Code Review / openocd.git / blob
? search:


705c2f0a42e84709825da260f3f5eae8a7e11fd5
[openocd.git] / src / target / xscale.c
1 /***************************************************************************
2 * Copyright (C) 2006, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * Copyright (C) 2009 Michael Schwingen *
9 * michael@schwingen.org *
10 * *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
15 * *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
20 * *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
26 #ifdef HAVE_CONFIG_H
27 #include "config.h"
28 #endif
29
30 #include "xscale.h"
31 #include "target_type.h"
32 #include "arm7_9_common.h"
33 #include "arm_simulator.h"
34 #include "arm_disassembler.h"
35 #include "time_support.h"
36 #include "image.h"
37
38
39 /*
40 * Important XScale documents available as of October 2009 include:
41 *
42 * Intel XScale® Core Developer’s Manual, January 2004
43 * Order Number: 273473-002
44 * This has a chapter detailing debug facilities, and punts some
45 * details to chip-specific microarchitecture documentats.
46 *
47 * Hot-Debug for Intel XScale® Core Debug White Paper, May 2005
48 * Document Number: 273539-005
49 * Less detailed than the developer's manual, but summarizes those
50 * missing details (for most XScales) and gives LOTS of notes about
51 * debugger/handler interaction issues. Presents a simpler reset
52 * and load-handler sequence than the arch doc. (Note, OpenOCD
53 * doesn't currently support "Hot-Debug" as defined there.)
54 *
55 * Chip-specific microarchitecture documents may also be useful.
56 */
57
58
59 /* forward declarations */
60 static int xscale_resume(struct target_s *, int current,
61 uint32_t address, int handle_breakpoints, int debug_execution);
62 static int xscale_debug_entry(target_t *);
63 static int xscale_restore_context(target_t *);
64 static int xscale_get_reg(reg_t *reg);
65 static int xscale_set_reg(reg_t *reg, uint8_t *buf);
66 static int xscale_set_breakpoint(struct target_s *, breakpoint_t *);
67 static int xscale_set_watchpoint(struct target_s *, watchpoint_t *);
68 static int xscale_unset_breakpoint(struct target_s *, breakpoint_t *);
69 static int xscale_read_trace(target_t *);
70
71
72 static char *const xscale_reg_list[] =
73 {
74 "XSCALE_MAINID", /* 0 */
75 "XSCALE_CACHETYPE",
76 "XSCALE_CTRL",
77 "XSCALE_AUXCTRL",
78 "XSCALE_TTB",
79 "XSCALE_DAC",
80 "XSCALE_FSR",
81 "XSCALE_FAR",
82 "XSCALE_PID",
83 "XSCALE_CPACCESS",
84 "XSCALE_IBCR0", /* 10 */
85 "XSCALE_IBCR1",
86 "XSCALE_DBR0",
87 "XSCALE_DBR1",
88 "XSCALE_DBCON",
89 "XSCALE_TBREG",
90 "XSCALE_CHKPT0",
91 "XSCALE_CHKPT1",
92 "XSCALE_DCSR",
93 "XSCALE_TX",
94 "XSCALE_RX", /* 20 */
95 "XSCALE_TXRXCTRL",
96 };
97
98 static const xscale_reg_t xscale_reg_arch_info[] =
99 {
100 {XSCALE_MAINID, NULL},
101 {XSCALE_CACHETYPE, NULL},
102 {XSCALE_CTRL, NULL},
103 {XSCALE_AUXCTRL, NULL},
104 {XSCALE_TTB, NULL},
105 {XSCALE_DAC, NULL},
106 {XSCALE_FSR, NULL},
107 {XSCALE_FAR, NULL},
108 {XSCALE_PID, NULL},
109 {XSCALE_CPACCESS, NULL},
110 {XSCALE_IBCR0, NULL},
111 {XSCALE_IBCR1, NULL},
112 {XSCALE_DBR0, NULL},
113 {XSCALE_DBR1, NULL},
114 {XSCALE_DBCON, NULL},
115 {XSCALE_TBREG, NULL},
116 {XSCALE_CHKPT0, NULL},
117 {XSCALE_CHKPT1, NULL},
118 {XSCALE_DCSR, NULL}, /* DCSR accessed via JTAG or SW */
119 {-1, NULL}, /* TX accessed via JTAG */
120 {-1, NULL}, /* RX accessed via JTAG */
121 {-1, NULL}, /* TXRXCTRL implicit access via JTAG */
122 };
123
124 static int xscale_reg_arch_type = -1;
125
126 /* convenience wrapper to access XScale specific registers */
127 static int xscale_set_reg_u32(reg_t *reg, uint32_t value)
128 {
129 uint8_t buf[4];
130
131 buf_set_u32(buf, 0, 32, value);
132
133 return xscale_set_reg(reg, buf);
134 }
135
136
137 static int xscale_get_arch_pointers(target_t *target,
138 armv4_5_common_t **armv4_5_p, xscale_common_t **xscale_p)
139 {
140 armv4_5_common_t *armv4_5 = target->arch_info;
141 xscale_common_t *xscale = armv4_5->arch_info;
142
143 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
144 {
145 LOG_ERROR("target isn't an XScale target");
146 return -1;
147 }
148
149 if (xscale->common_magic != XSCALE_COMMON_MAGIC)
150 {
151 LOG_ERROR("target isn't an XScale target");
152 return -1;
153 }
154
155 *armv4_5_p = armv4_5;
156 *xscale_p = xscale;
157
158 return ERROR_OK;
159 }
160
161 static int xscale_jtag_set_instr(jtag_tap_t *tap, uint32_t new_instr)
162 {
163 if (tap == NULL)
164 return ERROR_FAIL;
165
166 if (buf_get_u32(tap->cur_instr, 0, tap->ir_length) != new_instr)
167 {
168 scan_field_t field;
169
170 field.tap = tap;
171 field.num_bits = tap->ir_length;
172 field.out_value = calloc(CEIL(field.num_bits, 8), 1);
173 buf_set_u32(field.out_value, 0, field.num_bits, new_instr);
174
175 uint8_t tmp[4];
176 field.in_value = tmp;
177
178 jtag_add_ir_scan(1, &field, jtag_get_end_state());
179
180 /* FIX!!!! isn't this check superfluous? verify_ircapture handles this? */
181 jtag_check_value_mask(&field, tap->expected, tap->expected_mask);
182
183 free(field.out_value);
184 }
185
186 return ERROR_OK;
187 }
188
189 static int xscale_read_dcsr(target_t *target)
190 {
191 armv4_5_common_t *armv4_5 = target->arch_info;
192 xscale_common_t *xscale = armv4_5->arch_info;
193
194 int retval;
195
196 scan_field_t fields[3];
197 uint8_t field0 = 0x0;
198 uint8_t field0_check_value = 0x2;
199 uint8_t field0_check_mask = 0x7;
200 uint8_t field2 = 0x0;
201 uint8_t field2_check_value = 0x0;
202 uint8_t field2_check_mask = 0x1;
203
204 jtag_set_end_state(TAP_DRPAUSE);
205 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dcsr);
206
207 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
208 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
209
210 fields[0].tap = xscale->jtag_info.tap;
211 fields[0].num_bits = 3;
212 fields[0].out_value = &field0;
213 uint8_t tmp;
214 fields[0].in_value = &tmp;
215
216 fields[1].tap = xscale->jtag_info.tap;
217 fields[1].num_bits = 32;
218 fields[1].out_value = NULL;
219 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
220
221 fields[2].tap = xscale->jtag_info.tap;
222 fields[2].num_bits = 1;
223 fields[2].out_value = &field2;
224 uint8_t tmp2;
225 fields[2].in_value = &tmp2;
226
227 jtag_add_dr_scan(3, fields, jtag_get_end_state());
228
229 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
230 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
231
232 if ((retval = jtag_execute_queue()) != ERROR_OK)
233 {
234 LOG_ERROR("JTAG error while reading DCSR");
235 return retval;
236 }
237
238 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
239 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
240
241 /* write the register with the value we just read
242 * on this second pass, only the first bit of field0 is guaranteed to be 0)
243 */
244 field0_check_mask = 0x1;
245 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
246 fields[1].in_value = NULL;
247
248 jtag_set_end_state(TAP_IDLE);
249
250 jtag_add_dr_scan(3, fields, jtag_get_end_state());
251
252 /* DANGER!!! this must be here. It will make sure that the arguments
253 * to jtag_set_check_value() does not go out of scope! */
254 return jtag_execute_queue();
255 }
256
257
258 static void xscale_getbuf(jtag_callback_data_t arg)
259 {
260 uint8_t *in = (uint8_t *)arg;
261 *((uint32_t *)in) = buf_get_u32(in, 0, 32);
262 }
263
264 static int xscale_receive(target_t *target, uint32_t *buffer, int num_words)
265 {
266 if (num_words == 0)
267 return ERROR_INVALID_ARGUMENTS;
268
269 int retval = ERROR_OK;
270 armv4_5_common_t *armv4_5 = target->arch_info;
271 xscale_common_t *xscale = armv4_5->arch_info;
272
273 tap_state_t path[3];
274 scan_field_t fields[3];
275
276 uint8_t *field0 = malloc(num_words * 1);
277 uint8_t field0_check_value = 0x2;
278 uint8_t field0_check_mask = 0x6;
279 uint32_t *field1 = malloc(num_words * 4);
280 uint8_t field2_check_value = 0x0;
281 uint8_t field2_check_mask = 0x1;
282 int words_done = 0;
283 int words_scheduled = 0;
284
285 int i;
286
287 path[0] = TAP_DRSELECT;
288 path[1] = TAP_DRCAPTURE;
289 path[2] = TAP_DRSHIFT;
290
291 fields[0].tap = xscale->jtag_info.tap;
292 fields[0].num_bits = 3;
293 fields[0].out_value = NULL;
294 fields[0].in_value = NULL;
295 fields[0].check_value = &field0_check_value;
296 fields[0].check_mask = &field0_check_mask;
297
298 fields[1].tap = xscale->jtag_info.tap;
299 fields[1].num_bits = 32;
300 fields[1].out_value = NULL;
301 fields[1].check_value = NULL;
302 fields[1].check_mask = NULL;
303
304 fields[2].tap = xscale->jtag_info.tap;
305 fields[2].num_bits = 1;
306 fields[2].out_value = NULL;
307 fields[2].in_value = NULL;
308 fields[2].check_value = &field2_check_value;
309 fields[2].check_mask = &field2_check_mask;
310
311 jtag_set_end_state(TAP_IDLE);
312 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dbgtx);
313 jtag_add_runtest(1, jtag_get_end_state()); /* ensures that we're in the TAP_IDLE state as the above could be a no-op */
314
315 /* repeat until all words have been collected */
316 int attempts = 0;
317 while (words_done < num_words)
318 {
319 /* schedule reads */
320 words_scheduled = 0;
321 for (i = words_done; i < num_words; i++)
322 {
323 fields[0].in_value = &field0[i];
324
325 jtag_add_pathmove(3, path);
326
327 fields[1].in_value = (uint8_t *)(field1 + i);
328
329 jtag_add_dr_scan_check(3, fields, jtag_set_end_state(TAP_IDLE));
330
331 jtag_add_callback(xscale_getbuf, (jtag_callback_data_t)(field1 + i));
332
333 words_scheduled++;
334 }
335
336 if ((retval = jtag_execute_queue()) != ERROR_OK)
337 {
338 LOG_ERROR("JTAG error while receiving data from debug handler");
339 break;
340 }
341
342 /* examine results */
343 for (i = words_done; i < num_words; i++)
344 {
345 if (!(field0[0] & 1))
346 {
347 /* move backwards if necessary */
348 int j;
349 for (j = i; j < num_words - 1; j++)
350 {
351 field0[j] = field0[j + 1];
352 field1[j] = field1[j + 1];
353 }
354 words_scheduled--;
355 }
356 }
357 if (words_scheduled == 0)
358 {
359 if (attempts++==1000)
360 {
361 LOG_ERROR("Failed to receiving data from debug handler after 1000 attempts");
362 retval = ERROR_TARGET_TIMEOUT;
363 break;
364 }
365 }
366
367 words_done += words_scheduled;
368 }
369
370 for (i = 0; i < num_words; i++)
371 *(buffer++) = buf_get_u32((uint8_t*)&field1[i], 0, 32);
372
373 free(field1);
374
375 return retval;
376 }
377
378 static int xscale_read_tx(target_t *target, int consume)
379 {
380 armv4_5_common_t *armv4_5 = target->arch_info;
381 xscale_common_t *xscale = armv4_5->arch_info;
382 tap_state_t path[3];
383 tap_state_t noconsume_path[6];
384
385 int retval;
386 struct timeval timeout, now;
387
388 scan_field_t fields[3];
389 uint8_t field0_in = 0x0;
390 uint8_t field0_check_value = 0x2;
391 uint8_t field0_check_mask = 0x6;
392 uint8_t field2_check_value = 0x0;
393 uint8_t field2_check_mask = 0x1;
394
395 jtag_set_end_state(TAP_IDLE);
396
397 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dbgtx);
398
399 path[0] = TAP_DRSELECT;
400 path[1] = TAP_DRCAPTURE;
401 path[2] = TAP_DRSHIFT;
402
403 noconsume_path[0] = TAP_DRSELECT;
404 noconsume_path[1] = TAP_DRCAPTURE;
405 noconsume_path[2] = TAP_DREXIT1;
406 noconsume_path[3] = TAP_DRPAUSE;
407 noconsume_path[4] = TAP_DREXIT2;
408 noconsume_path[5] = TAP_DRSHIFT;
409
410 fields[0].tap = xscale->jtag_info.tap;
411 fields[0].num_bits = 3;
412 fields[0].out_value = NULL;
413 fields[0].in_value = &field0_in;
414
415 fields[1].tap = xscale->jtag_info.tap;
416 fields[1].num_bits = 32;
417 fields[1].out_value = NULL;
418 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_TX].value;
419
420 fields[2].tap = xscale->jtag_info.tap;
421 fields[2].num_bits = 1;
422 fields[2].out_value = NULL;
423 uint8_t tmp;
424 fields[2].in_value = &tmp;
425
426 gettimeofday(&timeout, NULL);
427 timeval_add_time(&timeout, 1, 0);
428
429 for (;;)
430 {
431 /* if we want to consume the register content (i.e. clear TX_READY),
432 * we have to go straight from Capture-DR to Shift-DR
433 * otherwise, we go from Capture-DR to Exit1-DR to Pause-DR
434 */
435 if (consume)
436 jtag_add_pathmove(3, path);
437 else
438 {
439 jtag_add_pathmove(sizeof(noconsume_path)/sizeof(*noconsume_path), noconsume_path);
440 }
441
442 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
443
444 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
445 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
446
447 if ((retval = jtag_execute_queue()) != ERROR_OK)
448 {
449 LOG_ERROR("JTAG error while reading TX");
450 return ERROR_TARGET_TIMEOUT;
451 }
452
453 gettimeofday(&now, NULL);
454 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
455 {
456 LOG_ERROR("time out reading TX register");
457 return ERROR_TARGET_TIMEOUT;
458 }
459 if (!((!(field0_in & 1)) && consume))
460 {
461 goto done;
462 }
463 if (debug_level >= 3)
464 {
465 LOG_DEBUG("waiting 100ms");
466 alive_sleep(100); /* avoid flooding the logs */
467 } else
468 {
469 keep_alive();
470 }
471 }
472 done:
473
474 if (!(field0_in & 1))
475 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
476
477 return ERROR_OK;
478 }
479
480 static int xscale_write_rx(target_t *target)
481 {
482 armv4_5_common_t *armv4_5 = target->arch_info;
483 xscale_common_t *xscale = armv4_5->arch_info;
484
485 int retval;
486 struct timeval timeout, now;
487
488 scan_field_t fields[3];
489 uint8_t field0_out = 0x0;
490 uint8_t field0_in = 0x0;
