Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Improve xscale command argument parsing.
[openocd.git] / src / target / xscale.c
1 /***************************************************************************
2 * Copyright (C) 2006, 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * Copyright (C) 2009 Michael Schwingen *
9 * michael@schwingen.org *
10 * *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
15 * *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
20 * *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program; if not, write to the *
23 * Free Software Foundation, Inc., *
24 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
25 ***************************************************************************/
26 #ifdef HAVE_CONFIG_H
27 #include "config.h"
28 #endif
29
30 #include "xscale.h"
31 #include "target_type.h"
32 #include "arm7_9_common.h"
33 #include "arm_simulator.h"
34 #include "arm_disassembler.h"
35 #include "time_support.h"
36 #include "image.h"
37
38
39 /*
40 * Important XScale documents available as of October 2009 include:
41 *
42 * Intel XScale® Core Developer’s Manual, January 2004
43 * Order Number: 273473-002
44 * This has a chapter detailing debug facilities, and punts some
45 * details to chip-specific microarchitecture documents.
46 *
47 * Hot-Debug for Intel XScale® Core Debug White Paper, May 2005
48 * Document Number: 273539-005
49 * Less detailed than the developer's manual, but summarizes those
50 * missing details (for most XScales) and gives LOTS of notes about
51 * debugger/handler interaction issues. Presents a simpler reset
52 * and load-handler sequence than the arch doc. (Note, OpenOCD
53 * doesn't currently support "Hot-Debug" as defined there.)
54 *
55 * Chip-specific microarchitecture documents may also be useful.
56 */
57
58
59 /* forward declarations */
60 static int xscale_resume(struct target_s *, int current,
61 uint32_t address, int handle_breakpoints, int debug_execution);
62 static int xscale_debug_entry(target_t *);
63 static int xscale_restore_context(target_t *);
64 static int xscale_get_reg(reg_t *reg);
65 static int xscale_set_reg(reg_t *reg, uint8_t *buf);
66 static int xscale_set_breakpoint(struct target_s *, breakpoint_t *);
67 static int xscale_set_watchpoint(struct target_s *, watchpoint_t *);
68 static int xscale_unset_breakpoint(struct target_s *, breakpoint_t *);
69 static int xscale_read_trace(target_t *);
70
71
72 /* This XScale "debug handler" is loaded into the processor's
73 * mini-ICache, which is 2K of code writable only via JTAG.
74 *
75 * FIXME the OpenOCD "bin2char" utility currently doesn't handle
76 * binary files cleanly. It's string oriented, and terminates them
77 * with a NUL character. Better would be to generate the constants
78 * and let other code decide names, scoping, and other housekeeping.
79 */
80 static /* unsigned const char xscale_debug_handler[] = ... */
81 #include "xscale_debug.h"
82
83 static char *const xscale_reg_list[] =
84 {
85 "XSCALE_MAINID", /* 0 */
86 "XSCALE_CACHETYPE",
87 "XSCALE_CTRL",
88 "XSCALE_AUXCTRL",
89 "XSCALE_TTB",
90 "XSCALE_DAC",
91 "XSCALE_FSR",
92 "XSCALE_FAR",
93 "XSCALE_PID",
94 "XSCALE_CPACCESS",
95 "XSCALE_IBCR0", /* 10 */
96 "XSCALE_IBCR1",
97 "XSCALE_DBR0",
98 "XSCALE_DBR1",
99 "XSCALE_DBCON",
100 "XSCALE_TBREG",
101 "XSCALE_CHKPT0",
102 "XSCALE_CHKPT1",
103 "XSCALE_DCSR",
104 "XSCALE_TX",
105 "XSCALE_RX", /* 20 */
106 "XSCALE_TXRXCTRL",
107 };
108
109 static const xscale_reg_t xscale_reg_arch_info[] =
110 {
111 {XSCALE_MAINID, NULL},
112 {XSCALE_CACHETYPE, NULL},
113 {XSCALE_CTRL, NULL},
114 {XSCALE_AUXCTRL, NULL},
115 {XSCALE_TTB, NULL},
116 {XSCALE_DAC, NULL},
117 {XSCALE_FSR, NULL},
118 {XSCALE_FAR, NULL},
119 {XSCALE_PID, NULL},
120 {XSCALE_CPACCESS, NULL},
121 {XSCALE_IBCR0, NULL},
122 {XSCALE_IBCR1, NULL},
123 {XSCALE_DBR0, NULL},
124 {XSCALE_DBR1, NULL},
125 {XSCALE_DBCON, NULL},
126 {XSCALE_TBREG, NULL},
127 {XSCALE_CHKPT0, NULL},
128 {XSCALE_CHKPT1, NULL},
129 {XSCALE_DCSR, NULL}, /* DCSR accessed via JTAG or SW */
130 {-1, NULL}, /* TX accessed via JTAG */
131 {-1, NULL}, /* RX accessed via JTAG */
132 {-1, NULL}, /* TXRXCTRL implicit access via JTAG */
133 };
134
135 static int xscale_reg_arch_type = -1;
136
137 /* convenience wrapper to access XScale specific registers */
138 static int xscale_set_reg_u32(reg_t *reg, uint32_t value)
139 {
140 uint8_t buf[4];
141
142 buf_set_u32(buf, 0, 32, value);
143
144 return xscale_set_reg(reg, buf);
145 }
146
147
148 static int xscale_get_arch_pointers(target_t *target,
149 armv4_5_common_t **armv4_5_p, xscale_common_t **xscale_p)
150 {
151 armv4_5_common_t *armv4_5 = target->arch_info;
152 xscale_common_t *xscale = armv4_5->arch_info;
153
154 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
155 {
156 LOG_ERROR("target isn't an XScale target");
157 return -1;
158 }
159
160 if (xscale->common_magic != XSCALE_COMMON_MAGIC)
161 {
162 LOG_ERROR("target isn't an XScale target");
163 return -1;
164 }
165
166 *armv4_5_p = armv4_5;
167 *xscale_p = xscale;
168
169 return ERROR_OK;
170 }
171
172 static int xscale_jtag_set_instr(jtag_tap_t *tap, uint32_t new_instr)
173 {
174 if (tap == NULL)
175 return ERROR_FAIL;
176
177 if (buf_get_u32(tap->cur_instr, 0, tap->ir_length) != new_instr)
178 {
179 scan_field_t field;
180 uint8_t scratch[4];
181
182 memset(&field, 0, sizeof field);
183 field.tap = tap;
184 field.num_bits = tap->ir_length;
185 field.out_value = scratch;
186 buf_set_u32(field.out_value, 0, field.num_bits, new_instr);
187
188 jtag_add_ir_scan(1, &field, jtag_get_end_state());
189 }
190
191 return ERROR_OK;
192 }
193
194 static int xscale_read_dcsr(target_t *target)
195 {
196 armv4_5_common_t *armv4_5 = target->arch_info;
197 xscale_common_t *xscale = armv4_5->arch_info;
198 int retval;
199 scan_field_t fields[3];
200 uint8_t field0 = 0x0;
201 uint8_t field0_check_value = 0x2;
202 uint8_t field0_check_mask = 0x7;
203 uint8_t field2 = 0x0;
204 uint8_t field2_check_value = 0x0;
205 uint8_t field2_check_mask = 0x1;
206
207 jtag_set_end_state(TAP_DRPAUSE);
208 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
209
210 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
211 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
212
213 memset(&fields, 0, sizeof fields);
214
215 fields[0].tap = target->tap;
216 fields[0].num_bits = 3;
217 fields[0].out_value = &field0;
218 uint8_t tmp;
219 fields[0].in_value = &tmp;
220
221 fields[1].tap = target->tap;
222 fields[1].num_bits = 32;
223 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
224
225 fields[2].tap = target->tap;
226 fields[2].num_bits = 1;
227 fields[2].out_value = &field2;
228 uint8_t tmp2;
229 fields[2].in_value = &tmp2;
230
231 jtag_add_dr_scan(3, fields, jtag_get_end_state());
232
233 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
234 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
235
236 if ((retval = jtag_execute_queue()) != ERROR_OK)
237 {
238 LOG_ERROR("JTAG error while reading DCSR");
239 return retval;
240 }
241
242 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
243 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
244
245 /* write the register with the value we just read
246 * on this second pass, only the first bit of field0 is guaranteed to be 0)
247 */
248 field0_check_mask = 0x1;
249 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
250 fields[1].in_value = NULL;
251
252 jtag_set_end_state(TAP_IDLE);
253
254 jtag_add_dr_scan(3, fields, jtag_get_end_state());
255
256 /* DANGER!!! this must be here. It will make sure that the arguments
257 * to jtag_set_check_value() does not go out of scope! */
258 return jtag_execute_queue();
259 }
260
261
262 static void xscale_getbuf(jtag_callback_data_t arg)
263 {
264 uint8_t *in = (uint8_t *)arg;
265 *((uint32_t *)in) = buf_get_u32(in, 0, 32);
266 }
267
268 static int xscale_receive(target_t *target, uint32_t *buffer, int num_words)
269 {
270 if (num_words == 0)
271 return ERROR_INVALID_ARGUMENTS;
272
273 int retval = ERROR_OK;
274 tap_state_t path[3];
275 scan_field_t fields[3];
276 uint8_t *field0 = malloc(num_words * 1);
277 uint8_t field0_check_value = 0x2;
278 uint8_t field0_check_mask = 0x6;
279 uint32_t *field1 = malloc(num_words * 4);
280 uint8_t field2_check_value = 0x0;
281 uint8_t field2_check_mask = 0x1;
282 int words_done = 0;
283 int words_scheduled = 0;
284 int i;
285
286 path[0] = TAP_DRSELECT;
287 path[1] = TAP_DRCAPTURE;
288 path[2] = TAP_DRSHIFT;
289
290 memset(&fields, 0, sizeof fields);
291
292 fields[0].tap = target->tap;
293 fields[0].num_bits = 3;
294 fields[0].check_value = &field0_check_value;
295 fields[0].check_mask = &field0_check_mask;
296
297 fields[1].tap = target->tap;
298 fields[1].num_bits = 32;
299
300 fields[2].tap = target->tap;
301 fields[2].num_bits = 1;
302 fields[2].check_value = &field2_check_value;
303 fields[2].check_mask = &field2_check_mask;
304
305 jtag_set_end_state(TAP_IDLE);
306 xscale_jtag_set_instr(target->tap, XSCALE_DBGTX);
307 jtag_add_runtest(1, jtag_get_end_state()); /* ensures that we're in the TAP_IDLE state as the above could be a no-op */
308
309 /* repeat until all words have been collected */
310 int attempts = 0;
311 while (words_done < num_words)
312 {
313 /* schedule reads */
314 words_scheduled = 0;
315 for (i = words_done; i < num_words; i++)
316 {
317 fields[0].in_value = &field0[i];
318
319 jtag_add_pathmove(3, path);
320
321 fields[1].in_value = (uint8_t *)(field1 + i);
322
323 jtag_add_dr_scan_check(3, fields, jtag_set_end_state(TAP_IDLE));
324
325 jtag_add_callback(xscale_getbuf, (jtag_callback_data_t)(field1 + i));
326
327 words_scheduled++;
328 }
329
330 if ((retval = jtag_execute_queue()) != ERROR_OK)
331 {
332 LOG_ERROR("JTAG error while receiving data from debug handler");
333 break;
334 }
335
336 /* examine results */
337 for (i = words_done; i < num_words; i++)
338 {
339 if (!(field0[0] & 1))
340 {
341 /* move backwards if necessary */
342 int j;
343 for (j = i; j < num_words - 1; j++)
344 {
345 field0[j] = field0[j + 1];
346 field1[j] = field1[j + 1];
347 }
348 words_scheduled--;
349 }
350 }
351 if (words_scheduled == 0)
352 {
353 if (attempts++==1000)
354 {
355 LOG_ERROR("Failed to receiving data from debug handler after 1000 attempts");
356 retval = ERROR_TARGET_TIMEOUT;
357 break;
358 }
359 }
360
361 words_done += words_scheduled;
362 }
363
364 for (i = 0; i < num_words; i++)
365 *(buffer++) = buf_get_u32((uint8_t*)&field1[i], 0, 32);
366
367 free(field1);
368
369 return retval;
370 }
371
372 static int xscale_read_tx(target_t *target, int consume)
373 {
374 armv4_5_common_t *armv4_5 = target->arch_info;
375 xscale_common_t *xscale = armv4_5->arch_info;
376 tap_state_t path[3];
377 tap_state_t noconsume_path[6];
378 int retval;
379 struct timeval timeout, now;
380 scan_field_t fields[3];
381 uint8_t field0_in = 0x0;
382 uint8_t field0_check_value = 0x2;
383 uint8_t field0_check_mask = 0x6;
384 uint8_t field2_check_value = 0x0;
385 uint8_t field2_check_mask = 0x1;
386
387 jtag_set_end_state(TAP_IDLE);
388
389 xscale_jtag_set_instr(target->tap, XSCALE_DBGTX);
390
391 path[0] = TAP_DRSELECT;
392 path[1] = TAP_DRCAPTURE;
393 path[2] = TAP_DRSHIFT;
394
395 noconsume_path[0] = TAP_DRSELECT;
396 noconsume_path[1] = TAP_DRCAPTURE;
397 noconsume_path[2] = TAP_DREXIT1;
398 noconsume_path[3] = TAP_DRPAUSE;
399 noconsume_path[4] = TAP_DREXIT2;
400 noconsume_path[5] = TAP_DRSHIFT;
401
402 memset(&fields, 0, sizeof fields);
403
404 fields[0].tap = target->tap;
405 fields[0].num_bits = 3;
406 fields[0].in_value = &field0_in;
407
408 fields[1].tap = target->tap;
409 fields[1].num_bits = 32;
410 fields[1].in_value = xscale->reg_cache->reg_list[XSCALE_TX].value;
411
412 fields[2].tap = target->tap;
413 fields[2].num_bits = 1;
414 uint8_t tmp;
415 fields[2].in_value = &tmp;
416
417 gettimeofday(&timeout, NULL);
418 timeval_add_time(&timeout, 1, 0);
419
420 for (;;)
421 {
422 /* if we want to consume the register content (i.e. clear TX_READY),
423 * we have to go straight from Capture-DR to Shift-DR
424 * otherwise, we go from Capture-DR to Exit1-DR to Pause-DR
425 */
426 if (consume)
427 jtag_add_pathmove(3, path);
428 else
429 {
430 jtag_add_pathmove(sizeof(noconsume_path)/sizeof(*noconsume_path), noconsume_path);
431 }
432
433 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
434
435 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
436 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
437
438 if ((retval = jtag_execute_queue()) != ERROR_OK)
439 {
440 LOG_ERROR("JTAG error while reading TX");
441 return ERROR_TARGET_TIMEOUT;
442 }
443
444 gettimeofday(&now, NULL);
445 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
446 {
447 LOG_ERROR("time out reading TX register");
448 return ERROR_TARGET_TIMEOUT;
449 }
450 if (!((!(field0_in & 1)) && consume))
451 {
452 goto done;
453 }
454 if (debug_level >= 3)
455 {
456 LOG_DEBUG("waiting 100ms");
457 alive_sleep(100); /* avoid flooding the logs */
458 } else
459 {
460 keep_alive();
461 }
462 }
463 done:
464
465 if (!(field0_in & 1))
466 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
467
468 return ERROR_OK;
469 }
470
471 static int xscale_write_rx(target_t *target)
472 {
473 armv4_5_common_t *armv4_5 = target->arch_info;
474 xscale_common_t *xscale = armv4_5->arch_info;
475 int retval;
476 struct timeval timeout, now;
477 scan_field_t fields[3];
478 uint8_t field0_out = 0x0;
479 uint8_t field0_in = 0x0;
480 uint8_t field0_check_value = 0x2;
481 uint8_t field0_check_mask = 0x6;
482 uint8_t field2 = 0x0;
483 uint8_t field2_check_value = 0x0;
484 uint8_t field2_check_mask = 0x1;
485
486 jtag_set_end_state(TAP_IDLE);
487
488 xscale_jtag_set_instr(target->tap, XSCALE_DBGRX);
489
490 memset(&fields, 0, sizeof fields);
491
492 fields[0].tap = target->tap;
493 fields[0].num_bits = 3;
494 fields[0].out_value = &field0_out;
495 fields[0].in_value = &field0_in;
496
497 fields[1].tap = target->tap;
498 fields[1].num_bits = 32;
499 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_RX].value;
500
501 fields[2].tap = target->tap;
502 fields[2].num_bits = 1;
503 fields[2].out_value = &field2;
504 uint8_t tmp;
505 fields[2].in_value = &tmp;
506
507 gettimeofday(&timeout, NULL);
508 timeval_add_time(&timeout, 1, 0);
509
510 /* poll until rx_read is low */
511 LOG_DEBUG("polling RX");
512 for (;;)
513 {
514 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
515
516 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
517 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
518
519 if ((retval = jtag_execute_queue()) != ERROR_OK)
520 {
521 LOG_ERROR("JTAG error while writing RX");
522 return retval;
523 }
524
525 gettimeofday(&now, NULL);
526 if ((now.tv_sec > timeout.tv_sec) || ((now.tv_sec == timeout.tv_sec)&& (now.tv_usec > timeout.tv_usec)))
527 {
528 LOG_ERROR("time out writing RX register");
529 return ERROR_TARGET_TIMEOUT;
530 }
531 if (!(field0_in & 1))
532 goto done;
533 if (debug_level >= 3)
534 {
535 LOG_DEBUG("waiting 100ms");
536 alive_sleep(100); /* avoid flooding the logs */
537 } else
538 {
539 keep_alive();
540 }
541 }
542 done:
543
