/**
* Write registers. addr is an array of addresses, and those addresses can be
* in any order, though it is recommended that they are in sequential order
* where possible, as this reduces number of JTAG commands to transfer.
*
* @param jtag_info
* @param type Type of registers to write: core or aux.
* @param addr Array of registers numbers.
* @param count Amount of registers in arrays.
* @param values Array of register values.
*/
static int arc_jtag_write_registers(struct arc_jtag *jtag_info, reg_type_t type,
uint32_t *addr, uint32_t count, const uint32_t *buffer)
{
unsigned int i;
LOG_DEBUG("Writing to %s registers: addr[0]=0x%" PRIx32 ";count=%" PRIu32
";buffer[0]=0x%08" PRIx32,
(type == ARC_JTAG_CORE_REG ? "core" : "aux"), *addr, count, *buffer);
if (count == 0)
return ERROR_OK;
if (jtag_info->always_check_status_rd)
CHECK_RETVAL(arc_wait_until_jtag_ready(jtag_info));
arc_jtag_reset_transaction(jtag_info);
/* What registers are we writing to? */
const uint32_t transaction = (type == ARC_JTAG_CORE_REG ?
ARC_JTAG_WRITE_TO_CORE_REG : ARC_JTAG_WRITE_TO_AUX_REG);
arc_jtag_set_transaction(jtag_info, transaction, TAP_DRPAUSE);
for (i = 0; i < count; i++) {
/* Some of AUX registers are sequential, so we need to set address only
* for the first one in sequence. */
if ( i == 0 || (addr[i] != addr[i-1] + 1) ) {
arc_jtag_write_ir(jtag_info, ARC_ADDRESS_REG);
arc_jtag_write_dr(jtag_info, addr[i], TAP_DRPAUSE);
/* No need to set ir each time, but only if current ir is
* different. It is safe to put it into the if body, because this
* if is always executed in first iteration. */
arc_jtag_write_ir(jtag_info, ARC_DATA_REG);
}
arc_jtag_write_dr(jtag_info, *(buffer + i), TAP_IDLE);
}
uint8_t status_buf[4];
if (jtag_info->check_status_fl)
arc_jtag_enque_status_read(jtag_info, status_buf);
/* Execute queue. */
CHECK_RETVAL(jtag_execute_queue());
CHECK_STATUS_FL(jtag_info, status_buf);
/* Do not advance until write will be finished. This is important in
* some situations. For example it is known that at least in some cases
* core might hang, if transaction will be reset (via writing NOP to
* transaction command register) while it is still being executed by
* the core (can happen with long operations like flush of data cache).
* */
if (jtag_info->wait_until_write_finished) {
CHECK_RETVAL(arc_wait_until_jtag_ready(jtag_info));
}
/* Cleanup. */
arc_jtag_reset_transaction(jtag_info);
CHECK_RETVAL(jtag_execute_queue());
return ERROR_OK;
}
static int arm720t_post_debug_entry(struct target *target)
{
struct arm720t_common *arm720t = target_to_arm720(target);
int retval;
/* examine cp15 control reg */
retval = arm720t_read_cp15(target, 0xee110f10, &arm720t->cp15_control_reg);
if (retval != ERROR_OK)
return retval;
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm720t->cp15_control_reg);
arm720t->armv4_5_mmu.mmu_enabled = (arm720t->cp15_control_reg & 0x1U) ? 1 : 0;
arm720t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm720t->cp15_control_reg & 0x4U) ? 1 : 0;
arm720t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
/* save i/d fault status and address register */
retval = arm720t_read_cp15(target, 0xee150f10, &arm720t->fsr_reg);
if (retval != ERROR_OK)
return retval;
retval = arm720t_read_cp15(target, 0xee160f10, &arm720t->far_reg);
if (retval != ERROR_OK)
return retval;
retval = jtag_execute_queue();
return retval;
}
static int arm926ejs_post_debug_entry(struct target *target)
{
struct arm926ejs_common *arm926ejs = target_to_arm926(target);
int retval;
/* examine cp15 control reg */
retval = arm926ejs->read_cp15(target, 0, 0, 1, 0, &arm926ejs->cp15_control_reg);
if (retval != ERROR_OK)
return retval;
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm926ejs->cp15_control_reg);
if (arm926ejs->armv4_5_mmu.armv4_5_cache.ctype == -1) {
uint32_t cache_type_reg;
/* identify caches */
retval = arm926ejs->read_cp15(target, 0, 1, 0, 0, &cache_type_reg);
if (retval != ERROR_OK)
return retval;
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
armv4_5_identify_cache(cache_type_reg, &arm926ejs->armv4_5_mmu.armv4_5_cache);
}
arm926ejs->armv4_5_mmu.mmu_enabled = (arm926ejs->cp15_control_reg & 0x1U) ? 1 : 0;
arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm926ejs->cp15_control_reg & 0x4U) ? 1 : 0;
arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm926ejs->cp15_control_reg & 0x1000U) ? 1 : 0;
/* save i/d fault status and address register */
retval = arm926ejs->read_cp15(target, 0, 0, 5, 0, &arm926ejs->d_fsr);
if (retval != ERROR_OK)
return retval;
retval = arm926ejs->read_cp15(target, 0, 1, 5, 0, &arm926ejs->i_fsr);
if (retval != ERROR_OK)
return retval;
retval = arm926ejs->read_cp15(target, 0, 0, 6, 0, &arm926ejs->d_far);
if (retval != ERROR_OK)
return retval;
LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 "",
arm926ejs->d_fsr, arm926ejs->d_far, arm926ejs->i_fsr);
uint32_t cache_dbg_ctrl;
/* read-modify-write CP15 cache debug control register
* to disable I/D-cache linefills and force WT */
retval = arm926ejs->read_cp15(target, 7, 0, 15, 0, &cache_dbg_ctrl);
if (retval != ERROR_OK)
return retval;
cache_dbg_ctrl |= 0x7;
retval = arm926ejs->write_cp15(target, 7, 0, 15, 0, cache_dbg_ctrl);
return retval;
}
/**
* Write a sequence of 4-byte words into target memory.
