1 /***************************************************************************
2 * Copyright (C) 2006, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2009 Michael Schwingen *
9 * michael@schwingen.org *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
30 #include "breakpoints.h"
32 #include "target_type.h"
33 #include "arm7_9_common.h"
34 #include "arm_simulator.h"
35 #include "arm_disassembler.h"
36 #include "time_support.h"
42 * Important XScale documents available as of October 2009 include:
44 * Intel XScale® Core Developer’s Manual, January 2004
45 * Order Number: 273473-002
46 * This has a chapter detailing debug facilities, and punts some
47 * details to chip-specific microarchitecture documents.
49 * Hot-Debug for Intel XScale® Core Debug White Paper, May 2005
50 * Document Number: 273539-005
51 * Less detailed than the developer's manual, but summarizes those
52 * missing details (for most XScales) and gives LOTS of notes about
53 * debugger/handler interaction issues. Presents a simpler reset
54 * and load-handler sequence than the arch doc. (Note, OpenOCD
55 * doesn't currently support "Hot-Debug" as defined there.)
57 * Chip-specific microarchitecture documents may also be useful.
61 /* forward declarations */
62 static int xscale_resume(struct target
*, int current
,
63 uint32_t address
, int handle_breakpoints
, int debug_execution
);
64 static int xscale_debug_entry(struct target
*);
65 static int xscale_restore_context(struct target
*);
66 static int xscale_get_reg(struct reg
*reg
);
67 static int xscale_set_reg(struct reg
*reg
, uint8_t *buf
);
68 static int xscale_set_breakpoint(struct target
*, struct breakpoint
*);
69 static int xscale_set_watchpoint(struct target
*, struct watchpoint
*);
70 static int xscale_unset_breakpoint(struct target
*, struct breakpoint
*);
71 static int xscale_read_trace(struct target
*);
74 /* This XScale "debug handler" is loaded into the processor's
75 * mini-ICache, which is 2K of code writable only via JTAG.
77 * FIXME the OpenOCD "bin2char" utility currently doesn't handle
78 * binary files cleanly. It's string oriented, and terminates them
79 * with a NUL character. Better would be to generate the constants
80 * and let other code decide names, scoping, and other housekeeping.
82 static /* unsigned const char xscale_debug_handler[] = ... */
83 #include "xscale_debug.h"
85 static char *const xscale_reg_list
[] =
87 "XSCALE_MAINID", /* 0 */
97 "XSCALE_IBCR0", /* 10 */
107 "XSCALE_RX", /* 20 */
111 static const struct xscale_reg xscale_reg_arch_info
[] =
113 {XSCALE_MAINID
, NULL
},
114 {XSCALE_CACHETYPE
, NULL
},
116 {XSCALE_AUXCTRL
, NULL
},
122 {XSCALE_CPACCESS
, NULL
},
123 {XSCALE_IBCR0
, NULL
},
124 {XSCALE_IBCR1
, NULL
},
127 {XSCALE_DBCON
, NULL
},
128 {XSCALE_TBREG
, NULL
},
129 {XSCALE_CHKPT0
, NULL
},
130 {XSCALE_CHKPT1
, NULL
},
131 {XSCALE_DCSR
, NULL
}, /* DCSR accessed via JTAG or SW */
132 {-1, NULL
}, /* TX accessed via JTAG */
133 {-1, NULL
}, /* RX accessed via JTAG */
134 {-1, NULL
}, /* TXRXCTRL implicit access via JTAG */
137 static int xscale_reg_arch_type
= -1;
139 /* convenience wrapper to access XScale specific registers */
140 static int xscale_set_reg_u32(struct reg
*reg
, uint32_t value
)
144 buf_set_u32(buf
, 0, 32, value
);
146 return xscale_set_reg(reg
, buf
);
149 static const char xscale_not
[] = "target is not an XScale";
151 static int xscale_verify_pointer(struct command_context
*cmd_ctx
,
152 struct xscale_common
*xscale
)
154 if (xscale
->common_magic
!= XSCALE_COMMON_MAGIC
) {
155 command_print(cmd_ctx
, xscale_not
);
156 return ERROR_TARGET_INVALID
;
161 static int xscale_jtag_set_instr(struct jtag_tap
*tap
, uint32_t new_instr
)
166 if (buf_get_u32(tap
->cur_instr
, 0, tap
->ir_length
) != new_instr
)
168 struct scan_field field
;
171 memset(&field
, 0, sizeof field
);
173 field
.num_bits
= tap
->ir_length
;
174 field
.out_value
= scratch
;
175 buf_set_u32(field
.out_value
, 0, field
.num_bits
, new_instr
);
177 jtag_add_ir_scan(1, &field
, jtag_get_end_state());
183 static int xscale_read_dcsr(struct target
*target
)
185 struct xscale_common
*xscale
= target_to_xscale(target
);
187 struct scan_field fields
[3];
188 uint8_t field0
= 0x0;
189 uint8_t field0_check_value
= 0x2;
190 uint8_t field0_check_mask
= 0x7;
191 uint8_t field2
= 0x0;
192 uint8_t field2_check_value
= 0x0;
193 uint8_t field2_check_mask
= 0x1;
195 jtag_set_end_state(TAP_DRPAUSE
);
196 xscale_jtag_set_instr(target
->tap
, XSCALE_SELDCSR
);
198 buf_set_u32(&field0
, 1, 1, xscale
->hold_rst
);
199 buf_set_u32(&field0
, 2, 1, xscale
->external_debug_break
);
201 memset(&fields
, 0, sizeof fields
);
203 fields
[0].tap
= target
->tap
;
204 fields
[0].num_bits
= 3;
205 fields
[0].out_value
= &field0
;
207 fields
[0].in_value
= &tmp
;
209 fields
[1].tap
= target
->tap
;
210 fields
[1].num_bits
= 32;
211 fields
[1].in_value
= xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
;
213 fields
[2].tap
= target
->tap
;
214 fields
[2].num_bits
= 1;
215 fields
[2].out_value
= &field2
;
217 fields
[2].in_value
= &tmp2
;
219 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
221 jtag_check_value_mask(fields
+ 0, &field0_check_value
, &field0_check_mask
);
222 jtag_check_value_mask(fields
+ 2, &field2_check_value
, &field2_check_mask
);
224 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
226 LOG_ERROR("JTAG error while reading DCSR");
230 xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].dirty
= 0;
231 xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].valid
= 1;
233 /* write the register with the value we just read
234 * on this second pass, only the first bit of field0 is guaranteed to be 0)
236 field0_check_mask
= 0x1;
237 fields
[1].out_value
= xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
;
238 fields
[1].in_value
= NULL
;
240 jtag_set_end_state(TAP_IDLE
);
242 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
244 /* DANGER!!! this must be here. It will make sure that the arguments
245 * to jtag_set_check_value() does not go out of scope! */
246 return jtag_execute_queue();
250 static void xscale_getbuf(jtag_callback_data_t arg
)
252 uint8_t *in
= (uint8_t *)arg
;
253 *((uint32_t *)in
) = buf_get_u32(in
, 0, 32);
256 static int xscale_receive(struct target
*target
, uint32_t *buffer
, int num_words
)
259 return ERROR_INVALID_ARGUMENTS
;
261 int retval
= ERROR_OK
;
263 struct scan_field fields
[3];
264 uint8_t *field0
= malloc(num_words
* 1);
265 uint8_t field0_check_value
= 0x2;
266 uint8_t field0_check_mask
= 0x6;
267 uint32_t *field1
= malloc(num_words
* 4);
268 uint8_t field2_check_value
= 0x0;
269 uint8_t field2_check_mask
= 0x1;
271 int words_scheduled
= 0;
274 path
[0] = TAP_DRSELECT
;
275 path
[1] = TAP_DRCAPTURE
;
276 path
[2] = TAP_DRSHIFT
;
278 memset(&fields
, 0, sizeof fields
);
280 fields
[0].tap
= target
->tap
;
281 fields
[0].num_bits
= 3;
282 fields
[0].check_value
= &field0_check_value
;
283 fields
[0].check_mask
= &field0_check_mask
;
285 fields
[1].tap
= target
->tap
;
286 fields
[1].num_bits
= 32;
288 fields
[2].tap
= target
->tap
;
289 fields
[2].num_bits
= 1;
290 fields
[2].check_value
= &field2_check_value
;
291 fields
[2].check_mask
= &field2_check_mask
;
293 jtag_set_end_state(TAP_IDLE
);
294 xscale_jtag_set_instr(target
->tap
, XSCALE_DBGTX
);
295 jtag_add_runtest(1, jtag_get_end_state()); /* ensures that we're in the TAP_IDLE state as the above could be a no-op */
297 /* repeat until all words have been collected */
299 while (words_done
< num_words
)
303 for (i
= words_done
; i
< num_words
; i
++)
305 fields
[0].in_value
= &field0
[i
];
307 jtag_add_pathmove(3, path
);
309 fields
[1].in_value
= (uint8_t *)(field1
+ i
);
311 jtag_add_dr_scan_check(3, fields
, jtag_set_end_state(TAP_IDLE
));
313 jtag_add_callback(xscale_getbuf
, (jtag_callback_data_t
)(field1
+ i
));
318 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
320 LOG_ERROR("JTAG error while receiving data from debug handler");
324 /* examine results */
325 for (i
= words_done
; i
< num_words
; i
++)
327 if (!(field0
[0] & 1))
329 /* move backwards if necessary */
331 for (j
= i
; j
< num_words
- 1; j
++)
333 field0
[j
] = field0
[j
+ 1];
334 field1
[j
] = field1
[j
+ 1];
339 if (words_scheduled
== 0)
341 if (attempts
++==1000)
343 LOG_ERROR("Failed to receiving data from debug handler after 1000 attempts");
344 retval
= ERROR_TARGET_TIMEOUT
;
349 words_done
+= words_scheduled
;
352 for (i
= 0; i
< num_words
; i
++)
353 *(buffer
++) = buf_get_u32((uint8_t*)&field1
[i
], 0, 32);
360 static int xscale_read_tx(struct target
*target
, int consume
)
362 struct xscale_common
*xscale
= target_to_xscale(target
);
364 tap_state_t noconsume_path
[6];
366 struct timeval timeout
, now
;
367 struct scan_field fields
[3];
368 uint8_t field0_in
= 0x0;
369 uint8_t field0_check_value
= 0x2;
370 uint8_t field0_check_mask
= 0x6;
371 uint8_t field2_check_value
= 0x0;
372 uint8_t field2_check_mask
= 0x1;
374 jtag_set_end_state(TAP_IDLE
);
376 xscale_jtag_set_instr(target
->tap
, XSCALE_DBGTX
);
378 path
[0] = TAP_DRSELECT
;
379 path
[1] = TAP_DRCAPTURE
;
380 path
[2] = TAP_DRSHIFT
;
382 noconsume_path
[0] = TAP_DRSELECT
;
383 noconsume_path
[1] = TAP_DRCAPTURE
;
384 noconsume_path
[2] = TAP_DREXIT1
;
385 noconsume_path
[3] = TAP_DRPAUSE
;
386 noconsume_path
[4] = TAP_DREXIT2
;
387 noconsume_path
[5] = TAP_DRSHIFT
;
389 memset(&fields
, 0, sizeof fields
);
391 fields
[0].tap
= target
->tap
;
392 fields
[0].num_bits
= 3;
393 fields
[0].in_value
= &field0_in
;
395 fields
[1].tap
= target
->tap
;
396 fields
[1].num_bits
= 32;
397 fields
[1].in_value
= xscale
->reg_cache
->reg_list
[XSCALE_TX
].value
;
399 fields
[2].tap
= target
->tap
;
400 fields
[2].num_bits
= 1;
402 fields
[2].in_value
= &tmp
;
404 gettimeofday(&timeout
, NULL
);
405 timeval_add_time(&timeout
, 1, 0);
409 /* if we want to consume the register content (i.e. clear TX_READY),
410 * we have to go straight from Capture-DR to Shift-DR
411 * otherwise, we go from Capture-DR to Exit1-DR to Pause-DR
414 jtag_add_pathmove(3, path
);
417 jtag_add_pathmove(sizeof(noconsume_path
)/sizeof(*noconsume_path
), noconsume_path
);
420 jtag_add_dr_scan(3, fields
, jtag_set_end_state(TAP_IDLE
));
422 jtag_check_value_mask(fields
+ 0, &field0_check_value
, &field0_check_mask
);
423 jtag_check_value_mask(fields
+ 2, &field2_check_value
, &field2_check_mask
);
425 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
427 LOG_ERROR("JTAG error while reading TX");
428 return ERROR_TARGET_TIMEOUT
;
431 gettimeofday(&now
, NULL
);
432 if ((now
.tv_sec
> timeout
.tv_sec
) || ((now
.tv_sec
== timeout
.tv_sec
)&& (now
.tv_usec
> timeout
.tv_usec
)))
434 LOG_ERROR("time out reading TX register");
435 return ERROR_TARGET_TIMEOUT
;
437 if (!((!(field0_in
& 1)) && consume
))
441 if (debug_level
>= 3)
443 LOG_DEBUG("waiting 100ms");
444 alive_sleep(100); /* avoid flooding the logs */
452 if (!(field0_in
& 1))
453 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
458 static int xscale_write_rx(struct target
*target
)
460 struct xscale_common
*xscale
= target_to_xscale(target
);
462 struct timeval timeout
, now
;
463 struct scan_field fields
[3];
464 uint8_t field0_out
= 0x0;
465 uint8_t field0_in
= 0x0;
466 uint8_t field0_check_value
= 0x2;
467 uint8_t field0_check_mask
= 0x6;
468 uint8_t field2
= 0x0;
469 uint8_t field2_check_value
= 0x0;
470 uint8_t field2_check_mask
= 0x1;
