1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
31 #include "arm_simulator.h"
32 #include "time_support.h"
33 #include "target_type.h"
37 #define _DEBUG_INSTRUCTION_EXECUTION_
41 #define FNC_INFO LOG_DEBUG("-")
47 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
49 #define FNC_INFO_NOTIMPLEMENTED
52 static bool arm11_config_memwrite_burst
= true;
53 static bool arm11_config_memwrite_error_fatal
= true;
54 static uint32_t arm11_vcr
= 0;
55 static bool arm11_config_step_irq_enable
= false;
56 static bool arm11_config_hardware_step
= false;
58 static int arm11_regs_arch_type
= -1;
75 ARM11_REGISTER_SPSR_FIQ
,
76 ARM11_REGISTER_SPSR_SVC
,
77 ARM11_REGISTER_SPSR_ABT
,
78 ARM11_REGISTER_SPSR_IRQ
,
79 ARM11_REGISTER_SPSR_UND
,
80 ARM11_REGISTER_SPSR_MON
,
89 typedef struct arm11_reg_defs_s
94 enum arm11_regtype type
;
97 /* update arm11_regcache_ids when changing this */
98 static const arm11_reg_defs_t arm11_reg_defs
[] =
100 {"r0", 0, 0, ARM11_REGISTER_CORE
},
101 {"r1", 1, 1, ARM11_REGISTER_CORE
},
102 {"r2", 2, 2, ARM11_REGISTER_CORE
},
103 {"r3", 3, 3, ARM11_REGISTER_CORE
},
104 {"r4", 4, 4, ARM11_REGISTER_CORE
},
105 {"r5", 5, 5, ARM11_REGISTER_CORE
},
106 {"r6", 6, 6, ARM11_REGISTER_CORE
},
107 {"r7", 7, 7, ARM11_REGISTER_CORE
},
108 {"r8", 8, 8, ARM11_REGISTER_CORE
},
109 {"r9", 9, 9, ARM11_REGISTER_CORE
},
110 {"r10", 10, 10, ARM11_REGISTER_CORE
},
111 {"r11", 11, 11, ARM11_REGISTER_CORE
},
112 {"r12", 12, 12, ARM11_REGISTER_CORE
},
113 {"sp", 13, 13, ARM11_REGISTER_CORE
},
114 {"lr", 14, 14, ARM11_REGISTER_CORE
},
115 {"pc", 15, 15, ARM11_REGISTER_CORE
},
117 #if ARM11_REGCACHE_FREGS
118 {"f0", 0, 16, ARM11_REGISTER_FX
},
119 {"f1", 1, 17, ARM11_REGISTER_FX
},
120 {"f2", 2, 18, ARM11_REGISTER_FX
},
121 {"f3", 3, 19, ARM11_REGISTER_FX
},
122 {"f4", 4, 20, ARM11_REGISTER_FX
},
123 {"f5", 5, 21, ARM11_REGISTER_FX
},
124 {"f6", 6, 22, ARM11_REGISTER_FX
},
125 {"f7", 7, 23, ARM11_REGISTER_FX
},
126 {"fps", 0, 24, ARM11_REGISTER_FPS
},
129 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
131 #if ARM11_REGCACHE_MODEREGS
132 {"r8_fiq", 8, -1, ARM11_REGISTER_FIQ
},
133 {"r9_fiq", 9, -1, ARM11_REGISTER_FIQ
},
134 {"r10_fiq", 10, -1, ARM11_REGISTER_FIQ
},
135 {"r11_fiq", 11, -1, ARM11_REGISTER_FIQ
},
136 {"r12_fiq", 12, -1, ARM11_REGISTER_FIQ
},
137 {"r13_fiq", 13, -1, ARM11_REGISTER_FIQ
},
138 {"r14_fiq", 14, -1, ARM11_REGISTER_FIQ
},
139 {"spsr_fiq", 0, -1, ARM11_REGISTER_SPSR_FIQ
},
141 {"r13_svc", 13, -1, ARM11_REGISTER_SVC
},
142 {"r14_svc", 14, -1, ARM11_REGISTER_SVC
},
143 {"spsr_svc", 0, -1, ARM11_REGISTER_SPSR_SVC
},
145 {"r13_abt", 13, -1, ARM11_REGISTER_ABT
},
146 {"r14_abt", 14, -1, ARM11_REGISTER_ABT
},
147 {"spsr_abt", 0, -1, ARM11_REGISTER_SPSR_ABT
},
149 {"r13_irq", 13, -1, ARM11_REGISTER_IRQ
},
150 {"r14_irq", 14, -1, ARM11_REGISTER_IRQ
},
151 {"spsr_irq", 0, -1, ARM11_REGISTER_SPSR_IRQ
},
153 {"r13_und", 13, -1, ARM11_REGISTER_UND
},
154 {"r14_und", 14, -1, ARM11_REGISTER_UND
},
155 {"spsr_und", 0, -1, ARM11_REGISTER_SPSR_UND
},
158 {"r13_mon", 13, -1, ARM11_REGISTER_MON
},
159 {"r14_mon", 14, -1, ARM11_REGISTER_MON
},
160 {"spsr_mon", 0, -1, ARM11_REGISTER_SPSR_MON
},
163 /* Debug Registers */
164 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
165 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
166 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
169 enum arm11_regcache_ids
172 ARM11_RC_RX
= ARM11_RC_R0
,
187 ARM11_RC_SP
= ARM11_RC_R13
,
189 ARM11_RC_LR
= ARM11_RC_R14
,
191 ARM11_RC_PC
= ARM11_RC_R15
,
193 #if ARM11_REGCACHE_FREGS
195 ARM11_RC_FX
= ARM11_RC_F0
,
208 #if ARM11_REGCACHE_MODEREGS
246 #define ARM11_GDB_REGISTER_COUNT 26
248 static uint8_t arm11_gdb_dummy_fp_value
[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
250 static reg_t arm11_gdb_dummy_fp_reg
=
252 "GDB dummy floating-point register", arm11_gdb_dummy_fp_value
, 0, 1, 96, NULL
, 0, NULL
, 0
255 static uint8_t arm11_gdb_dummy_fps_value
[] = {0, 0, 0, 0};
257 static reg_t arm11_gdb_dummy_fps_reg
=
259 "GDB dummy floating-point status register", arm11_gdb_dummy_fps_value
, 0, 1, 32, NULL
, 0, NULL
, 0
263 static int arm11_on_enter_debug_state(arm11_common_t
*arm11
);
264 static int arm11_step(struct target_s
*target
, int current
,
265 uint32_t address
, int handle_breakpoints
);
267 static int arm11_build_reg_cache(target_t
*target
);
268 static int arm11_set_reg(reg_t
*reg
, uint8_t *buf
);
269 static int arm11_get_reg(reg_t
*reg
);
271 static void arm11_record_register_history(arm11_common_t
* arm11
);
272 static void arm11_dump_reg_changes(arm11_common_t
* arm11
);
275 /** Check and if necessary take control of the system
277 * \param arm11 Target state variable.
