Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
more xscale cleanup (mostly removing JTAG hooks)
[openocd.git] / src / target / xscale.c
1 /***************************************************************************
2 * Copyright (C) 2006, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * Copyright (C) 2009 Michael Schwingen *
9 * michael@schwingen.org *
10 * *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
15 * *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
20 * *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
26 #ifdef HAVE_CONFIG_H
27 #include "config.h"
28 #endif
29
30 #include "xscale.h"
31 #include "target_type.h"
32 #include "arm7_9_common.h"
33 #include "arm_simulator.h"
34 #include "arm_disassembler.h"
35 #include "time_support.h"
36 #include "image.h"
37
38
39 /*
40 * Important XScale documents available as of October 2009 include:
41 *
42 * Intel XScale® Core Developer’s Manual, January 2004
43 * Order Number: 273473-002
44 * This has a chapter detailing debug facilities, and punts some
45 * details to chip-specific microarchitecture documentats.
46 *
47 * Hot-Debug for Intel XScale® Core Debug White Paper, May 2005
48 * Document Number: 273539-005
49 * Less detailed than the developer's manual, but summarizes those
50 * missing details (for most XScales) and gives LOTS of notes about
51 * debugger/handler interaction issues. Presents a simpler reset
52 * and load-handler sequence than the arch doc. (Note, OpenOCD
53 * doesn't currently support "Hot-Debug" as defined there.)
54 *
55 * Chip-specific microarchitecture documents may also be useful.
56 */
57
58
59 /* forward declarations */
60 static int xscale_resume(struct target_s *, int current,
61 uint32_t address, int handle_breakpoints, int debug_execution);
62 static int xscale_debug_entry(target_t *);
63 static int xscale_restore_context(target_t *);
64 static int xscale_get_reg(reg_t *reg);
65 static int xscale_set_reg(reg_t *reg, uint8_t *buf);
66 static int xscale_set_breakpoint(struct target_s *, breakpoint_t *);
67 static int xscale_set_watchpoint(struct target_s *, watchpoint_t *);
68 static int xscale_unset_breakpoint(struct target_s *, breakpoint_t *);
69 static int xscale_read_trace(target_t *);
70
71
72 static char *const xscale_reg_list[] =
73 {
74 "XSCALE_MAINID", /* 0 */
75 "XSCALE_CACHETYPE",
76 "XSCALE_CTRL",
77 "XSCALE_AUXCTRL",
78 "XSCALE_TTB",
79 "XSCALE_DAC",
80 "XSCALE_FSR",
81 "XSCALE_FAR",
82 "XSCALE_PID",
83 "XSCALE_CPACCESS",
84 "XSCALE_IBCR0", /* 10 */
85 "XSCALE_IBCR1",
86 "XSCALE_DBR0",
87 "XSCALE_DBR1",
88 "XSCALE_DBCON",
89 "XSCALE_TBREG",
90 "XSCALE_CHKPT0",
91 "XSCALE_CHKPT1",
92 "XSCALE_DCSR",
93 "XSCALE_TX",
94 "XSCALE_RX", /* 20 */
95 "XSCALE_TXRXCTRL",
96 };
97
98 static const xscale_reg_t xscale_reg_arch_info[] =
99 {
100 {XSCALE_MAINID, NULL},
101 {XSCALE_CACHETYPE, NULL},
102 {XSCALE_CTRL, NULL},
103 {XSCALE_AUXCTRL, NULL},
104 {XSCALE_TTB, NULL},
105 {XSCALE_DAC, NULL},
106 {XSCALE_FSR, NULL},
107 {XSCALE_FAR, NULL},
108 {XSCALE_PID, NULL},
109 {XSCALE_CPACCESS, NULL},
110 {XSCALE_IBCR0, NULL},
111 {XSCALE_IBCR1, NULL},
112 {XSCALE_DBR0, NULL},
113 {XSCALE_DBR1, NULL},
114 {XSCALE_DBCON, NULL},
115 {XSCALE_TBREG, NULL},
116 {XSCALE_CHKPT0, NULL},
117 {XSCALE_CHKPT1, NULL},
118 {XSCALE_DCSR, NULL}, /* DCSR accessed via JTAG or SW */
119 {-1, NULL}, /* TX accessed via JTAG */
120 {-1, NULL}, /* RX accessed via JTAG */
121 {-1, NULL}, /* TXRXCTRL implicit access via JTAG */
122 };
123
124 static int xscale_reg_arch_type = -1;
125
126 /* convenience wrapper to access XScale specific registers */
127 static int xscale_set_reg_u32(reg_t *reg, uint32_t value)
128 {
129 uint8_t buf[4];
130
131 buf_set_u32(buf, 0, 32, value);
132
133 return xscale_set_reg(reg, buf);
134 }
135
136
137 static int xscale_get_arch_pointers(target_t *target,
138 armv4_5_common_t **armv4_5_p, xscale_common_t **xscale_p)
139 {
140 armv4_5_common_t *armv4_5 = target->arch_info;
141 xscale_common_t *xscale = armv4_5->arch_info;
142
143 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
144 {
145 LOG_ERROR("target isn't an XScale target");
146 return -1;
147 }
148
149 if (xscale->common_magic != XSCALE_COMMON_MAGIC)
150 {
151 LOG_ERROR("target isn't an XScale target");
152 return -1;
153 }
154
155 *armv4_5_p = armv4_5;
156 *xscale_p = xscale;
157
158 return ERROR_OK;
159 }
160
161 static int xscale_jtag_set_instr(jtag_tap_t *tap, uint32_t new_instr)
162 {
163 if (tap == NULL)
164 return ERROR_FAIL;
165
166 if (buf_get_u32(tap->cur_instr, 0, tap->ir_length) != new_instr)
167 {
168 scan_field_t field;
169
170 field.tap = tap;
171 field.num_bits = tap->ir_length;
172 field.out_value = calloc(CEIL(field.num_bits, 8), 1);
173 buf_set_u32(field.out_value, 0, field.num_bits, new_instr);
174
175 uint8_t tmp[4];
176 field.in_value = tmp;
177
178 jtag_add_ir_scan(1, &field, jtag_get_end_state());
179
180 /* FIX!!!! isn't this check superfluous? verify_ircapture handles this? */
181 jtag_check_value_mask(&field, tap->expected, tap->expected_mask);
182
183 free(field.out_value);
184 }
185
186 return ERROR_OK;
187 }
188
189 static int xscale_read_dcsr(target_t *target)
190 {
191 armv4_5_common_t *armv4_5 = target->arch_info;
192 xscale_common_t *xscale = armv4_5->arch_info;
193
194 int retval;
195
196 scan_field_t fields[3];
197 uint8_t field0 = 0x0;
198 uint8_t field0_check_value = 0x2;
199 uint8_t field0_check_mask = 0x7;
200 uint8_t field2 = 0x0;
201 uint8_t field2_check_value = 0x0;
202 uint8_t field2_check_mask = 0x1;
203
204 jtag_set_end_state(TAP_DRPAUSE);
205 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
206
207 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
208 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
209
210 fields[0].tap = target->tap;
211 fields[0].num_bits = 3;
212 fields[0].out_value = &field0;
213 uint8_t tmp;
214 fields[0].in_value = &tmp;
215
216 fields[1].tap = target->tap;
217 fields[1].num_bits = 32;
218 fields[1].out_value = NULL;
219 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
220
221 fields[2].tap = target->tap;
222 fields[2].num_bits = 1;
223 fields[2].out_value = &field2;
224 uint8_t tmp2;
225 fields[2].in_value = &tmp2;
226
227 jtag_add_dr_scan(3, fields, jtag_get_end_state());
228
229 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
230 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
231
232 if ((retval = jtag_execute_queue()) != ERROR_OK)
233 {
234 LOG_ERROR("JTAG error while reading DCSR");
235 return retval;
236 }
237
238 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
239 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
240
241 /* write the register with the value we just read
242 * on this second pass, only the first bit of field0 is guaranteed to be 0)
243 */
244 field0_check_mask = 0x1;
245 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
246 fields[1].in_value = NULL;
247
248 jtag_set_end_state(TAP_IDLE);
249
250 jtag_add_dr_scan(3, fields, jtag_get_end_state());
251
252 /* DANGER!!! this must be here. It will make sure that the arguments
253 * to jtag_set_check_value() does not go out of scope! */
254 return jtag_execute_queue();
255 }
256
257
258 static void xscale_getbuf(jtag_callback_data_t arg)
259 {
260 uint8_t *in = (uint8_t *)arg;
261 *((uint32_t *)in) = buf_get_u32(in, 0, 32);
262 }
263
264 static int xscale_receive(target_t *target, uint32_t *buffer, int num_words)
265 {
266 if (num_words == 0)
267 return ERROR_INVALID_ARGUMENTS;
268
269 int retval = ERROR_OK;
270 tap_state_t path[3];
271 scan_field_t fields[3];
272 uint8_t *field0 = malloc(num_words * 1);
273 uint8_t field0_check_value = 0x2;
274 uint8_t field0_check_mask = 0x6;
275 uint32_t *field1 = malloc(num_words * 4);
276 uint8_t field2_check_value = 0x0;
277 uint8_t field2_check_mask = 0x1;
278 int words_done = 0;
279 int words_scheduled = 0;
280
281 int i;
282
283 path[0] = TAP_DRSELECT;
284 path[1] = TAP_DRCAPTURE;
285 path[2] = TAP_DRSHIFT;
286
287 fields[0].tap = target->tap;
288 fields[0].num_bits = 3;
289 fields[0].out_value = NULL;
290 fields[0].in_value = NULL;
291 fields[0].check_value = &field0_check_value;
292 fields[0].check_mask = &field0_check_mask;
293
294 fields[1].tap = target->tap;
295 fields[1].num_bits = 32;
296 fields[1].out_value = NULL;
297 fields[1].check_value = NULL;
298 fields[1].check_mask = NULL;
299
300 fields[2].tap = target->tap;
301 fields[2].num_bits = 1;
302 fields[2].out_value = NULL;
303 fields[2].in_value = NULL;
304 fields[2].check_value = &field2_check_value;
305 fields[2].check_mask = &field2_check_mask;
306
307 jtag_set_end_state(TAP_IDLE);
308 xscale_jtag_set_instr(target->tap, XSCALE_DBGTX);
309 jtag_add_runtest(1, jtag_get_end_state()); /* ensures that we're in the TAP_IDLE state as the above could be a no-op */
310
311 /* repeat until all words have been collected */
312 int attempts = 0;
313 while (words_done < num_words)
314 {
315 /* schedule reads */
316 words_scheduled = 0;
317 for (i = words_done; i < num_words; i++)
318 {
319 fields[0].in_value = &field0[i];
320
321 jtag_add_pathmove(3, path);
322
323 fields[1].in_value = (uint8_t *)(field1 + i);
324
325 jtag_add_dr_scan_check(3, fields, jtag_set_end_state(TAP_IDLE));
326
327 jtag_add_callback(xscale_getbuf, (jtag_callback_data_t)(field1 + i));
328
329 words_scheduled++;
330 }
331
332 if ((retval = jtag_execute_queue()) != ERROR_OK)
333 {
334 LOG_ERROR("JTAG error while receiving data from debug handler");
335 break;
336 }
337
338 /* examine results */
339 for (i = words_done; i < num_words; i++)
340 {
341 if (!(field0[0] & 1))
342 {
343 /* move backwards if necessary */
344 int j;
345 for (j = i; j < num_words - 1; j++)
346 {
347 field0[j] = field0[j + 1];
348 field1[j] = field1[j + 1];
349 }
350 words_scheduled--;
351 }
352 }
353 if (words_scheduled == 0)
354 {
355 if (attempts++==1000)
356 {
357 LOG_ERROR("Failed to receiving data from debug handler after 1000 attempts");
358 retval = ERROR_TARGET_TIMEOUT;
359 break;
360 }
361 }
362
363 words_done += words_scheduled;
364 }
365
366 for (i = 0; i < num_words; i++)
367 *(buffer++) = buf_get_u32((uint8_t*)&field1[i], 0, 32);
368
369 free(field1);
370
371 return retval;
372 }
373
374 static int xscale_read_tx(target_t *target, int consume)
375 {
376 armv4_5_common_t *armv4_5 = target->arch_info;
377 xscale_common_t *xscale = armv4_5->arch_info;
378 tap_state_t path[3];
379 tap_state_t noconsume_path[6];
380
381 int retval;
382 struct timeval timeout, now;
383
384 scan_field_t fields[3];
385 uint8_t field0_in = 0x0;
386 uint8_t field0_check_value = 0x2;
387 uint8_t field0_check_mask = 0x6;
388 uint8_t field2_check_value = 0x0;
389 uint8_t field2_check_mask = 0x1;
390
391 jtag_set_end_state(TAP_IDLE);
392
393 xscale_jtag_set_instr(target->tap, XSCALE_DBGTX);
394
395 path[0] = TAP_DRSELECT;
396 path[1] = TAP_DRCAPTURE;
397 path[2] = TAP_DRSHIFT;
398
399 noconsume_path[0] = TAP_DRSELECT;
400 noconsume_path[1] = TAP_DRCAPTURE;
401 noconsume_path[2] = TAP_DREXIT1;
402 noconsume_path[3] = TAP_DRPAUSE;
403 noconsume_path[4] = TAP_DREXIT2;
404 noconsume_path[5] = TAP_DRSHIFT;
405
406 fields[0].tap = target->tap;
407 fields[0].num_bits = 3;
408 fields[0].out_value = NULL;
409 fields[0].in_value = &field0_in;
410
411 fields[1].tap = target->tap;
412 fields[1].num_bits = 32;
413 fields[1].out_value = NULL;
414 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_TX].value;
415
416 fields[2].tap = target->tap;
417 fields[2].num_bits = 1;
418 fields[2].out_value = NULL;
419 uint8_t tmp;
420 fields[2].in_value = &tmp;
421
422 gettimeofday(&timeout, NULL);
423 timeval_add_time(&timeout, 1, 0);
424
425 for (;;)
426 {
427 /* if we want to consume the register content (i.e. clear TX_READY),
428 * we have to go straight from Capture-DR to Shift-DR
429 * otherwise, we go from Capture-DR to Exit1-DR to Pause-DR
430 */
431 if (consume)
432 jtag_add_pathmove(3, path);
433 else
434 {
435 jtag_add_pathmove(sizeof(noconsume_path)/sizeof(*noconsume_path), noconsume_path);
436 }
437
438 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
439
440 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
441 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
442
443 if ((retval = jtag_execute_queue()) != ERROR_OK)
444 {
445 LOG_ERROR("JTAG error while reading TX");
446 return ERROR_TARGET_TIMEOUT;
447 }
448
449 gettimeofday(&now, NULL);
450 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
451 {
452 LOG_ERROR("time out reading TX register");
453 return ERROR_TARGET_TIMEOUT;
454 }
455 if (!((!(field0_in & 1)) && consume))
456 {
457 goto done;
458 }
459 if (debug_level >= 3)
460 {
461 LOG_DEBUG("waiting 100ms");
462 alive_sleep(100); /* avoid flooding the logs */
463 } else
464 {
465 keep_alive();
466 }
467 }
468 done:
469
470 if (!(field0_in & 1))
471 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
472
473 return ERROR_OK;
474 }
475
476 static int xscale_write_rx(target_t *target)
477 {
478 armv4_5_common_t *armv4_5 = target->arch_info;
479 xscale_common_t *xscale = armv4_5->arch_info;
480
481 int retval;
482 struct timeval timeout, now;
483
484 scan_field_t fields[3];
485 uint8_t field0_out = 0x0;
486 uint8_t field0_in = 0x0;
487 uint8_t field0_check_value = 0x2;
488 uint8_t field0_check_mask = 0x6;
489 uint8_t field2 = 0x0;