*
* We can write only 4byte words via JTAG, so any non-word writes should be
* handled at higher levels by read-modify-write.
*
* This function writes directly to the memory, leaving any caches (if there
* are any) in inconsistent state. It is responsibility of upper level to
* resolve this.
*
* @param jtag_info
* @param addr Address of first word to write into.
* @param count Amount of word to write.
* @param buffer Array to write into memory.
*/
int arc_jtag_write_memory(struct arc_jtag *jtag_info, uint32_t addr,
uint32_t count, const uint32_t* buffer)
{
assert(jtag_info != NULL);
assert(buffer != NULL);
LOG_DEBUG("Writing to memory: addr=0x%08" PRIx32 ";count=%" PRIu32 ";buffer[0]=0x%08" PRIx32,
addr, count, *buffer);
/* No need to waste time on useless operations. */
if (count == 0)
return ERROR_OK;
if (jtag_info->always_check_status_rd)
CHECK_RETVAL(arc_wait_until_jtag_ready(jtag_info));
/* We do not know where we come from. */
arc_jtag_reset_transaction(jtag_info);
/* We want to write to memory. */
arc_jtag_set_transaction(jtag_info, ARC_JTAG_WRITE_TO_MEMORY, TAP_DRPAUSE);
/* Set target memory address of the first word. */
arc_jtag_write_ir(jtag_info, ARC_ADDRESS_REG);
arc_jtag_write_dr(jtag_info, addr, TAP_DRPAUSE);
/* Start sending words. Address is auto-incremented on 4bytes by HW. */
arc_jtag_write_ir(jtag_info, ARC_DATA_REG);
uint32_t i;
for (i = 0; i < count; i++) {
arc_jtag_write_dr(jtag_info, *(buffer + i), TAP_IDLE);
}
uint8_t status_buf[4];
if (jtag_info->check_status_fl)
arc_jtag_enque_status_read(jtag_info, status_buf);
/* Run queue. */
CHECK_RETVAL(jtag_execute_queue());
CHECK_STATUS_FL(jtag_info, status_buf);
/* Do not advance until write will be finished. */
if (jtag_info->wait_until_write_finished) {
CHECK_RETVAL(arc_wait_until_jtag_ready(jtag_info));
}
/* Cleanup. */
arc_jtag_reset_transaction(jtag_info);
CHECK_RETVAL(jtag_execute_queue());
return ERROR_OK;
}
static int arm920t_read_cp15_interpreted(struct target *target,
uint32_t cp15_opcode, uint32_t address, uint32_t *value)
{
struct arm *armv4_5 = target_to_arm(target);
uint32_t* regs_p[1];
uint32_t regs[2];
uint32_t cp15c15 = 0x0;
struct reg *r = armv4_5->core_cache->reg_list;
/* load address into R1 */
regs[1] = address;
arm9tdmi_write_core_regs(target, 0x2, regs);
/* read-modify-write CP15 test state register
* to enable interpreted access mode */
arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
jtag_execute_queue();
cp15c15 |= 1; /* set interpret mode */
arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
/* execute CP15 instruction and ARM load (reading from coprocessor) */
arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
/* disable interpreted access mode */
cp15c15 &= ~1U; /* clear interpret mode */
arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
/* retrieve value from R0 */
regs_p[0] = value;
arm9tdmi_read_core_regs(target, 0x1, regs_p);
jtag_execute_queue();
#ifdef _DEBUG_INSTRUCTION_EXECUTION_
LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
cp15_opcode, address, *value);
#endif
if (!is_arm_mode(armv4_5->core_mode))
{
LOG_ERROR("not a valid arm core mode - communication failure?");
return ERROR_FAIL;
}
r[0].dirty = 1;
r[1].dirty = 1;
return ERROR_OK;
}
// EXPORTED to FA256
int arm920t_enable_mmu_caches(struct target *target, int mmu,
int d_u_cache, int i_cache)
{
uint32_t cp15_control;
int retval;
/* read cp15 control register */
retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
if (retval != ERROR_OK)
return retval;
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
if (mmu)
cp15_control |= 0x1U;
if (d_u_cache)
cp15_control |= 0x4U;
if (i_cache)
cp15_control |= 0x1000U;
retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
