1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
44 #define FNC_INFO LOG_DEBUG("-")
50 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
52 #define FNC_INFO_NOTIMPLEMENTED
55 static bool arm11_config_memwrite_burst
= true;
56 static bool arm11_config_memwrite_error_fatal
= true;
57 static uint32_t arm11_vcr
= 0;
58 static bool arm11_config_step_irq_enable
= false;
59 static bool arm11_config_hardware_step
= false;
76 ARM11_REGISTER_SPSR_FIQ
,
77 ARM11_REGISTER_SPSR_SVC
,
78 ARM11_REGISTER_SPSR_ABT
,
79 ARM11_REGISTER_SPSR_IRQ
,
80 ARM11_REGISTER_SPSR_UND
,
81 ARM11_REGISTER_SPSR_MON
,
95 enum arm11_regtype type
;
98 /* update arm11_regcache_ids when changing this */
99 static const struct arm11_reg_defs arm11_reg_defs
[] =
101 {"r0", 0, 0, ARM11_REGISTER_CORE
},
102 {"r1", 1, 1, ARM11_REGISTER_CORE
},
103 {"r2", 2, 2, ARM11_REGISTER_CORE
},
104 {"r3", 3, 3, ARM11_REGISTER_CORE
},
105 {"r4", 4, 4, ARM11_REGISTER_CORE
},
106 {"r5", 5, 5, ARM11_REGISTER_CORE
},
107 {"r6", 6, 6, ARM11_REGISTER_CORE
},
108 {"r7", 7, 7, ARM11_REGISTER_CORE
},
109 {"r8", 8, 8, ARM11_REGISTER_CORE
},
110 {"r9", 9, 9, ARM11_REGISTER_CORE
},
111 {"r10", 10, 10, ARM11_REGISTER_CORE
},
112 {"r11", 11, 11, ARM11_REGISTER_CORE
},
113 {"r12", 12, 12, ARM11_REGISTER_CORE
},
114 {"sp", 13, 13, ARM11_REGISTER_CORE
},
115 {"lr", 14, 14, ARM11_REGISTER_CORE
},
116 {"pc", 15, 15, ARM11_REGISTER_CORE
},
118 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
120 /* Debug Registers */
121 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
122 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
123 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
126 enum arm11_regcache_ids
129 ARM11_RC_RX
= ARM11_RC_R0
,
144 ARM11_RC_SP
= ARM11_RC_R13
,
146 ARM11_RC_LR
= ARM11_RC_R14
,
148 ARM11_RC_PC
= ARM11_RC_R15
,
159 /* GDB expects ARMs to give R0..R15, CPSR, and 7 FPA dummies */
160 #define ARM11_GDB_REGISTER_COUNT 26
162 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
163 static int arm11_step(struct target
*target
, int current
,
164 uint32_t address
, int handle_breakpoints
);
166 static int arm11_build_reg_cache(struct target
*target
);
167 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
);
168 static int arm11_get_reg(struct reg
*reg
);
170 static void arm11_record_register_history(struct arm11_common
* arm11
);
171 static void arm11_dump_reg_changes(struct arm11_common
* arm11
);
174 /** Check and if necessary take control of the system
176 * \param arm11 Target state variable.
177 * \param dscr If the current DSCR content is
178 * available a pointer to a word holding the
179 * DSCR can be passed. Otherwise use NULL.
181 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
185 uint32_t dscr_local_tmp_copy
;
189 dscr
= &dscr_local_tmp_copy
;
191 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
194 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
196 LOG_DEBUG("Bringing target into debug mode");
198 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
199 arm11_write_DSCR(arm11
, *dscr
);
201 /* add further reset initialization here */
203 arm11
->simulate_reset_on_next_halt
= true;
205 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
207 /** \todo TODO: this needs further scrutiny because
208 * arm11_on_enter_debug_state() never gets properly called.
209 * As a result we don't read the actual register states from
213 arm11
->target
->state
= TARGET_HALTED
;
214 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
218 arm11
->target
->state
= TARGET_RUNNING
;
219 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
222 arm11_sc7_clear_vbw(arm11
);
231 (arm11->reg_values[ARM11_RC_##x])
233 /** Save processor state.
235 * This is called when the HALT instruction has succeeded
236 * or on other occasions that stop the processor.