490 uint8_t field2_check_value = 0x0;
491 uint8_t field2_check_mask = 0x1;
492
493 jtag_set_end_state(TAP_IDLE);
494
495 xscale_jtag_set_instr(target->tap, XSCALE_DBGRX);
496
497 fields[0].tap = target->tap;
498 fields[0].num_bits = 3;
499 fields[0].out_value = &field0_out;
500 fields[0].in_value = &field0_in;
501
502 fields[1].tap = target->tap;
503 fields[1].num_bits = 32;
504 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_RX].value;
505 fields[1].in_value = NULL;
506
507 fields[2].tap = target->tap;
508 fields[2].num_bits = 1;
509 fields[2].out_value = &field2;
510 uint8_t tmp;
511 fields[2].in_value = &tmp;
512
513 gettimeofday(&timeout, NULL);
514 timeval_add_time(&timeout, 1, 0);
515
516 /* poll until rx_read is low */
517 LOG_DEBUG("polling RX");
518 for (;;)
519 {
520 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
521
522 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
523 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
524
525 if ((retval = jtag_execute_queue()) != ERROR_OK)
526 {
527 LOG_ERROR("JTAG error while writing RX");
528 return retval;
529 }
530
531 gettimeofday(&now, NULL);
532 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
533 {
534 LOG_ERROR("time out writing RX register");
535 return ERROR_TARGET_TIMEOUT;
536 }
537 if (!(field0_in & 1))
538 goto done;
539 if (debug_level >= 3)
540 {
541 LOG_DEBUG("waiting 100ms");
542 alive_sleep(100); /* avoid flooding the logs */
543 } else
544 {
545 keep_alive();
546 }
547 }
548 done:
549
550 /* set rx_valid */
551 field2 = 0x1;
552 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
553
554 if ((retval = jtag_execute_queue()) != ERROR_OK)
555 {
556 LOG_ERROR("JTAG error while writing RX");
557 return retval;
558 }
559
560 return ERROR_OK;
561 }
562
563 /* send count elements of size byte to the debug handler */
564 static int xscale_send(target_t *target, uint8_t *buffer, int count, int size)
565 {
566 uint32_t t[3];
567 int bits[3];
568 int retval;
569 int done_count = 0;
570
571 jtag_set_end_state(TAP_IDLE);
572
573 xscale_jtag_set_instr(target->tap, XSCALE_DBGRX);
574
575 bits[0]=3;
576 t[0]=0;
577 bits[1]=32;
578 t[2]=1;
579 bits[2]=1;
580 int endianness = target->endianness;
581 while (done_count++ < count)
582 {
583 switch (size)
584 {
585 case 4:
586 if (endianness == TARGET_LITTLE_ENDIAN)
587 {
588 t[1]=le_to_h_u32(buffer);
589 } else
590 {
591 t[1]=be_to_h_u32(buffer);
592 }
593 break;
594 case 2:
595 if (endianness == TARGET_LITTLE_ENDIAN)
596 {
597 t[1]=le_to_h_u16(buffer);
598 } else
599 {
600 t[1]=be_to_h_u16(buffer);
601 }
602 break;
603 case 1:
604 t[1]=buffer[0];
605 break;
606 default:
607 LOG_ERROR("BUG: size neither 4, 2 nor 1");
608 exit(-1);
609 }
610 jtag_add_dr_out(target->tap,
611 3,
612 bits,
613 t,
614 jtag_set_end_state(TAP_IDLE));
615 buffer += size;
616 }
617
618 if ((retval = jtag_execute_queue()) != ERROR_OK)
619 {
620 LOG_ERROR("JTAG error while sending data to debug handler");
621 return retval;
622 }
623
624 return ERROR_OK;
625 }
626
627 static int xscale_send_u32(target_t *target, uint32_t value)
628 {
629 armv4_5_common_t *armv4_5 = target->arch_info;
630 xscale_common_t *xscale = armv4_5->arch_info;
631
632 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
633 return xscale_write_rx(target);
634 }
635
636 static int xscale_write_dcsr(target_t *target, int hold_rst, int ext_dbg_brk)
637 {
638 armv4_5_common_t *armv4_5 = target->arch_info;
639 xscale_common_t *xscale = armv4_5->arch_info;
640
641 int retval;
642
643 scan_field_t fields[3];
644 uint8_t field0 = 0x0;
645 uint8_t field0_check_value = 0x2;
646 uint8_t field0_check_mask = 0x7;
647 uint8_t field2 = 0x0;
648 uint8_t field2_check_value = 0x0;
649 uint8_t field2_check_mask = 0x1;
650
651 if (hold_rst != -1)
652 xscale->hold_rst = hold_rst;
653
654 if (ext_dbg_brk != -1)
655 xscale->external_debug_break = ext_dbg_brk;
656
657 jtag_set_end_state(TAP_IDLE);
658 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
659
660 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
661 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
662
663 fields[0].tap = target->tap;
664 fields[0].num_bits = 3;
665 fields[0].out_value = &field0;
666 uint8_t tmp;
667 fields[0].in_value = &tmp;
668
669 fields[1].tap = target->tap;
670 fields[1].num_bits = 32;
671 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
672 fields[1].in_value = NULL;
673
674 fields[2].tap = target->tap;
675 fields[2].num_bits = 1;
676 fields[2].out_value = &field2;
677 uint8_t tmp2;
678 fields[2].in_value = &tmp2;
679
680 jtag_add_dr_scan(3, fields, jtag_get_end_state());
681
682 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
683 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
684
685 if ((retval = jtag_execute_queue()) != ERROR_OK)
686 {
687 LOG_ERROR("JTAG error while writing DCSR");
688 return retval;
689 }
690
691 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
692 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
693
694 return ERROR_OK;
695 }
696
697 /* parity of the number of bits 0 if even; 1 if odd. for 32 bit words */
698 static unsigned int parity (unsigned int v)
699 {
700 // unsigned int ov = v;
701 v ^= v >> 16;
702 v ^= v >> 8;
703 v ^= v >> 4;
704 v &= 0xf;
705 // LOG_DEBUG("parity of 0x%x is %i", ov, (0x6996 >> v) & 1);
706 return (0x6996 >> v) & 1;
707 }
708
709 static int xscale_load_ic(target_t *target, uint32_t va, uint32_t buffer[8])
710 {
711 uint8_t packet[4];
712 uint8_t cmd;
713 int word;
714 scan_field_t fields[2];
715
716 LOG_DEBUG("loading miniIC at 0x%8.8" PRIx32 "", va);
717
718 /* LDIC into IR */
719 jtag_set_end_state(TAP_IDLE);
720 xscale_jtag_set_instr(target->tap, XSCALE_LDIC);
721
722 /* CMD is b011 to load a cacheline into the Mini ICache.
723 * Loading into the main ICache is deprecated, and unused.
724 * It's followed by three zero bits, and 27 address bits.
725 */
726 buf_set_u32(&cmd, 0, 6, 0x3);
727
728 /* virtual address of desired cache line */
729 buf_set_u32(packet, 0, 27, va >> 5);
730
731 fields[0].tap = target->tap;
732 fields[0].num_bits = 6;
733 fields[0].out_value = &cmd;
734 fields[0].in_value = NULL;
735
736 fields[1].tap = target->tap;
737 fields[1].num_bits = 27;
738 fields[1].out_value = packet;
739 fields[1].in_value = NULL;
740
741 jtag_add_dr_scan(2, fields, jtag_get_end_state());
742
743 /* rest of packet is a cacheline: 8 instructions, with parity */
744 fields[0].num_bits = 32;
745 fields[0].out_value = packet;
746
747 fields[1].num_bits = 1;
748 fields[1].out_value = &cmd;
749
750 for (word = 0; word < 8; word++)
751 {
752 buf_set_u32(packet, 0, 32, buffer[word]);
753
754 uint32_t value;
755 memcpy(&value, packet, sizeof(uint32_t));
756 cmd = parity(value);
757
758 jtag_add_dr_scan(2, fields, jtag_get_end_state());
759 }
760
761 return jtag_execute_queue();
762 }
763
764 static int xscale_invalidate_ic_line(target_t *target, uint32_t va)
765 {
766 uint8_t packet[4];
767 uint8_t cmd;
768 scan_field_t fields[2];
769
770 jtag_set_end_state(TAP_IDLE);
771 xscale_jtag_set_instr(target->tap, XSCALE_LDIC);
772
773 /* CMD for invalidate IC line b000, bits [6:4] b000 */
774 buf_set_u32(&cmd, 0, 6, 0x0);
775
776 /* virtual address of desired cache line */
777 buf_set_u32(packet, 0, 27, va >> 5);
778
779 fields[0].tap = target->tap;
780 fields[0].num_bits = 6;
781 fields[0].out_value = &cmd;
782 fields[0].in_value = NULL;
783
784 fields[1].tap = target->tap;
785 fields[1].num_bits = 27;
786 fields[1].out_value = packet;
787 fields[1].in_value = NULL;
788
789 jtag_add_dr_scan(2, fields, jtag_get_end_state());
790
791 return ERROR_OK;
792 }
793
794 static int xscale_update_vectors(target_t *target)
795 {
796 armv4_5_common_t *armv4_5 = target->arch_info;
797 xscale_common_t *xscale = armv4_5->arch_info;
798 int i;
799 int retval;
800
801 uint32_t low_reset_branch, high_reset_branch;
802
803 for (i = 1; i < 8; i++)
804 {
805 /* if there's a static vector specified for this exception, override */
806 if (xscale->static_high_vectors_set & (1 << i))
807 {
808 xscale->high_vectors[i] = xscale->static_high_vectors[i];
809 }
810 else
811 {
812 retval = target_read_u32(target, 0xffff0000 + 4*i, &xscale->high_vectors[i]);
813 if (retval == ERROR_TARGET_TIMEOUT)
814 return retval;
815 if (retval != ERROR_OK)
816 {
817 /* Some of these reads will fail as part of normal execution */
818 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
819 }
820 }
821 }
822
823 for (i = 1; i < 8; i++)
824 {
825 if (xscale->static_low_vectors_set & (1 << i))
826 {
827 xscale->low_vectors[i] = xscale->static_low_vectors[i];
828 }
829 else
830 {
831 retval = target_read_u32(target, 0x0 + 4*i, &xscale->low_vectors[i]);
832 if (retval == ERROR_TARGET_TIMEOUT)
833 return retval;
834 if (retval != ERROR_OK)
835 {
836 /* Some of these reads will fail as part of normal execution */
837 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
838 }
839 }
840 }
841
842 /* calculate branches to debug handler */
843 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
844 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
845
846 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
847 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
848
849 /* invalidate and load exception vectors in mini i-cache */
850 xscale_invalidate_ic_line(target, 0x0);
851 xscale_invalidate_ic_line(target, 0xffff0000);
852
853 xscale_load_ic(target, 0x0, xscale->low_vectors);
854 xscale_load_ic(target, 0xffff0000, xscale->high_vectors);
855
856 return ERROR_OK;
857 }
858
859 static int xscale_arch_state(struct target_s *target)
860 {
861 armv4_5_common_t *armv4_5 = target->arch_info;
862 xscale_common_t *xscale = armv4_5->arch_info;
863
864 static const char *state[] =
865 {
866 "disabled", "enabled"
867 };
868
869 static const char *arch_dbg_reason[] =
870 {
871 "", "\n(processor reset)", "\n(trace buffer full)"
872 };
873
874 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
875 {
876 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
877 exit(-1);
878 }
879
880 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
881 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
882 "MMU: %s, D-Cache: %s, I-Cache: %s"
883 "%s",
884 armv4_5_state_strings[armv4_5->core_state],
885 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name ,
886 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
887 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
888 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
889 state[xscale->armv4_5_mmu.mmu_enabled],
890 state[xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
891 state[xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled],
892 arch_dbg_reason[xscale->arch_debug_reason]);
893
894 return ERROR_OK;
895 }
896
897 static int xscale_poll(target_t *target)
898 {
899 int retval = ERROR_OK;
900 armv4_5_common_t *armv4_5 = target->arch_info;
901 xscale_common_t *xscale = armv4_5->arch_info;
902
903 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_DEBUG_RUNNING))
904 {
905 enum target_state previous_state = target->state;
906 if ((retval = xscale_read_tx(target, 0)) == ERROR_OK)
907 {
908
909 /* there's data to read from the tx register, we entered debug state */
910 xscale->handler_running = 1;
911
912 target->state = TARGET_HALTED;
913
914 /* process debug entry, fetching current mode regs */
915 retval = xscale_debug_entry(target);
916 }
917 else if (retval != ERROR_TARGET_RESOURCE_NOT_AVAILABLE)
918 {
919 LOG_USER("error while polling TX register, reset CPU");
920 /* here we "lie" so GDB won't get stuck and a reset can be perfomed */
921 target->state = TARGET_HALTED;
922 }
923
924 /* debug_entry could have overwritten target state (i.e. immediate resume)
925 * don't signal event handlers in that case
926 */
927 if (target->state != TARGET_HALTED)
928 return ERROR_OK;
929
930 /* if target was running, signal that we halted
931 * otherwise we reentered from debug execution */
932 if (previous_state == TARGET_RUNNING)
933 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
934 else
935 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
936 }
937
938 return retval;
939 }
940
941 static int xscale_debug_entry(target_t *target)
942 {
943 armv4_5_common_t *armv4_5 = target->arch_info;
944 xscale_common_t *xscale = armv4_5->arch_info;
945 uint32_t pc;
946 uint32_t buffer[10];
947 int i;
948 int retval;
949
950 uint32_t moe;
951
952 /* clear external dbg break (will be written on next DCSR read) */
953 xscale->external_debug_break = 0;
954 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
955 return retval;
956
957 /* get r0, pc, r1 to r7 and cpsr */
958 if ((retval = xscale_receive(target, buffer, 10)) != ERROR_OK)
959 return retval;
960
961 /* move r0 from buffer to register cache */
962 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, buffer[0]);
963 armv4_5->core_cache->reg_list[0].dirty = 1;
964 armv4_5->core_cache->reg_list[0].valid = 1;
965 LOG_DEBUG("r0: 0x%8.8" PRIx32 "", buffer[0]);
966
967 /* move pc from buffer to register cache */
968 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, buffer[1]);
969 armv4_5->core_cache->reg_list[15].dirty = 1;
970 armv4_5->core_cache->reg_list[15].valid = 1;
971 LOG_DEBUG("pc: 0x%8.8" PRIx32 "", buffer[1]);
972
973 /* move data from buffer to register cache */