return retval;
}
static int str9xpec_blank_check(struct flash_bank *bank, int first, int last)
{
struct scan_field field;
uint8_t status;
struct jtag_tap *tap;
int i;
uint8_t *buffer = NULL;
struct str9xpec_flash_controller *str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
if (!str9xpec_info->isc_enable)
str9xpec_isc_enable(bank);
if (!str9xpec_info->isc_enable)
return ERROR_FLASH_OPERATION_FAILED;
buffer = calloc(DIV_ROUND_UP(64, 8), 1);
LOG_DEBUG("blank check: first_bank: %i, last_bank: %i", first, last);
for (i = first; i <= last; i++)
buf_set_u32(buffer, str9xpec_info->sector_bits[i], 1, 1);
/* execute ISC_BLANK_CHECK command */
str9xpec_set_instr(tap, ISC_BLANK_CHECK, TAP_IRPAUSE);
field.num_bits = 64;
field.out_value = buffer;
field.in_value = NULL;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
jtag_add_sleep(40000);
/* read blank check result */
field.num_bits = 64;
field.out_value = NULL;
field.in_value = buffer;
jtag_add_dr_scan(tap, 1, &field, TAP_IRPAUSE);
jtag_execute_queue();
status = str9xpec_isc_status(tap);
for (i = first; i <= last; i++) {
if (buf_get_u32(buffer, str9xpec_info->sector_bits[i], 1))
bank->sectors[i].is_erased = 0;
else
bank->sectors[i].is_erased = 1;
}
free(buffer);
str9xpec_isc_disable(bank);
if ((status & ISC_STATUS_ERROR) != STR9XPEC_ISC_SUCCESS)
return ERROR_FLASH_OPERATION_FAILED;
return ERROR_OK;
}
static int swd_init(struct command_context *ctx)
{
#if 0
struct target *target = get_current_target(ctx);
struct arm *arm = target_to_arm(target);
struct adiv5_dap *dap = arm->dap;
uint32_t idcode;
int status;
/* FIXME validate transport config ... is the
* configured DAP present (check IDCODE)?
* Is *only* one DAP configured?
*
* MUST READ IDCODE
*/
/* Note, debugport_init() does setup too */
uint8_t ack;
status = swd_queue_idcode_read(dap, &ack, &idcode);
if (status == ERROR_OK)
LOG_INFO("SWD IDCODE %#8.8x", idcode);
return status;
#endif
int retval;
jtag_add_reset(0, 0);
if ((retval = jtag_execute_queue()) != ERROR_OK)
return retval;
return ERROR_OK;
}
/* just read data (instruction and data-out = don't care) */
int arm9tdmi_clock_data_in(arm_jtag_t *jtag_info, u32 *in)
{
scan_field_t fields[3];
jtag_add_end_state(TAP_PD);
arm_jtag_scann(jtag_info, 0x1);
arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
fields[0].device = jtag_info->chain_pos;
fields[0].num_bits = 32;
fields[0].out_value = NULL;
fields[0].out_mask = NULL;
fields[0].in_value = NULL;
fields[0].in_handler = arm_jtag_buf_to_u32;
fields[0].in_handler_priv = in;
fields[0].in_check_value = NULL;
fields[0].in_check_mask = NULL;
fields[1].device = jtag_info->chain_pos;
fields[1].num_bits = 3;
fields[1].out_value = NULL;
fields[1].out_mask = NULL;
fields[1].in_value = NULL;
fields[1].in_handler = NULL;
fields[1].in_handler_priv = NULL;
fields[1].in_check_value = NULL;
fields[1].in_check_mask = NULL;
fields[2].device = jtag_info->chain_pos;
fields[2].num_bits = 32;
fields[2].out_value = NULL;
fields[2].out_mask = NULL;
fields[2].in_value = NULL;
fields[2].in_check_value = NULL;
fields[2].in_check_mask = NULL;
fields[2].in_handler = NULL;
fields[2].in_handler_priv = NULL;
jtag_add_dr_scan(3, fields, -1, NULL);
jtag_add_runtest(0, -1);
#ifdef _DEBUG_INSTRUCTION_EXECUTION_
{
jtag_execute_queue();
if (in)
{
DEBUG("in: 0x%8.8x", *in);
}
else
{
ERROR("BUG: called with in == NULL");
}
}
#endif
return ERROR_OK;
}
static int irscan(struct target *t, uint8_t *out,
uint8_t *in, uint8_t ir_len)
{
int retval = ERROR_OK;
struct x86_32_common *x86_32 = target_to_x86_32(t);
if (NULL == t->tap) {
retval = ERROR_FAIL;
LOG_ERROR("%s invalid target tap", __func__);
return retval;
}
if (ir_len != t->tap->ir_length) {
retval = ERROR_FAIL;
if (t->tap->enabled)
