
1427 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1428 LOG_DEBUG("writing r%i with value 0x%8.8x", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1432 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1433 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1435 target->debug_reason = DBG_REASON_NOTHALTED;
1437 if (!debug_execution)
1439 /* registers are now invalid */
1440 armv4_5_invalidate_core_regs(target);
1441 target->state = TARGET_RUNNING;
1442 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1446 target->state = TARGET_DEBUG_RUNNING;
1447 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1450 LOG_DEBUG("target resumed");
1452 xscale->handler_running = 1;
1457 static int xscale_step_inner(struct target_s *target, int current, u32 address, int handle_breakpoints)
1459 armv4_5_common_t *armv4_5 = target->arch_info;
1460 xscale_common_t *xscale = armv4_5->arch_info;
1462 u32 current_pc, next_pc;
1467 target->debug_reason = DBG_REASON_SINGLESTEP;
1469 /* calculate PC of next instruction */
1470 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1473 target_read_u32(target, current_pc, ¤t_opcode);
1474 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8x", current_opcode);
1478 LOG_DEBUG("enable single-step");
1479 if ((retval=xscale_enable_single_step(target, next_pc))!=ERROR_OK)
1482 /* restore banked registers */
1483 if ((retval=xscale_restore_context(target))!=ERROR_OK)
1486 /* send resume request (command 0x30 or 0x31)
1487 * clean the trace buffer if it is to be enabled (0x62) */
1488 if (xscale->trace.buffer_enabled)
1490 if ((retval=xscale_send_u32(target, 0x62))!=ERROR_OK)
1492 if ((retval=xscale_send_u32(target, 0x31))!=ERROR_OK)
1496 if ((retval=xscale_send_u32(target, 0x30))!=ERROR_OK)
1500 if ((retval=xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32)))!=ERROR_OK)
1502 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1504 for (i = 7; i >= 0; i--)
1507 if ((retval=xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32)))!=ERROR_OK)
1509 LOG_DEBUG("writing r%i with value 0x%8.8x", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1513 if ((retval=xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32)))!=ERROR_OK)
1515 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1517 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1519 /* registers are now invalid */
1520 if ((retval=armv4_5_invalidate_core_regs(target))!=ERROR_OK)
1523 /* wait for and process debug entry */
1524 if ((retval=xscale_debug_entry(target))!=ERROR_OK)
1527 LOG_DEBUG("disable single-step");
1528 if ((retval=xscale_disable_single_step(target))!=ERROR_OK)
1531 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1536 int xscale_step(struct target_s *target, int current, u32 address, int handle_breakpoints)
1538 armv4_5_common_t *armv4_5 = target->arch_info;
1539 breakpoint_t *breakpoint = target->breakpoints;
1544 if (target->state != TARGET_HALTED)
1546 LOG_WARNING("target not halted");
1547 return ERROR_TARGET_NOT_HALTED;
1550 /* current = 1: continue on current pc, otherwise continue at <address> */
1552 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1554 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1556 /* if we're at the reset vector, we have to simulate the step */
1557 if (current_pc == 0x0)
1559 if ((retval=arm_simulate_step(target, NULL))!=ERROR_OK)
1561 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1563 target->debug_reason = DBG_REASON_SINGLESTEP;
1564 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1569 /* the front-end may request us not to handle breakpoints */
1570 if (handle_breakpoints)
1571 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1573 if ((retval=xscale_unset_breakpoint(target, breakpoint))!=ERROR_OK)
1577 retval = xscale_step_inner(target, current, address, handle_breakpoints);
1581 xscale_set_breakpoint(target, breakpoint);
1584 LOG_DEBUG("target stepped");
1590 int xscale_assert_reset(target_t *target)
1592 armv4_5_common_t *armv4_5 = target->arch_info;
1593 xscale_common_t *xscale = armv4_5->arch_info;
1595 LOG_DEBUG("target->state: %s",
1596 Jim_Nvp_value2name_simple( nvp_target_state, target->state )->name);
1598 /* select DCSR instruction (set endstate to R-T-I to ensure we don't
1599 * end up in T-L-R, which would reset JTAG
1601 jtag_add_end_state(TAP_RTI);
1602 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, xscale->jtag_info.dcsr);
1604 /* set Hold reset, Halt mode and Trap Reset */
1605 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1606 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1607 xscale_write_dcsr(target, 1, 0);
1609 /* select BYPASS, because having DCSR selected caused problems on the PXA27x */
1610 xscale_jtag_set_instr(xscale->jtag_info.chain_pos, 0x7f);
1611 jtag_execute_queue();
1614 jtag_add_reset(0, 1);
1616 /* sleep 1ms, to be sure we fulfill any requirements */
1617 jtag_add_sleep(1000);
1618 jtag_execute_queue();
1620 target->state = TARGET_RESET;
1622 if (target->reset_halt)
1625 if ((retval = target_halt(target))!=ERROR_OK)
1632 int xscale_deassert_reset(target_t *target)
1634 armv4_5_common_t *armv4_5 = target->arch_info;
1635 xscale_common_t *xscale = armv4_5->arch_info;
1637 fileio_t debug_handler;
1645 breakpoint_t *breakpoint = target->breakpoints;
1649 xscale->ibcr_available = 2;
1650 xscale->ibcr0_used = 0;
1651 xscale->ibcr1_used = 0;
1653 xscale->dbr_available = 2;
1654 xscale->dbr0_used = 0;
1655 xscale->dbr1_used = 0;
1657 /* mark all hardware breakpoints as unset */
1660 if (breakpoint->type == BKPT_HARD)
1662 breakpoint->set = 0;
1664 breakpoint = breakpoint->next;
1667 if (!xscale->handler_installed)
1670 jtag_add_reset(0, 0);
1672 /* wait 300ms; 150 and 100ms were not enough */
1673 jtag_add_sleep(300*1000);
1675 jtag_add_runtest(2030, TAP_RTI);
1676 jtag_execute_queue();
1678 /* set Hold reset, Halt mode and Trap Reset */
1679 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1680 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1681 xscale_write_dcsr(target, 1, 0);
1683 /* Load debug handler */
1684 if (fileio_open(&debug_handler, "xscale/debug_handler.bin", FILEIO_READ, FILEIO_BINARY) != ERROR_OK)
1689 if ((binary_size = debug_handler.size) % 4)
1691 LOG_ERROR("debug_handler.bin: size not a multiple of 4");
1695 if (binary_size > 0x800)
1697 LOG_ERROR("debug_handler.bin: larger than 2kb");
1701 binary_size = CEIL(binary_size, 32) * 32;
1703 address = xscale->handler_address;
1704 while (binary_size > 0)
1709 if ((retval = fileio_read(&debug_handler, 32, buffer, &buf_cnt)) != ERROR_OK)