974 for (i = 1; i <= 7; i++)
975 {
976 buf_set_u32(armv4_5->core_cache->reg_list[i].value, 0, 32, buffer[1 + i]);
977 armv4_5->core_cache->reg_list[i].dirty = 1;
978 armv4_5->core_cache->reg_list[i].valid = 1;
979 LOG_DEBUG("r%i: 0x%8.8" PRIx32 "", i, buffer[i + 1]);
980 }
981
982 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, buffer[9]);
983 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
984 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
985 LOG_DEBUG("cpsr: 0x%8.8" PRIx32 "", buffer[9]);
986
987 armv4_5->core_mode = buffer[9] & 0x1f;
988 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
989 {
990 target->state = TARGET_UNKNOWN;
991 LOG_ERROR("cpsr contains invalid mode value - communication failure");
992 return ERROR_TARGET_FAILURE;
993 }
994 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
995
996 if (buffer[9] & 0x20)
997 armv4_5->core_state = ARMV4_5_STATE_THUMB;
998 else
999 armv4_5->core_state = ARMV4_5_STATE_ARM;
1000
1001
1002 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1003 return ERROR_FAIL;
1004
1005 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1006 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
1007 {
1008 xscale_receive(target, buffer, 8);
1009 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1010 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1011 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1012 }
1013 else
1014 {
1015 /* r8 to r14, but no spsr */
1016 xscale_receive(target, buffer, 7);
1017 }
1018
1019 /* move data from buffer to register cache */
1020 for (i = 8; i <= 14; i++)
1021 {
1022 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, buffer[i - 8]);
1023 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1024 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1025 }
1026
1027 /* examine debug reason */
1028 xscale_read_dcsr(target);
1029 moe = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 2, 3);
1030
1031 /* stored PC (for calculating fixup) */
1032 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1033
1034 switch (moe)
1035 {
1036 case 0x0: /* Processor reset */
1037 target->debug_reason = DBG_REASON_DBGRQ;
1038 xscale->arch_debug_reason = XSCALE_DBG_REASON_RESET;
1039 pc -= 4;
1040 break;
1041 case 0x1: /* Instruction breakpoint hit */
1042 target->debug_reason = DBG_REASON_BREAKPOINT;
1043 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1044 pc -= 4;
1045 break;
1046 case 0x2: /* Data breakpoint hit */
1047 target->debug_reason = DBG_REASON_WATCHPOINT;
1048 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1049 pc -= 4;
1050 break;
1051 case 0x3: /* BKPT instruction executed */
1052 target->debug_reason = DBG_REASON_BREAKPOINT;
1053 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1054 pc -= 4;
1055 break;
1056 case 0x4: /* Ext. debug event */
1057 target->debug_reason = DBG_REASON_DBGRQ;
1058 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1059 pc -= 4;
1060 break;
1061 case 0x5: /* Vector trap occured */
1062 target->debug_reason = DBG_REASON_BREAKPOINT;
1063 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1064 pc -= 4;
1065 break;
1066 case 0x6: /* Trace buffer full break */
1067 target->debug_reason = DBG_REASON_DBGRQ;
1068 xscale->arch_debug_reason = XSCALE_DBG_REASON_TB_FULL;
1069 pc -= 4;
1070 break;
1071 case 0x7: /* Reserved (may flag Hot-Debug support) */
1072 default:
1073 LOG_ERROR("Method of Entry is 'Reserved'");
1074 exit(-1);
1075 break;
1076 }
1077
1078 /* apply PC fixup */
1079 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
1080
1081 /* on the first debug entry, identify cache type */
1082 if (xscale->armv4_5_mmu.armv4_5_cache.ctype == -1)
1083 {
1084 uint32_t cache_type_reg;
1085
1086 /* read cp15 cache type register */
1087 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CACHETYPE]);
1088 cache_type_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CACHETYPE].value, 0, 32);
1089
1090 armv4_5_identify_cache(cache_type_reg, &xscale->armv4_5_mmu.armv4_5_cache);
1091 }
1092
1093 /* examine MMU and Cache settings */
1094 /* read cp15 control register */
1095 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
1096 xscale->cp15_control_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
1097 xscale->armv4_5_mmu.mmu_enabled = (xscale->cp15_control_reg & 0x1U) ? 1 : 0;
1098 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (xscale->cp15_control_reg & 0x4U) ? 1 : 0;
1099 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (xscale->cp15_control_reg & 0x1000U) ? 1 : 0;
1100
1101 /* tracing enabled, read collected trace data */
1102 if (xscale->trace.buffer_enabled)
1103 {
1104 xscale_read_trace(target);
1105 xscale->trace.buffer_fill--;
1106
1107 /* resume if we're still collecting trace data */
1108 if ((xscale->arch_debug_reason == XSCALE_DBG_REASON_TB_FULL)
1109 && (xscale->trace.buffer_fill > 0))
1110 {
1111 xscale_resume(target, 1, 0x0, 1, 0);
1112 }
1113 else
1114 {
1115 xscale->trace.buffer_enabled = 0;
1116 }
1117 }
1118
1119 return ERROR_OK;
1120 }
1121
1122 static int xscale_halt(target_t *target)
1123 {
1124 armv4_5_common_t *armv4_5 = target->arch_info;
1125 xscale_common_t *xscale = armv4_5->arch_info;
1126
1127 LOG_DEBUG("target->state: %s",
1128 target_state_name(target));
1129
1130 if (target->state == TARGET_HALTED)
1131 {
1132 LOG_DEBUG("target was already halted");
1133 return ERROR_OK;
1134 }
1135 else if (target->state == TARGET_UNKNOWN)
1136 {
1137 /* this must not happen for a xscale target */
1138 LOG_ERROR("target was in unknown state when halt was requested");
1139 return ERROR_TARGET_INVALID;
1140 }
1141 else if (target->state == TARGET_RESET)
1142 {
1143 LOG_DEBUG("target->state == TARGET_RESET");
1144 }
1145 else
1146 {
1147 /* assert external dbg break */
1148 xscale->external_debug_break = 1;
1149 xscale_read_dcsr(target);
1150
1151 target->debug_reason = DBG_REASON_DBGRQ;
1152 }
1153
1154 return ERROR_OK;
1155 }
1156
1157 static int xscale_enable_single_step(struct target_s *target, uint32_t next_pc)
1158 {
1159 armv4_5_common_t *armv4_5 = target->arch_info;
1160 xscale_common_t *xscale= armv4_5->arch_info;
1161 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1162 int retval;
1163
1164 if (xscale->ibcr0_used)
1165 {
1166 breakpoint_t *ibcr0_bp = breakpoint_find(target, buf_get_u32(ibcr0->value, 0, 32) & 0xfffffffe);
1167
1168 if (ibcr0_bp)
1169 {
1170 xscale_unset_breakpoint(target, ibcr0_bp);
1171 }
1172 else
1173 {
1174 LOG_ERROR("BUG: xscale->ibcr0_used is set, but no breakpoint with that address found");
1175 exit(-1);
1176 }
1177 }
1178
1179 if ((retval = xscale_set_reg_u32(ibcr0, next_pc | 0x1)) != ERROR_OK)
1180 return retval;
1181
1182 return ERROR_OK;
1183 }
1184
1185 static int xscale_disable_single_step(struct target_s *target)
1186 {
1187 armv4_5_common_t *armv4_5 = target->arch_info;
1188 xscale_common_t *xscale= armv4_5->arch_info;
1189 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1190 int retval;
1191
1192 if ((retval = xscale_set_reg_u32(ibcr0, 0x0)) != ERROR_OK)
1193 return retval;
1194
1195 return ERROR_OK;
1196 }
1197
1198 static void xscale_enable_watchpoints(struct target_s *target)
1199 {
1200 watchpoint_t *watchpoint = target->watchpoints;
1201
1202 while (watchpoint)
1203 {
1204 if (watchpoint->set == 0)
1205 xscale_set_watchpoint(target, watchpoint);
1206 watchpoint = watchpoint->next;
1207 }
1208 }
1209
1210 static void xscale_enable_breakpoints(struct target_s *target)
1211 {
1212 breakpoint_t *breakpoint = target->breakpoints;
1213
1214 /* set any pending breakpoints */
1215 while (breakpoint)
1216 {
1217 if (breakpoint->set == 0)
1218 xscale_set_breakpoint(target, breakpoint);
1219 breakpoint = breakpoint->next;
1220 }
1221 }
1222
1223 static int xscale_resume(struct target_s *target, int current,
1224 uint32_t address, int handle_breakpoints, int debug_execution)
1225 {
1226 armv4_5_common_t *armv4_5 = target->arch_info;
1227 xscale_common_t *xscale= armv4_5->arch_info;
1228 breakpoint_t *breakpoint = target->breakpoints;
1229
1230 uint32_t current_pc;
1231
1232 int retval;
1233 int i;
1234
1235 LOG_DEBUG("-");
1236
1237 if (target->state != TARGET_HALTED)
1238 {
1239 LOG_WARNING("target not halted");
1240 return ERROR_TARGET_NOT_HALTED;
1241 }
1242
1243 if (!debug_execution)
1244 {
1245 target_free_all_working_areas(target);
1246 }
1247
1248 /* update vector tables */
1249 if ((retval = xscale_update_vectors(target)) != ERROR_OK)
1250 return retval;
1251
1252 /* current = 1: continue on current pc, otherwise continue at <address> */
1253 if (!current)
1254 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1255
1256 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1257
1258 /* if we're at the reset vector, we have to simulate the branch */
1259 if (current_pc == 0x0)
1260 {
1261 arm_simulate_step(target, NULL);
1262 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1263 }
1264
1265 /* the front-end may request us not to handle breakpoints */
1266 if (handle_breakpoints)
1267 {
1268 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1269 {
1270 uint32_t next_pc;
1271
1272 /* there's a breakpoint at the current PC, we have to step over it */
1273 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1274 xscale_unset_breakpoint(target, breakpoint);
1275
1276 /* calculate PC of next instruction */
1277 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1278 {
1279 uint32_t current_opcode;
1280 target_read_u32(target, current_pc, &current_opcode);
1281 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1282 }
1283
1284 LOG_DEBUG("enable single-step");
1285 xscale_enable_single_step(target, next_pc);
1286
1287 /* restore banked registers */
1288 xscale_restore_context(target);
1289
1290 /* send resume request (command 0x30 or 0x31)
1291 * clean the trace buffer if it is to be enabled (0x62) */
1292 if (xscale->trace.buffer_enabled)
1293 {
1294 xscale_send_u32(target, 0x62);
1295 xscale_send_u32(target, 0x31);
1296 }
1297 else
1298 xscale_send_u32(target, 0x30);
1299
1300 /* send CPSR */
1301 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1302 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1303
1304 for (i = 7; i >= 0; i--)
1305 {
1306 /* send register */
1307 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1308 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1309 }
1310
1311 /* send PC */
1312 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1313 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1314
1315 /* wait for and process debug entry */
1316 xscale_debug_entry(target);
1317
1318 LOG_DEBUG("disable single-step");
1319 xscale_disable_single_step(target);
1320
1321 LOG_DEBUG("set breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1322 xscale_set_breakpoint(target, breakpoint);
1323 }
1324 }
1325
1326 /* enable any pending breakpoints and watchpoints */
1327 xscale_enable_breakpoints(target);
1328 xscale_enable_watchpoints(target);
1329
1330 /* restore banked registers */
1331 xscale_restore_context(target);
1332
1333 /* send resume request (command 0x30 or 0x31)
1334 * clean the trace buffer if it is to be enabled (0x62) */
1335 if (xscale->trace.buffer_enabled)
1336 {
1337 xscale_send_u32(target, 0x62);
1338 xscale_send_u32(target, 0x31);
1339 }
1340 else
1341 xscale_send_u32(target, 0x30);
1342
1343 /* send CPSR */
1344 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1345 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1346
1347 for (i = 7; i >= 0; i--)
1348 {
1349 /* send register */
1350 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1351 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1352 }
1353
1354 /* send PC */
1355 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1356 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1357
1358 target->debug_reason = DBG_REASON_NOTHALTED;
1359
1360 if (!debug_execution)
1361 {
1362 /* registers are now invalid */
1363 armv4_5_invalidate_core_regs(target);
1364 target->state = TARGET_RUNNING;
1365 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1366 }
1367 else
1368 {
1369 target->state = TARGET_DEBUG_RUNNING;
1370 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1371 }
1372
1373 LOG_DEBUG("target resumed");
1374
1375 xscale->handler_running = 1;
1376
1377 return ERROR_OK;
1378 }
1379
1380 static int xscale_step_inner(struct target_s *target, int current,
1381 uint32_t address, int handle_breakpoints)
1382 {
1383 armv4_5_common_t *armv4_5 = target->arch_info;
1384 xscale_common_t *xscale = armv4_5->arch_info;
1385
1386 uint32_t next_pc;
1387 int retval;
1388 int i;
1389
1390 target->debug_reason = DBG_REASON_SINGLESTEP;
1391
1392 /* calculate PC of next instruction */
1393 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1394 {
1395 uint32_t current_opcode, current_pc;
1396 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1397
1398 target_read_u32(target, current_pc, &current_opcode);
1399 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1400 return retval;
1401 }
1402
1403 LOG_DEBUG("enable single-step");
1404 if ((retval = xscale_enable_single_step(target, next_pc)) != ERROR_OK)
1405 return retval;
1406
1407 /* restore banked registers */
1408 if ((retval = xscale_restore_context(target)) != ERROR_OK)
1409 return retval;
1410