LOG_ERROR("%s tap enabled but tap irlen=%d",
__func__, t->tap->ir_length);
else
LOG_ERROR("%s tap not enabled and irlen=%d",
__func__, t->tap->ir_length);
return retval;
}
struct scan_field *fields = &scan.field;
fields->num_bits = ir_len;
fields->out_value = out;
fields->in_value = in;
jtag_add_ir_scan(x86_32->curr_tap, fields, TAP_IDLE);
if (x86_32->flush) {
retval = jtag_execute_queue();
if (retval != ERROR_OK)
LOG_ERROR("%s failed to execute queue", __func__);
}
return retval;
}
/** Execute one instruction via ITR repeatedly while
* reading data from the core via DTR on each execution.
*
* The executed instruction \em must write data to DTR.
*
* \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
*
* \param arm11 Target state variable.
* \param opcode ARM opcode
* \param data Pointer to an array that receives the data words from the core
* \param count Number of data words and instruction repetitions
*
*/
void arm11_run_instr_data_from_core(arm11_common_t * arm11, u32 opcode, u32 * data, size_t count)
{
arm11_add_IR(arm11, ARM11_ITRSEL, -1);
arm11_add_debug_INST(arm11, opcode, NULL, TAP_IDLE);
arm11_add_IR(arm11, ARM11_INTEST, -1);
scan_field_t chain5_fields[3];
u32 Data;
u8 Ready;
u8 nRetry;
arm11_setup_field(arm11, 32, NULL, &Data, chain5_fields + 0);
arm11_setup_field(arm11, 1, NULL, &Ready, chain5_fields + 1);
arm11_setup_field(arm11, 1, NULL, &nRetry, chain5_fields + 2);
while (count--)
{
do
{
arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, count ? TAP_IDLE : TAP_DRPAUSE);
jtag_execute_queue();
JTAG_DEBUG("DTR Data %08x Ready %d nRetry %d", Data, Ready, nRetry);
}
while (!Ready);
*data++ = Data;
}
}
int str9xpec_read_config(struct flash_bank_s *bank)
{
scan_field_t field;
u8 status;
jtag_tap_t *tap;
str9xpec_flash_controller_t *str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
LOG_DEBUG("ISC_CONFIGURATION");
/* execute ISC_CONFIGURATION command */
str9xpec_set_instr(tap, ISC_CONFIGURATION, TAP_IRPAUSE);
field.tap = tap;
field.num_bits = 64;
field.out_value = NULL;
field.out_mask = NULL;
field.in_value = str9xpec_info->options;
field.in_check_value = NULL;
field.in_check_mask = NULL;
field.in_handler = NULL;
field.in_handler_priv = NULL;
jtag_add_dr_scan(1, &field, TAP_IDLE);
jtag_execute_queue();
status = str9xpec_isc_status(tap);
return status;
}
static int arm926ejs_enable_mmu_caches(struct target *target, int mmu,
int d_u_cache, int i_cache)
{
struct arm926ejs_common *arm926ejs = target_to_arm926(target);
uint32_t cp15_control;
int retval;
/* read cp15 control register */
retval = arm926ejs->read_cp15(target, 0, 0, 1, 0, &cp15_control);
if (retval != ERROR_OK)
return retval;
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
if (mmu)
cp15_control |= 0x1U;
if (d_u_cache)
cp15_control |= 0x4U;
if (i_cache)
cp15_control |= 0x1000U;
retval = arm926ejs->write_cp15(target, 0, 0, 1, 0, cp15_control);
return retval;
}
int avr32_jtag_nexus_set_address(struct avr32_jtag *jtag_info,
uint32_t addr, int mode)
{
struct scan_field fields[2];
uint8_t addr_buf[4];
uint8_t busy_buf[4];
int busy;
memset(fields, 0, sizeof(fields));
do {
memset(addr_buf, 0, sizeof(addr_buf));
memset(busy_buf, 0, sizeof(busy_buf));
buf_set_u32(addr_buf, 0, 1, mode);
buf_set_u32(addr_buf, 1, 7, addr);
fields[0].num_bits = 26;
fields[0].in_value = NULL;
fields[0].out_value = NULL;
fields[1].num_bits = 8;
fields[1].in_value = busy_buf;
fields[1].out_value = addr_buf;
jtag_add_dr_scan(jtag_info->tap, 2, fields, TAP_IDLE);
if (jtag_execute_queue() != ERROR_OK) {
LOG_ERROR("%s: setting address failed", __func__);
return ERROR_FAIL;
}
busy = buf_get_u32(busy_buf, 6, 1);
} while (busy);
return ERROR_OK;
}
static int xtensa_examine(struct target *target)
{
int res = ERROR_OK;