239 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
244 for (size_t i
= 0; i
< ARRAY_SIZE(arm11
->reg_values
); i
++)
246 arm11
->reg_list
[i
].valid
= 1;
247 arm11
->reg_list
[i
].dirty
= 0;
251 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
255 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
257 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
259 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
261 struct scan_field chain5_fields
[3];
263 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
264 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
265 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
267 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
271 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
275 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
276 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
277 ARM1136 seems to require this to issue ITR's as well */
279 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
281 /* this executes JTAG queue: */
283 arm11_write_DSCR(arm11
, new_dscr
);
287 Before executing any instruction in debug state you have to drain the write buffer.
288 This ensures that no imprecise Data Aborts can return at a later point:*/
290 /** \todo TODO: Test drain write buffer. */
295 /* MRC p14,0,R0,c5,c10,0 */
296 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
298 /* mcr 15, 0, r0, cr7, cr10, {4} */
299 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
301 uint32_t dscr
= arm11_read_DSCR(arm11
);
303 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
305 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
307 arm11_run_instr_no_data1(arm11
, 0xe320f000);
309 dscr
= arm11_read_DSCR(arm11
);
311 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
318 retval
= arm11_run_instr_data_prepare(arm11
);
319 if (retval
!= ERROR_OK
)
324 /** \todo TODO: handle other mode registers */
326 for (size_t i
= 0; i
< 15; i
++)
328 /* MCR p14,0,R?,c0,c5,0 */
329 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
330 if (retval
!= ERROR_OK
)
336 /* check rDTRfull in DSCR */
338 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
340 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
341 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
342 if (retval
!= ERROR_OK
)
347 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
352 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
353 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
354 if (retval
!= ERROR_OK
)
359 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
360 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
361 if (retval
!= ERROR_OK
)
364 /* adjust PC depending on ARM state */
366 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
368 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
370 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
372 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
376 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
379 if (arm11
->simulate_reset_on_next_halt
)
381 arm11
->simulate_reset_on_next_halt
= false;
383 LOG_DEBUG("Reset c1 Control Register");
385 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
387 /* MCR p15,0,R0,c1,c0,0 */
388 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
389 if (retval
!= ERROR_OK
)
394 retval
= arm11_run_instr_data_finish(arm11
);
395 if (retval
!= ERROR_OK
)
398 arm11_dump_reg_changes(arm11
);
403 void arm11_dump_reg_changes(struct arm11_common
* arm11
)
406 if (!(debug_level
>= LOG_LVL_DEBUG
))
411 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
413 if (!arm11
->reg_list
[i
].valid
)
415 if (arm11
->reg_history
[i
].valid
)
416 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
420 if (arm11
->reg_history
[i
].valid
)
422 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
423 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
427 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
433 /** Restore processor state
435 * This is called in preparation for the RESTART function.
438 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
443 retval
= arm11_run_instr_data_prepare(arm11
);
444 if (retval
!= ERROR_OK
)
447 /** \todo TODO: handle other mode registers */
449 /* restore R1 - R14 */
451 for (unsigned i
= 1; i
< 15; i
++)
453 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
456 /* MRC p14,0,r?,c0,c5,0 */
457 arm11_run_instr_data_to_core1(arm11
,
458 0xee100e15 | (i
<< 12), R(RX
+ i
));
460 // LOG_DEBUG("RESTORE R%u %08x", i, R(RX + i));
463 retval
= arm11_run_instr_data_finish(arm11
);
464 if (retval
!= ERROR_OK
)
467 /* spec says clear wDTR and rDTR; we assume they are clear as
468 otherwise our programming would be sloppy */
472 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
474 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
477 The wDTR/rDTR two registers that are used to send/receive data to/from
478 the core in tandem with corresponding instruction codes that are
479 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
480 registers hold data that was written by one side (CPU or JTAG) and not
481 read out by the other side.
483 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
488 retval
= arm11_run_instr_data_prepare(arm11
);
489 if (retval
!= ERROR_OK
)
492 /* restore original wDTR */
494 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
496 /* MCR p14,0,R0,c0,c5,0 */
497 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
498 if (retval
!= ERROR_OK
)
505 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
506 if (retval
!= ERROR_OK
)
513 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
514 if (retval
!= ERROR_OK
)
520 /* MRC p14,0,r0,c0,c5,0 */
521 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
523 retval
= arm11_run_instr_data_finish(arm11
);
524 if (retval
!= ERROR_OK
)
529 arm11_write_DSCR(arm11
, R(DSCR
));
533 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
535 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
537 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
539 struct scan_field chain5_fields
[3];
541 uint8_t Ready
= 0; /* ignored */
542 uint8_t Valid
= 0; /* ignored */
544 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
545 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
546 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
548 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