1411 /* send resume request (command 0x30 or 0x31)
1412 * clean the trace buffer if it is to be enabled (0x62) */
1413 if (xscale->trace.buffer_enabled)
1414 {
1415 if ((retval = xscale_send_u32(target, 0x62)) != ERROR_OK)
1416 return retval;
1417 if ((retval = xscale_send_u32(target, 0x31)) != ERROR_OK)
1418 return retval;
1419 }
1420 else
1421 if ((retval = xscale_send_u32(target, 0x30)) != ERROR_OK)
1422 return retval;
1423
1424 /* send CPSR */
1425 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32))) != ERROR_OK)
1426 return retval;
1427 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1428
1429 for (i = 7; i >= 0; i--)
1430 {
1431 /* send register */
1432 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32))) != ERROR_OK)
1433 return retval;
1434 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1435 }
1436
1437 /* send PC */
1438 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))) != ERROR_OK)
1439 return retval;
1440 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1441
1442 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1443
1444 /* registers are now invalid */
1445 if ((retval = armv4_5_invalidate_core_regs(target)) != ERROR_OK)
1446 return retval;
1447
1448 /* wait for and process debug entry */
1449 if ((retval = xscale_debug_entry(target)) != ERROR_OK)
1450 return retval;
1451
1452 LOG_DEBUG("disable single-step");
1453 if ((retval = xscale_disable_single_step(target)) != ERROR_OK)
1454 return retval;
1455
1456 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1457
1458 return ERROR_OK;
1459 }
1460
1461 static int xscale_step(struct target_s *target, int current,
1462 uint32_t address, int handle_breakpoints)
1463 {
1464 armv4_5_common_t *armv4_5 = target->arch_info;
1465 breakpoint_t *breakpoint = target->breakpoints;
1466
1467 uint32_t current_pc;
1468 int retval;
1469
1470 if (target->state != TARGET_HALTED)
1471 {
1472 LOG_WARNING("target not halted");
1473 return ERROR_TARGET_NOT_HALTED;
1474 }
1475
1476 /* current = 1: continue on current pc, otherwise continue at <address> */
1477 if (!current)
1478 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1479
1480 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1481
1482 /* if we're at the reset vector, we have to simulate the step */
1483 if (current_pc == 0x0)
1484 {
1485 if ((retval = arm_simulate_step(target, NULL)) != ERROR_OK)
1486 return retval;
1487 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1488
1489 target->debug_reason = DBG_REASON_SINGLESTEP;
1490 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1491
1492 return ERROR_OK;
1493 }
1494
1495 /* the front-end may request us not to handle breakpoints */
1496 if (handle_breakpoints)
1497 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1498 {
1499 if ((retval = xscale_unset_breakpoint(target, breakpoint)) != ERROR_OK)
1500 return retval;
1501 }
1502
1503 retval = xscale_step_inner(target, current, address, handle_breakpoints);
1504
1505 if (breakpoint)
1506 {
1507 xscale_set_breakpoint(target, breakpoint);
1508 }
1509
1510 LOG_DEBUG("target stepped");
1511
1512 return ERROR_OK;
1513
1514 }
1515
1516 static int xscale_assert_reset(target_t *target)
1517 {
1518 armv4_5_common_t *armv4_5 = target->arch_info;
1519 xscale_common_t *xscale = armv4_5->arch_info;
1520
1521 LOG_DEBUG("target->state: %s",
1522 target_state_name(target));
1523
1524 /* select DCSR instruction (set endstate to R-T-I to ensure we don't
1525 * end up in T-L-R, which would reset JTAG
1526 */
1527 jtag_set_end_state(TAP_IDLE);
1528 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
1529
1530 /* set Hold reset, Halt mode and Trap Reset */
1531 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1532 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1533 xscale_write_dcsr(target, 1, 0);
1534
1535 /* select BYPASS, because having DCSR selected caused problems on the PXA27x */
1536 xscale_jtag_set_instr(target->tap, 0x7f);
1537 jtag_execute_queue();
1538
1539 /* assert reset */
1540 jtag_add_reset(0, 1);
1541
1542 /* sleep 1ms, to be sure we fulfill any requirements */
1543 jtag_add_sleep(1000);
1544 jtag_execute_queue();
1545
1546 target->state = TARGET_RESET;
1547
1548 if (target->reset_halt)
1549 {
1550 int retval;
1551 if ((retval = target_halt(target)) != ERROR_OK)
1552 return retval;
1553 }
1554
1555 return ERROR_OK;
1556 }
1557
1558 static int xscale_deassert_reset(target_t *target)
1559 {
1560 armv4_5_common_t *armv4_5 = target->arch_info;
1561 xscale_common_t *xscale = armv4_5->arch_info;
1562
1563 fileio_t debug_handler;
1564 uint32_t address;
1565 uint32_t binary_size;
1566
1567 uint32_t buf_cnt;
1568 uint32_t i;
1569 int retval;
1570
1571 breakpoint_t *breakpoint = target->breakpoints;
1572
1573 LOG_DEBUG("-");
1574
1575 xscale->ibcr_available = 2;
1576 xscale->ibcr0_used = 0;
1577 xscale->ibcr1_used = 0;
1578
1579 xscale->dbr_available = 2;
1580 xscale->dbr0_used = 0;
1581 xscale->dbr1_used = 0;
1582
1583 /* mark all hardware breakpoints as unset */
1584 while (breakpoint)
1585 {
1586 if (breakpoint->type == BKPT_HARD)
1587 {
1588 breakpoint->set = 0;
1589 }
1590 breakpoint = breakpoint->next;
1591 }
1592
1593 if (!xscale->handler_installed)
1594 {
1595 /* release SRST */
1596 jtag_add_reset(0, 0);
1597
1598 /* wait 300ms; 150 and 100ms were not enough */
1599 jtag_add_sleep(300*1000);
1600
1601 jtag_add_runtest(2030, jtag_set_end_state(TAP_IDLE));
1602 jtag_execute_queue();
1603
1604 /* set Hold reset, Halt mode and Trap Reset */
1605 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1606 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1607 xscale_write_dcsr(target, 1, 0);
1608
1609 /* Load debug handler */
1610 if (fileio_open(&debug_handler, "xscale/debug_handler.bin", FILEIO_READ, FILEIO_BINARY) != ERROR_OK)
1611 {
1612 return ERROR_OK;
1613 }
1614
1615 if ((binary_size = debug_handler.size) % 4)
1616 {
1617 LOG_ERROR("debug_handler.bin: size not a multiple of 4");
1618 exit(-1);
1619 }
1620
1621 if (binary_size > 0x800)
1622 {
1623 LOG_ERROR("debug_handler.bin: larger than 2kb");
1624 exit(-1);
1625 }
1626
1627 binary_size = CEIL(binary_size, 32) * 32;
1628
1629 address = xscale->handler_address;
1630 while (binary_size > 0)
1631 {
1632 uint32_t cache_line[8];
1633 uint8_t buffer[32];
1634
1635 if ((retval = fileio_read(&debug_handler, 32, buffer, &buf_cnt)) != ERROR_OK)
1636 {
1637
1638 }
1639
1640 for (i = 0; i < buf_cnt; i += 4)
1641 {
1642 /* convert LE buffer to host-endian uint32_t */
1643 cache_line[i / 4] = le_to_h_u32(&buffer[i]);
1644 }
1645
1646 for (; i < 32; i += 4)
1647 {
1648 cache_line[i / 4] = 0xe1a08008;
1649 }
1650
1651 /* only load addresses other than the reset vectors */
1652 if ((address % 0x400) != 0x0)
1653 {
1654 xscale_load_ic(target, address, cache_line);
1655 }
1656
1657 address += buf_cnt;
1658 binary_size -= buf_cnt;
1659 };
1660
1661 xscale_load_ic(target, 0x0, xscale->low_vectors);
1662 xscale_load_ic(target, 0xffff0000, xscale->high_vectors);
1663
1664 jtag_add_runtest(30, jtag_set_end_state(TAP_IDLE));
1665
1666 jtag_add_sleep(100000);
1667
1668 /* set Hold reset, Halt mode and Trap Reset */
1669 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1670 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1671 xscale_write_dcsr(target, 1, 0);
1672
1673 /* clear Hold reset to let the target run (should enter debug handler) */
1674 xscale_write_dcsr(target, 0, 1);
1675 target->state = TARGET_RUNNING;
1676
1677 if (!target->reset_halt)
1678 {
1679 jtag_add_sleep(10000);
1680
1681 /* we should have entered debug now */
1682 xscale_debug_entry(target);
1683 target->state = TARGET_HALTED;
1684
1685 /* resume the target */
1686 xscale_resume(target, 1, 0x0, 1, 0);
1687 }
1688
1689 fileio_close(&debug_handler);
1690 }
1691 else
1692 {
1693 jtag_add_reset(0, 0);
1694 }
1695
1696 return ERROR_OK;
1697 }
1698
1699 static int xscale_read_core_reg(struct target_s *target, int num,
1700 enum armv4_5_mode mode)
1701 {
1702 LOG_ERROR("not implemented");
1703 return ERROR_OK;
1704 }
1705
1706 static int xscale_write_core_reg(struct target_s *target, int num,
1707 enum armv4_5_mode mode, uint32_t value)
1708 {
1709 LOG_ERROR("not implemented");
1710 return ERROR_OK;
1711 }
1712
1713 static int xscale_full_context(target_t *target)
1714 {
1715 armv4_5_common_t *armv4_5 = target->arch_info;
1716
1717 uint32_t *buffer;
1718
1719 int i, j;
1720
1721 LOG_DEBUG("-");
1722
1723 if (target->state != TARGET_HALTED)
1724 {
1725 LOG_WARNING("target not halted");
1726 return ERROR_TARGET_NOT_HALTED;
1727 }
1728
1729 buffer = malloc(4 * 8);
1730
1731 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1732 * we can't enter User mode on an XScale (unpredictable),
1733 * but User shares registers with SYS
1734 */
1735 for (i = 1; i < 7; i++)
1736 {
1737 int valid = 1;
1738
1739 /* check if there are invalid registers in the current mode
1740 */
1741 for (j = 0; j <= 16; j++)
1742 {
1743 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1744 valid = 0;
1745 }
1746
1747 if (!valid)
1748 {
1749 uint32_t tmp_cpsr;
1750
1751 /* request banked registers */
1752 xscale_send_u32(target, 0x0);
1753
1754 tmp_cpsr = 0x0;
1755 tmp_cpsr |= armv4_5_number_to_mode(i);
1756 tmp_cpsr |= 0xc0; /* I/F bits */
1757
1758 /* send CPSR for desired mode */
1759 xscale_send_u32(target, tmp_cpsr);
1760
1761 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1762 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1763 {
1764 xscale_receive(target, buffer, 8);
1765 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1766 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1767 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1768 }
1769 else
1770 {
1771 xscale_receive(target, buffer, 7);
1772 }
1773
1774 /* move data from buffer to register cache */
1775 for (j = 8; j <= 14; j++)
1776 {
1777 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value, 0, 32, buffer[j - 8]);
1778 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1779 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1780 }
1781 }
1782 }
1783
1784 free(buffer);
1785
1786 return ERROR_OK;
1787 }
1788
1789 static int xscale_restore_context(target_t *target)
1790 {
1791 armv4_5_common_t *armv4_5 = target->arch_info;
1792
1793 int i, j;
1794
1795 if (target->state != TARGET_HALTED)
1796 {
1797 LOG_WARNING("target not halted");
1798 return ERROR_TARGET_NOT_HALTED;
1799 }
1800
1801 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1802 * we can't enter User mode on an XScale (unpredictable),
1803 * but User shares registers with SYS
1804 */
1805 for (i = 1; i < 7; i++)
1806 {
1807 int dirty = 0;
1808
1809 /* check if there are invalid registers in the current mode
1810 */
1811 for (j = 8; j <= 14; j++)
1812 {
1813 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty == 1)
1814 dirty = 1;
1815 }
1816
1817 /* if not USR/SYS, check if the SPSR needs to be written */
1818 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1819 {
1820 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty == 1)
1821 dirty = 1;
1822 }
1823
1824 if (dirty)
1825 {
1826 uint32_t tmp_cpsr;
1827
1828 /* send banked registers */
1829 xscale_send_u32(target, 0x1);
1830
1831 tmp_cpsr = 0x0;
1832 tmp_cpsr |= armv4_5_number_to_mode(i);
1833 tmp_cpsr |= 0xc0; /* I/F bits */
1834
1835 /* send CPSR for desired mode */
1836 xscale_send_u32(target, tmp_cpsr);
1837
1838 /* send banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1839 for (j = 8; j <= 14; j++)
1840 {
1841 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, j).value, 0, 32));
1842 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1843 }
1844
1845 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1846 {
1847 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32));
1848 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1849 }
1850 }
1851 }
1852
1853 return ERROR_OK;
1854 }
1855
1856 static int xscale_read_memory(struct target_s *target, uint32_t address,
1857 uint32_t size, uint32_t count, uint8_t *buffer)
1858 {
1859 armv4_5_common_t *armv4_5 = target->arch_info;
1860 xscale_common_t *xscale = armv4_5->arch_info;
1861 uint32_t *buf32;
1862 uint32_t i;
1863 int retval;
1864
1865 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32, address, size, count);
1866
1867 if (target->state != TARGET_HALTED)
1868 {
1869 LOG_WARNING("target not halted");
1870 return ERROR_TARGET_NOT_HALTED;
1871 }
1872
1873 /* sanitize arguments */
1874 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1875 return ERROR_INVALID_ARGUMENTS;
1876
1877 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1878 return ERROR_TARGET_UNALIGNED_ACCESS;
1879
1880 /* send memory read request (command 0x1n, n: access size) */
1881 if ((retval = xscale_send_u32(target, 0x10 | size)) != ERROR_OK)
1882 return retval;
1883
1884 /* send base address for read request */
1885 if ((retval = xscale_send_u32(target, address)) != ERROR_OK)
1886 return retval;
1887
1888 /* send number of requested data words */
1889 if ((retval = xscale_send_u32(target, count)) != ERROR_OK)
1890 return retval;
1891
1892 /* receive data from target (count times 32-bit words in host endianness) */
1893 buf32 = malloc(4 * count);
1894 if ((retval = xscale_receive(target, buf32, count)) != ERROR_OK)
1895 return retval;