472 jtag_set_end_state(TAP_IDLE
);
474 xscale_jtag_set_instr(target
->tap
, XSCALE_DBGRX
);
476 memset(&fields
, 0, sizeof fields
);
478 fields
[0].tap
= target
->tap
;
479 fields
[0].num_bits
= 3;
480 fields
[0].out_value
= &field0_out
;
481 fields
[0].in_value
= &field0_in
;
483 fields
[1].tap
= target
->tap
;
484 fields
[1].num_bits
= 32;
485 fields
[1].out_value
= xscale
->reg_cache
->reg_list
[XSCALE_RX
].value
;
487 fields
[2].tap
= target
->tap
;
488 fields
[2].num_bits
= 1;
489 fields
[2].out_value
= &field2
;
491 fields
[2].in_value
= &tmp
;
493 gettimeofday(&timeout
, NULL
);
494 timeval_add_time(&timeout
, 1, 0);
496 /* poll until rx_read is low */
497 LOG_DEBUG("polling RX");
500 jtag_add_dr_scan(3, fields
, jtag_set_end_state(TAP_IDLE
));
502 jtag_check_value_mask(fields
+ 0, &field0_check_value
, &field0_check_mask
);
503 jtag_check_value_mask(fields
+ 2, &field2_check_value
, &field2_check_mask
);
505 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
507 LOG_ERROR("JTAG error while writing RX");
511 gettimeofday(&now
, NULL
);
512 if ((now
.tv_sec
> timeout
.tv_sec
) || ((now
.tv_sec
== timeout
.tv_sec
)&& (now
.tv_usec
> timeout
.tv_usec
)))
514 LOG_ERROR("time out writing RX register");
515 return ERROR_TARGET_TIMEOUT
;
517 if (!(field0_in
& 1))
519 if (debug_level
>= 3)
521 LOG_DEBUG("waiting 100ms");
522 alive_sleep(100); /* avoid flooding the logs */
532 jtag_add_dr_scan(3, fields
, jtag_set_end_state(TAP_IDLE
));
534 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
536 LOG_ERROR("JTAG error while writing RX");
543 /* send count elements of size byte to the debug handler */
544 static int xscale_send(struct target
*target
, uint8_t *buffer
, int count
, int size
)
551 jtag_set_end_state(TAP_IDLE
);
553 xscale_jtag_set_instr(target
->tap
, XSCALE_DBGRX
);
560 int endianness
= target
->endianness
;
561 while (done_count
++ < count
)
566 if (endianness
== TARGET_LITTLE_ENDIAN
)
568 t
[1]=le_to_h_u32(buffer
);
571 t
[1]=be_to_h_u32(buffer
);
575 if (endianness
== TARGET_LITTLE_ENDIAN
)
577 t
[1]=le_to_h_u16(buffer
);
580 t
[1]=be_to_h_u16(buffer
);
587 LOG_ERROR("BUG: size neither 4, 2 nor 1");
590 jtag_add_dr_out(target
->tap
,
594 jtag_set_end_state(TAP_IDLE
));
598 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
600 LOG_ERROR("JTAG error while sending data to debug handler");
607 static int xscale_send_u32(struct target
*target
, uint32_t value
)
609 struct xscale_common
*xscale
= target_to_xscale(target
);
611 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_RX
].value
, 0, 32, value
);
612 return xscale_write_rx(target
);
615 static int xscale_write_dcsr(struct target
*target
, int hold_rst
, int ext_dbg_brk
)
617 struct xscale_common
*xscale
= target_to_xscale(target
);
619 struct scan_field fields
[3];
620 uint8_t field0
= 0x0;
621 uint8_t field0_check_value
= 0x2;
622 uint8_t field0_check_mask
= 0x7;
623 uint8_t field2
= 0x0;
624 uint8_t field2_check_value
= 0x0;
625 uint8_t field2_check_mask
= 0x1;
628 xscale
->hold_rst
= hold_rst
;
630 if (ext_dbg_brk
!= -1)
631 xscale
->external_debug_break
= ext_dbg_brk
;
633 jtag_set_end_state(TAP_IDLE
);
634 xscale_jtag_set_instr(target
->tap
, XSCALE_SELDCSR
);
636 buf_set_u32(&field0
, 1, 1, xscale
->hold_rst
);
637 buf_set_u32(&field0
, 2, 1, xscale
->external_debug_break
);
639 memset(&fields
, 0, sizeof fields
);
641 fields
[0].tap
= target
->tap
;
642 fields
[0].num_bits
= 3;
643 fields
[0].out_value
= &field0
;
645 fields
[0].in_value
= &tmp
;
647 fields
[1].tap
= target
->tap
;
648 fields
[1].num_bits
= 32;
649 fields
[1].out_value
= xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
;
651 fields
[2].tap
= target
->tap
;
652 fields
[2].num_bits
= 1;
653 fields
[2].out_value
= &field2
;
655 fields
[2].in_value
= &tmp2
;
657 jtag_add_dr_scan(3, fields
, jtag_get_end_state());
659 jtag_check_value_mask(fields
+ 0, &field0_check_value
, &field0_check_mask
);
660 jtag_check_value_mask(fields
+ 2, &field2_check_value
, &field2_check_mask
);
662 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
664 LOG_ERROR("JTAG error while writing DCSR");
668 xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].dirty
= 0;
669 xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].valid
= 1;
674 /* parity of the number of bits 0 if even; 1 if odd. for 32 bit words */
675 static unsigned int parity (unsigned int v
)
677 // unsigned int ov = v;
682 // LOG_DEBUG("parity of 0x%x is %i", ov, (0x6996 >> v) & 1);
683 return (0x6996 >> v
) & 1;
686 static int xscale_load_ic(struct target
*target
, uint32_t va
, uint32_t buffer
[8])
691 struct scan_field fields
[2];
693 LOG_DEBUG("loading miniIC at 0x%8.8" PRIx32
"", va
);
696 jtag_set_end_state(TAP_IDLE
);
697 xscale_jtag_set_instr(target
->tap
, XSCALE_LDIC
);
699 /* CMD is b011 to load a cacheline into the Mini ICache.
700 * Loading into the main ICache is deprecated, and unused.
701 * It's followed by three zero bits, and 27 address bits.
703 buf_set_u32(&cmd
, 0, 6, 0x3);
705 /* virtual address of desired cache line */
706 buf_set_u32(packet
, 0, 27, va
>> 5);
708 memset(&fields
, 0, sizeof fields
);
710 fields
[0].tap
= target
->tap
;
711 fields
[0].num_bits
= 6;
712 fields
[0].out_value
= &cmd
;
714 fields
[1].tap
= target
->tap
;
715 fields
[1].num_bits
= 27;
716 fields
[1].out_value
= packet
;
718 jtag_add_dr_scan(2, fields
, jtag_get_end_state());
720 /* rest of packet is a cacheline: 8 instructions, with parity */
721 fields
[0].num_bits
= 32;
722 fields
[0].out_value
= packet
;
724 fields
[1].num_bits
= 1;
725 fields
[1].out_value
= &cmd
;
727 for (word
= 0; word
< 8; word
++)
729 buf_set_u32(packet
, 0, 32, buffer
[word
]);
732 memcpy(&value
, packet
, sizeof(uint32_t));
735 jtag_add_dr_scan(2, fields
, jtag_get_end_state());
738 return jtag_execute_queue();
741 static int xscale_invalidate_ic_line(struct target
*target
, uint32_t va
)
745 struct scan_field fields
[2];
747 jtag_set_end_state(TAP_IDLE
);
748 xscale_jtag_set_instr(target
->tap
, XSCALE_LDIC
);
750 /* CMD for invalidate IC line b000, bits [6:4] b000 */
751 buf_set_u32(&cmd
, 0, 6, 0x0);
753 /* virtual address of desired cache line */
754 buf_set_u32(packet
, 0, 27, va
>> 5);
756 memset(&fields
, 0, sizeof fields
);
758 fields
[0].tap
= target
->tap
;
759 fields
[0].num_bits
= 6;
760 fields
[0].out_value
= &cmd
;
762 fields
[1].tap
= target
->tap
;
763 fields
[1].num_bits
= 27;
764 fields
[1].out_value
= packet
;
766 jtag_add_dr_scan(2, fields
, jtag_get_end_state());
771 static int xscale_update_vectors(struct target
*target
)
773 struct xscale_common
*xscale
= target_to_xscale(target
);
777 uint32_t low_reset_branch
, high_reset_branch
;
779 for (i
= 1; i
< 8; i
++)
781 /* if there's a static vector specified for this exception, override */
782 if (xscale
->static_high_vectors_set
& (1 << i
))
784 xscale
->high_vectors
[i
] = xscale
->static_high_vectors
[i
];
788 retval
= target_read_u32(target
, 0xffff0000 + 4*i
, &xscale
->high_vectors
[i
]);
789 if (retval
== ERROR_TARGET_TIMEOUT
)
791 if (retval
!= ERROR_OK
)
793 /* Some of these reads will fail as part of normal execution */
794 xscale
->high_vectors
[i
] = ARMV4_5_B(0xfffffe, 0);
799 for (i
= 1; i
< 8; i
++)
801 if (xscale
->static_low_vectors_set
& (1 << i
))
803 xscale
->low_vectors
[i
] = xscale
->static_low_vectors
[i
];
807 retval
= target_read_u32(target
, 0x0 + 4*i
, &xscale
->low_vectors
[i
]);
808 if (retval
== ERROR_TARGET_TIMEOUT
)
810 if (retval
!= ERROR_OK
)
812 /* Some of these reads will fail as part of normal execution */
813 xscale
->low_vectors
[i
] = ARMV4_5_B(0xfffffe, 0);
818 /* calculate branches to debug handler */
819 low_reset_branch
= (xscale
->handler_address
+ 0x20 - 0x0 - 0x8) >> 2;
820 high_reset_branch
= (xscale
->handler_address
+ 0x20 - 0xffff0000 - 0x8) >> 2;
822 xscale
->low_vectors
[0] = ARMV4_5_B((low_reset_branch
& 0xffffff), 0);
823 xscale
->high_vectors
[0] = ARMV4_5_B((high_reset_branch
& 0xffffff), 0);
825 /* invalidate and load exception vectors in mini i-cache */
826 xscale_invalidate_ic_line(target
, 0x0);
827 xscale_invalidate_ic_line(target
, 0xffff0000);
829 xscale_load_ic(target
, 0x0, xscale
->low_vectors
);
830 xscale_load_ic(target
, 0xffff0000, xscale
->high_vectors
);
835 static int xscale_arch_state(struct target
*target
)
837 struct xscale_common
*xscale
= target_to_xscale(target
);
838 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
840 static const char *state
[] =
842 "disabled", "enabled"
845 static const char *arch_dbg_reason
[] =
847 "", "\n(processor reset)", "\n(trace buffer full)"
850 if (armv4_5
->common_magic
!= ARMV4_5_COMMON_MAGIC
)
852 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
856 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
857 "cpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"\n"
858 "MMU: %s, D-Cache: %s, I-Cache: %s"
860 armv4_5_state_strings
[armv4_5
->core_state
],
861 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
862 armv4_5_mode_strings
[armv4_5_mode_to_number(armv4_5
->core_mode
)],
863 buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32),
864 buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32),
865 state
[xscale
->armv4_5_mmu
.mmu_enabled
],
866 state
[xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
867 state
[xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
],
868 arch_dbg_reason
[xscale
->arch_debug_reason
]);
873 static int xscale_poll(struct target
*target
)
875 int retval
= ERROR_OK
;
877 if ((target
->state
== TARGET_RUNNING
) || (target
->state
== TARGET_DEBUG_RUNNING
))
879 enum target_state previous_state
= target
->state
;
880 if ((retval
= xscale_read_tx(target
, 0)) == ERROR_OK
)
883 /* there's data to read from the tx register, we entered debug state */
884 target
->state
= TARGET_HALTED
;
886 /* process debug entry, fetching current mode regs */
887 retval
= xscale_debug_entry(target
);
889 else if (retval
!= ERROR_TARGET_RESOURCE_NOT_AVAILABLE
)
891 LOG_USER("error while polling TX register, reset CPU");
892 /* here we "lie" so GDB won't get stuck and a reset can be perfomed */
893 target
->state
= TARGET_HALTED
;
896 /* debug_entry could have overwritten target state (i.e. immediate resume)
897 * don't signal event handlers in that case
899 if (target
->state
!= TARGET_HALTED
)
902 /* if target was running, signal that we halted
903 * otherwise we reentered from debug execution */
904 if (previous_state
== TARGET_RUNNING
)
905 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
907 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_HALTED
);
913 static int xscale_debug_entry(struct target
*target
)
915 struct xscale_common
*xscale
= target_to_xscale(target
);
916 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
923 /* clear external dbg break (will be written on next DCSR read) */
924 xscale
->external_debug_break
= 0;
925 if ((retval
= xscale_read_dcsr(target
)) != ERROR_OK
)
928 /* get r0, pc, r1 to r7 and cpsr */
929 if ((retval
= xscale_receive(target
, buffer
, 10)) != ERROR_OK
)
932 /* move r0 from buffer to register cache */
933 buf_set_u32(armv4_5
->core_cache
->reg_list
[0].value
, 0, 32, buffer
[0]);
934 armv4_5
->core_cache
->reg_list
[0].dirty
= 1;
935 armv4_5
->core_cache
->reg_list
[0].valid
= 1;
936 LOG_DEBUG("r0: 0x%8.8" PRIx32
"", buffer
[0]);
938 /* move pc from buffer to register cache */
939 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, buffer