544 /* set rx_valid */
545 field2 = 0x1;
546 jtag_add_dr_scan(3, fields, jtag_set_end_state(TAP_IDLE));
547
548 if ((retval = jtag_execute_queue()) != ERROR_OK)
549 {
550 LOG_ERROR("JTAG error while writing RX");
551 return retval;
552 }
553
554 return ERROR_OK;
555 }
556
557 /* send count elements of size byte to the debug handler */
558 static int xscale_send(target_t *target, uint8_t *buffer, int count, int size)
559 {
560 uint32_t t[3];
561 int bits[3];
562 int retval;
563 int done_count = 0;
564
565 jtag_set_end_state(TAP_IDLE);
566
567 xscale_jtag_set_instr(target->tap, XSCALE_DBGRX);
568
569 bits[0]=3;
570 t[0]=0;
571 bits[1]=32;
572 t[2]=1;
573 bits[2]=1;
574 int endianness = target->endianness;
575 while (done_count++ < count)
576 {
577 switch (size)
578 {
579 case 4:
580 if (endianness == TARGET_LITTLE_ENDIAN)
581 {
582 t[1]=le_to_h_u32(buffer);
583 } else
584 {
585 t[1]=be_to_h_u32(buffer);
586 }
587 break;
588 case 2:
589 if (endianness == TARGET_LITTLE_ENDIAN)
590 {
591 t[1]=le_to_h_u16(buffer);
592 } else
593 {
594 t[1]=be_to_h_u16(buffer);
595 }
596 break;
597 case 1:
598 t[1]=buffer[0];
599 break;
600 default:
601 LOG_ERROR("BUG: size neither 4, 2 nor 1");
602 exit(-1);
603 }
604 jtag_add_dr_out(target->tap,
605 3,
606 bits,
607 t,
608 jtag_set_end_state(TAP_IDLE));
609 buffer += size;
610 }
611
612 if ((retval = jtag_execute_queue()) != ERROR_OK)
613 {
614 LOG_ERROR("JTAG error while sending data to debug handler");
615 return retval;
616 }
617
618 return ERROR_OK;
619 }
620
621 static int xscale_send_u32(target_t *target, uint32_t value)
622 {
623 armv4_5_common_t *armv4_5 = target->arch_info;
624 xscale_common_t *xscale = armv4_5->arch_info;
625
626 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
627 return xscale_write_rx(target);
628 }
629
630 static int xscale_write_dcsr(target_t *target, int hold_rst, int ext_dbg_brk)
631 {
632 armv4_5_common_t *armv4_5 = target->arch_info;
633 xscale_common_t *xscale = armv4_5->arch_info;
634 int retval;
635 scan_field_t fields[3];
636 uint8_t field0 = 0x0;
637 uint8_t field0_check_value = 0x2;
638 uint8_t field0_check_mask = 0x7;
639 uint8_t field2 = 0x0;
640 uint8_t field2_check_value = 0x0;
641 uint8_t field2_check_mask = 0x1;
642
643 if (hold_rst != -1)
644 xscale->hold_rst = hold_rst;
645
646 if (ext_dbg_brk != -1)
647 xscale->external_debug_break = ext_dbg_brk;
648
649 jtag_set_end_state(TAP_IDLE);
650 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
651
652 buf_set_u32(&field0, 1, 1, xscale->hold_rst);
653 buf_set_u32(&field0, 2, 1, xscale->external_debug_break);
654
655 memset(&fields, 0, sizeof fields);
656
657 fields[0].tap = target->tap;
658 fields[0].num_bits = 3;
659 fields[0].out_value = &field0;
660 uint8_t tmp;
661 fields[0].in_value = &tmp;
662
663 fields[1].tap = target->tap;
664 fields[1].num_bits = 32;
665 fields[1].out_value = xscale->reg_cache->reg_list[XSCALE_DCSR].value;
666
667 fields[2].tap = target->tap;
668 fields[2].num_bits = 1;
669 fields[2].out_value = &field2;
670 uint8_t tmp2;
671 fields[2].in_value = &tmp2;
672
673 jtag_add_dr_scan(3, fields, jtag_get_end_state());
674
675 jtag_check_value_mask(fields + 0, &field0_check_value, &field0_check_mask);
676 jtag_check_value_mask(fields + 2, &field2_check_value, &field2_check_mask);
677
678 if ((retval = jtag_execute_queue()) != ERROR_OK)
679 {
680 LOG_ERROR("JTAG error while writing DCSR");
681 return retval;
682 }
683
684 xscale->reg_cache->reg_list[XSCALE_DCSR].dirty = 0;
685 xscale->reg_cache->reg_list[XSCALE_DCSR].valid = 1;
686
687 return ERROR_OK;
688 }
689
690 /* parity of the number of bits 0 if even; 1 if odd. for 32 bit words */
691 static unsigned int parity (unsigned int v)
692 {
693 // unsigned int ov = v;
694 v ^= v >> 16;
695 v ^= v >> 8;
696 v ^= v >> 4;
697 v &= 0xf;
698 // LOG_DEBUG("parity of 0x%x is %i", ov, (0x6996 >> v) & 1);
699 return (0x6996 >> v) & 1;
700 }
701
702 static int xscale_load_ic(target_t *target, uint32_t va, uint32_t buffer[8])
703 {
704 uint8_t packet[4];
705 uint8_t cmd;
706 int word;
707 scan_field_t fields[2];
708
709 LOG_DEBUG("loading miniIC at 0x%8.8" PRIx32 "", va);
710
711 /* LDIC into IR */
712 jtag_set_end_state(TAP_IDLE);
713 xscale_jtag_set_instr(target->tap, XSCALE_LDIC);
714
715 /* CMD is b011 to load a cacheline into the Mini ICache.
716 * Loading into the main ICache is deprecated, and unused.
717 * It's followed by three zero bits, and 27 address bits.
718 */
719 buf_set_u32(&cmd, 0, 6, 0x3);
720
721 /* virtual address of desired cache line */
722 buf_set_u32(packet, 0, 27, va >> 5);
723
724 memset(&fields, 0, sizeof fields);
725
726 fields[0].tap = target->tap;
727 fields[0].num_bits = 6;
728 fields[0].out_value = &cmd;
729
730 fields[1].tap = target->tap;
731 fields[1].num_bits = 27;
732 fields[1].out_value = packet;
733
734 jtag_add_dr_scan(2, fields, jtag_get_end_state());
735
736 /* rest of packet is a cacheline: 8 instructions, with parity */
737 fields[0].num_bits = 32;
738 fields[0].out_value = packet;
739
740 fields[1].num_bits = 1;
741 fields[1].out_value = &cmd;
742
743 for (word = 0; word < 8; word++)
744 {
745 buf_set_u32(packet, 0, 32, buffer[word]);
746
747 uint32_t value;
748 memcpy(&value, packet, sizeof(uint32_t));
749 cmd = parity(value);
750
751 jtag_add_dr_scan(2, fields, jtag_get_end_state());
752 }
753
754 return jtag_execute_queue();
755 }
756
757 static int xscale_invalidate_ic_line(target_t *target, uint32_t va)
758 {
759 uint8_t packet[4];
760 uint8_t cmd;
761 scan_field_t fields[2];
762
763 jtag_set_end_state(TAP_IDLE);
764 xscale_jtag_set_instr(target->tap, XSCALE_LDIC);
765
766 /* CMD for invalidate IC line b000, bits [6:4] b000 */
767 buf_set_u32(&cmd, 0, 6, 0x0);
768
769 /* virtual address of desired cache line */
770 buf_set_u32(packet, 0, 27, va >> 5);
771
772 memset(&fields, 0, sizeof fields);
773
774 fields[0].tap = target->tap;
775 fields[0].num_bits = 6;
776 fields[0].out_value = &cmd;
777
778 fields[1].tap = target->tap;
779 fields[1].num_bits = 27;
780 fields[1].out_value = packet;
781
782 jtag_add_dr_scan(2, fields, jtag_get_end_state());
783
784 return ERROR_OK;
785 }
786
787 static int xscale_update_vectors(target_t *target)
788 {
789 armv4_5_common_t *armv4_5 = target->arch_info;
790 xscale_common_t *xscale = armv4_5->arch_info;
791 int i;
792 int retval;
793
794 uint32_t low_reset_branch, high_reset_branch;
795
796 for (i = 1; i < 8; i++)
797 {
798 /* if there's a static vector specified for this exception, override */
799 if (xscale->static_high_vectors_set & (1 << i))
800 {
801 xscale->high_vectors[i] = xscale->static_high_vectors[i];
802 }
803 else
804 {
805 retval = target_read_u32(target, 0xffff0000 + 4*i, &xscale->high_vectors[i]);
806 if (retval == ERROR_TARGET_TIMEOUT)
807 return retval;
808 if (retval != ERROR_OK)
809 {
810 /* Some of these reads will fail as part of normal execution */
811 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
812 }
813 }
814 }
815
816 for (i = 1; i < 8; i++)
817 {
818 if (xscale->static_low_vectors_set & (1 << i))
819 {
820 xscale->low_vectors[i] = xscale->static_low_vectors[i];
821 }
822 else
823 {
824 retval = target_read_u32(target, 0x0 + 4*i, &xscale->low_vectors[i]);
825 if (retval == ERROR_TARGET_TIMEOUT)
826 return retval;
827 if (retval != ERROR_OK)
828 {
829 /* Some of these reads will fail as part of normal execution */
830 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
831 }
832 }
833 }
834
835 /* calculate branches to debug handler */
836 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
837 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
838
839 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
840 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
841
842 /* invalidate and load exception vectors in mini i-cache */
843 xscale_invalidate_ic_line(target, 0x0);
844 xscale_invalidate_ic_line(target, 0xffff0000);
845
846 xscale_load_ic(target, 0x0, xscale->low_vectors);
847 xscale_load_ic(target, 0xffff0000, xscale->high_vectors);
848
849 return ERROR_OK;
850 }
851
852 static int xscale_arch_state(struct target_s *target)
853 {
854 armv4_5_common_t *armv4_5 = target->arch_info;
855 xscale_common_t *xscale = armv4_5->arch_info;
856
857 static const char *state[] =
858 {
859 "disabled", "enabled"
860 };
861
862 static const char *arch_dbg_reason[] =
863 {
864 "", "\n(processor reset)", "\n(trace buffer full)"
865 };
866
867 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
868 {
869 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
870 exit(-1);
871 }
872
873 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
874 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
875 "MMU: %s, D-Cache: %s, I-Cache: %s"
876 "%s",
877 armv4_5_state_strings[armv4_5->core_state],
878 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name ,
879 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
880 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
881 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
882 state[xscale->armv4_5_mmu.mmu_enabled],
883 state[xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
884 state[xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled],
885 arch_dbg_reason[xscale->arch_debug_reason]);
886
887 return ERROR_OK;
888 }
889
890 static int xscale_poll(target_t *target)
891 {
892 int retval = ERROR_OK;
893
894 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_DEBUG_RUNNING))
895 {
896 enum target_state previous_state = target->state;
897 if ((retval = xscale_read_tx(target, 0)) == ERROR_OK)
898 {
899
900 /* there's data to read from the tx register, we entered debug state */
901 target->state = TARGET_HALTED;
902
903 /* process debug entry, fetching current mode regs */
904 retval = xscale_debug_entry(target);
905 }
906 else if (retval != ERROR_TARGET_RESOURCE_NOT_AVAILABLE)
907 {
908 LOG_USER("error while polling TX register, reset CPU");
909 /* here we "lie" so GDB won't get stuck and a reset can be perfomed */
910 target->state = TARGET_HALTED;
911 }
912
913 /* debug_entry could have overwritten target state (i.e. immediate resume)
914 * don't signal event handlers in that case
915 */
916 if (target->state != TARGET_HALTED)
917 return ERROR_OK;
918
919 /* if target was running, signal that we halted
920 * otherwise we reentered from debug execution */
921 if (previous_state == TARGET_RUNNING)
922 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
923 else
924 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
925 }
926
927 return retval;
928 }
929
930 static int xscale_debug_entry(target_t *target)
931 {
932 armv4_5_common_t *armv4_5 = target->arch_info;
933 xscale_common_t *xscale = armv4_5->arch_info;
934 uint32_t pc;
935 uint32_t buffer[10];
936 int i;
937 int retval;
938
939 uint32_t moe;
940
941 /* clear external dbg break (will be written on next DCSR read) */
942 xscale->external_debug_break = 0;
943 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
944 return retval;
945
946 /* get r0, pc, r1 to r7 and cpsr */
947 if ((retval = xscale_receive(target, buffer, 10)) != ERROR_OK)
948 return retval;
949
950 /* move r0 from buffer to register cache */
951 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, buffer[0]);
952 armv4_5->core_cache->reg_list[0].dirty = 1;
953 armv4_5->core_cache->reg_list[0].valid = 1;
954 LOG_DEBUG("r0: 0x%8.8" PRIx32 "", buffer[0]);
955
956 /* move pc from buffer to register cache */
957 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, buffer[1]);
958 armv4_5->core_cache->reg_list[15].dirty = 1;
959 armv4_5->core_cache->reg_list[15].valid = 1;
960 LOG_DEBUG("pc: 0x%8.8" PRIx32 "", buffer[1]);
961
962 /* move data from buffer to register cache */
963 for (i = 1; i <= 7; i++)
964 {
965 buf_set_u32(armv4_5->core_cache->reg_list[i].value, 0, 32, buffer[1 + i]);
966 armv4_5->core_cache->reg_list[i].dirty = 1;
967 armv4_5->core_cache->reg_list[i].valid = 1;
968 LOG_DEBUG("r%i: 0x%8.8" PRIx32 "", i, buffer[i + 1]);
969 }
970
971 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, buffer[9]);
972 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
973 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
974 LOG_DEBUG("cpsr: 0x%8.8" PRIx32 "", buffer[9]);
975
976 armv4_5->core_mode = buffer[9] & 0x1f;
977 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
978 {
979 target->state = TARGET_UNKNOWN;
980 LOG_ERROR("cpsr contains invalid mode value - communication failure");
981 return ERROR_TARGET_FAILURE;
982 }
983 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
984
985 if (buffer[9] & 0x20)
986 armv4_5->core_state = ARMV4_5_STATE_THUMB;
987 else
988 armv4_5->core_state = ARMV4_5_STATE_ARM;
989
990
991 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
992 return ERROR_FAIL;
993
994 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
995 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
996 {
997 xscale_receive(target, buffer, 8);
998 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
999 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1000 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1001 }
1002 else
1003 {
1004 /* r8 to r14, but no spsr */
1005 xscale_receive(target, buffer, 7);
1006 }
1007
1008 /* move data from buffer to register cache */
1009 for (i = 8; i <= 14; i++)
1010 {
1011 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, buffer[i - 8]);
1012 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1013 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1014 }
1015
1016 /* examine debug reason */
1017 xscale_read_dcsr(target);
1018 moe = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 2, 3);
1019
1020 /* stored PC (for calculating fixup) */
1021 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1022
1023 switch (moe)
1024 {
1025 case 0x0: /* Processor reset */
1026 target->debug_reason = DBG_REASON_DBGRQ;
1027 xscale->arch_debug_reason = XSCALE_DBG_REASON_RESET;
1028 pc -= 4;
1029 break;
1030 case 0x1: /* Instruction breakpoint hit */
1031 target->debug_reason = DBG_REASON_BREAKPOINT;
1032 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1033 pc -= 4;
1034 break;
1035 case 0x2: /* Data breakpoint hit */
1036 target->debug_reason = DBG_REASON_WATCHPOINT;
1037 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1038 pc -= 4;
1039 break;
1040 case 0x3: /* BKPT instruction executed */
1041 target->debug_reason = DBG_REASON_BREAKPOINT;
1042 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1043 pc -= 4;
1044 break;
1045 case 0x4: /* Ext. debug event */
1046 target->debug_reason = DBG_REASON_DBGRQ;
1047 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1048 pc -= 4;
1049 break;
1050 case 0x5: /* Vector trap occured */
1051 target->debug_reason = DBG_REASON_BREAKPOINT;
1052 xscale->arch_debug_reason = XSCALE_DBG_REASON_GENERIC;
1053 pc -= 4;
1054 break;
1055 case 0x6: /* Trace buffer full break */
1056 target->debug_reason = DBG_REASON_DBGRQ;
1057 xscale->arch_debug_reason = XSCALE_DBG_REASON_TB_FULL;
1058 pc -= 4;
1059 break;
1060 case 0x7: /* Reserved (may flag Hot-Debug support) */
1061 default:
1062 LOG_ERROR("Method of Entry is 'Reserved'");