1714 for (i = 0; i < buf_cnt; i += 4)
1716 /* convert LE buffer to host-endian u32 */
1717 cache_line[i / 4] = le_to_h_u32(&buffer[i]);
1720 for (; buf_cnt < 32; buf_cnt += 4)
1722 cache_line[buf_cnt / 4] = 0xe1a08008;
1725 /* only load addresses other than the reset vectors */
1726 if ((address % 0x400) != 0x0)
1728 xscale_load_ic(target, 1, address, cache_line);
1732 binary_size -= buf_cnt;
1735 xscale_load_ic(target, 1, 0x0, xscale->low_vectors);
1736 xscale_load_ic(target, 1, 0xffff0000, xscale->high_vectors);
1738 jtag_add_runtest(30, TAP_RTI);
1740 jtag_add_sleep(100000);
1742 /* set Hold reset, Halt mode and Trap Reset */
1743 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1744 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1745 xscale_write_dcsr(target, 1, 0);
1747 /* clear Hold reset to let the target run (should enter debug handler) */
1748 xscale_write_dcsr(target, 0, 1);
1749 target->state = TARGET_RUNNING;
1751 if (!target->reset_halt)
1753 jtag_add_sleep(10000);
1755 /* we should have entered debug now */
1756 xscale_debug_entry(target);
1757 target->state = TARGET_HALTED;
1759 /* resume the target */
1760 xscale_resume(target, 1, 0x0, 1, 0);
1763 fileio_close(&debug_handler);
1767 jtag_add_reset(0, 0);
1774 int xscale_soft_reset_halt(struct target_s *target)
1780 int xscale_read_core_reg(struct target_s *target, int num, enum armv4_5_mode mode)
1786 int xscale_write_core_reg(struct target_s *target, int num, enum armv4_5_mode mode, u32 value)
1792 int xscale_full_context(target_t *target)
1794 armv4_5_common_t *armv4_5 = target->arch_info;
1802 if (target->state != TARGET_HALTED)
1804 LOG_WARNING("target not halted");
1805 return ERROR_TARGET_NOT_HALTED;
1808 buffer = malloc(4 * 8);
1810 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1811 * we can't enter User mode on an XScale (unpredictable),
1812 * but User shares registers with SYS
1814 for(i = 1; i < 7; i++)
1818 /* check if there are invalid registers in the current mode
1820 for (j = 0; j <= 16; j++)
1822 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1830 /* request banked registers */
1831 xscale_send_u32(target, 0x0);
1834 tmp_cpsr |= armv4_5_number_to_mode(i);
1835 tmp_cpsr |= 0xc0; /* I/F bits */
1837 /* send CPSR for desired mode */
1838 xscale_send_u32(target, tmp_cpsr);
1840 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1841 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1843 xscale_receive(target, buffer, 8);
1844 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1845 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1846 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1850 xscale_receive(target, buffer, 7);
1853 /* move data from buffer to register cache */
1854 for (j = 8; j <= 14; j++)
1856 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value, 0, 32, buffer[j - 8]);
1857 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1858 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1868 int xscale_restore_context(target_t *target)
1870 armv4_5_common_t *armv4_5 = target->arch_info;
1876 if (target->state != TARGET_HALTED)
1878 LOG_WARNING("target not halted");
1879 return ERROR_TARGET_NOT_HALTED;
1882 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1883 * we can't enter User mode on an XScale (unpredictable),
1884 * but User shares registers with SYS
1886 for(i = 1; i < 7; i++)
1890 /* check if there are invalid registers in the current mode
1892 for (j = 8; j <= 14; j++)
1894 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty == 1)
1898 /* if not USR/SYS, check if the SPSR needs to be written */
1899 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1901 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty == 1)
1909 /* send banked registers */
1910 xscale_send_u32(target, 0x1);
1913 tmp_cpsr |= armv4_5_number_to_mode(i);
1914 tmp_cpsr |= 0xc0; /* I/F bits */
1916 /* send CPSR for desired mode */
1917 xscale_send_u32(target, tmp_cpsr);
1919 /* send banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1920 for (j = 8; j <= 14; j++)
1922 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, j).value, 0, 32));
1923 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1926 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1928 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32));
1929 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1937 int xscale_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1939 armv4_5_common_t *armv4_5 = target->arch_info;
1940 xscale_common_t *xscale = armv4_5->arch_info;
1945 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
1947 if (target->state != TARGET_HALTED)
1949 LOG_WARNING("target not halted");
1950 return ERROR_TARGET_NOT_HALTED;
1953 /* sanitize arguments */
1954 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1955 return ERROR_INVALID_ARGUMENTS;
1957 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1958 return ERROR_TARGET_UNALIGNED_ACCESS;
1960 /* send memory read request (command 0x1n, n: access size) */
1961 if ((retval=xscale_send_u32(target, 0x10 | size))!=ERROR_OK)
1964 /* send base address for read request */
1965 if ((retval=xscale_send_u32(target, address))!=ERROR_OK)
1968 /* send number of requested data words */
1969 if ((retval=xscale_send_u32(target, count))!=ERROR_OK)
1972 /* receive data from target (count times 32-bit words in host endianness) */
1973 buf32 = malloc(4 * count);
1974 if ((retval=xscale_receive(target, buf32, count))!=ERROR_OK)
1977 /* extract data from host-endian buffer into byte stream */
1978 for (i = 0; i < count; i++)
1983 target_buffer_set_u32(target, buffer, buf32[i]);
1987 target_buffer_set_u16(target, buffer, buf32[i] & 0xffff);
1991 *buffer++ = buf32[i] & 0xff;
1994 LOG_ERROR("should never get here");
2001 /* examine DCSR, to see if Sticky Abort (SA) got set */
2002 if ((retval=xscale_read_dcsr(target))!=ERROR_OK)
2004 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
2007 if ((retval=xscale_send_u32(target, 0x60))!=ERROR_OK)
2010 return ERROR_TARGET_DATA_ABORT;
2016 int xscale_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
2018 armv4_5_common_t *armv4_5 = target->arch_info;
2019 xscale_common_t *xscale = armv4_5->arch_info;
2022 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
2024 if (target->state != TARGET_HALTED)
2026 LOG_WARNING("target not halted");
2027 return ERROR_TARGET_NOT_HALTED;
2030 /* sanitize arguments */
2031 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2032 return ERROR_INVALID_ARGUMENTS;
2034 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2035 return ERROR_TARGET_UNALIGNED_ACCESS;