278 * \param dscr If the current DSCR content is
279 * available a pointer to a word holding the
280 * DSCR can be passed. Otherwise use NULL.
282 static int arm11_check_init(arm11_common_t
*arm11
, uint32_t *dscr
)
286 uint32_t dscr_local_tmp_copy
;
290 dscr
= &dscr_local_tmp_copy
;
292 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
295 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
297 LOG_DEBUG("Bringing target into debug mode");
299 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
300 arm11_write_DSCR(arm11
, *dscr
);
302 /* add further reset initialization here */
304 arm11
->simulate_reset_on_next_halt
= true;
306 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
308 /** \todo TODO: this needs further scrutiny because
309 * arm11_on_enter_debug_state() never gets properly called.
310 * As a result we don't read the actual register states from
314 arm11
->target
->state
= TARGET_HALTED
;
315 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
319 arm11
->target
->state
= TARGET_RUNNING
;
320 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
323 arm11_sc7_clear_vbw(arm11
);
332 (arm11->reg_values[ARM11_RC_##x])
334 /** Save processor state.
336 * This is called when the HALT instruction has succeeded
337 * or on other occasions that stop the processor.
340 static int arm11_on_enter_debug_state(arm11_common_t
*arm11
)
345 for (size_t i
= 0; i
< asizeof(arm11
->reg_values
); i
++)
347 arm11
->reg_list
[i
].valid
= 1;
348 arm11
->reg_list
[i
].dirty
= 0;
352 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
356 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
358 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
360 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
362 scan_field_t chain5_fields
[3];
364 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
365 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
366 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
368 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
372 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
376 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
377 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
378 ARM1136 seems to require this to issue ITR's as well */
380 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
382 /* this executes JTAG queue: */
384 arm11_write_DSCR(arm11
, new_dscr
);
388 Before executing any instruction in debug state you have to drain the write buffer.
389 This ensures that no imprecise Data Aborts can return at a later point:*/
391 /** \todo TODO: Test drain write buffer. */
396 /* MRC p14,0,R0,c5,c10,0 */
397 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
399 /* mcr 15, 0, r0, cr7, cr10, {4} */
400 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
402 uint32_t dscr
= arm11_read_DSCR(arm11
);
404 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
406 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
408 arm11_run_instr_no_data1(arm11
, 0xe320f000);
410 dscr
= arm11_read_DSCR(arm11
);
412 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
419 retval
= arm11_run_instr_data_prepare(arm11
);
420 if (retval
!= ERROR_OK
)
425 /** \todo TODO: handle other mode registers */
427 for (size_t i
= 0; i
< 15; i
++)
429 /* MCR p14,0,R?,c0,c5,0 */
430 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
431 if (retval
!= ERROR_OK
)
437 /* check rDTRfull in DSCR */
439 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
441 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
442 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
443 if (retval
!= ERROR_OK
)
448 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
453 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
454 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
455 if (retval
!= ERROR_OK
)
460 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
461 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
462 if (retval
!= ERROR_OK
)
465 /* adjust PC depending on ARM state */
467 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
469 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
471 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
473 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
477 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
480 if (arm11
->simulate_reset_on_next_halt
)
482 arm11
->simulate_reset_on_next_halt
= false;
484 LOG_DEBUG("Reset c1 Control Register");
486 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
488 /* MCR p15,0,R0,c1,c0,0 */
489 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
490 if (retval
!= ERROR_OK
)
495 retval
= arm11_run_instr_data_finish(arm11
);
496 if (retval
!= ERROR_OK
)
499 arm11_dump_reg_changes(arm11
);
504 void arm11_dump_reg_changes(arm11_common_t
* arm11
)
507 if (!(debug_level
>= LOG_LVL_DEBUG
))
512 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
514 if (!arm11
->reg_list
[i
].valid
)
516 if (arm11
->reg_history
[i
].valid
)
517 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
521 if (arm11
->reg_history
[i
].valid
)
523 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
524 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
528 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
534 /** Restore processor state
536 * This is called in preparation for the RESTART function.