551 arm11_record_register_history(arm11
);
556 static void arm11_record_register_history(struct arm11_common
*arm11
)
558 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
560 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
561 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
563 arm11
->reg_list
[i
].valid
= 0;
564 arm11
->reg_list
[i
].dirty
= 0;
569 /* poll current target status */
570 static int arm11_poll(struct target
*target
)
574 struct arm11_common
*arm11
= target_to_arm11(target
);
577 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
579 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
581 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
583 if (dscr
& ARM11_DSCR_CORE_HALTED
)
585 if (target
->state
!= TARGET_HALTED
)
587 enum target_state old_state
= target
->state
;
589 LOG_DEBUG("enter TARGET_HALTED");
590 target
->state
= TARGET_HALTED
;
591 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
592 retval
= arm11_on_enter_debug_state(arm11
);
593 if (retval
!= ERROR_OK
)
596 target_call_event_callbacks(target
,
597 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
602 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
604 LOG_DEBUG("enter TARGET_RUNNING");
605 target
->state
= TARGET_RUNNING
;
606 target
->debug_reason
= DBG_REASON_NOTHALTED
;
612 /* architecture specific status reply */
613 static int arm11_arch_state(struct target
*target
)
615 struct arm11_common
*arm11
= target_to_arm11(target
);
617 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
618 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
625 /* target request support */
626 static int arm11_target_request_data(struct target
*target
,
627 uint32_t size
, uint8_t *buffer
)
629 FNC_INFO_NOTIMPLEMENTED
;
634 /* target execution control */
635 static int arm11_halt(struct target
*target
)
638 struct arm11_common
*arm11
= target_to_arm11(target
);
640 LOG_DEBUG("target->state: %s",
641 target_state_name(target
));
643 if (target
->state
== TARGET_UNKNOWN
)
645 arm11
->simulate_reset_on_next_halt
= true;
648 if (target
->state
== TARGET_HALTED
)
650 LOG_DEBUG("target was already halted");
654 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
656 CHECK_RETVAL(jtag_execute_queue());
663 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
665 if (dscr
& ARM11_DSCR_CORE_HALTED
)
676 if ((timeval_ms()-then
) > 1000)
678 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
685 arm11_on_enter_debug_state(arm11
);
687 enum target_state old_state
= target
->state
;
689 target
->state
= TARGET_HALTED
;
690 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
693 target_call_event_callbacks(target
,
694 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
699 static int arm11_resume(struct target
*target
, int current
,
700 uint32_t address
, int handle_breakpoints
, int debug_execution
)
704 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
705 // current, address, handle_breakpoints, debug_execution);
707 struct arm11_common
*arm11
= target_to_arm11(target
);
709 LOG_DEBUG("target->state: %s",
710 target_state_name(target
));
713 if (target
->state
!= TARGET_HALTED
)
715 LOG_ERROR("Target not halted");
716 return ERROR_TARGET_NOT_HALTED
;
722 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
724 /* clear breakpoints/watchpoints and VCR*/
725 arm11_sc7_clear_vbw(arm11
);
727 /* Set up breakpoints */
728 if (!debug_execution
)
730 /* check if one matches PC and step over it if necessary */
732 struct breakpoint
* bp
;
734 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
736 if (bp
->address
== R(PC
))
738 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
739 arm11_step(target
, 1, 0, 0);
744 /* set all breakpoints */
746 unsigned brp_num
= 0;
748 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
750 struct arm11_sc7_action brp
[2];
753 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
754 brp
[0].value
= bp
->address
;
756 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
757 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
759 arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
));
761 LOG_DEBUG("Add BP %d at %08" PRIx32
, brp_num
,
767 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
770 arm11_leave_debug_state(arm11
);
772 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
774 CHECK_RETVAL(jtag_execute_queue());
781 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
783 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
785 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
796 if ((timeval_ms()-then
) > 1000)
798 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
805 if (!debug_execution
)
807 target
->state
= TARGET_RUNNING
;
808 target
->debug_reason
= DBG_REASON_NOTHALTED
;
810 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
814 target
->state
= TARGET_DEBUG_RUNNING
;
815 target
->debug_reason
= DBG_REASON_NOTHALTED
;
817 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
824 static int armv4_5_to_arm11(int reg
)
831 return ARM11_RC_CPSR
;
833 /* FIX!!! handle thumb better! */
834 return ARM11_RC_CPSR
;
836 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
842 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
844 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
846 reg
=armv4_5_to_arm11(reg
);
848 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
851 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
852 int reg
, uint32_t value
)
854 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
856 reg
=armv4_5_to_arm11(reg
);
858 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
861 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
864 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
866 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
869 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
871 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
873 /* FIX!!!! we should implement thumb for arm11 */
874 return ARMV4_5_STATE_ARM
;
877 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
878 enum armv4_5_state mode
)
880 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
882 /* FIX!!!! we should implement thumb for arm11 */
883 LOG_ERROR("Not implemetned!");
887 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
889 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
891 /* FIX!!!! we should implement something that returns the current mode here!!! */
