1 /***************************************************************************
2 * Copyright (C) 2006, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2009 Michael Schwingen *
9 * michael@schwingen.org *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
30 #include "breakpoints.h"
32 #include "target_type.h"
33 #include "arm7_9_common.h"
34 #include "arm_simulator.h"
35 #include "arm_disassembler.h"
36 #include "time_support.h"
41 * Important XScale documents available as of October 2009 include:
43 * Intel XScale® Core Developer’s Manual, January 2004
44 * Order Number: 273473-002
45 * This has a chapter detailing debug facilities, and punts some
46 * details to chip-specific microarchitecture documents.
48 * Hot-Debug for Intel XScale® Core Debug White Paper, May 2005
49 * Document Number: 273539-005
50 * Less detailed than the developer's manual, but summarizes those
51 * missing details (for most XScales) and gives LOTS of notes about
52 * debugger/handler interaction issues. Presents a simpler reset
53 * and load-handler sequence than the arch doc. (Note, OpenOCD
54 * doesn't currently support "Hot-Debug" as defined there.)
56 * Chip-specific microarchitecture documents may also be useful.
60 /* forward declarations */
61 static int xscale_resume(struct target
*, int current
,
62 uint32_t address
, int handle_breakpoints
, int debug_execution
);
63 static int xscale_debug_entry(struct target
*);
64 static int xscale_restore_context(struct target
*);
65 static int xscale_get_reg(struct reg
*reg
);
66 static int xscale_set_reg(struct reg
*reg
, uint8_t *buf
);
67 static int xscale_set_breakpoint(struct target
*, struct breakpoint
*);
68 static int xscale_set_watchpoint(struct target
*, struct watchpoint
*);
69 static int xscale_unset_breakpoint(struct target
*, struct breakpoint
*);
70 static int xscale_read_trace(struct target
*);
73 /* This XScale "debug handler" is loaded into the processor's
74 * mini-ICache, which is 2K of code writable only via JTAG.
76 * FIXME the OpenOCD "bin2char" utility currently doesn't handle
77 * binary files cleanly. It's string oriented, and terminates them
78 * with a NUL character. Better would be to generate the constants
79 * and let other code decide names, scoping, and other housekeeping.
81 static /* unsigned const char xscale_debug_handler[] = ... */
82 #include "xscale_debug.h"
84 static char *const xscale_reg_list
[] =
86 "XSCALE_MAINID", /* 0 */
96 "XSCALE_IBCR0", /* 10 */
106 "XSCALE_RX", /* 20 */
110 static const struct xscale_reg xscale_reg_arch_info
[] =
112 {XSCALE_MAINID
, NULL
},
113 {XSCALE_CACHETYPE
, NULL
},
115 {XSCALE_AUXCTRL
, NULL
},
121 {XSCALE_CPACCESS
, NULL
},
122 {XSCALE_IBCR0
, NULL
},
123 {XSCALE_IBCR1
, NULL
},
126 {XSCALE_DBCON
, NULL
},
127 {XSCALE_TBREG
, NULL
},
128 {XSCALE_CHKPT0
, NULL
},
129 {XSCALE_CHKPT1
, NULL
},
130 {XSCALE_DCSR
, NULL
}, /* DCSR accessed via JTAG or SW */
131 {-1, NULL
}, /* TX accessed via JTAG */
132 {-1, NULL
}, /* RX accessed via JTAG */
133 {-1, NULL
}, /* TXRXCTRL implicit access via JTAG */
136 static int xscale_reg_arch_type
= -1;
138 /* convenience wrapper to access XScale specific registers */
139 static int xscale_set_reg_u32(struct reg
*reg
, uint32_t value
)
143 buf_set_u32(buf
, 0, 32, value
);
145 return xscale_set_reg(reg
, buf
);
148 static const char xscale_not
[] = "target is not an XScale";
150 static int xscale_verify_pointer(struct command_context
*cmd_ctx
,
151 struct xscale_common
*xscale
)
153 if (xscale
->common_magic
!= XSCALE_COMMON_MAGIC
) {
154 command_print(cmd_ctx
, xscale_not
);
155 return ERROR_TARGET_INVALID
;
160 static int xscale_jtag_set_instr(struct jtag_tap
*tap
, uint32_t new_instr
)
165 if (buf_get_u32(tap
->cur_instr
, 0, tap
->ir_length
) != new_instr
)
167 struct scan_field field
;
170 memset(&field
, 0, sizeof field
);
172 field
.num_bits
= tap
->ir_length
;
173 field
.out_value
= scratch
;
174 buf_set_u32(field
.out_value
, 0, field
.num_bits
, new_instr
);
176 jtag_add_ir_scan(1, &field
, jtag_get_end_state());
182 static int xscale_read_dcsr(struct target
*target
)
184 struct xscale_common
*xscale
= target_to_xscale(target
);
186 struct scan_field fields
[3];
187 uint8_t field0
= 0x0;
188 uint8_t field0_check_value
= 0x2;
189 uint8_t field0_check_mask
= 0x7;
190 uint8_t field2
= 0x0;
191 uint8_t field2_check_value
= 0x0;
192 uint8_t field2_check_mask
= 0x1;
194 jtag_set_end_state(TAP_DRPAUSE
);
195 xscale_jtag_set_instr(target
->tap
, XSCALE_SELDCSR
);
197 buf_set_u32(&field0
, 1, 1, xscale
->hold_rst
);
198 buf_set_u32(&field0
, 2, 1, xscale
->external_debug_break
);
200 memset(&fields
, 0, sizeof fields
);
202 fields
[0].tap
= target
->tap
;
203 fields
[0].num_bits
= 3;
204 fields
[0].out_value
= &field0
;
206 fields
[0].in_value
= &tmp
;
208 fields
[1].tap
= target
->tap
;
209 fields
[1].num_bits
= 32;
210 fields
[1].in_value
= xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
;
212 fields
[2].tap
= target
->tap
;
213 fields
[2].num_bits
= 1;
214 fields
[2].out_value
= &field2
;
216 fields
[2].in_value
= &tmp2
;
218 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
220 jtag_check_value_mask(fields
+ 0, &field0_check_value
, &field0_check_mask
);
221 jtag_check_value_mask(fields
+ 2, &field2_check_value
, &field2_check_mask
);
223 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
225 LOG_ERROR("JTAG error while reading DCSR");
229 xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].dirty
= 0;
230 xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].valid
= 1;
232 /* write the register with the value we just read
233 * on this second pass, only the first bit of field0 is guaranteed to be 0)
235 field0_check_mask
= 0x1;
236 fields
[1].out_value
= xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
;
237 fields
[1].in_value
= NULL
;
239 jtag_set_end_state(TAP_IDLE
);
241 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
243 /* DANGER!!! this must be here. It will make sure that the arguments
244 * to jtag_set_check_value() does not go out of scope! */
245 return jtag_execute_queue();
249 static void xscale_getbuf(jtag_callback_data_t arg
)
251 uint8_t *in
= (uint8_t *)arg
;
252 *((uint32_t *)in
) = buf_get_u32(in
, 0, 32);
255 static int xscale_receive(struct target
*target
, uint32_t *buffer
, int num_words
)
258 return ERROR_INVALID_ARGUMENTS
;
260 int retval
= ERROR_OK
;
262 struct scan_field fields
[3];
263 uint8_t *field0
= malloc(num_words
* 1);
264 uint8_t field0_check_value
= 0x2;
265 uint8_t field0_check_mask
= 0x6;
266 uint32_t *field1
= malloc(num_words
* 4);
267 uint8_t field2_check_value
= 0x0;
268 uint8_t field2_check_mask
= 0x1;
270 int words_scheduled
= 0;
273 path
[0] = TAP_DRSELECT
;
274 path
[1] = TAP_DRCAPTURE
;
275 path
[2] = TAP_DRSHIFT
;
277 memset(&fields
, 0, sizeof fields
);
279 fields
[0].tap
= target
->tap
;
280 fields
[0].num_bits
= 3;
281 fields
[0].check_value
= &field0_check_value
;
282 fields
[0].check_mask
= &field0_check_mask
;
284 fields
[1].tap
= target
->tap
;
285 fields
[1].num_bits
= 32;
287 fields
[2].tap
= target
->tap
;
288 fields
[2].num_bits
= 1;
289 fields
[2].check_value
= &field2_check_value
;
290 fields
[2].check_mask
= &field2_check_mask
;
292 jtag_set_end_state(TAP_IDLE
);
293 xscale_jtag_set_instr(target
->tap
, XSCALE_DBGTX
);
294 jtag_add_runtest(1, jtag_get_end_state()); /* ensures that we're in the TAP_IDLE state as the above could be a no-op */
296 /* repeat until all words have been collected */
298 while (words_done
< num_words
)
302 for (i
= words_done
; i
< num_words
; i
++)
304 fields
[0].in_value
= &field0
[i
];
306 jtag_add_pathmove(3, path
);
308 fields
[1].in_value
= (uint8_t *)(field1
+ i
);
310 jtag_add_dr_scan_check(3, fields
, jtag_set_end_state(TAP_IDLE
));
312 jtag_add_callback(xscale_getbuf
, (jtag_callback_data_t
)(field1
+ i
));
317 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
319 LOG_ERROR("JTAG error while receiving data from debug handler");
323 /* examine results */
324 for (i
= words_done
; i
< num_words
; i
++)
326 if (!(field0
[0] & 1))
328 /* move backwards if necessary */
330 for (j
= i
; j
< num_words
- 1; j
++)
332 field0
[j
] = field0
[j
+ 1];
333 field1
[j
] = field1
[j
+ 1];
338 if (words_scheduled
== 0)
340 if (attempts
++==1000)
342 LOG_ERROR("Failed to receiving data from debug handler after 1000 attempts");
343 retval
= ERROR_TARGET_TIMEOUT
;
348 words_done
+= words_scheduled
;
351 for (i
= 0; i
< num_words
; i
++)
352 *(buffer
++) = buf_get_u32((uint8_t*)&field1
[i
], 0, 32);
359 static int xscale_read_tx(struct target
*target
, int consume
)
361 struct xscale_common
*xscale
= target_to_xscale(target
);
363 tap_state_t noconsume_path
[6];
365 struct timeval timeout
, now
;
366 struct scan_field fields
[3];
367 uint8_t field0_in
= 0x0;
368 uint8_t field0_check_value
= 0x2;
369 uint8_t field0_check_mask
= 0x6;
370 uint8_t field2_check_value
= 0x0;
371 uint8_t field2_check_mask
= 0x1;
373 jtag_set_end_state(TAP_IDLE
);
375 xscale_jtag_set_instr(target
->tap
, XSCALE_DBGTX
);
377 path
[0] = TAP_DRSELECT
;
378 path
[1] = TAP_DRCAPTURE
;
379 path
[2] = TAP_DRSHIFT
;
381 noconsume_path
[0] = TAP_DRSELECT
;
382 noconsume_path
[1] = TAP_DRCAPTURE
;
383 noconsume_path
[2] = TAP_DREXIT1
;
384 noconsume_path
[3] = TAP_DRPAUSE
;
385 noconsume_path
[4] = TAP_DREXIT2
;
386 noconsume_path
[5] = TAP_DRSHIFT
;
388 memset(&fields
, 0, sizeof fields
);
390 fields
[0].tap
= target
->tap
;
391 fields
[0].num_bits
= 3;
392 fields
[0].in_value
= &field0_in
;
394 fields
[1].tap
= target
->tap
;
395 fields
[1].num_bits
= 32;
396 fields
[1].in_value
= xscale
->reg_cache
->reg_list
[XSCALE_TX
].value
;
398 fields
[2].tap
= target
->tap
;
399 fields
[2].num_bits
= 1;
401 fields
[2].in_value
= &tmp
;
403 gettimeofday(&timeout
, NULL
);
404 timeval_add_time(&timeout
, 1, 0);
408 /* if we want to consume the register content (i.e. clear TX_READY),
409 * we have to go straight from Capture-DR to Shift-DR
410 * otherwise, we go from Capture-DR to Exit1-DR to Pause-DR
413 jtag_add_pathmove(3, path
);
416 jtag_add_pathmove(sizeof(noconsume_path
)/sizeof(*noconsume_path
), noconsume_path
);
419 jtag_add_dr_scan(3, fields
, jtag_set_end_state(TAP_IDLE
));
421 jtag_check_value_mask(fields
+ 0, &field0_check_value
, &field0_check_mask
);
422 jtag_check_value_mask(fields
+ 2, &field2_check_value
, &field2_check_mask
);
424 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
426 LOG_ERROR("JTAG error while reading TX");
427 return ERROR_TARGET_TIMEOUT
;
430 gettimeofday(&now
, NULL
);
431 if ((now
.tv_sec
> timeout
.tv_sec
) || ((now
.tv_sec
== timeout
.tv_sec
)&& (now
.tv_usec
> timeout
.tv_usec
)))
433 LOG_ERROR("time out reading TX register");
434 return ERROR_TARGET_TIMEOUT
;
436 if (!((!(field0_in
& 1)) && consume
))
440 if (debug_level
>= 3)
442 LOG_DEBUG("waiting 100ms");
443 alive_sleep(100); /* avoid flooding the logs */
451 if (!(field0_in
& 1))
452 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
457 static int xscale_write_rx(struct target
*target
)
459 struct xscale_common
*xscale
= target_to_xscale(target
);
461 struct timeval timeout
, now
;
462 struct scan_field fields
[3];
463 uint8_t field0_out
= 0x0;
464 uint8_t field0_in
= 0x0;
465 uint8_t field0_check_value
= 0x2;
466 uint8_t field0_check_mask
= 0x6;
467 uint8_t field2
= 0x0;
468 uint8_t field2_check_value
= 0x0;
469 uint8_t field2_check_mask