539 static int arm11_leave_debug_state(arm11_common_t
*arm11
)
544 retval
= arm11_run_instr_data_prepare(arm11
);
545 if (retval
!= ERROR_OK
)
548 /** \todo TODO: handle other mode registers */
550 /* restore R1 - R14 */
552 for (size_t i
= 1; i
< 15; i
++)
554 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
557 /* MRC p14,0,r?,c0,c5,0 */
558 arm11_run_instr_data_to_core1(arm11
, 0xee100e15 | (i
<< 12), R(RX
+ i
));
560 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
563 retval
= arm11_run_instr_data_finish(arm11
);
564 if (retval
!= ERROR_OK
)
567 /* spec says clear wDTR and rDTR; we assume they are clear as
568 otherwise our programming would be sloppy */
572 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
574 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
577 The wDTR/rDTR two registers that are used to send/receive data to/from
578 the core in tandem with corresponding instruction codes that are
579 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
580 registers hold data that was written by one side (CPU or JTAG) and not
581 read out by the other side.
583 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
588 retval
= arm11_run_instr_data_prepare(arm11
);
589 if (retval
!= ERROR_OK
)
592 /* restore original wDTR */
594 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
596 /* MCR p14,0,R0,c0,c5,0 */
597 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
598 if (retval
!= ERROR_OK
)
605 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
606 if (retval
!= ERROR_OK
)
613 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
614 if (retval
!= ERROR_OK
)
620 /* MRC p14,0,r0,c0,c5,0 */
621 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
623 retval
= arm11_run_instr_data_finish(arm11
);
624 if (retval
!= ERROR_OK
)
629 arm11_write_DSCR(arm11
, R(DSCR
));
633 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
635 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
637 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
639 scan_field_t chain5_fields
[3];
641 uint8_t Ready
= 0; /* ignored */
642 uint8_t Valid
= 0; /* ignored */
644 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
645 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
646 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
648 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
651 arm11_record_register_history(arm11
);
656 static void arm11_record_register_history(arm11_common_t
*arm11
)
658 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
660 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
661 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
663 arm11
->reg_list
[i
].valid
= 0;
664 arm11
->reg_list
[i
].dirty
= 0;
669 /* poll current target status */
670 static int arm11_poll(struct target_s
*target
)
675 arm11_common_t
* arm11
= target
->arch_info
;
679 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
681 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
683 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
685 if (dscr
& ARM11_DSCR_CORE_HALTED
)
687 if (target
->state
!= TARGET_HALTED
)
689 enum target_state old_state
= target
->state
;
691 LOG_DEBUG("enter TARGET_HALTED");
692 target
->state
= TARGET_HALTED
;
693 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
694 retval
= arm11_on_enter_debug_state(arm11
);
695 if (retval
!= ERROR_OK
)
698 target_call_event_callbacks(target
,
699 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
704 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
706 LOG_DEBUG("enter TARGET_RUNNING");
707 target
->state
= TARGET_RUNNING
;
708 target
->debug_reason
= DBG_REASON_NOTHALTED
;
714 /* architecture specific status reply */
715 static int arm11_arch_state(struct target_s
*target
)
717 arm11_common_t
* arm11
= target
->arch_info
;
719 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
720 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
727 /* target request support */
728 static int arm11_target_request_data(struct target_s
*target
,
729 uint32_t size
, uint8_t *buffer
)
731 FNC_INFO_NOTIMPLEMENTED
;
736 /* target execution control */
737 static int arm11_halt(struct target_s
*target
)
741 arm11_common_t
* arm11
= target
->arch_info
;
743 LOG_DEBUG("target->state: %s",
744 target_state_name(target
));
746 if (target
->state
== TARGET_UNKNOWN
)
748 arm11
->simulate_reset_on_next_halt
= true;
751 if (target
->state
== TARGET_HALTED
)
753 LOG_DEBUG("target was already halted");
757 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
759 CHECK_RETVAL(jtag_execute_queue());
766 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
768 if (dscr
& ARM11_DSCR_CORE_HALTED
)
779 if ((timeval_ms()-then
) > 1000)
781 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
788 arm11_on_enter_debug_state(arm11
);
790 enum target_state old_state
= target
->state
;
792 target
->state
= TARGET_HALTED
;
793 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
796 target_call_event_callbacks(target
,
797 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
802 static int arm11_resume(struct target_s
*target
, int current
,
803 uint32_t address
, int handle_breakpoints
, int debug_execution
)
807 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
808 // current, address, handle_breakpoints, debug_execution);
810 arm11_common_t
* arm11
= target
->arch_info
;
812 LOG_DEBUG("target->state: %s",
813 target_state_name(target
));
816 if (target
->state
!= TARGET_HALTED
)
818 LOG_ERROR("Target not halted");
819 return ERROR_TARGET_NOT_HALTED
;
825 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
827 /* clear breakpoints/watchpoints and VCR*/
828 arm11_sc7_clear_vbw(arm11
);
830 /* Set up breakpoints */
831 if (!debug_execution
)
833 /* check if one matches PC and step over it if necessary */
837 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
839 if (bp
->address
== R(PC
))
841 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
842 arm11_step(target
, 1, 0, 0);
847 /* set all breakpoints */
851 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
853 arm11_sc7_action_t brp
[2];
856 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
857 brp
[0].value
= bp
->address
;
859 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
860 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
862 arm11_sc7_run(arm11
, brp
, asizeof(brp
));
864 LOG_DEBUG("Add BP " ZU
" at %08" PRIx32
"", brp_num
, bp
->address
);
869 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
872 arm11_leave_debug_state(arm11
);
874 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
876 CHECK_RETVAL(jtag_execute_queue());
883 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
885 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
887 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
898 if ((timeval_ms()-then
) > 1000)
900 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
907 if (!debug_execution
)
909 target
->state
= TARGET_RUNNING
;
910 target
->debug_reason
= DBG_REASON_NOTHALTED
;
912 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
916 target
->state
= TARGET_DEBUG_RUNNING
;
917 target
->debug_reason
= DBG_REASON_NOTHALTED
;
919 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
926 static int armv4_5_to_arm11(int reg
)
933 return ARM11_RC_CPSR
;
935 /* FIX!!! handle thumb better! */
936 return ARM11_RC_CPSR
;
938 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
944 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