892 return ARMV4_5_MODE_USR
;
895 static int arm11_simulate_step(struct target
*target
, uint32_t *dry_run_pc
)
897 struct arm_sim_interface sim
;
899 sim
.user_data
=target
->arch_info
;
900 sim
.get_reg
=&arm11_sim_get_reg
;
901 sim
.set_reg
=&arm11_sim_set_reg
;
902 sim
.get_reg_mode
=&arm11_sim_get_reg
;
903 sim
.set_reg_mode
=&arm11_sim_set_reg
;
904 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
905 sim
.get_mode
=&arm11_sim_get_mode
;
906 sim
.get_state
=&arm11_sim_get_state
;
907 sim
.set_state
=&arm11_sim_set_state
;
909 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
913 static int arm11_step(struct target
*target
, int current
,
914 uint32_t address
, int handle_breakpoints
)
918 LOG_DEBUG("target->state: %s",
919 target_state_name(target
));
921 if (target
->state
!= TARGET_HALTED
)
923 LOG_WARNING("target was not halted");
924 return ERROR_TARGET_NOT_HALTED
;
927 struct arm11_common
*arm11
= target_to_arm11(target
);
932 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
935 /** \todo TODO: Thumb not supported here */
937 uint32_t next_instruction
;
939 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
942 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
945 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
946 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
947 LOG_DEBUG("Skipping BKPT");
949 /* skip over Wait for interrupt / Standby */
950 /* mcr 15, 0, r?, cr7, cr0, {4} */
951 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
954 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
955 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
956 LOG_DEBUG("Skipping WFI");
958 /* ignore B to self */
959 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
961 LOG_DEBUG("Not stepping jump to self");
965 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
968 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
969 * the VCR might be something worth looking into. */
972 /* Set up breakpoint for stepping */
974 struct arm11_sc7_action brp
[2];
977 brp
[0].address
= ARM11_SC7_BVR0
;
979 brp
[1].address
= ARM11_SC7_BCR0
;
981 if (arm11_config_hardware_step
)
983 /* hardware single stepping be used if possible or is it better to
984 * always use the same code path? Hardware single stepping is not supported
987 brp
[0].value
= R(PC
);
988 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
991 /* sets a breakpoint on the next PC(calculated by simulation),
995 retval
= arm11_simulate_step(target
, &next_pc
);
996 if (retval
!= ERROR_OK
)
999 brp
[0].value
= next_pc
;
1000 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1003 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
)));
1008 if (arm11_config_step_irq_enable
)
1009 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1011 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1014 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1016 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1018 CHECK_RETVAL(jtag_execute_queue());
1026 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1028 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1030 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1031 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1037 then
= timeval_ms();
1041 if ((timeval_ms()-then
) > 1000)
1043 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1050 /* clear breakpoint */
1051 arm11_sc7_clear_vbw(arm11
);
1054 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1056 /* restore default state */
1057 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1061 // target->state = TARGET_HALTED;
1062 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1064 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1069 static int arm11_assert_reset(struct target
*target
)
1073 struct arm11_common
*arm11
= target_to_arm11(target
);
1075 retval
= arm11_check_init(arm11
, NULL
);
1076 if (retval
!= ERROR_OK
)
1079 target
->state
= TARGET_UNKNOWN
;
1081 /* we would very much like to reset into the halted, state,
1082 * but resetting and halting is second best... */
1083 if (target
->reset_halt
)
1085 CHECK_RETVAL(target_halt(target
));
1089 /* srst is funny. We can not do *anything* else while it's asserted
1090 * and it has unkonwn side effects. Make sure no other code runs
1093 * Code below assumes srst:
1095 * - Causes power-on-reset (but of what parts of the system?). Bug
1098 * - Messes us TAP state without asserting trst.
1100 * - There is another bug in the arm11 core. When you generate an access to
1101 * external logic (for example ddr controller via AHB bus) and that block
1102 * is not configured (perhaps it is still held in reset), that transaction
1103 * will never complete. This will hang arm11 core but it will also hang
1104 * JTAG controller. Nothing, short of srst assertion will bring it out of
1109 * - What should the PC be after an srst reset when starting in the halted
1113 jtag_add_reset(0, 1);
1114 jtag_add_reset(0, 0);
1116 /* How long do we have to wait? */
1117 jtag_add_sleep(5000);
1119 /* un-mess up TAP state */
1122 retval
= jtag_execute_queue();
1123 if (retval
!= ERROR_OK
)
1131 static int arm11_deassert_reset(struct target
*target
)
1136 static int arm11_soft_reset_halt(struct target
*target
)
1138 FNC_INFO_NOTIMPLEMENTED
;
1143 /* target register access for gdb */
1144 static int arm11_get_gdb_reg_list(struct target
*target
,
1145 struct reg
**reg_list
[], int *reg_list_size
)
1148 struct arm11_common
*arm11
= target_to_arm11(target
);
1150 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1151 *reg_list
= malloc(sizeof(struct reg
*) * ARM11_GDB_REGISTER_COUNT
);
1153 /* nine unused legacy FPA registers are expected by GDB */
1154 for (size_t i
= 16; i
< 24; i
++)
1155 (*reg_list
)[i
] = &arm_gdb_dummy_fp_reg
;
1156 (*reg_list
)[24] = &arm_gdb_dummy_fps_reg
;
1158 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1160 if (arm11_reg_defs
[i
].gdb_num
== -1)
1163 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1169 /* target memory access
1170 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1171 * count: number of items of <size>
1173 * arm11_config_memrw_no_increment - in the future we may want to be able
1174 * to read/write a range of data to a "port". a "port" is an action on
1175 * read memory address for some peripheral.