= 0x1;
471 jtag_set_end_state(TAP_IDLE
);
473 xscale_jtag_set_instr(target
->tap
, XSCALE_DBGRX
);
475 memset(&fields
, 0, sizeof fields
);
477 fields
[0].tap
= target
->tap
;
478 fields
[0].num_bits
= 3;
479 fields
[0].out_value
= &field0_out
;
480 fields
[0].in_value
= &field0_in
;
482 fields
[1].tap
= target
->tap
;
483 fields
[1].num_bits
= 32;
484 fields
[1].out_value
= xscale
->reg_cache
->reg_list
[XSCALE_RX
].value
;
486 fields
[2].tap
= target
->tap
;
487 fields
[2].num_bits
= 1;
488 fields
[2].out_value
= &field2
;
490 fields
[2].in_value
= &tmp
;
492 gettimeofday(&timeout
, NULL
);
493 timeval_add_time(&timeout
, 1, 0);
495 /* poll until rx_read is low */
496 LOG_DEBUG("polling RX");
499 jtag_add_dr_scan(3, fields
, jtag_set_end_state(TAP_IDLE
));
501 jtag_check_value_mask(fields
+ 0, &field0_check_value
, &field0_check_mask
);
502 jtag_check_value_mask(fields
+ 2, &field2_check_value
, &field2_check_mask
);
504 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
506 LOG_ERROR("JTAG error while writing RX");
510 gettimeofday(&now
, NULL
);
511 if ((now
.tv_sec
> timeout
.tv_sec
) || ((now
.tv_sec
== timeout
.tv_sec
)&& (now
.tv_usec
> timeout
.tv_usec
)))
513 LOG_ERROR("time out writing RX register");
514 return ERROR_TARGET_TIMEOUT
;
516 if (!(field0_in
& 1))
518 if (debug_level
>= 3)
520 LOG_DEBUG("waiting 100ms");
521 alive_sleep(100); /* avoid flooding the logs */
531 jtag_add_dr_scan(3, fields
, jtag_set_end_state(TAP_IDLE
));
533 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
535 LOG_ERROR("JTAG error while writing RX");
542 /* send count elements of size byte to the debug handler */
543 static int xscale_send(struct target
*target
, uint8_t *buffer
, int count
, int size
)
550 jtag_set_end_state(TAP_IDLE
);
552 xscale_jtag_set_instr(target
->tap
, XSCALE_DBGRX
);
559 int endianness
= target
->endianness
;
560 while (done_count
++ < count
)
565 if (endianness
== TARGET_LITTLE_ENDIAN
)
567 t
[1]=le_to_h_u32(buffer
);
570 t
[1]=be_to_h_u32(buffer
);
574 if (endianness
== TARGET_LITTLE_ENDIAN
)
576 t
[1]=le_to_h_u16(buffer
);
579 t
[1]=be_to_h_u16(buffer
);
586 LOG_ERROR("BUG: size neither 4, 2 nor 1");
589 jtag_add_dr_out(target
->tap
,
593 jtag_set_end_state(TAP_IDLE
));
597 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
599 LOG_ERROR("JTAG error while sending data to debug handler");
606 static int xscale_send_u32(struct target
*target
, uint32_t value
)
608 struct xscale_common
*xscale
= target_to_xscale(target
);
610 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_RX
].value
, 0, 32, value
);
611 return xscale_write_rx(target
);
614 static int xscale_write_dcsr(struct target
*target
, int hold_rst
, int ext_dbg_brk
)
616 struct xscale_common
*xscale
= target_to_xscale(target
);
618 struct scan_field fields
[3];
619 uint8_t field0
= 0x0;
620 uint8_t field0_check_value
= 0x2;
621 uint8_t field0_check_mask
= 0x7;
622 uint8_t field2
= 0x0;
623 uint8_t field2_check_value
= 0x0;
624 uint8_t field2_check_mask
= 0x1;
627 xscale
->hold_rst
= hold_rst
;
629 if (ext_dbg_brk
!= -1)
630 xscale
->external_debug_break
= ext_dbg_brk
;
632 jtag_set_end_state(TAP_IDLE
);
633 xscale_jtag_set_instr(target
->tap
, XSCALE_SELDCSR
);
635 buf_set_u32(&field0
, 1, 1, xscale
->hold_rst
);
636 buf_set_u32(&field0
, 2, 1, xscale
->external_debug_break
);
638 memset(&fields
, 0, sizeof fields
);
640 fields
[0].tap
= target
->tap
;
641 fields
[0].num_bits
= 3;
642 fields
[0].out_value
= &field0
;
644 fields
[0].in_value
= &tmp
;
646 fields
[1].tap
= target
->tap
;
647 fields
[1].num_bits
= 32;
648 fields
[1].out_value
= xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
;
650 fields
[2].tap
= target
->tap
;
651 fields
[2].num_bits
= 1;
652 fields
[2].out_value
= &field2
;
654 fields
[2].in_value
= &tmp2
;
656 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
658 jtag_check_value_mask(fields
+ 0, &field0_check_value
, &field0_check_mask
);
659 jtag_check_value_mask(fields
+ 2, &field2_check_value
, &field2_check_mask
);
661 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
663 LOG_ERROR("JTAG error while writing DCSR");
667 xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].dirty
= 0;
668 xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].valid
= 1;
673 /* parity of the number of bits 0 if even; 1 if odd. for 32 bit words */
674 static unsigned int parity (unsigned int v
)
676 // unsigned int ov = v;
681 // LOG_DEBUG("parity of 0x%x is %i", ov, (0x6996 >> v) & 1);
682 return (0x6996 >> v
) & 1;
685 static int xscale_load_ic(struct target
*target
, uint32_t va
, uint32_t buffer
[8])
690 struct scan_field fields
[2];
692 LOG_DEBUG("loading miniIC at 0x%8.8" PRIx32
"", va
);
695 jtag_set_end_state(TAP_IDLE
);
696 xscale_jtag_set_instr(target
->tap
, XSCALE_LDIC
);
698 /* CMD is b011 to load a cacheline into the Mini ICache.
699 * Loading into the main ICache is deprecated, and unused.
700 * It's followed by three zero bits, and 27 address bits.
702 buf_set_u32(&cmd
, 0, 6, 0x3);
704 /* virtual address of desired cache line */
705 buf_set_u32(packet
, 0, 27, va
>> 5);
707 memset(&fields
, 0, sizeof fields
);
709 fields
[0].tap
= target
->tap
;
710 fields
[0].num_bits
= 6;
711 fields
[0].out_value
= &cmd
;
713 fields
[1].tap
= target
->tap
;
714 fields
[1].num_bits
= 27;
715 fields
[1].out_value
= packet
;
717 jtag_add_dr_scan(2, fields
, jtag_get_end_state());
719 /* rest of packet is a cacheline: 8 instructions, with parity */
720 fields
[0].num_bits
= 32;
721 fields
[0].out_value
= packet
;
723 fields
[1].num_bits
= 1;
724 fields
[1].out_value
= &cmd
;
726 for (word
= 0; word
< 8; word
++)
728 buf_set_u32(packet
, 0, 32, buffer
[word
]);
731 memcpy(&value
, packet
, sizeof(uint32_t));
734 jtag_add_dr_scan(2, fields
, jtag_get_end_state());
737 return jtag_execute_queue();
740 static int xscale_invalidate_ic_line(struct target
*target
, uint32_t va
)
744 struct scan_field fields
[2];
746 jtag_set_end_state(TAP_IDLE
);
747 xscale_jtag_set_instr(target
->tap
, XSCALE_LDIC
);
749 /* CMD for invalidate IC line b000, bits [6:4] b000 */
750 buf_set_u32(&cmd
, 0, 6, 0x0);
752 /* virtual address of desired cache line */
753 buf_set_u32(packet
, 0, 27, va
>> 5);
755 memset(&fields
, 0, sizeof fields
);
757 fields
[0].tap
= target
->tap
;
758 fields
[0].num_bits
= 6;
759 fields
[0].out_value
= &cmd
;
761 fields
[1].tap
= target
->tap
;
762 fields
[1].num_bits
= 27;
763 fields
[1].out_value
= packet
;
765 jtag_add_dr_scan(2, fields
, jtag_get_end_state());
770 static int xscale_update_vectors(struct target
*target
)
772 struct xscale_common
*xscale
= target_to_xscale(target
);
776 uint32_t low_reset_branch
, high_reset_branch
;
778 for (i
= 1; i
< 8; i
++)
780 /* if there's a static vector specified for this exception, override */
781 if (xscale
->static_high_vectors_set
& (1 << i
))
783 xscale
->high_vectors
[i
] = xscale
->static_high_vectors
[i
];
787 retval
= target_read_u32(target
, 0xffff0000 + 4*i
, &xscale
->high_vectors
[i
]);
788 if (retval
== ERROR_TARGET_TIMEOUT
)
790 if (retval
!= ERROR_OK
)
792 /* Some of these reads will fail as part of normal execution */
793 xscale
->high_vectors
[i
] = ARMV4_5_B(0xfffffe, 0);
798 for (i
= 1; i
< 8; i
++)
800 if (xscale
->static_low_vectors_set
& (1 << i
))
802 xscale
->low_vectors
[i
] = xscale
->static_low_vectors
[i
];
806 retval
= target_read_u32(target
, 0x0 + 4*i
, &xscale
->low_vectors
[i
]);
807 if (retval
== ERROR_TARGET_TIMEOUT
)
809 if (retval
!= ERROR_OK
)
811 /* Some of these reads will fail as part of normal execution */
812 xscale
->low_vectors
[i
] = ARMV4_5_B(0xfffffe, 0);
817 /* calculate branches to debug handler */
818 low_reset_branch
= (xscale
->handler_address
+ 0x20 - 0x0 - 0x8) >> 2;
819 high_reset_branch
= (xscale
->handler_address
+ 0x20 - 0xffff0000 - 0x8) >> 2;
821 xscale
->low_vectors
[0] = ARMV4_5_B((low_reset_branch
& 0xffffff), 0);
822 xscale
->high_vectors
[0] = ARMV4_5_B((high_reset_branch
& 0xffffff), 0);
824 /* invalidate and load exception vectors in mini i-cache */
825 xscale_invalidate_ic_line(target
, 0x0);
826 xscale_invalidate_ic_line(target
, 0xffff0000);
828 xscale_load_ic(target
, 0x0, xscale
->low_vectors
);
829 xscale_load_ic(target
, 0xffff0000, xscale
->high_vectors
);
834 static int xscale_arch_state(struct target
*target
)
836 struct xscale_common
*xscale
= target_to_xscale(target
);
837 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
839 static const char *state
[] =
841 "disabled", "enabled"
844 static const char *arch_dbg_reason
[] =
846 "", "\n(processor reset)", "\n(trace buffer full)"
849 if (armv4_5
->common_magic
!= ARMV4_5_COMMON_MAGIC
)
851 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
855 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
856 "cpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"\n"
857 "MMU: %s, D-Cache: %s, I-Cache: %s"
859 armv4_5_state_strings
[armv4_5
->core_state
],
860 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
861 armv4_5_mode_strings
[armv4_5_mode_to_number(armv4_5
->core_mode
)],
862 buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32),
863 buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32),
864 state
[xscale
->armv4_5_mmu
.mmu_enabled
],
865 state
[xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
866 state
[xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
],
867 arch_dbg_reason
[xscale
->arch_debug_reason
]);
872 static int xscale_poll(struct target
*target
)
874 int retval
= ERROR_OK
;
876 if ((target
->state
== TARGET_RUNNING
) || (target
->state
== TARGET_DEBUG_RUNNING
))
878 enum target_state previous_state
= target
->state
;
879 if ((retval
= xscale_read_tx(target
, 0)) == ERROR_OK
)
882 /* there's data to read from the tx register, we entered debug state */
883 target
->state
= TARGET_HALTED
;
885 /* process debug entry, fetching current mode regs */
886 retval
= xscale_debug_entry(target
);
888 else if (retval
!= ERROR_TARGET_RESOURCE_NOT_AVAILABLE
)
890 LOG_USER("error while polling TX register, reset CPU");
891 /* here we "lie" so GDB won't get stuck and a reset can be perfomed */
892 target
->state
= TARGET_HALTED
;
895 /* debug_entry could have overwritten target state (i.e. immediate resume)
896 * don't signal event handlers in that case
898 if (target
->state
!= TARGET_HALTED
)
901 /* if target was running, signal that we halted
902 * otherwise we reentered from debug execution */
903 if (previous_state
== TARGET_RUNNING
)
904 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
906 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_HALTED
);
912 static int xscale_debug_entry(struct target
*target
)
914 struct xscale_common
*xscale
= target_to_xscale(target
);
915 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
922 /* clear external dbg break (will be written on next DCSR read) */
923 xscale
->external_debug_break
= 0;
924 if ((retval
= xscale_read_dcsr(target
)) != ERROR_OK
)
927 /* get r0, pc, r1 to r7 and cpsr */
928 if ((retval
= xscale_receive(target
, buffer
, 10)) != ERROR_OK
)
931 /* move r0 from buffer to register cache */
932 buf_set_u32(armv4_5
->core_cache
->reg_list
[0].value
, 0, 32, buffer
[0]);
933 armv4_5
->core_cache
->reg_list
[0].dirty
= 1;
934 armv4_5
->core_cache
->reg_list
[0].valid
= 1;
935 LOG_DEBUG("r0: 0x%8.8" PRIx32
"", buffer
[0]);
937 /* move pc from buffer to register cache */