946 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
948 reg
=armv4_5_to_arm11(reg
);
950 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
953 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
954 int reg
, uint32_t value
)
956 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
958 reg
=armv4_5_to_arm11(reg
);
960 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
963 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
966 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
968 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
971 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
973 // arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
975 /* FIX!!!! we should implement thumb for arm11 */
976 return ARMV4_5_STATE_ARM
;
979 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
980 enum armv4_5_state mode
)
982 // arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
984 /* FIX!!!! we should implement thumb for arm11 */
985 LOG_ERROR("Not implemetned!");
989 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
991 //arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
993 /* FIX!!!! we should implement something that returns the current mode here!!! */
994 return ARMV4_5_MODE_USR
;
997 static int arm11_simulate_step(target_t
*target
, uint32_t *dry_run_pc
)
999 struct arm_sim_interface sim
;
1001 sim
.user_data
=target
->arch_info
;
1002 sim
.get_reg
=&arm11_sim_get_reg
;
1003 sim
.set_reg
=&arm11_sim_set_reg
;
1004 sim
.get_reg_mode
=&arm11_sim_get_reg
;
1005 sim
.set_reg_mode
=&arm11_sim_set_reg
;
1006 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
1007 sim
.get_mode
=&arm11_sim_get_mode
;
1008 sim
.get_state
=&arm11_sim_get_state
;
1009 sim
.set_state
=&arm11_sim_set_state
;
1011 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
1015 static int arm11_step(struct target_s
*target
, int current
,
1016 uint32_t address
, int handle_breakpoints
)
1020 LOG_DEBUG("target->state: %s",
1021 target_state_name(target
));
1023 if (target
->state
!= TARGET_HALTED
)
1025 LOG_WARNING("target was not halted");
1026 return ERROR_TARGET_NOT_HALTED
;
1029 arm11_common_t
* arm11
= target
->arch_info
;
1034 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
1037 /** \todo TODO: Thumb not supported here */
1039 uint32_t next_instruction
;
1041 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
1043 /* skip over BKPT */
1044 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
1047 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1048 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1049 LOG_DEBUG("Skipping BKPT");
1051 /* skip over Wait for interrupt / Standby */
1052 /* mcr 15, 0, r?, cr7, cr0, {4} */
1053 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
1056 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1057 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1058 LOG_DEBUG("Skipping WFI");
1060 /* ignore B to self */
1061 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
1063 LOG_DEBUG("Not stepping jump to self");
1067 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
1070 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
1071 * the VCR might be something worth looking into. */
1074 /* Set up breakpoint for stepping */
1076 arm11_sc7_action_t brp
[2];
1079 brp
[0].address
= ARM11_SC7_BVR0
;
1081 brp
[1].address
= ARM11_SC7_BCR0
;
1083 if (arm11_config_hardware_step
)
1085 /* hardware single stepping be used if possible or is it better to
1086 * always use the same code path? Hardware single stepping is not supported
1089 brp
[0].value
= R(PC
);
1090 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
1093 /* sets a breakpoint on the next PC(calculated by simulation),
1097 retval
= arm11_simulate_step(target
, &next_pc
);
1098 if (retval
!= ERROR_OK
)
1101 brp
[0].value
= next_pc
;
1102 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1105 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, asizeof(brp
)));
1110 if (arm11_config_step_irq_enable
)
1111 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1113 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1116 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1118 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1120 CHECK_RETVAL(jtag_execute_queue());
1128 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1130 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1132 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1133 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1139 then
= timeval_ms();
1143 if ((timeval_ms()-then
) > 1000)
1145 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1152 /* clear breakpoint */
1153 arm11_sc7_clear_vbw(arm11
);
1156 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1158 /* restore default state */
1159 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1163 // target->state = TARGET_HALTED;
1164 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1166 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1171 static int arm11_assert_reset(target_t
*target
)
1176 arm11_common_t
* arm11
= target
->arch_info
;
1177 retval
= arm11_check_init(arm11
, NULL
);
1178 if (retval
!= ERROR_OK
)
1181 target
->state
= TARGET_UNKNOWN
;
1183 /* we would very much like to reset into the halted, state,
1184 * but resetting and halting is second best... */
1185 if (target
->reset_halt
)
1187 CHECK_RETVAL(target_halt(target
));
1191 /* srst is funny. We can not do *anything* else while it's asserted
1192 * and it has unkonwn side effects. Make sure no other code runs
1195 * Code below assumes srst:
1197 * - Causes power-on-reset (but of what parts of the system?). Bug
1200 * - Messes us TAP state without asserting trst.
1202 * - There is another bug in the arm11 core. When you generate an access to
1203 * external logic (for example ddr controller via AHB bus) and that block
1204 * is not configured (perhaps it is still held in reset), that transaction
1205 * will never complete. This will hang arm11 core but it will also hang
1206 * JTAG controller. Nothing, short of srst assertion will bring it out of
1211 * - What should the PC be after an srst reset when starting in the halted
1215 jtag_add_reset(0, 1);
1216 jtag_add_reset(0, 0);
1218 /* How long do we have to wait? */
1219 jtag_add_sleep(5000);
1221 /* un-mess up TAP state */
1224 retval
= jtag_execute_queue();
1225 if (retval
!= ERROR_OK
)
1233 static int arm11_deassert_reset(target_t
*target
)
1238 static int arm11_soft_reset_halt(struct target_s
*target
)
1240 FNC_INFO_NOTIMPLEMENTED
;
1245 /* target register access for gdb */
1246 static int arm11_get_gdb_reg_list(struct target_s
*target
,
1247 struct reg_s
**reg_list
[], int *reg_list_size
)
1251 arm11_common_t
* arm11
= target
->arch_info
;
1253 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1254 *reg_list
= malloc(sizeof(reg_t
*) * ARM11_GDB_REGISTER_COUNT
);
1256 for (size_t i
= 16; i
< 24; i
++)
1258 (*reg_list
)[i
] = &arm11_gdb_dummy_fp_reg
;
1261 (*reg_list
)[24] = &arm11_gdb_dummy_fps_reg
;
1263 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1265 if (arm11_reg_defs
[i
].gdb_num
== -1)
1268 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1274 /* target memory access
1275 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1276 * count: number of items of <size>
1278 * arm11_config_memrw_no_increment - in the future we may want to be able
1279 * to read/write a range of data to a "port". a "port" is an action on
1280 * read memory address for some peripheral.