1896
1897 /* extract data from host-endian buffer into byte stream */
1898 for (i = 0; i < count; i++)
1899 {
1900 switch (size)
1901 {
1902 case 4:
1903 target_buffer_set_u32(target, buffer, buf32[i]);
1904 buffer += 4;
1905 break;
1906 case 2:
1907 target_buffer_set_u16(target, buffer, buf32[i] & 0xffff);
1908 buffer += 2;
1909 break;
1910 case 1:
1911 *buffer++ = buf32[i] & 0xff;
1912 break;
1913 default:
1914 LOG_ERROR("should never get here");
1915 exit(-1);
1916 }
1917 }
1918
1919 free(buf32);
1920
1921 /* examine DCSR, to see if Sticky Abort (SA) got set */
1922 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
1923 return retval;
1924 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
1925 {
1926 /* clear SA bit */
1927 if ((retval = xscale_send_u32(target, 0x60)) != ERROR_OK)
1928 return retval;
1929
1930 return ERROR_TARGET_DATA_ABORT;
1931 }
1932
1933 return ERROR_OK;
1934 }
1935
1936 static int xscale_write_memory(struct target_s *target, uint32_t address,
1937 uint32_t size, uint32_t count, uint8_t *buffer)
1938 {
1939 armv4_5_common_t *armv4_5 = target->arch_info;
1940 xscale_common_t *xscale = armv4_5->arch_info;
1941 int retval;
1942
1943 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32, address, size, count);
1944
1945 if (target->state != TARGET_HALTED)
1946 {
1947 LOG_WARNING("target not halted");
1948 return ERROR_TARGET_NOT_HALTED;
1949 }
1950
1951 /* sanitize arguments */
1952 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1953 return ERROR_INVALID_ARGUMENTS;
1954
1955 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1956 return ERROR_TARGET_UNALIGNED_ACCESS;
1957
1958 /* send memory write request (command 0x2n, n: access size) */
1959 if ((retval = xscale_send_u32(target, 0x20 | size)) != ERROR_OK)
1960 return retval;
1961
1962 /* send base address for read request */
1963 if ((retval = xscale_send_u32(target, address)) != ERROR_OK)
1964 return retval;
1965
1966 /* send number of requested data words to be written*/
1967 if ((retval = xscale_send_u32(target, count)) != ERROR_OK)
1968 return retval;
1969
1970 /* extract data from host-endian buffer into byte stream */
1971 #if 0
1972 for (i = 0; i < count; i++)
1973 {
1974 switch (size)
1975 {
1976 case 4:
1977 value = target_buffer_get_u32(target, buffer);
1978 xscale_send_u32(target, value);
1979 buffer += 4;
1980 break;
1981 case 2:
1982 value = target_buffer_get_u16(target, buffer);
1983 xscale_send_u32(target, value);
1984 buffer += 2;
1985 break;
1986 case 1:
1987 value = *buffer;
1988 xscale_send_u32(target, value);
1989 buffer += 1;
1990 break;
1991 default:
1992 LOG_ERROR("should never get here");
1993 exit(-1);
1994 }
1995 }
1996 #endif
1997 if ((retval = xscale_send(target, buffer, count, size)) != ERROR_OK)
1998 return retval;
1999
2000 /* examine DCSR, to see if Sticky Abort (SA) got set */
2001 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
2002 return retval;
2003 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
2004 {
2005 /* clear SA bit */
2006 if ((retval = xscale_send_u32(target, 0x60)) != ERROR_OK)
2007 return retval;
2008
2009 return ERROR_TARGET_DATA_ABORT;
2010 }
2011
2012 return ERROR_OK;
2013 }
2014
2015 static int xscale_bulk_write_memory(target_t *target, uint32_t address,
2016 uint32_t count, uint8_t *buffer)
2017 {
2018 return xscale_write_memory(target, address, 4, count, buffer);
2019 }
2020
2021 static uint32_t xscale_get_ttb(target_t *target)
2022 {
2023 armv4_5_common_t *armv4_5 = target->arch_info;
2024 xscale_common_t *xscale = armv4_5->arch_info;
2025 uint32_t ttb;
2026
2027 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_TTB]);
2028 ttb = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_TTB].value, 0, 32);
2029
2030 return ttb;
2031 }
2032
2033 static void xscale_disable_mmu_caches(target_t *target, int mmu,
2034 int d_u_cache, int i_cache)
2035 {
2036 armv4_5_common_t *armv4_5 = target->arch_info;
2037 xscale_common_t *xscale = armv4_5->arch_info;
2038 uint32_t cp15_control;
2039
2040 /* read cp15 control register */
2041 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2042 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2043
2044 if (mmu)
2045 cp15_control &= ~0x1U;
2046
2047 if (d_u_cache)
2048 {
2049 /* clean DCache */
2050 xscale_send_u32(target, 0x50);
2051 xscale_send_u32(target, xscale->cache_clean_address);
2052
2053 /* invalidate DCache */
2054 xscale_send_u32(target, 0x51);
2055
2056 cp15_control &= ~0x4U;
2057 }
2058
2059 if (i_cache)
2060 {
2061 /* invalidate ICache */
2062 xscale_send_u32(target, 0x52);
2063 cp15_control &= ~0x1000U;
2064 }
2065
2066 /* write new cp15 control register */
2067 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2068
2069 /* execute cpwait to ensure outstanding operations complete */
2070 xscale_send_u32(target, 0x53);
2071 }
2072
2073 static void xscale_enable_mmu_caches(target_t *target, int mmu,
2074 int d_u_cache, int i_cache)
2075 {
2076 armv4_5_common_t *armv4_5 = target->arch_info;
2077 xscale_common_t *xscale = armv4_5->arch_info;
2078 uint32_t cp15_control;
2079
2080 /* read cp15 control register */
2081 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2082 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2083
2084 if (mmu)
2085 cp15_control |= 0x1U;
2086
2087 if (d_u_cache)
2088 cp15_control |= 0x4U;
2089
2090 if (i_cache)
2091 cp15_control |= 0x1000U;
2092
2093 /* write new cp15 control register */
2094 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2095
2096 /* execute cpwait to ensure outstanding operations complete */
2097 xscale_send_u32(target, 0x53);
2098 }
2099
2100 static int xscale_set_breakpoint(struct target_s *target,
2101 breakpoint_t *breakpoint)
2102 {
2103 int retval;
2104 armv4_5_common_t *armv4_5 = target->arch_info;
2105 xscale_common_t *xscale = armv4_5->arch_info;
2106
2107 if (target->state != TARGET_HALTED)
2108 {
2109 LOG_WARNING("target not halted");
2110 return ERROR_TARGET_NOT_HALTED;
2111 }
2112
2113 if (breakpoint->set)
2114 {
2115 LOG_WARNING("breakpoint already set");
2116 return ERROR_OK;
2117 }
2118
2119 if (breakpoint->type == BKPT_HARD)
2120 {
2121 uint32_t value = breakpoint->address | 1;
2122 if (!xscale->ibcr0_used)
2123 {
2124 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], value);
2125 xscale->ibcr0_used = 1;
2126 breakpoint->set = 1; /* breakpoint set on first breakpoint register */
2127 }
2128 else if (!xscale->ibcr1_used)
2129 {
2130 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], value);
2131 xscale->ibcr1_used = 1;
2132 breakpoint->set = 2; /* breakpoint set on second breakpoint register */
2133 }
2134 else
2135 {
2136 LOG_ERROR("BUG: no hardware comparator available");
2137 return ERROR_OK;
2138 }
2139 }
2140 else if (breakpoint->type == BKPT_SOFT)
2141 {
2142 if (breakpoint->length == 4)
2143 {
2144 /* keep the original instruction in target endianness */
2145 if ((retval = target_read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2146 {
2147 return retval;
2148 }
2149 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2150 if ((retval = target_write_u32(target, breakpoint->address, xscale->arm_bkpt)) != ERROR_OK)
2151 {
2152 return retval;
2153 }
2154 }
2155 else
2156 {
2157 /* keep the original instruction in target endianness */
2158 if ((retval = target_read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2159 {
2160 return retval;
2161 }
2162 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2163 if ((retval = target_write_u32(target, breakpoint->address, xscale->thumb_bkpt)) != ERROR_OK)
2164 {
2165 return retval;
2166 }
2167 }
2168 breakpoint->set = 1;
2169 }
2170
2171 return ERROR_OK;
2172 }
2173
2174 static int xscale_add_breakpoint(struct target_s *target,
2175 breakpoint_t *breakpoint)
2176 {
2177 armv4_5_common_t *armv4_5 = target->arch_info;
2178 xscale_common_t *xscale = armv4_5->arch_info;
2179
2180 if (target->state != TARGET_HALTED)
2181 {
2182 LOG_WARNING("target not halted");
2183 return ERROR_TARGET_NOT_HALTED;
2184 }
2185
2186 if ((breakpoint->type == BKPT_HARD) && (xscale->ibcr_available < 1))
2187 {
2188 LOG_INFO("no breakpoint unit available for hardware breakpoint");
2189 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2190 }
2191
2192 if ((breakpoint->length != 2) && (breakpoint->length != 4))
2193 {
2194 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
2195 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2196 }
2197
2198 if (breakpoint->type == BKPT_HARD)
2199 {
2200 xscale->ibcr_available--;
2201 }
2202
2203 return ERROR_OK;
2204 }
2205
2206 static int xscale_unset_breakpoint(struct target_s *target,
2207 breakpoint_t *breakpoint)
2208 {
2209 int retval;
2210 armv4_5_common_t *armv4_5 = target->arch_info;
2211 xscale_common_t *xscale = armv4_5->arch_info;
2212
2213 if (target->state != TARGET_HALTED)
2214 {
2215 LOG_WARNING("target not halted");
2216 return ERROR_TARGET_NOT_HALTED;
2217 }
2218
2219 if (!breakpoint->set)
2220 {
2221 LOG_WARNING("breakpoint not set");
2222 return ERROR_OK;
2223 }
2224
2225 if (breakpoint->type == BKPT_HARD)
2226 {
2227 if (breakpoint->set == 1)
2228 {
2229 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], 0x0);
2230 xscale->ibcr0_used = 0;
2231 }
2232 else if (breakpoint->set == 2)
2233 {
2234 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], 0x0);
2235 xscale->ibcr1_used = 0;
2236 }
2237 breakpoint->set = 0;
2238 }
2239 else
2240 {
2241 /* restore original instruction (kept in target endianness) */
2242 if (breakpoint->length == 4)
2243 {
2244 if ((retval = target_write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2245 {
2246 return retval;
2247 }
2248 }
2249 else
2250 {
2251 if ((retval = target_write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2252 {
2253 return retval;
2254 }
2255 }
2256 breakpoint->set = 0;
2257 }
2258
2259 return ERROR_OK;
2260 }
2261
2262 static int xscale_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2263 {
2264 armv4_5_common_t *armv4_5 = target->arch_info;
2265 xscale_common_t *xscale = armv4_5->arch_info;
2266
2267 if (target->state != TARGET_HALTED)
2268 {
2269 LOG_WARNING("target not halted");
2270 return ERROR_TARGET_NOT_HALTED;
2271 }
2272
2273 if (breakpoint->set)
2274 {
2275 xscale_unset_breakpoint(target, breakpoint);
2276 }
2277
2278 if (breakpoint->type == BKPT_HARD)
2279 xscale->ibcr_available++;
2280
2281 return ERROR_OK;
2282 }
2283
2284 static int xscale_set_watchpoint(struct target_s *target,
2285 watchpoint_t *watchpoint)
2286 {
2287 armv4_5_common_t *armv4_5 = target->arch_info;
2288 xscale_common_t *xscale = armv4_5->arch_info;
2289 uint8_t enable = 0;
2290 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2291 uint32_t dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2292
2293 if (target->state != TARGET_HALTED)
2294 {
2295 LOG_WARNING("target not halted");
2296 return ERROR_TARGET_NOT_HALTED;
2297 }
2298
2299 xscale_get_reg(dbcon);
2300
2301 switch (watchpoint->rw)
2302 {
2303 case WPT_READ:
2304 enable = 0x3;
2305 break;
2306 case WPT_ACCESS:
2307 enable = 0x2;
2308 break;
2309 case WPT_WRITE:
2310 enable = 0x1;
2311 break;
2312 default:
2313 LOG_ERROR("BUG: watchpoint->rw neither read, write nor access");
2314 }
2315
2316 if (!xscale->dbr0_used)
2317 {
2318 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR0], watchpoint->address);
2319 dbcon_value |= enable;
2320 xscale_set_reg_u32(dbcon, dbcon_value);
2321 watchpoint->set = 1;
2322 xscale->dbr0_used = 1;
2323 }
2324 else if (!xscale->dbr1_used)
2325 {
2326 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR1], watchpoint->address);
2327 dbcon_value |= enable << 2;
2328 xscale_set_reg_u32(dbcon, dbcon_value);
2329 watchpoint->set = 2;
2330 xscale->dbr1_used = 1;
2331 }
2332 else
2333 {
2334 LOG_ERROR("BUG: no hardware comparator available");
2335 return ERROR_OK;
2336 }
2337
2338 return ERROR_OK;
2339 }
2340
2341 static int xscale_add_watchpoint(struct target_s *target,
2342 watchpoint_t *watchpoint)
2343 {
2344 armv4_5_common_t *armv4_5 = target->arch_info;
2345 xscale_common_t *xscale = armv4_5->arch_info;
2346
2347 if (target->state != TARGET_HALTED)
2348 {
2349 LOG_WARNING("target not halted");
2350 return ERROR_TARGET_NOT_HALTED;
2351 }
2352
2353 if (xscale->dbr_available < 1)
2354 {
2355 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2356 }
2357
2358 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
2359 {
2360 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2361 }
2362
2363 xscale->dbr_available--;
2364
2365 return ERROR_OK;
2366 }
2367
2368 static int xscale_unset_watchpoint(struct target_s *target,
2369 watchpoint_t *watchpoint)
2370 {
2371 armv4_5_common_t *armv4_5 = target->arch_info;
2372 xscale_common_t *xscale = armv4_5->arch_info;
2373 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2374 uint32_t dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2375
2376 if (target->state != TARGET_HALTED)
2377 {
2378 LOG_WARNING("target not halted");
2379 return ERROR_TARGET_NOT_HALTED;
2380 }
2381
2382 if (!watchpoint->set)
2383 {
2384 LOG_WARNING("breakpoint not set");
2385 return ERROR_OK;
2386 }
2387
2388 if (watchpoint->set == 1)
2389 {
2390 dbcon_value &= ~0x3;
2391 xscale_set_reg_u32(dbcon, dbcon_value);
2392 xscale->dbr0_used = 0;
2393 }