938 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, buffer
[1]);
939 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
940 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
941 LOG_DEBUG("pc: 0x%8.8" PRIx32
"", buffer
[1]);
943 /* move data from buffer to register cache */
944 for (i
= 1; i
<= 7; i
++)
946 buf_set_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32, buffer
[1 + i
]);
947 armv4_5
->core_cache
->reg_list
[i
].dirty
= 1;
948 armv4_5
->core_cache
->reg_list
[i
].valid
= 1;
949 LOG_DEBUG("r%i: 0x%8.8" PRIx32
"", i
, buffer
[i
+ 1]);
952 buf_set_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32, buffer
[9]);
953 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 1;
954 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
955 LOG_DEBUG("cpsr: 0x%8.8" PRIx32
"", buffer
[9]);
957 armv4_5
->core_mode
= buffer
[9] & 0x1f;
958 if (armv4_5_mode_to_number(armv4_5
->core_mode
) == -1)
960 target
->state
= TARGET_UNKNOWN
;
961 LOG_ERROR("cpsr contains invalid mode value - communication failure");
962 return ERROR_TARGET_FAILURE
;
964 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings
[armv4_5_mode_to_number(armv4_5
->core_mode
)]);
966 if (buffer
[9] & 0x20)
967 armv4_5
->core_state
= ARMV4_5_STATE_THUMB
;
969 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
972 if (armv4_5_mode_to_number(armv4_5
->core_mode
)==-1)
975 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
976 if ((armv4_5
->core_mode
!= ARMV4_5_MODE_USR
) && (armv4_5
->core_mode
!= ARMV4_5_MODE_SYS
))
978 xscale_receive(target
, buffer
, 8);
979 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).value
, 0, 32, buffer
[7]);
980 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).dirty
= 0;
981 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).valid
= 1;
985 /* r8 to r14, but no spsr */
986 xscale_receive(target
, buffer
, 7);
989 /* move data from buffer to register cache */
990 for (i
= 8; i
<= 14; i
++)
992 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).value
, 0, 32, buffer
[i
- 8]);
993 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 0;
994 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).valid
= 1;
997 /* examine debug reason */
998 xscale_read_dcsr(target
);
999 moe
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 2, 3);
1001 /* stored PC (for calculating fixup) */
1002 pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1006 case 0x0: /* Processor reset */
1007 target
->debug_reason
= DBG_REASON_DBGRQ
;
1008 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_RESET
;
1011 case 0x1: /* Instruction breakpoint hit */
1012 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1013 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1016 case 0x2: /* Data breakpoint hit */
1017 target
->debug_reason
= DBG_REASON_WATCHPOINT
;
1018 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1021 case 0x3: /* BKPT instruction executed */
1022 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1023 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1026 case 0x4: /* Ext. debug event */
1027 target
->debug_reason
= DBG_REASON_DBGRQ
;
1028 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1031 case 0x5: /* Vector trap occured */
1032 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1033 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1036 case 0x6: /* Trace buffer full break */
1037 target
->debug_reason
= DBG_REASON_DBGRQ
;
1038 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_TB_FULL
;
1041 case 0x7: /* Reserved (may flag Hot-Debug support) */
1043 LOG_ERROR("Method of Entry is 'Reserved'");
1048 /* apply PC fixup */
1049 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, pc
);
1051 /* on the first debug entry, identify cache type */
1052 if (xscale
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
1054 uint32_t cache_type_reg
;
1056 /* read cp15 cache type register */
1057 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_CACHETYPE
]);
1058 cache_type_reg
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_CACHETYPE
].value
, 0, 32);
1060 armv4_5_identify_cache(cache_type_reg
, &xscale
->armv4_5_mmu
.armv4_5_cache
);
1063 /* examine MMU and Cache settings */
1064 /* read cp15 control register */
1065 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
]);
1066 xscale
->cp15_control_reg
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_CTRL
].value
, 0, 32);
1067 xscale
->armv4_5_mmu
.mmu_enabled
= (xscale
->cp15_control_reg
& 0x1U
) ? 1 : 0;
1068 xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= (xscale
->cp15_control_reg
& 0x4U
) ? 1 : 0;
1069 xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= (xscale
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
1071 /* tracing enabled, read collected trace data */
1072 if (xscale
->trace
.buffer_enabled
)
1074 xscale_read_trace(target
);
1075 xscale
->trace
.buffer_fill
--;
1077 /* resume if we're still collecting trace data */
1078 if ((xscale
->arch_debug_reason
== XSCALE_DBG_REASON_TB_FULL
)
1079 && (xscale
->trace
.buffer_fill
> 0))
1081 xscale_resume(target
, 1, 0x0, 1, 0);
1085 xscale
->trace
.buffer_enabled
= 0;
1092 static int xscale_halt(struct target
*target
)
1094 struct xscale_common
*xscale
= target_to_xscale(target
);
1096 LOG_DEBUG("target->state: %s",
1097 target_state_name(target
));
1099 if (target
->state
== TARGET_HALTED
)
1101 LOG_DEBUG("target was already halted");
1104 else if (target
->state
== TARGET_UNKNOWN
)
1106 /* this must not happen for a xscale target */
1107 LOG_ERROR("target was in unknown state when halt was requested");
1108 return ERROR_TARGET_INVALID
;
1110 else if (target
->state
== TARGET_RESET
)
1112 LOG_DEBUG("target->state == TARGET_RESET");
1116 /* assert external dbg break */
1117 xscale
->external_debug_break
= 1;
1118 xscale_read_dcsr(target
);
1120 target
->debug_reason
= DBG_REASON_DBGRQ
;
1126 static int xscale_enable_single_step(struct target
*target
, uint32_t next_pc
)
1128 struct xscale_common
*xscale
= target_to_xscale(target
);
1129 struct reg
*ibcr0
= &xscale
->reg_cache
->reg_list
[XSCALE_IBCR0
];
1132 if (xscale
->ibcr0_used
)
1134 struct breakpoint
*ibcr0_bp
= breakpoint_find(target
, buf_get_u32(ibcr0
->value
, 0, 32) & 0xfffffffe);
1138 xscale_unset_breakpoint(target
, ibcr0_bp
);
1142 LOG_ERROR("BUG: xscale->ibcr0_used is set, but no breakpoint with that address found");
1147 if ((retval
= xscale_set_reg_u32(ibcr0
, next_pc
| 0x1)) != ERROR_OK
)
1153 static int xscale_disable_single_step(struct target
*target
)
1155 struct xscale_common
*xscale
= target_to_xscale(target
);
1156 struct reg
*ibcr0
= &xscale
->reg_cache
->reg_list
[XSCALE_IBCR0
];
1159 if ((retval
= xscale_set_reg_u32(ibcr0
, 0x0)) != ERROR_OK
)
1165 static void xscale_enable_watchpoints(struct target
*target
)
1167 struct watchpoint
*watchpoint
= target
->watchpoints
;
1171 if (watchpoint
->set
== 0)
1172 xscale_set_watchpoint(target
, watchpoint
);
1173 watchpoint
= watchpoint
->next
;
1177 static void xscale_enable_breakpoints(struct target
*target
)
1179 struct breakpoint
*breakpoint
= target
->breakpoints
;
1181 /* set any pending breakpoints */
1184 if (breakpoint
->set
== 0)
1185 xscale_set_breakpoint(target
, breakpoint
);
1186 breakpoint
= breakpoint
->next
;
1190 static int xscale_resume(struct target
*target
, int current
,
1191 uint32_t address
, int handle_breakpoints
, int debug_execution
)
1193 struct xscale_common
*xscale
= target_to_xscale(target
);
1194 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
1195 struct breakpoint
*breakpoint
= target
->breakpoints
;
1196 uint32_t current_pc
;
1202 if (target
->state
!= TARGET_HALTED
)
1204 LOG_WARNING("target not halted");
1205 return ERROR_TARGET_NOT_HALTED
;
1208 if (!debug_execution
)
1210 target_free_all_working_areas(target
);
1213 /* update vector tables */
1214 if ((retval
= xscale_update_vectors(target
)) != ERROR_OK
)
1217 /* current = 1: continue on current pc, otherwise continue at <address> */
1219 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, address
);
1221 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1223 /* if we're at the reset vector, we have to simulate the branch */
1224 if (current_pc
== 0x0)
1226 arm_simulate_step(target
, NULL
);
1227 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1230 /* the front-end may request us not to handle breakpoints */
1231 if (handle_breakpoints
)
1233 if ((breakpoint
= breakpoint_find(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))))
1237 /* there's a breakpoint at the current PC, we have to step over it */
1238 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32
"", breakpoint
->address
);
1239 xscale_unset_breakpoint(target
, breakpoint
);
1241 /* calculate PC of next instruction */
1242 if ((retval
= arm_simulate_step(target
, &next_pc
)) != ERROR_OK
)
1244 uint32_t current_opcode
;
1245 target_read_u32(target
, current_pc
, ¤t_opcode
);
1246 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32
"", current_opcode
);
1249 LOG_DEBUG("enable single-step");
1250 xscale_enable_single_step(target
, next_pc
);
1252 /* restore banked registers */
1253 xscale_restore_context(target
);
1255 /* send resume request (command 0x30 or 0x31)
1256 * clean the trace buffer if it is to be enabled (0x62) */
1257 if (xscale
->trace
.buffer_enabled
)
1259 xscale_send_u32(target
, 0x62);
1260 xscale_send_u32(target
, 0x31);
1263 xscale_send_u32(target
, 0x30);
1266 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1267 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1269 for (i
= 7; i
>= 0; i
--)
1272 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1273 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32
"", i
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1277 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1278 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1280 /* wait for and process debug entry */
1281 xscale_debug_entry(target
);
1283 LOG_DEBUG("disable single-step");
1284 xscale_disable_single_step(target
);
1286 LOG_DEBUG("set breakpoint at 0x%8.8" PRIx32
"", breakpoint
->address
);
1287 xscale_set_breakpoint(target
, breakpoint
);
1291 /* enable any pending breakpoints and watchpoints */
1292 xscale_enable_breakpoints(target
);
1293 xscale_enable_watchpoints(target
);
1295 /* restore banked registers */
1296 xscale_restore_context(target
);
1298 /* send resume request (command 0x30 or 0x31)
1299 * clean the trace buffer if it is to be enabled (0x62) */
1300 if (xscale
->trace
.buffer_enabled
)
1302 xscale_send_u32(target
, 0x62);
1303 xscale_send_u32(target
, 0x31);
1306 xscale_send_u32(target
, 0x30);
1309 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1310 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1312 for (i
= 7; i
>= 0; i
--)
1315 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1316 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32
"", i
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1320 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1321 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1323 target
->debug_reason
= DBG_REASON_NOTHALTED
;
1325 if (!debug_execution
)
1327 /* registers are now invalid */
1328 armv4_5_invalidate_core_regs(target
);
1329 target
->state
= TARGET_RUNNING
;
1330 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1334 target
->state