size_t i;
if (!target_was_examined(target)) {
target_set_examined(target);
/* without IDCODE, there isn't actually a lot we can
do here apart from try to poll and check that the
TAP responds to it, ie has some known Xtensa
registers. */
res = xtensa_poll(target);
if(res != ERROR_OK) {
LOG_ERROR("Failed to examine target.");
return ERROR_FAIL;
}
if(target->state == TARGET_HALTED) {
LOG_DEBUG("Resetting breakpoint/watchpoint state...");
xtensa_tap_queue_write_sr(target, XT_REG_IDX_IBREAKENABLE, 0);
for(i = 0; i < XT_NUM_WATCHPOINTS; i++) {
xtensa_tap_queue_write_sr(target, XT_REG_IDX_DBREAKA0+i*2, 0);
xtensa_tap_queue_write_sr(target, XT_REG_IDX_DBREAKC0+i*2, 0);
}
res = jtag_execute_queue();
} else {
LOG_WARNING("Warning: Target not halted, breakpoint/watchpoint state may be unpredictable.");
}
}
return res;
}
/* Execute an Xtensa OCD TAP instruction immediately */
static int xtensa_tap_exec(struct target *target, int inst_idx, uint32_t data_out, uint32_t *data_in)
{
uint8_t out[4] = { 0 }, in[4] = { 0 };
int res;
if(data_out)
buf_set_u32(out, 0, 32, data_out);
res = xtensa_tap_queue(target, inst_idx, out, in);
if(res != ERROR_OK)
return res;
res = jtag_execute_queue();
if(res != ERROR_OK) {
LOG_ERROR("failed to scan tap instruction");
return res;
}
if(data_in) {
static uint32_t last_dosr;
*data_in = buf_get_u32(in, 0, 32);
if(inst_idx != TAP_INS_READ_DOSR || *data_in != last_dosr) {
LOG_DEBUG("Executed %s, data_out=0x%" PRIx32 " data_in=0x%" PRIx32,
tap_instrs[inst_idx].name, data_out, *data_in);
if(inst_idx == TAP_INS_READ_DOSR)
last_dosr = *data_in;
}
} else {
LOG_DEBUG("Executed %s, data_out=0x%" PRIx32,
tap_instrs[inst_idx].name, data_out);
}
return ERROR_OK;
}
static int xtensa_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
{
struct xtensa_common *xtensa = target_to_xtensa(target);
struct reg *reg_list = xtensa->core_cache->reg_list;
size_t slot;
int res;
for(slot = 0; slot < xtensa->num_brps; slot++) {
if(xtensa->hw_brps[slot] == breakpoint)
break;
}
assert(slot < xtensa->num_brps && "Breakpoint slot not found");
uint32_t ibe_val = buf_get_u32(reg_list[XT_REG_IDX_IBREAKENABLE].value, 0, 32);
ibe_val &= ~(1<<slot);
xtensa_tap_queue_write_sr(target, XT_REG_IDX_IBREAKENABLE, ibe_val);
res = jtag_execute_queue();
if(res != ERROR_OK)
return res;
xtensa->hw_brps[slot] = NULL;
/* invalidate register cache */
reg_list[XT_REG_IDX_IBREAKENABLE].valid = 0;
return ERROR_OK;
}
static int xtensa_set_breakpoint(struct target *target, struct breakpoint *breakpoint)
{
struct xtensa_common *xtensa = target_to_xtensa(target);
struct reg *reg_list = xtensa->core_cache->reg_list;
size_t slot;
int res;
for(slot = 0; slot < xtensa->num_brps; slot++) {
if(xtensa->hw_brps[slot] == NULL || xtensa->hw_brps[slot] == breakpoint)
break;
}
assert(slot < xtensa->num_brps && "Breakpoint slot should always be available to set breakpoint");
/* Write IBREAKA[slot] and set bit #slot in IBREAKENABLE */
enum xtensa_reg_idx bp_reg_idx = XT_REG_IDX_IBREAKA0+slot;
xtensa_tap_queue_write_sr(target, bp_reg_idx, breakpoint->address);
uint32_t ibe_val = buf_get_u32(reg_list[XT_REG_IDX_IBREAKENABLE].value, 0, 32);
ibe_val |= (1<<slot);
xtensa_tap_queue_write_sr(target, XT_REG_IDX_IBREAKENABLE, ibe_val);
res = jtag_execute_queue();
if(res != ERROR_OK)
return res;
xtensa->hw_brps[slot] = breakpoint;
/* invalidate register cache */
reg_list[XT_REG_IDX_IBREAKENABLE].valid = 0;
reg_list[bp_reg_idx].valid = 0;
return ERROR_OK;
}
/** Wait until RD (ready) bit in JTAG Status register will be set. It is very
* hard to find a case when this bit is not set, however there were cases with
* failed memory reads, and adding this check even though it immediately
* succeeds resolves the problem.