[1]);
940 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
941 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
942 LOG_DEBUG("pc: 0x%8.8" PRIx32
"", buffer
[1]);
944 /* move data from buffer to register cache */
945 for (i
= 1; i
<= 7; i
++)
947 buf_set_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32, buffer
[1 + i
]);
948 armv4_5
->core_cache
->reg_list
[i
].dirty
= 1;
949 armv4_5
->core_cache
->reg_list
[i
].valid
= 1;
950 LOG_DEBUG("r%i: 0x%8.8" PRIx32
"", i
, buffer
[i
+ 1]);
953 buf_set_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32, buffer
[9]);
954 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 1;
955 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
956 LOG_DEBUG("cpsr: 0x%8.8" PRIx32
"", buffer
[9]);
958 armv4_5
->core_mode
= buffer
[9] & 0x1f;
959 if (armv4_5_mode_to_number(armv4_5
->core_mode
) == -1)
961 target
->state
= TARGET_UNKNOWN
;
962 LOG_ERROR("cpsr contains invalid mode value - communication failure");
963 return ERROR_TARGET_FAILURE
;
965 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings
[armv4_5_mode_to_number(armv4_5
->core_mode
)]);
967 if (buffer
[9] & 0x20)
968 armv4_5
->core_state
= ARMV4_5_STATE_THUMB
;
970 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
973 if (armv4_5_mode_to_number(armv4_5
->core_mode
)==-1)
976 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
977 if ((armv4_5
->core_mode
!= ARMV4_5_MODE_USR
) && (armv4_5
->core_mode
!= ARMV4_5_MODE_SYS
))
979 xscale_receive(target
, buffer
, 8);
980 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).value
, 0, 32, buffer
[7]);
981 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).dirty
= 0;
982 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).valid
= 1;
986 /* r8 to r14, but no spsr */
987 xscale_receive(target
, buffer
, 7);
990 /* move data from buffer to register cache */
991 for (i
= 8; i
<= 14; i
++)
993 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).value
, 0, 32, buffer
[i
- 8]);
994 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 0;
995 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).valid
= 1;
998 /* examine debug reason */
999 xscale_read_dcsr(target
);
1000 moe
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 2, 3);
1002 /* stored PC (for calculating fixup) */
1003 pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1007 case 0x0: /* Processor reset */
1008 target
->debug_reason
= DBG_REASON_DBGRQ
;
1009 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_RESET
;
1012 case 0x1: /* Instruction breakpoint hit */
1013 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1014 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1017 case 0x2: /* Data breakpoint hit */
1018 target
->debug_reason
= DBG_REASON_WATCHPOINT
;
1019 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1022 case 0x3: /* BKPT instruction executed */
1023 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1024 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1027 case 0x4: /* Ext. debug event */
1028 target
->debug_reason
= DBG_REASON_DBGRQ
;
1029 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1032 case 0x5: /* Vector trap occured */
1033 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1034 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_GENERIC
;
1037 case 0x6: /* Trace buffer full break */
1038 target
->debug_reason
= DBG_REASON_DBGRQ
;
1039 xscale
->arch_debug_reason
= XSCALE_DBG_REASON_TB_FULL
;
1042 case 0x7: /* Reserved (may flag Hot-Debug support) */
1044 LOG_ERROR("Method of Entry is 'Reserved'");
1049 /* apply PC fixup */
1050 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, pc
);
1052 /* on the first debug entry, identify cache type */
1053 if (xscale
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
1055 uint32_t cache_type_reg
;
1057 /* read cp15 cache type register */
1058 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_CACHETYPE
]);
1059 cache_type_reg
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_CACHETYPE
].value
, 0, 32);
1061 armv4_5_identify_cache(cache_type_reg
, &xscale
->armv4_5_mmu
.armv4_5_cache
);
1064 /* examine MMU and Cache settings */
1065 /* read cp15 control register */
1066 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
]);
1067 xscale
->cp15_control_reg
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_CTRL
].value
, 0, 32);
1068 xscale
->armv4_5_mmu
.mmu_enabled
= (xscale
->cp15_control_reg
& 0x1U
) ? 1 : 0;
1069 xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= (xscale
->cp15_control_reg
& 0x4U
) ? 1 : 0;
1070 xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= (xscale
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
1072 /* tracing enabled, read collected trace data */
1073 if (xscale
->trace
.buffer_enabled
)
1075 xscale_read_trace(target
);
1076 xscale
->trace
.buffer_fill
--;
1078 /* resume if we're still collecting trace data */
1079 if ((xscale
->arch_debug_reason
== XSCALE_DBG_REASON_TB_FULL
)
1080 && (xscale
->trace
.buffer_fill
> 0))
1082 xscale_resume(target
, 1, 0x0, 1, 0);
1086 xscale
->trace
.buffer_enabled
= 0;
1093 static int xscale_halt(struct target
*target
)
1095 struct xscale_common
*xscale
= target_to_xscale(target
);
1097 LOG_DEBUG("target->state: %s",
1098 target_state_name(target
));
1100 if (target
->state
== TARGET_HALTED
)
1102 LOG_DEBUG("target was already halted");
1105 else if (target
->state
== TARGET_UNKNOWN
)
1107 /* this must not happen for a xscale target */
1108 LOG_ERROR("target was in unknown state when halt was requested");
1109 return ERROR_TARGET_INVALID
;
1111 else if (target
->state
== TARGET_RESET
)
1113 LOG_DEBUG("target->state == TARGET_RESET");
1117 /* assert external dbg break */
1118 xscale
->external_debug_break
= 1;
1119 xscale_read_dcsr(target
);
1121 target
->debug_reason
= DBG_REASON_DBGRQ
;
1127 static int xscale_enable_single_step(struct target
*target
, uint32_t next_pc
)
1129 struct xscale_common
*xscale
= target_to_xscale(target
);
1130 struct reg
*ibcr0
= &xscale
->reg_cache
->reg_list
[XSCALE_IBCR0
];
1133 if (xscale
->ibcr0_used
)
1135 struct breakpoint
*ibcr0_bp
= breakpoint_find(target
, buf_get_u32(ibcr0
->value
, 0, 32) & 0xfffffffe);
1139 xscale_unset_breakpoint(target
, ibcr0_bp
);
1143 LOG_ERROR("BUG: xscale->ibcr0_used is set, but no breakpoint with that address found");
1148 if ((retval
= xscale_set_reg_u32(ibcr0
, next_pc
| 0x1)) != ERROR_OK
)
1154 static int xscale_disable_single_step(struct target
*target
)
1156 struct xscale_common
*xscale
= target_to_xscale(target
);
1157 struct reg
*ibcr0
= &xscale
->reg_cache
->reg_list
[XSCALE_IBCR0
];
1160 if ((retval
= xscale_set_reg_u32(ibcr0
, 0x0)) != ERROR_OK
)
1166 static void xscale_enable_watchpoints(struct target
*target
)
1168 struct watchpoint
*watchpoint
= target
->watchpoints
;
1172 if (watchpoint
->set
== 0)
1173 xscale_set_watchpoint(target
, watchpoint
);
1174 watchpoint
= watchpoint
->next
;
1178 static void xscale_enable_breakpoints(struct target
*target
)
1180 struct breakpoint
*breakpoint
= target
->breakpoints
;
1182 /* set any pending breakpoints */
1185 if (breakpoint
->set
== 0)
1186 xscale_set_breakpoint(target
, breakpoint
);
1187 breakpoint
= breakpoint
->next
;
1191 static int xscale_resume(struct target
*target
, int current
,
1192 uint32_t address
, int handle_breakpoints
, int debug_execution
)
1194 struct xscale_common
*xscale
= target_to_xscale(target
);
1195 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
1196 struct breakpoint
*breakpoint
= target
->breakpoints
;
1197 uint32_t current_pc
;
1203 if (target
->state
!= TARGET_HALTED
)
1205 LOG_WARNING("target not halted");
1206 return ERROR_TARGET_NOT_HALTED
;
1209 if (!debug_execution
)
1211 target_free_all_working_areas(target
);
1214 /* update vector tables */
1215 if ((retval
= xscale_update_vectors(target
)) != ERROR_OK
)
1218 /* current = 1: continue on current pc, otherwise continue at <address> */
1220 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, address
);
1222 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1224 /* if we're at the reset vector, we have to simulate the branch */
1225 if (current_pc
== 0x0)
1227 arm_simulate_step(target
, NULL
);
1228 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1231 /* the front-end may request us not to handle breakpoints */
1232 if (handle_breakpoints
)
1234 if ((breakpoint
= breakpoint_find(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))))
1238 /* there's a breakpoint at the current PC, we have to step over it */
1239 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32
"", breakpoint
->address
);
1240 xscale_unset_breakpoint(target
, breakpoint
);
1242 /* calculate PC of next instruction */
1243 if ((retval
= arm_simulate_step(target
, &next_pc
)) != ERROR_OK
)
1245 uint32_t current_opcode
;
1246 target_read_u32(target
, current_pc
, ¤t_opcode
);
1247 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32
"", current_opcode
);
1250 LOG_DEBUG("enable single-step");
1251 xscale_enable_single_step(target
, next_pc
);
1253 /* restore banked registers */
1254 xscale_restore_context(target
);
1256 /* send resume request (command 0x30 or 0x31)
1257 * clean the trace buffer if it is to be enabled (0x62) */
1258 if (xscale
->trace
.buffer_enabled
)
1260 xscale_send_u32(target
, 0x62);
1261 xscale_send_u32(target
, 0x31);
1264 xscale_send_u32(target
, 0x30);
1267 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1268 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1270 for (i
= 7; i
>= 0; i
--)
1273 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1274 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32
"", i
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1278 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1279 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1281 /* wait for and process debug entry */
1282 xscale_debug_entry(target
);
1284 LOG_DEBUG("disable single-step");
1285 xscale_disable_single_step(target
);
1287 LOG_DEBUG("set breakpoint at 0x%8.8" PRIx32
"", breakpoint
->address
);
1288 xscale_set_breakpoint(target
, breakpoint
);
1292 /* enable any pending breakpoints and watchpoints */
1293 xscale_enable_breakpoints(target
);
1294 xscale_enable_watchpoints(target
);
1296 /* restore banked registers */
1297 xscale_restore_context(target
);
1299 /* send resume request (command 0x30 or 0x31)
1300 * clean the trace buffer if it is to be enabled (0x62) */
1301 if (xscale
->trace
.buffer_enabled
)
1303 xscale_send_u32(target
, 0x62);
1304 xscale_send_u32(target
, 0x31);
1307 xscale_send_u32(target
, 0x30);
1310 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1311 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1313 for (i
= 7; i
>= 0; i
--)
1316 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1317 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32
"", i
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1321 xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1322 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1324 target
->debug_reason
= DBG_REASON_NOTHALTED
;
1326 if (!debug_execution
)
1328 /* registers are now invalid */
1329 armv4_5_invalidate_core_regs(target
);
1330 target
->state
= TARGET_RUNNING
;
1331 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1335 target
->state
= TARGET_DEBUG_RUNNING
;
1336 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_RESUMED