= TARGET_DEBUG_RUNNING
;
1335 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_RESUMED
);
1338 LOG_DEBUG("target resumed");
1343 static int xscale_step_inner(struct target
*target
, int current
,
1344 uint32_t address
, int handle_breakpoints
)
1346 struct xscale_common
*xscale
= target_to_xscale(target
);
1347 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
1352 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1354 /* calculate PC of next instruction */
1355 if ((retval
= arm_simulate_step(target
, &next_pc
)) != ERROR_OK
)
1357 uint32_t current_opcode
, current_pc
;
1358 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1360 target_read_u32(target
, current_pc
, ¤t_opcode
);
1361 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32
"", current_opcode
);
1365 LOG_DEBUG("enable single-step");
1366 if ((retval
= xscale_enable_single_step(target
, next_pc
)) != ERROR_OK
)
1369 /* restore banked registers */
1370 if ((retval
= xscale_restore_context(target
)) != ERROR_OK
)
1373 /* send resume request (command 0x30 or 0x31)
1374 * clean the trace buffer if it is to be enabled (0x62) */
1375 if (xscale
->trace
.buffer_enabled
)
1377 if ((retval
= xscale_send_u32(target
, 0x62)) != ERROR_OK
)
1379 if ((retval
= xscale_send_u32(target
, 0x31)) != ERROR_OK
)
1383 if ((retval
= xscale_send_u32(target
, 0x30)) != ERROR_OK
)
1387 if ((retval
= xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32))) != ERROR_OK
)
1389 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1391 for (i
= 7; i
>= 0; i
--)
1394 if ((retval
= xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32))) != ERROR_OK
)
1396 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32
"", i
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1400 if ((retval
= xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))) != ERROR_OK
)
1402 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1404 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1406 /* registers are now invalid */
1407 if ((retval
= armv4_5_invalidate_core_regs(target
)) != ERROR_OK
)
1410 /* wait for and process debug entry */
1411 if ((retval
= xscale_debug_entry(target
)) != ERROR_OK
)
1414 LOG_DEBUG("disable single-step");
1415 if ((retval
= xscale_disable_single_step(target
)) != ERROR_OK
)
1418 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
1423 static int xscale_step(struct target
*target
, int current
,
1424 uint32_t address
, int handle_breakpoints
)
1426 struct armv4_5_common_s
*armv4_5
= target_to_armv4_5(target
);
1427 struct breakpoint
*breakpoint
= target
->breakpoints
;
1429 uint32_t current_pc
;
1432 if (target
->state
!= TARGET_HALTED
)
1434 LOG_WARNING("target not halted");
1435 return ERROR_TARGET_NOT_HALTED
;
1438 /* current = 1: continue on current pc, otherwise continue at <address> */
1440 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, address
);
1442 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1444 /* if we're at the reset vector, we have to simulate the step */
1445 if (current_pc
== 0x0)
1447 if ((retval
= arm_simulate_step(target
, NULL
)) != ERROR_OK
)
1449 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1451 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1452 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
1457 /* the front-end may request us not to handle breakpoints */
1458 if (handle_breakpoints
)
1459 if ((breakpoint
= breakpoint_find(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))))
1461 if ((retval
= xscale_unset_breakpoint(target
, breakpoint
)) != ERROR_OK
)
1465 retval
= xscale_step_inner(target
, current
, address
, handle_breakpoints
);
1469 xscale_set_breakpoint(target
, breakpoint
);
1472 LOG_DEBUG("target stepped");
1478 static int xscale_assert_reset(struct target
*target
)
1480 struct xscale_common
*xscale
= target_to_xscale(target
);
1482 LOG_DEBUG("target->state: %s",
1483 target_state_name(target
));
1485 /* select DCSR instruction (set endstate to R-T-I to ensure we don't
1486 * end up in T-L-R, which would reset JTAG
1488 jtag_set_end_state(TAP_IDLE
);
1489 xscale_jtag_set_instr(target
->tap
, XSCALE_SELDCSR
);
1491 /* set Hold reset, Halt mode and Trap Reset */
1492 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 30, 1, 0x1);
1493 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 16, 1, 0x1);
1494 xscale_write_dcsr(target
, 1, 0);
1496 /* select BYPASS, because having DCSR selected caused problems on the PXA27x */
1497 xscale_jtag_set_instr(target
->tap
, 0x7f);
1498 jtag_execute_queue();
1501 jtag_add_reset(0, 1);
1503 /* sleep 1ms, to be sure we fulfill any requirements */
1504 jtag_add_sleep(1000);
1505 jtag_execute_queue();
1507 target
->state
= TARGET_RESET
;
1509 if (target
->reset_halt
)
1512 if ((retval
= target_halt(target
)) != ERROR_OK
)
1519 static int xscale_deassert_reset(struct target
*target
)
1521 struct xscale_common
*xscale
= target_to_xscale(target
);
1522 struct breakpoint
*breakpoint
= target
->breakpoints
;
1526 xscale
->ibcr_available
= 2;
1527 xscale
->ibcr0_used
= 0;
1528 xscale
->ibcr1_used
= 0;
1530 xscale
->dbr_available
= 2;
1531 xscale
->dbr0_used
= 0;
1532 xscale
->dbr1_used
= 0;
1534 /* mark all hardware breakpoints as unset */
1537 if (breakpoint
->type
== BKPT_HARD
)
1539 breakpoint
->set
= 0;
1541 breakpoint
= breakpoint
->next
;
1544 armv4_5_invalidate_core_regs(target
);
1546 /* FIXME mark hardware watchpoints got unset too. Also,
1547 * at least some of the XScale registers are invalid...
1551 * REVISIT: *assumes* we had a SRST+TRST reset so the mini-icache
1552 * contents got invalidated. Safer to force that, so writing new
1553 * contents can't ever fail..
1558 const uint8_t *buffer
= xscale_debug_handler
;
1562 jtag_add_reset(0, 0);
1564 /* wait 300ms; 150 and 100ms were not enough */
1565 jtag_add_sleep(300*1000);
1567 jtag_add_runtest(2030, jtag_set_end_state(TAP_IDLE
));
1568 jtag_execute_queue();
1570 /* set Hold reset, Halt mode and Trap Reset */
1571 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 30, 1, 0x1);
1572 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 16, 1, 0x1);
1573 xscale_write_dcsr(target
, 1, 0);
1575 /* Load the debug handler into the mini-icache. Since
1576 * it's using halt mode (not monitor mode), it runs in
1577 * "Special Debug State" for access to registers, memory,
1578 * coprocessors, trace data, etc.
1580 address
= xscale
->handler_address
;
1581 for (unsigned binary_size
= sizeof xscale_debug_handler
- 1;
1583 binary_size
-= buf_cnt
, buffer
+= buf_cnt
)
1585 uint32_t cache_line
[8];
1588 buf_cnt
= binary_size
;
1592 for (i
= 0; i
< buf_cnt
; i
+= 4)
1594 /* convert LE buffer to host-endian uint32_t */
1595 cache_line
[i
/ 4] = le_to_h_u32(&buffer
[i
]);
1598 for (; i
< 32; i
+= 4)
1600 cache_line
[i
/ 4] = 0xe1a08008;
1603 /* only load addresses other than the reset vectors */
1604 if ((address
% 0x400) != 0x0)
1606 retval
= xscale_load_ic(target
, address
,
1608 if (retval
!= ERROR_OK
)
1615 retval
= xscale_load_ic(target
, 0x0,
1616 xscale
->low_vectors
);
1617 if (retval
!= ERROR_OK
)
1619 retval
= xscale_load_ic(target
, 0xffff0000,
1620 xscale
->high_vectors
);
1621 if (retval
!= ERROR_OK
)
1624 jtag_add_runtest(30, jtag_set_end_state(TAP_IDLE
));
1626 jtag_add_sleep(100000);
1628 /* set Hold reset, Halt mode and Trap Reset */
1629 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 30, 1, 0x1);
1630 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 16, 1, 0x1);
1631 xscale_write_dcsr(target
, 1, 0);
1633 /* clear Hold reset to let the target run (should enter debug handler) */
1634 xscale_write_dcsr(target
, 0, 1);
1635 target
->state
= TARGET_RUNNING
;
1637 if (!target
->reset_halt
)
1639 jtag_add_sleep(10000);
1641 /* we should have entered debug now */
1642 xscale_debug_entry(target
);
1643 target
->state
= TARGET_HALTED
;
1645 /* resume the target */
1646 xscale_resume(target
, 1, 0x0, 1, 0);
1653 static int xscale_read_core_reg(struct target
*target
, int num
,
1654 enum armv4_5_mode mode
)
1656 LOG_ERROR("not implemented");
1660 static int xscale_write_core_reg(struct target
*target
, int num
,
1661 enum armv4_5_mode mode
, uint32_t value
)
1663 LOG_ERROR("not implemented");
1667 static int xscale_full_context(struct target
*target
)
1669 struct armv4_5_common_s
*armv4_5
= target_to_armv4_5(target
);
1677 if (target
->state
!= TARGET_HALTED
)
1679 LOG_WARNING("target not halted");
1680 return ERROR_TARGET_NOT_HALTED
;
1683 buffer
= malloc(4 * 8);
1685 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1686 * we can't enter User mode on an XScale (unpredictable),
1687 * but User shares registers with SYS
1689 for (i
= 1; i
< 7; i
++)
1693 /* check if there are invalid registers in the current mode
1695 for (j
= 0; j
<= 16; j
++)
1697 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
== 0)
1705 /* request banked registers */
1706 xscale_send_u32(target
, 0x0);
1709 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1710 tmp_cpsr
|= 0xc0; /* I/F bits */
1712 /* send CPSR for desired mode */
1713 xscale_send_u32(target
, tmp_cpsr
);
1715 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1716 if ((armv4_5_number_to_mode(i
) != ARMV4_5_MODE_USR
) && (armv4_5_number_to_mode(i
) != ARMV4_5_MODE_SYS
))
1718 xscale_receive(target
, buffer
, 8);
1719 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).value
, 0, 32, buffer
[7]);
1720 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).dirty
= 0;
1721 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).valid
= 1;
1725 xscale_receive(target
, buffer
, 7);
1728 /* move data from buffer to register cache */
1729 for (j
= 8; j
<= 14; j
++)
1731 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).value
, 0, 32, buffer
[j
- 8]);
1732 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).dirty
= 0;
1733 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
= 1;
1743 static int xscale_restore_context(struct target
*target
)
1745 struct armv4_5_common_s
*armv4_5
= target_to_armv4_5(target
);
1749 if (target
->state
!= TARGET_HALTED
)
1751 LOG_WARNING("target not halted");
1752 return ERROR_TARGET_NOT_HALTED
;
1755 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1756 * we can't enter User mode on an XScale (unpredictable),
1757 * but User shares registers with SYS
1759 for (i
= 1; i
< 7; i
++)
1763 /* check if there are invalid registers in the current mode
1765 for (j
= 8; j
<= 14; j
++)
1767 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).dirty
== 1)
1771 /* if not USR/SYS, check if the SPSR needs to be written */
1772 if ((armv4_5_number_to_mode(i
) != ARMV4_5_MODE_USR
) && (armv4_5_number_to_mode(i
) != ARMV4_5_MODE_SYS
))
1774 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).dirty
== 1)
1782 /* send banked registers */
1783 xscale_send_u32(target
, 0x1);
1786 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1787 tmp_cpsr
|= 0xc0; /* I/F bits */
1789 /* send CPSR for desired mode */
1790 xscale_send_u32(target
, tmp_cpsr
);
1792 /* send banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1793 for (j
= 8; j
<= 14; j
++)
1795 xscale_send_u32(target
, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, j
).value
, 0, 32));
1796 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).dirty
= 0;
1799 if ((armv4_5_number_to_mode(i
) != ARMV4_5_MODE_USR
) && (armv4_5_number_to_mode(i
) != ARMV4_5_MODE_SYS
))