2037 /* send memory write request (command 0x2n, n: access size) */
2038 if ((retval=xscale_send_u32(target, 0x20 | size))!=ERROR_OK)
2041 /* send base address for read request */
2042 if ((retval=xscale_send_u32(target, address))!=ERROR_OK)
2045 /* send number of requested data words to be written*/
2046 if ((retval=xscale_send_u32(target, count))!=ERROR_OK)
2049 /* extract data from host-endian buffer into byte stream */
2051 for (i = 0; i < count; i++)
2056 value = target_buffer_get_u32(target, buffer);
2057 xscale_send_u32(target, value);
2061 value = target_buffer_get_u16(target, buffer);
2062 xscale_send_u32(target, value);
2067 xscale_send_u32(target, value);
2071 LOG_ERROR("should never get here");
2076 if ((retval=xscale_send(target, buffer, count, size))!=ERROR_OK)
2079 /* examine DCSR, to see if Sticky Abort (SA) got set */
2080 if ((retval=xscale_read_dcsr(target))!=ERROR_OK)
2082 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
2085 if ((retval=xscale_send_u32(target, 0x60))!=ERROR_OK)
2088 return ERROR_TARGET_DATA_ABORT;
2094 int xscale_bulk_write_memory(target_t *target, u32 address, u32 count, u8 *buffer)
2096 return xscale_write_memory(target, address, 4, count, buffer);
2099 u32 xscale_get_ttb(target_t *target)
2101 armv4_5_common_t *armv4_5 = target->arch_info;
2102 xscale_common_t *xscale = armv4_5->arch_info;
2105 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_TTB]);
2106 ttb = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_TTB].value, 0, 32);
2111 void xscale_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
2113 armv4_5_common_t *armv4_5 = target->arch_info;
2114 xscale_common_t *xscale = armv4_5->arch_info;
2117 /* read cp15 control register */
2118 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2119 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2122 cp15_control &= ~0x1U;
2127 xscale_send_u32(target, 0x50);
2128 xscale_send_u32(target, xscale->cache_clean_address);
2130 /* invalidate DCache */
2131 xscale_send_u32(target, 0x51);
2133 cp15_control &= ~0x4U;
2138 /* invalidate ICache */
2139 xscale_send_u32(target, 0x52);
2140 cp15_control &= ~0x1000U;
2143 /* write new cp15 control register */
2144 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2146 /* execute cpwait to ensure outstanding operations complete */
2147 xscale_send_u32(target, 0x53);
2150 void xscale_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
2152 armv4_5_common_t *armv4_5 = target->arch_info;
2153 xscale_common_t *xscale = armv4_5->arch_info;
2156 /* read cp15 control register */
2157 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2158 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2161 cp15_control |= 0x1U;
2164 cp15_control |= 0x4U;
2167 cp15_control |= 0x1000U;
2169 /* write new cp15 control register */
2170 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2172 /* execute cpwait to ensure outstanding operations complete */
2173 xscale_send_u32(target, 0x53);
2176 int xscale_set_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2179 armv4_5_common_t *armv4_5 = target->arch_info;
2180 xscale_common_t *xscale = armv4_5->arch_info;
2182 if (target->state != TARGET_HALTED)
2184 LOG_WARNING("target not halted");
2185 return ERROR_TARGET_NOT_HALTED;
2188 if (breakpoint->set)
2190 LOG_WARNING("breakpoint already set");
2194 if (breakpoint->type == BKPT_HARD)
2196 u32 value = breakpoint->address | 1;
2197 if (!xscale->ibcr0_used)
2199 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], value);
2200 xscale->ibcr0_used = 1;
2201 breakpoint->set = 1; /* breakpoint set on first breakpoint register */
2203 else if (!xscale->ibcr1_used)
2205 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], value);
2206 xscale->ibcr1_used = 1;
2207 breakpoint->set = 2; /* breakpoint set on second breakpoint register */
2211 LOG_ERROR("BUG: no hardware comparator available");
2215 else if (breakpoint->type == BKPT_SOFT)
2217 if (breakpoint->length == 4)
2219 /* keep the original instruction in target endianness */
2220 if((retval = target->type->read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2224 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2225 if((retval = target_write_u32(target, breakpoint->address, xscale->arm_bkpt)) != ERROR_OK)
2232 /* keep the original instruction in target endianness */
2233 if((retval = target->type->read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2237 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2238 if((retval = target_write_u32(target, breakpoint->address, xscale->thumb_bkpt)) != ERROR_OK)
2243 breakpoint->set = 1;
2250 int xscale_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2252 armv4_5_common_t *armv4_5 = target->arch_info;
2253 xscale_common_t *xscale = armv4_5->arch_info;
2255 if (target->state != TARGET_HALTED)
2257 LOG_WARNING("target not halted");
2258 return ERROR_TARGET_NOT_HALTED;
2261 if ((breakpoint->type == BKPT_HARD) && (xscale->ibcr_available < 1))
2263 LOG_INFO("no breakpoint unit available for hardware breakpoint");
2264 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2268 xscale->ibcr_available--;
2271 if ((breakpoint->length != 2) && (breakpoint->length != 4))
2273 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
2274 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2280 int xscale_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2283 armv4_5_common_t *armv4_5 = target->arch_info;
2284 xscale_common_t *xscale = armv4_5->arch_info;
2286 if (target->state != TARGET_HALTED)
2288 LOG_WARNING("target not halted");
2289 return ERROR_TARGET_NOT_HALTED;
2292 if (!breakpoint->set)
2294 LOG_WARNING("breakpoint not set");
2298 if (breakpoint->type == BKPT_HARD)
2300 if (breakpoint->set == 1)
2302 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], 0x0);
2303 xscale->ibcr0_used = 0;
2305 else if (breakpoint->set == 2)
2307 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], 0x0);
2308 xscale->ibcr1_used = 0;
2310 breakpoint->set = 0;
2314 /* restore original instruction (kept in target endianness) */
2315 if (breakpoint->length == 4)
2317 if((retval = target->type->write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2324 if((retval = target->type->write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2329 breakpoint->set = 0;
2335 int xscale_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2337 armv4_5_common_t *armv4_5 = target->arch_info;
2338 xscale_common_t *xscale = armv4_5->arch_info;
2340 if (target->state != TARGET_HALTED)