1063 exit(-1);
1064 break;
1065 }
1066
1067 /* apply PC fixup */
1068 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
1069
1070 /* on the first debug entry, identify cache type */
1071 if (xscale->armv4_5_mmu.armv4_5_cache.ctype == -1)
1072 {
1073 uint32_t cache_type_reg;
1074
1075 /* read cp15 cache type register */
1076 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CACHETYPE]);
1077 cache_type_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CACHETYPE].value, 0, 32);
1078
1079 armv4_5_identify_cache(cache_type_reg, &xscale->armv4_5_mmu.armv4_5_cache);
1080 }
1081
1082 /* examine MMU and Cache settings */
1083 /* read cp15 control register */
1084 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
1085 xscale->cp15_control_reg = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
1086 xscale->armv4_5_mmu.mmu_enabled = (xscale->cp15_control_reg & 0x1U) ? 1 : 0;
1087 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (xscale->cp15_control_reg & 0x4U) ? 1 : 0;
1088 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (xscale->cp15_control_reg & 0x1000U) ? 1 : 0;
1089
1090 /* tracing enabled, read collected trace data */
1091 if (xscale->trace.buffer_enabled)
1092 {
1093 xscale_read_trace(target);
1094 xscale->trace.buffer_fill--;
1095
1096 /* resume if we're still collecting trace data */
1097 if ((xscale->arch_debug_reason == XSCALE_DBG_REASON_TB_FULL)
1098 && (xscale->trace.buffer_fill > 0))
1099 {
1100 xscale_resume(target, 1, 0x0, 1, 0);
1101 }
1102 else
1103 {
1104 xscale->trace.buffer_enabled = 0;
1105 }
1106 }
1107
1108 return ERROR_OK;
1109 }
1110
1111 static int xscale_halt(target_t *target)
1112 {
1113 armv4_5_common_t *armv4_5 = target->arch_info;
1114 xscale_common_t *xscale = armv4_5->arch_info;
1115
1116 LOG_DEBUG("target->state: %s",
1117 target_state_name(target));
1118
1119 if (target->state == TARGET_HALTED)
1120 {
1121 LOG_DEBUG("target was already halted");
1122 return ERROR_OK;
1123 }
1124 else if (target->state == TARGET_UNKNOWN)
1125 {
1126 /* this must not happen for a xscale target */
1127 LOG_ERROR("target was in unknown state when halt was requested");
1128 return ERROR_TARGET_INVALID;
1129 }
1130 else if (target->state == TARGET_RESET)
1131 {
1132 LOG_DEBUG("target->state == TARGET_RESET");
1133 }
1134 else
1135 {
1136 /* assert external dbg break */
1137 xscale->external_debug_break = 1;
1138 xscale_read_dcsr(target);
1139
1140 target->debug_reason = DBG_REASON_DBGRQ;
1141 }
1142
1143 return ERROR_OK;
1144 }
1145
1146 static int xscale_enable_single_step(struct target_s *target, uint32_t next_pc)
1147 {
1148 armv4_5_common_t *armv4_5 = target->arch_info;
1149 xscale_common_t *xscale= armv4_5->arch_info;
1150 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1151 int retval;
1152
1153 if (xscale->ibcr0_used)
1154 {
1155 breakpoint_t *ibcr0_bp = breakpoint_find(target, buf_get_u32(ibcr0->value, 0, 32) & 0xfffffffe);
1156
1157 if (ibcr0_bp)
1158 {
1159 xscale_unset_breakpoint(target, ibcr0_bp);
1160 }
1161 else
1162 {
1163 LOG_ERROR("BUG: xscale->ibcr0_used is set, but no breakpoint with that address found");
1164 exit(-1);
1165 }
1166 }
1167
1168 if ((retval = xscale_set_reg_u32(ibcr0, next_pc | 0x1)) != ERROR_OK)
1169 return retval;
1170
1171 return ERROR_OK;
1172 }
1173
1174 static int xscale_disable_single_step(struct target_s *target)
1175 {
1176 armv4_5_common_t *armv4_5 = target->arch_info;
1177 xscale_common_t *xscale= armv4_5->arch_info;
1178 reg_t *ibcr0 = &xscale->reg_cache->reg_list[XSCALE_IBCR0];
1179 int retval;
1180
1181 if ((retval = xscale_set_reg_u32(ibcr0, 0x0)) != ERROR_OK)
1182 return retval;
1183
1184 return ERROR_OK;
1185 }
1186
1187 static void xscale_enable_watchpoints(struct target_s *target)
1188 {
1189 watchpoint_t *watchpoint = target->watchpoints;
1190
1191 while (watchpoint)
1192 {
1193 if (watchpoint->set == 0)
1194 xscale_set_watchpoint(target, watchpoint);
1195 watchpoint = watchpoint->next;
1196 }
1197 }
1198
1199 static void xscale_enable_breakpoints(struct target_s *target)
1200 {
1201 breakpoint_t *breakpoint = target->breakpoints;
1202
1203 /* set any pending breakpoints */
1204 while (breakpoint)
1205 {
1206 if (breakpoint->set == 0)
1207 xscale_set_breakpoint(target, breakpoint);
1208 breakpoint = breakpoint->next;
1209 }
1210 }
1211
1212 static int xscale_resume(struct target_s *target, int current,
1213 uint32_t address, int handle_breakpoints, int debug_execution)
1214 {
1215 armv4_5_common_t *armv4_5 = target->arch_info;
1216 xscale_common_t *xscale= armv4_5->arch_info;
1217 breakpoint_t *breakpoint = target->breakpoints;
1218
1219 uint32_t current_pc;
1220
1221 int retval;
1222 int i;
1223
1224 LOG_DEBUG("-");
1225
1226 if (target->state != TARGET_HALTED)
1227 {
1228 LOG_WARNING("target not halted");
1229 return ERROR_TARGET_NOT_HALTED;
1230 }
1231
1232 if (!debug_execution)
1233 {
1234 target_free_all_working_areas(target);
1235 }
1236
1237 /* update vector tables */
1238 if ((retval = xscale_update_vectors(target)) != ERROR_OK)
1239 return retval;
1240
1241 /* current = 1: continue on current pc, otherwise continue at <address> */
1242 if (!current)
1243 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1244
1245 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1246
1247 /* if we're at the reset vector, we have to simulate the branch */
1248 if (current_pc == 0x0)
1249 {
1250 arm_simulate_step(target, NULL);
1251 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1252 }
1253
1254 /* the front-end may request us not to handle breakpoints */
1255 if (handle_breakpoints)
1256 {
1257 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1258 {
1259 uint32_t next_pc;
1260
1261 /* there's a breakpoint at the current PC, we have to step over it */
1262 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1263 xscale_unset_breakpoint(target, breakpoint);
1264
1265 /* calculate PC of next instruction */
1266 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1267 {
1268 uint32_t current_opcode;
1269 target_read_u32(target, current_pc, &current_opcode);
1270 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1271 }
1272
1273 LOG_DEBUG("enable single-step");
1274 xscale_enable_single_step(target, next_pc);
1275
1276 /* restore banked registers */
1277 xscale_restore_context(target);
1278
1279 /* send resume request (command 0x30 or 0x31)
1280 * clean the trace buffer if it is to be enabled (0x62) */
1281 if (xscale->trace.buffer_enabled)
1282 {
1283 xscale_send_u32(target, 0x62);
1284 xscale_send_u32(target, 0x31);
1285 }
1286 else
1287 xscale_send_u32(target, 0x30);
1288
1289 /* send CPSR */
1290 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1291 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1292
1293 for (i = 7; i >= 0; i--)
1294 {
1295 /* send register */
1296 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1297 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1298 }
1299
1300 /* send PC */
1301 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1302 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1303
1304 /* wait for and process debug entry */
1305 xscale_debug_entry(target);
1306
1307 LOG_DEBUG("disable single-step");
1308 xscale_disable_single_step(target);
1309
1310 LOG_DEBUG("set breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1311 xscale_set_breakpoint(target, breakpoint);
1312 }
1313 }
1314
1315 /* enable any pending breakpoints and watchpoints */
1316 xscale_enable_breakpoints(target);
1317 xscale_enable_watchpoints(target);
1318
1319 /* restore banked registers */
1320 xscale_restore_context(target);
1321
1322 /* send resume request (command 0x30 or 0x31)
1323 * clean the trace buffer if it is to be enabled (0x62) */
1324 if (xscale->trace.buffer_enabled)
1325 {
1326 xscale_send_u32(target, 0x62);
1327 xscale_send_u32(target, 0x31);
1328 }
1329 else
1330 xscale_send_u32(target, 0x30);
1331
1332 /* send CPSR */
1333 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1334 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1335
1336 for (i = 7; i >= 0; i--)
1337 {
1338 /* send register */
1339 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1340 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1341 }
1342
1343 /* send PC */
1344 xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1345 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1346
1347 target->debug_reason = DBG_REASON_NOTHALTED;
1348
1349 if (!debug_execution)
1350 {
1351 /* registers are now invalid */
1352 armv4_5_invalidate_core_regs(target);
1353 target->state = TARGET_RUNNING;
1354 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1355 }
1356 else
1357 {
1358 target->state = TARGET_DEBUG_RUNNING;
1359 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1360 }
1361
1362 LOG_DEBUG("target resumed");
1363
1364 return ERROR_OK;
1365 }
1366
1367 static int xscale_step_inner(struct target_s *target, int current,
1368 uint32_t address, int handle_breakpoints)
1369 {
1370 armv4_5_common_t *armv4_5 = target->arch_info;
1371 xscale_common_t *xscale = armv4_5->arch_info;
1372
1373 uint32_t next_pc;
1374 int retval;
1375 int i;
1376
1377 target->debug_reason = DBG_REASON_SINGLESTEP;
1378
1379 /* calculate PC of next instruction */
1380 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1381 {
1382 uint32_t current_opcode, current_pc;
1383 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1384
1385 target_read_u32(target, current_pc, &current_opcode);
1386 LOG_ERROR("BUG: couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1387 return retval;
1388 }
1389
1390 LOG_DEBUG("enable single-step");
1391 if ((retval = xscale_enable_single_step(target, next_pc)) != ERROR_OK)
1392 return retval;
1393
1394 /* restore banked registers */
1395 if ((retval = xscale_restore_context(target)) != ERROR_OK)
1396 return retval;
1397
1398 /* send resume request (command 0x30 or 0x31)
1399 * clean the trace buffer if it is to be enabled (0x62) */
1400 if (xscale->trace.buffer_enabled)
1401 {
1402 if ((retval = xscale_send_u32(target, 0x62)) != ERROR_OK)
1403 return retval;
1404 if ((retval = xscale_send_u32(target, 0x31)) != ERROR_OK)
1405 return retval;
1406 }
1407 else
1408 if ((retval = xscale_send_u32(target, 0x30)) != ERROR_OK)
1409 return retval;
1410
1411 /* send CPSR */
1412 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32))) != ERROR_OK)
1413 return retval;
1414 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1415
1416 for (i = 7; i >= 0; i--)
1417 {
1418 /* send register */
1419 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32))) != ERROR_OK)
1420 return retval;
1421 LOG_DEBUG("writing r%i with value 0x%8.8" PRIx32 "", i, buf_get_u32(armv4_5->core_cache->reg_list[i].value, 0, 32));
1422 }
1423
1424 /* send PC */
1425 if ((retval = xscale_send_u32(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))) != ERROR_OK)
1426 return retval;
1427 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1428
1429 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1430
1431 /* registers are now invalid */
1432 if ((retval = armv4_5_invalidate_core_regs(target)) != ERROR_OK)
1433 return retval;
1434
1435 /* wait for and process debug entry */
1436 if ((retval = xscale_debug_entry(target)) != ERROR_OK)
1437 return retval;
1438
1439 LOG_DEBUG("disable single-step");
1440 if ((retval = xscale_disable_single_step(target)) != ERROR_OK)
1441 return retval;
1442
1443 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1444
1445 return ERROR_OK;
1446 }
1447
1448 static int xscale_step(struct target_s *target, int current,
1449 uint32_t address, int handle_breakpoints)
1450 {
1451 armv4_5_common_t *armv4_5 = target->arch_info;
1452 breakpoint_t *breakpoint = target->breakpoints;
1453
1454 uint32_t current_pc;
1455 int retval;
1456
1457 if (target->state != TARGET_HALTED)
1458 {
1459 LOG_WARNING("target not halted");
1460 return ERROR_TARGET_NOT_HALTED;
1461 }
1462
1463 /* current = 1: continue on current pc, otherwise continue at <address> */
1464 if (!current)
1465 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1466
1467 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1468
1469 /* if we're at the reset vector, we have to simulate the step */
1470 if (current_pc == 0x0)
1471 {
1472 if ((retval = arm_simulate_step(target, NULL)) != ERROR_OK)
1473 return retval;
1474 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1475
1476 target->debug_reason = DBG_REASON_SINGLESTEP;
1477 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1478
1479 return ERROR_OK;
1480 }
1481
1482 /* the front-end may request us not to handle breakpoints */
1483 if (handle_breakpoints)
1484 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1485 {
1486 if ((retval = xscale_unset_breakpoint(target, breakpoint)) != ERROR_OK)
1487 return retval;
1488 }
1489
1490 retval = xscale_step_inner(target, current, address, handle_breakpoints);
1491
1492 if (breakpoint)
1493 {
1494 xscale_set_breakpoint(target, breakpoint);
1495 }
1496
1497 LOG_DEBUG("target stepped");
1498
1499 return ERROR_OK;
1500
1501 }
1502
1503 static int xscale_assert_reset(target_t *target)
1504 {
1505 armv4_5_common_t *armv4_5 = target->arch_info;
1506 xscale_common_t *xscale = armv4_5->arch_info;
1507
1508 LOG_DEBUG("target->state: %s",
1509 target_state_name(target));
1510
1511 /* select DCSR instruction (set endstate to R-T-I to ensure we don't
1512 * end up in T-L-R, which would reset JTAG
1513 */
1514 jtag_set_end_state(TAP_IDLE);
1515 xscale_jtag_set_instr(target->tap, XSCALE_SELDCSR);
1516
1517 /* set Hold reset, Halt mode and Trap Reset */
1518 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1519 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1520 xscale_write_dcsr(target, 1, 0);
1521
1522 /* select BYPASS, because having DCSR selected caused problems on the PXA27x */
1523 xscale_jtag_set_instr(target->tap, 0x7f);
1524 jtag_execute_queue();
1525
1526 /* assert reset */
1527 jtag_add_reset(0, 1);
1528
1529 /* sleep 1ms, to be sure we fulfill any requirements */
1530 jtag_add_sleep(1000);
1531 jtag_execute_queue();
1532
1533 target->state = TARGET_RESET;
1534
1535 if (target->reset_halt)
1536 {
1537 int retval;
1538 if ((retval = target_halt(target)) != ERROR_OK)
1539 return retval;
1540 }
1541
1542 return ERROR_OK;
1543 }
1544
1545 static int xscale_deassert_reset(target_t *target)
1546 {
1547 armv4_5_common_t *armv4_5 = target->arch_info;
1548 xscale_common_t *xscale = armv4_5->arch_info;
1549 breakpoint_t *breakpoint = target->breakpoints;
1550
1551 LOG_DEBUG("-");
1552
1553 xscale->ibcr_available = 2;
1554 xscale->ibcr0_used = 0;
1555 xscale->ibcr1_used = 0;
1556
1557 xscale->dbr_available = 2;
1558 xscale->dbr0_used = 0;
1559 xscale->dbr1_used = 0;
1560
1561 /* mark all hardware breakpoints as unset */
1562 while (breakpoint)
1563 {
1564 if (breakpoint->type == BKPT_HARD)
1565 {
1566 breakpoint->set = 0;
1567 }
1568 breakpoint = breakpoint->next;
1569 }
1570
1571 armv4_5_invalidate_core_regs(target);
1572
1573 /* FIXME mark hardware watchpoints got unset too. Also,
1574 * at least some of the XScale registers are invalid...