*
* We are calling this check only before memory reads, because we never had
* problems with other operations, so I don't want to incur additional
* performance penalties unless it is proven to be required.
*
* This check would be a total moot in case of non-stop debugging, since core
* will continue to run after this check, so while it might be ready at that
* time, it might be not ready by the time of next command. We don't support
* non-stop debugging on the other hand, so that is not a problem at the
* moment.
*/
static int arc_wait_until_jtag_ready(struct arc_jtag * const jtag_info)
{
assert(jtag_info);
assert(jtag_info->tap);
bool ready = 0;
do {
uint8_t buf[4];
/* Do not reset transaction here, or that will reset
* JTAG_STATUS as well and we will never know if current
* transaction finished. Even more so - it is known that
* setting IR to NOP command when D$ flush is in process might
* break the core - JTAG interface will be returning only
* zeroes. */
arc_jtag_enque_status_read(jtag_info, buf);
CHECK_RETVAL(jtag_execute_queue());
uint32_t jtag_status = buf_get_u32(buf, 0, 32);
ready = jtag_status & ARC_JTAG_STAT_RD;
if (!ready) {
LOG_DEBUG("JTAG on core is not ready: %s",
arc_jtag_decode_status(jtag_status));
}
} while(!ready);
return ERROR_OK;
}
u8 str9xpec_isc_status(jtag_tap_t *tap)
{
scan_field_t field;
u8 status;
if (str9xpec_set_instr(tap, ISC_NOOP, TAP_IRPAUSE) != ERROR_OK)
return ISC_STATUS_ERROR;
field.tap = tap;
field.num_bits = 8;
field.out_value = NULL;
field.out_mask = NULL;
field.in_value = &status;
field.in_check_value = NULL;
field.in_check_mask = NULL;
field.in_handler = NULL;
field.in_handler_priv = NULL;
jtag_add_dr_scan(1, &field, TAP_IDLE);
jtag_execute_queue();
LOG_DEBUG("status: 0x%2.2x", status);
if (status & ISC_STATUS_SECURITY)
LOG_INFO("Device Security Bit Set");
return status;
}
static int str9xpec_read_config(struct flash_bank *bank)
{
struct scan_field field;
uint8_t status;
struct jtag_tap *tap;
struct str9xpec_flash_controller *str9xpec_info = bank->driver_priv;
tap = str9xpec_info->tap;
LOG_DEBUG("ISC_CONFIGURATION");
/* execute ISC_CONFIGURATION command */
str9xpec_set_instr(tap, ISC_CONFIGURATION, TAP_IRPAUSE);
field.num_bits = 64;
field.out_value = NULL;
field.in_value = str9xpec_info->options;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
jtag_execute_queue();
status = str9xpec_isc_status(tap);
return status;
}
static int avr32_jtag_set_instr(struct avr32_jtag *jtag_info, int new_instr)
{
struct jtag_tap *tap;
int busy = 0;
tap = jtag_info->tap;
if (tap == NULL)
return ERROR_FAIL;
if (buf_get_u32(tap->cur_instr, 0, tap->ir_length) != (uint32_t)new_instr)
{
do {
struct scan_field field;
uint8_t t[4];
uint8_t ret[4];
field.num_bits = tap->ir_length;
field.out_value = t;
buf_set_u32(t, 0, field.num_bits, new_instr);
field.in_value = ret;
jtag_add_ir_scan(tap, &field, TAP_IDLE);
if (jtag_execute_queue() != ERROR_OK)
{
LOG_ERROR("%s: setting address failed", __func__);
return ERROR_FAIL;
}
busy = buf_get_u32(ret, 2, 1);
} while (busy); /* check for busy bit */
}
return ERROR_OK;
}
int riscv_batch_run(struct riscv_batch *batch)
{
if (batch->used_scans == 0) {
LOG_DEBUG("Ignoring empty batch.");
return ERROR_OK;
}
keep_alive();
LOG_DEBUG("running a batch of %ld scans", (long)batch->used_scans);