1801 xscale_send_u32(target
, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).value
, 0, 32));
1802 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).dirty
= 0;
1810 static int xscale_read_memory(struct target
*target
, uint32_t address
,
1811 uint32_t size
, uint32_t count
, uint8_t *buffer
)
1813 struct xscale_common
*xscale
= target_to_xscale(target
);
1818 LOG_DEBUG("address: 0x%8.8" PRIx32
", size: 0x%8.8" PRIx32
", count: 0x%8.8" PRIx32
, address
, size
, count
);
1820 if (target
->state
!= TARGET_HALTED
)
1822 LOG_WARNING("target not halted");
1823 return ERROR_TARGET_NOT_HALTED
;
1826 /* sanitize arguments */
1827 if (((size
!= 4) && (size
!= 2) && (size
!= 1)) || (count
== 0) || !(buffer
))
1828 return ERROR_INVALID_ARGUMENTS
;
1830 if (((size
== 4) && (address
& 0x3u
)) || ((size
== 2) && (address
& 0x1u
)))
1831 return ERROR_TARGET_UNALIGNED_ACCESS
;
1833 /* send memory read request (command 0x1n, n: access size) */
1834 if ((retval
= xscale_send_u32(target
, 0x10 | size
)) != ERROR_OK
)
1837 /* send base address for read request */
1838 if ((retval
= xscale_send_u32(target
, address
)) != ERROR_OK
)
1841 /* send number of requested data words */
1842 if ((retval
= xscale_send_u32(target
, count
)) != ERROR_OK
)
1845 /* receive data from target (count times 32-bit words in host endianness) */
1846 buf32
= malloc(4 * count
);
1847 if ((retval
= xscale_receive(target
, buf32
, count
)) != ERROR_OK
)
1850 /* extract data from host-endian buffer into byte stream */
1851 for (i
= 0; i
< count
; i
++)
1856 target_buffer_set_u32(target
, buffer
, buf32
[i
]);
1860 target_buffer_set_u16(target
, buffer
, buf32
[i
] & 0xffff);
1864 *buffer
++ = buf32
[i
] & 0xff;
1867 LOG_ERROR("should never get here");
1874 /* examine DCSR, to see if Sticky Abort (SA) got set */
1875 if ((retval
= xscale_read_dcsr(target
)) != ERROR_OK
)
1877 if (buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 5, 1) == 1)
1880 if ((retval
= xscale_send_u32(target
, 0x60)) != ERROR_OK
)
1883 return ERROR_TARGET_DATA_ABORT
;
1889 static int xscale_write_memory(struct target
*target
, uint32_t address
,
1890 uint32_t size
, uint32_t count
, uint8_t *buffer
)
1892 struct xscale_common
*xscale
= target_to_xscale(target
);
1895 LOG_DEBUG("address: 0x%8.8" PRIx32
", size: 0x%8.8" PRIx32
", count: 0x%8.8" PRIx32
, address
, size
, count
);
1897 if (target
->state
!= TARGET_HALTED
)
1899 LOG_WARNING("target not halted");
1900 return ERROR_TARGET_NOT_HALTED
;
1903 /* sanitize arguments */
1904 if (((size
!= 4) && (size
!= 2) && (size
!= 1)) || (count
== 0) || !(buffer
))
1905 return ERROR_INVALID_ARGUMENTS
;
1907 if (((size
== 4) && (address
& 0x3u
)) || ((size
== 2) && (address
& 0x1u
)))
1908 return ERROR_TARGET_UNALIGNED_ACCESS
;
1910 /* send memory write request (command 0x2n, n: access size) */
1911 if ((retval
= xscale_send_u32(target
, 0x20 | size
)) != ERROR_OK
)
1914 /* send base address for read request */
1915 if ((retval
= xscale_send_u32(target
, address
)) != ERROR_OK
)
1918 /* send number of requested data words to be written*/
1919 if ((retval
= xscale_send_u32(target
, count
)) != ERROR_OK
)
1922 /* extract data from host-endian buffer into byte stream */
1924 for (i
= 0; i
< count
; i
++)
1929 value
= target_buffer_get_u32(target
, buffer
);
1930 xscale_send_u32(target
, value
);
1934 value
= target_buffer_get_u16(target
, buffer
);
1935 xscale_send_u32(target
, value
);
1940 xscale_send_u32(target
, value
);
1944 LOG_ERROR("should never get here");
1949 if ((retval
= xscale_send(target
, buffer
, count
, size
)) != ERROR_OK
)
1952 /* examine DCSR, to see if Sticky Abort (SA) got set */
1953 if ((retval
= xscale_read_dcsr(target
)) != ERROR_OK
)
1955 if (buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 5, 1) == 1)
1958 if ((retval
= xscale_send_u32(target
, 0x60)) != ERROR_OK
)
1961 return ERROR_TARGET_DATA_ABORT
;
1967 static int xscale_bulk_write_memory(struct target
*target
, uint32_t address
,
1968 uint32_t count
, uint8_t *buffer
)
1970 return xscale_write_memory(target
, address
, 4, count
, buffer
);
1973 static uint32_t xscale_get_ttb(struct target
*target
)
1975 struct xscale_common
*xscale
= target_to_xscale(target
);
1978 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_TTB
]);
1979 ttb
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_TTB
].value
, 0, 32);
1984 static void xscale_disable_mmu_caches(struct target
*target
, int mmu
,
1985 int d_u_cache
, int i_cache
)
1987 struct xscale_common
*xscale
= target_to_xscale(target
);
1988 uint32_t cp15_control
;
1990 /* read cp15 control register */
1991 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
]);
1992 cp15_control
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_CTRL
].value
, 0, 32);
1995 cp15_control
&= ~0x1U
;
2000 xscale_send_u32(target
, 0x50);
2001 xscale_send_u32(target
, xscale
->cache_clean_address
);
2003 /* invalidate DCache */
2004 xscale_send_u32(target
, 0x51);
2006 cp15_control
&= ~0x4U
;
2011 /* invalidate ICache */
2012 xscale_send_u32(target
, 0x52);
2013 cp15_control
&= ~0x1000U
;
2016 /* write new cp15 control register */
2017 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
], cp15_control
);
2019 /* execute cpwait to ensure outstanding operations complete */
2020 xscale_send_u32(target
, 0x53);
2023 static void xscale_enable_mmu_caches(struct target
*target
, int mmu
,
2024 int d_u_cache
, int i_cache
)
2026 struct xscale_common
*xscale
= target_to_xscale(target
);
2027 uint32_t cp15_control
;
2029 /* read cp15 control register */
2030 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
]);
2031 cp15_control
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_CTRL
].value
, 0, 32);
2034 cp15_control
|= 0x1U
;
2037 cp15_control
|= 0x4U
;
2040 cp15_control
|= 0x1000U
;
2042 /* write new cp15 control register */
2043 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
], cp15_control
);
2045 /* execute cpwait to ensure outstanding operations complete */
2046 xscale_send_u32(target
, 0x53);
2049 static int xscale_set_breakpoint(struct target
*target
,
2050 struct breakpoint
*breakpoint
)
2053 struct xscale_common
*xscale
= target_to_xscale(target
);
2055 if (target
->state
!= TARGET_HALTED
)
2057 LOG_WARNING("target not halted");
2058 return ERROR_TARGET_NOT_HALTED
;
2061 if (breakpoint
->set
)
2063 LOG_WARNING("breakpoint already set");
2067 if (breakpoint
->type
== BKPT_HARD
)
2069 uint32_t value
= breakpoint
->address
| 1;
2070 if (!xscale
->ibcr0_used
)
2072 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_IBCR0
], value
);
2073 xscale
->ibcr0_used
= 1;
2074 breakpoint
->set
= 1; /* breakpoint set on first breakpoint register */
2076 else if (!xscale
->ibcr1_used
)
2078 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_IBCR1
], value
);
2079 xscale
->ibcr1_used
= 1;
2080 breakpoint
->set
= 2; /* breakpoint set on second breakpoint register */
2084 LOG_ERROR("BUG: no hardware comparator available");
2088 else if (breakpoint
->type
== BKPT_SOFT
)
2090 if (breakpoint
->length
== 4)
2092 /* keep the original instruction in target endianness */
2093 if ((retval
= target_read_memory(target
, breakpoint
->address
, 4, 1, breakpoint
->orig_instr
)) != ERROR_OK
)
2097 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2098 if ((retval
= target_write_u32(target
, breakpoint
->address
, xscale
->arm_bkpt
)) != ERROR_OK
)
2105 /* keep the original instruction in target endianness */
2106 if ((retval
= target_read_memory(target
, breakpoint
->address
, 2, 1, breakpoint
->orig_instr
)) != ERROR_OK
)
2110 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2111 if ((retval
= target_write_u32(target
, breakpoint
->address
, xscale
->thumb_bkpt
)) != ERROR_OK
)
2116 breakpoint
->set
= 1;
2122 static int xscale_add_breakpoint(struct target
*target
,
2123 struct breakpoint
*breakpoint
)
2125 struct xscale_common
*xscale
= target_to_xscale(target
);
2127 if (target
->state
!= TARGET_HALTED
)
2129 LOG_WARNING("target not halted");
2130 return ERROR_TARGET_NOT_HALTED
;
2133 if ((breakpoint
->type
== BKPT_HARD
) && (xscale
->ibcr_available
< 1))
2135 LOG_INFO("no breakpoint unit available for hardware breakpoint");
2136 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
2139 if ((breakpoint
->length
!= 2) && (breakpoint
->length
!= 4))
2141 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
2142 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
2145 if (breakpoint
->type
== BKPT_HARD
)
2147 xscale
->ibcr_available
--;
2153 static int xscale_unset_breakpoint(struct target
*target
,
2154 struct breakpoint
*breakpoint
)
2157 struct xscale_common
*xscale
= target_to_xscale(target
);
2159 if (target
->state
!= TARGET_HALTED
)
2161 LOG_WARNING("target not halted");
2162 return ERROR_TARGET_NOT_HALTED
;
2165 if (!breakpoint
->set
)
2167 LOG_WARNING("breakpoint not set");
2171 if (breakpoint
->type
== BKPT_HARD
)
2173 if (breakpoint
->set
== 1)
2175 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_IBCR0
], 0x0);
2176 xscale
->ibcr0_used
= 0;
2178 else if (breakpoint
->set
== 2)
2180 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_IBCR1
], 0x0);
2181 xscale
->ibcr1_used
= 0;
2183 breakpoint
->set
= 0;
2187 /* restore original instruction (kept in target endianness) */
2188 if (breakpoint
->length
== 4)
2190 if ((retval
= target_write_memory(target
, breakpoint
->address
, 4, 1, breakpoint
->orig_instr
)) != ERROR_OK
)
2197 if ((retval
= target_write_memory(target
, breakpoint
->address
, 2, 1, breakpoint
->orig_instr
)) != ERROR_OK
)
2202 breakpoint
->set
= 0;
2208 static int xscale_remove_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
2210 struct xscale_common
*xscale
= target_to_xscale(target
);
2212 if (target
->state
!= TARGET_HALTED
)
2214 LOG_WARNING("target not halted");
2215 return ERROR_TARGET_NOT_HALTED
;
2218 if (breakpoint
->set
)
2220 xscale_unset_breakpoint(target
, breakpoint
);
2223 if (breakpoint
->type
== BKPT_HARD
)
2224 xscale
->ibcr_available
++;
2229 static int xscale_set_watchpoint(struct target
*target
,
2230 struct watchpoint
*watchpoint
)
2232 struct xscale_common
*xscale
= target_to_xscale(target
);
2234 struct reg
*dbcon
= &xscale
->reg_cache
->reg_list
[XSCALE_DBCON
];
2235 uint32_t dbcon_value
= buf_get_u32(dbcon
->value
, 0, 32);
2237 if (target
->state
!= TARGET_HALTED
)
2239 LOG_WARNING("target not halted");
2240 return ERROR_TARGET_NOT_HALTED
;
2243 xscale_get_reg(dbcon
);
2245 switch (watchpoint
->rw
)
2257 LOG_ERROR("BUG: watchpoint->rw neither read, write nor access");
2260 if (!xscale
->dbr0_used
)
2262 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_DBR0
], watchpoint
->address
);
2263 dbcon_value
|= enable
;
2264 xscale_set_reg_u32(dbcon
, dbcon_value
);
2265 watchpoint
->set
= 1;
2266 xscale
->dbr0_used
= 1;
2268 else if (!xscale
->dbr1_used
)
2270 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_DBR1
], watchpoint
->address
);
2271 dbcon_value
|= enable
<< 2;
2272 xscale_set_reg_u32(dbcon
, dbcon_value
);
2273 watchpoint
->set
= 2;
2274 xscale
->dbr1_used
= 1;
2278 LOG_ERROR("BUG: no hardware comparator available");
2285 static int xscale_add_watchpoint(struct target
*target
,
2286 struct watchpoint
*watchpoint
)
2288 struct xscale_common
*xscale
= target_to_xscale(target
);
2290 if (target
->state
!= TARGET_HALTED
)
2292 LOG_WARNING("target not halted");