1575 */
1576
1577 /*
1578 * REVISIT: *assumes* we had a SRST+TRST reset so the mini-icache
1579 * contents got invalidated. Safer to force that, so writing new
1580 * contents can't ever fail..
1581 */
1582 {
1583 uint32_t address;
1584 unsigned buf_cnt;
1585 const uint8_t *buffer = xscale_debug_handler;
1586 int retval;
1587
1588 /* release SRST */
1589 jtag_add_reset(0, 0);
1590
1591 /* wait 300ms; 150 and 100ms were not enough */
1592 jtag_add_sleep(300*1000);
1593
1594 jtag_add_runtest(2030, jtag_set_end_state(TAP_IDLE));
1595 jtag_execute_queue();
1596
1597 /* set Hold reset, Halt mode and Trap Reset */
1598 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1599 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1600 xscale_write_dcsr(target, 1, 0);
1601
1602 /* Load the debug handler into the mini-icache. Since
1603 * it's using halt mode (not monitor mode), it runs in
1604 * "Special Debug State" for access to registers, memory,
1605 * coprocessors, trace data, etc.
1606 */
1607 address = xscale->handler_address;
1608 for (unsigned binary_size = sizeof xscale_debug_handler - 1;
1609 binary_size > 0;
1610 binary_size -= buf_cnt, buffer += buf_cnt)
1611 {
1612 uint32_t cache_line[8];
1613 unsigned i;
1614
1615 buf_cnt = binary_size;
1616 if (buf_cnt > 32)
1617 buf_cnt = 32;
1618
1619 for (i = 0; i < buf_cnt; i += 4)
1620 {
1621 /* convert LE buffer to host-endian uint32_t */
1622 cache_line[i / 4] = le_to_h_u32(&buffer[i]);
1623 }
1624
1625 for (; i < 32; i += 4)
1626 {
1627 cache_line[i / 4] = 0xe1a08008;
1628 }
1629
1630 /* only load addresses other than the reset vectors */
1631 if ((address % 0x400) != 0x0)
1632 {
1633 retval = xscale_load_ic(target, address,
1634 cache_line);
1635 if (retval != ERROR_OK)
1636 return retval;
1637 }
1638
1639 address += buf_cnt;
1640 };
1641
1642 retval = xscale_load_ic(target, 0x0,
1643 xscale->low_vectors);
1644 if (retval != ERROR_OK)
1645 return retval;
1646 retval = xscale_load_ic(target, 0xffff0000,
1647 xscale->high_vectors);
1648 if (retval != ERROR_OK)
1649 return retval;
1650
1651 jtag_add_runtest(30, jtag_set_end_state(TAP_IDLE));
1652
1653 jtag_add_sleep(100000);
1654
1655 /* set Hold reset, Halt mode and Trap Reset */
1656 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 30, 1, 0x1);
1657 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 1, 0x1);
1658 xscale_write_dcsr(target, 1, 0);
1659
1660 /* clear Hold reset to let the target run (should enter debug handler) */
1661 xscale_write_dcsr(target, 0, 1);
1662 target->state = TARGET_RUNNING;
1663
1664 if (!target->reset_halt)
1665 {
1666 jtag_add_sleep(10000);
1667
1668 /* we should have entered debug now */
1669 xscale_debug_entry(target);
1670 target->state = TARGET_HALTED;
1671
1672 /* resume the target */
1673 xscale_resume(target, 1, 0x0, 1, 0);
1674 }
1675 }
1676
1677 return ERROR_OK;
1678 }
1679
1680 static int xscale_read_core_reg(struct target_s *target, int num,
1681 enum armv4_5_mode mode)
1682 {
1683 LOG_ERROR("not implemented");
1684 return ERROR_OK;
1685 }
1686
1687 static int xscale_write_core_reg(struct target_s *target, int num,
1688 enum armv4_5_mode mode, uint32_t value)
1689 {
1690 LOG_ERROR("not implemented");
1691 return ERROR_OK;
1692 }
1693
1694 static int xscale_full_context(target_t *target)
1695 {
1696 armv4_5_common_t *armv4_5 = target->arch_info;
1697
1698 uint32_t *buffer;
1699
1700 int i, j;
1701
1702 LOG_DEBUG("-");
1703
1704 if (target->state != TARGET_HALTED)
1705 {
1706 LOG_WARNING("target not halted");
1707 return ERROR_TARGET_NOT_HALTED;
1708 }
1709
1710 buffer = malloc(4 * 8);
1711
1712 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1713 * we can't enter User mode on an XScale (unpredictable),
1714 * but User shares registers with SYS
1715 */
1716 for (i = 1; i < 7; i++)
1717 {
1718 int valid = 1;
1719
1720 /* check if there are invalid registers in the current mode
1721 */
1722 for (j = 0; j <= 16; j++)
1723 {
1724 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1725 valid = 0;
1726 }
1727
1728 if (!valid)
1729 {
1730 uint32_t tmp_cpsr;
1731
1732 /* request banked registers */
1733 xscale_send_u32(target, 0x0);
1734
1735 tmp_cpsr = 0x0;
1736 tmp_cpsr |= armv4_5_number_to_mode(i);
1737 tmp_cpsr |= 0xc0; /* I/F bits */
1738
1739 /* send CPSR for desired mode */
1740 xscale_send_u32(target, tmp_cpsr);
1741
1742 /* get banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1743 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1744 {
1745 xscale_receive(target, buffer, 8);
1746 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, buffer[7]);
1747 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1748 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1749 }
1750 else
1751 {
1752 xscale_receive(target, buffer, 7);
1753 }
1754
1755 /* move data from buffer to register cache */
1756 for (j = 8; j <= 14; j++)
1757 {
1758 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value, 0, 32, buffer[j - 8]);
1759 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1760 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1761 }
1762 }
1763 }
1764
1765 free(buffer);
1766
1767 return ERROR_OK;
1768 }
1769
1770 static int xscale_restore_context(target_t *target)
1771 {
1772 armv4_5_common_t *armv4_5 = target->arch_info;
1773
1774 int i, j;
1775
1776 if (target->state != TARGET_HALTED)
1777 {
1778 LOG_WARNING("target not halted");
1779 return ERROR_TARGET_NOT_HALTED;
1780 }
1781
1782 /* iterate through processor modes (FIQ, IRQ, SVC, ABT, UND and SYS)
1783 * we can't enter User mode on an XScale (unpredictable),
1784 * but User shares registers with SYS
1785 */
1786 for (i = 1; i < 7; i++)
1787 {
1788 int dirty = 0;
1789
1790 /* check if there are invalid registers in the current mode
1791 */
1792 for (j = 8; j <= 14; j++)
1793 {
1794 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty == 1)
1795 dirty = 1;
1796 }
1797
1798 /* if not USR/SYS, check if the SPSR needs to be written */
1799 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1800 {
1801 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty == 1)
1802 dirty = 1;
1803 }
1804
1805 if (dirty)
1806 {
1807 uint32_t tmp_cpsr;
1808
1809 /* send banked registers */
1810 xscale_send_u32(target, 0x1);
1811
1812 tmp_cpsr = 0x0;
1813 tmp_cpsr |= armv4_5_number_to_mode(i);
1814 tmp_cpsr |= 0xc0; /* I/F bits */
1815
1816 /* send CPSR for desired mode */
1817 xscale_send_u32(target, tmp_cpsr);
1818
1819 /* send banked registers, r8 to r14, and spsr if not in USR/SYS mode */
1820 for (j = 8; j <= 14; j++)
1821 {
1822 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, j).value, 0, 32));
1823 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1824 }
1825
1826 if ((armv4_5_number_to_mode(i) != ARMV4_5_MODE_USR) && (armv4_5_number_to_mode(i) != ARMV4_5_MODE_SYS))
1827 {
1828 xscale_send_u32(target, buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32));
1829 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1830 }
1831 }
1832 }
1833
1834 return ERROR_OK;
1835 }
1836
1837 static int xscale_read_memory(struct target_s *target, uint32_t address,
1838 uint32_t size, uint32_t count, uint8_t *buffer)
1839 {
1840 armv4_5_common_t *armv4_5 = target->arch_info;
1841 xscale_common_t *xscale = armv4_5->arch_info;
1842 uint32_t *buf32;
1843 uint32_t i;
1844 int retval;
1845
1846 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32, address, size, count);
1847
1848 if (target->state != TARGET_HALTED)
1849 {
1850 LOG_WARNING("target not halted");
1851 return ERROR_TARGET_NOT_HALTED;
1852 }
1853
1854 /* sanitize arguments */
1855 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1856 return ERROR_INVALID_ARGUMENTS;
1857
1858 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1859 return ERROR_TARGET_UNALIGNED_ACCESS;
1860
1861 /* send memory read request (command 0x1n, n: access size) */
1862 if ((retval = xscale_send_u32(target, 0x10 | size)) != ERROR_OK)
1863 return retval;
1864
1865 /* send base address for read request */
1866 if ((retval = xscale_send_u32(target, address)) != ERROR_OK)
1867 return retval;
1868
1869 /* send number of requested data words */
1870 if ((retval = xscale_send_u32(target, count)) != ERROR_OK)
1871 return retval;
1872
1873 /* receive data from target (count times 32-bit words in host endianness) */
1874 buf32 = malloc(4 * count);
1875 if ((retval = xscale_receive(target, buf32, count)) != ERROR_OK)
1876 return retval;
1877
1878 /* extract data from host-endian buffer into byte stream */
1879 for (i = 0; i < count; i++)
1880 {
1881 switch (size)
1882 {
1883 case 4:
1884 target_buffer_set_u32(target, buffer, buf32[i]);
1885 buffer += 4;
1886 break;
1887 case 2:
1888 target_buffer_set_u16(target, buffer, buf32[i] & 0xffff);
1889 buffer += 2;
1890 break;
1891 case 1:
1892 *buffer++ = buf32[i] & 0xff;
1893 break;
1894 default:
1895 LOG_ERROR("should never get here");
1896 exit(-1);
1897 }
1898 }
1899
1900 free(buf32);
1901
1902 /* examine DCSR, to see if Sticky Abort (SA) got set */
1903 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
1904 return retval;
1905 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
1906 {
1907 /* clear SA bit */
1908 if ((retval = xscale_send_u32(target, 0x60)) != ERROR_OK)
1909 return retval;
1910
1911 return ERROR_TARGET_DATA_ABORT;
1912 }
1913
1914 return ERROR_OK;
1915 }
1916
1917 static int xscale_write_memory(struct target_s *target, uint32_t address,
1918 uint32_t size, uint32_t count, uint8_t *buffer)
1919 {
1920 armv4_5_common_t *armv4_5 = target->arch_info;
1921 xscale_common_t *xscale = armv4_5->arch_info;
1922 int retval;
1923
1924 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32, address, size, count);
1925
1926 if (target->state != TARGET_HALTED)
1927 {
1928 LOG_WARNING("target not halted");
1929 return ERROR_TARGET_NOT_HALTED;
1930 }
1931
1932 /* sanitize arguments */
1933 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1934 return ERROR_INVALID_ARGUMENTS;
1935
1936 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1937 return ERROR_TARGET_UNALIGNED_ACCESS;
1938
1939 /* send memory write request (command 0x2n, n: access size) */
1940 if ((retval = xscale_send_u32(target, 0x20 | size)) != ERROR_OK)
1941 return retval;
1942
1943 /* send base address for read request */
1944 if ((retval = xscale_send_u32(target, address)) != ERROR_OK)
1945 return retval;
1946
1947 /* send number of requested data words to be written*/
1948 if ((retval = xscale_send_u32(target, count)) != ERROR_OK)
1949 return retval;
1950
1951 /* extract data from host-endian buffer into byte stream */
1952 #if 0
1953 for (i = 0; i < count; i++)
1954 {
1955 switch (size)
1956 {
1957 case 4:
1958 value = target_buffer_get_u32(target, buffer);
1959 xscale_send_u32(target, value);
1960 buffer += 4;
1961 break;
1962 case 2:
1963 value = target_buffer_get_u16(target, buffer);
1964 xscale_send_u32(target, value);
1965 buffer += 2;
1966 break;
1967 case 1:
1968 value = *buffer;
1969 xscale_send_u32(target, value);
1970 buffer += 1;
1971 break;
1972 default:
1973 LOG_ERROR("should never get here");
1974 exit(-1);
1975 }
1976 }
1977 #endif
1978 if ((retval = xscale_send(target, buffer, count, size)) != ERROR_OK)
1979 return retval;
1980
1981 /* examine DCSR, to see if Sticky Abort (SA) got set */
1982 if ((retval = xscale_read_dcsr(target)) != ERROR_OK)
1983 return retval;
1984 if (buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 5, 1) == 1)
1985 {
1986 /* clear SA bit */
1987 if ((retval = xscale_send_u32(target, 0x60)) != ERROR_OK)
1988 return retval;
1989
1990 return ERROR_TARGET_DATA_ABORT;
1991 }
1992
1993 return ERROR_OK;
1994 }
1995
1996 static int xscale_bulk_write_memory(target_t *target, uint32_t address,
1997 uint32_t count, uint8_t *buffer)
1998 {
1999 return xscale_write_memory(target, address, 4, count, buffer);
2000 }
2001
2002 static uint32_t xscale_get_ttb(target_t *target)
2003 {
2004 armv4_5_common_t *armv4_5 = target->arch_info;
2005 xscale_common_t *xscale = armv4_5->arch_info;
2006 uint32_t ttb;
2007
2008 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_TTB]);
2009 ttb = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_TTB].value, 0, 32);
2010
2011 return ttb;
2012 }
2013
2014 static void xscale_disable_mmu_caches(target_t *target, int mmu,
2015 int d_u_cache, int i_cache)
2016 {
2017 armv4_5_common_t *armv4_5 = target->arch_info;