2394 else if (watchpoint->set == 2)
2395 {
2396 dbcon_value &= ~0xc;
2397 xscale_set_reg_u32(dbcon, dbcon_value);
2398 xscale->dbr1_used = 0;
2399 }
2400 watchpoint->set = 0;
2401
2402 return ERROR_OK;
2403 }
2404
2405 static int xscale_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2406 {
2407 armv4_5_common_t *armv4_5 = target->arch_info;
2408 xscale_common_t *xscale = armv4_5->arch_info;
2409
2410 if (target->state != TARGET_HALTED)
2411 {
2412 LOG_WARNING("target not halted");
2413 return ERROR_TARGET_NOT_HALTED;
2414 }
2415
2416 if (watchpoint->set)
2417 {
2418 xscale_unset_watchpoint(target, watchpoint);
2419 }
2420
2421 xscale->dbr_available++;
2422
2423 return ERROR_OK;
2424 }
2425
2426 static int xscale_get_reg(reg_t *reg)
2427 {
2428 xscale_reg_t *arch_info = reg->arch_info;
2429 target_t *target = arch_info->target;
2430 armv4_5_common_t *armv4_5 = target->arch_info;
2431 xscale_common_t *xscale = armv4_5->arch_info;
2432
2433 /* DCSR, TX and RX are accessible via JTAG */
2434 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2435 {
2436 return xscale_read_dcsr(arch_info->target);
2437 }
2438 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2439 {
2440 /* 1 = consume register content */
2441 return xscale_read_tx(arch_info->target, 1);
2442 }
2443 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2444 {
2445 /* can't read from RX register (host -> debug handler) */
2446 return ERROR_OK;
2447 }
2448 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2449 {
2450 /* can't (explicitly) read from TXRXCTRL register */
2451 return ERROR_OK;
2452 }
2453 else /* Other DBG registers have to be transfered by the debug handler */
2454 {
2455 /* send CP read request (command 0x40) */
2456 xscale_send_u32(target, 0x40);
2457
2458 /* send CP register number */
2459 xscale_send_u32(target, arch_info->dbg_handler_number);
2460
2461 /* read register value */
2462 xscale_read_tx(target, 1);
2463 buf_cpy(xscale->reg_cache->reg_list[XSCALE_TX].value, reg->value, 32);
2464
2465 reg->dirty = 0;
2466 reg->valid = 1;
2467 }
2468
2469 return ERROR_OK;
2470 }
2471
2472 static int xscale_set_reg(reg_t *reg, uint8_t* buf)
2473 {
2474 xscale_reg_t *arch_info = reg->arch_info;
2475 target_t *target = arch_info->target;
2476 armv4_5_common_t *armv4_5 = target->arch_info;
2477 xscale_common_t *xscale = armv4_5->arch_info;
2478 uint32_t value = buf_get_u32(buf, 0, 32);
2479
2480 /* DCSR, TX and RX are accessible via JTAG */
2481 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2482 {
2483 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32, value);
2484 return xscale_write_dcsr(arch_info->target, -1, -1);
2485 }
2486 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2487 {
2488 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
2489 return xscale_write_rx(arch_info->target);
2490 }
2491 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2492 {
2493 /* can't write to TX register (debug-handler -> host) */
2494 return ERROR_OK;
2495 }
2496 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2497 {
2498 /* can't (explicitly) write to TXRXCTRL register */
2499 return ERROR_OK;
2500 }
2501 else /* Other DBG registers have to be transfered by the debug handler */
2502 {
2503 /* send CP write request (command 0x41) */
2504 xscale_send_u32(target, 0x41);
2505
2506 /* send CP register number */
2507 xscale_send_u32(target, arch_info->dbg_handler_number);
2508
2509 /* send CP register value */
2510 xscale_send_u32(target, value);
2511 buf_set_u32(reg->value, 0, 32, value);
2512 }
2513
2514 return ERROR_OK;
2515 }
2516
2517 static int xscale_write_dcsr_sw(target_t *target, uint32_t value)
2518 {
2519 /* get pointers to arch-specific information */
2520 armv4_5_common_t *armv4_5 = target->arch_info;
2521 xscale_common_t *xscale = armv4_5->arch_info;
2522 reg_t *dcsr = &xscale->reg_cache->reg_list[XSCALE_DCSR];
2523 xscale_reg_t *dcsr_arch_info = dcsr->arch_info;
2524
2525 /* send CP write request (command 0x41) */
2526 xscale_send_u32(target, 0x41);
2527
2528 /* send CP register number */
2529 xscale_send_u32(target, dcsr_arch_info->dbg_handler_number);
2530
2531 /* send CP register value */
2532 xscale_send_u32(target, value);
2533 buf_set_u32(dcsr->value, 0, 32, value);
2534
2535 return ERROR_OK;
2536 }
2537
2538 static int xscale_read_trace(target_t *target)
2539 {
2540 /* get pointers to arch-specific information */
2541 armv4_5_common_t *armv4_5 = target->arch_info;
2542 xscale_common_t *xscale = armv4_5->arch_info;
2543 xscale_trace_data_t **trace_data_p;
2544
2545 /* 258 words from debug handler
2546 * 256 trace buffer entries
2547 * 2 checkpoint addresses
2548 */
2549 uint32_t trace_buffer[258];
2550 int is_address[256];
2551 int i, j;
2552
2553 if (target->state != TARGET_HALTED)
2554 {
2555 LOG_WARNING("target must be stopped to read trace data");
2556 return ERROR_TARGET_NOT_HALTED;
2557 }
2558
2559 /* send read trace buffer command (command 0x61) */
2560 xscale_send_u32(target, 0x61);
2561
2562 /* receive trace buffer content */
2563 xscale_receive(target, trace_buffer, 258);
2564
2565 /* parse buffer backwards to identify address entries */
2566 for (i = 255; i >= 0; i--)
2567 {
2568 is_address[i] = 0;
2569 if (((trace_buffer[i] & 0xf0) == 0x90) ||
2570 ((trace_buffer[i] & 0xf0) == 0xd0))
2571 {
2572 if (i >= 3)
2573 is_address[--i] = 1;
2574 if (i >= 2)
2575 is_address[--i] = 1;
2576 if (i >= 1)
2577 is_address[--i] = 1;
2578 if (i >= 0)
2579 is_address[--i] = 1;
2580 }
2581 }
2582
2583
2584 /* search first non-zero entry */
2585 for (j = 0; (j < 256) && (trace_buffer[j] == 0) && (!is_address[j]); j++)
2586 ;
2587
2588 if (j == 256)
2589 {
2590 LOG_DEBUG("no trace data collected");
2591 return ERROR_XSCALE_NO_TRACE_DATA;
2592 }
2593
2594 for (trace_data_p = &xscale->trace.data; *trace_data_p; trace_data_p = &(*trace_data_p)->next)
2595 ;
2596
2597 *trace_data_p = malloc(sizeof(xscale_trace_data_t));
2598 (*trace_data_p)->next = NULL;
2599 (*trace_data_p)->chkpt0 = trace_buffer[256];
2600 (*trace_data_p)->chkpt1 = trace_buffer[257];
2601 (*trace_data_p)->last_instruction = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2602 (*trace_data_p)->entries = malloc(sizeof(xscale_trace_entry_t) * (256 - j));
2603 (*trace_data_p)->depth = 256 - j;
2604
2605 for (i = j; i < 256; i++)
2606 {
2607 (*trace_data_p)->entries[i - j].data = trace_buffer[i];
2608 if (is_address[i])
2609 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_ADDRESS;
2610 else
2611 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_MESSAGE;
2612 }
2613
2614 return ERROR_OK;
2615 }
2616
2617 static int xscale_read_instruction(target_t *target,
2618 arm_instruction_t *instruction)
2619 {
2620 /* get pointers to arch-specific information */
2621 armv4_5_common_t *armv4_5 = target->arch_info;
2622 xscale_common_t *xscale = armv4_5->arch_info;
2623 int i;
2624 int section = -1;
2625 uint32_t size_read;
2626 uint32_t opcode;
2627 int retval;
2628
2629 if (!xscale->trace.image)
2630 return ERROR_TRACE_IMAGE_UNAVAILABLE;
2631
2632 /* search for the section the current instruction belongs to */
2633 for (i = 0; i < xscale->trace.image->num_sections; i++)
2634 {
2635 if ((xscale->trace.image->sections[i].base_address <= xscale->trace.current_pc) &&
2636 (xscale->trace.image->sections[i].base_address + xscale->trace.image->sections[i].size > xscale->trace.current_pc))
2637 {
2638 section = i;
2639 break;
2640 }
2641 }
2642
2643 if (section == -1)
2644 {
2645 /* current instruction couldn't be found in the image */
2646 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2647 }
2648
2649 if (xscale->trace.core_state == ARMV4_5_STATE_ARM)
2650 {
2651 uint8_t buf[4];
2652 if ((retval = image_read_section(xscale->trace.image, section,
2653 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2654 4, buf, &size_read)) != ERROR_OK)
2655 {
2656 LOG_ERROR("error while reading instruction: %i", retval);
2657 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2658 }
2659 opcode = target_buffer_get_u32(target, buf);
2660 arm_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2661 }
2662 else if (xscale->trace.core_state == ARMV4_5_STATE_THUMB)
2663 {
2664 uint8_t buf[2];
2665 if ((retval = image_read_section(xscale->trace.image, section,
2666 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2667 2, buf, &size_read)) != ERROR_OK)
2668 {
2669 LOG_ERROR("error while reading instruction: %i", retval);
2670 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2671 }
2672 opcode = target_buffer_get_u16(target, buf);
2673 thumb_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2674 }
2675 else
2676 {
2677 LOG_ERROR("BUG: unknown core state encountered");
2678 exit(-1);
2679 }
2680
2681 return ERROR_OK;
2682 }
2683
2684 static int xscale_branch_address(xscale_trace_data_t *trace_data,
2685 int i, uint32_t *target)
2686 {
2687 /* if there are less than four entries prior to the indirect branch message
2688 * we can't extract the address */
2689 if (i < 4)
2690 {
2691 return -1;
2692 }
2693
2694 *target = (trace_data->entries[i-1].data) | (trace_data->entries[i-2].data << 8) |
2695 (trace_data->entries[i-3].data << 16) | (trace_data->entries[i-4].data << 24);
2696
2697 return 0;
2698 }
2699
2700 static int xscale_analyze_trace(target_t *target, command_context_t *cmd_ctx)
2701 {
2702 /* get pointers to arch-specific information */
2703 armv4_5_common_t *armv4_5 = target->arch_info;
2704 xscale_common_t *xscale = armv4_5->arch_info;
2705 int next_pc_ok = 0;
2706 uint32_t next_pc = 0x0;
2707 xscale_trace_data_t *trace_data = xscale->trace.data;
2708 int retval;
2709
2710 while (trace_data)
2711 {
2712 int i, chkpt;
2713 int rollover;
2714 int branch;
2715 int exception;
2716 xscale->trace.core_state = ARMV4_5_STATE_ARM;
2717
2718 chkpt = 0;
2719 rollover = 0;
2720
2721 for (i = 0; i < trace_data->depth; i++)
2722 {
2723 next_pc_ok = 0;
2724 branch = 0;
2725 exception = 0;
2726
2727 if (trace_data->entries[i].type == XSCALE_TRACE_ADDRESS)
2728 continue;
2729
2730 switch ((trace_data->entries[i].data & 0xf0) >> 4)
2731 {
2732 case 0: /* Exceptions */
2733 case 1:
2734 case 2:
2735 case 3:
2736 case 4:
2737 case 5:
2738 case 6:
2739 case 7:
2740 exception = (trace_data->entries[i].data & 0x70) >> 4;
2741 next_pc_ok = 1;
2742 next_pc = (trace_data->entries[i].data & 0xf0) >> 2;
2743 command_print(cmd_ctx, "--- exception %i ---", (trace_data->entries[i].data & 0xf0) >> 4);
2744 break;
2745 case 8: /* Direct Branch */
2746 branch = 1;
2747 break;
2748 case 9: /* Indirect Branch */
2749 branch = 1;
2750 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2751 {
2752 next_pc_ok = 1;
2753 }
2754 break;
2755 case 13: /* Checkpointed Indirect Branch */
2756 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2757 {
2758 next_pc_ok = 1;
2759 if (((chkpt == 0) && (next_pc != trace_data->chkpt0))
2760 || ((chkpt == 1) && (next_pc != trace_data->chkpt1)))
2761 LOG_WARNING("checkpointed indirect branch target address doesn't match checkpoint");
2762 }
2763 /* explicit fall-through */
2764 case 12: /* Checkpointed Direct Branch */
2765 branch = 1;
2766 if (chkpt == 0)
2767 {
2768 next_pc_ok = 1;
2769 next_pc = trace_data->chkpt0;
2770 chkpt++;
2771 }
2772 else if (chkpt == 1)
2773 {
2774 next_pc_ok = 1;
2775 next_pc = trace_data->chkpt0;
2776 chkpt++;
2777 }
2778 else
2779 {
2780 LOG_WARNING("more than two checkpointed branches encountered");
2781 }
2782 break;
2783 case 15: /* Roll-over */
2784 rollover++;
2785 continue;
2786 default: /* Reserved */
2787 command_print(cmd_ctx, "--- reserved trace message ---");
2788 LOG_ERROR("BUG: trace message %i is reserved", (trace_data->entries[i].data & 0xf0) >> 4);
2789 return ERROR_OK;
2790 }
2791
2792 if (xscale->trace.pc_ok)
2793 {
2794 int executed = (trace_data->entries[i].data & 0xf) + rollover * 16;
2795 arm_instruction_t instruction;
2796
2797 if ((exception == 6) || (exception == 7))
2798 {
2799 /* IRQ or FIQ exception, no instruction executed */
2800 executed -= 1;
2801 }
2802
2803 while (executed-- >= 0)
2804 {
2805 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2806 {
2807 /* can't continue tracing with no image available */
2808 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2809 {
2810 return retval;
2811 }
2812 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2813 {
2814 /* TODO: handle incomplete images */
2815 }
2816 }
2817
2818 /* a precise abort on a load to the PC is included in the incremental
2819 * word count, other instructions causing data aborts are not included
2820 */
2821 if ((executed == 0) && (exception == 4)
2822 && ((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDM)))
2823 {
2824 if ((instruction.type == ARM_LDM)
2825 && ((instruction.info.load_store_multiple.register_list & 0x8000) == 0))
2826 {
2827 executed--;
2828 }
2829 else if (((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDRSH))
2830 && (instruction.info.load_store.Rd != 15))
2831 {
2832 executed--;
2833 }
2834 }
2835
2836 /* only the last instruction executed
2837 * (the one that caused the control flow change)
2838 * could be a taken branch
2839 */
2840 if (((executed == -1) && (branch == 1)) &&
2841 (((instruction.type == ARM_B) ||
2842 (instruction.type == ARM_BL) ||
2843 (instruction.type == ARM_BLX)) &&