1282 static int arm11_read_memory_inner(struct target_s
*target
,
1283 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1284 bool arm11_config_memrw_no_increment
)
1286 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1291 if (target
->state
!= TARGET_HALTED
)
1293 LOG_WARNING("target was not halted");
1294 return ERROR_TARGET_NOT_HALTED
;
1297 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1299 arm11_common_t
* arm11
= target
->arch_info
;
1301 retval
= arm11_run_instr_data_prepare(arm11
);
1302 if (retval
!= ERROR_OK
)
1305 /* MRC p14,0,r0,c0,c5,0 */
1306 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1307 if (retval
!= ERROR_OK
)
1313 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1314 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1316 for (size_t i
= 0; i
< count
; i
++)
1318 /* ldrb r1, [r0], #1 */
1320 arm11_run_instr_no_data1(arm11
,
1321 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1324 /* MCR p14,0,R1,c0,c5,0 */
1325 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1334 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1336 for (size_t i
= 0; i
< count
; i
++)
1338 /* ldrh r1, [r0], #2 */
1339 arm11_run_instr_no_data1(arm11
,
1340 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1344 /* MCR p14,0,R1,c0,c5,0 */
1345 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1347 uint16_t svalue
= res
;
1348 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1356 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1357 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1358 uint32_t *words
= (uint32_t *)buffer
;
1360 /* LDC p14,c5,[R0],#4 */
1361 /* LDC p14,c5,[R0] */
1362 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1367 return arm11_run_instr_data_finish(arm11
);
1370 static int arm11_read_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1372 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1376 * arm11_config_memrw_no_increment - in the future we may want to be able
1377 * to read/write a range of data to a "port". a "port" is an action on
1378 * read memory address for some peripheral.
1380 static int arm11_write_memory_inner(struct target_s
*target
,
1381 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1382 bool arm11_config_memrw_no_increment
)
1387 if (target
->state
!= TARGET_HALTED
)
1389 LOG_WARNING("target was not halted");
1390 return ERROR_TARGET_NOT_HALTED
;
1393 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1395 arm11_common_t
* arm11
= target
->arch_info
;
1397 retval
= arm11_run_instr_data_prepare(arm11
);
1398 if (retval
!= ERROR_OK
)
1401 /* MRC p14,0,r0,c0,c5,0 */
1402 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1403 if (retval
!= ERROR_OK
)
1406 /* burst writes are not used for single words as those may well be
1407 * reset init script writes.
1409 * The other advantage is that as burst writes are default, we'll
1410 * now exercise both burst and non-burst code paths with the
1411 * default settings, increasing code coverage.
1413 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1419 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1421 for (size_t i
= 0; i
< count
; i
++)
1423 /* MRC p14,0,r1,c0,c5,0 */
1424 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1425 if (retval
!= ERROR_OK
)
1428 /* strb r1, [r0], #1 */
1430 retval
= arm11_run_instr_no_data1(arm11
,
1431 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1432 if (retval
!= ERROR_OK
)
1441 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1443 for (size_t i
= 0; i
< count
; i
++)
1446 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1448 /* MRC p14,0,r1,c0,c5,0 */
1449 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1450 if (retval
!= ERROR_OK
)
1453 /* strh r1, [r0], #2 */
1455 retval
= arm11_run_instr_no_data1(arm11
,
1456 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1457 if (retval
!= ERROR_OK
)
1465 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1467 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1468 uint32_t *words
= (uint32_t*)buffer
;
1472 /* STC p14,c5,[R0],#4 */
1473 /* STC p14,c5,[R0]*/
1474 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1475 if (retval
!= ERROR_OK
)
1480 /* STC p14,c5,[R0],#4 */
1481 /* STC p14,c5,[R0]*/
1482 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1483 if (retval
!= ERROR_OK
)
1491 /* r0 verification */
1492 if (!arm11_config_memrw_no_increment
)
1496 /* MCR p14,0,R0,c0,c5,0 */
1497 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1498 if (retval
!= ERROR_OK
)
1501 if (address
+ size
* count
!= r0
)
1503 LOG_ERROR("Data transfer failed. Expected end "
1504 "address 0x%08x, got 0x%08x",
1505 (unsigned) (address
+ size
* count
),
1509 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1511 if (arm11_config_memwrite_error_fatal
)
1516 return arm11_run_instr_data_finish(arm11
);
1519 static int arm11_write_memory(struct target_s
*target
,
1520 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1522 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1525 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1526 static int arm11_bulk_write_memory(struct target_s
*target
,
1527 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1531 if (target
->state
!= TARGET_HALTED
)
1533 LOG_WARNING("target was not halted");
1534 return ERROR_TARGET_NOT_HALTED
;
1537 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1540 /* here we have nothing target specific to contribute, so we fail and then the
1541 * fallback code will read data from the target and calculate the CRC on the
1544 static int arm11_checksum_memory(struct target_s
*target
,
1545 uint32_t address
, uint32_t count
, uint32_t* checksum
)
1550 /* target break-/watchpoint control
1551 * rw: 0 = write, 1 = read, 2 = access
1553 static int arm11_add_breakpoint(struct target_s
*target
,
1554 breakpoint_t
*breakpoint
)
1558 arm11_common_t
* arm11
= target
->arch_info
;
1561 if (breakpoint
->type
== BKPT_SOFT
)
1563 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1564 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1568 if (!arm11
->free_brps
)
1570 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1571 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1574 if (breakpoint
->length
!= 4)
1576 LOG_DEBUG("only breakpoints of four bytes length supported");
1577 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1585 static int arm11_remove_breakpoint(struct target_s
*target
,
1586 breakpoint_t
*breakpoint
)
1590 arm11_common_t
* arm11
= target
->arch_info
;
1597 static int arm11_add_watchpoint(struct target_s
*target
,
1598 watchpoint_t
*watchpoint