2018 xscale_common_t *xscale = armv4_5->arch_info;
2019 uint32_t cp15_control;
2020
2021 /* read cp15 control register */
2022 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2023 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2024
2025 if (mmu)
2026 cp15_control &= ~0x1U;
2027
2028 if (d_u_cache)
2029 {
2030 /* clean DCache */
2031 xscale_send_u32(target, 0x50);
2032 xscale_send_u32(target, xscale->cache_clean_address);
2033
2034 /* invalidate DCache */
2035 xscale_send_u32(target, 0x51);
2036
2037 cp15_control &= ~0x4U;
2038 }
2039
2040 if (i_cache)
2041 {
2042 /* invalidate ICache */
2043 xscale_send_u32(target, 0x52);
2044 cp15_control &= ~0x1000U;
2045 }
2046
2047 /* write new cp15 control register */
2048 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2049
2050 /* execute cpwait to ensure outstanding operations complete */
2051 xscale_send_u32(target, 0x53);
2052 }
2053
2054 static void xscale_enable_mmu_caches(target_t *target, int mmu,
2055 int d_u_cache, int i_cache)
2056 {
2057 armv4_5_common_t *armv4_5 = target->arch_info;
2058 xscale_common_t *xscale = armv4_5->arch_info;
2059 uint32_t cp15_control;
2060
2061 /* read cp15 control register */
2062 xscale_get_reg(&xscale->reg_cache->reg_list[XSCALE_CTRL]);
2063 cp15_control = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_CTRL].value, 0, 32);
2064
2065 if (mmu)
2066 cp15_control |= 0x1U;
2067
2068 if (d_u_cache)
2069 cp15_control |= 0x4U;
2070
2071 if (i_cache)
2072 cp15_control |= 0x1000U;
2073
2074 /* write new cp15 control register */
2075 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_CTRL], cp15_control);
2076
2077 /* execute cpwait to ensure outstanding operations complete */
2078 xscale_send_u32(target, 0x53);
2079 }
2080
2081 static int xscale_set_breakpoint(struct target_s *target,
2082 breakpoint_t *breakpoint)
2083 {
2084 int retval;
2085 armv4_5_common_t *armv4_5 = target->arch_info;
2086 xscale_common_t *xscale = armv4_5->arch_info;
2087
2088 if (target->state != TARGET_HALTED)
2089 {
2090 LOG_WARNING("target not halted");
2091 return ERROR_TARGET_NOT_HALTED;
2092 }
2093
2094 if (breakpoint->set)
2095 {
2096 LOG_WARNING("breakpoint already set");
2097 return ERROR_OK;
2098 }
2099
2100 if (breakpoint->type == BKPT_HARD)
2101 {
2102 uint32_t value = breakpoint->address | 1;
2103 if (!xscale->ibcr0_used)
2104 {
2105 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], value);
2106 xscale->ibcr0_used = 1;
2107 breakpoint->set = 1; /* breakpoint set on first breakpoint register */
2108 }
2109 else if (!xscale->ibcr1_used)
2110 {
2111 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], value);
2112 xscale->ibcr1_used = 1;
2113 breakpoint->set = 2; /* breakpoint set on second breakpoint register */
2114 }
2115 else
2116 {
2117 LOG_ERROR("BUG: no hardware comparator available");
2118 return ERROR_OK;
2119 }
2120 }
2121 else if (breakpoint->type == BKPT_SOFT)
2122 {
2123 if (breakpoint->length == 4)
2124 {
2125 /* keep the original instruction in target endianness */
2126 if ((retval = target_read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2127 {
2128 return retval;
2129 }
2130 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2131 if ((retval = target_write_u32(target, breakpoint->address, xscale->arm_bkpt)) != ERROR_OK)
2132 {
2133 return retval;
2134 }
2135 }
2136 else
2137 {
2138 /* keep the original instruction in target endianness */
2139 if ((retval = target_read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2140 {
2141 return retval;
2142 }
2143 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
2144 if ((retval = target_write_u32(target, breakpoint->address, xscale->thumb_bkpt)) != ERROR_OK)
2145 {
2146 return retval;
2147 }
2148 }
2149 breakpoint->set = 1;
2150 }
2151
2152 return ERROR_OK;
2153 }
2154
2155 static int xscale_add_breakpoint(struct target_s *target,
2156 breakpoint_t *breakpoint)
2157 {
2158 armv4_5_common_t *armv4_5 = target->arch_info;
2159 xscale_common_t *xscale = armv4_5->arch_info;
2160
2161 if (target->state != TARGET_HALTED)
2162 {
2163 LOG_WARNING("target not halted");
2164 return ERROR_TARGET_NOT_HALTED;
2165 }
2166
2167 if ((breakpoint->type == BKPT_HARD) && (xscale->ibcr_available < 1))
2168 {
2169 LOG_INFO("no breakpoint unit available for hardware breakpoint");
2170 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2171 }
2172
2173 if ((breakpoint->length != 2) && (breakpoint->length != 4))
2174 {
2175 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
2176 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2177 }
2178
2179 if (breakpoint->type == BKPT_HARD)
2180 {
2181 xscale->ibcr_available--;
2182 }
2183
2184 return ERROR_OK;
2185 }
2186
2187 static int xscale_unset_breakpoint(struct target_s *target,
2188 breakpoint_t *breakpoint)
2189 {
2190 int retval;
2191 armv4_5_common_t *armv4_5 = target->arch_info;
2192 xscale_common_t *xscale = armv4_5->arch_info;
2193
2194 if (target->state != TARGET_HALTED)
2195 {
2196 LOG_WARNING("target not halted");
2197 return ERROR_TARGET_NOT_HALTED;
2198 }
2199
2200 if (!breakpoint->set)
2201 {
2202 LOG_WARNING("breakpoint not set");
2203 return ERROR_OK;
2204 }
2205
2206 if (breakpoint->type == BKPT_HARD)
2207 {
2208 if (breakpoint->set == 1)
2209 {
2210 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR0], 0x0);
2211 xscale->ibcr0_used = 0;
2212 }
2213 else if (breakpoint->set == 2)
2214 {
2215 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_IBCR1], 0x0);
2216 xscale->ibcr1_used = 0;
2217 }
2218 breakpoint->set = 0;
2219 }
2220 else
2221 {
2222 /* restore original instruction (kept in target endianness) */
2223 if (breakpoint->length == 4)
2224 {
2225 if ((retval = target_write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
2226 {
2227 return retval;
2228 }
2229 }
2230 else
2231 {
2232 if ((retval = target_write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
2233 {
2234 return retval;
2235 }
2236 }
2237 breakpoint->set = 0;
2238 }
2239
2240 return ERROR_OK;
2241 }
2242
2243 static int xscale_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
2244 {
2245 armv4_5_common_t *armv4_5 = target->arch_info;
2246 xscale_common_t *xscale = armv4_5->arch_info;
2247
2248 if (target->state != TARGET_HALTED)
2249 {
2250 LOG_WARNING("target not halted");
2251 return ERROR_TARGET_NOT_HALTED;
2252 }
2253
2254 if (breakpoint->set)
2255 {
2256 xscale_unset_breakpoint(target, breakpoint);
2257 }
2258
2259 if (breakpoint->type == BKPT_HARD)
2260 xscale->ibcr_available++;
2261
2262 return ERROR_OK;
2263 }
2264
2265 static int xscale_set_watchpoint(struct target_s *target,
2266 watchpoint_t *watchpoint)
2267 {
2268 armv4_5_common_t *armv4_5 = target->arch_info;
2269 xscale_common_t *xscale = armv4_5->arch_info;
2270 uint8_t enable = 0;
2271 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2272 uint32_t dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2273
2274 if (target->state != TARGET_HALTED)
2275 {
2276 LOG_WARNING("target not halted");
2277 return ERROR_TARGET_NOT_HALTED;
2278 }
2279
2280 xscale_get_reg(dbcon);
2281
2282 switch (watchpoint->rw)
2283 {
2284 case WPT_READ:
2285 enable = 0x3;
2286 break;
2287 case WPT_ACCESS:
2288 enable = 0x2;
2289 break;
2290 case WPT_WRITE:
2291 enable = 0x1;
2292 break;
2293 default:
2294 LOG_ERROR("BUG: watchpoint->rw neither read, write nor access");
2295 }
2296
2297 if (!xscale->dbr0_used)
2298 {
2299 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR0], watchpoint->address);
2300 dbcon_value |= enable;
2301 xscale_set_reg_u32(dbcon, dbcon_value);
2302 watchpoint->set = 1;
2303 xscale->dbr0_used = 1;
2304 }
2305 else if (!xscale->dbr1_used)
2306 {
2307 xscale_set_reg_u32(&xscale->reg_cache->reg_list[XSCALE_DBR1], watchpoint->address);
2308 dbcon_value |= enable << 2;
2309 xscale_set_reg_u32(dbcon, dbcon_value);
2310 watchpoint->set = 2;
2311 xscale->dbr1_used = 1;
2312 }
2313 else
2314 {
2315 LOG_ERROR("BUG: no hardware comparator available");
2316 return ERROR_OK;
2317 }
2318
2319 return ERROR_OK;
2320 }
2321
2322 static int xscale_add_watchpoint(struct target_s *target,
2323 watchpoint_t *watchpoint)
2324 {
2325 armv4_5_common_t *armv4_5 = target->arch_info;
2326 xscale_common_t *xscale = armv4_5->arch_info;
2327
2328 if (target->state != TARGET_HALTED)
2329 {
2330 LOG_WARNING("target not halted");
2331 return ERROR_TARGET_NOT_HALTED;
2332 }
2333
2334 if (xscale->dbr_available < 1)
2335 {
2336 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2337 }
2338
2339 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
2340 {
2341 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2342 }
2343
2344 xscale->dbr_available--;
2345
2346 return ERROR_OK;
2347 }
2348
2349 static int xscale_unset_watchpoint(struct target_s *target,
2350 watchpoint_t *watchpoint)
2351 {
2352 armv4_5_common_t *armv4_5 = target->arch_info;
2353 xscale_common_t *xscale = armv4_5->arch_info;
2354 reg_t *dbcon = &xscale->reg_cache->reg_list[XSCALE_DBCON];
2355 uint32_t dbcon_value = buf_get_u32(dbcon->value, 0, 32);
2356
2357 if (target->state != TARGET_HALTED)
2358 {
2359 LOG_WARNING("target not halted");
2360 return ERROR_TARGET_NOT_HALTED;
2361 }
2362
2363 if (!watchpoint->set)
2364 {
2365 LOG_WARNING("breakpoint not set");
2366 return ERROR_OK;
2367 }
2368
2369 if (watchpoint->set == 1)
2370 {
2371 dbcon_value &= ~0x3;
2372 xscale_set_reg_u32(dbcon, dbcon_value);
2373 xscale->dbr0_used = 0;
2374 }
2375 else if (watchpoint->set == 2)
2376 {
2377 dbcon_value &= ~0xc;
2378 xscale_set_reg_u32(dbcon, dbcon_value);
2379 xscale->dbr1_used = 0;
2380 }
2381 watchpoint->set = 0;
2382
2383 return ERROR_OK;
2384 }
2385
2386 static int xscale_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
2387 {
2388 armv4_5_common_t *armv4_5 = target->arch_info;
2389 xscale_common_t *xscale = armv4_5->arch_info;
2390
2391 if (target->state != TARGET_HALTED)
2392 {
2393 LOG_WARNING("target not halted");
2394 return ERROR_TARGET_NOT_HALTED;
2395 }
2396
2397 if (watchpoint->set)
2398 {
2399 xscale_unset_watchpoint(target, watchpoint);
2400 }
2401
2402 xscale->dbr_available++;
2403
2404 return ERROR_OK;
2405 }
2406
2407 static int xscale_get_reg(reg_t *reg)
2408 {
2409 xscale_reg_t *arch_info = reg->arch_info;
2410 target_t *target = arch_info->target;
2411 armv4_5_common_t *armv4_5 = target->arch_info;
2412 xscale_common_t *xscale = armv4_5->arch_info;
2413
2414 /* DCSR, TX and RX are accessible via JTAG */
2415 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2416 {
2417 return xscale_read_dcsr(arch_info->target);
2418 }
2419 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2420 {
2421 /* 1 = consume register content */
2422 return xscale_read_tx(arch_info->target, 1);
2423 }
2424 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2425 {
2426 /* can't read from RX register (host -> debug handler) */
2427 return ERROR_OK;
2428 }
2429 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2430 {
2431 /* can't (explicitly) read from TXRXCTRL register */
2432 return ERROR_OK;
2433 }
2434 else /* Other DBG registers have to be transfered by the debug handler */
2435 {
2436 /* send CP read request (command 0x40) */
2437 xscale_send_u32(target, 0x40);
2438
2439 /* send CP register number */
2440 xscale_send_u32(target, arch_info->dbg_handler_number);
2441
2442 /* read register value */
2443 xscale_read_tx(target, 1);
2444 buf_cpy(xscale->reg_cache->reg_list[XSCALE_TX].value, reg->value, 32);
2445
2446 reg->dirty = 0;
2447 reg->valid = 1;
2448 }
2449
2450 return ERROR_OK;
2451 }
2452
2453 static int xscale_set_reg(reg_t *reg, uint8_t* buf)
2454 {
2455 xscale_reg_t *arch_info = reg->arch_info;
2456 target_t *target = arch_info->target;
2457 armv4_5_common_t *armv4_5 = target->arch_info;
2458 xscale_common_t *xscale = armv4_5->arch_info;
2459 uint32_t value = buf_get_u32(buf, 0, 32);
2460
2461 /* DCSR, TX and RX are accessible via JTAG */
2462 if (strcmp(reg->name, "XSCALE_DCSR") == 0)
2463 {
2464 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32, value);
2465 return xscale_write_dcsr(arch_info->target, -1, -1);
2466 }
2467 else if (strcmp(reg->name, "XSCALE_RX") == 0)
2468 {
2469 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_RX].value, 0, 32, value);
2470 return xscale_write_rx(arch_info->target);
2471 }
2472 else if (strcmp(reg->name, "XSCALE_TX") == 0)
2473 {
2474 /* can't write to TX register (debug-handler -> host) */