2342 LOG_WARNING("target not halted");
2343 return ERROR_TARGET_NOT_HALTED;
2346 if (breakpoint->set)
2348 xscale_unset_breakpoint(target, breakpoint);
2351 if (breakpoint->type == BKPT_HARD)
2352 xscale->ibcr_available++;
2357 int xscale_set_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2359 armv4_5_common_t *armv4_5 = target->arch_info;
2360 xscale_common_t *xscale = armv4_5->arch_info;
2362 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2363 u32 dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2365 if (target->state != TARGET_HALTED)
2367 LOG_WARNING("target not halted");
2368 return ERROR_TARGET_NOT_HALTED;
2371 xscale_get_reg(dbcon);
2373 switch (watchpoint->rw)
2385 LOG_ERROR("BUG: watchpoint->rw neither read, write nor access");
2388 if (!xscale->dbr0_used)
2390 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR0], watchpoint->address);
2391 dbcon_value |= enable;
2392 xscale_set_reg_u32(dbcon, dbcon_value);
2393 watchpoint->set = 1;
2394 xscale->dbr0_used = 1;
2396 else if (!xscale->dbr1_used)
2398 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR1], watchpoint->address);
2399 dbcon_value |= enable << 2;
2400 xscale_set_reg_u32(dbcon, dbcon_value);
2401 watchpoint->set = 2;
2402 xscale->dbr1_used = 1;
2406 LOG_ERROR("BUG: no hardware comparator available");
2413 int xscale_add_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2415 armv4_5_common_t *armv4_5 = target->arch_info;
2416 xscale_common_t *xscale = armv4_5->arch_info;
2418 if (target->state != TARGET_HALTED)
2420 LOG_WARNING("target not halted");
2421 return ERROR_TARGET_NOT_HALTED;
2424 if (xscale->dbr_available < 1)
2426 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2429 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
2431 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2434 xscale->dbr_available--;
2439 int xscale_unset_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2441 armv4_5_common_t *armv4_5 = target->arch_info;
2442 xscale_common_t *xscale = armv4_5->arch_info;
2443 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2444 u32 dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2446 if (target->state != TARGET_HALTED)
2448 LOG_WARNING("target not halted");
2449 return ERROR_TARGET_NOT_HALTED;
2452 if (!watchpoint->set)
2454 LOG_WARNING("breakpoint not set");
2458 if (watchpoint->set == 1)
2460 dbcon_value &= ~0x3;
2461 xscale_set_reg_u32(dbcon, dbcon_value);
2462 xscale->dbr0_used = 0;
2464 else if (watchpoint->set == 2)
2466 dbcon_value &= ~0xc;
2467 xscale_set_reg_u32(dbcon, dbcon_value);
2468 xscale->dbr1_used = 0;
2470 watchpoint->set = 0;
2475 int xscale_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2477 armv4_5_common_t *armv4_5 = target->arch_info;
2478 xscale_common_t *xscale = armv4_5->arch_info;
2480 if (target->state != TARGET_HALTED)
2482 LOG_WARNING("target not halted");
2483 return ERROR_TARGET_NOT_HALTED;
2486 if (watchpoint->set)
2488 xscale_unset_watchpoint(target, watchpoint);
2491 xscale->dbr_available++;
2496 void xscale_enable_watchpoints(struct target_s *target)
2498 watchpoint_t *watchpoint = target->watchpoints;
2502 if (watchpoint->set == 0)
2503 xscale_set_watchpoint(target, watchpoint);
2504 watchpoint = watchpoint->next;
2508 void xscale_enable_breakpoints(struct target_s *target)
2510 breakpoint_t *breakpoint = target->breakpoints;
2512 /* set any pending breakpoints */
2515 if (breakpoint->set == 0)
2516 xscale_set_breakpoint(target, breakpoint);
2517 breakpoint = breakpoint->next;
2521 int xscale_get_reg(reg_t *reg)
2523 xscale_reg_t *arch_info = reg->arch_info;
2524 target_t *target = arch_info->target;
2525 armv4_5_common_t *armv4_5 = target->arch_info;
2526 xscale_common_t *xscale = armv4_5->arch_info;
2528 /* DCSR, TX and RX are accessible via JTAG */
2529 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2531 return xscale_read_dcsr(arch_info->target);
2533 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2535 /* 1 = consume register content */
2536 return xscale_read_tx(arch_info->target, 1);
2538 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2540 /* can't read from RX register (host -> debug handler) */
2543 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2545 /* can't (explicitly) read from TXRXCTRL register */
2548 else /* Other DBG registers have to be transfered by the debug handler */
2550 /* send CP read request (command 0x40) */
2551 xscale_send_u32(target, 0x40);
2553 /* send CP register number */
2554 xscale_send_u32(target, arch_info->dbg_handler_number);
2556 /* read register value */
2557 xscale_read_tx(target, 1);
2558 buf_cpy(xscale->reg_cache->reg_list[XSCALE_TX].value, reg->value, 32);
2567 int xscale_set_reg(reg_t *reg, u8* buf)
2569 xscale_reg_t *arch_info = reg->arch_info;
2570 target_t *target = arch_info->target;
2571 armv4_5_common_t *armv4_5 = target->arch_info;
2572 xscale_common_t *xscale = armv4_5->arch_info;
2573 u32 value = buf_get_u32(buf, 0, 32);
2575 /* DCSR, TX and RX are accessible via JTAG */
2576 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2578 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32, value);
2579 return xscale_write_dcsr(arch_info->target, -1, -1);
2581 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2583 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
2584 return xscale_write_rx(arch_info->target);
2586 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2588 /* can't write to TX register (debug-handler -> host) */
2591 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2593 /* can't (explicitly) write to TXRXCTRL register */
2596 else /* Other DBG registers have to be transfered by the debug handler */
2598 /* send CP write request (command 0x41) */
2599 xscale_send_u32(target, 0x41);
2601 /* send CP register number */
2602 xscale_send_u32(target, arch_info->dbg_handler_number);
2604 /* send CP register value */
2605 xscale_send_u32(target, value);
2606 buf_set_u32(reg->value, 0, 32, value);
2612 /* convenience wrapper to access XScale specific registers */
2613 int xscale_set_reg_u32(reg_t *reg, u32 value)
2617 buf_set_u32(buf, 0, 32, value);
2619 return xscale_set_reg(reg, buf);
2622 int xscale_write_dcsr_sw(target_t *target, u32 value)
2624 /* get pointers to arch-specific information */
2625 armv4_5_common_t *armv4_5 = target->arch_info;
2626 xscale_common_t *xscale = armv4_5->arch_info;
2627 reg_t *dcsr = &xscale->reg_cache->reg_list[XSCALE_DCSR];
2628 xscale_reg_t *dcsr_arch_info = dcsr->arch_info;
2630 /* send CP write request (command 0x41) */
2631 xscale_send_u32(target, 0x41);