);
1339 LOG_DEBUG("target resumed");
1344 static int xscale_step_inner(struct target
*target
, int current
,
1345 uint32_t address
, int handle_breakpoints
)
1347 struct xscale_common
*xscale
= target_to_xscale(target
);
1348 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
1353 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1355 /* calculate PC of next instruction */
1356 if ((retval
= arm_simulate_step(target
, &next_pc
)) != ERROR_OK
)
1358 uint32_t current_opcode
, current_pc
;
1359 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1361 target_read_u32(target
, current_pc
, ¤t_opcode
);
1362 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32
"", current_opcode
);
1366 LOG_DEBUG("enable single-step");
1367 if ((retval
= xscale_enable_single_step(target
, next_pc
)) != ERROR_OK
)
1370 /* restore banked registers */
1371 if ((retval
= xscale_restore_context(target
)) != ERROR_OK
)
1374 /* send resume request (command 0x30 or 0x31)
1375 * clean the trace buffer if it is to be enabled (0x62) */
1376 if (xscale
->trace
.buffer_enabled
)
1378 if ((retval
= xscale_send_u32(target
, 0x62)) != ERROR_OK
)
1380 if ((retval
= xscale_send_u32(target
, 0x31)) != ERROR_OK
)
1384 if ((retval
= xscale_send_u32(target
, 0x30)) != ERROR_OK
)
1388 if ((retval
= xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32))) != ERROR_OK
)
1390 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32
"", buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1392 for (i
= 7; i
>= 0; i
--)
1395 if ((retval
= xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32))) != ERROR_OK
)
1397 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32
"", i
, buf_get_u32(armv4_5
->core_cache
->reg_list
[i
].value
, 0, 32));
1401 if ((retval
= xscale_send_u32(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))) != ERROR_OK
)
1403 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1405 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1407 /* registers are now invalid */
1408 if ((retval
= armv4_5_invalidate_core_regs(target
)) != ERROR_OK
)
1411 /* wait for and process debug entry */
1412 if ((retval
= xscale_debug_entry(target
)) != ERROR_OK
)
1415 LOG_DEBUG("disable single-step");
1416 if ((retval
= xscale_disable_single_step(target
)) != ERROR_OK
)
1419 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
1424 static int xscale_step(struct target
*target
, int current
,
1425 uint32_t address
, int handle_breakpoints
)
1427 struct armv4_5_common_s
*armv4_5
= target_to_armv4_5(target
);
1428 struct breakpoint
*breakpoint
= target
->breakpoints
;
1430 uint32_t current_pc
;
1433 if (target
->state
!= TARGET_HALTED
)
1435 LOG_WARNING("target not halted");
1436 return ERROR_TARGET_NOT_HALTED
;
1439 /* current = 1: continue on current pc, otherwise continue at <address> */
1441 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, address
);
1443 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1445 /* if we're at the reset vector, we have to simulate the step */
1446 if (current_pc
== 0x0)
1448 if ((retval
= arm_simulate_step(target
, NULL
)) != ERROR_OK
)
1450 current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
1452 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1453 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
1458 /* the front-end may request us not to handle breakpoints */
1459 if (handle_breakpoints
)
1460 if ((breakpoint
= breakpoint_find(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))))
1462 if ((retval
= xscale_unset_breakpoint(target
, breakpoint
)) != ERROR_OK
)
1466 retval
= xscale_step_inner(target
, current
, address
, handle_breakpoints
);
1470 xscale_set_breakpoint(target
, breakpoint
);
1473 LOG_DEBUG("target stepped");
1479 static int xscale_assert_reset(struct target
*target
)
1481 struct xscale_common
*xscale
= target_to_xscale(target
);
1483 LOG_DEBUG("target->state: %s",
1484 target_state_name(target
));
1486 /* select DCSR instruction (set endstate to R-T-I to ensure we don't
1487 * end up in T-L-R, which would reset JTAG
1489 jtag_set_end_state(TAP_IDLE
);
1490 xscale_jtag_set_instr(target
->tap
, XSCALE_SELDCSR
);
1492 /* set Hold reset, Halt mode and Trap Reset */
1493 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 30, 1, 0x1);
1494 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 16, 1, 0x1);
1495 xscale_write_dcsr(target
, 1, 0);
1497 /* select BYPASS, because having DCSR selected caused problems on the PXA27x */
1498 xscale_jtag_set_instr(target
->tap
, 0x7f);
1499 jtag_execute_queue();
1502 jtag_add_reset(0, 1);
1504 /* sleep 1ms, to be sure we fulfill any requirements */
1505 jtag_add_sleep(1000);
1506 jtag_execute_queue();
1508 target
->state
= TARGET_RESET
;
1510 if (target
->reset_halt
)
1513 if ((retval
= target_halt(target
)) != ERROR_OK
)
1520 static int xscale_deassert_reset(struct target
*target
)
1522 struct xscale_common
*xscale
= target_to_xscale(target
);
1523 struct breakpoint
*breakpoint
= target
->breakpoints
;
1527 xscale
->ibcr_available
= 2;
1528 xscale
->ibcr0_used
= 0;
1529 xscale
->ibcr1_used
= 0;
1531 xscale
->dbr_available
= 2;
1532 xscale
->dbr0_used
= 0;
1533 xscale
->dbr1_used
= 0;
1535 /* mark all hardware breakpoints as unset */
1538 if (breakpoint
->type
== BKPT_HARD
)
1540 breakpoint
->set
= 0;
1542 breakpoint
= breakpoint
->next
;
1545 armv4_5_invalidate_core_regs(target
);
1547 /* FIXME mark hardware watchpoints got unset too. Also,
1548 * at least some of the XScale registers are invalid...
1552 * REVISIT: *assumes* we had a SRST+TRST reset so the mini-icache
1553 * contents got invalidated. Safer to force that, so writing new
1554 * contents can't ever fail..
1559 const uint8_t *buffer
= xscale_debug_handler
;
1563 jtag_add_reset(0, 0);
1565 /* wait 300ms; 150 and 100ms were not enough */
1566 jtag_add_sleep(300*1000);
1568 jtag_add_runtest(2030, jtag_set_end_state(TAP_IDLE
));
1569 jtag_execute_queue();
1571 /* set Hold reset, Halt mode and Trap Reset */
1572 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 30, 1, 0x1);
1573 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 16, 1, 0x1);
1574 xscale_write_dcsr(target
, 1, 0);
1576 /* Load the debug handler into the mini-icache. Since
1577 * it's using halt mode (not monitor mode), it runs in
1578 * "Special Debug State" for access to registers, memory,
1579 * coprocessors, trace data, etc.
1581 address
= xscale
->handler_address
;
1582 for (unsigned binary_size
= sizeof xscale_debug_handler
- 1;
1584 binary_size
-= buf_cnt
, buffer
+= buf_cnt
)
1586 uint32_t cache_line
[8];
1589 buf_cnt
= binary_size
;
1593 for (i
= 0; i
< buf_cnt
; i
+= 4)
1595 /* convert LE buffer to host-endian uint32_t */
1596 cache_line
[i
/ 4] = le_to_h_u32(&buffer
[i
]);
1599 for (; i
< 32; i
+= 4)
1601 cache_line
[i
/ 4] = 0xe1a08008;
1604 /* only load addresses other than the reset vectors */
1605 if ((address
% 0x400) != 0x0)
1607 retval
= xscale_load_ic(target
, address
,
1609 if (retval
!= ERROR_OK
)
1616 retval
= xscale_load_ic(target
, 0x0,
1617 xscale
->low_vectors
);
1618 if (retval
!= ERROR_OK
)
1620 retval
= xscale_load_ic(target
, 0xffff0000,
1621 xscale
->high_vectors
);
1622 if (retval
!= ERROR_OK
)
1625 jtag_add_runtest(30, jtag_set_end_state(TAP_IDLE
));
1627 jtag_add_sleep(100000);
1629 /* set Hold reset, Halt mode and Trap Reset */
1630 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 30, 1, 0x1);
1631 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 16, 1, 0x1);
1632 xscale_write_dcsr(target
, 1, 0);
1634 /* clear Hold reset to let the target run (should enter debug handler) */
1635 xscale_write_dcsr(target
, 0, 1);
1636 target
->state
= TARGET_RUNNING
;
1638 if (!target
->reset_halt
)
1640 jtag_add_sleep(10000);
1642 /* we should have entered debug now */
1643 xscale_debug_entry(target
);
1644 target
->state
= TARGET_HALTED
;
1646 /* resume the target */
1647 xscale_resume(target
, 1, 0x0, 1, 0);
1654 static int xscale_read_core_reg(struct target
*target
, int num
,
1655 enum armv4_5_mode mode
)
1657 LOG_ERROR("not implemented");
1661 static int xscale_write_core_reg(struct target
*target
, int num
,
1662 enum armv4_5_mode mode
, uint32_t value
)
1664 LOG_ERROR("not implemented");
1668 static int xscale_full_context(struct target
*target
)
1670 struct armv4_5_common_s
*armv4_5
= target_to_armv4_5(target
);
1678 if (target
->state
!= TARGET_HALTED
)
1680 LOG_WARNING("target not halted");
1681 return ERROR_TARGET_NOT_HALTED
;
1684 buffer
= malloc(4 * 8);
1686 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1687 * we can't enter User mode on an XScale (unpredictable),
1688 * but User shares registers with SYS
1690 for (i
= 1; i
< 7; i
++)
1694 /* check if there are invalid registers in the current mode
1696 for (j
= 0; j
<= 16; j
++)
1698 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
== 0)
1706 /* request banked registers */
1707 xscale_send_u32(target
, 0x0);
1710 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1711 tmp_cpsr
|= 0xc0; /* I/F bits */
1713 /* send CPSR for desired mode */
1714 xscale_send_u32(target
, tmp_cpsr
);
1716 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1717 if ((armv4_5_number_to_mode(i
) != ARMV4_5_MODE_USR
) && (armv4_5_number_to_mode(i
) != ARMV4_5_MODE_SYS
))
1719 xscale_receive(target
, buffer
, 8);
1720 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).value
, 0, 32, buffer
[7]);
1721 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).dirty
= 0;
1722 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).valid
= 1;
1726 xscale_receive(target
, buffer
, 7);
1729 /* move data from buffer to register cache */
1730 for (j
= 8; j
<= 14; j
++)
1732 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).value
, 0, 32, buffer
[j
- 8]);
1733 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).dirty
= 0;
1734 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
= 1;
1744 static int xscale_restore_context(struct target
*target
)
1746 struct armv4_5_common_s
*armv4_5
= target_to_armv4_5(target
);
1750 if (target
->state
!= TARGET_HALTED
)
1752 LOG_WARNING("target not halted");
1753 return ERROR_TARGET_NOT_HALTED
;
1756 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1757 * we can't enter User mode on an XScale (unpredictable),
1758 * but User shares registers with SYS
1760 for (i
= 1; i
< 7; i
++)
1764 /* check if there are invalid registers in the current mode
1766 for (j
= 8; j
<= 14; j
++)
1768 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).dirty
== 1)
1772 /* if not USR/SYS, check if the SPSR needs to be written */
1773 if ((armv4_5_number_to_mode(i
) != ARMV4_5_MODE_USR
) && (armv4_5_number_to_mode(i
) != ARMV4_5_MODE_SYS
))
1775 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).dirty
== 1)
1783 /* send banked registers */
1784 xscale_send_u32(target
, 0x1);
1787 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1788 tmp_cpsr
|= 0xc0; /* I/F bits */
1790 /* send CPSR for desired mode */
1791 xscale_send_u32(target
, tmp_cpsr
);
1793 /* send banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1794 for (j
= 8; j
<= 14; j
++)
1796 xscale_send_u32(target
, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, j
).value
, 0, 32));
1797 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).dirty
= 0;
1800 if ((armv4_5_number_to_mode(i
) != ARMV4_5_MODE_USR
) && (armv4_5_number_to_mode(i
) != ARMV4_5_MODE_SYS