2475 return ERROR_OK;
2476 }
2477 else if (strcmp(reg->name, "XSCALE_TXRXCTRL") == 0)
2478 {
2479 /* can't (explicitly) write to TXRXCTRL register */
2480 return ERROR_OK;
2481 }
2482 else /* Other DBG registers have to be transfered by the debug handler */
2483 {
2484 /* send CP write request (command 0x41) */
2485 xscale_send_u32(target, 0x41);
2486
2487 /* send CP register number */
2488 xscale_send_u32(target, arch_info->dbg_handler_number);
2489
2490 /* send CP register value */
2491 xscale_send_u32(target, value);
2492 buf_set_u32(reg->value, 0, 32, value);
2493 }
2494
2495 return ERROR_OK;
2496 }
2497
2498 static int xscale_write_dcsr_sw(target_t *target, uint32_t value)
2499 {
2500 /* get pointers to arch-specific information */
2501 armv4_5_common_t *armv4_5 = target->arch_info;
2502 xscale_common_t *xscale = armv4_5->arch_info;
2503 reg_t *dcsr = &xscale->reg_cache->reg_list[XSCALE_DCSR];
2504 xscale_reg_t *dcsr_arch_info = dcsr->arch_info;
2505
2506 /* send CP write request (command 0x41) */
2507 xscale_send_u32(target, 0x41);
2508
2509 /* send CP register number */
2510 xscale_send_u32(target, dcsr_arch_info->dbg_handler_number);
2511
2512 /* send CP register value */
2513 xscale_send_u32(target, value);
2514 buf_set_u32(dcsr->value, 0, 32, value);
2515
2516 return ERROR_OK;
2517 }
2518
2519 static int xscale_read_trace(target_t *target)
2520 {
2521 /* get pointers to arch-specific information */
2522 armv4_5_common_t *armv4_5 = target->arch_info;
2523 xscale_common_t *xscale = armv4_5->arch_info;
2524 xscale_trace_data_t **trace_data_p;
2525
2526 /* 258 words from debug handler
2527 * 256 trace buffer entries
2528 * 2 checkpoint addresses
2529 */
2530 uint32_t trace_buffer[258];
2531 int is_address[256];
2532 int i, j;
2533
2534 if (target->state != TARGET_HALTED)
2535 {
2536 LOG_WARNING("target must be stopped to read trace data");
2537 return ERROR_TARGET_NOT_HALTED;
2538 }
2539
2540 /* send read trace buffer command (command 0x61) */
2541 xscale_send_u32(target, 0x61);
2542
2543 /* receive trace buffer content */
2544 xscale_receive(target, trace_buffer, 258);
2545
2546 /* parse buffer backwards to identify address entries */
2547 for (i = 255; i >= 0; i--)
2548 {
2549 is_address[i] = 0;
2550 if (((trace_buffer[i] & 0xf0) == 0x90) ||
2551 ((trace_buffer[i] & 0xf0) == 0xd0))
2552 {
2553 if (i >= 3)
2554 is_address[--i] = 1;
2555 if (i >= 2)
2556 is_address[--i] = 1;
2557 if (i >= 1)
2558 is_address[--i] = 1;
2559 if (i >= 0)
2560 is_address[--i] = 1;
2561 }
2562 }
2563
2564
2565 /* search first non-zero entry */
2566 for (j = 0; (j < 256) && (trace_buffer[j] == 0) && (!is_address[j]); j++)
2567 ;
2568
2569 if (j == 256)
2570 {
2571 LOG_DEBUG("no trace data collected");
2572 return ERROR_XSCALE_NO_TRACE_DATA;
2573 }
2574
2575 for (trace_data_p = &xscale->trace.data; *trace_data_p; trace_data_p = &(*trace_data_p)->next)
2576 ;
2577
2578 *trace_data_p = malloc(sizeof(xscale_trace_data_t));
2579 (*trace_data_p)->next = NULL;
2580 (*trace_data_p)->chkpt0 = trace_buffer[256];
2581 (*trace_data_p)->chkpt1 = trace_buffer[257];
2582 (*trace_data_p)->last_instruction = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2583 (*trace_data_p)->entries = malloc(sizeof(xscale_trace_entry_t) * (256 - j));
2584 (*trace_data_p)->depth = 256 - j;
2585
2586 for (i = j; i < 256; i++)
2587 {
2588 (*trace_data_p)->entries[i - j].data = trace_buffer[i];
2589 if (is_address[i])
2590 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_ADDRESS;
2591 else
2592 (*trace_data_p)->entries[i - j].type = XSCALE_TRACE_MESSAGE;
2593 }
2594
2595 return ERROR_OK;
2596 }
2597
2598 static int xscale_read_instruction(target_t *target,
2599 arm_instruction_t *instruction)
2600 {
2601 /* get pointers to arch-specific information */
2602 armv4_5_common_t *armv4_5 = target->arch_info;
2603 xscale_common_t *xscale = armv4_5->arch_info;
2604 int i;
2605 int section = -1;
2606 uint32_t size_read;
2607 uint32_t opcode;
2608 int retval;
2609
2610 if (!xscale->trace.image)
2611 return ERROR_TRACE_IMAGE_UNAVAILABLE;
2612
2613 /* search for the section the current instruction belongs to */
2614 for (i = 0; i < xscale->trace.image->num_sections; i++)
2615 {
2616 if ((xscale->trace.image->sections[i].base_address <= xscale->trace.current_pc) &&
2617 (xscale->trace.image->sections[i].base_address + xscale->trace.image->sections[i].size > xscale->trace.current_pc))
2618 {
2619 section = i;
2620 break;
2621 }
2622 }
2623
2624 if (section == -1)
2625 {
2626 /* current instruction couldn't be found in the image */
2627 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2628 }
2629
2630 if (xscale->trace.core_state == ARMV4_5_STATE_ARM)
2631 {
2632 uint8_t buf[4];
2633 if ((retval = image_read_section(xscale->trace.image, section,
2634 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2635 4, buf, &size_read)) != ERROR_OK)
2636 {
2637 LOG_ERROR("error while reading instruction: %i", retval);
2638 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2639 }
2640 opcode = target_buffer_get_u32(target, buf);
2641 arm_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2642 }
2643 else if (xscale->trace.core_state == ARMV4_5_STATE_THUMB)
2644 {
2645 uint8_t buf[2];
2646 if ((retval = image_read_section(xscale->trace.image, section,
2647 xscale->trace.current_pc - xscale->trace.image->sections[section].base_address,
2648 2, buf, &size_read)) != ERROR_OK)
2649 {
2650 LOG_ERROR("error while reading instruction: %i", retval);
2651 return ERROR_TRACE_INSTRUCTION_UNAVAILABLE;
2652 }
2653 opcode = target_buffer_get_u16(target, buf);
2654 thumb_evaluate_opcode(opcode, xscale->trace.current_pc, instruction);
2655 }
2656 else
2657 {
2658 LOG_ERROR("BUG: unknown core state encountered");
2659 exit(-1);
2660 }
2661
2662 return ERROR_OK;
2663 }
2664
2665 static int xscale_branch_address(xscale_trace_data_t *trace_data,
2666 int i, uint32_t *target)
2667 {
2668 /* if there are less than four entries prior to the indirect branch message
2669 * we can't extract the address */
2670 if (i < 4)
2671 {
2672 return -1;
2673 }
2674
2675 *target = (trace_data->entries[i-1].data) | (trace_data->entries[i-2].data << 8) |
2676 (trace_data->entries[i-3].data << 16) | (trace_data->entries[i-4].data << 24);
2677
2678 return 0;
2679 }
2680
2681 static int xscale_analyze_trace(target_t *target, command_context_t *cmd_ctx)
2682 {
2683 /* get pointers to arch-specific information */
2684 armv4_5_common_t *armv4_5 = target->arch_info;
2685 xscale_common_t *xscale = armv4_5->arch_info;
2686 int next_pc_ok = 0;
2687 uint32_t next_pc = 0x0;
2688 xscale_trace_data_t *trace_data = xscale->trace.data;
2689 int retval;
2690
2691 while (trace_data)
2692 {
2693 int i, chkpt;
2694 int rollover;
2695 int branch;
2696 int exception;
2697 xscale->trace.core_state = ARMV4_5_STATE_ARM;
2698
2699 chkpt = 0;
2700 rollover = 0;
2701
2702 for (i = 0; i < trace_data->depth; i++)
2703 {
2704 next_pc_ok = 0;
2705 branch = 0;
2706 exception = 0;
2707
2708 if (trace_data->entries[i].type == XSCALE_TRACE_ADDRESS)
2709 continue;
2710
2711 switch ((trace_data->entries[i].data & 0xf0) >> 4)
2712 {
2713 case 0: /* Exceptions */
2714 case 1:
2715 case 2:
2716 case 3:
2717 case 4:
2718 case 5:
2719 case 6:
2720 case 7:
2721 exception = (trace_data->entries[i].data & 0x70) >> 4;
2722 next_pc_ok = 1;
2723 next_pc = (trace_data->entries[i].data & 0xf0) >> 2;
2724 command_print(cmd_ctx, "--- exception %i ---", (trace_data->entries[i].data & 0xf0) >> 4);
2725 break;
2726 case 8: /* Direct Branch */
2727 branch = 1;
2728 break;
2729 case 9: /* Indirect Branch */
2730 branch = 1;
2731 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2732 {
2733 next_pc_ok = 1;
2734 }
2735 break;
2736 case 13: /* Checkpointed Indirect Branch */
2737 if (xscale_branch_address(trace_data, i, &next_pc) == 0)
2738 {
2739 next_pc_ok = 1;
2740 if (((chkpt == 0) && (next_pc != trace_data->chkpt0))
2741 || ((chkpt == 1) && (next_pc != trace_data->chkpt1)))
2742 LOG_WARNING("checkpointed indirect branch target address doesn't match checkpoint");
2743 }
2744 /* explicit fall-through */
2745 case 12: /* Checkpointed Direct Branch */
2746 branch = 1;
2747 if (chkpt == 0)
2748 {
2749 next_pc_ok = 1;
2750 next_pc = trace_data->chkpt0;
2751 chkpt++;
2752 }
2753 else if (chkpt == 1)
2754 {
2755 next_pc_ok = 1;
2756 next_pc = trace_data->chkpt0;
2757 chkpt++;
2758 }
2759 else
2760 {
2761 LOG_WARNING("more than two checkpointed branches encountered");
2762 }
2763 break;
2764 case 15: /* Roll-over */
2765 rollover++;
2766 continue;
2767 default: /* Reserved */
2768 command_print(cmd_ctx, "--- reserved trace message ---");
2769 LOG_ERROR("BUG: trace message %i is reserved", (trace_data->entries[i].data & 0xf0) >> 4);
2770 return ERROR_OK;
2771 }
2772
2773 if (xscale->trace.pc_ok)
2774 {
2775 int executed = (trace_data->entries[i].data & 0xf) + rollover * 16;
2776 arm_instruction_t instruction;
2777
2778 if ((exception == 6) || (exception == 7))
2779 {
2780 /* IRQ or FIQ exception, no instruction executed */
2781 executed -= 1;
2782 }
2783
2784 while (executed-- >= 0)
2785 {
2786 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2787 {
2788 /* can't continue tracing with no image available */
2789 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2790 {
2791 return retval;
2792 }
2793 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2794 {
2795 /* TODO: handle incomplete images */
2796 }
2797 }
2798
2799 /* a precise abort on a load to the PC is included in the incremental
2800 * word count, other instructions causing data aborts are not included
2801 */
2802 if ((executed == 0) && (exception == 4)
2803 && ((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDM)))
2804 {
2805 if ((instruction.type == ARM_LDM)
2806 && ((instruction.info.load_store_multiple.register_list & 0x8000) == 0))
2807 {
2808 executed--;
2809 }
2810 else if (((instruction.type >= ARM_LDR) && (instruction.type <= ARM_LDRSH))
2811 && (instruction.info.load_store.Rd != 15))
2812 {
2813 executed--;
2814 }
2815 }
2816
2817 /* only the last instruction executed
2818 * (the one that caused the control flow change)
2819 * could be a taken branch
2820 */
2821 if (((executed == -1) && (branch == 1)) &&
2822 (((instruction.type == ARM_B) ||
2823 (instruction.type == ARM_BL) ||
2824 (instruction.type == ARM_BLX)) &&
2825 (instruction.info.b_bl_bx_blx.target_address != 0xffffffff)))
2826 {
2827 xscale->trace.current_pc = instruction.info.b_bl_bx_blx.target_address;
2828 }
2829 else
2830 {
2831 xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2;
2832 }
2833 command_print(cmd_ctx, "%s", instruction.text);
2834 }
2835
2836 rollover = 0;
2837 }
2838
2839 if (next_pc_ok)
2840 {
2841 xscale->trace.current_pc = next_pc;
2842 xscale->trace.pc_ok = 1;
2843 }
2844 }
2845
2846 for (; xscale->trace.current_pc < trace_data->last_instruction; xscale->trace.current_pc += (xscale->trace.core_state == ARMV4_5_STATE_ARM) ? 4 : 2)
2847 {
2848 arm_instruction_t instruction;
2849 if ((retval = xscale_read_instruction(target, &instruction)) != ERROR_OK)
2850 {
2851 /* can't continue tracing with no image available */
2852 if (retval == ERROR_TRACE_IMAGE_UNAVAILABLE)
2853 {
2854 return retval;
2855 }
2856 else if (retval == ERROR_TRACE_INSTRUCTION_UNAVAILABLE)
2857 {
2858 /* TODO: handle incomplete images */
2859 }
2860 }
2861 command_print(cmd_ctx, "%s", instruction.text);
2862 }
2863
2864 trace_data = trace_data->next;
2865 }
2866
2867 return ERROR_OK;
2868 }
2869
2870 static void xscale_build_reg_cache(target_t *target)
2871 {
2872 /* get pointers to arch-specific information */
2873 armv4_5_common_t *armv4_5 = target->arch_info;
2874 xscale_common_t *xscale = armv4_5->arch_info;
2875
2876 reg_cache_t **cache_p = register_get_last_cache_p(&target->reg_cache);
2877 xscale_reg_t *arch_info = malloc(sizeof(xscale_reg_arch_info));
2878 int i;
2879 int num_regs = sizeof(xscale_reg_arch_info) / sizeof(xscale_reg_t);
2880
2881 (*cache_p) = armv4_5_build_reg_cache(target, armv4_5);
2882 armv4_5->core_cache = (*cache_p);
2883
2884 /* register a register arch-type for XScale dbg registers only once */
2885 if (xscale_reg_arch_type == -1)
2886 xscale_reg_arch_type = register_reg_arch_type(xscale_get_reg, xscale_set_reg);
2887
2888 (*cache_p)->next = malloc(sizeof(reg_cache_t));
2889 cache_p = &(*cache_p)->next;
2890