2844 (instruction.info.b_bl_bx_blx.target_address != 0xffffffff)))
2845 {
2846 xscale->trace.current_pc = instruction.info.b_bl_bx_blx.target_address;
2847 }
2848 else
2849 {
2850 xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2;
2851 }
2852 command_print(cmd_ctx, "%s", instruction.text);
2853 }
2854
2855 rollover = 0;
2856 }
2857
2858 if (next_pc_ok)
2859 {
2860 xscale->trace.current_pc = next_pc;
2861 xscale->trace.pc_ok = 1;
2862 }
2863 }
2864
2865 for (; xscale->trace.current_pc < trace_data->last_instruction; xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2)
2866 {
2867 arm_instruction_t instruction;
2868 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2869 {
2870 /* can't continue tracing with no image available */
2871 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2872 {
2873 return retval;
2874 }
2875 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2876 {
2877 /* TODO: handle incomplete images */
2878 }
2879 }
2880 command_print(cmd_ctx, "%s", instruction.text);
2881 }
2882
2883 trace_data = trace_data->next;
2884 }
2885
2886 return ERROR_OK;
2887 }
2888
2889 static void xscale_build_reg_cache(target_t *target)
2890 {
2891 /* get pointers to arch-specific information */
2892 armv4_5_common_t *armv4_5 = target->arch_info;
2893 xscale_common_t *xscale = armv4_5->arch_info;
2894
2895 reg_cache_t **cache_p = register_get_last_cache_p(&target->reg_cache);
2896 xscale_reg_t *arch_info = malloc(sizeof(xscale_reg_arch_info));
2897 int i;
2898 int num_regs = sizeof(xscale_reg_arch_info) / sizeof(xscale_reg_t);
2899
2900 (*cache_p) = armv4_5_build_reg_cache(target, armv4_5);
2901 armv4_5->core_cache = (*cache_p);
2902
2903 /* register a register arch-type for XScale dbg registers only once */
2904 if (xscale_reg_arch_type == -1)
2905 xscale_reg_arch_type = register_reg_arch_type(xscale_get_reg, xscale_set_reg);
2906
2907 (*cache_p)->next = malloc(sizeof(reg_cache_t));
2908 cache_p = &(*cache_p)->next;
2909
2910 /* fill in values for the xscale reg cache */
2911 (*cache_p)->name = "XScale registers";
2912 (*cache_p)->next = NULL;
2913 (*cache_p)->reg_list = malloc(num_regs * sizeof(reg_t));
2914 (*cache_p)->num_regs = num_regs;
2915
2916 for (i = 0; i < num_regs; i++)
2917 {
2918 (*cache_p)->reg_list[i].name = xscale_reg_list[i];
2919 (*cache_p)->reg_list[i].value = calloc(4, 1);
2920 (*cache_p)->reg_list[i].dirty = 0;
2921 (*cache_p)->reg_list[i].valid = 0;
2922 (*cache_p)->reg_list[i].size = 32;
2923 (*cache_p)->reg_list[i].bitfield_desc = NULL;
2924 (*cache_p)->reg_list[i].num_bitfields = 0;
2925 (*cache_p)->reg_list[i].arch_info = &arch_info[i];
2926 (*cache_p)->reg_list[i].arch_type = xscale_reg_arch_type;
2927 arch_info[i] = xscale_reg_arch_info[i];
2928 arch_info[i].target = target;
2929 }
2930
2931 xscale->reg_cache = (*cache_p);
2932 }
2933
2934 static int xscale_init_target(struct command_context_s *cmd_ctx,
2935 struct target_s *target)
2936 {
2937 xscale_build_reg_cache(target);
2938 return ERROR_OK;
2939 }
2940
2941 static int xscale_quit(void)
2942 {
2943 jtag_add_runtest(100, TAP_RESET);
2944 return ERROR_OK;
2945 }
2946
2947 static int xscale_init_arch_info(target_t *target,
2948 xscale_common_t *xscale, jtag_tap_t *tap, const char *variant)
2949 {
2950 armv4_5_common_t *armv4_5;
2951 uint32_t high_reset_branch, low_reset_branch;
2952 int i;
2953
2954 armv4_5 = &xscale->armv4_5_common;
2955
2956 /* store architecture specfic data (none so far) */
2957 xscale->arch_info = NULL;
2958 xscale->common_magic = XSCALE_COMMON_MAGIC;
2959
2960 /* we don't really *need* variant info ... */
2961 if (variant) {
2962 int ir_length = 0;
2963
2964 if (strcmp(variant, "pxa250") == 0
2965 || strcmp(variant, "pxa255") == 0
2966 || strcmp(variant, "pxa26x") == 0)
2967 ir_length = 5;
2968 else if (strcmp(variant, "pxa27x") == 0
2969 || strcmp(variant, "ixp42x") == 0
2970 || strcmp(variant, "ixp45x") == 0
2971 || strcmp(variant, "ixp46x") == 0)
2972 ir_length = 7;
2973 else
2974 LOG_WARNING("%s: unrecognized variant %s",
2975 tap->dotted_name, variant);
2976
2977 if (ir_length && ir_length != tap->ir_length) {
2978 LOG_WARNING("%s: IR length for %s is %d; fixing",
2979 tap->dotted_name, variant, ir_length);
2980 tap->ir_length = ir_length;
2981 }
2982 }
2983
2984 /* the debug handler isn't installed (and thus not running) at this time */
2985 xscale->handler_installed = 0;
2986 xscale->handler_running = 0;
2987 xscale->handler_address = 0xfe000800;
2988
2989 /* clear the vectors we keep locally for reference */
2990 memset(xscale->low_vectors, 0, sizeof(xscale->low_vectors));
2991 memset(xscale->high_vectors, 0, sizeof(xscale->high_vectors));
2992
2993 /* no user-specified vectors have been configured yet */
2994 xscale->static_low_vectors_set = 0x0;
2995 xscale->static_high_vectors_set = 0x0;
2996
2997 /* calculate branches to debug handler */
2998 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
2999 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
3000
3001 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
3002 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
3003
3004 for (i = 1; i <= 7; i++)
3005 {
3006 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3007 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
3008 }
3009
3010 /* 64kB aligned region used for DCache cleaning */
3011 xscale->cache_clean_address = 0xfffe0000;
3012
3013 xscale->hold_rst = 0;
3014 xscale->external_debug_break = 0;
3015
3016 xscale->ibcr_available = 2;
3017 xscale->ibcr0_used = 0;
3018 xscale->ibcr1_used = 0;
3019
3020 xscale->dbr_available = 2;
3021 xscale->dbr0_used = 0;
3022 xscale->dbr1_used = 0;
3023
3024 xscale->arm_bkpt = ARMV5_BKPT(0x0);
3025 xscale->thumb_bkpt = ARMV5_T_BKPT(0x0) & 0xffff;
3026
3027 xscale->vector_catch = 0x1;
3028
3029 xscale->trace.capture_status = TRACE_IDLE;
3030 xscale->trace.data = NULL;
3031 xscale->trace.image = NULL;
3032 xscale->trace.buffer_enabled = 0;
3033 xscale->trace.buffer_fill = 0;
3034
3035 /* prepare ARMv4/5 specific information */
3036 armv4_5->arch_info = xscale;
3037 armv4_5->read_core_reg = xscale_read_core_reg;
3038 armv4_5->write_core_reg = xscale_write_core_reg;
3039 armv4_5->full_context = xscale_full_context;
3040
3041 armv4_5_init_arch_info(target, armv4_5);
3042
3043 xscale->armv4_5_mmu.armv4_5_cache.ctype = -1;
3044 xscale->armv4_5_mmu.get_ttb = xscale_get_ttb;
3045 xscale->armv4_5_mmu.read_memory = xscale_read_memory;
3046 xscale->armv4_5_mmu.write_memory = xscale_write_memory;
3047 xscale->armv4_5_mmu.disable_mmu_caches = xscale_disable_mmu_caches;
3048 xscale->armv4_5_mmu.enable_mmu_caches = xscale_enable_mmu_caches;
3049 xscale->armv4_5_mmu.has_tiny_pages = 1;
3050 xscale->armv4_5_mmu.mmu_enabled = 0;
3051
3052 return ERROR_OK;
3053 }
3054
3055 static int xscale_target_create(struct target_s *target, Jim_Interp *interp)
3056 {
3057 xscale_common_t *xscale;
3058
3059 xscale = calloc(1, sizeof(*xscale));
3060 if (!xscale)
3061 return ERROR_FAIL;
3062
3063 return xscale_init_arch_info(target, xscale, target->tap,
3064 target->variant);
3065 }
3066
3067 static int
3068 xscale_handle_debug_handler_command(struct command_context_s *cmd_ctx,
3069 char *cmd, char **args, int argc)
3070 {
3071 target_t *target = NULL;
3072 armv4_5_common_t *armv4_5;
3073 xscale_common_t *xscale;
3074
3075 uint32_t handler_address;
3076
3077 if (argc < 2)
3078 {
3079 LOG_ERROR("'xscale debug_handler <target#> <address>' command takes two required operands");
3080 return ERROR_OK;
3081 }
3082
3083 if ((target = get_target(args[0])) == NULL)
3084 {
3085 LOG_ERROR("target '%s' not defined", args[0]);
3086 return ERROR_FAIL;
3087 }
3088
3089 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3090 {
3091 return ERROR_FAIL;
3092 }
3093
3094 handler_address = strtoul(args[1], NULL, 0);
3095
3096 if (((handler_address >= 0x800) && (handler_address <= 0x1fef800)) ||
3097 ((handler_address >= 0xfe000800) && (handler_address <= 0xfffff800)))
3098 {
3099 xscale->handler_address = handler_address;
3100 }
3101 else
3102 {
3103 LOG_ERROR("xscale debug_handler <address> must be between 0x800 and 0x1fef800 or between 0xfe000800 and 0xfffff800");
3104 return ERROR_FAIL;
3105 }
3106
3107 return ERROR_OK;
3108 }
3109
3110 static int
3111 xscale_handle_cache_clean_address_command(struct command_context_s *cmd_ctx,
3112 char *cmd, char **args, int argc)
3113 {
3114 target_t *target = NULL;
3115 armv4_5_common_t *armv4_5;
3116 xscale_common_t *xscale;
3117
3118 uint32_t cache_clean_address;
3119
3120 if (argc < 2)
3121 {
3122 return ERROR_COMMAND_SYNTAX_ERROR;
3123 }
3124
3125 target = get_target(args[0]);
3126 if (target == NULL)
3127 {
3128 LOG_ERROR("target '%s' not defined", args[0]);
3129 return ERROR_FAIL;
3130 }
3131
3132 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3133 {
3134 return ERROR_FAIL;
3135 }
3136
3137 cache_clean_address = strtoul(args[1], NULL, 0);
3138
3139 if (cache_clean_address & 0xffff)
3140 {
3141 LOG_ERROR("xscale cache_clean_address <address> must be 64kb aligned");
3142 }
3143 else
3144 {
3145 xscale->cache_clean_address = cache_clean_address;
3146 }
3147
3148 return ERROR_OK;
3149 }
3150
3151 static int
3152 xscale_handle_cache_info_command(struct command_context_s *cmd_ctx,
3153 char *cmd, char **args, int argc)
3154 {
3155 target_t *target = get_current_target(cmd_ctx);
3156 armv4_5_common_t *armv4_5;
3157 xscale_common_t *xscale;
3158
3159 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3160 {
3161 return ERROR_OK;
3162 }
3163
3164 return armv4_5_handle_cache_info_command(cmd_ctx, &xscale->armv4_5_mmu.armv4_5_cache);
3165 }
3166
3167 static int xscale_virt2phys(struct target_s *target,
3168 uint32_t virtual, uint32_t *physical)
3169 {
3170 armv4_5_common_t *armv4_5;
3171 xscale_common_t *xscale;
3172 int retval;
3173 int type;
3174 uint32_t cb;
3175 int domain;
3176 uint32_t ap;
3177
3178 if ((retval = xscale_get_arch_pointers(target, &armv4_5, &xscale)) != ERROR_OK)
3179 {
3180 return retval;
3181 }
3182 uint32_t ret = armv4_5_mmu_translate_va(target, &xscale->armv4_5_mmu, virtual, &type, &cb, &domain, &ap);
3183 if (type == -1)
3184 {
3185 return ret;
3186 }
3187 *physical = ret;
3188 return ERROR_OK;
3189 }
3190
3191 static int xscale_mmu(struct target_s *target, int *enabled)
3192 {
3193 armv4_5_common_t *armv4_5 = target->arch_info;
3194 xscale_common_t *xscale = armv4_5->arch_info;
3195
3196 if (target->state != TARGET_HALTED)
3197 {
3198 LOG_ERROR("Target not halted");
3199 return ERROR_TARGET_INVALID;
3200 }
3201 *enabled = xscale->armv4_5_mmu.mmu_enabled;
3202 return ERROR_OK;
3203 }
3204
3205 static int xscale_handle_mmu_command(command_context_t *cmd_ctx,
3206 char *cmd, char **args, int argc)
3207 {
3208 target_t *target = get_current_target(cmd_ctx);
3209 armv4_5_common_t *armv4_5;
3210 xscale_common_t *xscale;
3211
3212 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3213 {
3214 return ERROR_OK;
3215 }
3216
3217 if (target->state != TARGET_HALTED)
3218 {
3219 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3220 return ERROR_OK;
3221 }
3222
3223 if (argc >= 1)
3224 {
3225 if (strcmp("enable", args[0]) == 0)
3226 {
3227 xscale_enable_mmu_caches(target, 1, 0, 0);
3228 xscale->armv4_5_mmu.mmu_enabled = 1;
3229 }
3230 else if (strcmp("disable", args[0]) == 0)
3231 {
3232 xscale_disable_mmu_caches(target, 1, 0, 0);
3233 xscale->armv4_5_mmu.mmu_enabled = 0;
3234 }
3235 }
3236
3237 command_print(cmd_ctx, "mmu %s", (xscale->armv4_5_mmu.mmu_enabled) ? "enabled" : "disabled");
3238
3239 return ERROR_OK;
3240 }
3241
3242 static int xscale_handle_idcache_command(command_context_t *cmd_ctx,
3243 char *cmd, char **args, int argc)
3244 {
3245 target_t *target = get_current_target(cmd_ctx);
3246 armv4_5_common_t *armv4_5;
3247 xscale_common_t *xscale;
3248 int icache = 0, dcache = 0;
3249
3250 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3251 {
3252 return ERROR_OK;
3253 }
3254
3255 if (target->state != TARGET_HALTED)
3256 {
3257 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3258 return ERROR_OK;
3259 }
3260
3261 if (strcmp(cmd, "icache") == 0)
3262 icache = 1;
3263 else if (strcmp(cmd, "dcache") == 0)
3264 dcache = 1;
3265
3266 if (argc >= 1)
3267 {
3268 if (strcmp("enable", args[0]) == 0)
3269 {
3270 xscale_enable_mmu_caches(target, 0, dcache, icache);
3271
3272 if (icache)
3273 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 1;
3274 else if (dcache)
3275 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 1;
3276 }
3277 else if (strcmp("disable", args[0]) == 0)
3278 {
3279 xscale_disable_mmu_caches(target, 0, dcache, icache);
3280
3281 if (icache)
3282 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
3283 else if (dcache)
3284 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
3285 }
3286 }
3287
3288 if (icache)
3289 command_print(cmd_ctx, "icache %s", (xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled) ? "enabled" : "disabled");
3290
3291 if (dcache)
3292 command_print(cmd_ctx, "dcache %s", (xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) ? "enabled" : "disabled");
3293
3294 return ERROR_OK;
3295 }
3296
3297 static int xscale_handle_vector_catch_command(command_context_t *cmd_ctx,
3298 char *cmd, char **args, int argc)
3299 {
3300 target_t *target = get_current_target(cmd_ctx);
3301 armv4_5_common_t *armv4_5;