riscv_batch_add_nop(batch);
for (size_t i = 0; i < batch->used_scans; ++i) {
jtag_add_dr_scan(batch->target->tap, 1, batch->fields + i, TAP_IDLE);
if (batch->idle_count > 0)
jtag_add_runtest(batch->idle_count, TAP_IDLE);
}
LOG_DEBUG("executing queue");
if (jtag_execute_queue() != ERROR_OK) {
LOG_ERROR("Unable to execute JTAG queue");
return ERROR_FAIL;
}
for (size_t i = 0; i < batch->used_scans; ++i)
dump_field(batch->fields + i);
return ERROR_OK;
}
int mips_ejtag_drscan_38(struct mips_ejtag *ejtag_info, uint64_t *data)
{
struct jtag_tap *tap;
tap = ejtag_info->tap;
if (tap == NULL)
return ERROR_FAIL;
mips_ejtag_set_instr(ejtag_info, EJTAG_DCR_FDC);
struct scan_field field;
uint8_t t[5], r[5];
int retval;
field.num_bits = 38;
field.out_value = &t;
buf_set_u64(t, 0, field.num_bits, *data);
field.in_value = r;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
retval = jtag_execute_queue();
if (retval != ERROR_OK) {
LOG_ERROR("register read failed");
return retval;
}
*data = buf_get_u64(field.in_value, 0, 64);
keep_alive();
return ERROR_OK;
}
int mips_ejtag_drscan_8(struct mips_ejtag *ejtag_info, uint32_t *data)
{
// LOG_DEBUG("mips_ejtag_drscan_8");
struct jtag_tap *tap;
tap = ejtag_info->tap;
assert(tap != NULL);
struct scan_field field;
uint8_t t[4] = {0, 0, 0, 0}, r[4];
int retval;
field.num_bits = 8;
field.out_value = t;
buf_set_u32(t, 0, field.num_bits, *data);
field.in_value = r;
jtag_add_dr_scan(tap, 1, &field, TAP_IDLE);
retval = jtag_execute_queue();
if (retval != ERROR_OK) {
LOG_ERROR("register read failed");
return retval;
}
*data = buf_get_u32(field.in_value, 0, 32);
return ERROR_OK;
}
/** Write the Debug Status and Control Register (DSCR)
*
* same as CP14 c1
*
* \param arm11 Target state variable.
* \param dscr DSCR content
*
* \remarks This is a stand-alone function that executes the JTAG command queue.
*/
int arm11_write_DSCR(struct arm11_common * arm11, uint32_t dscr)
{
int retval;
retval = arm11_add_debug_SCAN_N(arm11, 0x01, ARM11_TAP_DEFAULT);
if (retval != ERROR_OK)
return retval;
arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
struct scan_field chain1_field;
arm11_setup_field(arm11, 32, &dscr, NULL, &chain1_field);
arm11_add_dr_scan_vc(1, &chain1_field, TAP_DRPAUSE);
CHECK_RETVAL(jtag_execute_queue());
JTAG_DEBUG("DSCR <= %08x (OLD %08x)",
(unsigned) dscr,
(unsigned) arm11->dscr);
arm11->dscr = dscr;
return ERROR_OK;
}
int arm11_add_debug_SCAN_N(struct arm11_common *arm11,
uint8_t chain, tap_state_t state)
{
/* Don't needlessly switch the scan chain.
* NOTE: the ITRSEL instruction fakes SCREG changing;
* but leaves its actual value unchanged.
*/
if (arm11->jtag_info.cur_scan_chain == chain) {
JTAG_DEBUG("SCREG <= %d SKIPPED", chain);
return jtag_add_statemove((state == ARM11_TAP_DEFAULT)
? TAP_DRPAUSE : state);
}
JTAG_DEBUG("SCREG <= %d", chain);
arm11_add_IR(arm11, ARM11_SCAN_N, ARM11_TAP_DEFAULT);
struct scan_field field;
uint8_t tmp[1];
arm11_setup_field(arm11, 5, &chain, &tmp, &field);
arm11_add_dr_scan_vc(1, &field, state == ARM11_TAP_DEFAULT ? TAP_DRPAUSE : state);
jtag_execute_queue_noclear();
arm11_in_handler_SCAN_N(tmp);
arm11->jtag_info.cur_scan_chain = chain;
return jtag_execute_queue();
}
/**
* Put the debug link into SWD mode, if the target supports it.