2293 return ERROR_TARGET_NOT_HALTED
;
2296 if (xscale
->dbr_available
< 1)
2298 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
2301 if ((watchpoint
->length
!= 1) && (watchpoint
->length
!= 2) && (watchpoint
->length
!= 4))
2303 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
2306 xscale
->dbr_available
--;
2311 static int xscale_unset_watchpoint(struct target
*target
,
2312 struct watchpoint
*watchpoint
)
2314 struct xscale_common
*xscale
= target_to_xscale(target
);
2315 struct reg
*dbcon
= &xscale
->reg_cache
->reg_list
[XSCALE_DBCON
];
2316 uint32_t dbcon_value
= buf_get_u32(dbcon
->value
, 0, 32);
2318 if (target
->state
!= TARGET_HALTED
)
2320 LOG_WARNING("target not halted");
2321 return ERROR_TARGET_NOT_HALTED
;
2324 if (!watchpoint
->set
)
2326 LOG_WARNING("breakpoint not set");
2330 if (watchpoint
->set
== 1)
2332 dbcon_value
&= ~0x3;
2333 xscale_set_reg_u32(dbcon
, dbcon_value
);
2334 xscale
->dbr0_used
= 0;
2336 else if (watchpoint
->set
== 2)
2338 dbcon_value
&= ~0xc;
2339 xscale_set_reg_u32(dbcon
, dbcon_value
);
2340 xscale
->dbr1_used
= 0;
2342 watchpoint
->set
= 0;
2347 static int xscale_remove_watchpoint(struct target
*target
, struct watchpoint
*watchpoint
)
2349 struct xscale_common
*xscale
= target_to_xscale(target
);
2351 if (target
->state
!= TARGET_HALTED
)
2353 LOG_WARNING("target not halted");
2354 return ERROR_TARGET_NOT_HALTED
;
2357 if (watchpoint
->set
)
2359 xscale_unset_watchpoint(target
, watchpoint
);
2362 xscale
->dbr_available
++;
2367 static int xscale_get_reg(struct reg
*reg
)
2369 struct xscale_reg
*arch_info
= reg
->arch_info
;
2370 struct target
*target
= arch_info
->target
;
2371 struct xscale_common
*xscale
= target_to_xscale(target
);
2373 /* DCSR, TX and RX are accessible via JTAG */
2374 if (strcmp(reg
->name
, "XSCALE_DCSR") == 0)
2376 return xscale_read_dcsr(arch_info
->target
);
2378 else if (strcmp(reg
->name
, "XSCALE_TX") == 0)
2380 /* 1 = consume register content */
2381 return xscale_read_tx(arch_info
->target
, 1);
2383 else if (strcmp(reg
->name
, "XSCALE_RX") == 0)
2385 /* can't read from RX register (host -> debug handler) */
2388 else if (strcmp(reg
->name
, "XSCALE_TXRXCTRL") == 0)
2390 /* can't (explicitly) read from TXRXCTRL register */
2393 else /* Other DBG registers have to be transfered by the debug handler */
2395 /* send CP read request (command 0x40) */
2396 xscale_send_u32(target
, 0x40);
2398 /* send CP register number */
2399 xscale_send_u32(target
, arch_info
->dbg_handler_number
);
2401 /* read register value */
2402 xscale_read_tx(target
, 1);
2403 buf_cpy(xscale
->reg_cache
->reg_list
[XSCALE_TX
].value
, reg
->value
, 32);
2412 static int xscale_set_reg(struct reg
*reg
, uint8_t* buf
)
2414 struct xscale_reg
*arch_info
= reg
->arch_info
;
2415 struct target
*target
= arch_info
->target
;
2416 struct xscale_common
*xscale
= target_to_xscale(target
);
2417 uint32_t value
= buf_get_u32(buf
, 0, 32);
2419 /* DCSR, TX and RX are accessible via JTAG */
2420 if (strcmp(reg
->name
, "XSCALE_DCSR") == 0)
2422 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 0, 32, value
);
2423 return xscale_write_dcsr(arch_info
->target
, -1, -1);
2425 else if (strcmp(reg
->name
, "XSCALE_RX") == 0)
2427 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_RX
].value
, 0, 32, value
);
2428 return xscale_write_rx(arch_info
->target
);
2430 else if (strcmp(reg
->name
, "XSCALE_TX") == 0)
2432 /* can't write to TX register (debug-handler -> host) */
2435 else if (strcmp(reg
->name
, "XSCALE_TXRXCTRL") == 0)
2437 /* can't (explicitly) write to TXRXCTRL register */
2440 else /* Other DBG registers have to be transfered by the debug handler */
2442 /* send CP write request (command 0x41) */
2443 xscale_send_u32(target
, 0x41);
2445 /* send CP register number */
2446 xscale_send_u32(target
, arch_info
->dbg_handler_number
);
2448 /* send CP register value */
2449 xscale_send_u32(target
, value
);
2450 buf_set_u32(reg
->value
, 0, 32, value
);
2456 static int xscale_write_dcsr_sw(struct target
*target
, uint32_t value
)
2458 struct xscale_common
*xscale
= target_to_xscale(target
);
2459 struct reg
*dcsr
= &xscale
->reg_cache
->reg_list
[XSCALE_DCSR
];
2460 struct xscale_reg
*dcsr_arch_info
= dcsr
->arch_info
;
2462 /* send CP write request (command 0x41) */
2463 xscale_send_u32(target
, 0x41);
2465 /* send CP register number */
2466 xscale_send_u32(target
, dcsr_arch_info
->dbg_handler_number
);
2468 /* send CP register value */
2469 xscale_send_u32(target
, value
);
2470 buf_set_u32(dcsr
->value
, 0, 32, value
);
2475 static int xscale_read_trace(struct target
*target
)
2477 struct xscale_common
*xscale
= target_to_xscale(target
);
2478 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
2479 struct xscale_trace_data
**trace_data_p
;
2481 /* 258 words from debug handler
2482 * 256 trace buffer entries
2483 * 2 checkpoint addresses
2485 uint32_t trace_buffer
[258];
2486 int is_address
[256];
2489 if (target
->state
!= TARGET_HALTED
)
2491 LOG_WARNING("target must be stopped to read trace data");
2492 return ERROR_TARGET_NOT_HALTED
;
2495 /* send read trace buffer command (command 0x61) */
2496 xscale_send_u32(target
, 0x61);
2498 /* receive trace buffer content */
2499 xscale_receive(target
, trace_buffer
, 258);
2501 /* parse buffer backwards to identify address entries */
2502 for (i
= 255; i
>= 0; i
--)
2505 if (((trace_buffer
[i
] & 0xf0) == 0x90) ||
2506 ((trace_buffer
[i
] & 0xf0) == 0xd0))
2509 is_address
[--i
] = 1;
2511 is_address
[--i
] = 1;
2513 is_address
[--i
] = 1;
2515 is_address
[--i
] = 1;
2520 /* search first non-zero entry */
2521 for (j
= 0; (j
< 256) && (trace_buffer
[j
] == 0) && (!is_address
[j
]); j
++)
2526 LOG_DEBUG("no trace data collected");
2527 return ERROR_XSCALE_NO_TRACE_DATA
;
2530 for (trace_data_p
= &xscale
->trace
.data
; *trace_data_p
; trace_data_p
= &(*trace_data_p
)->next
)
2533 *trace_data_p
= malloc(sizeof(struct xscale_trace_data
));
2534 (*trace_data_p
)->next
= NULL
;
2535 (*trace_data_p
)->chkpt0
= trace_buffer
[256];
2536 (*trace_data_p
)->chkpt1
= trace_buffer
[257];
2537 (*trace_data_p
)->last_instruction
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
2538 (*trace_data_p
)->entries
= malloc(sizeof(struct xscale_trace_entry
) * (256 - j
));
2539 (*trace_data_p
)->depth
= 256 - j
;
2541 for (i
= j
; i
< 256; i
++)
2543 (*trace_data_p
)->entries
[i
- j
].data
= trace_buffer
[i
];
2545 (*trace_data_p
)->entries
[i
- j
].type
= XSCALE_TRACE_ADDRESS
;
2547 (*trace_data_p
)->entries
[i
- j
].type
= XSCALE_TRACE_MESSAGE
;
2553 static int xscale_read_instruction(struct target
*target
,
2554 struct arm_instruction
*instruction
)
2556 struct xscale_common
*xscale
= target_to_xscale(target
);
2563 if (!xscale
->trace
.image
)
2564 return ERROR_TRACE_IMAGE_UNAVAILABLE
;
2566 /* search for the section the current instruction belongs to */
2567 for (i
= 0; i
< xscale
->trace
.image
->num_sections
; i
++)
2569 if ((xscale
->trace
.image
->sections
[i
].base_address
<= xscale
->trace
.current_pc
) &&
2570 (xscale
->trace
.image
->sections
[i
].base_address
+ xscale
->trace
.image
->sections
[i
].size
> xscale
->trace
.current_pc
))
2579 /* current instruction couldn't be found in the image */
2580 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE
;
2583 if (xscale
->trace
.core_state
== ARMV4_5_STATE_ARM
)
2586 if ((retval
= image_read_section(xscale
->trace
.image
, section
,
2587 xscale
->trace
.current_pc
- xscale
->trace
.image
->sections
[section
].base_address
,
2588 4, buf
, &size_read
)) != ERROR_OK
)
2590 LOG_ERROR("error while reading instruction: %i", retval
);
2591 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE
;
2593 opcode
= target_buffer_get_u32(target
, buf
);
2594 arm_evaluate_opcode(opcode
, xscale
->trace
.current_pc
, instruction
);
2596 else if (xscale
->trace
.core_state
== ARMV4_5_STATE_THUMB
)
2599 if ((retval
= image_read_section(xscale
->trace
.image
, section
,
2600 xscale
->trace
.current_pc
- xscale
->trace
.image
->sections
[section
].base_address
,
2601 2, buf
, &size_read
)) != ERROR_OK
)
2603 LOG_ERROR("error while reading instruction: %i", retval
);
2604 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE
;
2606 opcode
= target_buffer_get_u16(target
, buf
);
2607 thumb_evaluate_opcode(opcode
, xscale
->trace
.current_pc
, instruction
);
2611 LOG_ERROR("BUG: unknown core state encountered");
2618 static int xscale_branch_address(struct xscale_trace_data
*trace_data
,
2619 int i
, uint32_t *target
)
2621 /* if there are less than four entries prior to the indirect branch message
2622 * we can't extract the address */
2628 *target
= (trace_data
->entries
[i
-1].data
) | (trace_data
->entries
[i
-2].data
<< 8) |
2629 (trace_data
->entries
[i
-3].data
<< 16) | (trace_data
->entries
[i
-4].data
<< 24);
2634 static int xscale_analyze_trace(struct target
*target
, struct command_context
*cmd_ctx
)
2636 struct xscale_common
*xscale
= target_to_xscale(target
);
2638 uint32_t next_pc
= 0x0;
2639 struct xscale_trace_data
*trace_data
= xscale
->trace
.data
;
2648 xscale
->trace
.core_state
= ARMV4_5_STATE_ARM
;
2653 for (i
= 0; i
< trace_data
->depth
; i
++)
2659 if (trace_data
->entries
[i
].type
== XSCALE_TRACE_ADDRESS
)
2662 switch ((trace_data
->entries
[i
].data
& 0xf0) >> 4)
2664 case 0: /* Exceptions */
2672 exception
= (trace_data
->entries
[i
].data
& 0x70) >> 4;
2674 next_pc
= (trace_data
->entries
[i
].data
& 0xf0) >> 2;
2675 command_print(cmd_ctx
, "--- exception %i ---", (trace_data
->entries
[i
].data
& 0xf0) >> 4);
2677 case 8: /* Direct Branch */
2680 case 9: /* Indirect Branch */
2682 if (xscale_branch_address(trace_data
, i
, &next_pc
) == 0)
2687 case 13: /* Checkpointed Indirect Branch */
2688 if (xscale_branch_address(trace_data
, i
, &next_pc
) == 0)
2691 if (((chkpt
== 0) && (next_pc
!= trace_data
->chkpt0
))
2692 || ((chkpt
== 1) && (next_pc
!= trace_data
->chkpt1
)))
2693 LOG_WARNING("checkpointed indirect branch target address doesn't match checkpoint");
2695 /* explicit fall-through */
2696 case 12: /* Checkpointed Direct Branch */
2701 next_pc
= trace_data
->chkpt0
;
2704 else if (chkpt
== 1)
2707 next_pc
= trace_data
->chkpt0
;
2712 LOG_WARNING("more than two checkpointed branches encountered");
2715 case 15: /* Roll-over */
2718 default: /* Reserved */
2719 command_print(cmd_ctx
, "--- reserved trace message ---");
2720 LOG_ERROR("BUG: trace message %i is reserved", (trace_data
->entries
[i
].data
& 0xf0) >> 4);
2724 if (xscale
->trace
.pc_ok
)
2726 int executed
= (trace_data
->entries
[i
].data
& 0xf) + rollover
* 16;
2727 struct arm_instruction instruction
;
2729 if ((exception
== 6) || (exception
== 7))
2731 /* IRQ or FIQ exception, no instruction executed */
2735 while (executed
-- >= 0)
2737 if ((retval
= xscale_read_instruction(target
, &instruction
)) != ERROR_OK
)
2739 /* can't continue tracing with no image available */
2740 if (retval
== ERROR_TRACE_IMAGE_UNAVAILABLE
)
2744 else if (retval
== ERROR_TRACE_INSTRUCTION_UNAVAILABLE
)
2746 /* TODO: handle incomplete images */
2750 /* a precise abort on a load to the PC is included in the incremental
2751 * word count, other instructions causing data aborts are not included
2753 if ((executed
== 0) && (exception
== 4)
2754 && ((instruction
.type
>= ARM_LDR
) && (instruction
.type
<= ARM_LDM
)))
2756 if ((instruction
.type
== ARM_LDM
)