)
1600 FNC_INFO_NOTIMPLEMENTED
;
1605 static int arm11_remove_watchpoint(struct target_s
*target
,
1606 watchpoint_t
*watchpoint
)
1608 FNC_INFO_NOTIMPLEMENTED
;
1613 // HACKHACKHACK - FIXME mode/state
1614 /* target algorithm support */
1615 static int arm11_run_algorithm(struct target_s
*target
,
1616 int num_mem_params
, mem_param_t
*mem_params
,
1617 int num_reg_params
, reg_param_t
*reg_params
,
1618 uint32_t entry_point
, uint32_t exit_point
,
1619 int timeout_ms
, void *arch_info
)
1621 arm11_common_t
*arm11
= target
->arch_info
;
1622 // enum armv4_5_state core_state = arm11->core_state;
1623 // enum armv4_5_mode core_mode = arm11->core_mode;
1624 uint32_t context
[16];
1626 int exit_breakpoint_size
= 0;
1627 int retval
= ERROR_OK
;
1628 LOG_DEBUG("Running algorithm");
1631 if (target
->state
!= TARGET_HALTED
)
1633 LOG_WARNING("target not halted");
1634 return ERROR_TARGET_NOT_HALTED
;
1638 // if (armv4_5_mode_to_number(arm11->core_mode)==-1)
1639 // return ERROR_FAIL;
1642 for (unsigned i
= 0; i
< 16; i
++)
1644 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1645 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1648 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1649 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1651 for (int i
= 0; i
< num_mem_params
; i
++)
1653 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1656 // Set register parameters
1657 for (int i
= 0; i
< num_reg_params
; i
++)
1659 reg_t
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1662 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1666 if (reg
->size
!= reg_params
[i
].size
)
1668 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1671 arm11_set_reg(reg
,reg_params
[i
].value
);
1672 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1675 exit_breakpoint_size
= 4;
1677 /* arm11->core_state = arm11_algorithm_info->core_state;
1678 if (arm11->core_state == ARMV4_5_STATE_ARM)
1679 exit_breakpoint_size = 4;
1680 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1681 exit_breakpoint_size = 2;
1684 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1690 /* arm11 at this point only supports ARM not THUMB mode
1691 however if this test needs to be reactivated the current state can be read back
1694 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1696 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1697 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1698 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1699 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1703 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1705 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1706 retval
= ERROR_TARGET_FAILURE
;
1710 // no debug, otherwise breakpoint is not set
1711 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1713 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1715 if (target
->state
!= TARGET_HALTED
)
1717 CHECK_RETVAL(target_halt(target
));
1719 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1721 retval
= ERROR_TARGET_TIMEOUT
;
1723 goto del_breakpoint
;
1726 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1728 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1729 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1730 retval
= ERROR_TARGET_TIMEOUT
;
1731 goto del_breakpoint
;
1734 for (int i
= 0; i
< num_mem_params
; i
++)
1736 if (mem_params
[i
].direction
!= PARAM_OUT
)
1737 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1740 for (int i
= 0; i
< num_reg_params
; i
++)
1742 if (reg_params
[i
].direction
!= PARAM_OUT
)
1744 reg_t
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1747 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1751 if (reg
->size
!= reg_params
[i
].size
)
1753 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1757 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1762 breakpoint_remove(target
, exit_point
);
1766 for (size_t i
= 0; i
< 16; i
++)
1768 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1769 arm11
->reg_list
[i
].name
, context
[i
]);
1770 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1772 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1773 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1775 // arm11->core_state = core_state;
1776 // arm11->core_mode = core_mode;
1781 static int arm11_target_create(struct target_s
*target
, Jim_Interp
*interp
)
1785 NEW(arm11_common_t
, arm11
, 1);
1787 arm11
->target
= target
;
1789 if (target
->tap
== NULL
)
1792 if (target
->tap
->ir_length
!= 5)
1794 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1795 return ERROR_COMMAND_SYNTAX_ERROR
;
1798 target
->arch_info
= arm11
;
1803 static int arm11_init_target(struct command_context_s
*cmd_ctx
,
1804 struct target_s
*target
)
1806 /* Initialize anything we can set up without talking to the target */
1807 return arm11_build_reg_cache(target
);
1810 /* talk to the target and set things up */
1811 static int arm11_examine(struct target_s
*target
)
1817 arm11_common_t
* arm11
= target
->arch_info
;
1821 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1823 scan_field_t idcode_field
;
1825 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1827 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1831 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1833 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1835 scan_field_t chain0_fields
[2];
1837 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1838 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1840 arm11_add_dr_scan_vc(asizeof(chain0_fields
), chain0_fields
, TAP_IDLE
);
1842 CHECK_RETVAL(jtag_execute_queue());
1844 switch (arm11
->device_id
& 0x0FFFF000)
1846 case 0x07B36000: LOG_INFO("found ARM1136"); break;
1847 case 0x07B56000: LOG_INFO("found ARM1156"); break;
1848 case 0x07B76000: LOG_INFO("found ARM1176"); break;
1851 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1856 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1858 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1859 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1861 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1865 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1866 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1868 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1869 arm11
->free_brps
= arm11
->brp
;
1870 arm11
->free_wrps
= arm11
->wrp
;
1872 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1874 (int)(arm11
->implementor
),
1877 /* as a side-effect this reads DSCR and thus
1878 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1879 * as suggested by the spec.