491 uint8_t field0_check_value = 0x2;
492 uint8_t field0_check_mask = 0x6;
493 uint8_t field2 = 0x0;
494 uint8_t field2_check_value = 0x0;
495 uint8_t field2_check_mask = 0x1;
496
497 jtag_set_end_state(TAP_IDLE);
498
499 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dbgrx);
500
501 fields[0].tap = xscale->jtag_info.tap;
502 fields[0].num_bits = 3;
503 fields[0].out_value = &field0_out;
504 fields[0].in_value = &field0_in;
505
506 fields[1].tap = xscale->jtag_info.tap;
507 fields[1].num_bits = 32;
508 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_RX].value;
509 fields[1].in_value = NULL;
510
511 fields[2].tap = xscale->jtag_info.tap;
512 fields[2].num_bits = 1;
513 fields[2].out_value = &field2;
514 uint8_t tmp;
515 fields[2].in_value = &tmp;
516
517 gettimeofday(&timeout, NULL);
518 timeval_add_time(&timeout, 1, 0);
519
520 /* poll until rx_read is low */
521 LOG_DEBUG("polling RX");
522 for (;;)
523 {
524 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
525
526 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
527 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
528
529 if ((retval = jtag_execute_queue()) != ERROR_OK)
530 {
531 LOG_ERROR("JTAG error while writing RX");
532 return retval;
533 }
534
535 gettimeofday(&now, NULL);
536 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
537 {
538 LOG_ERROR("time out writing RX register");
539 return ERROR_TARGET_TIMEOUT;
540 }
541 if (!(field0_in & 1))
542 goto done;
543 if (debug_level >= 3)
544 {
545 LOG_DEBUG("waiting 100ms");
546 alive_sleep(100); /* avoid flooding the logs */
547 } else
548 {
549 keep_alive();
550 }
551 }
552 done:
553
554 /* set rx_valid */
555 field2 = 0x1;
556 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
557
558 if ((retval = jtag_execute_queue()) != ERROR_OK)
559 {
560 LOG_ERROR("JTAG error while writing RX");
561 return retval;
562 }
563
564 return ERROR_OK;
565 }
566
567 /* send count elements of size byte to the debug handler */
568 static int xscale_send(target_t *target, uint8_t *buffer, int count, int size)
569 {
570 armv4_5_common_t *armv4_5 = target->arch_info;
571 xscale_common_t *xscale = armv4_5->arch_info;
572 uint32_t t[3];
573 int bits[3];
574
575 int retval;
576
577 int done_count = 0;
578
579 jtag_set_end_state(TAP_IDLE);
580
581 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dbgrx);
582
583 bits[0]=3;
584 t[0]=0;
585 bits[1]=32;
586 t[2]=1;
587 bits[2]=1;
588 int endianness = target->endianness;
589 while (done_count++ < count)
590 {
591 switch (size)
592 {
593 case 4:
594 if (endianness == TARGET_LITTLE_ENDIAN)
595 {
596 t[1]=le_to_h_u32(buffer);
597 } else
598 {
599 t[1]=be_to_h_u32(buffer);
600 }
601 break;
602 case 2:
603 if (endianness == TARGET_LITTLE_ENDIAN)
604 {
605 t[1]=le_to_h_u16(buffer);
606 } else
607 {
608 t[1]=be_to_h_u16(buffer);
609 }
610 break;
611 case 1:
612 t[1]=buffer[0];
613 break;
614 default:
615 LOG_ERROR("BUG: size neither 4, 2 nor 1");
616 exit(-1);
617 }
618 jtag_add_dr_out(xscale->jtag_info.tap,
619 3,
620 bits,
621 t,
622 jtag_set_end_state(TAP_IDLE));
623 buffer += size;
624 }
625
626 if ((retval = jtag_execute_queue()) != ERROR_OK)
627 {
628 LOG_ERROR("JTAG error while sending data to debug handler");
629 return retval;
630 }
631
632 return ERROR_OK;
633 }
634
635 static int xscale_send_u32(target_t *target, uint32_t value)
636 {
637 armv4_5_common_t *armv4_5 = target->arch_info;
638 xscale_common_t *xscale = armv4_5->arch_info;
639
640 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
641 return xscale_write_rx(target);
642 }
643
644 static int xscale_write_dcsr(target_t *target, int hold_rst, int ext_dbg_brk)
645 {
646 armv4_5_common_t *armv4_5 = target->arch_info;
647 xscale_common_t *xscale = armv4_5->arch_info;
648
649 int retval;
650
651 scan_field_t fields[3];
652 uint8_t field0 = 0x0;
653 uint8_t field0_check_value = 0x2;
654 uint8_t field0_check_mask = 0x7;
655 uint8_t field2 = 0x0;
656 uint8_t field2_check_value = 0x0;
657 uint8_t field2_check_mask = 0x1;
658
659 if (hold_rst != -1)
660 xscale->hold_rst = hold_rst;
661
662 if (ext_dbg_brk != -1)
663 xscale->external_debug_break = ext_dbg_brk;
664
665 jtag_set_end_state(TAP_IDLE);
666 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dcsr);
667
668 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
669 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
670
671 fields[0].tap = xscale->jtag_info.tap;
672 fields[0].num_bits = 3;
673 fields[0].out_value = &field0;
674 uint8_t tmp;
675 fields[0].in_value = &tmp;
676
677 fields[1].tap = xscale->jtag_info.tap;
678 fields[1].num_bits = 32;
679 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
680 fields[1].in_value = NULL;
681
682 fields[2].tap = xscale->jtag_info.tap;
683 fields[2].num_bits = 1;
684 fields[2].out_value = &field2;
685 uint8_t tmp2;
686 fields[2].in_value = &tmp2;
687
688 jtag_add_dr_scan(3, fields, jtag_get_end_state());
689
690 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
691 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
692
693 if ((retval = jtag_execute_queue()) != ERROR_OK)
694 {
695 LOG_ERROR("JTAG error while writing DCSR");
696 return retval;
697 }
698
699 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
700 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
701
702 return ERROR_OK;
703 }
704
705 /* parity of the number of bits 0 if even; 1 if odd. for 32 bit words */
706 static unsigned int parity (unsigned int v)
707 {
708 unsigned int ov = v;
709 v ^= v >> 16;
710 v ^= v >> 8;
711 v ^= v >> 4;
712 v &= 0xf;
713 LOG_DEBUG("parity of 0x%x is %i", ov, (0x6996 >> v) & 1);
714 return (0x6996 >> v) & 1;
715 }
716
717 static int xscale_load_ic(target_t *target, int mini, uint32_t va, uint32_t buffer[8])
718 {
719 armv4_5_common_t *armv4_5 = target->arch_info;
720 xscale_common_t *xscale = armv4_5->arch_info;
721 uint8_t packet[4];
722 uint8_t cmd;
723 int word;
724
725 scan_field_t fields[2];
726
727 LOG_DEBUG("loading miniIC at 0x%8.8" PRIx32 "", va);
728
729 jtag_set_end_state(TAP_IDLE);
730 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.ldic); /* LDIC */
731
732 /* CMD is b010 for Main IC and b011 for Mini IC */
733 if (mini)
734 buf_set_u32(&cmd, 0, 3, 0x3);
735 else
736 buf_set_u32(&cmd, 0, 3, 0x2);
737
738 buf_set_u32(&cmd, 3, 3, 0x0);
739
740 /* virtual address of desired cache line */
741 buf_set_u32(packet, 0, 27, va >> 5);
742
743 fields[0].tap = xscale->jtag_info.tap;
744 fields[0].num_bits = 6;
745 fields[0].out_value = &cmd;
746 fields[0].in_value = NULL;
747
748 fields[1].tap = xscale->jtag_info.tap;
749 fields[1].num_bits = 27;
750 fields[1].out_value = packet;
751 fields[1].in_value = NULL;
752
753 jtag_add_dr_scan(2, fields, jtag_get_end_state());
754
755 fields[0].num_bits = 32;
756 fields[0].out_value = packet;
757
758 fields[1].num_bits = 1;
759 fields[1].out_value = &cmd;
760
761 for (word = 0; word < 8; word++)
762 {
763 buf_set_u32(packet, 0, 32, buffer[word]);
764
765 uint32_t value;
766 memcpy(&value, packet, sizeof(uint32_t));
767 cmd = parity(value);
768
769 jtag_add_dr_scan(2, fields, jtag_get_end_state());
770 }
771
772 return jtag_execute_queue();
773 }
774
775 static int xscale_invalidate_ic_line(target_t *target, uint32_t va)
776 {
777 armv4_5_common_t *armv4_5 = target->arch_info;
778 xscale_common_t *xscale = armv4_5->arch_info;
779 uint8_t packet[4];
780 uint8_t cmd;
781
782 scan_field_t fields[2];
783
784 jtag_set_end_state(TAP_IDLE);
785 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.ldic); /* LDIC */
786
787 /* CMD for invalidate IC line b000, bits [6:4] b000 */
788 buf_set_u32(&cmd, 0, 6, 0x0);
789
790 /* virtual address of desired cache line */
791 buf_set_u32(packet, 0, 27, va >> 5);
792
793 fields[0].tap = xscale->jtag_info.tap;
794 fields[0].num_bits = 6;
795 fields[0].out_value = &cmd;
796 fields[0].in_value = NULL;
797
798 fields[1].tap = xscale->jtag_info.tap;
799 fields[1].num_bits = 27;
800 fields[1].out_value = packet;
801 fields[1].in_value = NULL;
802
803 jtag_add_dr_scan(2, fields, jtag_get_end_state());
804
805 return ERROR_OK;
806 }
807
808 static int xscale_update_vectors(target_t *target)
809 {
810 armv4_5_common_t *armv4_5 = target->arch_info;
811 xscale_common_t *xscale = armv4_5->arch_info;
812 int i;
813 int retval;
814
815 uint32_t low_reset_branch, high_reset_branch;
816
817 for (i = 1; i < 8; i++)
818 {
819 /* if there's a static vector specified for this exception, override */
820 if (xscale->static_high_vectors_set & (1 << i))
821 {
822 xscale->high_vectors[i] = xscale->static_high_vectors[i];
823 }
824 else
825 {
826 retval = target_read_u32(target, 0xffff0000 + 4*i, &xscale->high_vectors[i]);
827 if (retval == ERROR_TARGET_TIMEOUT)
828 return retval;
829 if (retval != ERROR_OK)
830 {
831 /* Some of these reads will fail as part of normal execution */
832 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
833 }
834 }
835 }
836
837 for (i = 1; i < 8; i++)
838 {
839 if (xscale->static_low_vectors_set & (1 << i))
840 {
841 xscale->low_vectors[i] = xscale->static_low_vectors[i];
842 }
843 else
844 {
845 retval = target_read_u32(target, 0x0 + 4*i, &xscale->low_vectors[i]);
846 if (retval == ERROR_TARGET_TIMEOUT)
847 return retval;
848 if (retval != ERROR_OK)
849 {
850 /* Some of these reads will fail as part of normal execution */
851 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
852 }
853 }
854 }
855
856 /* calculate branches to debug handler */
857 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
858 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
859
860 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
861 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
862
863 /* invalidate and load exception vectors in mini i-cache */
864 xscale_invalidate_ic_line(target, 0x0);
865 xscale_invalidate_ic_line(target, 0xffff0000);
866
867 xscale_load_ic(target, 1, 0x0, xscale->low_vectors);
868 xscale_load_ic(target, 1, 0xffff0000, xscale->high_vectors);
869
870 return ERROR_OK;
871 }
872
873 static int xscale_arch_state(struct target_s *target)
874 {
875 armv4_5_common_t *armv4_5 = target->arch_info;
876 xscale_common_t *xscale = armv4_5->arch_info;
877
878 static const char *state[] =
879 {
880 "disabled", "enabled"
881 };
882
883 static const char *arch_dbg_reason[] =
884 {
885 "", "\n(processor reset)", "\n(trace buffer full)"
886 };
887
888 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
889 {
890 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
891 exit(-1);
892 }
893
894 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
895 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
896 "MMU: %s, D-Cache: %s, I-Cache: %s"
897 "%s",
898 armv4_5_state_strings[armv4_5->core_state],
899 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name ,
900 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
901 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
902 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
903 state[xscale->armv4_5_mmu.mmu_enabled],
904 state[xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
905 state[xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled],
906 arch_dbg_reason[xscale->arch_debug_reason]);
907
908 return ERROR_OK;
909 }
910
911 static int xscale_poll(target_t *target)
912 {
913 int retval = ERROR_OK;
914 armv4_5_common_t *armv4_5 = target->arch_info;
915 xscale_common_t *xscale = armv4_5->arch_info;
916
917 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_DEBUG_RUNNING))
918 {
919 enum target_state previous_state = target->state;
920 if ((retval = xscale_read_tx(target, 0)) == ERROR_OK)
921 {
922
923 /* there's data to read from the tx register, we entered debug state */
924 xscale->handler_running = 1;
925
926 target->state = TARGET_HALTED;
927
928 /* process debug entry, fetching current mode regs */
929 retval = xscale_debug_entry(target);
930 }
931 else if (retval != ERROR_TARGET_RESOURCE_NOT_AVAILABLE)
932 {
933 LOG_USER("error while polling TX register, reset CPU");
934 /* here we "lie" so GDB won't get stuck and a reset can be perfomed */
935 target->state = TARGET_HALTED;
936 }
937
938 /* debug_entry could have overwritten target state (i.e. immediate resume)
939 * don't signal event handlers in that case
940 */
941 if (target->state != TARGET_HALTED)
942 return ERROR_OK;
943
944 /* if target was running, signal that we halted
945 * otherwise we reentered from debug execution */
946 if (previous_state == TARGET_RUNNING)
947 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
948 else
949 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
950 }
951
952 return retval;
953 }
954
955 static int xscale_debug_entry(target_t *target)
956 {
957 armv4_5_common_t *armv4_5 = target->arch_info;
958 xscale_common_t *xscale = armv4_5->arch_info;
959 uint32_t pc;
960 uint32_t buffer[10];
961 int i;
962 int retval;
963
964 uint32_t moe;
965
966 /* clear external dbg break (will be written on next DCSR read) */
967 xscale->external_debug_break = 0;
968 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
969 return retval;
970
971 /* get r0, pc, r1 to r7 and cpsr */
972 if ((retval = xscale_receive(target, buffer, 10)) != ERROR_OK)
973 return retval;
974
975 /* move r0 from buffer to register cache */
976 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, buffer[0]);
977 armv4_5->core_cache->reg_list[0].dirty = 1;