2757 && ((instruction
.info
.load_store_multiple
.register_list
& 0x8000) == 0))
2761 else if (((instruction
.type
>= ARM_LDR
) && (instruction
.type
<= ARM_LDRSH
))
2762 && (instruction
.info
.load_store
.Rd
!= 15))
2768 /* only the last instruction executed
2769 * (the one that caused the control flow change)
2770 * could be a taken branch
2772 if (((executed
== -1) && (branch
== 1)) &&
2773 (((instruction
.type
== ARM_B
) ||
2774 (instruction
.type
== ARM_BL
) ||
2775 (instruction
.type
== ARM_BLX
)) &&
2776 (instruction
.info
.b_bl_bx_blx
.target_address
!= 0xffffffff)))
2778 xscale
->trace
.current_pc
= instruction
.info
.b_bl_bx_blx
.target_address
;
2782 xscale
->trace
.current_pc
+= (xscale
->trace
.core_state
== ARMV4_5_STATE_ARM
) ? 4 : 2;
2784 command_print(cmd_ctx
, "%s", instruction
.text
);
2792 xscale
->trace
.current_pc
= next_pc
;
2793 xscale
->trace
.pc_ok
= 1;
2797 for (; xscale
->trace
.current_pc
< trace_data
->last_instruction
; xscale
->trace
.current_pc
+= (xscale
->trace
.core_state
== ARMV4_5_STATE_ARM
) ? 4 : 2)
2799 struct arm_instruction instruction
;
2800 if ((retval
= xscale_read_instruction(target
, &instruction
)) != ERROR_OK
)
2802 /* can't continue tracing with no image available */
2803 if (retval
== ERROR_TRACE_IMAGE_UNAVAILABLE
)
2807 else if (retval
== ERROR_TRACE_INSTRUCTION_UNAVAILABLE
)
2809 /* TODO: handle incomplete images */
2812 command_print(cmd_ctx
, "%s", instruction
.text
);
2815 trace_data
= trace_data
->next
;
2821 static void xscale_build_reg_cache(struct target
*target
)
2823 struct xscale_common
*xscale
= target_to_xscale(target
);
2824 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
2825 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
2826 struct xscale_reg
*arch_info
= malloc(sizeof(xscale_reg_arch_info
));
2828 int num_regs
= sizeof(xscale_reg_arch_info
) / sizeof(struct xscale_reg
);
2830 (*cache_p
) = armv4_5_build_reg_cache(target
, armv4_5
);
2831 armv4_5
->core_cache
= (*cache_p
);
2833 /* register a register arch-type for XScale dbg registers only once */
2834 if (xscale_reg_arch_type
== -1)
2835 xscale_reg_arch_type
= register_reg_arch_type(xscale_get_reg
, xscale_set_reg
);
2837 (*cache_p
)->next
= malloc(sizeof(struct reg_cache
));
2838 cache_p
= &(*cache_p
)->next
;
2840 /* fill in values for the xscale reg cache */
2841 (*cache_p
)->name
= "XScale registers";
2842 (*cache_p
)->next
= NULL
;
2843 (*cache_p
)->reg_list
= malloc(num_regs
* sizeof(struct reg
));
2844 (*cache_p
)->num_regs
= num_regs
;
2846 for (i
= 0; i
< num_regs
; i
++)
2848 (*cache_p
)->reg_list
[i
].name
= xscale_reg_list
[i
];
2849 (*cache_p
)->reg_list
[i
].value
= calloc(4, 1);
2850 (*cache_p
)->reg_list
[i
].dirty
= 0;
2851 (*cache_p
)->reg_list
[i
].valid
= 0;
2852 (*cache_p
)->reg_list
[i
].size
= 32;
2853 (*cache_p
)->reg_list
[i
].arch_info
= &arch_info
[i
];
2854 (*cache_p
)->reg_list
[i
].arch_type
= xscale_reg_arch_type
;
2855 arch_info
[i
] = xscale_reg_arch_info
[i
];
2856 arch_info
[i
].target
= target
;
2859 xscale
->reg_cache
= (*cache_p
);
2862 static int xscale_init_target(struct command_context
*cmd_ctx
,
2863 struct target
*target
)
2865 xscale_build_reg_cache(target
);
2869 static int xscale_init_arch_info(struct target
*target
,
2870 struct xscale_common
*xscale
, struct jtag_tap
*tap
, const char *variant
)
2872 struct arm
*armv4_5
;
2873 uint32_t high_reset_branch
, low_reset_branch
;
2876 armv4_5
= &xscale
->armv4_5_common
;
2878 /* store architecture specfic data (none so far) */
2879 xscale
->common_magic
= XSCALE_COMMON_MAGIC
;
2881 /* we don't really *need* variant info ... */
2885 if (strcmp(variant
, "pxa250") == 0
2886 || strcmp(variant
, "pxa255") == 0
2887 || strcmp(variant
, "pxa26x") == 0)
2889 else if (strcmp(variant
, "pxa27x") == 0
2890 || strcmp(variant
, "ixp42x") == 0
2891 || strcmp(variant
, "ixp45x") == 0
2892 || strcmp(variant
, "ixp46x") == 0)
2895 LOG_WARNING("%s: unrecognized variant %s",
2896 tap
->dotted_name
, variant
);
2898 if (ir_length
&& ir_length
!= tap
->ir_length
) {
2899 LOG_WARNING("%s: IR length for %s is %d; fixing",
2900 tap
->dotted_name
, variant
, ir_length
);
2901 tap
->ir_length
= ir_length
;
2905 /* the debug handler isn't installed (and thus not running) at this time */
2906 xscale
->handler_address
= 0xfe000800;
2908 /* clear the vectors we keep locally for reference */
2909 memset(xscale
->low_vectors
, 0, sizeof(xscale
->low_vectors
));
2910 memset(xscale
->high_vectors
, 0, sizeof(xscale
->high_vectors
));
2912 /* no user-specified vectors have been configured yet */
2913 xscale
->static_low_vectors_set
= 0x0;
2914 xscale
->static_high_vectors_set
= 0x0;
2916 /* calculate branches to debug handler */
2917 low_reset_branch
= (xscale
->handler_address
+ 0x20 - 0x0 - 0x8) >> 2;
2918 high_reset_branch
= (xscale
->handler_address
+ 0x20 - 0xffff0000 - 0x8) >> 2;
2920 xscale
->low_vectors
[0] = ARMV4_5_B((low_reset_branch
& 0xffffff), 0);
2921 xscale
->high_vectors
[0] = ARMV4_5_B((high_reset_branch
& 0xffffff), 0);
2923 for (i
= 1; i
<= 7; i
++)
2925 xscale
->low_vectors
[i
] = ARMV4_5_B(0xfffffe, 0);
2926 xscale
->high_vectors
[i
] = ARMV4_5_B(0xfffffe, 0);
2929 /* 64kB aligned region used for DCache cleaning */
2930 xscale
->cache_clean_address
= 0xfffe0000;
2932 xscale
->hold_rst
= 0;
2933 xscale
->external_debug_break
= 0;
2935 xscale
->ibcr_available
= 2;
2936 xscale
->ibcr0_used
= 0;
2937 xscale
->ibcr1_used
= 0;
2939 xscale
->dbr_available
= 2;
2940 xscale
->dbr0_used
= 0;
2941 xscale
->dbr1_used
= 0;
2943 xscale
->arm_bkpt
= ARMV5_BKPT(0x0);
2944 xscale
->thumb_bkpt
= ARMV5_T_BKPT(0x0) & 0xffff;
2946 xscale
->vector_catch
= 0x1;
2948 xscale
->trace
.capture_status
= TRACE_IDLE
;
2949 xscale
->trace
.data
= NULL
;
2950 xscale
->trace
.image
= NULL
;
2951 xscale
->trace
.buffer_enabled
= 0;
2952 xscale
->trace
.buffer_fill
= 0;
2954 /* prepare ARMv4/5 specific information */
2955 armv4_5
->arch_info
= xscale
;
2956 armv4_5
->read_core_reg
= xscale_read_core_reg
;
2957 armv4_5
->write_core_reg
= xscale_write_core_reg
;
2958 armv4_5
->full_context
= xscale_full_context
;
2960 armv4_5_init_arch_info(target
, armv4_5
);
2962 xscale
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
2963 xscale
->armv4_5_mmu
.get_ttb
= xscale_get_ttb
;
2964 xscale
->armv4_5_mmu
.read_memory
= xscale_read_memory
;
2965 xscale
->armv4_5_mmu
.write_memory
= xscale_write_memory
;
2966 xscale
->armv4_5_mmu
.disable_mmu_caches
= xscale_disable_mmu_caches
;
2967 xscale
->armv4_5_mmu
.enable_mmu_caches
= xscale_enable_mmu_caches
;
2968 xscale
->armv4_5_mmu
.has_tiny_pages
= 1;
2969 xscale
->armv4_5_mmu
.mmu_enabled
= 0;
2974 static int xscale_target_create(struct target
*target
, Jim_Interp
*interp
)
2976 struct xscale_common
*xscale
;
2978 if (sizeof xscale_debug_handler
- 1 > 0x800) {
2979 LOG_ERROR("debug_handler.bin: larger than 2kb");
2983 xscale
= calloc(1, sizeof(*xscale
));
2987 return xscale_init_arch_info(target
, xscale
, target
->tap
,
2991 COMMAND_HANDLER(xscale_handle_debug_handler_command
)
2993 struct target
*target
= NULL
;
2994 struct xscale_common
*xscale
;
2996 uint32_t handler_address
;
3000 LOG_ERROR("'xscale debug_handler <target#> <address>' command takes two required operands");
3004 if ((target
= get_target(args
[0])) == NULL
)
3006 LOG_ERROR("target '%s' not defined", args
[0]);
3010 xscale
= target_to_xscale(target
);
3011 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3012 if (retval
!= ERROR_OK
)
3015 COMMAND_PARSE_NUMBER(u32
, args
[1], handler_address
);
3017 if (((handler_address
>= 0x800) && (handler_address
<= 0x1fef800)) ||
3018 ((handler_address
>= 0xfe000800) && (handler_address
<= 0xfffff800)))
3020 xscale
->handler_address
= handler_address
;
3024 LOG_ERROR("xscale debug_handler <address> must be between 0x800 and 0x1fef800 or between 0xfe000800 and 0xfffff800");
3031 COMMAND_HANDLER(xscale_handle_cache_clean_address_command
)
3033 struct target
*target
= NULL
;
3034 struct xscale_common
*xscale
;
3036 uint32_t cache_clean_address
;
3040 return ERROR_COMMAND_SYNTAX_ERROR
;
3043 target
= get_target(args
[0]);
3046 LOG_ERROR("target '%s' not defined", args
[0]);
3049 xscale
= target_to_xscale(target
);
3050 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3051 if (retval
!= ERROR_OK
)
3054 COMMAND_PARSE_NUMBER(u32
, args
[1], cache_clean_address
);
3056 if (cache_clean_address
& 0xffff)
3058 LOG_ERROR("xscale cache_clean_address <address> must be 64kb aligned");
3062 xscale
->cache_clean_address
= cache_clean_address
;
3068 COMMAND_HANDLER(xscale_handle_cache_info_command
)
3070 struct target
*target
= get_current_target(cmd_ctx
);
3071 struct xscale_common
*xscale
= target_to_xscale(target
);
3074 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3075 if (retval
!= ERROR_OK
)
3078 return armv4_5_handle_cache_info_command(cmd_ctx
, &xscale
->armv4_5_mmu
.armv4_5_cache
);
3081 static int xscale_virt2phys(struct target
*target
,
3082 uint32_t virtual, uint32_t *physical
)
3084 struct xscale_common
*xscale
= target_to_xscale(target
);
3090 if (xscale
->common_magic
!= XSCALE_COMMON_MAGIC
) {
3091 LOG_ERROR(xscale_not
);
3092 return ERROR_TARGET_INVALID
;
3095 uint32_t ret
= armv4_5_mmu_translate_va(target
, &xscale
->armv4_5_mmu
, virtual, &type
, &cb
, &domain
, &ap
);
3104 static int xscale_mmu(struct target
*target
, int *enabled
)
3106 struct xscale_common
*xscale
= target_to_xscale(target
);
3108 if (target
->state
!= TARGET_HALTED
)
3110 LOG_ERROR("Target not halted");
3111 return ERROR_TARGET_INVALID
;
3113 *enabled
= xscale
->armv4_5_mmu
.mmu_enabled
;
3117 COMMAND_HANDLER(xscale_handle_mmu_command
)
3119 struct target
*target
= get_current_target(cmd_ctx
);
3120 struct xscale_common
*xscale
= target_to_xscale(target
);
3123 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3124 if (retval
!= ERROR_OK
)
3127 if (target
->state
!= TARGET_HALTED
)
3129 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3135 if (strcmp("enable", args
[0]) == 0)
3137 xscale_enable_mmu_caches(target
, 1, 0, 0);
3138 xscale
->armv4_5_mmu
.mmu_enabled
= 1;
3140 else if (strcmp("disable", args
[0]) == 0)
3142 xscale_disable_mmu_caches(target
, 1, 0, 0);
3143 xscale
->armv4_5_mmu
.mmu_enabled
= 0;
3147 command_print(cmd_ctx
, "mmu %s", (xscale
->armv4_5_mmu
.mmu_enabled
) ? "enabled" : "disabled");
3152 COMMAND_HANDLER(xscale_handle_idcache_command
)
3154 struct target
*target
= get_current_target(cmd_ctx
);
3155 struct xscale_common
*xscale
= target_to_xscale(target
);
3156 int icache
= 0, dcache
= 0;
3159 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3160 if (retval
!= ERROR_OK
)
3163 if (target
->state
!= TARGET_HALTED
)
3165 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3169 if (strcmp(CMD_NAME
, "icache") == 0)
3171 else if (strcmp(CMD_NAME
, "dcache") == 0)
3176 if (strcmp("enable", args
[0]) == 0)
3178 xscale_enable_mmu_caches(target
, 0, dcache
, icache
);
3181 xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 1;
3183 xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 1;
3185 else if (strcmp("disable", args
[0]) == 0)
3187 xscale_disable_mmu_caches(target
, 0, dcache
, icache
);
3190 xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
3192 xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
3197 command_print(cmd_ctx
, "icache %s", (xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