1177 static int arm11_read_memory_inner(struct target
*target
,
1178 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1179 bool arm11_config_memrw_no_increment
)
1181 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1186 if (target
->state
!= TARGET_HALTED
)
1188 LOG_WARNING("target was not halted");
1189 return ERROR_TARGET_NOT_HALTED
;
1192 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1194 struct arm11_common
*arm11
= target_to_arm11(target
);
1196 retval
= arm11_run_instr_data_prepare(arm11
);
1197 if (retval
!= ERROR_OK
)
1200 /* MRC p14,0,r0,c0,c5,0 */
1201 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1202 if (retval
!= ERROR_OK
)
1208 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1209 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1211 for (size_t i
= 0; i
< count
; i
++)
1213 /* ldrb r1, [r0], #1 */
1215 arm11_run_instr_no_data1(arm11
,
1216 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1219 /* MCR p14,0,R1,c0,c5,0 */
1220 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1229 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1231 for (size_t i
= 0; i
< count
; i
++)
1233 /* ldrh r1, [r0], #2 */
1234 arm11_run_instr_no_data1(arm11
,
1235 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1239 /* MCR p14,0,R1,c0,c5,0 */
1240 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1242 uint16_t svalue
= res
;
1243 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1251 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1252 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1253 uint32_t *words
= (uint32_t *)buffer
;
1255 /* LDC p14,c5,[R0],#4 */
1256 /* LDC p14,c5,[R0] */
1257 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1262 return arm11_run_instr_data_finish(arm11
);
1265 static int arm11_read_memory(struct target
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1267 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1271 * arm11_config_memrw_no_increment - in the future we may want to be able
1272 * to read/write a range of data to a "port". a "port" is an action on
1273 * read memory address for some peripheral.
1275 static int arm11_write_memory_inner(struct target
*target
,
1276 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1277 bool arm11_config_memrw_no_increment
)
1282 if (target
->state
!= TARGET_HALTED
)
1284 LOG_WARNING("target was not halted");
1285 return ERROR_TARGET_NOT_HALTED
;
1288 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1290 struct arm11_common
*arm11
= target_to_arm11(target
);
1292 retval
= arm11_run_instr_data_prepare(arm11
);
1293 if (retval
!= ERROR_OK
)
1296 /* MRC p14,0,r0,c0,c5,0 */
1297 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1298 if (retval
!= ERROR_OK
)
1301 /* burst writes are not used for single words as those may well be
1302 * reset init script writes.
1304 * The other advantage is that as burst writes are default, we'll
1305 * now exercise both burst and non-burst code paths with the
1306 * default settings, increasing code coverage.
1308 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1314 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1316 for (size_t i
= 0; i
< count
; i
++)
1318 /* MRC p14,0,r1,c0,c5,0 */
1319 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1320 if (retval
!= ERROR_OK
)
1323 /* strb r1, [r0], #1 */
1325 retval
= arm11_run_instr_no_data1(arm11
,
1326 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1327 if (retval
!= ERROR_OK
)
1336 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1338 for (size_t i
= 0; i
< count
; i
++)
1341 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1343 /* MRC p14,0,r1,c0,c5,0 */
1344 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1345 if (retval
!= ERROR_OK
)
1348 /* strh r1, [r0], #2 */
1350 retval
= arm11_run_instr_no_data1(arm11
,
1351 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1352 if (retval
!= ERROR_OK
)
1360 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1362 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1363 uint32_t *words
= (uint32_t*)buffer
;
1367 /* STC p14,c5,[R0],#4 */
1368 /* STC p14,c5,[R0]*/
1369 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1370 if (retval
!= ERROR_OK
)
1375 /* STC p14,c5,[R0],#4 */
1376 /* STC p14,c5,[R0]*/
1377 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1378 if (retval
!= ERROR_OK
)
1386 /* r0 verification */
1387 if (!arm11_config_memrw_no_increment
)
1391 /* MCR p14,0,R0,c0,c5,0 */
1392 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1393 if (retval
!= ERROR_OK
)
1396 if (address
+ size
* count
!= r0
)
1398 LOG_ERROR("Data transfer failed. Expected end "
1399 "address 0x%08x, got 0x%08x",
1400 (unsigned) (address
+ size
* count
),
1404 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1406 if (arm11_config_memwrite_error_fatal
)
1411 return arm11_run_instr_data_finish(arm11
);
1414 static int arm11_write_memory(struct target
*target
,
1415 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1417 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1420 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1421 static int arm11_bulk_write_memory(struct target
*target
,
1422 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1426 if (target
->state
!= TARGET_HALTED
)
1428 LOG_WARNING("target was not halted");
1429 return ERROR_TARGET_NOT_HALTED
;