2633 /* send CP register number */
2634 xscale_send_u32(target, dcsr_arch_info->dbg_handler_number);
2636 /* send CP register value */
2637 xscale_send_u32(target, value);
2638 buf_set_u32(dcsr->value, 0, 32, value);
2643 int xscale_read_trace(target_t *target)
2645 /* get pointers to arch-specific information */
2646 armv4_5_common_t *armv4_5 = target->arch_info;
2647 xscale_common_t *xscale = armv4_5->arch_info;
2648 xscale_trace_data_t **trace_data_p;
2650 /* 258 words from debug handler
2651 * 256 trace buffer entries
2652 * 2 checkpoint addresses
2654 u32 trace_buffer[258];
2655 int is_address[256];
2658 if (target->state != TARGET_HALTED)
2660 LOG_WARNING("target must be stopped to read trace data");
2661 return ERROR_TARGET_NOT_HALTED;
2664 /* send read trace buffer command (command 0x61) */
2665 xscale_send_u32(target, 0x61);
2667 /* receive trace buffer content */
2668 xscale_receive(target, trace_buffer, 258);
2670 /* parse buffer backwards to identify address entries */
2671 for (i = 255; i >= 0; i--)
2674 if (((trace_buffer[i] & 0xf0) == 0x90) ||
2675 ((trace_buffer[i] & 0xf0) == 0xd0))
2678 is_address[--i] = 1;
2680 is_address[--i] = 1;
2682 is_address[--i] = 1;
2684 is_address[--i] = 1;
2689 /* search first non-zero entry */
2690 for (j = 0; (j < 256) && (trace_buffer[j] == 0) && (!is_address[j]); j++)
2695 LOG_DEBUG("no trace data collected");
2696 return ERROR_XSCALE_NO_TRACE_DATA;
2699 for (trace_data_p = &xscale->trace.data; *trace_data_p; trace_data_p = &(*trace_data_p)->next)
2702 *trace_data_p = malloc(sizeof(xscale_trace_data_t));
2703 (*trace_data_p)->next = NULL;
2704 (*trace_data_p)->chkpt0 = trace_buffer[256];
2705 (*trace_data_p)->chkpt1 = trace_buffer[257];
2706 (*trace_data_p)->last_instruction = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2707 (*trace_data_p)->entries = malloc(sizeof(xscale_trace_entry_t) * (256 - j));
2708 (*trace_data_p)->depth = 256 - j;
2710 for (i = j; i < 256; i++)
2712 (*trace_data_p)->entries[i - j].data = trace_buffer[i];
2714 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_ADDRESS;
2716 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_MESSAGE;
2722 int xscale_read_instruction(target_t *target, arm_instruction_t *instruction)
2724 /* get pointers to arch-specific information */
2725 armv4_5_common_t *armv4_5 = target->arch_info;
2726 xscale_common_t *xscale = armv4_5->arch_info;
2733 if (!xscale->trace.image)
2734 return ERROR_TRACE_IMAGE_UNAVAILABLE;
2736 /* search for the section the current instruction belongs to */
2737 for (i = 0; i < xscale->trace.image->num_sections; i++)
2739 if ((xscale->trace.image->sections[i].base_address <= xscale->trace.current_pc) &&
2740 (xscale->trace.image->sections[i].base_address + xscale->trace.image->sections[i].size > xscale->trace.current_pc))
2749 /* current instruction couldn't be found in the image */
2750 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2753 if (xscale->trace.core_state == ARMV4_5_STATE_ARM)
2756 if ((retval = image_read_section(xscale->trace.image, section,
2757 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2758 4, buf, &size_read)) != ERROR_OK)
2760 LOG_ERROR("error while reading instruction: %i", retval);
2761 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2763 opcode = target_buffer_get_u32(target, buf);
2764 arm_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2766 else if (xscale->trace.core_state == ARMV4_5_STATE_THUMB)
2769 if ((retval = image_read_section(xscale->trace.image, section,
2770 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2771 2, buf, &size_read)) != ERROR_OK)
2773 LOG_ERROR("error while reading instruction: %i", retval);
2774 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2776 opcode = target_buffer_get_u16(target, buf);
2777 thumb_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2781 LOG_ERROR("BUG: unknown core state encountered");
2788 int xscale_branch_address(xscale_trace_data_t *trace_data, int i, u32 *target)
2790 /* if there are less than four entries prior to the indirect branch message
2791 * we can't extract the address */
2797 *target = (trace_data->entries[i-1].data) | (trace_data->entries[i-2].data << 8) |
2798 (trace_data->entries[i-3].data << 16) | (trace_data->entries[i-4].data << 24);
2803 int xscale_analyze_trace(target_t *target, command_context_t *cmd_ctx)
2805 /* get pointers to arch-specific information */
2806 armv4_5_common_t *armv4_5 = target->arch_info;
2807 xscale_common_t *xscale = armv4_5->arch_info;
2810 xscale_trace_data_t *trace_data = xscale->trace.data;
2819 xscale->trace.core_state = ARMV4_5_STATE_ARM;
2824 for (i = 0; i < trace_data->depth; i++)
2830 if (trace_data->entries[i].type == XSCALE_TRACE_ADDRESS)
2833 switch ((trace_data->entries[i].data & 0xf0) >> 4)
2835 case 0: /* Exceptions */
2843 exception = (trace_data->entries[i].data & 0x70) >> 4;
2845 next_pc = (trace_data->entries[i].data & 0xf0) >> 2;
2846 command_print(cmd_ctx, "--- exception %i ---", (trace_data->entries[i].data & 0xf0) >> 4);
2848 case 8: /* Direct Branch */
2851 case 9: /* Indirect Branch */
2853 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2858 case 13: /* Checkpointed Indirect Branch */
2859 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2862 if (((chkpt == 0) && (next_pc != trace_data->chkpt0))
2863 || ((chkpt == 1) && (next_pc != trace_data->chkpt1)))
2864 LOG_WARNING("checkpointed indirect branch target address doesn't match checkpoint");
2866 /* explicit fall-through */
2867 case 12: /* Checkpointed Direct Branch */
2872 next_pc = trace_data->chkpt0;
2875 else if (chkpt == 1)
2878 next_pc = trace_data->chkpt0;
2883 LOG_WARNING("more than two checkpointed branches encountered");
2886 case 15: /* Roll-over */
2889 default: /* Reserved */
2890 command_print(cmd_ctx, "--- reserved trace message ---");
2891 LOG_ERROR("BUG: trace message %i is reserved", (trace_data->entries[i].data & 0xf0) >> 4);
2895 if (xscale->trace.pc_ok)
2897 int executed = (trace_data->entries[i].data & 0xf) + rollover * 16;
2898 arm_instruction_t instruction;
2900 if ((exception == 6) || (exception == 7))
2902 /* IRQ or FIQ exception, no instruction executed */
2906 while (executed-- >= 0)
2908 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2910 /* can't continue tracing with no image available */
2911 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2915 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2917 /* TODO: handle incomplete images */
2921 /* a precise abort on a load to the PC is included in the incremental