1882 retval
= arm11_check_init(arm11
, NULL
);
1883 if (retval
!= ERROR_OK
)
1886 target_set_examined(target
);
1892 /** Load a register that is marked !valid in the register cache */
1893 static int arm11_get_reg(reg_t
*reg
)
1897 target_t
* target
= ((arm11_reg_state_t
*)reg
->arch_info
)->target
;
1899 if (target
->state
!= TARGET_HALTED
)
1901 LOG_WARNING("target was not halted");
1902 return ERROR_TARGET_NOT_HALTED
;
1905 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1908 arm11_common_t
*arm11
= target
->arch_info
;
1909 const arm11_reg_defs_t
* arm11_reg_info
= arm11_reg_defs
+ ((arm11_reg_state_t
*)reg
->arch_info
)->def_index
;
1915 /** Change a value in the register cache */
1916 static int arm11_set_reg(reg_t
*reg
, uint8_t *buf
)
1920 target_t
* target
= ((arm11_reg_state_t
*)reg
->arch_info
)->target
;
1921 arm11_common_t
*arm11
= target
->arch_info
;
1922 // const arm11_reg_defs_t * arm11_reg_info = arm11_reg_defs + ((arm11_reg_state_t *)reg->arch_info)->def_index;
1924 arm11
->reg_values
[((arm11_reg_state_t
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1931 static int arm11_build_reg_cache(target_t
*target
)
1933 arm11_common_t
*arm11
= target
->arch_info
;
1935 NEW(reg_cache_t
, cache
, 1);
1936 NEW(reg_t
, reg_list
, ARM11_REGCACHE_COUNT
);
1937 NEW(arm11_reg_state_t
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1939 if (arm11_regs_arch_type
== -1)
1940 arm11_regs_arch_type
= register_reg_arch_type(arm11_get_reg
, arm11_set_reg
);
1942 register_init_dummy(&arm11_gdb_dummy_fp_reg
);
1943 register_init_dummy(&arm11_gdb_dummy_fps_reg
);
1945 arm11
->reg_list
= reg_list
;
1947 /* Build the process context cache */
1948 cache
->name
= "arm11 registers";
1950 cache
->reg_list
= reg_list
;
1951 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1953 reg_cache_t
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1956 arm11
->core_cache
= cache
;
1957 // armv7m->process_context = cache;
1961 /* Not very elegant assertion */
1962 if (ARM11_REGCACHE_COUNT
!= asizeof(arm11
->reg_values
) ||
1963 ARM11_REGCACHE_COUNT
!= asizeof(arm11_reg_defs
) ||
1964 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1966 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU
" " ZU
" %d)", ARM11_REGCACHE_COUNT
, asizeof(arm11
->reg_values
), asizeof(arm11_reg_defs
), ARM11_RC_MAX
);
1970 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1972 reg_t
* r
= reg_list
+ i
;
1973 const arm11_reg_defs_t
* rd
= arm11_reg_defs
+ i
;
1974 arm11_reg_state_t
* rs
= arm11_reg_states
+ i
;
1978 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1981 r
->bitfield_desc
= NULL
;
1982 r
->num_bitfields
= 0;
1983 r
->arch_type
= arm11_regs_arch_type
;
1987 rs
->target
= target
;
1993 static int arm11_handle_bool(struct command_context_s
*cmd_ctx
,
1994 char *cmd
, char **args
, int argc
, bool * var
, char * name
)
1998 LOG_INFO("%s is %s.", name
, *var
? "enabled" : "disabled");
2003 return ERROR_COMMAND_SYNTAX_ERROR
;
2008 case 'f': /* false */
2010 case 'd': /* disable */
2016 case 't': /* true */
2018 case 'e': /* enable */
2024 LOG_INFO("%s %s.", *var
? "Enabled" : "Disabled", name
);
2029 #define BOOL_WRAPPER(name, print_name) \
2030 static int arm11_handle_bool_##name(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc) \
2032 return arm11_handle_bool(cmd_ctx, cmd, args, argc, &arm11_config_##name, print_name); \
2035 BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
2036 BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
2037 BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
2038 BOOL_WRAPPER(hardware_step
, "hardware single step")
2040 static int arm11_handle_vcr(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2046 COMMAND_PARSE_NUMBER(u32
, args
[0], arm11_vcr
);
2049 return ERROR_COMMAND_SYNTAX_ERROR
;
2052 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
2056 static const uint32_t arm11_coproc_instruction_limits
[] =
2058 15, /* coprocessor */
2063 0xFFFFFFFF, /* value */
2066 static arm11_common_t
* arm11_find_target(const char * arg
)
2071 tap
= jtag_tap_by_string(arg
);
2076 for (t
= all_targets
; t
; t
= t
->next
)
2081 /* if (t->type == arm11_target) */
2082 if (0 == strcmp(target_get_name(t
), "arm11"))
2083 return t
->arch_info
;
2089 static int arm11_handle_mrc_mcr(struct command_context_s
*cmd_ctx
,
2090 char *cmd
, char **args
, int argc
, bool read
)
2094 if (argc
!= (read
? 6 : 7))
2096 LOG_ERROR("Invalid number of arguments.");
2097 return ERROR_COMMAND_SYNTAX_ERROR