2891 /* fill in values for the xscale reg cache */
2892 (*cache_p)->name = "XScale registers";
2893 (*cache_p)->next = NULL;
2894 (*cache_p)->reg_list = malloc(num_regs * sizeof(reg_t));
2895 (*cache_p)->num_regs = num_regs;
2896
2897 for (i = 0; i < num_regs; i++)
2898 {
2899 (*cache_p)->reg_list[i].name = xscale_reg_list[i];
2900 (*cache_p)->reg_list[i].value = calloc(4, 1);
2901 (*cache_p)->reg_list[i].dirty = 0;
2902 (*cache_p)->reg_list[i].valid = 0;
2903 (*cache_p)->reg_list[i].size = 32;
2904 (*cache_p)->reg_list[i].bitfield_desc = NULL;
2905 (*cache_p)->reg_list[i].num_bitfields = 0;
2906 (*cache_p)->reg_list[i].arch_info = &arch_info[i];
2907 (*cache_p)->reg_list[i].arch_type = xscale_reg_arch_type;
2908 arch_info[i] = xscale_reg_arch_info[i];
2909 arch_info[i].target = target;
2910 }
2911
2912 xscale->reg_cache = (*cache_p);
2913 }
2914
2915 static int xscale_init_target(struct command_context_s *cmd_ctx,
2916 struct target_s *target)
2917 {
2918 xscale_build_reg_cache(target);
2919 return ERROR_OK;
2920 }
2921
2922 static int xscale_init_arch_info(target_t *target,
2923 xscale_common_t *xscale, jtag_tap_t *tap, const char *variant)
2924 {
2925 armv4_5_common_t *armv4_5;
2926 uint32_t high_reset_branch, low_reset_branch;
2927 int i;
2928
2929 armv4_5 = &xscale->armv4_5_common;
2930
2931 /* store architecture specfic data (none so far) */
2932 xscale->arch_info = NULL;
2933 xscale->common_magic = XSCALE_COMMON_MAGIC;
2934
2935 /* we don't really *need* variant info ... */
2936 if (variant) {
2937 int ir_length = 0;
2938
2939 if (strcmp(variant, "pxa250") == 0
2940 || strcmp(variant, "pxa255") == 0
2941 || strcmp(variant, "pxa26x") == 0)
2942 ir_length = 5;
2943 else if (strcmp(variant, "pxa27x") == 0
2944 || strcmp(variant, "ixp42x") == 0
2945 || strcmp(variant, "ixp45x") == 0
2946 || strcmp(variant, "ixp46x") == 0)
2947 ir_length = 7;
2948 else
2949 LOG_WARNING("%s: unrecognized variant %s",
2950 tap->dotted_name, variant);
2951
2952 if (ir_length && ir_length != tap->ir_length) {
2953 LOG_WARNING("%s: IR length for %s is %d; fixing",
2954 tap->dotted_name, variant, ir_length);
2955 tap->ir_length = ir_length;
2956 }
2957 }
2958
2959 /* the debug handler isn't installed (and thus not running) at this time */
2960 xscale->handler_address = 0xfe000800;
2961
2962 /* clear the vectors we keep locally for reference */
2963 memset(xscale->low_vectors, 0, sizeof(xscale->low_vectors));
2964 memset(xscale->high_vectors, 0, sizeof(xscale->high_vectors));
2965
2966 /* no user-specified vectors have been configured yet */
2967 xscale->static_low_vectors_set = 0x0;
2968 xscale->static_high_vectors_set = 0x0;
2969
2970 /* calculate branches to debug handler */
2971 low_reset_branch = (xscale->handler_address + 0x20 - 0x0 - 0x8) >> 2;
2972 high_reset_branch = (xscale->handler_address + 0x20 - 0xffff0000 - 0x8) >> 2;
2973
2974 xscale->low_vectors[0] = ARMV4_5_B((low_reset_branch & 0xffffff), 0);
2975 xscale->high_vectors[0] = ARMV4_5_B((high_reset_branch & 0xffffff), 0);
2976
2977 for (i = 1; i <= 7; i++)
2978 {
2979 xscale->low_vectors[i] = ARMV4_5_B(0xfffffe, 0);
2980 xscale->high_vectors[i] = ARMV4_5_B(0xfffffe, 0);
2981 }
2982
2983 /* 64kB aligned region used for DCache cleaning */
2984 xscale->cache_clean_address = 0xfffe0000;
2985
2986 xscale->hold_rst = 0;
2987 xscale->external_debug_break = 0;
2988
2989 xscale->ibcr_available = 2;
2990 xscale->ibcr0_used = 0;
2991 xscale->ibcr1_used = 0;
2992
2993 xscale->dbr_available = 2;
2994 xscale->dbr0_used = 0;
2995 xscale->dbr1_used = 0;
2996
2997 xscale->arm_bkpt = ARMV5_BKPT(0x0);
2998 xscale->thumb_bkpt = ARMV5_T_BKPT(0x0) & 0xffff;
2999
3000 xscale->vector_catch = 0x1;
3001
3002 xscale->trace.capture_status = TRACE_IDLE;
3003 xscale->trace.data = NULL;
3004 xscale->trace.image = NULL;
3005 xscale->trace.buffer_enabled = 0;
3006 xscale->trace.buffer_fill = 0;
3007
3008 /* prepare ARMv4/5 specific information */
3009 armv4_5->arch_info = xscale;
3010 armv4_5->read_core_reg = xscale_read_core_reg;
3011 armv4_5->write_core_reg = xscale_write_core_reg;
3012 armv4_5->full_context = xscale_full_context;
3013
3014 armv4_5_init_arch_info(target, armv4_5);
3015
3016 xscale->armv4_5_mmu.armv4_5_cache.ctype = -1;
3017 xscale->armv4_5_mmu.get_ttb = xscale_get_ttb;
3018 xscale->armv4_5_mmu.read_memory = xscale_read_memory;
3019 xscale->armv4_5_mmu.write_memory = xscale_write_memory;
3020 xscale->armv4_5_mmu.disable_mmu_caches = xscale_disable_mmu_caches;
3021 xscale->armv4_5_mmu.enable_mmu_caches = xscale_enable_mmu_caches;
3022 xscale->armv4_5_mmu.has_tiny_pages = 1;
3023 xscale->armv4_5_mmu.mmu_enabled = 0;
3024
3025 return ERROR_OK;
3026 }
3027
3028 static int xscale_target_create(struct target_s *target, Jim_Interp *interp)
3029 {
3030 xscale_common_t *xscale;
3031
3032 if (sizeof xscale_debug_handler - 1 > 0x800) {
3033 LOG_ERROR("debug_handler.bin: larger than 2kb");
3034 return ERROR_FAIL;
3035 }
3036
3037 xscale = calloc(1, sizeof(*xscale));
3038 if (!xscale)
3039 return ERROR_FAIL;
3040
3041 return xscale_init_arch_info(target, xscale, target->tap,
3042 target->variant);
3043 }
3044
3045 static int
3046 xscale_handle_debug_handler_command(struct command_context_s *cmd_ctx,
3047 char *cmd, char **args, int argc)
3048 {
3049 target_t *target = NULL;
3050 armv4_5_common_t *armv4_5;
3051 xscale_common_t *xscale;
3052
3053 uint32_t handler_address;
3054
3055 if (argc < 2)
3056 {
3057 LOG_ERROR("'xscale debug_handler <target#> <address>' command takes two required operands");
3058 return ERROR_OK;
3059 }
3060
3061 if ((target = get_target(args[0])) == NULL)
3062 {
3063 LOG_ERROR("target '%s' not defined", args[0]);
3064 return ERROR_FAIL;
3065 }
3066
3067 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3068 {
3069 return ERROR_FAIL;
3070 }
3071
3072 COMMAND_PARSE_NUMBER(u32, args[1], handler_address);
3073
3074 if (((handler_address >= 0x800) && (handler_address <= 0x1fef800)) ||
3075 ((handler_address >= 0xfe000800) && (handler_address <= 0xfffff800)))
3076 {
3077 xscale->handler_address = handler_address;
3078 }
3079 else
3080 {
3081 LOG_ERROR("xscale debug_handler <address> must be between 0x800 and 0x1fef800 or between 0xfe000800 and 0xfffff800");
3082 return ERROR_FAIL;
3083 }
3084
3085 return ERROR_OK;
3086 }
3087
3088 static int
3089 xscale_handle_cache_clean_address_command(struct command_context_s *cmd_ctx,
3090 char *cmd, char **args, int argc)
3091 {
3092 target_t *target = NULL;
3093 armv4_5_common_t *armv4_5;
3094 xscale_common_t *xscale;
3095
3096 uint32_t cache_clean_address;
3097
3098 if (argc < 2)
3099 {
3100 return ERROR_COMMAND_SYNTAX_ERROR;
3101 }
3102
3103 target = get_target(args[0]);
3104 if (target == NULL)
3105 {
3106 LOG_ERROR("target '%s' not defined", args[0]);
3107 return ERROR_FAIL;
3108 }
3109
3110 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3111 {
3112 return ERROR_FAIL;
3113 }
3114
3115 COMMAND_PARSE_NUMBER(u32, args[1], cache_clean_address);
3116
3117 if (cache_clean_address & 0xffff)
3118 {
3119 LOG_ERROR("xscale cache_clean_address <address> must be 64kb aligned");
3120 }
3121 else
3122 {
3123 xscale->cache_clean_address = cache_clean_address;
3124 }
3125
3126 return ERROR_OK;
3127 }
3128
3129 static int
3130 xscale_handle_cache_info_command(struct command_context_s *cmd_ctx,
3131 char *cmd, char **args, int argc)
3132 {
3133 target_t *target = get_current_target(cmd_ctx);
3134 armv4_5_common_t *armv4_5;
3135 xscale_common_t *xscale;
3136
3137 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3138 {
3139 return ERROR_OK;
3140 }
3141
3142 return armv4_5_handle_cache_info_command(cmd_ctx, &xscale->armv4_5_mmu.armv4_5_cache);
3143 }
3144
3145 static int xscale_virt2phys(struct target_s *target,
3146 uint32_t virtual, uint32_t *physical)
3147 {
3148 armv4_5_common_t *armv4_5;
3149 xscale_common_t *xscale;
3150 int retval;
3151 int type;
3152 uint32_t cb;
3153 int domain;
3154 uint32_t ap;
3155
3156 if ((retval = xscale_get_arch_pointers(target, &armv4_5, &xscale)) != ERROR_OK)
3157 {
3158 return retval;
3159 }
3160 uint32_t ret = armv4_5_mmu_translate_va(target, &xscale->armv4_5_mmu, virtual, &type, &cb, &domain, &ap);
3161 if (type == -1)
3162 {
3163 return ret;
3164 }
3165 *physical = ret;
3166 return ERROR_OK;
3167 }
3168
3169 static int xscale_mmu(struct target_s *target, int *enabled)
3170 {
3171 armv4_5_common_t *armv4_5 = target->arch_info;
3172 xscale_common_t *xscale = armv4_5->arch_info;
3173
3174 if (target->state != TARGET_HALTED)
3175 {
3176 LOG_ERROR("Target not halted");
3177 return ERROR_TARGET_INVALID;
3178 }
3179 *enabled = xscale->armv4_5_mmu.mmu_enabled;
3180 return ERROR_OK;
3181 }
3182
3183 static int xscale_handle_mmu_command(command_context_t *cmd_ctx,
3184 char *cmd, char **args, int argc)
3185 {
3186 target_t *target = get_current_target(cmd_ctx);
3187 armv4_5_common_t *armv4_5;
3188 xscale_common_t *xscale;
3189
3190 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3191 {
3192 return ERROR_OK;
3193 }
3194
3195 if (target->state != TARGET_HALTED)
3196 {
3197 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3198 return ERROR_OK;
3199 }
3200
3201 if (argc >= 1)
3202 {
3203 if (strcmp("enable", args[0]) == 0)
3204 {
3205 xscale_enable_mmu_caches(target, 1, 0, 0);
3206 xscale->armv4_5_mmu.mmu_enabled = 1;
3207 }
3208 else if (strcmp("disable", args[0]) == 0)
3209 {
3210 xscale_disable_mmu_caches(target, 1, 0, 0);
3211 xscale->armv4_5_mmu.mmu_enabled = 0;
3212 }
3213 }
3214
3215 command_print(cmd_ctx, "mmu %s", (xscale->armv4_5_mmu.mmu_enabled) ? "enabled" : "disabled");
3216
3217 return ERROR_OK;
3218 }
3219
3220 static int xscale_handle_idcache_command(command_context_t *cmd_ctx,
3221 char *cmd, char **args, int argc)
3222 {
3223 target_t *target = get_current_target(cmd_ctx);
3224 armv4_5_common_t *armv4_5;
3225 xscale_common_t *xscale;
3226 int icache = 0, dcache = 0;
3227
3228 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3229 {
3230 return ERROR_OK;
3231 }
3232
3233 if (target->state != TARGET_HALTED)
3234 {
3235 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3236 return ERROR_OK;
3237 }
3238
3239 if (strcmp(cmd, "icache") == 0)
3240 icache = 1;
3241 else if (strcmp(cmd, "dcache") == 0)
3242 dcache = 1;
3243
3244 if (argc >= 1)
3245 {
3246 if (strcmp("enable", args[0]) == 0)
3247 {
3248 xscale_enable_mmu_caches(target, 0, dcache, icache);
3249
3250 if (icache)
3251 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 1;
3252 else if (dcache)
3253 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 1;
3254 }
3255 else if (strcmp("disable", args[0]) == 0)
3256 {
3257 xscale_disable_mmu_caches(target, 0, dcache, icache);
3258
3259 if (icache)
3260 xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
3261 else if (dcache)
3262 xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
3263 }
3264 }
3265
3266 if (icache)
3267 command_print(cmd_ctx, "icache %s", (xscale->armv4_5_mmu.armv4_5_cache.i_cache_enabled) ? "enabled" : "disabled");
3268
3269 if (dcache)
3270 command_print(cmd_ctx, "dcache %s", (xscale->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) ? "enabled" : "disabled");
3271
3272 return ERROR_OK;
3273 }
3274
3275 static int xscale_handle_vector_catch_command(command_context_t *cmd_ctx,
3276 char *cmd, char **args, int argc)
3277 {
3278 target_t *target = get_current_target(cmd_ctx);
3279 armv4_5_common_t *armv4_5;
3280 xscale_common_t *xscale;
3281
3282 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3283 {
3284 return ERROR_OK;
3285 }
3286
3287 if (argc < 1)
3288 {
3289 command_print(cmd_ctx, "usage: xscale vector_catch [mask]");
3290 }
3291 else
3292 {
3293 COMMAND_PARSE_NUMBER(u8, args[0], xscale->vector_catch);
3294 buf_set_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 16, 8, xscale->vector_catch);
3295 xscale_write_dcsr(target, -1, -1);
3296 }
3297
3298 command_print(cmd_ctx, "vector catch mask: 0x%2.2x", xscale->vector_catch);
3299
3300 return ERROR_OK;
3301 }
3302
3303
3304 static int xscale_handle_vector_table_command(command_context_t *cmd_ctx,
3305 char *cmd, char **args, int argc)
3306 {
3307 target_t *target = get_current_target(cmd_ctx);
3308 armv4_5_common_t *armv4_5;
3309 xscale_common_t *xscale;
3310 int err = 0;
3311
3312 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3313 {
3314 return ERROR_OK;
3315 }
3316
3317 if (argc == 0) /* print current settings */