* The link's initial mode may be either JTAG (for example,
* with SWJ-DP after reset) or SWD.
*
* @param target Enters SWD mode (if possible).
*
* Note that targets using the JTAG-DP do not support SWD, and that
* some targets which could otherwise support it may have have been
* configured to disable SWD signaling
*
* @return ERROR_OK or else a fault code.
*/
int dap_to_swd(struct target *target)
{
struct arm *arm = target_to_arm(target);
int retval;
if (!arm->dap) {
LOG_ERROR("SWD mode is not available");
return ERROR_FAIL;
}
LOG_DEBUG("Enter SWD mode");
/* REVISIT it's ugly to need to make calls to a "jtag"
* subsystem if the link may not be in JTAG mode...
*/
retval = jtag_add_tms_seq(8 * sizeof(jtag2swd_bitseq),
jtag2swd_bitseq, TAP_INVALID);
if (retval == ERROR_OK)
retval = jtag_execute_queue();
/* set up the DAP's ops vector for SWD mode. */
arm->dap->ops = &swd_dap_ops;
return retval;
}
/* clock the target, and read the databus
* the *in pointer points to a buffer where elements of 'size' bytes
* are stored in big (be == 1) or little (be == 0) endianness
*/
int arm9tdmi_clock_data_in_endianness(struct arm_jtag *jtag_info,
void *in, int size, int be)
{
int retval = ERROR_OK;
struct scan_field fields[2];
retval = arm_jtag_scann(jtag_info, 0x1, TAP_DRPAUSE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_DRPAUSE);
if (retval != ERROR_OK)
return retval;
if (size == 4) {
fields[0].num_bits = 32;
fields[0].out_value = NULL;
fields[0].in_value = in;
fields[1].num_bits = 3 + 32;
fields[1].out_value = NULL;
fields[1].in_value = NULL;
} else {
/* Discard irrelevant bits of the scan, making sure we don't write more
* than size bytes to in */
fields[0].num_bits = size * 8;
fields[0].out_value = NULL;
fields[0].in_value = in;
fields[1].num_bits = 3 + 32 + 32 - size * 8;
fields[1].out_value = NULL;
fields[1].in_value = NULL;
}
jtag_add_dr_scan(jtag_info->tap, 2, fields, TAP_DRPAUSE);
jtag_add_callback4(arm7_9_endianness_callback,
(jtag_callback_data_t)in,
(jtag_callback_data_t)size,
(jtag_callback_data_t)be,
(jtag_callback_data_t)0);
jtag_add_runtest(0, TAP_DRPAUSE);
#ifdef _DEBUG_INSTRUCTION_EXECUTION_
{
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
if (in)
LOG_DEBUG("in: 0x%8.8x", *(uint32_t *)in);
else
LOG_ERROR("BUG: called with in == NULL");
}
#endif
return ERROR_OK;
}
/**
* Poll DCC control register until read or write handshake completes.
*/
int embeddedice_handshake(struct arm_jtag *jtag_info, int hsbit, uint32_t timeout)
{
struct scan_field fields[3];
uint8_t field0_in[4];
uint8_t field1_out[1];
uint8_t field2_out[1];
int retval;
uint32_t hsact;
struct timeval lap;
struct timeval now;
if (hsbit == EICE_COMM_CTRL_WBIT)
hsact = 1;
else if (hsbit == EICE_COMM_CTRL_RBIT)
hsact = 0;
else {
LOG_ERROR("Invalid arguments");
return ERROR_COMMAND_SYNTAX_ERROR;
}
retval = arm_jtag_scann(jtag_info, 0x2, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
if (retval != ERROR_OK)
return retval;
fields[0].num_bits = 32;
fields[0].out_value = NULL;
fields[0].in_value = field0_in;
fields[1].num_bits = 5;
fields[1].out_value = field1_out;
field1_out[0] = eice_regs[EICE_COMMS_DATA].addr;
fields[1].in_value = NULL;
fields[2].num_bits = 1;
fields[2].out_value = field2_out;
field2_out[0] = 0;
fields[2].in_value = NULL;
jtag_add_dr_scan(jtag_info->tap, 3, fields, TAP_IDLE);
gettimeofday(&lap, NULL);
do {
jtag_add_dr_scan(jtag_info->tap, 3, fields, TAP_IDLE);
retval = jtag_execute_queue();
if (retval != ERROR_OK)
return retval;
if (buf_get_u32(field0_in, hsbit, 1) == hsact)
return ERROR_OK;
gettimeofday(&now, NULL);
} while ((uint32_t)((now.tv_sec - lap.tv_sec) * 1000
+ (now.tv_usec - lap.tv_usec) / 1000) <= timeout);
LOG_ERROR("embeddedice handshake timeout");
return ERROR_TARGET_TIMEOUT;
}