))
1802 xscale_send_u32(target
, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).value
, 0, 32));
1803 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).dirty
= 0;
1811 static int xscale_read_memory(struct target
*target
, uint32_t address
,
1812 uint32_t size
, uint32_t count
, uint8_t *buffer
)
1814 struct xscale_common
*xscale
= target_to_xscale(target
);
1819 LOG_DEBUG("address: 0x%8.8" PRIx32
", size: 0x%8.8" PRIx32
", count: 0x%8.8" PRIx32
, address
, size
, count
);
1821 if (target
->state
!= TARGET_HALTED
)
1823 LOG_WARNING("target not halted");
1824 return ERROR_TARGET_NOT_HALTED
;
1827 /* sanitize arguments */
1828 if (((size
!= 4) && (size
!= 2) && (size
!= 1)) || (count
== 0) || !(buffer
))
1829 return ERROR_INVALID_ARGUMENTS
;
1831 if (((size
== 4) && (address
& 0x3u
)) || ((size
== 2) && (address
& 0x1u
)))
1832 return ERROR_TARGET_UNALIGNED_ACCESS
;
1834 /* send memory read request (command 0x1n, n: access size) */
1835 if ((retval
= xscale_send_u32(target
, 0x10 | size
)) != ERROR_OK
)
1838 /* send base address for read request */
1839 if ((retval
= xscale_send_u32(target
, address
)) != ERROR_OK
)
1842 /* send number of requested data words */
1843 if ((retval
= xscale_send_u32(target
, count
)) != ERROR_OK
)
1846 /* receive data from target (count times 32-bit words in host endianness) */
1847 buf32
= malloc(4 * count
);
1848 if ((retval
= xscale_receive(target
, buf32
, count
)) != ERROR_OK
)
1851 /* extract data from host-endian buffer into byte stream */
1852 for (i
= 0; i
< count
; i
++)
1857 target_buffer_set_u32(target
, buffer
, buf32
[i
]);
1861 target_buffer_set_u16(target
, buffer
, buf32
[i
] & 0xffff);
1865 *buffer
++ = buf32
[i
] & 0xff;
1868 LOG_ERROR("should never get here");
1875 /* examine DCSR, to see if Sticky Abort (SA) got set */
1876 if ((retval
= xscale_read_dcsr(target
)) != ERROR_OK
)
1878 if (buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 5, 1) == 1)
1881 if ((retval
= xscale_send_u32(target
, 0x60)) != ERROR_OK
)
1884 return ERROR_TARGET_DATA_ABORT
;
1890 static int xscale_write_memory(struct target
*target
, uint32_t address
,
1891 uint32_t size
, uint32_t count
, uint8_t *buffer
)
1893 struct xscale_common
*xscale
= target_to_xscale(target
);
1896 LOG_DEBUG("address: 0x%8.8" PRIx32
", size: 0x%8.8" PRIx32
", count: 0x%8.8" PRIx32
, address
, size
, count
);
1898 if (target
->state
!= TARGET_HALTED
)
1900 LOG_WARNING("target not halted");
1901 return ERROR_TARGET_NOT_HALTED
;
1904 /* sanitize arguments */
1905 if (((size
!= 4) && (size
!= 2) && (size
!= 1)) || (count
== 0) || !(buffer
))
1906 return ERROR_INVALID_ARGUMENTS
;
1908 if (((size
== 4) && (address
& 0x3u
)) || ((size
== 2) && (address
& 0x1u
)))
1909 return ERROR_TARGET_UNALIGNED_ACCESS
;
1911 /* send memory write request (command 0x2n, n: access size) */
1912 if ((retval
= xscale_send_u32(target
, 0x20 | size
)) != ERROR_OK
)
1915 /* send base address for read request */
1916 if ((retval
= xscale_send_u32(target
, address
)) != ERROR_OK
)
1919 /* send number of requested data words to be written*/
1920 if ((retval
= xscale_send_u32(target
, count
)) != ERROR_OK
)
1923 /* extract data from host-endian buffer into byte stream */
1925 for (i
= 0; i
< count
; i
++)
1930 value
= target_buffer_get_u32(target
, buffer
);
1931 xscale_send_u32(target
, value
);
1935 value
= target_buffer_get_u16(target
, buffer
);
1936 xscale_send_u32(target
, value
);
1941 xscale_send_u32(target
, value
);
1945 LOG_ERROR("should never get here");
1950 if ((retval
= xscale_send(target
, buffer
, count
, size
)) != ERROR_OK
)
1953 /* examine DCSR, to see if Sticky Abort (SA) got set */
1954 if ((retval
= xscale_read_dcsr(target
)) != ERROR_OK
)
1956 if (buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 5, 1) == 1)
1959 if ((retval
= xscale_send_u32(target
, 0x60)) != ERROR_OK
)
1962 return ERROR_TARGET_DATA_ABORT
;
1968 static int xscale_bulk_write_memory(struct target
*target
, uint32_t address
,
1969 uint32_t count
, uint8_t *buffer
)
1971 return xscale_write_memory(target
, address
, 4, count
, buffer
);
1974 static uint32_t xscale_get_ttb(struct target
*target
)
1976 struct xscale_common
*xscale
= target_to_xscale(target
);
1979 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_TTB
]);
1980 ttb
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_TTB
].value
, 0, 32);
1985 static void xscale_disable_mmu_caches(struct target
*target
, int mmu
,
1986 int d_u_cache
, int i_cache
)
1988 struct xscale_common
*xscale
= target_to_xscale(target
);
1989 uint32_t cp15_control
;
1991 /* read cp15 control register */
1992 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
]);
1993 cp15_control
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_CTRL
].value
, 0, 32);
1996 cp15_control
&= ~0x1U
;
2001 xscale_send_u32(target
, 0x50);
2002 xscale_send_u32(target
, xscale
->cache_clean_address
);
2004 /* invalidate DCache */
2005 xscale_send_u32(target
, 0x51);
2007 cp15_control
&= ~0x4U
;
2012 /* invalidate ICache */
2013 xscale_send_u32(target
, 0x52);
2014 cp15_control
&= ~0x1000U
;
2017 /* write new cp15 control register */
2018 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
], cp15_control
);
2020 /* execute cpwait to ensure outstanding operations complete */
2021 xscale_send_u32(target
, 0x53);
2024 static void xscale_enable_mmu_caches(struct target
*target
, int mmu
,
2025 int d_u_cache
, int i_cache
)
2027 struct xscale_common
*xscale
= target_to_xscale(target
);
2028 uint32_t cp15_control
;
2030 /* read cp15 control register */
2031 xscale_get_reg(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
]);
2032 cp15_control
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_CTRL
].value
, 0, 32);
2035 cp15_control
|= 0x1U
;
2038 cp15_control
|= 0x4U
;
2041 cp15_control
|= 0x1000U
;
2043 /* write new cp15 control register */
2044 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_CTRL
], cp15_control
);
2046 /* execute cpwait to ensure outstanding operations complete */
2047 xscale_send_u32(target
, 0x53);
2050 static int xscale_set_breakpoint(struct target
*target
,
2051 struct breakpoint
*breakpoint
)
2054 struct xscale_common
*xscale
= target_to_xscale(target
);
2056 if (target
->state
!= TARGET_HALTED
)
2058 LOG_WARNING("target not halted");
2059 return ERROR_TARGET_NOT_HALTED
;
2062 if (breakpoint
->set
)
2064 LOG_WARNING("breakpoint already set");
2068 if (breakpoint
->type
== BKPT_HARD
)
2070 uint32_t value
= breakpoint
->address
| 1;
2071 if (!xscale
->ibcr0_used
)
2073 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_IBCR0
], value
);
2074 xscale
->ibcr0_used
= 1;
2075 breakpoint
->set
= 1; /* breakpoint set on first breakpoint register */
2077 else if (!xscale
->ibcr1_used
)
2079 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_IBCR1
], value
);
2080 xscale
->ibcr1_used
= 1;
2081 breakpoint
->set
= 2; /* breakpoint set on second breakpoint register */
2085 LOG_ERROR("BUG: no hardware comparator available");
2089 else if (breakpoint
->type
== BKPT_SOFT
)
2091 if (breakpoint
->length
== 4)
2093 /* keep the original instruction in target endianness */
2094 if ((retval
= target_read_memory(target
, breakpoint
->address
, 4, 1, breakpoint
->orig_instr
)) != ERROR_OK
)
2098 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2099 if ((retval
= target_write_u32(target
, breakpoint
->address
, xscale
->arm_bkpt
)) != ERROR_OK
)
2106 /* keep the original instruction in target endianness */
2107 if ((retval
= target_read_memory(target
, breakpoint
->address
, 2, 1, breakpoint
->orig_instr
)) != ERROR_OK
)
2111 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2112 if ((retval
= target_write_u32(target
, breakpoint
->address
, xscale
->thumb_bkpt
)) != ERROR_OK
)
2117 breakpoint
->set
= 1;
2123 static int xscale_add_breakpoint(struct target
*target
,
2124 struct breakpoint
*breakpoint
)
2126 struct xscale_common
*xscale
= target_to_xscale(target
);
2128 if (target
->state
!= TARGET_HALTED
)
2130 LOG_WARNING("target not halted");
2131 return ERROR_TARGET_NOT_HALTED
;
2134 if ((breakpoint
->type
== BKPT_HARD
) && (xscale
->ibcr_available
< 1))
2136 LOG_INFO("no breakpoint unit available for hardware breakpoint");
2137 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
2140 if ((breakpoint
->length
!= 2) && (breakpoint
->length
!= 4))
2142 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
2143 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
2146 if (breakpoint
->type
== BKPT_HARD
)
2148 xscale
->ibcr_available
--;
2154 static int xscale_unset_breakpoint(struct target
*target
,
2155 struct breakpoint
*breakpoint
)
2158 struct xscale_common
*xscale
= target_to_xscale(target
);
2160 if (target
->state
!= TARGET_HALTED
)
2162 LOG_WARNING("target not halted");
2163 return ERROR_TARGET_NOT_HALTED
;
2166 if (!breakpoint
->set
)
2168 LOG_WARNING("breakpoint not set");
2172 if (breakpoint
->type
== BKPT_HARD
)
2174 if (breakpoint
->set
== 1)
2176 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_IBCR0
], 0x0);
2177 xscale
->ibcr0_used
= 0;
2179 else if (breakpoint
->set
== 2)
2181 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_IBCR1
], 0x0);
2182 xscale
->ibcr1_used
= 0;
2184 breakpoint
->set
= 0;
2188 /* restore original instruction (kept in target endianness) */
2189 if (breakpoint
->length
== 4)
2191 if ((retval
= target_write_memory(target
, breakpoint
->address
, 4, 1, breakpoint
->orig_instr
)) != ERROR_OK
)
2198 if ((retval
= target_write_memory(target
, breakpoint
->address
, 2, 1, breakpoint
->orig_instr
)) != ERROR_OK
)
2203 breakpoint
->set
= 0;
2209 static int xscale_remove_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
2211 struct xscale_common
*xscale
= target_to_xscale(target
);
2213 if (target
->state
!= TARGET_HALTED
)
2215 LOG_WARNING("target not halted");
2216 return ERROR_TARGET_NOT_HALTED
;
2219 if (breakpoint
->set
)
2221 xscale_unset_breakpoint(target
, breakpoint
);
2224 if (breakpoint
->type
== BKPT_HARD
)
2225 xscale
->ibcr_available
++;
2230 static int xscale_set_watchpoint(struct target
*target
,
2231 struct watchpoint
*watchpoint
)
2233 struct xscale_common
*xscale
= target_to_xscale(target
);
2235 struct reg
*dbcon
= &xscale
->reg_cache
->reg_list
[XSCALE_DBCON
];
2236 uint32_t dbcon_value
= buf_get_u32(dbcon
->value
, 0, 32);
2238 if (target
->state
!= TARGET_HALTED
)
2240 LOG_WARNING("target not halted");
2241 return ERROR_TARGET_NOT_HALTED
;
2244 xscale_get_reg(dbcon
);
2246 switch (watchpoint
->rw
)
2258 LOG_ERROR("BUG: watchpoint->rw neither read, write nor access");
2261 if (!xscale
->dbr0_used
)
2263 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_DBR0
], watchpoint
->address
);
2264 dbcon_value
|= enable
;
2265 xscale_set_reg_u32(dbcon
, dbcon_value
);
2266 watchpoint
->set
= 1;
2267 xscale
->dbr0_used
= 1;
2269 else if (!xscale
->dbr1_used
)
2271 xscale_set_reg_u32(&xscale
->reg_cache
->reg_list
[XSCALE_DBR1
], watchpoint
->address
);
2272 dbcon_value
|= enable
<< 2;
2273 xscale_set_reg_u32(dbcon
, dbcon_value
);
2274 watchpoint
->set
= 2;
2275 xscale
->dbr1_used
= 1;
2279 LOG_ERROR("BUG: no hardware comparator available");
2286 static int xscale_add_watchpoint(struct target
*target
,
2287 struct watchpoint
*watchpoint
)
2289 struct xscale_common
*xscale
= target_to_xscale(target
);
2291 if (target
->state
!= TARGET_HALTED
)
2293 LOG_WARNING("target not halted");