978 armv4_5->core_cache->reg_list[0].valid = 1;
979 LOG_DEBUG("r0: 0x%8.8" PRIx32 "", buffer[0]);
980
981 /* move pc from buffer to register cache */
982 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, buffer[1]);
983 armv4_5->core_cache->reg_list[15].dirty = 1;
984 armv4_5->core_cache->reg_list[15].valid = 1;
985 LOG_DEBUG("pc: 0x%8.8" PRIx32 "", buffer[1]);
986
987 /* move data from buffer to register cache */
988 for (i = 1; i <= 7; i++)
989 {
990 buf_set_u32(armv4_5->core_cache->reg_list[i].value, 0, 32, buffer[1 + i]);
991 armv4_5->core_cache->reg_list[i].dirty = 1;
992 armv4_5->core_cache->reg_list[i].valid = 1;
993 LOG_DEBUG("r%i: 0x%8.8" PRIx32 "", i, buffer[i + 1]);
994 }
995
996 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, buffer[9]);
997 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
998 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
999 LOG_DEBUG("cpsr: 0x%8.8" PRIx32 "", buffer[9]);
1000
1001 armv4_5->core_mode = buffer[9] & 0x1f;
1002 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
1003 {
1004 target->state = TARGET_UNKNOWN;
1005 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1006 return ERROR_TARGET_FAILURE;
1007 }
1008 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
1009
1010 if (buffer[9] & 0x20)
1011 armv4_5->core_state = ARMV4_5_STATE_THUMB;
1012 else
1013 armv4_5->core_state = ARMV4_5_STATE_ARM;
1014
1015
1016 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1017 return ERROR_FAIL;
1018
1019 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1020 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
1021 {
1022 xscale_receive(target, buffer, 8);
1023 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1024 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1025 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1026 }
1027 else
1028 {
1029 /* r8 to r14, but no spsr */
1030 xscale_receive(target, buffer, 7);
1031 }
1032
1033 /* move data from buffer to register cache */
1034 for (i = 8; i <= 14; i++)
1035 {
1036 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, buffer[i - 8]);
1037 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1038 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1039 }
1040
1041 /* examine debug reason */
1042 xscale_read_dcsr(target);
1043 moe = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 2, 3);
1044
1045 /* stored PC (for calculating fixup) */
1046 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1047
1048 switch (moe)
1049 {
1050 case 0x0: /* Processor reset */
1051 target->debug_reason = DBG_REASON_DBGRQ;
1052 xscale->arch_debug_reason = XSCALE_DBG_REASON_RESET;
1053 pc -= 4;
1054 break;
1055 case 0x1: /* Instruction breakpoint hit */
1056 target->debug_reason = DBG_REASON_BREAKPOINT;
1057 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1058 pc -= 4;
1059 break;
1060 case 0x2: /* Data breakpoint hit */
1061 target->debug_reason = DBG_REASON_WATCHPOINT;
1062 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1063 pc -= 4;
1064 break;
1065 case 0x3: /* BKPT instruction executed */
1066 target->debug_reason = DBG_REASON_BREAKPOINT;
1067 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1068 pc -= 4;
1069 break;
1070 case 0x4: /* Ext. debug event */
1071 target->debug_reason = DBG_REASON_DBGRQ;
1072 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1073 pc -= 4;
1074 break;
1075 case 0x5: /* Vector trap occured */
1076 target->debug_reason = DBG_REASON_BREAKPOINT;
1077 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1078 pc -= 4;
1079 break;
1080 case 0x6: /* Trace buffer full break */
1081 target->debug_reason = DBG_REASON_DBGRQ;
1082 xscale->arch_debug_reason = XSCALE_DBG_REASON_TB_FULL;
1083 pc -= 4;
1084 break;
1085 case 0x7: /* Reserved (may flag Hot-Debug support) */
1086 default:
1087 LOG_ERROR("Method of Entry is 'Reserved'");
1088 exit(-1);
1089 break;
1090 }
1091
1092 /* apply PC fixup */
1093 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
1094
1095 /* on the first debug entry, identify cache type */
1096 if (xscale->armv4_5_mmu.armv4_5_cache.ctype == -1)
1097 {
1098 uint32_t cache_type_reg;
1099
1100 /* read cp15 cache type register */
1101 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CACHETYPE]);
1102 cache_type_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CACHETYPE].value, 0, 32);
1103
1104 armv4_5_identify_cache(cache_type_reg, &xscale->armv4_5_mmu.armv4_5_cache);
1105 }
1106
1107 /* examine MMU and Cache settings */
1108 /* read cp15 control register */
1109 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
1110 xscale->cp15_control_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
1111 xscale->armv4_5_mmu.mmu_enabled = (xscale->cp15_control_reg & 0x1U) ? 1 : 0;
1112 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (xscale->cp15_control_reg & 0x4U) ? 1 : 0;
1113 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (xscale->cp15_control_reg & 0x1000U) ? 1 : 0;
1114
1115 /* tracing enabled, read collected trace data */
1116 if (xscale->trace.buffer_enabled)
1117 {
1118 xscale_read_trace(target);
1119 xscale->trace.buffer_fill--;
1120
1121 /* resume if we're still collecting trace data */
1122 if ((xscale->arch_debug_reason == XSCALE_DBG_REASON_TB_FULL)
1123 && (xscale->trace.buffer_fill > 0))
1124 {
1125 xscale_resume(target, 1, 0x0, 1, 0);
1126 }
1127 else
1128 {
1129 xscale->trace.buffer_enabled = 0;
1130 }
1131 }
1132
1133 return ERROR_OK;
1134 }
1135
1136 static int xscale_halt(target_t *target)
1137 {
1138 armv4_5_common_t *armv4_5 = target->arch_info;
1139 xscale_common_t *xscale = armv4_5->arch_info;
1140
1141 LOG_DEBUG("target->state: %s",
1142 target_state_name(target));
1143
1144 if (target->state == TARGET_HALTED)
1145 {
1146 LOG_DEBUG("target was already halted");
1147 return ERROR_OK;
1148 }
1149 else if (target->state == TARGET_UNKNOWN)
1150 {
1151 /* this must not happen for a xscale target */
1152 LOG_ERROR("target was in unknown state when halt was requested");
1153 return ERROR_TARGET_INVALID;
1154 }
1155 else if (target->state == TARGET_RESET)
1156 {
1157 LOG_DEBUG("target->state == TARGET_RESET");
1158 }
1159 else
1160 {
1161 /* assert external dbg break */
1162 xscale->external_debug_break = 1;
1163 xscale_read_dcsr(target);
1164
1165 target->debug_reason = DBG_REASON_DBGRQ;
1166 }
1167
1168 return ERROR_OK;
1169 }
1170
1171 static int xscale_enable_single_step(struct target_s *target, uint32_t next_pc)
1172 {
1173 armv4_5_common_t *armv4_5 = target->arch_info;
1174 xscale_common_t *xscale= armv4_5->arch_info;
1175 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1176 int retval;
1177
1178 if (xscale->ibcr0_used)
1179 {
1180 breakpoint_t *ibcr0_bp = breakpoint_find(target, buf_get_u32(ibcr0->value, 0, 32) & 0xfffffffe);
1181
1182 if (ibcr0_bp)
1183 {
1184 xscale_unset_breakpoint(target, ibcr0_bp);
1185 }
1186 else
1187 {
1188 LOG_ERROR("BUG: xscale->ibcr0_used is set, but no breakpoint with that address found");
1189 exit(-1);
1190 }
1191 }
1192
1193 if ((retval = xscale_set_reg_u32(ibcr0, next_pc | 0x1)) != ERROR_OK)
1194 return retval;
1195
1196 return ERROR_OK;
1197 }
1198
1199 static int xscale_disable_single_step(struct target_s *target)
1200 {
1201 armv4_5_common_t *armv4_5 = target->arch_info;
1202 xscale_common_t *xscale= armv4_5->arch_info;
1203 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1204 int retval;
1205
1206 if ((retval = xscale_set_reg_u32(ibcr0, 0x0)) != ERROR_OK)
1207 return retval;
1208
1209 return ERROR_OK;
1210 }
1211
1212 static void xscale_enable_watchpoints(struct target_s *target)
1213 {
1214 watchpoint_t *watchpoint = target->watchpoints;
1215
1216 while (watchpoint)
1217 {
1218 if (watchpoint->set == 0)
1219 xscale_set_watchpoint(target, watchpoint);
1220 watchpoint = watchpoint->next;
1221 }
1222 }
1223
1224 static void xscale_enable_breakpoints(struct target_s *target)
1225 {
1226 breakpoint_t *breakpoint = target->breakpoints;
1227
1228 /* set any pending breakpoints */
1229 while (breakpoint)
1230 {
1231 if (breakpoint->set == 0)
1232 xscale_set_breakpoint(target, breakpoint);
1233 breakpoint = breakpoint->next;
1234 }
1235 }
1236
1237 static int xscale_resume(struct target_s *target, int current,
1238 uint32_t address, int handle_breakpoints, int debug_execution)
1239 {
1240 armv4_5_common_t *armv4_5 = target->arch_info;
1241 xscale_common_t *xscale= armv4_5->arch_info;
1242 breakpoint_t *breakpoint = target->breakpoints;
1243
1244 uint32_t current_pc;
1245
1246 int retval;
1247 int i;
1248
1249 LOG_DEBUG("-");
1250
1251 if (target->state != TARGET_HALTED)
1252 {
1253 LOG_WARNING("target not halted");
1254 return ERROR_TARGET_NOT_HALTED;
1255 }
1256
1257 if (!debug_execution)
1258 {
1259 target_free_all_working_areas(target);
1260 }
1261
1262 /* update vector tables */
1263 if ((retval = xscale_update_vectors(target)) != ERROR_OK)
1264 return retval;
1265
1266 /* current = 1: continue on current pc, otherwise continue at <address> */
1267 if (!current)
1268 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1269
1270 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1271
1272 /* if we're at the reset vector, we have to simulate the branch */
1273 if (current_pc == 0x0)
1274 {
1275 arm_simulate_step(target, NULL);
1276 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1277 }
1278
1279 /* the front-end may request us not to handle breakpoints */
1280 if (handle_breakpoints)
1281 {
1282 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1283 {
1284 uint32_t next_pc;
1285
1286 /* there's a breakpoint at the current PC, we have to step over it */
1287 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1288 xscale_unset_breakpoint(target, breakpoint);
1289
1290 /* calculate PC of next instruction */
1291 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1292 {
1293 uint32_t current_opcode;
1294 target_read_u32(target, current_pc, &current_opcode);
1295 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1296 }
1297
1298 LOG_DEBUG("enable single-step");
1299 xscale_enable_single_step(target, next_pc);
1300
1301 /* restore banked registers */
1302 xscale_restore_context(target);
1303
1304 /* send resume request (command 0x30 or 0x31)
1305 * clean the trace buffer if it is to be enabled (0x62) */
1306 if (xscale->trace.buffer_enabled)
1307 {
1308 xscale_send_u32(target, 0x62);
1309 xscale_send_u32(target, 0x31);
1310 }
1311 else
1312 xscale_send_u32(target, 0x30);
1313
1314 /* send CPSR */
1315 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1316 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1317
1318 for (i = 7; i >= 0; i--)
1319 {
1320 /* send register */
1321 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1322 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1323 }
1324
1325 /* send PC */
1326 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1327 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1328
1329 /* wait for and process debug entry */
1330 xscale_debug_entry(target);
1331
1332 LOG_DEBUG("disable single-step");
1333 xscale_disable_single_step(target);
1334
1335 LOG_DEBUG("set breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1336 xscale_set_breakpoint(target, breakpoint);
1337 }
1338 }
1339
1340 /* enable any pending breakpoints and watchpoints */
1341 xscale_enable_breakpoints(target);
1342 xscale_enable_watchpoints(target);
1343
1344 /* restore banked registers */
1345 xscale_restore_context(target);
1346
1347 /* send resume request (command 0x30 or 0x31)
1348 * clean the trace buffer if it is to be enabled (0x62) */
1349 if (xscale->trace.buffer_enabled)
1350 {
1351 xscale_send_u32(target, 0x62);
1352 xscale_send_u32(target, 0x31);
1353 }
1354 else
1355 xscale_send_u32(target, 0x30);
1356
1357 /* send CPSR */
1358 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1359 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1360
1361 for (i = 7; i >= 0; i--)
1362 {
1363 /* send register */
1364 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1365 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1366 }
1367
1368 /* send PC */
1369 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1370 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1371
1372 target->debug_reason = DBG_REASON_NOTHALTED;
1373
1374 if (!debug_execution)
1375 {
1376 /* registers are now invalid */
1377 armv4_5_invalidate_core_regs(target);
1378 target->state = TARGET_RUNNING;
1379 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1380 }
1381 else
1382 {
1383 target->state = TARGET_DEBUG_RUNNING;
1384 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1385 }
1386
1387 LOG_DEBUG("target resumed");
1388
1389 xscale->handler_running = 1;
1390
1391 return ERROR_OK;
1392 }
1393
1394 static int xscale_step_inner(struct target_s *target, int current,
1395 uint32_t address, int handle_breakpoints)
1396 {
1397 armv4_5_common_t *armv4_5 = target->arch_info;
1398 xscale_common_t *xscale = armv4_5->arch_info;
1399
1400 uint32_t next_pc;
1401 int retval;
1402 int i;
1403
1404 target->debug_reason = DBG_REASON_SINGLESTEP;
1405
1406 /* calculate PC of next instruction */
1407 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1408 {
1409 uint32_t current_opcode, current_pc;
1410 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1411
1412 target_read_u32(target, current_pc, &current_opcode);
1413 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1414 return retval;