2922 * word count, other instructions causing data aborts are not included
2924 if ((executed == 0) && (exception == 4)
2925 && ((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDM)))
2927 if ((instruction.type == ARM_LDM)
2928 && ((instruction.info.load_store_multiple.register_list & 0x8000) == 0))
2932 else if (((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDRSH))
2933 && (instruction.info.load_store.Rd != 15))
2939 /* only the last instruction executed
2940 * (the one that caused the control flow change)
2941 * could be a taken branch
2943 if (((executed == -1) && (branch == 1)) &&
2944 (((instruction.type == ARM_B) ||
2945 (instruction.type == ARM_BL) ||
2946 (instruction.type == ARM_BLX)) &&
2947 (instruction.info.b_bl_bx_blx.target_address != -1)))
2949 xscale->trace.current_pc = instruction.info.b_bl_bx_blx.target_address;
2953 xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2;
2955 command_print(cmd_ctx, "%s", instruction.text);
2963 xscale->trace.current_pc = next_pc;
2964 xscale->trace.pc_ok = 1;
2968 for (; xscale->trace.current_pc < trace_data->last_instruction; xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2)
2970 arm_instruction_t instruction;
2971 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2973 /* can't continue tracing with no image available */
2974 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2978 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2980 /* TODO: handle incomplete images */
2983 command_print(cmd_ctx, "%s", instruction.text);
2986 trace_data = trace_data->next;
2992 void xscale_build_reg_cache(target_t *target)
2994 /* get pointers to arch-specific information */
2995 armv4_5_common_t *armv4_5 = target->arch_info;
2996 xscale_common_t *xscale = armv4_5->arch_info;
2998 reg_cache_t **cache_p = register_get_last_cache_p(&target->reg_cache);
2999 xscale_reg_t *arch_info = malloc(sizeof(xscale_reg_arch_info));
3001 int num_regs = sizeof(xscale_reg_arch_info) / sizeof(xscale_reg_t);
3003 (*cache_p) = armv4_5_build_reg_cache(target, armv4_5);
3004 armv4_5->core_cache = (*cache_p);
3006 /* register a register arch-type for XScale dbg registers only once */
3007 if (xscale_reg_arch_type == -1)
3008 xscale_reg_arch_type = register_reg_arch_type(xscale_get_reg, xscale_set_reg);
3010 (*cache_p)->next = malloc(sizeof(reg_cache_t));
3011 cache_p = &(*cache_p)->next;
3013 /* fill in values for the xscale reg cache */
3014 (*cache_p)->name = "XScale registers";
3015 (*cache_p)->next = NULL;
3016 (*cache_p)->reg_list = malloc(num_regs * sizeof(reg_t));
3017 (*cache_p)->num_regs = num_regs;
3019 for (i = 0; i < num_regs; i++)
3021 (*cache_p)->reg_list[i].name = xscale_reg_list[i];
3022 (*cache_p)->reg_list[i].value = calloc(4, 1);
3023 (*cache_p)->reg_list[i].dirty = 0;
3024 (*cache_p)->reg_list[i].valid = 0;
3025 (*cache_p)->reg_list[i].size = 32;
3026 (*cache_p)->reg_list[i].bitfield_desc = NULL;
3027 (*cache_p)->reg_list[i].num_bitfields = 0;
3028 (*cache_p)->reg_list[i].arch_info = &arch_info[i];
3029 (*cache_p)->reg_list[i].arch_type = xscale_reg_arch_type;
3030 arch_info[i] = xscale_reg_arch_info[i];
3031 arch_info[i].target = target;
3034 xscale->reg_cache = (*cache_p);
3037 int xscale_init_target(struct command_context_s *cmd_ctx, struct target_s *target)
3042 int xscale_quit(void)
3048 int xscale_init_arch_info(target_t *target, xscale_common_t *xscale, int chain_pos, const char *variant)
3050 armv4_5_common_t *armv4_5;
3051 u32 high_reset_branch, low_reset_branch;
3054 armv4_5 = &xscale->armv4_5_common;
3056 /* store architecture specfic data (none so far) */
3057 xscale->arch_info = NULL;
3058 xscale->common_magic = XSCALE_COMMON_MAGIC;
3060 /* remember the variant (PXA25x, PXA27x, IXP42x, ...) */
3061 xscale->variant = strdup(variant);
3063 /* prepare JTAG information for the new target */
3064 xscale->jtag_info.chain_pos = chain_pos;
3066 xscale->jtag_info.dbgrx = 0x02;
3067 xscale->jtag_info.dbgtx = 0x10;
3068 xscale->jtag_info.dcsr = 0x09;
3069 xscale->jtag_info.ldic = 0x07;
3071 if ((strcmp(xscale->variant, "pxa250") == 0) ||
3072 (strcmp(xscale->variant, "pxa255") == 0) ||
3073 (strcmp(xscale->variant, "pxa26x") == 0))
3075 xscale->jtag_info.ir_length = 5;
3077 else if ((strcmp(xscale->variant, "pxa27x") == 0) ||
3078 (strcmp(xscale->variant, "ixp42x") == 0) ||
3079 (strcmp(xscale->variant, "ixp45x") == 0) ||
3080 (strcmp(xscale->variant, "ixp46x") == 0))
3082 xscale->jtag_info.ir_length = 7;
3085 /* the debug handler isn't installed (and thus not running) at this time */
3086 xscale->handler_installed = 0;
3087 xscale->handler_running = 0;
3088 xscale->handler_address = 0xfe000800;
3090 /* clear the vectors we keep locally for reference */
3091 memset(xscale->low_vectors, 0, sizeof(xscale->low_vectors));
3092 memset(xscale->high_vectors, 0, sizeof(xscale->high_vectors));
3094 /* no user-specified vectors have been configured yet */
3095 xscale->static_low_vectors_set = 0x0;
3096 xscale->static_high_vectors_set = 0x0;
3098 /* calculate branches to debug handler */
3099 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
3100 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
3102 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
3103 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
3105 for (i = 1; i <= 7; i++)
3107 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3108 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3111 /* 64kB aligned region used for DCache cleaning */
3112 xscale->cache_clean_address = 0xfffe0000;
3114 xscale->hold_rst = 0;
3115 xscale->external_debug_break = 0;
3117 xscale->ibcr_available = 2;
3118 xscale->ibcr0_used = 0;
3119 xscale->ibcr1_used = 0;
3121 xscale->dbr_available = 2;
3122 xscale->dbr0_used = 0;
3123 xscale->dbr1_used = 0;
3125 xscale->arm_bkpt = ARMV5_BKPT(0x0);
3126 xscale->thumb_bkpt = ARMV5_T_BKPT(0x0) & 0xffff;
3128 xscale->vector_catch = 0x1;
3130 xscale->trace.capture_status = TRACE_IDLE;
3131 xscale->trace.data = NULL;
3132 xscale->trace.image = NULL;
3133 xscale->trace.buffer_enabled = 0;
3134 xscale->trace.buffer_fill = 0;
3136 /* prepare ARMv4/5 specific information */
3137 armv4_5->arch_info = xscale;
3138 armv4_5->read_core_reg = xscale_read_core_reg;
3139 armv4_5->write_core_reg = xscale_write_core_reg;
3140 armv4_5->full_context = xscale_full_context;
3142 armv4_5_init_arch_info(target, armv4_5);
3144 xscale->armv4_5_mmu.armv4_5_cache.ctype = -1;
3145 xscale->armv4_5_mmu.get_ttb = xscale_get_ttb;
3146 xscale->armv4_5_mmu.read_memory = xscale_read_memory;
3147 xscale->armv4_5_mmu.write_memory = xscale_write_memory;