3318 {
3319 int idx;
3320
3321 command_print(cmd_ctx, "active user-set static vectors:");
3322 for (idx = 1; idx < 8; idx++)
3323 if (xscale->static_low_vectors_set & (1 << idx))
3324 command_print(cmd_ctx, "low %d: 0x%" PRIx32, idx, xscale->static_low_vectors[idx]);
3325 for (idx = 1; idx < 8; idx++)
3326 if (xscale->static_high_vectors_set & (1 << idx))
3327 command_print(cmd_ctx, "high %d: 0x%" PRIx32, idx, xscale->static_high_vectors[idx]);
3328 return ERROR_OK;
3329 }
3330
3331 if (argc != 3)
3332 err = 1;
3333 else
3334 {
3335 int idx;
3336 COMMAND_PARSE_NUMBER(int, args[1], idx);
3337 uint32_t vec;
3338 COMMAND_PARSE_NUMBER(u32, args[2], vec);
3339
3340 if (idx < 1 || idx >= 8)
3341 err = 1;
3342
3343 if (!err && strcmp(args[0], "low") == 0)
3344 {
3345 xscale->static_low_vectors_set |= (1<<idx);
3346 xscale->static_low_vectors[idx] = vec;
3347 }
3348 else if (!err && (strcmp(args[0], "high") == 0))
3349 {
3350 xscale->static_high_vectors_set |= (1<<idx);
3351 xscale->static_high_vectors[idx] = vec;
3352 }
3353 else
3354 err = 1;
3355 }
3356
3357 if (err)
3358 command_print(cmd_ctx, "usage: xscale vector_table <high|low> <index> <code>");
3359
3360 return ERROR_OK;
3361 }
3362
3363
3364 static int
3365 xscale_handle_trace_buffer_command(struct command_context_s *cmd_ctx,
3366 char *cmd, char **args, int argc)
3367 {
3368 target_t *target = get_current_target(cmd_ctx);
3369 armv4_5_common_t *armv4_5;
3370 xscale_common_t *xscale;
3371 uint32_t dcsr_value;
3372
3373 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3374 {
3375 return ERROR_OK;
3376 }
3377
3378 if (target->state != TARGET_HALTED)
3379 {
3380 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3381 return ERROR_OK;
3382 }
3383
3384 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
3385 {
3386 xscale_trace_data_t *td, *next_td;
3387 xscale->trace.buffer_enabled = 1;
3388
3389 /* free old trace data */
3390 td = xscale->trace.data;
3391 while (td)
3392 {
3393 next_td = td->next;
3394
3395 if (td->entries)
3396 free(td->entries);
3397 free(td);
3398 td = next_td;
3399 }
3400 xscale->trace.data = NULL;
3401 }
3402 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
3403 {
3404 xscale->trace.buffer_enabled = 0;
3405 }
3406
3407 if ((argc >= 2) && (strcmp("fill", args[1]) == 0))
3408 {
3409 uint32_t fill = 1;
3410 if (argc >= 3)
3411 COMMAND_PARSE_NUMBER(u32, args[2], fill);
3412 xscale->trace.buffer_fill = fill;
3413 }
3414 else if ((argc >= 2) && (strcmp("wrap", args[1]) == 0))
3415 {
3416 xscale->trace.buffer_fill = -1;
3417 }
3418
3419 if (xscale->trace.buffer_enabled)
3420 {
3421 /* if we enable the trace buffer in fill-once
3422 * mode we know the address of the first instruction */
3423 xscale->trace.pc_ok = 1;
3424 xscale->trace.current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
3425 }
3426 else
3427 {
3428 /* otherwise the address is unknown, and we have no known good PC */
3429 xscale->trace.pc_ok = 0;
3430 }
3431
3432 command_print(cmd_ctx, "trace buffer %s (%s)",
3433 (xscale->trace.buffer_enabled) ? "enabled" : "disabled",
3434 (xscale->trace.buffer_fill > 0) ? "fill" : "wrap");
3435
3436 dcsr_value = buf_get_u32(xscale->reg_cache->reg_list[XSCALE_DCSR].value, 0, 32);
3437 if (xscale->trace.buffer_fill >= 0)
3438 xscale_write_dcsr_sw(target, (dcsr_value & 0xfffffffc) | 2);
3439 else
3440 xscale_write_dcsr_sw(target, dcsr_value & 0xfffffffc);
3441
3442 return ERROR_OK;
3443 }
3444
3445 static int
3446 xscale_handle_trace_image_command(struct command_context_s *cmd_ctx,
3447 char *cmd, char **args, int argc)
3448 {
3449 target_t *target;
3450 armv4_5_common_t *armv4_5;
3451 xscale_common_t *xscale;
3452
3453 if (argc < 1)
3454 {
3455 command_print(cmd_ctx, "usage: xscale trace_image <file> [base address] [type]");
3456 return ERROR_OK;
3457 }
3458
3459 target = get_current_target(cmd_ctx);
3460
3461 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3462 {
3463 return ERROR_OK;
3464 }
3465
3466 if (xscale->trace.image)
3467 {
3468 image_close(xscale->trace.image);
3469 free(xscale->trace.image);
3470 command_print(cmd_ctx, "previously loaded image found and closed");
3471 }
3472
3473 xscale->trace.image = malloc(sizeof(image_t));
3474 xscale->trace.image->base_address_set = 0;
3475 xscale->trace.image->start_address_set = 0;
3476
3477 /* a base address isn't always necessary, default to 0x0 (i.e. don't relocate) */
3478 if (argc >= 2)
3479 {
3480 xscale->trace.image->base_address_set = 1;
3481 COMMAND_PARSE_NUMBER(int, args[1], xscale->trace.image->base_address);
3482 }
3483 else
3484 {
3485 xscale->trace.image->base_address_set = 0;
3486 }
3487
3488 if (image_open(xscale->trace.image, args[0], (argc >= 3) ? args[2] : NULL) != ERROR_OK)
3489 {
3490 free(xscale->trace.image);
3491 xscale->trace.image = NULL;
3492 return ERROR_OK;
3493 }
3494
3495 return ERROR_OK;
3496 }
3497
3498 static int xscale_handle_dump_trace_command(struct command_context_s *cmd_ctx,
3499 char *cmd, char **args, int argc)
3500 {
3501 target_t *target = get_current_target(cmd_ctx);
3502 armv4_5_common_t *armv4_5;
3503 xscale_common_t *xscale;
3504 xscale_trace_data_t *trace_data;
3505 fileio_t file;
3506
3507 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3508 {
3509 return ERROR_OK;
3510 }
3511
3512 if (target->state != TARGET_HALTED)
3513 {
3514 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3515 return ERROR_OK;
3516 }
3517
3518 if (argc < 1)
3519 {
3520 command_print(cmd_ctx, "usage: xscale dump_trace <file>");
3521 return ERROR_OK;
3522 }
3523
3524 trace_data = xscale->trace.data;
3525
3526 if (!trace_data)
3527 {
3528 command_print(cmd_ctx, "no trace data collected");
3529 return ERROR_OK;
3530 }
3531
3532 if (fileio_open(&file, args[0], FILEIO_WRITE, FILEIO_BINARY) != ERROR_OK)
3533 {
3534 return ERROR_OK;
3535 }
3536
3537 while (trace_data)
3538 {
3539 int i;
3540
3541 fileio_write_u32(&file, trace_data->chkpt0);
3542 fileio_write_u32(&file, trace_data->chkpt1);
3543 fileio_write_u32(&file, trace_data->last_instruction);
3544 fileio_write_u32(&file, trace_data->depth);
3545
3546 for (i = 0; i < trace_data->depth; i++)
3547 fileio_write_u32(&file, trace_data->entries[i].data | ((trace_data->entries[i].type & 0xffff) << 16));
3548
3549 trace_data = trace_data->next;
3550 }
3551
3552 fileio_close(&file);
3553
3554 return ERROR_OK;
3555 }
3556
3557 static int
3558 xscale_handle_analyze_trace_buffer_command(struct command_context_s *cmd_ctx,
3559 char *cmd, char **args, int argc)
3560 {
3561 target_t *target = get_current_target(cmd_ctx);
3562 armv4_5_common_t *armv4_5;
3563 xscale_common_t *xscale;
3564
3565 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3566 {
3567 return ERROR_OK;
3568 }
3569
3570 xscale_analyze_trace(target, cmd_ctx);
3571
3572 return ERROR_OK;
3573 }
3574
3575 static int xscale_handle_cp15(command_context_t *cmd_ctx,
3576 char *cmd, char **args, int argc)
3577 {
3578 target_t *target = get_current_target(cmd_ctx);
3579 armv4_5_common_t *armv4_5;
3580 xscale_common_t *xscale;
3581
3582 if (xscale_get_arch_pointers(target, &armv4_5, &xscale) != ERROR_OK)
3583 {
3584 return ERROR_OK;
3585 }
3586
3587 if (target->state != TARGET_HALTED)
3588 {
3589 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
3590 return ERROR_OK;
3591 }
3592 uint32_t reg_no = 0;
3593 reg_t *reg = NULL;
3594 if (argc > 0)
3595 {
3596 COMMAND_PARSE_NUMBER(u32, args[0], reg_no);
3597 /*translate from xscale cp15 register no to openocd register*/
3598 switch (reg_no)
3599 {
3600 case 0:
3601 reg_no = XSCALE_MAINID;
3602 break;
3603 case 1:
3604 reg_no = XSCALE_CTRL;
3605 break;
3606 case 2:
3607 reg_no = XSCALE_TTB;
3608 break;
3609 case 3:
3610 reg_no = XSCALE_DAC;
3611 break;
3612 case 5:
3613 reg_no = XSCALE_FSR;
3614 break;
3615 case 6:
3616 reg_no = XSCALE_FAR;
3617 break;
3618 case 13:
3619 reg_no = XSCALE_PID;
3620 break;
3621 case 15:
3622 reg_no = XSCALE_CPACCESS;
3623 break;
3624 default:
3625 command_print(cmd_ctx, "invalid register number");
3626 return ERROR_INVALID_ARGUMENTS;
3627 }
3628 reg = &xscale->reg_cache->reg_list[reg_no];
3629
3630 }
3631 if (argc == 1)
3632 {
3633 uint32_t value;
3634
3635 /* read cp15 control register */
3636 xscale_get_reg(reg);
3637 value = buf_get_u32(reg->value, 0, 32);
3638 command_print(cmd_ctx, "%s (/%i): 0x%" PRIx32 "", reg->name, (int)(reg->size), value);
3639 }
3640 else if (argc == 2)
3641 {
3642 uint32_t value;
3643 COMMAND_PARSE_NUMBER(u32, args[1], value);
3644
3645 /* send CP write request (command 0x41) */
3646 xscale_send_u32(target, 0x41);
3647
3648 /* send CP register number */
3649 xscale_send_u32(target, reg_no);
3650
3651 /* send CP register value */
3652 xscale_send_u32(target, value);
3653
3654 /* execute cpwait to ensure outstanding operations complete */
3655 xscale_send_u32(target, 0x53);
3656 }
3657 else
3658 {
3659 command_print(cmd_ctx, "usage: cp15 [register]<, [value]>");
3660 }
3661
3662 return ERROR_OK;
3663 }
3664
3665 static int xscale_register_commands(struct command_context_s *cmd_ctx)
3666 {
3667 command_t *xscale_cmd;
3668
3669 xscale_cmd = register_command(cmd_ctx, NULL, "xscale", NULL, COMMAND_ANY, "xscale specific commands");
3670
3671 register_command(cmd_ctx, xscale_cmd, "debug_handler", xscale_handle_debug_handler_command, COMMAND_ANY, "'xscale debug_handler <target#> <address>' command takes two required operands");
3672 register_command(cmd_ctx, xscale_cmd, "cache_clean_address", xscale_handle_cache_clean_address_command, COMMAND_ANY, NULL);
3673
3674 register_command(cmd_ctx, xscale_cmd, "cache_info", xscale_handle_cache_info_command, COMMAND_EXEC, NULL);
3675 register_command(cmd_ctx, xscale_cmd, "mmu", xscale_handle_mmu_command, COMMAND_EXEC, "['enable'|'disable'] the MMU");
3676 register_command(cmd_ctx, xscale_cmd, "icache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the ICache");
3677 register_command(cmd_ctx, xscale_cmd, "dcache", xscale_handle_idcache_command, COMMAND_EXEC, "['enable'|'disable'] the DCache");
3678
3679 register_command(cmd_ctx, xscale_cmd, "vector_catch", xscale_handle_vector_catch_command, COMMAND_EXEC, "<mask> of vectors that should be catched");
3680 register_command(cmd_ctx, xscale_cmd, "vector_table", xscale_handle_vector_table_command, COMMAND_EXEC, "<high|low> <index> <code> set static code for exception handler entry");
3681
3682 register_command(cmd_ctx, xscale_cmd, "trace_buffer", xscale_handle_trace_buffer_command, COMMAND_EXEC, "<enable | disable> ['fill' [n]|'wrap']");
3683
3684 register_command(cmd_ctx, xscale_cmd, "dump_trace", xscale_handle_dump_trace_command, COMMAND_EXEC, "dump content of trace buffer to <file>");
3685 register_command(cmd_ctx, xscale_cmd, "analyze_trace", xscale_handle_analyze_trace_buffer_command, COMMAND_EXEC, "analyze content of trace buffer");
3686 register_command(cmd_ctx, xscale_cmd, "trace_image", xscale_handle_trace_image_command,
3687 COMMAND_EXEC, "load image from <file> [base address]");
3688
3689 register_command(cmd_ctx, xscale_cmd, "cp15", xscale_handle_cp15, COMMAND_EXEC, "access coproc 15 <register> [value]");
3690
3691 armv4_5_register_commands(cmd_ctx);
3692
3693 return ERROR_OK;
3694 }
3695
3696 target_type_t xscale_target =
3697 {
3698 .name = "xscale",
3699
3700 .poll = xscale_poll,
3701 .arch_state = xscale_arch_state,
3702
3703 .target_request_data = NULL,
3704
3705 .halt = xscale_halt,
3706 .resume = xscale_resume,
3707 .step = xscale_step,
3708
3709 .assert_reset = xscale_assert_reset,
3710 .deassert_reset = xscale_deassert_reset,
3711 .soft_reset_halt = NULL,
3712
3713 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
3714
3715 .read_memory = xscale_read_memory,
3716 .write_memory = xscale_write_memory,
3717 .bulk_write_memory = xscale_bulk_write_memory,
3718 .checksum_memory = arm7_9_checksum_memory,
3719 .blank_check_memory = arm7_9_blank_check_memory,
3720
3721 .run_algorithm = armv4_5_run_algorithm,
3722
3723 .add_breakpoint = xscale_add_breakpoint,
3724 .remove_breakpoint = xscale_remove_breakpoint,
3725 .add_watchpoint = xscale_add_watchpoint,
3726 .remove_watchpoint = xscale_remove_watchpoint,
3727
3728 .register_commands = xscale_register_commands,
3729 .target_create = xscale_target_create,
3730 .init_target = xscale_init_target,
3731
3732 .virt2phys = xscale_virt2phys,
3733 .mmu = xscale_mmu
3734 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)