1415 }
1416
1417 LOG_DEBUG("enable single-step");
1418 if ((retval = xscale_enable_single_step(target, next_pc)) != ERROR_OK)
1419 return retval;
1420
1421 /* restore banked registers */
1422 if ((retval = xscale_restore_context(target)) != ERROR_OK)
1423 return retval;
1424
1425 /* send resume request (command 0x30 or 0x31)
1426 * clean the trace buffer if it is to be enabled (0x62) */
1427 if (xscale->trace.buffer_enabled)
1428 {
1429 if ((retval = xscale_send_u32(target, 0x62)) != ERROR_OK)
1430 return retval;
1431 if ((retval = xscale_send_u32(target, 0x31)) != ERROR_OK)
1432 return retval;
1433 }
1434 else
1435 if ((retval = xscale_send_u32(target, 0x30)) != ERROR_OK)
1436 return retval;
1437
1438 /* send CPSR */
1439 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32))) != ERROR_OK)
1440 return retval;
1441 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1442
1443 for (i = 7; i >= 0; i--)
1444 {
1445 /* send register */
1446 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32))) != ERROR_OK)
1447 return retval;
1448 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1449 }
1450
1451 /* send PC */
1452 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))) != ERROR_OK)
1453 return retval;
1454 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1455
1456 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1457
1458 /* registers are now invalid */
1459 if ((retval = armv4_5_invalidate_core_regs(target)) != ERROR_OK)
1460 return retval;
1461
1462 /* wait for and process debug entry */
1463 if ((retval = xscale_debug_entry(target)) != ERROR_OK)
1464 return retval;
1465
1466 LOG_DEBUG("disable single-step");
1467 if ((retval = xscale_disable_single_step(target)) != ERROR_OK)
1468 return retval;
1469
1470 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1471
1472 return ERROR_OK;
1473 }
1474
1475 static int xscale_step(struct target_s *target, int current,
1476 uint32_t address, int handle_breakpoints)
1477 {
1478 armv4_5_common_t *armv4_5 = target->arch_info;
1479 breakpoint_t *breakpoint = target->breakpoints;
1480
1481 uint32_t current_pc;
1482 int retval;
1483
1484 if (target->state != TARGET_HALTED)
1485 {
1486 LOG_WARNING("target not halted");
1487 return ERROR_TARGET_NOT_HALTED;
1488 }
1489
1490 /* current = 1: continue on current pc, otherwise continue at <address> */
1491 if (!current)
1492 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1493
1494 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1495
1496 /* if we're at the reset vector, we have to simulate the step */
1497 if (current_pc == 0x0)
1498 {
1499 if ((retval = arm_simulate_step(target, NULL)) != ERROR_OK)
1500 return retval;
1501 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1502
1503 target->debug_reason = DBG_REASON_SINGLESTEP;
1504 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1505
1506 return ERROR_OK;
1507 }
1508
1509 /* the front-end may request us not to handle breakpoints */
1510 if (handle_breakpoints)
1511 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1512 {
1513 if ((retval = xscale_unset_breakpoint(target, breakpoint)) != ERROR_OK)
1514 return retval;
1515 }
1516
1517 retval = xscale_step_inner(target, current, address, handle_breakpoints);
1518
1519 if (breakpoint)
1520 {
1521 xscale_set_breakpoint(target, breakpoint);
1522 }
1523
1524 LOG_DEBUG("target stepped");
1525
1526 return ERROR_OK;
1527
1528 }
1529
1530 static int xscale_assert_reset(target_t *target)
1531 {
1532 armv4_5_common_t *armv4_5 = target->arch_info;
1533 xscale_common_t *xscale = armv4_5->arch_info;
1534
1535 LOG_DEBUG("target->state: %s",
1536 target_state_name(target));
1537
1538 /* select DCSR instruction (set endstate to R-T-I to ensure we don't
1539 * end up in T-L-R, which would reset JTAG
1540 */
1541 jtag_set_end_state(TAP_IDLE);
1542 xscale_jtag_set_instr(xscale->jtag_info.tap, xscale->jtag_info.dcsr);
1543
1544 /* set Hold reset, Halt mode and Trap Reset */
1545 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1546 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1547 xscale_write_dcsr(target, 1, 0);
1548
1549 /* select BYPASS, because having DCSR selected caused problems on the PXA27x */
1550 xscale_jtag_set_instr(xscale->jtag_info.tap, 0x7f);
1551 jtag_execute_queue();
1552
1553 /* assert reset */
1554 jtag_add_reset(0, 1);
1555
1556 /* sleep 1ms, to be sure we fulfill any requirements */
1557 jtag_add_sleep(1000);
1558 jtag_execute_queue();
1559
1560 target->state = TARGET_RESET;
1561
1562 if (target->reset_halt)
1563 {
1564 int retval;
1565 if ((retval = target_halt(target)) != ERROR_OK)
1566 return retval;
1567 }
1568
1569 return ERROR_OK;
1570 }
1571
1572 static int xscale_deassert_reset(target_t *target)
1573 {
1574 armv4_5_common_t *armv4_5 = target->arch_info;
1575 xscale_common_t *xscale = armv4_5->arch_info;
1576
1577 fileio_t debug_handler;
1578 uint32_t address;
1579 uint32_t binary_size;
1580
1581 uint32_t buf_cnt;
1582 uint32_t i;
1583 int retval;
1584
1585 breakpoint_t *breakpoint = target->breakpoints;
1586
1587 LOG_DEBUG("-");
1588
1589 xscale->ibcr_available = 2;
1590 xscale->ibcr0_used = 0;
1591 xscale->ibcr1_used = 0;
1592
1593 xscale->dbr_available = 2;
1594 xscale->dbr0_used = 0;
1595 xscale->dbr1_used = 0;
1596
1597 /* mark all hardware breakpoints as unset */
1598 while (breakpoint)
1599 {
1600 if (breakpoint->type == BKPT_HARD)
1601 {
1602 breakpoint->set = 0;
1603 }
1604 breakpoint = breakpoint->next;
1605 }
1606
1607 if (!xscale->handler_installed)
1608 {
1609 /* release SRST */
1610 jtag_add_reset(0, 0);
1611
1612 /* wait 300ms; 150 and 100ms were not enough */
1613 jtag_add_sleep(300*1000);
1614
1615 jtag_add_runtest(2030, jtag_set_end_state(TAP_IDLE));
1616 jtag_execute_queue();
1617
1618 /* set Hold reset, Halt mode and Trap Reset */
1619 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1620 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1621 xscale_write_dcsr(target, 1, 0);
1622
1623 /* Load debug handler */
1624 if (fileio_open(&debug_handler, "xscale/debug_handler.bin", FILEIO_READ, FILEIO_BINARY) != ERROR_OK)
1625 {
1626 return ERROR_OK;
1627 }
1628
1629 if ((binary_size = debug_handler.size) % 4)
1630 {
1631 LOG_ERROR("debug_handler.bin: size not a multiple of 4");
1632 exit(-1);
1633 }
1634
1635 if (binary_size > 0x800)
1636 {
1637 LOG_ERROR("debug_handler.bin: larger than 2kb");
1638 exit(-1);
1639 }
1640
1641 binary_size = CEIL(binary_size, 32) * 32;
1642
1643 address = xscale->handler_address;
1644 while (binary_size > 0)
1645 {
1646 uint32_t cache_line[8];
1647 uint8_t buffer[32];
1648
1649 if ((retval = fileio_read(&debug_handler, 32, buffer, &buf_cnt)) != ERROR_OK)
1650 {
1651
1652 }
1653
1654 for (i = 0; i < buf_cnt; i += 4)
1655 {
1656 /* convert LE buffer to host-endian uint32_t */
1657 cache_line[i / 4] = le_to_h_u32(&buffer[i]);
1658 }
1659
1660 for (; i < 32; i += 4)
1661 {
1662 cache_line[i / 4] = 0xe1a08008;
1663 }
1664
1665 /* only load addresses other than the reset vectors */
1666 if ((address % 0x400) != 0x0)
1667 {
1668 xscale_load_ic(target, 1, address, cache_line);
1669 }
1670
1671 address += buf_cnt;
1672 binary_size -= buf_cnt;
1673 };
1674
1675 xscale_load_ic(target, 1, 0x0, xscale->low_vectors);
1676 xscale_load_ic(target, 1, 0xffff0000, xscale->high_vectors);
1677
1678 jtag_add_runtest(30, jtag_set_end_state(TAP_IDLE));
1679
1680 jtag_add_sleep(100000);
1681
1682 /* set Hold reset, Halt mode and Trap Reset */
1683 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1684 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1685 xscale_write_dcsr(target, 1, 0);
1686
1687 /* clear Hold reset to let the target run (should enter debug handler) */
1688 xscale_write_dcsr(target, 0, 1);
1689 target->state = TARGET_RUNNING;
1690
1691 if (!target->reset_halt)
1692 {
1693 jtag_add_sleep(10000);
1694
1695 /* we should have entered debug now */
1696 xscale_debug_entry(target);
1697 target->state = TARGET_HALTED;
1698
1699 /* resume the target */
1700 xscale_resume(target, 1, 0x0, 1, 0);
1701 }
1702
1703 fileio_close(&debug_handler);
1704 }
1705 else
1706 {
1707 jtag_add_reset(0, 0);
1708 }
1709
1710 return ERROR_OK;
1711 }
1712
1713 static int xscale_read_core_reg(struct target_s *target, int num,
1714 enum armv4_5_mode mode)
1715 {
1716 LOG_ERROR("not implemented");
1717 return ERROR_OK;
1718 }
1719
1720 static int xscale_write_core_reg(struct target_s *target, int num,
1721 enum armv4_5_mode mode, uint32_t value)
1722 {
1723 LOG_ERROR("not implemented");
1724 return ERROR_OK;
1725 }
1726
1727 static int xscale_full_context(target_t *target)
1728 {
1729 armv4_5_common_t *armv4_5 = target->arch_info;
1730
1731 uint32_t *buffer;
1732
1733 int i, j;
1734
1735 LOG_DEBUG("-");
1736
1737 if (target->state != TARGET_HALTED)
1738 {
1739 LOG_WARNING("target not halted");
1740 return ERROR_TARGET_NOT_HALTED;
1741 }
1742
1743 buffer = malloc(4 * 8);
1744
1745 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1746 * we can't enter User mode on an XScale (unpredictable),
1747 * but User shares registers with SYS
1748 */
1749 for (i = 1; i < 7; i++)
1750 {
1751 int valid = 1;
1752
1753 /* check if there are invalid registers in the current mode
1754 */
1755 for (j = 0; j <= 16; j++)
1756 {
1757 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1758 valid = 0;
1759 }
1760
1761 if (!valid)
1762 {
1763 uint32_t tmp_cpsr;
1764
1765 /* request banked registers */
1766 xscale_send_u32(target, 0x0);
1767
1768 tmp_cpsr = 0x0;
1769 tmp_cpsr |= armv4_5_number_to_mode(i);
1770 tmp_cpsr |= 0xc0; /* I/F bits */
1771
1772 /* send CPSR for desired mode */
1773 xscale_send_u32(target, tmp_cpsr);
1774
1775 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1776 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1777 {
1778 xscale_receive(target, buffer, 8);
1779 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1780 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1781 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1782 }
1783 else
1784 {
1785 xscale_receive(target, buffer, 7);
1786 }
1787
1788 /* move data from buffer to register cache */
1789 for (j = 8; j <= 14; j++)
1790 {
1791 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value, 0, 32, buffer[j - 8]);
1792 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1793 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1794 }
1795 }
1796 }
1797
1798 free(buffer);
1799
1800 return ERROR_OK;
1801 }
1802
1803 static int xscale_restore_context(target_t *target)
1804 {
1805 armv4_5_common_t *armv4_5 = target->arch_info;
1806
1807 int i, j;
1808
1809 if (target->state != TARGET_HALTED)
1810 {
1811 LOG_WARNING("target not halted");
1812 return ERROR_TARGET_NOT_HALTED;
1813 }
1814
1815 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1816 * we can't enter User mode on an XScale (unpredictable),
1817 * but User shares registers with SYS
1818 */
1819 for (i = 1; i < 7; i++)
1820 {
1821 int dirty = 0;
1822
1823 /* check if there are invalid registers in the current mode
1824 */
1825 for (j = 8; j <= 14; j++)
1826 {
1827 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty == 1)
1828 dirty = 1;
1829 }
1830
1831 /* if not USR/SYS, check if the SPSR needs to be written */
1832 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1833 {
1834 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty == 1)
1835 dirty = 1;
1836 }
1837
1838 if (dirty)
1839 {
1840 uint32_t tmp_cpsr;
1841
1842 /* send banked registers */
1843 xscale_send_u32(target, 0x1);
1844
1845 tmp_cpsr = 0x0;
1846 tmp_cpsr |= armv4_5_number_to_mode(i);
1847 tmp_cpsr |= 0xc0; /* I/F bits */
1848
1849 /* send CPSR for desired mode */
1850 xscale_send_u32(target, tmp_cpsr);
1851
1852 /* send banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1853 for (j = 8; j <= 14; j++)
1854 {
1855 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, j).value, 0, 32));
1856 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1857 }
1858
1859 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1860 {
1861 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32));
1862 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1863 }
1864 }
1865 }
1866
1867 return ERROR_OK;
1868 }
1869
1870 static int xscale_read_memory(struct target_s *target, uint32_t address,
1871 uint32_t size, uint32_t count, uint8_t *buffer)
1872 {
1873 armv4_5_common_t *armv4_5 = target->arch_info;
1874 xscale_common_t *xscale = armv4_5->arch_info;
1875 uint32_t *buf32;
1876 uint32_t i;
1877 int retval;
1878
1879 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32, address, size, count);
1880
1881 if (target->state != TARGET_HALTED)
1882 {
1883 LOG_WARNING("target not halted");
1884 return ERROR_TARGET_NOT_HALTED;
1885 }
1886
1887 /* sanitize arguments */
1888 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1889 return ERROR_INVALID_ARGUMENTS;
1890
1891 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1892 return ERROR_TARGET_UNALIGNED_ACCESS;
1893
1894 /* send memory read request (command 0x1n, n: access size) */
1895 if ((retval = xscale_send_u32(target, 0x10 | size)) != ERROR_OK)
1896 return retval;
1897
1898 /* send base address for read request */
1899 if ((retval = xscale_send_u32(target, address)) != ERROR_OK)
1900 return retval;
1901
1902 /* send number of requested data words */
1903 if ((retval = xscale_send_u32(target, count)) != ERROR_OK)