) ? "enabled" : "disabled");
3200 command_print(cmd_ctx
, "dcache %s", (xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
) ? "enabled" : "disabled");
3205 COMMAND_HANDLER(xscale_handle_vector_catch_command
)
3207 struct target
*target
= get_current_target(cmd_ctx
);
3208 struct xscale_common
*xscale
= target_to_xscale(target
);
3211 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3212 if (retval
!= ERROR_OK
)
3217 command_print(cmd_ctx
, "usage: xscale vector_catch [mask]");
3221 COMMAND_PARSE_NUMBER(u8
, args
[0], xscale
->vector_catch
);
3222 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 16, 8, xscale
->vector_catch
);
3223 xscale_write_dcsr(target
, -1, -1);
3226 command_print(cmd_ctx
, "vector catch mask: 0x%2.2x", xscale
->vector_catch
);
3232 COMMAND_HANDLER(xscale_handle_vector_table_command
)
3234 struct target
*target
= get_current_target(cmd_ctx
);
3235 struct xscale_common
*xscale
= target_to_xscale(target
);
3239 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3240 if (retval
!= ERROR_OK
)
3243 if (argc
== 0) /* print current settings */
3247 command_print(cmd_ctx
, "active user-set static vectors:");
3248 for (idx
= 1; idx
< 8; idx
++)
3249 if (xscale
->static_low_vectors_set
& (1 << idx
))
3250 command_print(cmd_ctx
, "low %d: 0x%" PRIx32
, idx
, xscale
->static_low_vectors
[idx
]);
3251 for (idx
= 1; idx
< 8; idx
++)
3252 if (xscale
->static_high_vectors_set
& (1 << idx
))
3253 command_print(cmd_ctx
, "high %d: 0x%" PRIx32
, idx
, xscale
->static_high_vectors
[idx
]);
3262 COMMAND_PARSE_NUMBER(int, args
[1], idx
);
3264 COMMAND_PARSE_NUMBER(u32
, args
[2], vec
);
3266 if (idx
< 1 || idx
>= 8)
3269 if (!err
&& strcmp(args
[0], "low") == 0)
3271 xscale
->static_low_vectors_set
|= (1<<idx
);
3272 xscale
->static_low_vectors
[idx
] = vec
;
3274 else if (!err
&& (strcmp(args
[0], "high") == 0))
3276 xscale
->static_high_vectors_set
|= (1<<idx
);
3277 xscale
->static_high_vectors
[idx
] = vec
;
3284 command_print(cmd_ctx
, "usage: xscale vector_table <high|low> <index> <code>");
3290 COMMAND_HANDLER(xscale_handle_trace_buffer_command
)
3292 struct target
*target
= get_current_target(cmd_ctx
);
3293 struct xscale_common
*xscale
= target_to_xscale(target
);
3294 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
3295 uint32_t dcsr_value
;
3298 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3299 if (retval
!= ERROR_OK
)
3302 if (target
->state
!= TARGET_HALTED
)
3304 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3308 if ((argc
>= 1) && (strcmp("enable", args
[0]) == 0))
3310 struct xscale_trace_data
*td
, *next_td
;
3311 xscale
->trace
.buffer_enabled
= 1;
3313 /* free old trace data */
3314 td
= xscale
->trace
.data
;
3324 xscale
->trace
.data
= NULL
;
3326 else if ((argc
>= 1) && (strcmp("disable", args
[0]) == 0))
3328 xscale
->trace
.buffer_enabled
= 0;
3331 if ((argc
>= 2) && (strcmp("fill", args
[1]) == 0))
3335 COMMAND_PARSE_NUMBER(u32
, args
[2], fill
);
3336 xscale
->trace
.buffer_fill
= fill
;
3338 else if ((argc
>= 2) && (strcmp("wrap", args
[1]) == 0))
3340 xscale
->trace
.buffer_fill
= -1;
3343 if (xscale
->trace
.buffer_enabled
)
3345 /* if we enable the trace buffer in fill-once
3346 * mode we know the address of the first instruction */
3347 xscale
->trace
.pc_ok
= 1;
3348 xscale
->trace
.current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
3352 /* otherwise the address is unknown, and we have no known good PC */
3353 xscale
->trace
.pc_ok
= 0;
3356 command_print(cmd_ctx
, "trace buffer %s (%s)",
3357 (xscale
->trace
.buffer_enabled
) ? "enabled" : "disabled",
3358 (xscale
->trace
.buffer_fill
> 0) ? "fill" : "wrap");
3360 dcsr_value
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 0, 32);
3361 if (xscale
->trace
.buffer_fill
>= 0)
3362 xscale_write_dcsr_sw(target
, (dcsr_value
& 0xfffffffc) | 2);
3364 xscale_write_dcsr_sw(target
, dcsr_value
& 0xfffffffc);
3369 COMMAND_HANDLER(xscale_handle_trace_image_command
)
3371 struct target
*target
= get_current_target(cmd_ctx
);
3372 struct xscale_common
*xscale
= target_to_xscale(target
);
3377 command_print(cmd_ctx
, "usage: xscale trace_image <file> [base address] [type]");
3381 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3382 if (retval
!= ERROR_OK
)
3385 if (xscale
->trace
.image
)
3387 image_close(xscale
->trace
.image
);
3388 free(xscale
->trace
.image
);
3389 command_print(cmd_ctx
, "previously loaded image found and closed");
3392 xscale
->trace
.image
= malloc(sizeof(struct image
));
3393 xscale
->trace
.image
->base_address_set
= 0;
3394 xscale
->trace
.image
->start_address_set
= 0;
3396 /* a base address isn't always necessary, default to 0x0 (i.e. don't relocate) */
3399 xscale
->trace
.image
->base_address_set
= 1;
3400 COMMAND_PARSE_NUMBER(int, args
[1], xscale
->trace
.image
->base_address
);
3404 xscale
->trace
.image
->base_address_set
= 0;
3407 if (image_open(xscale
->trace
.image
, args
[0], (argc
>= 3) ? args
[2] : NULL
) != ERROR_OK
)
3409 free(xscale
->trace
.image
);
3410 xscale
->trace
.image
= NULL
;
3417 COMMAND_HANDLER(xscale_handle_dump_trace_command
)
3419 struct target
*target
= get_current_target(cmd_ctx
);
3420 struct xscale_common
*xscale
= target_to_xscale(target
);
3421 struct xscale_trace_data
*trace_data
;
3425 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3426 if (retval
!= ERROR_OK
)
3429 if (target
->state
!= TARGET_HALTED
)
3431 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3437 command_print(cmd_ctx
, "usage: xscale dump_trace <file>");
3441 trace_data
= xscale
->trace
.data
;
3445 command_print(cmd_ctx
, "no trace data collected");
3449 if (fileio_open(&file
, args
[0], FILEIO_WRITE
, FILEIO_BINARY
) != ERROR_OK
)
3458 fileio_write_u32(&file
, trace_data
->chkpt0
);
3459 fileio_write_u32(&file
, trace_data
->chkpt1
);
3460 fileio_write_u32(&file
, trace_data
->last_instruction
);
3461 fileio_write_u32(&file
, trace_data
->depth
);
3463 for (i
= 0; i
< trace_data
->depth
; i
++)
3464 fileio_write_u32(&file
, trace_data
->entries
[i
].data
| ((trace_data
->entries
[i
].type
& 0xffff) << 16));
3466 trace_data
= trace_data
->next
;
3469 fileio_close(&file
);
3474 COMMAND_HANDLER(xscale_handle_analyze_trace_buffer_command
)
3476 struct target
*target
= get_current_target(cmd_ctx
);
3477 struct xscale_common
*xscale
= target_to_xscale(target
);
3480 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3481 if (retval
!= ERROR_OK
)
3484 xscale_analyze_trace(target
, cmd_ctx
);
3489 COMMAND_HANDLER(xscale_handle_cp15
)
3491 struct target
*target
= get_current_target(cmd_ctx
);
3492 struct xscale_common
*xscale
= target_to_xscale(target
);
3495 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3496 if (retval
!= ERROR_OK
)
3499 if (target
->state
!= TARGET_HALTED
)
3501 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3504 uint32_t reg_no
= 0;
3505 struct reg
*reg
= NULL
;
3508 COMMAND_PARSE_NUMBER(u32
, args
[0], reg_no
);
3509 /*translate from xscale cp15 register no to openocd register*/
3513 reg_no
= XSCALE_MAINID
;
3516 reg_no
= XSCALE_CTRL
;
3519 reg_no
= XSCALE_TTB
;
3522 reg_no
= XSCALE_DAC
;
3525 reg_no
= XSCALE_FSR
;
3528 reg_no
= XSCALE_FAR
;
3531 reg_no
= XSCALE_PID
;
3534 reg_no
= XSCALE_CPACCESS
;
3537 command_print(cmd_ctx
, "invalid register number");
3538 return ERROR_INVALID_ARGUMENTS
;
3540 reg
= &xscale
->reg_cache
->reg_list
[reg_no
];
3547 /* read cp15 control register */
3548 xscale_get_reg(reg
);
3549 value
= buf_get_u32(reg
->value
, 0, 32);
3550 command_print(cmd_ctx
, "%s (/%i): 0x%" PRIx32
"", reg
->name
, (int)(reg
->size
), value
);
3555 COMMAND_PARSE_NUMBER(u32
, args
[1], value
);
3557 /* send CP write request (command 0x41) */
3558 xscale_send_u32(target
, 0x41);
3560 /* send CP register number */
3561 xscale_send_u32(target
, reg_no
);
3563 /* send CP register value */
3564 xscale_send_u32(target
, value
);
3566 /* execute cpwait to ensure outstanding operations complete */
3567 xscale_send_u32(target
, 0x53);
3571 command_print(cmd_ctx
, "usage: cp15 [register]<, [value]>");
3577 static int xscale_register_commands(struct command_context
*cmd_ctx
)
3579 struct command
*xscale_cmd
;
3581 xscale_cmd
= register_command(cmd_ctx
, NULL
, "xscale", NULL
, COMMAND_ANY
, "xscale specific commands");
3583 register_command(cmd_ctx
, xscale_cmd
, "debug_handler", xscale_handle_debug_handler_command
, COMMAND_ANY
, "'xscale debug_handler <target#> <address>' command takes two required operands");
3584 register_command(cmd_ctx
, xscale_cmd
, "cache_clean_address", xscale_handle_cache_clean_address_command
, COMMAND_ANY
, NULL
);
3586 register_command(cmd_ctx
, xscale_cmd
, "cache_info", xscale_handle_cache_info_command
, COMMAND_EXEC
, NULL
);
3587 register_command(cmd_ctx
, xscale_cmd
, "mmu", xscale_handle_mmu_command
, COMMAND_EXEC
, "['enable'|'disable'] the MMU");
3588 register_command(cmd_ctx
, xscale_cmd
, "icache", xscale_handle_idcache_command
, COMMAND_EXEC
, "['enable'|'disable'] the ICache");
3589 register_command(cmd_ctx
, xscale_cmd
, "dcache", xscale_handle_idcache_command
, COMMAND_EXEC
, "['enable'|'disable'] the DCache");
3591 register_command(cmd_ctx
, xscale_cmd
, "vector_catch", xscale_handle_vector_catch_command
, COMMAND_EXEC
, "<mask> of vectors that should be catched");
3592 register_command(cmd_ctx
, xscale_cmd
, "vector_table", xscale_handle_vector_table_command
, COMMAND_EXEC
, "<high|low> <index> <code> set static code for exception handler entry");
3594 register_command(cmd_ctx
, xscale_cmd
, "trace_buffer", xscale_handle_trace_buffer_command
, COMMAND_EXEC
, "<enable | disable> ['fill' [n]|'wrap']");
3596 register_command(cmd_ctx
, xscale_cmd
, "dump_trace", xscale_handle_dump_trace_command
, COMMAND_EXEC
, "dump content of trace buffer to <file>");
3597 register_command(cmd_ctx
, xscale_cmd
, "analyze_trace", xscale_handle_analyze_trace_buffer_command
, COMMAND_EXEC
, "analyze content of trace buffer");
3598 register_command(cmd_ctx
, xscale_cmd
, "trace_image", xscale_handle_trace_image_command
,
3599 COMMAND_EXEC
, "load image from <file> [base address]");
3601 register_command(cmd_ctx
, xscale_cmd
, "cp15", xscale_handle_cp15
, COMMAND_EXEC
, "access coproc 15 <register> [value]");
3603 armv4_5_register_commands(cmd_ctx
);
3608 struct target_type xscale_target
=
3612 .poll
= xscale_poll
,
3613 .arch_state
= xscale_arch_state
,
3615 .target_request_data
= NULL
,
3617 .halt
= xscale_halt
,
3618 .resume
= xscale_resume
,
3619 .step
= xscale_step
,
3621 .assert_reset
= xscale_assert_reset
,
3622 .deassert_reset
= xscale_deassert_reset
,
3623 .soft_reset_halt
= NULL
,
3625 .get_gdb_reg_list
= armv4_5_get_gdb_reg_list
,
3627 .read_memory
= xscale_read_memory
,
3628 .write_memory
= xscale_write_memory
,
3629 .bulk_write_memory
= xscale_bulk_write_memory
,
3631 .checksum_memory
= arm_checksum_memory
,
3632 .blank_check_memory
= arm_blank_check_memory
,
3634 .run_algorithm
= armv4_5_run_algorithm
,
3636 .add_breakpoint
= xscale_add_breakpoint
,
3637 .remove_breakpoint
= xscale_remove_breakpoint
,
3638 .add_watchpoint
= xscale_add_watchpoint
,
3639 .remove_watchpoint
= xscale_remove_watchpoint
,
3641 .register_commands
= xscale_register_commands
,
3642 .target_create
= xscale_target_create
,
3643 .init_target
= xscale_init_target
,
3645 .virt2phys
= xscale_virt2phys
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)