3148 xscale->armv4_5_mmu.disable_mmu_caches = xscale_disable_mmu_caches;
3149 xscale->armv4_5_mmu.enable_mmu_caches = xscale_enable_mmu_caches;
3150 xscale->armv4_5_mmu.has_tiny_pages = 1;
3151 xscale->armv4_5_mmu.mmu_enabled = 0;
3156 /* target xscale <endianess> <startup_mode> <chain_pos> <variant> */
3157 int xscale_target_create(struct target_s *target, Jim_Interp *interp)
3159 xscale_common_t *xscale = calloc(1,sizeof(xscale_common_t));
3161 xscale_init_arch_info(target, xscale, target->chain_position, target->variant);
3162 xscale_build_reg_cache(target);
3167 int xscale_handle_debug_handler_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3169 target_t *target = NULL;
3170 armv4_5_common_t *armv4_5;
3171 xscale_common_t *xscale;
3173 u32 handler_address;
3177 LOG_ERROR("'xscale debug_handler <target#> <address>' command takes two required operands");
3181 if ((target = get_target_by_num(strtoul(args[0], NULL, 0))) == NULL)
3183 LOG_ERROR("no target '%s' configured", args[0]);
3187 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3192 handler_address = strtoul(args[1], NULL, 0);
3194 if (((handler_address >= 0x800) && (handler_address <= 0x1fef800)) ||
3195 ((handler_address >= 0xfe000800) && (handler_address <= 0xfffff800)))
3197 xscale->handler_address = handler_address;
3201 LOG_ERROR("xscale debug_handler <address> must be between 0x800 and 0x1fef800 or between 0xfe000800 and 0xfffff800");
3208 int xscale_handle_cache_clean_address_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3210 target_t *target = NULL;
3211 armv4_5_common_t *armv4_5;
3212 xscale_common_t *xscale;
3214 u32 cache_clean_address;
3218 return ERROR_COMMAND_SYNTAX_ERROR;
3221 if ((target = get_target_by_num(strtoul(args[0], NULL, 0))) == NULL)
3223 LOG_ERROR("no target '%s' configured", args[0]);
3227 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3232 cache_clean_address = strtoul(args[1], NULL, 0);
3234 if (cache_clean_address & 0xffff)
3236 LOG_ERROR("xscale cache_clean_address <address> must be 64kb aligned");
3240 xscale->cache_clean_address = cache_clean_address;
3246 int xscale_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3248 target_t *target = get_current_target(cmd_ctx);
3249 armv4_5_common_t *armv4_5;
3250 xscale_common_t *xscale;
3252 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3257 return armv4_5_handle_cache_info_command(cmd_ctx, &xscale->armv4_5_mmu.armv4_5_cache);
3260 static int xscale_virt2phys(struct target_s *target, u32 virtual, u32 *physical)
3262 armv4_5_common_t *armv4_5;
3263 xscale_common_t *xscale;
3271 if ((retval = xscale_get_arch_pointers(target, &armv4_5, &xscale)) != ERROR_OK)
3275 u32 ret = armv4_5_mmu_translate_va(target, &xscale->armv4_5_mmu, virtual, &type, &cb, &domain, &ap);
3284 static int xscale_mmu(struct target_s *target, int *enabled)
3286 armv4_5_common_t *armv4_5 = target->arch_info;
3287 xscale_common_t *xscale = armv4_5->arch_info;
3289 if (target->state != TARGET_HALTED)
3291 LOG_ERROR("Target not halted");
3292 return ERROR_TARGET_INVALID;
3294 *enabled = xscale->armv4_5_mmu.mmu_enabled;
3299 int xscale_handle_mmu_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
3301 target_t *target = get_current_target(cmd_ctx);
3302 armv4_5_common_t *armv4_5;
3303 xscale_common_t *xscale;
3305 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3310 if (target->state != TARGET_HALTED)
3312 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3318 if (strcmp("enable", args[0]) == 0)
3320 xscale_enable_mmu_caches(target, 1, 0, 0);
3321 xscale->armv4_5_mmu.mmu_enabled = 1;
3323 else if (strcmp("disable", args[0]) == 0)
3325 xscale_disable_mmu_caches(target, 1, 0, 0);
3326 xscale->armv4_5_mmu.mmu_enabled = 0;
3330 command_print(cmd_ctx, "mmu %s", (xscale->armv4_5_mmu.mmu_enabled) ? "enabled" : "disabled");
3335 int xscale_handle_idcache_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
3337 target_t *target = get_current_target(cmd_ctx);
3338 armv4_5_common_t *armv4_5;
3339 xscale_common_t *xscale;
3340 int icache = 0, dcache = 0;
3342 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3347 if (target->state != TARGET_HALTED)
3349 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3353 if (strcmp(cmd, "icache") == 0)
3355 else if (strcmp(cmd, "dcache") == 0)
3360 if (strcmp("enable", args[0]) == 0)
3362 xscale_enable_mmu_caches(target, 0, dcache, icache);
3365 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 1;
3367 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 1;
3369 else if (strcmp("disable", args[0]) == 0)
3371 xscale_disable_mmu_caches(target, 0, dcache, icache);
3374 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
3376 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
3381 command_print(cmd_ctx, "icache %s", (xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled) ? "enabled" : "disabled");
3384 command_print(cmd_ctx, "dcache %s", (xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) ? "enabled" : "disabled");
3389 int xscale_handle_vector_catch_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
3391 target_t *target = get_current_target(cmd_ctx);
3392 armv4_5_common_t *armv4_5;
3393 xscale_common_t *xscale;
3395 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3402 command_print(cmd_ctx, "usage: xscale vector_catch [mask]");
3406 xscale->vector_catch = strtoul(args[0], NULL, 0);
3407 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 8, xscale->vector_catch);
3408 xscale_write_dcsr(target, -1, -1);
3411 command_print(cmd_ctx, "vector catch mask: 0x%2.2x", xscale->vector_catch);
3417 int xscale_handle_trace_buffer_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3419 target_t *target = get_current_target(cmd_ctx);
3420 armv4_5_common_t *armv4_5;
3421 xscale_common_t *xscale;
3424 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3429 if (target->state != TARGET_HALTED)
3431 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3435 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
3437 xscale_trace_data_t *td, *next_td;
3438 xscale->trace.buffer_enabled = 1;
3440 /* free old trace data */
3441 td = xscale->trace.data;
3451 xscale->trace.data = NULL;
3453 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
3455 xscale->trace.buffer_enabled = 0;
3458 if ((argc >= 2) && (strcmp("fill", args[1]) == 0))
3461 xscale->trace.buffer_fill = strtoul(args[2], NULL, 0);
3463 xscale->trace.buffer_fill = 1;
3465 else if ((argc >= 2) && (strcmp("wrap", args[1]) == 0))
3467 xscale->trace.buffer_fill = -1;
3470 if (xscale->trace.buffer_enabled)