1904 return retval;
1905
1906 /* receive data from target (count times 32-bit words in host endianness) */
1907 buf32 = malloc(4 * count);
1908 if ((retval = xscale_receive(target, buf32, count)) != ERROR_OK)
1909 return retval;
1910
1911 /* extract data from host-endian buffer into byte stream */
1912 for (i = 0; i < count; i++)
1913 {
1914 switch (size)
1915 {
1916 case 4:
1917 target_buffer_set_u32(target, buffer, buf32[i]);
1918 buffer += 4;
1919 break;
1920 case 2:
1921 target_buffer_set_u16(target, buffer, buf32[i] & 0xffff);
1922 buffer += 2;
1923 break;
1924 case 1:
1925 *buffer++ = buf32[i] & 0xff;
1926 break;
1927 default:
1928 LOG_ERROR("should never get here");
1929 exit(-1);
1930 }
1931 }
1932
1933 free(buf32);
1934
1935 /* examine DCSR, to see if Sticky Abort (SA) got set */
1936 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
1937 return retval;
1938 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
1939 {
1940 /* clear SA bit */
1941 if ((retval = xscale_send_u32(target, 0x60)) != ERROR_OK)
1942 return retval;
1943
1944 return ERROR_TARGET_DATA_ABORT;
1945 }
1946
1947 return ERROR_OK;
1948 }
1949
1950 static int xscale_write_memory(struct target_s *target, uint32_t address,
1951 uint32_t size, uint32_t count, uint8_t *buffer)
1952 {
1953 armv4_5_common_t *armv4_5 = target->arch_info;
1954 xscale_common_t *xscale = armv4_5->arch_info;
1955 int retval;
1956
1957 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32, address, size, count);
1958
1959 if (target->state != TARGET_HALTED)
1960 {
1961 LOG_WARNING("target not halted");
1962 return ERROR_TARGET_NOT_HALTED;
1963 }
1964
1965 /* sanitize arguments */
1966 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1967 return ERROR_INVALID_ARGUMENTS;
1968
1969 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1970 return ERROR_TARGET_UNALIGNED_ACCESS;
1971
1972 /* send memory write request (command 0x2n, n: access size) */
1973 if ((retval = xscale_send_u32(target, 0x20 | size)) != ERROR_OK)
1974 return retval;
1975
1976 /* send base address for read request */
1977 if ((retval = xscale_send_u32(target, address)) != ERROR_OK)
1978 return retval;
1979
1980 /* send number of requested data words to be written*/
1981 if ((retval = xscale_send_u32(target, count)) != ERROR_OK)
1982 return retval;
1983
1984 /* extract data from host-endian buffer into byte stream */
1985 #if 0
1986 for (i = 0; i < count; i++)
1987 {
1988 switch (size)
1989 {
1990 case 4:
1991 value = target_buffer_get_u32(target, buffer);
1992 xscale_send_u32(target, value);
1993 buffer += 4;
1994 break;
1995 case 2:
1996 value = target_buffer_get_u16(target, buffer);
1997 xscale_send_u32(target, value);
1998 buffer += 2;
1999 break;
2000 case 1:
2001 value = *buffer;
2002 xscale_send_u32(target, value);
2003 buffer += 1;
2004 break;
2005 default:
2006 LOG_ERROR("should never get here");
2007 exit(-1);
2008 }
2009 }
2010 #endif
2011 if ((retval = xscale_send(target, buffer, count, size)) != ERROR_OK)
2012 return retval;
2013
2014 /* examine DCSR, to see if Sticky Abort (SA) got set */
2015 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
2016 return retval;
2017 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
2018 {
2019 /* clear SA bit */
2020 if ((retval = xscale_send_u32(target, 0x60)) != ERROR_OK)
2021 return retval;
2022
2023 return ERROR_TARGET_DATA_ABORT;
2024 }
2025
2026 return ERROR_OK;
2027 }
2028
2029 static int xscale_bulk_write_memory(target_t *target, uint32_t address,
2030 uint32_t count, uint8_t *buffer)
2031 {
2032 return xscale_write_memory(target, address, 4, count, buffer);
2033 }
2034
2035 static uint32_t xscale_get_ttb(target_t *target)
2036 {
2037 armv4_5_common_t *armv4_5 = target->arch_info;
2038 xscale_common_t *xscale = armv4_5->arch_info;
2039 uint32_t ttb;
2040
2041 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_TTB]);
2042 ttb = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_TTB].value, 0, 32);
2043
2044 return ttb;
2045 }
2046
2047 static void xscale_disable_mmu_caches(target_t *target, int mmu,
2048 int d_u_cache, int i_cache)
2049 {
2050 armv4_5_common_t *armv4_5 = target->arch_info;
2051 xscale_common_t *xscale = armv4_5->arch_info;
2052 uint32_t cp15_control;
2053
2054 /* read cp15 control register */
2055 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2056 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2057
2058 if (mmu)
2059 cp15_control &= ~0x1U;
2060
2061 if (d_u_cache)
2062 {
2063 /* clean DCache */
2064 xscale_send_u32(target, 0x50);
2065 xscale_send_u32(target, xscale->cache_clean_address);
2066
2067 /* invalidate DCache */
2068 xscale_send_u32(target, 0x51);
2069
2070 cp15_control &= ~0x4U;
2071 }
2072
2073 if (i_cache)
2074 {
2075 /* invalidate ICache */
2076 xscale_send_u32(target, 0x52);
2077 cp15_control &= ~0x1000U;
2078 }
2079
2080 /* write new cp15 control register */
2081 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2082
2083 /* execute cpwait to ensure outstanding operations complete */
2084 xscale_send_u32(target, 0x53);
2085 }
2086
2087 static void xscale_enable_mmu_caches(target_t *target, int mmu,
2088 int d_u_cache, int i_cache)
2089 {
2090 armv4_5_common_t *armv4_5 = target->arch_info;
2091 xscale_common_t *xscale = armv4_5->arch_info;
2092 uint32_t cp15_control;
2093
2094 /* read cp15 control register */
2095 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2096 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2097
2098 if (mmu)
2099 cp15_control |= 0x1U;
2100
2101 if (d_u_cache)
2102 cp15_control |= 0x4U;
2103
2104 if (i_cache)
2105 cp15_control |= 0x1000U;
2106
2107 /* write new cp15 control register */
2108 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2109
2110 /* execute cpwait to ensure outstanding operations complete */
2111 xscale_send_u32(target, 0x53);
2112 }
2113
2114 static int xscale_set_breakpoint(struct target_s *target,
2115 breakpoint_t *breakpoint)
2116 {
2117 int retval;
2118 armv4_5_common_t *armv4_5 = target->arch_info;
2119 xscale_common_t *xscale = armv4_5->arch_info;
2120
2121 if (target->state != TARGET_HALTED)
2122 {
2123 LOG_WARNING("target not halted");
2124 return ERROR_TARGET_NOT_HALTED;
2125 }
2126
2127 if (breakpoint->set)
2128 {
2129 LOG_WARNING("breakpoint already set");
2130 return ERROR_OK;
2131 }
2132
2133 if (breakpoint->type == BKPT_HARD)
2134 {
2135 uint32_t value = breakpoint->address | 1;
2136 if (!xscale->ibcr0_used)
2137 {
2138 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], value);
2139 xscale->ibcr0_used = 1;
2140 breakpoint->set = 1; /* breakpoint set on first breakpoint register */
2141 }
2142 else if (!xscale->ibcr1_used)
2143 {
2144 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], value);
2145 xscale->ibcr1_used = 1;
2146 breakpoint->set = 2; /* breakpoint set on second breakpoint register */
2147 }
2148 else
2149 {
2150 LOG_ERROR("BUG: no hardware comparator available");
2151 return ERROR_OK;
2152 }
2153 }
2154 else if (breakpoint->type == BKPT_SOFT)
2155 {
2156 if (breakpoint->length == 4)
2157 {
2158 /* keep the original instruction in target endianness */
2159 if ((retval = target_read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2160 {
2161 return retval;
2162 }
2163 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2164 if ((retval = target_write_u32(target, breakpoint->address, xscale->arm_bkpt)) != ERROR_OK)
2165 {
2166 return retval;
2167 }
2168 }
2169 else
2170 {
2171 /* keep the original instruction in target endianness */
2172 if ((retval = target_read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2173 {
2174 return retval;
2175 }
2176 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2177 if ((retval = target_write_u32(target, breakpoint->address, xscale->thumb_bkpt)) != ERROR_OK)
2178 {
2179 return retval;
2180 }
2181 }
2182 breakpoint->set = 1;
2183 }
2184
2185 return ERROR_OK;
2186 }
2187
2188 static int xscale_add_breakpoint(struct target_s *target,
2189 breakpoint_t *breakpoint)
2190 {
2191 armv4_5_common_t *armv4_5 = target->arch_info;
2192 xscale_common_t *xscale = armv4_5->arch_info;
2193
2194 if (target->state != TARGET_HALTED)
2195 {
2196 LOG_WARNING("target not halted");
2197 return ERROR_TARGET_NOT_HALTED;
2198 }
2199
2200 if ((breakpoint->type == BKPT_HARD) && (xscale->ibcr_available < 1))
2201 {
2202 LOG_INFO("no breakpoint unit available for hardware breakpoint");
2203 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2204 }
2205
2206 if ((breakpoint->length != 2) && (breakpoint->length != 4))
2207 {
2208 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
2209 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2210 }
2211
2212 if (breakpoint->type == BKPT_HARD)
2213 {
2214 xscale->ibcr_available--;
2215 }
2216
2217 return ERROR_OK;
2218 }
2219
2220 static int xscale_unset_breakpoint(struct target_s *target,
2221 breakpoint_t *breakpoint)
2222 {
2223 int retval;
2224 armv4_5_common_t *armv4_5 = target->arch_info;
2225 xscale_common_t *xscale = armv4_5->arch_info;
2226
2227 if (target->state != TARGET_HALTED)
2228 {
2229 LOG_WARNING("target not halted");
2230 return ERROR_TARGET_NOT_HALTED;
2231 }
2232
2233 if (!breakpoint->set)
2234 {
2235 LOG_WARNING("breakpoint not set");
2236 return ERROR_OK;
2237 }
2238
2239 if (breakpoint->type == BKPT_HARD)
2240 {
2241 if (breakpoint->set == 1)
2242 {
2243 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], 0x0);
2244 xscale->ibcr0_used = 0;
2245 }
2246 else if (breakpoint->set == 2)
2247 {
2248 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], 0x0);
2249 xscale->ibcr1_used = 0;
2250 }
2251 breakpoint->set = 0;
2252 }
2253 else
2254 {
2255 /* restore original instruction (kept in target endianness) */
2256 if (breakpoint->length == 4)
2257 {
2258 if ((retval = target_write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2259 {
2260 return retval;
2261 }
2262 }
2263 else
2264 {
2265 if ((retval = target_write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2266 {
2267 return retval;
2268 }
2269 }
2270 breakpoint->set = 0;
2271 }
2272
2273 return ERROR_OK;
2274 }
2275
2276 static int xscale_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2277 {
2278 armv4_5_common_t *armv4_5 = target->arch_info;
2279 xscale_common_t *xscale = armv4_5->arch_info;
2280
2281 if (target->state != TARGET_HALTED)
2282 {
2283 LOG_WARNING("target not halted");
2284 return ERROR_TARGET_NOT_HALTED;
2285 }
2286
2287 if (breakpoint->set)
2288 {
2289 xscale_unset_breakpoint(target, breakpoint);
2290 }
2291
2292 if (breakpoint->type == BKPT_HARD)
2293 xscale->ibcr_available++;
2294
2295 return ERROR_OK;
2296 }
2297
2298 static int xscale_set_watchpoint(struct target_s *target,
2299 watchpoint_t *watchpoint)
2300 {
2301 armv4_5_common_t *armv4_5 = target->arch_info;
2302 xscale_common_t *xscale = armv4_5->arch_info;
2303 uint8_t enable = 0;
2304 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2305 uint32_t dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2306
2307 if (target->state != TARGET_HALTED)
2308 {
2309 LOG_WARNING("target not halted");
2310 return ERROR_TARGET_NOT_HALTED;
2311 }
2312
2313 xscale_get_reg(dbcon);
2314
2315 switch (watchpoint->rw)
2316 {
2317 case WPT_READ:
2318 enable = 0x3;
2319 break;
2320 case WPT_ACCESS:
2321 enable = 0x2;
2322 break;
2323 case WPT_WRITE:
2324 enable = 0x1;
2325 break;
2326 default:
2327 LOG_ERROR("BUG: watchpoint->rw neither read, write nor access");
2328 }
2329
2330 if (!xscale->dbr0_used)
2331 {
2332 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR0], watchpoint->address);
2333 dbcon_value |= enable;
2334 xscale_set_reg_u32(dbcon, dbcon_value);
2335 watchpoint->set = 1;
2336 xscale->dbr0_used = 1;
2337 }
2338 else if (!xscale->dbr1_used)
2339 {
2340 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR1], watchpoint->address);
2341 dbcon_value |= enable << 2;
2342 xscale_set_reg_u32(dbcon, dbcon_value);
2343 watchpoint->set = 2;
2344 xscale->dbr1_used = 1;
2345 }
2346 else
2347 {
2348 LOG_ERROR("BUG: no hardware comparator available");
2349 return ERROR_OK;
2350 }
2351
2352 return ERROR_OK;
2353 }
2354
2355 static int xscale_add_watchpoint(struct target_s *target,
2356 watchpoint_t *watchpoint)
2357 {
2358 armv4_5_common_t *armv4_5 = target->arch_info;
2359 xscale_common_t *xscale = armv4_5->arch_info;
2360
2361 if (target->state != TARGET_HALTED)
2362 {
2363 LOG_WARNING("target not halted");
2364 return ERROR_TARGET_NOT_HALTED;
2365 }
2366
2367 if (xscale->dbr_available < 1)
2368 {
2369 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2370 }
2371
2372 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
2373 {
2374 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2375 }
2376
2377 xscale->dbr_available--;
2378
2379 return ERROR_OK;
2380 }
2381
2382 static int xscale_unset_watchpoint(struct target_s *target,
2383 watchpoint_t *watchpoint)
2384 {
2385 armv4_5_common_t *armv4_5 = target->arch_info;
2386 xscale_common_t *xscale = armv4_5->arch_info;
2387 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2388 uint32_t dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2389
2390 if (target->state != TARGET_HALTED)
2391 {
2392 LOG_WARNING("target not halted");
2393 return ERROR_TARGET_NOT_HALTED;
2394 }
2395
2396 if (!watchpoint->set)
2397 {
2398 LOG_WARNING("breakpoint not set");
2399 return ERROR_OK;
2400 }
2401