2294 return ERROR_TARGET_NOT_HALTED
;
2297 if (xscale
->dbr_available
< 1)
2299 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
2302 if ((watchpoint
->length
!= 1) && (watchpoint
->length
!= 2) && (watchpoint
->length
!= 4))
2304 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
2307 xscale
->dbr_available
--;
2312 static int xscale_unset_watchpoint(struct target
*target
,
2313 struct watchpoint
*watchpoint
)
2315 struct xscale_common
*xscale
= target_to_xscale(target
);
2316 struct reg
*dbcon
= &xscale
->reg_cache
->reg_list
[XSCALE_DBCON
];
2317 uint32_t dbcon_value
= buf_get_u32(dbcon
->value
, 0, 32);
2319 if (target
->state
!= TARGET_HALTED
)
2321 LOG_WARNING("target not halted");
2322 return ERROR_TARGET_NOT_HALTED
;
2325 if (!watchpoint
->set
)
2327 LOG_WARNING("breakpoint not set");
2331 if (watchpoint
->set
== 1)
2333 dbcon_value
&= ~0x3;
2334 xscale_set_reg_u32(dbcon
, dbcon_value
);
2335 xscale
->dbr0_used
= 0;
2337 else if (watchpoint
->set
== 2)
2339 dbcon_value
&= ~0xc;
2340 xscale_set_reg_u32(dbcon
, dbcon_value
);
2341 xscale
->dbr1_used
= 0;
2343 watchpoint
->set
= 0;
2348 static int xscale_remove_watchpoint(struct target
*target
, struct watchpoint
*watchpoint
)
2350 struct xscale_common
*xscale
= target_to_xscale(target
);
2352 if (target
->state
!= TARGET_HALTED
)
2354 LOG_WARNING("target not halted");
2355 return ERROR_TARGET_NOT_HALTED
;
2358 if (watchpoint
->set
)
2360 xscale_unset_watchpoint(target
, watchpoint
);
2363 xscale
->dbr_available
++;
2368 static int xscale_get_reg(struct reg
*reg
)
2370 struct xscale_reg
*arch_info
= reg
->arch_info
;
2371 struct target
*target
= arch_info
->target
;
2372 struct xscale_common
*xscale
= target_to_xscale(target
);
2374 /* DCSR, TX and RX are accessible via JTAG */
2375 if (strcmp(reg
->name
, "XSCALE_DCSR") == 0)
2377 return xscale_read_dcsr(arch_info
->target
);
2379 else if (strcmp(reg
->name
, "XSCALE_TX") == 0)
2381 /* 1 = consume register content */
2382 return xscale_read_tx(arch_info
->target
, 1);
2384 else if (strcmp(reg
->name
, "XSCALE_RX") == 0)
2386 /* can't read from RX register (host -> debug handler) */
2389 else if (strcmp(reg
->name
, "XSCALE_TXRXCTRL") == 0)
2391 /* can't (explicitly) read from TXRXCTRL register */
2394 else /* Other DBG registers have to be transfered by the debug handler */
2396 /* send CP read request (command 0x40) */
2397 xscale_send_u32(target
, 0x40);
2399 /* send CP register number */
2400 xscale_send_u32(target
, arch_info
->dbg_handler_number
);
2402 /* read register value */
2403 xscale_read_tx(target
, 1);
2404 buf_cpy(xscale
->reg_cache
->reg_list
[XSCALE_TX
].value
, reg
->value
, 32);
2413 static int xscale_set_reg(struct reg
*reg
, uint8_t* buf
)
2415 struct xscale_reg
*arch_info
= reg
->arch_info
;
2416 struct target
*target
= arch_info
->target
;
2417 struct xscale_common
*xscale
= target_to_xscale(target
);
2418 uint32_t value
= buf_get_u32(buf
, 0, 32);
2420 /* DCSR, TX and RX are accessible via JTAG */
2421 if (strcmp(reg
->name
, "XSCALE_DCSR") == 0)
2423 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 0, 32, value
);
2424 return xscale_write_dcsr(arch_info
->target
, -1, -1);
2426 else if (strcmp(reg
->name
, "XSCALE_RX") == 0)
2428 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_RX
].value
, 0, 32, value
);
2429 return xscale_write_rx(arch_info
->target
);
2431 else if (strcmp(reg
->name
, "XSCALE_TX") == 0)
2433 /* can't write to TX register (debug-handler -> host) */
2436 else if (strcmp(reg
->name
, "XSCALE_TXRXCTRL") == 0)
2438 /* can't (explicitly) write to TXRXCTRL register */
2441 else /* Other DBG registers have to be transfered by the debug handler */
2443 /* send CP write request (command 0x41) */
2444 xscale_send_u32(target
, 0x41);
2446 /* send CP register number */
2447 xscale_send_u32(target
, arch_info
->dbg_handler_number
);
2449 /* send CP register value */
2450 xscale_send_u32(target
, value
);
2451 buf_set_u32(reg
->value
, 0, 32, value
);
2457 static int xscale_write_dcsr_sw(struct target
*target
, uint32_t value
)
2459 struct xscale_common
*xscale
= target_to_xscale(target
);
2460 struct reg
*dcsr
= &xscale
->reg_cache
->reg_list
[XSCALE_DCSR
];
2461 struct xscale_reg
*dcsr_arch_info
= dcsr
->arch_info
;
2463 /* send CP write request (command 0x41) */
2464 xscale_send_u32(target
, 0x41);
2466 /* send CP register number */
2467 xscale_send_u32(target
, dcsr_arch_info
->dbg_handler_number
);
2469 /* send CP register value */
2470 xscale_send_u32(target
, value
);
2471 buf_set_u32(dcsr
->value
, 0, 32, value
);
2476 static int xscale_read_trace(struct target
*target
)
2478 struct xscale_common
*xscale
= target_to_xscale(target
);
2479 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
2480 struct xscale_trace_data
**trace_data_p
;
2482 /* 258 words from debug handler
2483 * 256 trace buffer entries
2484 * 2 checkpoint addresses
2486 uint32_t trace_buffer
[258];
2487 int is_address
[256];
2490 if (target
->state
!= TARGET_HALTED
)
2492 LOG_WARNING("target must be stopped to read trace data");
2493 return ERROR_TARGET_NOT_HALTED
;
2496 /* send read trace buffer command (command 0x61) */
2497 xscale_send_u32(target
, 0x61);
2499 /* receive trace buffer content */
2500 xscale_receive(target
, trace_buffer
, 258);
2502 /* parse buffer backwards to identify address entries */
2503 for (i
= 255; i
>= 0; i
--)
2506 if (((trace_buffer
[i
] & 0xf0) == 0x90) ||
2507 ((trace_buffer
[i
] & 0xf0) == 0xd0))
2510 is_address
[--i
] = 1;
2512 is_address
[--i
] = 1;
2514 is_address
[--i
] = 1;
2516 is_address
[--i
] = 1;
2521 /* search first non-zero entry */
2522 for (j
= 0; (j
< 256) && (trace_buffer
[j
] == 0) && (!is_address
[j
]); j
++)
2527 LOG_DEBUG("no trace data collected");
2528 return ERROR_XSCALE_NO_TRACE_DATA
;
2531 for (trace_data_p
= &xscale
->trace
.data
; *trace_data_p
; trace_data_p
= &(*trace_data_p
)->next
)
2534 *trace_data_p
= malloc(sizeof(struct xscale_trace_data
));
2535 (*trace_data_p
)->next
= NULL
;
2536 (*trace_data_p
)->chkpt0
= trace_buffer
[256];
2537 (*trace_data_p
)->chkpt1
= trace_buffer
[257];
2538 (*trace_data_p
)->last_instruction
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
2539 (*trace_data_p
)->entries
= malloc(sizeof(struct xscale_trace_entry
) * (256 - j
));
2540 (*trace_data_p
)->depth
= 256 - j
;
2542 for (i
= j
; i
< 256; i
++)
2544 (*trace_data_p
)->entries
[i
- j
].data
= trace_buffer
[i
];
2546 (*trace_data_p
)->entries
[i
- j
].type
= XSCALE_TRACE_ADDRESS
;
2548 (*trace_data_p
)->entries
[i
- j
].type
= XSCALE_TRACE_MESSAGE
;
2554 static int xscale_read_instruction(struct target
*target
,
2555 struct arm_instruction
*instruction
)
2557 struct xscale_common
*xscale
= target_to_xscale(target
);
2564 if (!xscale
->trace
.image
)
2565 return ERROR_TRACE_IMAGE_UNAVAILABLE
;
2567 /* search for the section the current instruction belongs to */
2568 for (i
= 0; i
< xscale
->trace
.image
->num_sections
; i
++)
2570 if ((xscale
->trace
.image
->sections
[i
].base_address
<= xscale
->trace
.current_pc
) &&
2571 (xscale
->trace
.image
->sections
[i
].base_address
+ xscale
->trace
.image
->sections
[i
].size
> xscale
->trace
.current_pc
))
2580 /* current instruction couldn't be found in the image */
2581 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE
;
2584 if (xscale
->trace
.core_state
== ARMV4_5_STATE_ARM
)
2587 if ((retval
= image_read_section(xscale
->trace
.image
, section
,
2588 xscale
->trace
.current_pc
- xscale
->trace
.image
->sections
[section
].base_address
,
2589 4, buf
, &size_read
)) != ERROR_OK
)
2591 LOG_ERROR("error while reading instruction: %i", retval
);
2592 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE
;
2594 opcode
= target_buffer_get_u32(target
, buf
);
2595 arm_evaluate_opcode(opcode
, xscale
->trace
.current_pc
, instruction
);
2597 else if (xscale
->trace
.core_state
== ARMV4_5_STATE_THUMB
)
2600 if ((retval
= image_read_section(xscale
->trace
.image
, section
,
2601 xscale
->trace
.current_pc
- xscale
->trace
.image
->sections
[section
].base_address
,
2602 2, buf
, &size_read
)) != ERROR_OK
)
2604 LOG_ERROR("error while reading instruction: %i", retval
);
2605 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE
;
2607 opcode
= target_buffer_get_u16(target
, buf
);
2608 thumb_evaluate_opcode(opcode
, xscale
->trace
.current_pc
, instruction
);
2612 LOG_ERROR("BUG: unknown core state encountered");
2619 static int xscale_branch_address(struct xscale_trace_data
*trace_data
,
2620 int i
, uint32_t *target
)
2622 /* if there are less than four entries prior to the indirect branch message
2623 * we can't extract the address */
2629 *target
= (trace_data
->entries
[i
-1].data
) | (trace_data
->entries
[i
-2].data
<< 8) |
2630 (trace_data
->entries
[i
-3].data
<< 16) | (trace_data
->entries
[i
-4].data
<< 24);
2635 static int xscale_analyze_trace(struct target
*target
, struct command_context
*cmd_ctx
)
2637 struct xscale_common
*xscale
= target_to_xscale(target
);
2639 uint32_t next_pc
= 0x0;
2640 struct xscale_trace_data
*trace_data
= xscale
->trace
.data
;
2649 xscale
->trace
.core_state
= ARMV4_5_STATE_ARM
;
2654 for (i
= 0; i
< trace_data
->depth
; i
++)
2660 if (trace_data
->entries
[i
].type
== XSCALE_TRACE_ADDRESS
)
2663 switch ((trace_data
->entries
[i
].data
& 0xf0) >> 4)
2665 case 0: /* Exceptions */
2673 exception
= (trace_data
->entries
[i
].data
& 0x70) >> 4;
2675 next_pc
= (trace_data
->entries
[i
].data
& 0xf0) >> 2;
2676 command_print(cmd_ctx
, "--- exception %i ---", (trace_data
->entries
[i
].data
& 0xf0) >> 4);
2678 case 8: /* Direct Branch */
2681 case 9: /* Indirect Branch */
2683 if (xscale_branch_address(trace_data
, i
, &next_pc
) == 0)
2688 case 13: /* Checkpointed Indirect Branch */
2689 if (xscale_branch_address(trace_data
, i
, &next_pc
) == 0)
2692 if (((chkpt
== 0) && (next_pc
!= trace_data
->chkpt0
))
2693 || ((chkpt
== 1) && (next_pc
!= trace_data
->chkpt1
)))
2694 LOG_WARNING("checkpointed indirect branch target address doesn't match checkpoint");
2696 /* explicit fall-through */
2697 case 12: /* Checkpointed Direct Branch */
2702 next_pc
= trace_data
->chkpt0
;
2705 else if (chkpt
== 1)
2708 next_pc
= trace_data
->chkpt0
;
2713 LOG_WARNING("more than two checkpointed branches encountered");
2716 case 15: /* Roll-over */
2719 default: /* Reserved */
2720 command_print(cmd_ctx
, "--- reserved trace message ---");
2721 LOG_ERROR("BUG: trace message %i is reserved", (trace_data
->entries
[i
].data
& 0xf0) >> 4);
2725 if (xscale
->trace
.pc_ok
)
2727 int executed
= (trace_data
->entries
[i
].data
& 0xf) + rollover
* 16;
2728 struct arm_instruction instruction
;
2730 if ((exception
== 6) || (exception
== 7))
2732 /* IRQ or FIQ exception, no instruction executed */
2736 while (executed
-- >= 0)
2738 if ((retval
= xscale_read_instruction(target
, &instruction
)) != ERROR_OK
)
2740 /* can't continue tracing with no image available */
2741 if (retval
== ERROR_TRACE_IMAGE_UNAVAILABLE
)
2745 else if (retval
== ERROR_TRACE_INSTRUCTION_UNAVAILABLE
)
2747 /* TODO: handle incomplete images */
2751 /* a precise abort on a load to the PC is included in the incremental
2752 * word count, other instructions causing data aborts are not included
2754 if ((executed
== 0) && (exception
== 4)
2755 && ((instruction
.type
>= ARM_LDR
) && (instruction
.type
<= ARM_LDM
)))
2757 if ((instruction
.type
== ARM_LDM
)
2758 && ((instruction