1432 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1435 /* target break-/watchpoint control
1436 * rw: 0 = write, 1 = read, 2 = access
1438 static int arm11_add_breakpoint(struct target
*target
,
1439 struct breakpoint
*breakpoint
)
1442 struct arm11_common
*arm11
= target_to_arm11(target
);
1445 if (breakpoint
->type
== BKPT_SOFT
)
1447 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1448 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1452 if (!arm11
->free_brps
)
1454 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1455 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1458 if (breakpoint
->length
!= 4)
1460 LOG_DEBUG("only breakpoints of four bytes length supported");
1461 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1469 static int arm11_remove_breakpoint(struct target
*target
,
1470 struct breakpoint
*breakpoint
)
1473 struct arm11_common
*arm11
= target_to_arm11(target
);
1480 static int arm11_add_watchpoint(struct target
*target
,
1481 struct watchpoint
*watchpoint
)
1483 FNC_INFO_NOTIMPLEMENTED
;
1488 static int arm11_remove_watchpoint(struct target
*target
,
1489 struct watchpoint
*watchpoint
)
1491 FNC_INFO_NOTIMPLEMENTED
;
1496 // HACKHACKHACK - FIXME mode/state
1497 /* target algorithm support */
1498 static int arm11_run_algorithm(struct target
*target
,
1499 int num_mem_params
, struct mem_param
*mem_params
,
1500 int num_reg_params
, struct reg_param
*reg_params
,
1501 uint32_t entry_point
, uint32_t exit_point
,
1502 int timeout_ms
, void *arch_info
)
1504 struct arm11_common
*arm11
= target_to_arm11(target
);
1505 // enum armv4_5_state core_state = arm11->core_state;
1506 // enum armv4_5_mode core_mode = arm11->core_mode;
1507 uint32_t context
[16];
1509 int exit_breakpoint_size
= 0;
1510 int retval
= ERROR_OK
;
1511 LOG_DEBUG("Running algorithm");
1514 if (target
->state
!= TARGET_HALTED
)
1516 LOG_WARNING("target not halted");
1517 return ERROR_TARGET_NOT_HALTED
;
1521 // if (!is_arm_mode(arm11->core_mode))
1522 // return ERROR_FAIL;
1525 for (unsigned i
= 0; i
< 16; i
++)
1527 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1528 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1531 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1532 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1534 for (int i
= 0; i
< num_mem_params
; i
++)
1536 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1539 // Set register parameters
1540 for (int i
= 0; i
< num_reg_params
; i
++)
1542 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1545 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1546 return ERROR_INVALID_ARGUMENTS
;
1549 if (reg
->size
!= reg_params
[i
].size
)
1551 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1552 return ERROR_INVALID_ARGUMENTS
;
1554 arm11_set_reg(reg
,reg_params
[i
].value
);
1555 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1558 exit_breakpoint_size
= 4;
1560 /* arm11->core_state = arm11_algorithm_info->core_state;
1561 if (arm11->core_state == ARMV4_5_STATE_ARM)
1562 exit_breakpoint_size = 4;
1563 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1564 exit_breakpoint_size = 2;
1567 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1573 /* arm11 at this point only supports ARM not THUMB mode
1574 however if this test needs to be reactivated the current state can be read back
1577 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1579 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1580 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1581 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1582 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1586 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1588 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1589 retval
= ERROR_TARGET_FAILURE
;
1593 // no debug, otherwise breakpoint is not set
1594 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1596 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1598 if (target
->state
!= TARGET_HALTED
)
1600 CHECK_RETVAL(target_halt(target
));
1602 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1604 retval
= ERROR_TARGET_TIMEOUT
;
1606 goto del_breakpoint
;
1609 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1611 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1612 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1613 retval
= ERROR_TARGET_TIMEOUT
;
1614 goto del_breakpoint
;
1617 for (int i
= 0; i
< num_mem_params
; i
++)
1619 if (mem_params
[i
].direction
!= PARAM_OUT
)
1620 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1623 for (int i
= 0; i
< num_reg_params
; i
++)
1625 if (reg_params
[i
].direction
!= PARAM_OUT
)
1627 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1630 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1631 retval
= ERROR_INVALID_ARGUMENTS
;
1632 goto del_breakpoint
;
1635 if (reg
->size
!= reg_params
[i
].size
)
1637 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1638 retval
= ERROR_INVALID_ARGUMENTS
;
1639 goto del_breakpoint
;
1642 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1647 breakpoint_remove(target
, exit_point
);
1651 for (size_t i
= 0; i
< 16; i
++)
1653 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1654 arm11
->reg_list
[i
].name
, context
[i
]);
1655 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1657 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1658 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1660 // arm11->core_state = core_state;