2402 if (watchpoint->set == 1)
2403 {
2404 dbcon_value &= ~0x3;
2405 xscale_set_reg_u32(dbcon, dbcon_value);
2406 xscale->dbr0_used = 0;
2407 }
2408 else if (watchpoint->set == 2)
2409 {
2410 dbcon_value &= ~0xc;
2411 xscale_set_reg_u32(dbcon, dbcon_value);
2412 xscale->dbr1_used = 0;
2413 }
2414 watchpoint->set = 0;
2415
2416 return ERROR_OK;
2417 }
2418
2419 static int xscale_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2420 {
2421 armv4_5_common_t *armv4_5 = target->arch_info;
2422 xscale_common_t *xscale = armv4_5->arch_info;
2423
2424 if (target->state != TARGET_HALTED)
2425 {
2426 LOG_WARNING("target not halted");
2427 return ERROR_TARGET_NOT_HALTED;
2428 }
2429
2430 if (watchpoint->set)
2431 {
2432 xscale_unset_watchpoint(target, watchpoint);
2433 }
2434
2435 xscale->dbr_available++;
2436
2437 return ERROR_OK;
2438 }
2439
2440 static int xscale_get_reg(reg_t *reg)
2441 {
2442 xscale_reg_t *arch_info = reg->arch_info;
2443 target_t *target = arch_info->target;
2444 armv4_5_common_t *armv4_5 = target->arch_info;
2445 xscale_common_t *xscale = armv4_5->arch_info;
2446
2447 /* DCSR, TX and RX are accessible via JTAG */
2448 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2449 {
2450 return xscale_read_dcsr(arch_info->target);
2451 }
2452 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2453 {
2454 /* 1 = consume register content */
2455 return xscale_read_tx(arch_info->target, 1);
2456 }
2457 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2458 {
2459 /* can't read from RX register (host -> debug handler) */
2460 return ERROR_OK;
2461 }
2462 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2463 {
2464 /* can't (explicitly) read from TXRXCTRL register */
2465 return ERROR_OK;
2466 }
2467 else /* Other DBG registers have to be transfered by the debug handler */
2468 {
2469 /* send CP read request (command 0x40) */
2470 xscale_send_u32(target, 0x40);
2471
2472 /* send CP register number */
2473 xscale_send_u32(target, arch_info->dbg_handler_number);
2474
2475 /* read register value */
2476 xscale_read_tx(target, 1);
2477 buf_cpy(xscale->reg_cache->reg_list[XSCALE_TX].value, reg->value, 32);
2478
2479 reg->dirty = 0;
2480 reg->valid = 1;
2481 }
2482
2483 return ERROR_OK;
2484 }
2485
2486 static int xscale_set_reg(reg_t *reg, uint8_t* buf)
2487 {
2488 xscale_reg_t *arch_info = reg->arch_info;
2489 target_t *target = arch_info->target;
2490 armv4_5_common_t *armv4_5 = target->arch_info;
2491 xscale_common_t *xscale = armv4_5->arch_info;
2492 uint32_t value = buf_get_u32(buf, 0, 32);
2493
2494 /* DCSR, TX and RX are accessible via JTAG */
2495 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2496 {
2497 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32, value);
2498 return xscale_write_dcsr(arch_info->target, -1, -1);
2499 }
2500 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2501 {
2502 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
2503 return xscale_write_rx(arch_info->target);
2504 }
2505 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2506 {
2507 /* can't write to TX register (debug-handler -> host) */
2508 return ERROR_OK;
2509 }
2510 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2511 {
2512 /* can't (explicitly) write to TXRXCTRL register */
2513 return ERROR_OK;
2514 }
2515 else /* Other DBG registers have to be transfered by the debug handler */
2516 {
2517 /* send CP write request (command 0x41) */
2518 xscale_send_u32(target, 0x41);
2519
2520 /* send CP register number */
2521 xscale_send_u32(target, arch_info->dbg_handler_number);
2522
2523 /* send CP register value */
2524 xscale_send_u32(target, value);
2525 buf_set_u32(reg->value, 0, 32, value);
2526 }
2527
2528 return ERROR_OK;
2529 }
2530
2531 static int xscale_write_dcsr_sw(target_t *target, uint32_t value)
2532 {
2533 /* get pointers to arch-specific information */
2534 armv4_5_common_t *armv4_5 = target->arch_info;
2535 xscale_common_t *xscale = armv4_5->arch_info;
2536 reg_t *dcsr = &xscale->reg_cache->reg_list[XSCALE_DCSR];
2537 xscale_reg_t *dcsr_arch_info = dcsr->arch_info;
2538
2539 /* send CP write request (command 0x41) */
2540 xscale_send_u32(target, 0x41);
2541
2542 /* send CP register number */
2543 xscale_send_u32(target, dcsr_arch_info->dbg_handler_number);
2544
2545 /* send CP register value */
2546 xscale_send_u32(target, value);
2547 buf_set_u32(dcsr->value, 0, 32, value);
2548
2549 return ERROR_OK;
2550 }
2551
2552 static int xscale_read_trace(target_t *target)
2553 {
2554 /* get pointers to arch-specific information */
2555 armv4_5_common_t *armv4_5 = target->arch_info;
2556 xscale_common_t *xscale = armv4_5->arch_info;
2557 xscale_trace_data_t **trace_data_p;
2558
2559 /* 258 words from debug handler
2560 * 256 trace buffer entries
2561 * 2 checkpoint addresses
2562 */
2563 uint32_t trace_buffer[258];
2564 int is_address[256];
2565 int i, j;
2566
2567 if (target->state != TARGET_HALTED)
2568 {
2569 LOG_WARNING("target must be stopped to read trace data");
2570 return ERROR_TARGET_NOT_HALTED;
2571 }
2572
2573 /* send read trace buffer command (command 0x61) */
2574 xscale_send_u32(target, 0x61);
2575
2576 /* receive trace buffer content */
2577 xscale_receive(target, trace_buffer, 258);
2578
2579 /* parse buffer backwards to identify address entries */
2580 for (i = 255; i >= 0; i--)
2581 {
2582 is_address[i] = 0;
2583 if (((trace_buffer[i] & 0xf0) == 0x90) ||
2584 ((trace_buffer[i] & 0xf0) == 0xd0))
2585 {
2586 if (i >= 3)
2587 is_address[--i] = 1;
2588 if (i >= 2)
2589 is_address[--i] = 1;
2590 if (i >= 1)
2591 is_address[--i] = 1;
2592 if (i >= 0)
2593 is_address[--i] = 1;
2594 }
2595 }
2596
2597
2598 /* search first non-zero entry */
2599 for (j = 0; (j < 256) && (trace_buffer[j] == 0) && (!is_address[j]); j++)
2600 ;
2601
2602 if (j == 256)
2603 {
2604 LOG_DEBUG("no trace data collected");
2605 return ERROR_XSCALE_NO_TRACE_DATA;
2606 }
2607
2608 for (trace_data_p = &xscale->trace.data; *trace_data_p; trace_data_p = &(*trace_data_p)->next)
2609 ;
2610
2611 *trace_data_p = malloc(sizeof(xscale_trace_data_t));
2612 (*trace_data_p)->next = NULL;
2613 (*trace_data_p)->chkpt0 = trace_buffer[256];
2614 (*trace_data_p)->chkpt1 = trace_buffer[257];
2615 (*trace_data_p)->last_instruction = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2616 (*trace_data_p)->entries = malloc(sizeof(xscale_trace_entry_t) * (256 - j));
2617 (*trace_data_p)->depth = 256 - j;
2618
2619 for (i = j; i < 256; i++)
2620 {
2621 (*trace_data_p)->entries[i - j].data = trace_buffer[i];
2622 if (is_address[i])
2623 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_ADDRESS;
2624 else
2625 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_MESSAGE;
2626 }
2627
2628 return ERROR_OK;
2629 }
2630
2631 static int xscale_read_instruction(target_t *target,
2632 arm_instruction_t *instruction)
2633 {
2634 /* get pointers to arch-specific information */
2635 armv4_5_common_t *armv4_5 = target->arch_info;
2636 xscale_common_t *xscale = armv4_5->arch_info;
2637 int i;
2638 int section = -1;
2639 uint32_t size_read;
2640 uint32_t opcode;
2641 int retval;
2642
2643 if (!xscale->trace.image)
2644 return ERROR_TRACE_IMAGE_UNAVAILABLE;
2645
2646 /* search for the section the current instruction belongs to */
2647 for (i = 0; i < xscale->trace.image->num_sections; i++)
2648 {
2649 if ((xscale->trace.image->sections[i].base_address <= xscale->trace.current_pc) &&
2650 (xscale->trace.image->sections[i].base_address + xscale->trace.image->sections[i].size > xscale->trace.current_pc))
2651 {
2652 section = i;
2653 break;
2654 }
2655 }
2656
2657 if (section == -1)
2658 {
2659 /* current instruction couldn't be found in the image */
2660 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2661 }
2662
2663 if (xscale->trace.core_state == ARMV4_5_STATE_ARM)
2664 {
2665 uint8_t buf[4];
2666 if ((retval = image_read_section(xscale->trace.image, section,
2667 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2668 4, buf, &size_read)) != ERROR_OK)
2669 {
2670 LOG_ERROR("error while reading instruction: %i", retval);
2671 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2672 }
2673 opcode = target_buffer_get_u32(target, buf);
2674 arm_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2675 }
2676 else if (xscale->trace.core_state == ARMV4_5_STATE_THUMB)
2677 {
2678 uint8_t buf[2];
2679 if ((retval = image_read_section(xscale->trace.image, section,
2680 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2681 2, buf, &size_read)) != ERROR_OK)
2682 {
2683 LOG_ERROR("error while reading instruction: %i", retval);
2684 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2685 }
2686 opcode = target_buffer_get_u16(target, buf);
2687 thumb_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2688 }
2689 else
2690 {
2691 LOG_ERROR("BUG: unknown core state encountered");
2692 exit(-1);
2693 }
2694
2695 return ERROR_OK;
2696 }
2697
2698 static int xscale_branch_address(xscale_trace_data_t *trace_data,
2699 int i, uint32_t *target)
2700 {
2701 /* if there are less than four entries prior to the indirect branch message
2702 * we can't extract the address */
2703 if (i < 4)
2704 {
2705 return -1;
2706 }
2707
2708 *target = (trace_data->entries[i-1].data) | (trace_data->entries[i-2].data << 8) |
2709 (trace_data->entries[i-3].data << 16) | (trace_data->entries[i-4].data << 24);
2710
2711 return 0;
2712 }
2713
2714 static int xscale_analyze_trace(target_t *target, command_context_t *cmd_ctx)
2715 {
2716 /* get pointers to arch-specific information */
2717 armv4_5_common_t *armv4_5 = target->arch_info;
2718 xscale_common_t *xscale = armv4_5->arch_info;
2719 int next_pc_ok = 0;
2720 uint32_t next_pc = 0x0;
2721 xscale_trace_data_t *trace_data = xscale->trace.data;
2722 int retval;
2723
2724 while (trace_data)
2725 {
2726 int i, chkpt;
2727 int rollover;
2728 int branch;
2729 int exception;
2730 xscale->trace.core_state = ARMV4_5_STATE_ARM;
2731
2732 chkpt = 0;
2733 rollover = 0;
2734
2735 for (i = 0; i < trace_data->depth; i++)
2736 {
2737 next_pc_ok = 0;
2738 branch = 0;
2739 exception = 0;
2740
2741 if (trace_data->entries[i].type == XSCALE_TRACE_ADDRESS)
2742 continue;
2743
2744 switch ((trace_data->entries[i].data & 0xf0) >> 4)
2745 {
2746 case 0: /* Exceptions */
2747 case 1:
2748 case 2:
2749 case 3:
2750 case 4:
2751 case 5:
2752 case 6:
2753 case 7:
2754 exception = (trace_data->entries[i].data & 0x70) >> 4;
2755 next_pc_ok = 1;
2756 next_pc = (trace_data->entries[i].data & 0xf0) >> 2;
2757 command_print(cmd_ctx, "--- exception %i ---", (trace_data->entries[i].data & 0xf0) >> 4);
2758 break;
2759 case 8: /* Direct Branch */
2760 branch = 1;
2761 break;
2762 case 9: /* Indirect Branch */
2763 branch = 1;
2764 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2765 {
2766 next_pc_ok = 1;
2767 }
2768 break;
2769 case 13: /* Checkpointed Indirect Branch */
2770 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2771 {
2772 next_pc_ok = 1;
2773 if (((chkpt == 0) && (next_pc != trace_data->chkpt0))
2774 || ((chkpt == 1) && (next_pc != trace_data->chkpt1)))
2775 LOG_WARNING("checkpointed indirect branch target address doesn't match checkpoint");
2776 }
2777 /* explicit fall-through */
2778 case 12: /* Checkpointed Direct Branch */
2779 branch = 1;
2780 if (chkpt == 0)
2781 {
2782 next_pc_ok = 1;
2783 next_pc = trace_data->chkpt0;
2784 chkpt++;
2785 }
2786 else if (chkpt == 1)
2787 {
2788 next_pc_ok = 1;
2789 next_pc = trace_data->chkpt0;
2790 chkpt++;
2791 }
2792 else
2793 {
2794 LOG_WARNING("more than two checkpointed branches encountered");
2795 }
2796 break;
2797 case 15: /* Roll-over */
2798 rollover++;
2799 continue;
2800 default: /* Reserved */
2801 command_print(cmd_ctx, "--- reserved trace message ---");
2802 LOG_ERROR("BUG: trace message %i is reserved", (trace_data->entries[i].data & 0xf0) >> 4);
2803 return ERROR_OK;
2804 }
2805
2806 if (xscale->trace.pc_ok)
2807 {
2808 int executed = (trace_data->entries[i].data & 0xf) + rollover * 16;
2809 arm_instruction_t instruction;
2810
2811 if ((exception == 6) || (exception == 7))
2812 {
2813 /* IRQ or FIQ exception, no instruction executed */
2814 executed -= 1;
2815 }
2816
2817 while (executed-- >= 0)
2818 {
2819 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2820 {
2821 /* can't continue tracing with no image available */
2822 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2823 {
2824 return retval;
2825 }
2826 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2827 {
2828 /* TODO: handle incomplete images */
2829 }
2830 }
2831
2832 /* a precise abort on a load to the PC is included in the incremental
2833 * word count, other instructions causing data aborts are not included
2834 */
2835 if ((executed == 0) && (exception == 4)
2836 && ((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDM)))
2837 {
2838 if ((instruction.type == ARM_LDM)
2839 && ((instruction.info.load_store_multiple.register_list & 0x8000) == 0))
2840 {
2841 executed--;
2842 }
2843 else if (((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDRSH))
2844 && (instruction.info.load_store.Rd != 15))
2845 {
2846 executed--;
2847 }
2848 }
2849
2850 /* only the last instruction executed
2851 * (the one that caused the control flow change)
2852 * could be a taken branch
2853 */
2854 if (((executed == -1) && (branch == 1)) &&
2855 (((instruction.type == ARM_B) ||
2856 (instruction.type == ARM_BL) ||