.info
.load_store_multiple
.register_list
& 0x8000) == 0))
2762 else if (((instruction
.type
>= ARM_LDR
) && (instruction
.type
<= ARM_LDRSH
))
2763 && (instruction
.info
.load_store
.Rd
!= 15))
2769 /* only the last instruction executed
2770 * (the one that caused the control flow change)
2771 * could be a taken branch
2773 if (((executed
== -1) && (branch
== 1)) &&
2774 (((instruction
.type
== ARM_B
) ||
2775 (instruction
.type
== ARM_BL
) ||
2776 (instruction
.type
== ARM_BLX
)) &&
2777 (instruction
.info
.b_bl_bx_blx
.target_address
!= 0xffffffff)))
2779 xscale
->trace
.current_pc
= instruction
.info
.b_bl_bx_blx
.target_address
;
2783 xscale
->trace
.current_pc
+= (xscale
->trace
.core_state
== ARMV4_5_STATE_ARM
) ? 4 : 2;
2785 command_print(cmd_ctx
, "%s", instruction
.text
);
2793 xscale
->trace
.current_pc
= next_pc
;
2794 xscale
->trace
.pc_ok
= 1;
2798 for (; xscale
->trace
.current_pc
< trace_data
->last_instruction
; xscale
->trace
.current_pc
+= (xscale
->trace
.core_state
== ARMV4_5_STATE_ARM
) ? 4 : 2)
2800 struct arm_instruction instruction
;
2801 if ((retval
= xscale_read_instruction(target
, &instruction
)) != ERROR_OK
)
2803 /* can't continue tracing with no image available */
2804 if (retval
== ERROR_TRACE_IMAGE_UNAVAILABLE
)
2808 else if (retval
== ERROR_TRACE_INSTRUCTION_UNAVAILABLE
)
2810 /* TODO: handle incomplete images */
2813 command_print(cmd_ctx
, "%s", instruction
.text
);
2816 trace_data
= trace_data
->next
;
2822 static void xscale_build_reg_cache(struct target
*target
)
2824 struct xscale_common
*xscale
= target_to_xscale(target
);
2825 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
2826 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
2827 struct xscale_reg
*arch_info
= malloc(sizeof(xscale_reg_arch_info
));
2829 int num_regs
= sizeof(xscale_reg_arch_info
) / sizeof(struct xscale_reg
);
2831 (*cache_p
) = armv4_5_build_reg_cache(target
, armv4_5
);
2832 armv4_5
->core_cache
= (*cache_p
);
2834 /* register a register arch-type for XScale dbg registers only once */
2835 if (xscale_reg_arch_type
== -1)
2836 xscale_reg_arch_type
= register_reg_arch_type(xscale_get_reg
, xscale_set_reg
);
2838 (*cache_p
)->next
= malloc(sizeof(struct reg_cache
));
2839 cache_p
= &(*cache_p
)->next
;
2841 /* fill in values for the xscale reg cache */
2842 (*cache_p
)->name
= "XScale registers";
2843 (*cache_p
)->next
= NULL
;
2844 (*cache_p
)->reg_list
= malloc(num_regs
* sizeof(struct reg
));
2845 (*cache_p
)->num_regs
= num_regs
;
2847 for (i
= 0; i
< num_regs
; i
++)
2849 (*cache_p
)->reg_list
[i
].name
= xscale_reg_list
[i
];
2850 (*cache_p
)->reg_list
[i
].value
= calloc(4, 1);
2851 (*cache_p
)->reg_list
[i
].dirty
= 0;
2852 (*cache_p
)->reg_list
[i
].valid
= 0;
2853 (*cache_p
)->reg_list
[i
].size
= 32;
2854 (*cache_p
)->reg_list
[i
].arch_info
= &arch_info
[i
];
2855 (*cache_p
)->reg_list
[i
].arch_type
= xscale_reg_arch_type
;
2856 arch_info
[i
] = xscale_reg_arch_info
[i
];
2857 arch_info
[i
].target
= target
;
2860 xscale
->reg_cache
= (*cache_p
);
2863 static int xscale_init_target(struct command_context
*cmd_ctx
,
2864 struct target
*target
)
2866 xscale_build_reg_cache(target
);
2870 static int xscale_init_arch_info(struct target
*target
,
2871 struct xscale_common
*xscale
, struct jtag_tap
*tap
, const char *variant
)
2873 struct arm
*armv4_5
;
2874 uint32_t high_reset_branch
, low_reset_branch
;
2877 armv4_5
= &xscale
->armv4_5_common
;
2879 /* store architecture specfic data (none so far) */
2880 xscale
->common_magic
= XSCALE_COMMON_MAGIC
;
2882 /* we don't really *need* variant info ... */
2886 if (strcmp(variant
, "pxa250") == 0
2887 || strcmp(variant
, "pxa255") == 0
2888 || strcmp(variant
, "pxa26x") == 0)
2890 else if (strcmp(variant
, "pxa27x") == 0
2891 || strcmp(variant
, "ixp42x") == 0
2892 || strcmp(variant
, "ixp45x") == 0
2893 || strcmp(variant
, "ixp46x") == 0)
2896 LOG_WARNING("%s: unrecognized variant %s",
2897 tap
->dotted_name
, variant
);
2899 if (ir_length
&& ir_length
!= tap
->ir_length
) {
2900 LOG_WARNING("%s: IR length for %s is %d; fixing",
2901 tap
->dotted_name
, variant
, ir_length
);
2902 tap
->ir_length
= ir_length
;
2906 /* the debug handler isn't installed (and thus not running) at this time */
2907 xscale
->handler_address
= 0xfe000800;
2909 /* clear the vectors we keep locally for reference */
2910 memset(xscale
->low_vectors
, 0, sizeof(xscale
->low_vectors
));
2911 memset(xscale
->high_vectors
, 0, sizeof(xscale
->high_vectors
));
2913 /* no user-specified vectors have been configured yet */
2914 xscale
->static_low_vectors_set
= 0x0;
2915 xscale
->static_high_vectors_set
= 0x0;
2917 /* calculate branches to debug handler */
2918 low_reset_branch
= (xscale
->handler_address
+ 0x20 - 0x0 - 0x8) >> 2;
2919 high_reset_branch
= (xscale
->handler_address
+ 0x20 - 0xffff0000 - 0x8) >> 2;
2921 xscale
->low_vectors
[0] = ARMV4_5_B((low_reset_branch
& 0xffffff), 0);
2922 xscale
->high_vectors
[0] = ARMV4_5_B((high_reset_branch
& 0xffffff), 0);
2924 for (i
= 1; i
<= 7; i
++)
2926 xscale
->low_vectors
[i
] = ARMV4_5_B(0xfffffe, 0);
2927 xscale
->high_vectors
[i
] = ARMV4_5_B(0xfffffe, 0);
2930 /* 64kB aligned region used for DCache cleaning */
2931 xscale
->cache_clean_address
= 0xfffe0000;
2933 xscale
->hold_rst
= 0;
2934 xscale
->external_debug_break
= 0;
2936 xscale
->ibcr_available
= 2;
2937 xscale
->ibcr0_used
= 0;
2938 xscale
->ibcr1_used
= 0;
2940 xscale
->dbr_available
= 2;
2941 xscale
->dbr0_used
= 0;
2942 xscale
->dbr1_used
= 0;
2944 xscale
->arm_bkpt
= ARMV5_BKPT(0x0);
2945 xscale
->thumb_bkpt
= ARMV5_T_BKPT(0x0) & 0xffff;
2947 xscale
->vector_catch
= 0x1;
2949 xscale
->trace
.capture_status
= TRACE_IDLE
;
2950 xscale
->trace
.data
= NULL
;
2951 xscale
->trace
.image
= NULL
;
2952 xscale
->trace
.buffer_enabled
= 0;
2953 xscale
->trace
.buffer_fill
= 0;
2955 /* prepare ARMv4/5 specific information */
2956 armv4_5
->arch_info
= xscale
;
2957 armv4_5
->read_core_reg
= xscale_read_core_reg
;
2958 armv4_5
->write_core_reg
= xscale_write_core_reg
;
2959 armv4_5
->full_context
= xscale_full_context
;
2961 armv4_5_init_arch_info(target
, armv4_5
);
2963 xscale
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
2964 xscale
->armv4_5_mmu
.get_ttb
= xscale_get_ttb
;
2965 xscale
->armv4_5_mmu
.read_memory
= xscale_read_memory
;
2966 xscale
->armv4_5_mmu
.write_memory
= xscale_write_memory
;
2967 xscale
->armv4_5_mmu
.disable_mmu_caches
= xscale_disable_mmu_caches
;
2968 xscale
->armv4_5_mmu
.enable_mmu_caches
= xscale_enable_mmu_caches
;
2969 xscale
->armv4_5_mmu
.has_tiny_pages
= 1;
2970 xscale
->armv4_5_mmu
.mmu_enabled
= 0;
2975 static int xscale_target_create(struct target
*target
, Jim_Interp
*interp
)
2977 struct xscale_common
*xscale
;
2979 if (sizeof xscale_debug_handler
- 1 > 0x800) {
2980 LOG_ERROR("debug_handler.bin: larger than 2kb");
2984 xscale
= calloc(1, sizeof(*xscale
));
2988 return xscale_init_arch_info(target
, xscale
, target
->tap
,
2992 COMMAND_HANDLER(xscale_handle_debug_handler_command
)
2994 struct target
*target
= NULL
;
2995 struct xscale_common
*xscale
;
2997 uint32_t handler_address
;
3001 LOG_ERROR("'xscale debug_handler <target#> <address>' command takes two required operands");
3005 if ((target
= get_target(args
[0])) == NULL
)
3007 LOG_ERROR("target '%s' not defined", args
[0]);
3011 xscale
= target_to_xscale(target
);
3012 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3013 if (retval
!= ERROR_OK
)
3016 COMMAND_PARSE_NUMBER(u32
, args
[1], handler_address
);
3018 if (((handler_address
>= 0x800) && (handler_address
<= 0x1fef800)) ||
3019 ((handler_address
>= 0xfe000800) && (handler_address
<= 0xfffff800)))
3021 xscale
->handler_address
= handler_address
;
3025 LOG_ERROR("xscale debug_handler <address> must be between 0x800 and 0x1fef800 or between 0xfe000800 and 0xfffff800");
3032 COMMAND_HANDLER(xscale_handle_cache_clean_address_command
)
3034 struct target
*target
= NULL
;
3035 struct xscale_common
*xscale
;
3037 uint32_t cache_clean_address
;
3041 return ERROR_COMMAND_SYNTAX_ERROR
;
3044 target
= get_target(args
[0]);
3047 LOG_ERROR("target '%s' not defined", args
[0]);
3050 xscale
= target_to_xscale(target
);
3051 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3052 if (retval
!= ERROR_OK
)
3055 COMMAND_PARSE_NUMBER(u32
, args
[1], cache_clean_address
);
3057 if (cache_clean_address
& 0xffff)
3059 LOG_ERROR("xscale cache_clean_address <address> must be 64kb aligned");
3063 xscale
->cache_clean_address
= cache_clean_address
;
3069 COMMAND_HANDLER(xscale_handle_cache_info_command
)
3071 struct target
*target
= get_current_target(cmd_ctx
);
3072 struct xscale_common
*xscale
= target_to_xscale(target
);
3075 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3076 if (retval
!= ERROR_OK
)
3079 return armv4_5_handle_cache_info_command(cmd_ctx
, &xscale
->armv4_5_mmu
.armv4_5_cache
);
3082 static int xscale_virt2phys(struct target
*target
,
3083 uint32_t virtual, uint32_t *physical
)
3085 struct xscale_common
*xscale
= target_to_xscale(target
);
3091 if (xscale
->common_magic
!= XSCALE_COMMON_MAGIC
) {
3092 LOG_ERROR(xscale_not
);
3093 return ERROR_TARGET_INVALID
;
3096 uint32_t ret
= armv4_5_mmu_translate_va(target
, &xscale
->armv4_5_mmu
, virtual, &type
, &cb
, &domain
, &ap
);
3105 static int xscale_mmu(struct target
*target
, int *enabled
)
3107 struct xscale_common
*xscale
= target_to_xscale(target
);
3109 if (target
->state
!= TARGET_HALTED
)
3111 LOG_ERROR("Target not halted");
3112 return ERROR_TARGET_INVALID
;
3114 *enabled
= xscale
->armv4_5_mmu
.mmu_enabled
;
3118 COMMAND_HANDLER(xscale_handle_mmu_command
)
3120 struct target
*target
= get_current_target(cmd_ctx
);
3121 struct xscale_common
*xscale
= target_to_xscale(target
);
3124 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3125 if (retval
!= ERROR_OK
)
3128 if (target
->state
!= TARGET_HALTED
)
3130 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3136 if (strcmp("enable", args
[0]) == 0)
3138 xscale_enable_mmu_caches(target
, 1, 0, 0);
3139 xscale
->armv4_5_mmu
.mmu_enabled
= 1;
3141 else if (strcmp("disable", args
[0]) == 0)
3143 xscale_disable_mmu_caches(target
, 1, 0, 0);
3144 xscale
->armv4_5_mmu
.mmu_enabled
= 0;
3148 command_print(cmd_ctx
, "mmu %s", (xscale
->armv4_5_mmu
.mmu_enabled
) ? "enabled" : "disabled");
3153 COMMAND_HANDLER(xscale_handle_idcache_command
)
3155 struct target
*target
= get_current_target(cmd_ctx
);
3156 struct xscale_common
*xscale
= target_to_xscale(target
);
3157 int icache
= 0, dcache
= 0;
3160 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3161 if (retval
!= ERROR_OK
)
3164 if (target
->state
!= TARGET_HALTED
)
3166 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3170 if (strcmp(CMD_NAME
, "icache") == 0)
3172 else if (strcmp(CMD_NAME
, "dcache") == 0)
3177 if (strcmp("enable", args
[0]) == 0)
3179 xscale_enable_mmu_caches(target
, 0, dcache
, icache
);
3182 xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 1;
3184 xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 1;
3186 else if (strcmp("disable", args
[0]) == 0)
3188 xscale_disable_mmu_caches(target
, 0, dcache
, icache
);
3191 xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
3193 xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
3198 command_print(cmd_ctx
, "icache %s", (xscale
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
) ? "enabled" : "disabled");