3472 /* if we enable the trace buffer in fill-once
3473 * mode we know the address of the first instruction */
3474 xscale->trace.pc_ok = 1;
3475 xscale->trace.current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
3479 /* otherwise the address is unknown, and we have no known good PC */
3480 xscale->trace.pc_ok = 0;
3483 command_print(cmd_ctx, "trace buffer %s (%s)",
3484 (xscale->trace.buffer_enabled) ? "enabled" : "disabled",
3485 (xscale->trace.buffer_fill > 0) ? "fill" : "wrap");
3487 dcsr_value = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32);
3488 if (xscale->trace.buffer_fill >= 0)
3489 xscale_write_dcsr_sw(target, (dcsr_value & 0xfffffffc) | 2);
3491 xscale_write_dcsr_sw(target, dcsr_value & 0xfffffffc);
3496 int xscale_handle_trace_image_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3499 armv4_5_common_t *armv4_5;
3500 xscale_common_t *xscale;
3504 command_print(cmd_ctx, "usage: xscale trace_image <file> [base address] [type]");
3508 target = get_current_target(cmd_ctx);
3510 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3515 if (xscale->trace.image)
3517 image_close(xscale->trace.image);
3518 free(xscale->trace.image);
3519 command_print(cmd_ctx, "previously loaded image found and closed");
3522 xscale->trace.image = malloc(sizeof(image_t));
3523 xscale->trace.image->base_address_set = 0;
3524 xscale->trace.image->start_address_set = 0;
3526 /* a base address isn't always necessary, default to 0x0 (i.e. don't relocate) */
3529 xscale->trace.image->base_address_set = 1;
3530 xscale->trace.image->base_address = strtoul(args[1], NULL, 0);
3534 xscale->trace.image->base_address_set = 0;
3537 if (image_open(xscale->trace.image, args[0], (argc >= 3) ? args[2] : NULL) != ERROR_OK)
3539 free(xscale->trace.image);
3540 xscale->trace.image = NULL;
3547 int xscale_handle_dump_trace_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3549 target_t *target = get_current_target(cmd_ctx);
3550 armv4_5_common_t *armv4_5;
3551 xscale_common_t *xscale;
3552 xscale_trace_data_t *trace_data;
3555 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3560 if (target->state != TARGET_HALTED)
3562 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3568 command_print(cmd_ctx, "usage: xscale dump_trace <file>");
3572 trace_data = xscale->trace.data;
3576 command_print(cmd_ctx, "no trace data collected");
3580 if (fileio_open(&file, args[0], FILEIO_WRITE, FILEIO_BINARY) != ERROR_OK)
3589 fileio_write_u32(&file, trace_data->chkpt0);
3590 fileio_write_u32(&file, trace_data->chkpt1);
3591 fileio_write_u32(&file, trace_data->last_instruction);
3592 fileio_write_u32(&file, trace_data->depth);
3594 for (i = 0; i < trace_data->depth; i++)
3595 fileio_write_u32(&file, trace_data->entries[i].data | ((trace_data->entries[i].type & 0xffff) << 16));
3597 trace_data = trace_data->next;
3600 fileio_close(&file);
3605 int xscale_handle_analyze_trace_buffer_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
3607 target_t *target = get_current_target(cmd_ctx);
3608 armv4_5_common_t *armv4_5;
3609 xscale_common_t *xscale;
3611 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3616 xscale_analyze_trace(target, cmd_ctx);
3621 int xscale_handle_cp15(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
3623 target_t *target = get_current_target(cmd_ctx);
3624 armv4_5_common_t *armv4_5;
3625 xscale_common_t *xscale;
3627 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3632 if (target->state != TARGET_HALTED)
3634 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3641 reg_no = strtoul(args[0], NULL, 0);
3642 /*translate from xscale cp15 register no to openocd register*/
3646 reg_no = XSCALE_MAINID;
3649 reg_no = XSCALE_CTRL;
3652 reg_no = XSCALE_TTB;
3655 reg_no = XSCALE_DAC;
3658 reg_no = XSCALE_FSR;
3661 reg_no = XSCALE_FAR;
3664 reg_no = XSCALE_PID;
3667 reg_no = XSCALE_CPACCESS;
3670 command_print(cmd_ctx, "invalid register number");
3671 return ERROR_INVALID_ARGUMENTS;
3673 reg = &xscale->reg_cache->reg_list[reg_no];
3680 /* read cp15 control register */
3681 xscale_get_reg(reg);
3682 value = buf_get_u32(reg->value, 0, 32);
3683 command_print(cmd_ctx, "%s (/%i): 0x%x", reg->name, reg->size, value);
3688 u32 value = strtoul(args[1], NULL, 0);
3690 /* send CP write request (command 0x41) */
3691 xscale_send_u32(target, 0x41);
3693 /* send CP register number */
3694 xscale_send_u32(target, reg_no);
3696 /* send CP register value */
3697 xscale_send_u32(target, value);
3699 /* execute cpwait to ensure outstanding operations complete */
3700 xscale_send_u32(target, 0x53);
3704 command_print(cmd_ctx, "usage: cp15 [register]<, [value]>");
3710 int xscale_register_commands(struct command_context_s *cmd_ctx)
3712 command_t *xscale_cmd;
3714 xscale_cmd = register_command(cmd_ctx, NULL, "xscale", NULL, COMMAND_ANY, "xscale specific commands");
3716 register_command(cmd_ctx, xscale_cmd, "debug_handler", xscale_handle_debug_handler_command, COMMAND_ANY, "'xscale debug_handler <target#> <address>' command takes two required operands");
3717 register_command(cmd_ctx, xscale_cmd, "cache_clean_address", xscale_handle_cache_clean_address_command, COMMAND_ANY, NULL);
3719 register_command(cmd_ctx, xscale_cmd, "cache_info", xscale_handle_cache_info_command, COMMAND_EXEC, NULL);
3720 register_command(cmd_ctx, xscale_cmd, "mmu", xscale_handle_mmu_command, COMMAND_EXEC, "['enable'|'disable'] the MMU");
3721 register_command(cmd_ctx, xscale_cmd, "icache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the ICache");
3722 register_command(cmd_ctx, xscale_cmd, "dcache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the DCache");
3724 register_command(cmd_ctx, xscale_cmd, "vector_catch", xscale_handle_idcache_command, COMMAND_EXEC, "<mask> of vectors that should be catched");
3726 register_command(cmd_ctx, xscale_cmd, "trace_buffer", xscale_handle_trace_buffer_command, COMMAND_EXEC, "<enable|disable> ['fill' [n]|'wrap']");
3728 register_command(cmd_ctx, xscale_cmd, "dump_trace", xscale_handle_dump_trace_command, COMMAND_EXEC, "dump content of trace buffer to <file>");
3729 register_command(cmd_ctx, xscale_cmd, "analyze_trace", xscale_handle_analyze_trace_buffer_command, COMMAND_EXEC, "analyze content of trace buffer");
3730 register_command(cmd_ctx, xscale_cmd, "trace_image", xscale_handle_trace_image_command,
3731 COMMAND_EXEC, "load image from <file> [base address]");
3733 register_command(cmd_ctx, xscale_cmd, "cp15", xscale_handle_cp15, COMMAND_EXEC, "access coproc 15 <register> [value]");
3735 armv4_5_register_commands(cmd_ctx);
projects / fw / openocd / blob