2857 (instruction.type == ARM_BLX)) &&
2858 (instruction.info.b_bl_bx_blx.target_address != 0xffffffff)))
2859 {
2860 xscale->trace.current_pc = instruction.info.b_bl_bx_blx.target_address;
2861 }
2862 else
2863 {
2864 xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2;
2865 }
2866 command_print(cmd_ctx, "%s", instruction.text);
2867 }
2868
2869 rollover = 0;
2870 }
2871
2872 if (next_pc_ok)
2873 {
2874 xscale->trace.current_pc = next_pc;
2875 xscale->trace.pc_ok = 1;
2876 }
2877 }
2878
2879 for (; xscale->trace.current_pc < trace_data->last_instruction; xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2)
2880 {
2881 arm_instruction_t instruction;
2882 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2883 {
2884 /* can't continue tracing with no image available */
2885 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2886 {
2887 return retval;
2888 }
2889 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2890 {
2891 /* TODO: handle incomplete images */
2892 }
2893 }
2894 command_print(cmd_ctx, "%s", instruction.text);
2895 }
2896
2897 trace_data = trace_data->next;
2898 }
2899
2900 return ERROR_OK;
2901 }
2902
2903 static void xscale_build_reg_cache(target_t *target)
2904 {
2905 /* get pointers to arch-specific information */
2906 armv4_5_common_t *armv4_5 = target->arch_info;
2907 xscale_common_t *xscale = armv4_5->arch_info;
2908
2909 reg_cache_t **cache_p = register_get_last_cache_p(&target->reg_cache);
2910 xscale_reg_t *arch_info = malloc(sizeof(xscale_reg_arch_info));
2911 int i;
2912 int num_regs = sizeof(xscale_reg_arch_info) / sizeof(xscale_reg_t);
2913
2914 (*cache_p) = armv4_5_build_reg_cache(target, armv4_5);
2915 armv4_5->core_cache = (*cache_p);
2916
2917 /* register a register arch-type for XScale dbg registers only once */
2918 if (xscale_reg_arch_type == -1)
2919 xscale_reg_arch_type = register_reg_arch_type(xscale_get_reg, xscale_set_reg);
2920
2921 (*cache_p)->next = malloc(sizeof(reg_cache_t));
2922 cache_p = &(*cache_p)->next;
2923
2924 /* fill in values for the xscale reg cache */
2925 (*cache_p)->name = "XScale registers";
2926 (*cache_p)->next = NULL;
2927 (*cache_p)->reg_list = malloc(num_regs * sizeof(reg_t));
2928 (*cache_p)->num_regs = num_regs;
2929
2930 for (i = 0; i < num_regs; i++)
2931 {
2932 (*cache_p)->reg_list[i].name = xscale_reg_list[i];
2933 (*cache_p)->reg_list[i].value = calloc(4, 1);
2934 (*cache_p)->reg_list[i].dirty = 0;
2935 (*cache_p)->reg_list[i].valid = 0;
2936 (*cache_p)->reg_list[i].size = 32;
2937 (*cache_p)->reg_list[i].bitfield_desc = NULL;
2938 (*cache_p)->reg_list[i].num_bitfields = 0;
2939 (*cache_p)->reg_list[i].arch_info = &arch_info[i];
2940 (*cache_p)->reg_list[i].arch_type = xscale_reg_arch_type;
2941 arch_info[i] = xscale_reg_arch_info[i];
2942 arch_info[i].target = target;
2943 }
2944
2945 xscale->reg_cache = (*cache_p);
2946 }
2947
2948 static int xscale_init_target(struct command_context_s *cmd_ctx,
2949 struct target_s *target)
2950 {
2951 return ERROR_OK;
2952 }
2953
2954 static int xscale_quit(void)
2955 {
2956 jtag_add_runtest(100, TAP_RESET);
2957 return ERROR_OK;
2958 }
2959
2960 static int xscale_init_arch_info(target_t *target,
2961 xscale_common_t *xscale, jtag_tap_t *tap, const char *variant)
2962 {
2963 armv4_5_common_t *armv4_5;
2964 uint32_t high_reset_branch, low_reset_branch;
2965 int i;
2966
2967 armv4_5 = &xscale->armv4_5_common;
2968
2969 /* store architecture specfic data (none so far) */
2970 xscale->arch_info = NULL;
2971 xscale->common_magic = XSCALE_COMMON_MAGIC;
2972
2973 /* remember the variant (PXA25x, PXA27x, IXP42x, ...) */
2974 xscale->variant = strdup(variant);
2975
2976 /* prepare JTAG information for the new target */
2977 xscale->jtag_info.tap = tap;
2978
2979 xscale->jtag_info.dbgrx = 0x02;
2980 xscale->jtag_info.dbgtx = 0x10;
2981 xscale->jtag_info.dcsr = 0x09;
2982 xscale->jtag_info.ldic = 0x07;
2983
2984 if ((strcmp(xscale->variant, "pxa250") == 0) ||
2985 (strcmp(xscale->variant, "pxa255") == 0) ||
2986 (strcmp(xscale->variant, "pxa26x") == 0))
2987 {
2988 xscale->jtag_info.ir_length = 5;
2989 }
2990 else if ((strcmp(xscale->variant, "pxa27x") == 0) ||
2991 (strcmp(xscale->variant, "ixp42x") == 0) ||
2992 (strcmp(xscale->variant, "ixp45x") == 0) ||
2993 (strcmp(xscale->variant, "ixp46x") == 0))
2994 {
2995 xscale->jtag_info.ir_length = 7;
2996 }
2997
2998 /* the debug handler isn't installed (and thus not running) at this time */
2999 xscale->handler_installed = 0;
3000 xscale->handler_running = 0;
3001 xscale->handler_address = 0xfe000800;
3002
3003 /* clear the vectors we keep locally for reference */
3004 memset(xscale->low_vectors, 0, sizeof(xscale->low_vectors));
3005 memset(xscale->high_vectors, 0, sizeof(xscale->high_vectors));
3006
3007 /* no user-specified vectors have been configured yet */
3008 xscale->static_low_vectors_set = 0x0;
3009 xscale->static_high_vectors_set = 0x0;
3010
3011 /* calculate branches to debug handler */
3012 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
3013 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
3014
3015 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
3016 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
3017
3018 for (i = 1; i <= 7; i++)
3019 {
3020 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3021 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3022 }
3023
3024 /* 64kB aligned region used for DCache cleaning */
3025 xscale->cache_clean_address = 0xfffe0000;
3026
3027 xscale->hold_rst = 0;
3028 xscale->external_debug_break = 0;
3029
3030 xscale->ibcr_available = 2;
3031 xscale->ibcr0_used = 0;
3032 xscale->ibcr1_used = 0;
3033
3034 xscale->dbr_available = 2;
3035 xscale->dbr0_used = 0;
3036 xscale->dbr1_used = 0;
3037
3038 xscale->arm_bkpt = ARMV5_BKPT(0x0);
3039 xscale->thumb_bkpt = ARMV5_T_BKPT(0x0) & 0xffff;
3040
3041 xscale->vector_catch = 0x1;
3042
3043 xscale->trace.capture_status = TRACE_IDLE;
3044 xscale->trace.data = NULL;
3045 xscale->trace.image = NULL;
3046 xscale->trace.buffer_enabled = 0;
3047 xscale->trace.buffer_fill = 0;
3048
3049 /* prepare ARMv4/5 specific information */
3050 armv4_5->arch_info = xscale;
3051 armv4_5->read_core_reg = xscale_read_core_reg;
3052 armv4_5->write_core_reg = xscale_write_core_reg;
3053 armv4_5->full_context = xscale_full_context;
3054
3055 armv4_5_init_arch_info(target, armv4_5);
3056
3057 xscale->armv4_5_mmu.armv4_5_cache.ctype = -1;
3058 xscale->armv4_5_mmu.get_ttb = xscale_get_ttb;
3059 xscale->armv4_5_mmu.read_memory = xscale_read_memory;
3060 xscale->armv4_5_mmu.write_memory = xscale_write_memory;
3061 xscale->armv4_5_mmu.disable_mmu_caches = xscale_disable_mmu_caches;
3062 xscale->armv4_5_mmu.enable_mmu_caches = xscale_enable_mmu_caches;
3063 xscale->armv4_5_mmu.has_tiny_pages = 1;
3064 xscale->armv4_5_mmu.mmu_enabled = 0;
3065
3066 return ERROR_OK;
3067 }
3068
3069 /* target xscale <endianess> <startup_mode> <chain_pos> <variant> */
3070 static int xscale_target_create(struct target_s *target, Jim_Interp *interp)
3071 {
3072 xscale_common_t *xscale = calloc(1,sizeof(xscale_common_t));
3073
3074 xscale_init_arch_info(target, xscale, target->tap, target->variant);
3075 xscale_build_reg_cache(target);
3076
3077 return ERROR_OK;
3078 }
3079
3080 static int
3081 xscale_handle_debug_handler_command(struct command_context_s *cmd_ctx,
3082 char *cmd, char **args, int argc)
3083 {
3084 target_t *target = NULL;
3085 armv4_5_common_t *armv4_5;
3086 xscale_common_t *xscale;
3087
3088 uint32_t handler_address;
3089
3090 if (argc < 2)
3091 {
3092 LOG_ERROR("'xscale debug_handler <target#> <address>' command takes two required operands");
3093 return ERROR_OK;
3094 }
3095
3096 if ((target = get_target(args[0])) == NULL)
3097 {
3098 LOG_ERROR("target '%s' not defined", args[0]);
3099 return ERROR_FAIL;
3100 }
3101
3102 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3103 {
3104 return ERROR_FAIL;
3105 }
3106
3107 handler_address = strtoul(args[1], NULL, 0);
3108
3109 if (((handler_address >= 0x800) && (handler_address <= 0x1fef800)) ||
3110 ((handler_address >= 0xfe000800) && (handler_address <= 0xfffff800)))
3111 {
3112 xscale->handler_address = handler_address;
3113 }
3114 else
3115 {
3116 LOG_ERROR("xscale debug_handler <address> must be between 0x800 and 0x1fef800 or between 0xfe000800 and 0xfffff800");
3117 return ERROR_FAIL;
3118 }
3119
3120 return ERROR_OK;
3121 }
3122
3123 static int
3124 xscale_handle_cache_clean_address_command(struct command_context_s *cmd_ctx,
3125 char *cmd, char **args, int argc)
3126 {
3127 target_t *target = NULL;
3128 armv4_5_common_t *armv4_5;
3129 xscale_common_t *xscale;
3130
3131 uint32_t cache_clean_address;
3132
3133 if (argc < 2)
3134 {
3135 return ERROR_COMMAND_SYNTAX_ERROR;
3136 }
3137
3138 target = get_target(args[0]);
3139 if (target == NULL)
3140 {
3141 LOG_ERROR("target '%s' not defined", args[0]);
3142 return ERROR_FAIL;
3143 }
3144
3145 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3146 {
3147 return ERROR_FAIL;
3148 }
3149
3150 cache_clean_address = strtoul(args[1], NULL, 0);
3151
3152 if (cache_clean_address & 0xffff)
3153 {
3154 LOG_ERROR("xscale cache_clean_address <address> must be 64kb aligned");
3155 }
3156 else
3157 {
3158 xscale->cache_clean_address = cache_clean_address;
3159 }
3160
3161 return ERROR_OK;
3162 }
3163
3164 static int
3165 xscale_handle_cache_info_command(struct command_context_s *cmd_ctx,
3166 char *cmd, char **args, int argc)
3167 {
3168 target_t *target = get_current_target(cmd_ctx);
3169 armv4_5_common_t *armv4_5;
3170 xscale_common_t *xscale;
3171
3172 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3173 {
3174 return ERROR_OK;
3175 }
3176
3177 return armv4_5_handle_cache_info_command(cmd_ctx, &xscale->armv4_5_mmu.armv4_5_cache);
3178 }
3179
3180 static int xscale_virt2phys(struct target_s *target,
3181 uint32_t virtual, uint32_t *physical)
3182 {
3183 armv4_5_common_t *armv4_5;
3184 xscale_common_t *xscale;
3185 int retval;
3186 int type;
3187 uint32_t cb;
3188 int domain;
3189 uint32_t ap;
3190
3191 if ((retval = xscale_get_arch_pointers(target, &armv4_5, &xscale)) != ERROR_OK)
3192 {
3193 return retval;
3194 }
3195 uint32_t ret = armv4_5_mmu_translate_va(target, &xscale->armv4_5_mmu, virtual, &type, &cb, &domain, &ap);
3196 if (type == -1)
3197 {
3198 return ret;
3199 }
3200 *physical = ret;
3201 return ERROR_OK;
3202 }
3203
3204 static int xscale_mmu(struct target_s *target, int *enabled)
3205 {
3206 armv4_5_common_t *armv4_5 = target->arch_info;
3207 xscale_common_t *xscale = armv4_5->arch_info;
3208
3209 if (target->state != TARGET_HALTED)
3210 {
3211 LOG_ERROR("Target not halted");
3212 return ERROR_TARGET_INVALID;
3213 }
3214 *enabled = xscale->armv4_5_mmu.mmu_enabled;
3215 return ERROR_OK;
3216 }
3217
3218 static int xscale_handle_mmu_command(command_context_t *cmd_ctx,
3219 char *cmd, char **args, int argc)
3220 {
3221 target_t *target = get_current_target(cmd_ctx);
3222 armv4_5_common_t *armv4_5;
3223 xscale_common_t *xscale;
3224
3225 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3226 {
3227 return ERROR_OK;
3228 }
3229
3230 if (target->state != TARGET_HALTED)
3231 {
3232 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3233 return ERROR_OK;
3234 }
3235
3236 if (argc >= 1)
3237 {
3238 if (strcmp("enable", args[0]) == 0)
3239 {
3240 xscale_enable_mmu_caches(target, 1, 0, 0);
3241 xscale->armv4_5_mmu.mmu_enabled = 1;
3242 }
3243 else if (strcmp("disable", args[0]) == 0)
3244 {
3245 xscale_disable_mmu_caches(target, 1, 0, 0);
3246 xscale->armv4_5_mmu.mmu_enabled = 0;
3247 }
3248 }
3249
3250 command_print(cmd_ctx, "mmu %s", (xscale->armv4_5_mmu.mmu_enabled) ? "enabled" : "disabled");
3251
3252 return ERROR_OK;
3253 }
3254
3255 static int xscale_handle_idcache_command(command_context_t *cmd_ctx,
3256 char *cmd, char **args, int argc)
3257 {
3258 target_t *target = get_current_target(cmd_ctx);
3259 armv4_5_common_t *armv4_5;
3260 xscale_common_t *xscale;
3261 int icache = 0, dcache = 0;
3262
3263 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3264 {
3265 return ERROR_OK;
3266 }
3267
3268 if (target->state != TARGET_HALTED)
3269 {
3270 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3271 return ERROR_OK;
3272 }
3273
3274 if (strcmp(cmd, "icache") == 0)
3275 icache = 1;
3276 else if (strcmp(cmd, "dcache") == 0)
3277 dcache = 1;
3278
3279 if (argc >= 1)
3280 {
3281 if (strcmp("enable", args[0]) == 0)
3282 {
3283 xscale_enable_mmu_caches(target, 0, dcache, icache);
3284
3285 if (icache)
3286 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 1;
3287 else if (dcache)
3288 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 1;
3289 }
3290 else if (strcmp("disable", args[0]) == 0)
3291 {
3292 xscale_disable_mmu_caches(target, 0, dcache, icache);
3293
3294 if (icache)
3295 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
3296 else if (dcache)
3297 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
3298 }
3299 }
3300
3301 if (icache)
3302 command_print(cmd_ctx, "icache %s", (xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled) ? "enabled" : "disabled");
3303
3304 if (dcache)
3305 command_print(cmd_ctx, "dcache %s", (xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) ? "enabled" : "disabled");
3306
3307 return ERROR_OK;
3308 }
3309
3310 static int xscale_handle_vector_catch_command(command_context_t *cmd_ctx,
3311 char *cmd, char **args, int argc)