3201 command_print(cmd_ctx
, "dcache %s", (xscale
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
) ? "enabled" : "disabled");
3206 COMMAND_HANDLER(xscale_handle_vector_catch_command
)
3208 struct target
*target
= get_current_target(cmd_ctx
);
3209 struct xscale_common
*xscale
= target_to_xscale(target
);
3212 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3213 if (retval
!= ERROR_OK
)
3218 command_print(cmd_ctx
, "usage: xscale vector_catch [mask]");
3222 COMMAND_PARSE_NUMBER(u8
, args
[0], xscale
->vector_catch
);
3223 buf_set_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 16, 8, xscale
->vector_catch
);
3224 xscale_write_dcsr(target
, -1, -1);
3227 command_print(cmd_ctx
, "vector catch mask: 0x%2.2x", xscale
->vector_catch
);
3233 COMMAND_HANDLER(xscale_handle_vector_table_command
)
3235 struct target
*target
= get_current_target(cmd_ctx
);
3236 struct xscale_common
*xscale
= target_to_xscale(target
);
3240 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3241 if (retval
!= ERROR_OK
)
3244 if (argc
== 0) /* print current settings */
3248 command_print(cmd_ctx
, "active user-set static vectors:");
3249 for (idx
= 1; idx
< 8; idx
++)
3250 if (xscale
->static_low_vectors_set
& (1 << idx
))
3251 command_print(cmd_ctx
, "low %d: 0x%" PRIx32
, idx
, xscale
->static_low_vectors
[idx
]);
3252 for (idx
= 1; idx
< 8; idx
++)
3253 if (xscale
->static_high_vectors_set
& (1 << idx
))
3254 command_print(cmd_ctx
, "high %d: 0x%" PRIx32
, idx
, xscale
->static_high_vectors
[idx
]);
3263 COMMAND_PARSE_NUMBER(int, args
[1], idx
);
3265 COMMAND_PARSE_NUMBER(u32
, args
[2], vec
);
3267 if (idx
< 1 || idx
>= 8)
3270 if (!err
&& strcmp(args
[0], "low") == 0)
3272 xscale
->static_low_vectors_set
|= (1<<idx
);
3273 xscale
->static_low_vectors
[idx
] = vec
;
3275 else if (!err
&& (strcmp(args
[0], "high") == 0))
3277 xscale
->static_high_vectors_set
|= (1<<idx
);
3278 xscale
->static_high_vectors
[idx
] = vec
;
3285 command_print(cmd_ctx
, "usage: xscale vector_table <high|low> <index> <code>");
3291 COMMAND_HANDLER(xscale_handle_trace_buffer_command
)
3293 struct target
*target
= get_current_target(cmd_ctx
);
3294 struct xscale_common
*xscale
= target_to_xscale(target
);
3295 struct armv4_5_common_s
*armv4_5
= &xscale
->armv4_5_common
;
3296 uint32_t dcsr_value
;
3299 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3300 if (retval
!= ERROR_OK
)
3303 if (target
->state
!= TARGET_HALTED
)
3305 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3309 if ((argc
>= 1) && (strcmp("enable", args
[0]) == 0))
3311 struct xscale_trace_data
*td
, *next_td
;
3312 xscale
->trace
.buffer_enabled
= 1;
3314 /* free old trace data */
3315 td
= xscale
->trace
.data
;
3325 xscale
->trace
.data
= NULL
;
3327 else if ((argc
>= 1) && (strcmp("disable", args
[0]) == 0))
3329 xscale
->trace
.buffer_enabled
= 0;
3332 if ((argc
>= 2) && (strcmp("fill", args
[1]) == 0))
3336 COMMAND_PARSE_NUMBER(u32
, args
[2], fill
);
3337 xscale
->trace
.buffer_fill
= fill
;
3339 else if ((argc
>= 2) && (strcmp("wrap", args
[1]) == 0))
3341 xscale
->trace
.buffer_fill
= -1;
3344 if (xscale
->trace
.buffer_enabled
)
3346 /* if we enable the trace buffer in fill-once
3347 * mode we know the address of the first instruction */
3348 xscale
->trace
.pc_ok
= 1;
3349 xscale
->trace
.current_pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
3353 /* otherwise the address is unknown, and we have no known good PC */
3354 xscale
->trace
.pc_ok
= 0;
3357 command_print(cmd_ctx
, "trace buffer %s (%s)",
3358 (xscale
->trace
.buffer_enabled
) ? "enabled" : "disabled",
3359 (xscale
->trace
.buffer_fill
> 0) ? "fill" : "wrap");
3361 dcsr_value
= buf_get_u32(xscale
->reg_cache
->reg_list
[XSCALE_DCSR
].value
, 0, 32);
3362 if (xscale
->trace
.buffer_fill
>= 0)
3363 xscale_write_dcsr_sw(target
, (dcsr_value
& 0xfffffffc) | 2);
3365 xscale_write_dcsr_sw(target
, dcsr_value
& 0xfffffffc);
3370 COMMAND_HANDLER(xscale_handle_trace_image_command
)
3372 struct target
*target
= get_current_target(cmd_ctx
);
3373 struct xscale_common
*xscale
= target_to_xscale(target
);
3378 command_print(cmd_ctx
, "usage: xscale trace_image <file> [base address] [type]");
3382 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3383 if (retval
!= ERROR_OK
)
3386 if (xscale
->trace
.image
)
3388 image_close(xscale
->trace
.image
);
3389 free(xscale
->trace
.image
);
3390 command_print(cmd_ctx
, "previously loaded image found and closed");
3393 xscale
->trace
.image
= malloc(sizeof(struct image
));
3394 xscale
->trace
.image
->base_address_set
= 0;
3395 xscale
->trace
.image
->start_address_set
= 0;
3397 /* a base address isn't always necessary, default to 0x0 (i.e. don't relocate) */
3400 xscale
->trace
.image
->base_address_set
= 1;
3401 COMMAND_PARSE_NUMBER(int, args
[1], xscale
->trace
.image
->base_address
);
3405 xscale
->trace
.image
->base_address_set
= 0;
3408 if (image_open(xscale
->trace
.image
, args
[0], (argc
>= 3) ? args
[2] : NULL
) != ERROR_OK
)
3410 free(xscale
->trace
.image
);
3411 xscale
->trace
.image
= NULL
;
3418 COMMAND_HANDLER(xscale_handle_dump_trace_command
)
3420 struct target
*target
= get_current_target(cmd_ctx
);
3421 struct xscale_common
*xscale
= target_to_xscale(target
);
3422 struct xscale_trace_data
*trace_data
;
3426 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3427 if (retval
!= ERROR_OK
)
3430 if (target
->state
!= TARGET_HALTED
)
3432 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3438 command_print(cmd_ctx
, "usage: xscale dump_trace <file>");
3442 trace_data
= xscale
->trace
.data
;
3446 command_print(cmd_ctx
, "no trace data collected");
3450 if (fileio_open(&file
, args
[0], FILEIO_WRITE
, FILEIO_BINARY
) != ERROR_OK
)
3459 fileio_write_u32(&file
, trace_data
->chkpt0
);
3460 fileio_write_u32(&file
, trace_data
->chkpt1
);
3461 fileio_write_u32(&file
, trace_data
->last_instruction
);
3462 fileio_write_u32(&file
, trace_data
->depth
);
3464 for (i
= 0; i
< trace_data
->depth
; i
++)
3465 fileio_write_u32(&file
, trace_data
->entries
[i
].data
| ((trace_data
->entries
[i
].type
& 0xffff) << 16));
3467 trace_data
= trace_data
->next
;
3470 fileio_close(&file
);
3475 COMMAND_HANDLER(xscale_handle_analyze_trace_buffer_command
)
3477 struct target
*target
= get_current_target(cmd_ctx
);
3478 struct xscale_common
*xscale
= target_to_xscale(target
);
3481 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3482 if (retval
!= ERROR_OK
)
3485 xscale_analyze_trace(target
, cmd_ctx
);
3490 COMMAND_HANDLER(xscale_handle_cp15
)
3492 struct target
*target
= get_current_target(cmd_ctx
);
3493 struct xscale_common
*xscale
= target_to_xscale(target
);
3496 retval
= xscale_verify_pointer(cmd_ctx
, xscale
);
3497 if (retval
!= ERROR_OK
)
3500 if (target
->state
!= TARGET_HALTED
)
3502 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", CMD_NAME
);
3505 uint32_t reg_no
= 0;
3506 struct reg
*reg
= NULL
;
3509 COMMAND_PARSE_NUMBER(u32
, args
[0], reg_no
);
3510 /*translate from xscale cp15 register no to openocd register*/
3514 reg_no
= XSCALE_MAINID
;
3517 reg_no
= XSCALE_CTRL
;
3520 reg_no
= XSCALE_TTB
;
3523 reg_no
= XSCALE_DAC
;
3526 reg_no
= XSCALE_FSR
;
3529 reg_no
= XSCALE_FAR
;
3532 reg_no
= XSCALE_PID
;
3535 reg_no
= XSCALE_CPACCESS
;
3538 command_print(cmd_ctx
, "invalid register number");
3539 return ERROR_INVALID_ARGUMENTS
;
3541 reg
= &xscale
->reg_cache
->reg_list
[reg_no
];
3548 /* read cp15 control register */
3549 xscale_get_reg(reg
);
3550 value
= buf_get_u32(reg
->value
, 0, 32);
3551 command_print(cmd_ctx
, "%s (/%i): 0x%" PRIx32
"", reg
->name
, (int)(reg
->size
), value
);
3556 COMMAND_PARSE_NUMBER(u32
, args
[1], value
);
3558 /* send CP write request (command 0x41) */
3559 xscale_send_u32(target
, 0x41);
3561 /* send CP register number */
3562 xscale_send_u32(target
, reg_no
);
3564 /* send CP register value */
3565 xscale_send_u32(target
, value
);
3567 /* execute cpwait to ensure outstanding operations complete */
3568 xscale_send_u32(target
, 0x53);
3572 command_print(cmd_ctx
, "usage: cp15 [register]<, [value]>");
3578 static int xscale_register_commands(struct command_context
*cmd_ctx
)
3580 struct command
*xscale_cmd
;
3582 xscale_cmd
= register_command(cmd_ctx
, NULL
, "xscale", NULL
, COMMAND_ANY
, "xscale specific commands");
3584 register_command(cmd_ctx
, xscale_cmd
, "debug_handler", xscale_handle_debug_handler_command
, COMMAND_ANY
, "'xscale debug_handler <target#> <address>' command takes two required operands");
3585 register_command(cmd_ctx
, xscale_cmd
, "cache_clean_address", xscale_handle_cache_clean_address_command
, COMMAND_ANY
, NULL
);
3587 register_command(cmd_ctx
, xscale_cmd
, "cache_info", xscale_handle_cache_info_command
, COMMAND_EXEC
, NULL
);
3588 register_command(cmd_ctx
, xscale_cmd
, "mmu", xscale_handle_mmu_command
, COMMAND_EXEC
, "['enable'|'disable'] the MMU");
3589 register_command(cmd_ctx
, xscale_cmd
, "icache", xscale_handle_idcache_command
, COMMAND_EXEC
, "['enable'|'disable'] the ICache");
3590 register_command(cmd_ctx
, xscale_cmd
, "dcache", xscale_handle_idcache_command
, COMMAND_EXEC
, "['enable'|'disable'] the DCache");
3592 register_command(cmd_ctx
, xscale_cmd
, "vector_catch", xscale_handle_vector_catch_command
, COMMAND_EXEC
, "<mask> of vectors that should be catched");
3593 register_command(cmd_ctx
, xscale_cmd
, "vector_table", xscale_handle_vector_table_command
, COMMAND_EXEC
, "<high|low> <index> <code> set static code for exception handler entry");
3595 register_command(cmd_ctx
, xscale_cmd
, "trace_buffer", xscale_handle_trace_buffer_command
, COMMAND_EXEC
, "<enable | disable> ['fill' [n]|'wrap']");
3597 register_command(cmd_ctx
, xscale_cmd
, "dump_trace", xscale_handle_dump_trace_command
, COMMAND_EXEC
, "dump content of trace buffer to <file>");
3598 register_command(cmd_ctx
, xscale_cmd
, "analyze_trace", xscale_handle_analyze_trace_buffer_command
, COMMAND_EXEC
, "analyze content of trace buffer");
3599 register_command(cmd_ctx
, xscale_cmd
, "trace_image", xscale_handle_trace_image_command
,
3600 COMMAND_EXEC
, "load image from <file> [base address]");
3602 register_command(cmd_ctx
, xscale_cmd
, "cp15", xscale_handle_cp15
, COMMAND_EXEC
, "access coproc 15 <register> [value]");
3604 armv4_5_register_commands(cmd_ctx
);
3609 struct target_type xscale_target
=
3613 .poll
= xscale_poll
,
3614 .arch_state
= xscale_arch_state
,
3616 .target_request_data
= NULL
,
3618 .halt
= xscale_halt
,
3619 .resume
= xscale_resume
,
3620 .step
= xscale_step
,
3622 .assert_reset
= xscale_assert_reset
,
3623 .deassert_reset
= xscale_deassert_reset
,
3624 .soft_reset_halt
= NULL
,
3626 .get_gdb_reg_list
= armv4_5_get_gdb_reg_list
,
3628 .read_memory
= xscale_read_memory
,
3629 .write_memory
= xscale_write_memory
,
3630 .bulk_write_memory
= xscale_bulk_write_memory
,
3632 .checksum_memory
= arm_checksum_memory
,
3633 .blank_check_memory
= arm_blank_check_memory
,
3635 .run_algorithm
= armv4_5_run_algorithm
,
3637 .add_breakpoint
= xscale_add_breakpoint
,
3638 .remove_breakpoint
= xscale_remove_breakpoint
,
3639 .add_watchpoint
= xscale_add_watchpoint
,
3640 .remove_watchpoint
= xscale_remove_watchpoint
,
3642 .register_commands
= xscale_register_commands
,
3643 .target_create
= xscale_target_create
,
3644 .init_target
= xscale_init_target
,
3646 .virt2phys
= xscale_virt2phys
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)