3302 xscale_common_t *xscale;
3303
3304 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3305 {
3306 return ERROR_OK;
3307 }
3308
3309 if (argc < 1)
3310 {
3311 command_print(cmd_ctx, "usage: xscale vector_catch [mask]");
3312 }
3313 else
3314 {
3315 xscale->vector_catch = strtoul(args[0], NULL, 0);
3316 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 8, xscale->vector_catch);
3317 xscale_write_dcsr(target, -1, -1);
3318 }
3319
3320 command_print(cmd_ctx, "vector catch mask: 0x%2.2x", xscale->vector_catch);
3321
3322 return ERROR_OK;
3323 }
3324
3325
3326 static int xscale_handle_vector_table_command(command_context_t *cmd_ctx,
3327 char *cmd, char **args, int argc)
3328 {
3329 target_t *target = get_current_target(cmd_ctx);
3330 armv4_5_common_t *armv4_5;
3331 xscale_common_t *xscale;
3332 int err = 0;
3333
3334 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3335 {
3336 return ERROR_OK;
3337 }
3338
3339 if (argc == 0) /* print current settings */
3340 {
3341 int idx;
3342
3343 command_print(cmd_ctx, "active user-set static vectors:");
3344 for (idx = 1; idx < 8; idx++)
3345 if (xscale->static_low_vectors_set & (1 << idx))
3346 command_print(cmd_ctx, "low %d: 0x%" PRIx32, idx, xscale->static_low_vectors[idx]);
3347 for (idx = 1; idx < 8; idx++)
3348 if (xscale->static_high_vectors_set & (1 << idx))
3349 command_print(cmd_ctx, "high %d: 0x%" PRIx32, idx, xscale->static_high_vectors[idx]);
3350 return ERROR_OK;
3351 }
3352
3353 if (argc != 3)
3354 err = 1;
3355 else
3356 {
3357 int idx;
3358 uint32_t vec;
3359 idx = strtoul(args[1], NULL, 0);
3360 vec = strtoul(args[2], NULL, 0);
3361
3362 if (idx < 1 || idx >= 8)
3363 err = 1;
3364
3365 if (!err && strcmp(args[0], "low") == 0)
3366 {
3367 xscale->static_low_vectors_set |= (1<<idx);
3368 xscale->static_low_vectors[idx] = vec;
3369 }
3370 else if (!err && (strcmp(args[0], "high") == 0))
3371 {
3372 xscale->static_high_vectors_set |= (1<<idx);
3373 xscale->static_high_vectors[idx] = vec;
3374 }
3375 else
3376 err = 1;
3377 }
3378
3379 if (err)
3380 command_print(cmd_ctx, "usage: xscale vector_table <high|low> <index> <code>");
3381
3382 return ERROR_OK;
3383 }
3384
3385
3386 static int
3387 xscale_handle_trace_buffer_command(struct command_context_s *cmd_ctx,
3388 char *cmd, char **args, int argc)
3389 {
3390 target_t *target = get_current_target(cmd_ctx);
3391 armv4_5_common_t *armv4_5;
3392 xscale_common_t *xscale;
3393 uint32_t dcsr_value;
3394
3395 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3396 {
3397 return ERROR_OK;
3398 }
3399
3400 if (target->state != TARGET_HALTED)
3401 {
3402 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3403 return ERROR_OK;
3404 }
3405
3406 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
3407 {
3408 xscale_trace_data_t *td, *next_td;
3409 xscale->trace.buffer_enabled = 1;
3410
3411 /* free old trace data */
3412 td = xscale->trace.data;
3413 while (td)
3414 {
3415 next_td = td->next;
3416
3417 if (td->entries)
3418 free(td->entries);
3419 free(td);
3420 td = next_td;
3421 }
3422 xscale->trace.data = NULL;
3423 }
3424 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
3425 {
3426 xscale->trace.buffer_enabled = 0;
3427 }
3428
3429 if ((argc >= 2) && (strcmp("fill", args[1]) == 0))
3430 {
3431 if (argc >= 3)
3432 xscale->trace.buffer_fill = strtoul(args[2], NULL, 0);
3433 else
3434 xscale->trace.buffer_fill = 1;
3435 }
3436 else if ((argc >= 2) && (strcmp("wrap", args[1]) == 0))
3437 {
3438 xscale->trace.buffer_fill = -1;
3439 }
3440
3441 if (xscale->trace.buffer_enabled)
3442 {
3443 /* if we enable the trace buffer in fill-once
3444 * mode we know the address of the first instruction */
3445 xscale->trace.pc_ok = 1;
3446 xscale->trace.current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
3447 }
3448 else
3449 {
3450 /* otherwise the address is unknown, and we have no known good PC */
3451 xscale->trace.pc_ok = 0;
3452 }
3453
3454 command_print(cmd_ctx, "trace buffer %s (%s)",
3455 (xscale->trace.buffer_enabled) ? "enabled" : "disabled",
3456 (xscale->trace.buffer_fill > 0) ? "fill" : "wrap");
3457
3458 dcsr_value = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32);
3459 if (xscale->trace.buffer_fill >= 0)
3460 xscale_write_dcsr_sw(target, (dcsr_value & 0xfffffffc) | 2);
3461 else
3462 xscale_write_dcsr_sw(target, dcsr_value & 0xfffffffc);
3463
3464 return ERROR_OK;
3465 }
3466
3467 static int
3468 xscale_handle_trace_image_command(struct command_context_s *cmd_ctx,
3469 char *cmd, char **args, int argc)
3470 {
3471 target_t *target;
3472 armv4_5_common_t *armv4_5;
3473 xscale_common_t *xscale;
3474
3475 if (argc < 1)
3476 {
3477 command_print(cmd_ctx, "usage: xscale trace_image <file> [base address] [type]");
3478 return ERROR_OK;
3479 }
3480
3481 target = get_current_target(cmd_ctx);
3482
3483 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3484 {
3485 return ERROR_OK;
3486 }
3487
3488 if (xscale->trace.image)
3489 {
3490 image_close(xscale->trace.image);
3491 free(xscale->trace.image);
3492 command_print(cmd_ctx, "previously loaded image found and closed");
3493 }
3494
3495 xscale->trace.image = malloc(sizeof(image_t));
3496 xscale->trace.image->base_address_set = 0;
3497 xscale->trace.image->start_address_set = 0;
3498
3499 /* a base address isn't always necessary, default to 0x0 (i.e. don't relocate) */
3500 if (argc >= 2)
3501 {
3502 xscale->trace.image->base_address_set = 1;
3503 xscale->trace.image->base_address = strtoul(args[1], NULL, 0);
3504 }
3505 else
3506 {
3507 xscale->trace.image->base_address_set = 0;
3508 }
3509
3510 if (image_open(xscale->trace.image, args[0], (argc >= 3) ? args[2] : NULL) != ERROR_OK)
3511 {
3512 free(xscale->trace.image);
3513 xscale->trace.image = NULL;
3514 return ERROR_OK;
3515 }
3516
3517 return ERROR_OK;
3518 }
3519
3520 static int xscale_handle_dump_trace_command(struct command_context_s *cmd_ctx,
3521 char *cmd, char **args, int argc)
3522 {
3523 target_t *target = get_current_target(cmd_ctx);
3524 armv4_5_common_t *armv4_5;
3525 xscale_common_t *xscale;
3526 xscale_trace_data_t *trace_data;
3527 fileio_t file;
3528
3529 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3530 {
3531 return ERROR_OK;
3532 }
3533
3534 if (target->state != TARGET_HALTED)
3535 {
3536 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3537 return ERROR_OK;
3538 }
3539
3540 if (argc < 1)
3541 {
3542 command_print(cmd_ctx, "usage: xscale dump_trace <file>");
3543 return ERROR_OK;
3544 }
3545
3546 trace_data = xscale->trace.data;
3547
3548 if (!trace_data)
3549 {
3550 command_print(cmd_ctx, "no trace data collected");
3551 return ERROR_OK;
3552 }
3553
3554 if (fileio_open(&file, args[0], FILEIO_WRITE, FILEIO_BINARY) != ERROR_OK)
3555 {
3556 return ERROR_OK;
3557 }
3558
3559 while (trace_data)
3560 {
3561 int i;
3562
3563 fileio_write_u32(&file, trace_data->chkpt0);
3564 fileio_write_u32(&file, trace_data->chkpt1);
3565 fileio_write_u32(&file, trace_data->last_instruction);
3566 fileio_write_u32(&file, trace_data->depth);
3567
3568 for (i = 0; i < trace_data->depth; i++)
3569 fileio_write_u32(&file, trace_data->entries[i].data | ((trace_data->entries[i].type & 0xffff) << 16));
3570
3571 trace_data = trace_data->next;
3572 }
3573
3574 fileio_close(&file);
3575
3576 return ERROR_OK;
3577 }
3578
3579 static int
3580 xscale_handle_analyze_trace_buffer_command(struct command_context_s *cmd_ctx,
3581 char *cmd, char **args, int argc)
3582 {
3583 target_t *target = get_current_target(cmd_ctx);
3584 armv4_5_common_t *armv4_5;
3585 xscale_common_t *xscale;
3586
3587 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3588 {
3589 return ERROR_OK;
3590 }
3591
3592 xscale_analyze_trace(target, cmd_ctx);
3593
3594 return ERROR_OK;
3595 }
3596
3597 static int xscale_handle_cp15(command_context_t *cmd_ctx,
3598 char *cmd, char **args, int argc)
3599 {
3600 target_t *target = get_current_target(cmd_ctx);
3601 armv4_5_common_t *armv4_5;
3602 xscale_common_t *xscale;
3603
3604 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3605 {
3606 return ERROR_OK;
3607 }
3608
3609 if (target->state != TARGET_HALTED)
3610 {
3611 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3612 return ERROR_OK;
3613 }
3614 uint32_t reg_no = 0;
3615 reg_t *reg = NULL;
3616 if (argc > 0)
3617 {
3618 reg_no = strtoul(args[0], NULL, 0);
3619 /*translate from xscale cp15 register no to openocd register*/
3620 switch (reg_no)
3621 {
3622 case 0:
3623 reg_no = XSCALE_MAINID;
3624 break;
3625 case 1:
3626 reg_no = XSCALE_CTRL;
3627 break;
3628 case 2:
3629 reg_no = XSCALE_TTB;
3630 break;
3631 case 3:
3632 reg_no = XSCALE_DAC;
3633 break;
3634 case 5:
3635 reg_no = XSCALE_FSR;
3636 break;
3637 case 6:
3638 reg_no = XSCALE_FAR;
3639 break;
3640 case 13:
3641 reg_no = XSCALE_PID;
3642 break;
3643 case 15:
3644 reg_no = XSCALE_CPACCESS;
3645 break;
3646 default:
3647 command_print(cmd_ctx, "invalid register number");
3648 return ERROR_INVALID_ARGUMENTS;
3649 }
3650 reg = &xscale->reg_cache->reg_list[reg_no];
3651
3652 }
3653 if (argc == 1)
3654 {
3655 uint32_t value;
3656
3657 /* read cp15 control register */
3658 xscale_get_reg(reg);
3659 value = buf_get_u32(reg->value, 0, 32);
3660 command_print(cmd_ctx, "%s (/%i): 0x%" PRIx32 "", reg->name, (int)(reg->size), value);
3661 }
3662 else if (argc == 2)
3663 {
3664
3665 uint32_t value = strtoul(args[1], NULL, 0);
3666
3667 /* send CP write request (command 0x41) */
3668 xscale_send_u32(target, 0x41);
3669
3670 /* send CP register number */
3671 xscale_send_u32(target, reg_no);
3672
3673 /* send CP register value */
3674 xscale_send_u32(target, value);
3675
3676 /* execute cpwait to ensure outstanding operations complete */
3677 xscale_send_u32(target, 0x53);
3678 }
3679 else
3680 {
3681 command_print(cmd_ctx, "usage: cp15 [register]<, [value]>");
3682 }
3683
3684 return ERROR_OK;
3685 }
3686
3687 static int xscale_register_commands(struct command_context_s *cmd_ctx)
3688 {
3689 command_t *xscale_cmd;
3690
3691 xscale_cmd = register_command(cmd_ctx, NULL, "xscale", NULL, COMMAND_ANY, "xscale specific commands");
3692
3693 register_command(cmd_ctx, xscale_cmd, "debug_handler", xscale_handle_debug_handler_command, COMMAND_ANY, "'xscale debug_handler <target#> <address>' command takes two required operands");
3694 register_command(cmd_ctx, xscale_cmd, "cache_clean_address", xscale_handle_cache_clean_address_command, COMMAND_ANY, NULL);
3695
3696 register_command(cmd_ctx, xscale_cmd, "cache_info", xscale_handle_cache_info_command, COMMAND_EXEC, NULL);
3697 register_command(cmd_ctx, xscale_cmd, "mmu", xscale_handle_mmu_command, COMMAND_EXEC, "['enable'|'disable'] the MMU");
3698 register_command(cmd_ctx, xscale_cmd, "icache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the ICache");
3699 register_command(cmd_ctx, xscale_cmd, "dcache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the DCache");
3700
3701 register_command(cmd_ctx, xscale_cmd, "vector_catch", xscale_handle_vector_catch_command, COMMAND_EXEC, "<mask> of vectors that should be catched");
3702 register_command(cmd_ctx, xscale_cmd, "vector_table", xscale_handle_vector_table_command, COMMAND_EXEC, "<high|low> <index> <code> set static code for exception handler entry");
3703
3704 register_command(cmd_ctx, xscale_cmd, "trace_buffer", xscale_handle_trace_buffer_command, COMMAND_EXEC, "<enable | disable> ['fill' [n]|'wrap']");
3705
3706 register_command(cmd_ctx, xscale_cmd, "dump_trace", xscale_handle_dump_trace_command, COMMAND_EXEC, "dump content of trace buffer to <file>");
3707 register_command(cmd_ctx, xscale_cmd, "analyze_trace", xscale_handle_analyze_trace_buffer_command, COMMAND_EXEC, "analyze content of trace buffer");
3708 register_command(cmd_ctx, xscale_cmd, "trace_image", xscale_handle_trace_image_command,
3709 COMMAND_EXEC, "load image from <file> [base address]");
3710
3711 register_command(cmd_ctx, xscale_cmd, "cp15", xscale_handle_cp15, COMMAND_EXEC, "access coproc 15 <register> [value]");
3712
3713 armv4_5_register_commands(cmd_ctx);
3714
3715 return ERROR_OK;
3716 }
3717
3718 target_type_t xscale_target =
3719 {
3720 .name = "xscale",
3721
3722 .poll = xscale_poll,
3723 .arch_state = xscale_arch_state,
3724
3725 .target_request_data = NULL,
3726
3727 .halt = xscale_halt,
3728 .resume = xscale_resume,
3729 .step = xscale_step,
3730
3731 .assert_reset = xscale_assert_reset,
3732 .deassert_reset = xscale_deassert_reset,
3733 .soft_reset_halt = NULL,
3734
3735 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
3736
3737 .read_memory = xscale_read_memory,
3738 .write_memory = xscale_write_memory,
3739 .bulk_write_memory = xscale_bulk_write_memory,
3740 .checksum_memory = arm7_9_checksum_memory,
3741 .blank_check_memory = arm7_9_blank_check_memory,
3742
3743 .run_algorithm = armv4_5_run_algorithm,
3744
3745 .add_breakpoint = xscale_add_breakpoint,
3746 .remove_breakpoint = xscale_remove_breakpoint,
3747 .add_watchpoint = xscale_add_watchpoint,
3748 .remove_watchpoint = xscale_remove_watchpoint,
3749
3750 .register_commands = xscale_register_commands,
3751 .target_create = xscale_target_create,
3752 .init_target = xscale_init_target,
3753 .quit = xscale_quit,
3754
3755 .virt2phys = xscale_virt2phys,
3756 .mmu = xscale_mmu
3757 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)