1661 // arm11->core_mode = core_mode;
1666 static int arm11_target_create(struct target
*target
, Jim_Interp
*interp
)
1670 NEW(struct arm11_common
, arm11
, 1);
1672 arm11
->target
= target
;
1674 if (target
->tap
== NULL
)
1677 if (target
->tap
->ir_length
!= 5)
1679 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1680 return ERROR_COMMAND_SYNTAX_ERROR
;
1683 armv4_5_init_arch_info(target
, &arm11
->arm
);
1685 arm11
->jtag_info
.tap
= target
->tap
;
1686 arm11
->jtag_info
.scann_size
= 5;
1687 arm11
->jtag_info
.scann_instr
= ARM11_SCAN_N
;
1688 /* cur_scan_chain == 0 */
1689 arm11
->jtag_info
.intest_instr
= ARM11_INTEST
;
1694 static int arm11_init_target(struct command_context
*cmd_ctx
,
1695 struct target
*target
)
1697 /* Initialize anything we can set up without talking to the target */
1699 /* FIXME Switch to use the standard build_reg_cache() not custom
1700 * code. Do it from examine(), after we check whether we're
1701 * an arm1176 and thus support the Secure Monitor mode.
1703 return arm11_build_reg_cache(target
);
1706 /* talk to the target and set things up */
1707 static int arm11_examine(struct target
*target
)
1712 struct arm11_common
*arm11
= target_to_arm11(target
);
1716 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1718 struct scan_field idcode_field
;
1720 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1722 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1726 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1728 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1730 struct scan_field chain0_fields
[2];
1732 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1733 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1735 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields
), chain0_fields
, TAP_IDLE
);
1737 CHECK_RETVAL(jtag_execute_queue());
1739 switch (arm11
->device_id
& 0x0FFFF000)
1748 arm11
->arm
.core_type
= ARM_MODE_MON
;
1752 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1755 LOG_INFO("found %s", type
);
1757 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1759 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1760 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1762 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1766 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1767 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1769 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1770 arm11
->free_brps
= arm11
->brp
;
1771 arm11
->free_wrps
= arm11
->wrp
;
1773 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1775 (int)(arm11
->implementor
),
1778 /* as a side-effect this reads DSCR and thus
1779 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1780 * as suggested by the spec.
1783 retval
= arm11_check_init(arm11
, NULL
);
1784 if (retval
!= ERROR_OK
)
1787 /* ETM on ARM11 still uses original scanchain 6 access mode */
1788 if (arm11
->arm
.etm
&& !target_was_examined(target
)) {
1789 *register_get_last_cache_p(&target
->reg_cache
) =
1790 etm_build_reg_cache(target
, &arm11
->jtag_info
,
1792 retval
= etm_setup(target
);
1795 target_set_examined(target
);
1801 /** Load a register that is marked !valid in the register cache */
1802 static int arm11_get_reg(struct reg
*reg
)
1806 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1808 if (target
->state
!= TARGET_HALTED
)
1810 LOG_WARNING("target was not halted");
1811 return ERROR_TARGET_NOT_HALTED
;
1814 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1817 struct arm11_common
*arm11
= target_to_arm11(target
);
1818 const struct arm11_reg_defs
*arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1824 /** Change a value in the register cache */
1825 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
)
1829 struct target
*target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1830 struct arm11_common
*arm11
= target_to_arm11(target
);
1831 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1833 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1840 static const struct reg_arch_type arm11_reg_type
= {
1841 .get
= arm11_get_reg
,
1842 .set
= arm11_set_reg
,
1845 static int arm11_build_reg_cache(struct target
*target
)
1847 struct arm11_common
*arm11
= target_to_arm11(target
);
1849 NEW(struct reg_cache
, cache
, 1);
1850 NEW(struct reg
, reg_list
, ARM11_REGCACHE_COUNT
);
1851 NEW(struct arm11_reg_state
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1853 arm11
->reg_list
= reg_list
;
1855 /* Build the process context cache */
1856 cache
->name
= "arm11 registers";
1858 cache
->reg_list
= reg_list
;
1859 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1861 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1864 arm11
->core_cache
= cache
;
1865 // armv7m->process_context = cache;
1869 /* Not very elegant assertion */
1870 if (ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11
->reg_values
) ||
1871 ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11_reg_defs
) ||
1872 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1874 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d %u %u %d)",
1875 ARM11_REGCACHE_COUNT
,
1876 (unsigned) ARRAY_SIZE(arm11
->reg_values
),
1877 (unsigned) ARRAY_SIZE(arm11_reg_defs
),
1879 /* FIXME minimally, use a build_bug_on(X) mechanism;
1880 * runtime exit() here is bad!