3312 {
3313 target_t *target = get_current_target(cmd_ctx);
3314 armv4_5_common_t *armv4_5;
3315 xscale_common_t *xscale;
3316
3317 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3318 {
3319 return ERROR_OK;
3320 }
3321
3322 if (argc < 1)
3323 {
3324 command_print(cmd_ctx, "usage: xscale vector_catch [mask]");
3325 }
3326 else
3327 {
3328 xscale->vector_catch = strtoul(args[0], NULL, 0);
3329 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 8, xscale->vector_catch);
3330 xscale_write_dcsr(target, -1, -1);
3331 }
3332
3333 command_print(cmd_ctx, "vector catch mask: 0x%2.2x", xscale->vector_catch);
3334
3335 return ERROR_OK;
3336 }
3337
3338
3339 static int xscale_handle_vector_table_command(command_context_t *cmd_ctx,
3340 char *cmd, char **args, int argc)
3341 {
3342 target_t *target = get_current_target(cmd_ctx);
3343 armv4_5_common_t *armv4_5;
3344 xscale_common_t *xscale;
3345 int err = 0;
3346
3347 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3348 {
3349 return ERROR_OK;
3350 }
3351
3352 if (argc == 0) /* print current settings */
3353 {
3354 int idx;
3355
3356 command_print(cmd_ctx, "active user-set static vectors:");
3357 for (idx = 1; idx < 8; idx++)
3358 if (xscale->static_low_vectors_set & (1 << idx))
3359 command_print(cmd_ctx, "low %d: 0x%" PRIx32, idx, xscale->static_low_vectors[idx]);
3360 for (idx = 1; idx < 8; idx++)
3361 if (xscale->static_high_vectors_set & (1 << idx))
3362 command_print(cmd_ctx, "high %d: 0x%" PRIx32, idx, xscale->static_high_vectors[idx]);
3363 return ERROR_OK;
3364 }
3365
3366 if (argc != 3)
3367 err = 1;
3368 else
3369 {
3370 int idx;
3371 uint32_t vec;
3372 idx = strtoul(args[1], NULL, 0);
3373 vec = strtoul(args[2], NULL, 0);
3374
3375 if (idx < 1 || idx >= 8)
3376 err = 1;
3377
3378 if (!err && strcmp(args[0], "low") == 0)
3379 {
3380 xscale->static_low_vectors_set |= (1<<idx);
3381 xscale->static_low_vectors[idx] = vec;
3382 }
3383 else if (!err && (strcmp(args[0], "high") == 0))
3384 {
3385 xscale->static_high_vectors_set |= (1<<idx);
3386 xscale->static_high_vectors[idx] = vec;
3387 }
3388 else
3389 err = 1;
3390 }
3391
3392 if (err)
3393 command_print(cmd_ctx, "usage: xscale vector_table <high|low> <index> <code>");
3394
3395 return ERROR_OK;
3396 }
3397
3398
3399 static int
3400 xscale_handle_trace_buffer_command(struct command_context_s *cmd_ctx,
3401 char *cmd, char **args, int argc)
3402 {
3403 target_t *target = get_current_target(cmd_ctx);
3404 armv4_5_common_t *armv4_5;
3405 xscale_common_t *xscale;
3406 uint32_t dcsr_value;
3407
3408 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3409 {
3410 return ERROR_OK;
3411 }
3412
3413 if (target->state != TARGET_HALTED)
3414 {
3415 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3416 return ERROR_OK;
3417 }
3418
3419 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
3420 {
3421 xscale_trace_data_t *td, *next_td;
3422 xscale->trace.buffer_enabled = 1;
3423
3424 /* free old trace data */
3425 td = xscale->trace.data;
3426 while (td)
3427 {
3428 next_td = td->next;
3429
3430 if (td->entries)
3431 free(td->entries);
3432 free(td);
3433 td = next_td;
3434 }
3435 xscale->trace.data = NULL;
3436 }
3437 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
3438 {
3439 xscale->trace.buffer_enabled = 0;
3440 }
3441
3442 if ((argc >= 2) && (strcmp("fill", args[1]) == 0))
3443 {
3444 if (argc >= 3)
3445 xscale->trace.buffer_fill = strtoul(args[2], NULL, 0);
3446 else
3447 xscale->trace.buffer_fill = 1;
3448 }
3449 else if ((argc >= 2) && (strcmp("wrap", args[1]) == 0))
3450 {
3451 xscale->trace.buffer_fill = -1;
3452 }
3453
3454 if (xscale->trace.buffer_enabled)
3455 {
3456 /* if we enable the trace buffer in fill-once
3457 * mode we know the address of the first instruction */
3458 xscale->trace.pc_ok = 1;
3459 xscale->trace.current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
3460 }
3461 else
3462 {
3463 /* otherwise the address is unknown, and we have no known good PC */
3464 xscale->trace.pc_ok = 0;
3465 }
3466
3467 command_print(cmd_ctx, "trace buffer %s (%s)",
3468 (xscale->trace.buffer_enabled) ? "enabled" : "disabled",
3469 (xscale->trace.buffer_fill > 0) ? "fill" : "wrap");
3470
3471 dcsr_value = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32);
3472 if (xscale->trace.buffer_fill >= 0)
3473 xscale_write_dcsr_sw(target, (dcsr_value & 0xfffffffc) | 2);
3474 else
3475 xscale_write_dcsr_sw(target, dcsr_value & 0xfffffffc);
3476
3477 return ERROR_OK;
3478 }
3479
3480 static int
3481 xscale_handle_trace_image_command(struct command_context_s *cmd_ctx,
3482 char *cmd, char **args, int argc)
3483 {
3484 target_t *target;
3485 armv4_5_common_t *armv4_5;
3486 xscale_common_t *xscale;
3487
3488 if (argc < 1)
3489 {
3490 command_print(cmd_ctx, "usage: xscale trace_image <file> [base address] [type]");
3491 return ERROR_OK;
3492 }
3493
3494 target = get_current_target(cmd_ctx);
3495
3496 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3497 {
3498 return ERROR_OK;
3499 }
3500
3501 if (xscale->trace.image)
3502 {
3503 image_close(xscale->trace.image);
3504 free(xscale->trace.image);
3505 command_print(cmd_ctx, "previously loaded image found and closed");
3506 }
3507
3508 xscale->trace.image = malloc(sizeof(image_t));
3509 xscale->trace.image->base_address_set = 0;
3510 xscale->trace.image->start_address_set = 0;
3511
3512 /* a base address isn't always necessary, default to 0x0 (i.e. don't relocate) */
3513 if (argc >= 2)
3514 {
3515 xscale->trace.image->base_address_set = 1;
3516 xscale->trace.image->base_address = strtoul(args[1], NULL, 0);
3517 }
3518 else
3519 {
3520 xscale->trace.image->base_address_set = 0;
3521 }
3522
3523 if (image_open(xscale->trace.image, args[0], (argc >= 3) ? args[2] : NULL) != ERROR_OK)
3524 {
3525 free(xscale->trace.image);
3526 xscale->trace.image = NULL;
3527 return ERROR_OK;
3528 }
3529
3530 return ERROR_OK;
3531 }
3532
3533 static int xscale_handle_dump_trace_command(struct command_context_s *cmd_ctx,
3534 char *cmd, char **args, int argc)
3535 {
3536 target_t *target = get_current_target(cmd_ctx);
3537 armv4_5_common_t *armv4_5;
3538 xscale_common_t *xscale;
3539 xscale_trace_data_t *trace_data;
3540 fileio_t file;
3541
3542 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3543 {
3544 return ERROR_OK;
3545 }
3546
3547 if (target->state != TARGET_HALTED)
3548 {
3549 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3550 return ERROR_OK;
3551 }
3552
3553 if (argc < 1)
3554 {
3555 command_print(cmd_ctx, "usage: xscale dump_trace <file>");
3556 return ERROR_OK;
3557 }
3558
3559 trace_data = xscale->trace.data;
3560
3561 if (!trace_data)
3562 {
3563 command_print(cmd_ctx, "no trace data collected");
3564 return ERROR_OK;
3565 }
3566
3567 if (fileio_open(&file, args[0], FILEIO_WRITE, FILEIO_BINARY) != ERROR_OK)
3568 {
3569 return ERROR_OK;
3570 }
3571
3572 while (trace_data)
3573 {
3574 int i;
3575
3576 fileio_write_u32(&file, trace_data->chkpt0);
3577 fileio_write_u32(&file, trace_data->chkpt1);
3578 fileio_write_u32(&file, trace_data->last_instruction);
3579 fileio_write_u32(&file, trace_data->depth);
3580
3581 for (i = 0; i < trace_data->depth; i++)
3582 fileio_write_u32(&file, trace_data->entries[i].data | ((trace_data->entries[i].type & 0xffff) << 16));
3583
3584 trace_data = trace_data->next;
3585 }
3586
3587 fileio_close(&file);
3588
3589 return ERROR_OK;
3590 }
3591
3592 static int
3593 xscale_handle_analyze_trace_buffer_command(struct command_context_s *cmd_ctx,
3594 char *cmd, char **args, int argc)
3595 {
3596 target_t *target = get_current_target(cmd_ctx);
3597 armv4_5_common_t *armv4_5;
3598 xscale_common_t *xscale;
3599
3600 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3601 {
3602 return ERROR_OK;
3603 }
3604
3605 xscale_analyze_trace(target, cmd_ctx);
3606
3607 return ERROR_OK;
3608 }
3609
3610 static int xscale_handle_cp15(command_context_t *cmd_ctx,
3611 char *cmd, char **args, int argc)
3612 {
3613 target_t *target = get_current_target(cmd_ctx);
3614 armv4_5_common_t *armv4_5;
3615 xscale_common_t *xscale;
3616
3617 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3618 {
3619 return ERROR_OK;
3620 }
3621
3622 if (target->state != TARGET_HALTED)
3623 {
3624 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3625 return ERROR_OK;
3626 }
3627 uint32_t reg_no = 0;
3628 reg_t *reg = NULL;
3629 if (argc > 0)
3630 {
3631 reg_no = strtoul(args[0], NULL, 0);
3632 /*translate from xscale cp15 register no to openocd register*/
3633 switch (reg_no)
3634 {
3635 case 0:
3636 reg_no = XSCALE_MAINID;
3637 break;
3638 case 1:
3639 reg_no = XSCALE_CTRL;
3640 break;
3641 case 2:
3642 reg_no = XSCALE_TTB;
3643 break;
3644 case 3:
3645 reg_no = XSCALE_DAC;
3646 break;
3647 case 5:
3648 reg_no = XSCALE_FSR;
3649 break;
3650 case 6:
3651 reg_no = XSCALE_FAR;
3652 break;
3653 case 13:
3654 reg_no = XSCALE_PID;
3655 break;
3656 case 15:
3657 reg_no = XSCALE_CPACCESS;
3658 break;
3659 default:
3660 command_print(cmd_ctx, "invalid register number");
3661 return ERROR_INVALID_ARGUMENTS;
3662 }
3663 reg = &xscale->reg_cache->reg_list[reg_no];
3664
3665 }
3666 if (argc == 1)
3667 {
3668 uint32_t value;
3669
3670 /* read cp15 control register */
3671 xscale_get_reg(reg);
3672 value = buf_get_u32(reg->value, 0, 32);
3673 command_print(cmd_ctx, "%s (/%i): 0x%" PRIx32 "", reg->name, (int)(reg->size), value);
3674 }
3675 else if (argc == 2)
3676 {
3677
3678 uint32_t value = strtoul(args[1], NULL, 0);
3679
3680 /* send CP write request (command 0x41) */
3681 xscale_send_u32(target, 0x41);
3682
3683 /* send CP register number */
3684 xscale_send_u32(target, reg_no);
3685
3686 /* send CP register value */
3687 xscale_send_u32(target, value);
3688
3689 /* execute cpwait to ensure outstanding operations complete */
3690 xscale_send_u32(target, 0x53);
3691 }
3692 else
3693 {
3694 command_print(cmd_ctx, "usage: cp15 [register]<, [value]>");
3695 }
3696
3697 return ERROR_OK;
3698 }
3699
3700 static int xscale_register_commands(struct command_context_s *cmd_ctx)
3701 {
3702 command_t *xscale_cmd;
3703
3704 xscale_cmd = register_command(cmd_ctx, NULL, "xscale", NULL, COMMAND_ANY, "xscale specific commands");
3705
3706 register_command(cmd_ctx, xscale_cmd, "debug_handler", xscale_handle_debug_handler_command, COMMAND_ANY, "'xscale debug_handler <target#> <address>' command takes two required operands");
3707 register_command(cmd_ctx, xscale_cmd, "cache_clean_address", xscale_handle_cache_clean_address_command, COMMAND_ANY, NULL);
3708
3709 register_command(cmd_ctx, xscale_cmd, "cache_info", xscale_handle_cache_info_command, COMMAND_EXEC, NULL);
3710 register_command(cmd_ctx, xscale_cmd, "mmu", xscale_handle_mmu_command, COMMAND_EXEC, "['enable'|'disable'] the MMU");
3711 register_command(cmd_ctx, xscale_cmd, "icache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the ICache");
3712 register_command(cmd_ctx, xscale_cmd, "dcache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the DCache");
3713
3714 register_command(cmd_ctx, xscale_cmd, "vector_catch", xscale_handle_vector_catch_command, COMMAND_EXEC, "<mask> of vectors that should be catched");
3715 register_command(cmd_ctx, xscale_cmd, "vector_table", xscale_handle_vector_table_command, COMMAND_EXEC, "<high|low> <index> <code> set static code for exception handler entry");
3716
3717 register_command(cmd_ctx, xscale_cmd, "trace_buffer", xscale_handle_trace_buffer_command, COMMAND_EXEC, "<enable | disable> ['fill' [n]|'wrap']");
3718
3719 register_command(cmd_ctx, xscale_cmd, "dump_trace", xscale_handle_dump_trace_command, COMMAND_EXEC, "dump content of trace buffer to <file>");
3720 register_command(cmd_ctx, xscale_cmd, "analyze_trace", xscale_handle_analyze_trace_buffer_command, COMMAND_EXEC, "analyze content of trace buffer");
3721 register_command(cmd_ctx, xscale_cmd, "trace_image", xscale_handle_trace_image_command,
3722 COMMAND_EXEC, "load image from <file> [base address]");
3723
3724 register_command(cmd_ctx, xscale_cmd, "cp15", xscale_handle_cp15, COMMAND_EXEC, "access coproc 15 <register> [value]");
3725
3726 armv4_5_register_commands(cmd_ctx);
3727
3728 return ERROR_OK;
3729 }
3730
3731 target_type_t xscale_target =
3732 {
3733 .name = "xscale",
3734
3735 .poll = xscale_poll,
3736 .arch_state = xscale_arch_state,
3737
3738 .target_request_data = NULL,
3739
3740 .halt = xscale_halt,
3741 .resume = xscale_resume,
3742 .step = xscale_step,
3743
3744 .assert_reset = xscale_assert_reset,
3745 .deassert_reset = xscale_deassert_reset,
3746 .soft_reset_halt = NULL,
3747
3748 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
3749
3750 .read_memory = xscale_read_memory,
3751 .write_memory = xscale_write_memory,
3752 .bulk_write_memory = xscale_bulk_write_memory,
3753 .checksum_memory = arm7_9_checksum_memory,
3754 .blank_check_memory = arm7_9_blank_check_memory,
3755
3756 .run_algorithm = armv4_5_run_algorithm,
3757
3758 .add_breakpoint = xscale_add_breakpoint,
3759 .remove_breakpoint = xscale_remove_breakpoint,
3760 .add_watchpoint = xscale_add_watchpoint,
3761 .remove_watchpoint = xscale_remove_watchpoint,
3762
3763 .register_commands = xscale_register_commands,
3764 .target_create = xscale_target_create,
3765 .init_target = xscale_init_target,
3766 .quit = xscale_quit,
3767
3768 .virt2phys = xscale_virt2phys,
3769 .mmu = xscale_mmu
3770 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)