1885 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1887 struct reg
* r
= reg_list
+ i
;
1888 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
1889 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
1893 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1896 r
->type
= &arm11_reg_type
;
1900 rs
->target
= target
;
1906 #define ARM11_BOOL_WRAPPER(name, print_name) \
1907 COMMAND_HANDLER(arm11_handle_bool_##name) \
1909 return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
1910 &arm11_config_##name, print_name); \
1913 ARM11_BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
1914 ARM11_BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
1915 ARM11_BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
1916 ARM11_BOOL_WRAPPER(hardware_step
, "hardware single step")
1918 COMMAND_HANDLER(arm11_handle_vcr
)
1924 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], arm11_vcr
);
1927 return ERROR_COMMAND_SYNTAX_ERROR
;
1930 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
1934 static const uint32_t arm11_coproc_instruction_limits
[] =
1936 15, /* coprocessor */
1941 0xFFFFFFFF, /* value */
1944 static int arm11_mrc_inner(struct target
*target
, int cpnum
,
1945 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
1946 uint32_t *value
, bool read
)
1949 struct arm11_common
*arm11
= target_to_arm11(target
);
1951 if (target
->state
!= TARGET_HALTED
)
1953 LOG_ERROR("Target not halted");
1957 uint32_t instr
= 0xEE000010 |
1965 instr
|= 0x00100000;
1967 retval
= arm11_run_instr_data_prepare(arm11
);
1968 if (retval
!= ERROR_OK
)
1973 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
1974 if (retval
!= ERROR_OK
)
1979 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
1980 if (retval
!= ERROR_OK
)
1984 return arm11_run_instr_data_finish(arm11
);
1987 static int arm11_mrc(struct target
*target
, int cpnum
,
1988 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
1990 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
1993 static int arm11_mcr(struct target
*target
, int cpnum
,
1994 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
1996 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
1999 static int arm11_register_commands(struct command_context
*cmd_ctx
)
2003 struct command
*top_cmd
, *mw_cmd
;
2005 armv4_5_register_commands(cmd_ctx
);
2007 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
2008 NULL
, COMMAND_ANY
, NULL
);
2010 /* "hardware_step" is only here to check if the default
2011 * simulate + breakpoint implementation is broken.
2012 * TEMPORARY! NOT DOCUMENTED!
2014 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2015 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2016 "DEBUG ONLY - Hardware single stepping"
2017 " (default: disabled)");
2019 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2020 NULL
, COMMAND_ANY
, NULL
);
2021 register_command(cmd_ctx
, mw_cmd
, "burst",
2022 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2023 "Enable/Disable non-standard but fast burst mode"
2024 " (default: enabled)");
2025 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2026 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2027 "Terminate program if transfer error was found"
2028 " (default: enabled)");
2030 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2031 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2032 "Enable interrupts while stepping"
2033 " (default: disabled)");
2034 register_command(cmd_ctx
, top_cmd
, "vcr",
2035 arm11_handle_vcr
, COMMAND_ANY
,
2036 "Control (Interrupt) Vector Catch Register");
2038 return etm_register_commands(cmd_ctx
);
2041 /** Holds methods for ARM11xx targets. */
2042 struct target_type arm11_target
= {
2046 .arch_state
= arm11_arch_state
,
2048 .target_request_data
= arm11_target_request_data
,
2051 .resume
= arm11_resume
,
2054 .assert_reset
= arm11_assert_reset
,
2055 .deassert_reset
= arm11_deassert_reset
,
2056 .soft_reset_halt
= arm11_soft_reset_halt
,
2058 .get_gdb_reg_list
= arm11_get_gdb_reg_list
,
2060 .read_memory
= arm11_read_memory
,
2061 .write_memory
= arm11_write_memory
,
2063 .bulk_write_memory
= arm11_bulk_write_memory
,
2065 .checksum_memory
= arm_checksum_memory
,
2066 .blank_check_memory
= arm_blank_check_memory
,
2068 .add_breakpoint
= arm11_add_breakpoint
,
2069 .remove_breakpoint
= arm11_remove_breakpoint
,
2070 .add_watchpoint
= arm11_add_watchpoint
,
2071 .remove_watchpoint
= arm11_remove_watchpoint
,
2073 .run_algorithm
= arm11_run_algorithm
,
2075 .register_commands
= arm11_register_commands
,
2076 .target_create
= arm11_target_create
,
2077 .init_target
= arm11_init_target
,
2078 .examine
= arm11_examine
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)