;
2100 arm11_common_t
* arm11
= arm11_find_target(args
[0]);
2104 LOG_ERROR("Parameter 1 is not a the JTAG chain position of an ARM11 device.");
2105 return ERROR_COMMAND_SYNTAX_ERROR
;
2108 if (arm11
->target
->state
!= TARGET_HALTED
)
2110 LOG_WARNING("target was not halted");
2111 return ERROR_TARGET_NOT_HALTED
;
2116 for (size_t i
= 0; i
< (read
? 5 : 6); i
++)
2118 COMMAND_PARSE_NUMBER(u32
, args
[i
+ 1], values
[i
]);
2120 if (values
[i
] > arm11_coproc_instruction_limits
[i
])
2122 LOG_ERROR("Parameter %ld out of bounds (%" PRId32
" max).",
2124 arm11_coproc_instruction_limits
[i
]);
2125 return ERROR_COMMAND_SYNTAX_ERROR
;
2129 uint32_t instr
= 0xEE000010 |
2137 instr
|= 0x00100000;
2139 retval
= arm11_run_instr_data_prepare(arm11
);
2140 if (retval
!= ERROR_OK
)
2146 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, &result
);
2147 if (retval
!= ERROR_OK
)
2150 LOG_INFO("MRC p%d, %d, R0, c%d, c%d, %d = 0x%08" PRIx32
" (%" PRId32
")",
2155 (int)(values
[4]), result
, result
);
2159 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, values
[5]);
2160 if (retval
!= ERROR_OK
)
2163 LOG_INFO("MRC p%d, %d, R0 (#0x%08" PRIx32
"), c%d, c%d, %d",
2164 (int)(values
[0]), (int)(values
[1]),
2166 (int)(values
[2]), (int)(values
[3]), (int)(values
[4]));
2169 return arm11_run_instr_data_finish(arm11
);
2172 static int arm11_handle_mrc(struct command_context_s
*cmd_ctx
,
2173 char *cmd
, char **args
, int argc
)
2175 return arm11_handle_mrc_mcr(cmd_ctx
, cmd
, args
, argc
, true);
2178 static int arm11_handle_mcr(struct command_context_s
*cmd_ctx
,
2179 char *cmd
, char **args
, int argc
)
2181 return arm11_handle_mrc_mcr(cmd_ctx
, cmd
, args
, argc
, false);
2184 static int arm11_mrc_inner(target_t
*target
, int cpnum
,
2185 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
2186 uint32_t *value
, bool read
)
2190 if (target
->state
!= TARGET_HALTED
)
2192 LOG_ERROR("Target not halted");
2196 arm11_common_t
* arm11
= target
->arch_info
;
2198 uint32_t instr
= 0xEE000010 |
2206 instr
|= 0x00100000;
2208 retval
= arm11_run_instr_data_prepare(arm11
);
2209 if (retval
!= ERROR_OK
)
2214 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
2215 if (retval
!= ERROR_OK
)
2220 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
2221 if (retval
!= ERROR_OK
)
2225 return arm11_run_instr_data_finish(arm11
);
2228 static int arm11_mrc(target_t
*target
, int cpnum
,
2229 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
2231 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
2234 static int arm11_mcr(target_t
*target
, int cpnum
,
2235 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
2237 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
2240 #define ARM11_HANDLER(x) .x = arm11_##x
2242 target_type_t arm11_target
= {
2245 ARM11_HANDLER(poll
),
2246 ARM11_HANDLER(arch_state
),
2248 ARM11_HANDLER(target_request_data
),
2250 ARM11_HANDLER(halt
),
2251 ARM11_HANDLER(resume
),
2252 ARM11_HANDLER(step
),
2254 ARM11_HANDLER(assert_reset
),
2255 ARM11_HANDLER(deassert_reset
),
2256 ARM11_HANDLER(soft_reset_halt
),
2258 ARM11_HANDLER(get_gdb_reg_list
),
2260 ARM11_HANDLER(read_memory
),
2261 ARM11_HANDLER(write_memory
),
2263 ARM11_HANDLER(bulk_write_memory
),
2265 ARM11_HANDLER(checksum_memory
),
2267 ARM11_HANDLER(add_breakpoint
),
2268 ARM11_HANDLER(remove_breakpoint
),
2269 ARM11_HANDLER(add_watchpoint
),
2270 ARM11_HANDLER(remove_watchpoint
),
2272 ARM11_HANDLER(run_algorithm
),
2274 ARM11_HANDLER(register_commands
),
2275 ARM11_HANDLER(target_create
),
2276 ARM11_HANDLER(init_target
),
2277 ARM11_HANDLER(examine
),
2284 int arm11_register_commands(struct command_context_s
*cmd_ctx
)
2288 command_t
*top_cmd
, *mw_cmd
;
2290 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
2291 NULL
, COMMAND_ANY
, NULL
);
2293 /* "hardware_step" is only here to check if the default
2294 * simulate + breakpoint implementation is broken.
2295 * TEMPORARY! NOT DOCUMENTED!
2297 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2298 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2299 "DEBUG ONLY - Hardware single stepping"
2300 " (default: disabled)");
2302 register_command(cmd_ctx
, top_cmd
, "mcr",
2303 arm11_handle_mcr
, COMMAND_ANY
,
2304 "Write Coprocessor register. mcr <jtag_target> <coprocessor> <opcode 1> <CRn> <CRm> <opcode 2> <32bit value to write>. All parameters are numbers only.");
2306 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2307 NULL
, COMMAND_ANY
, NULL
);
2308 register_command(cmd_ctx
, mw_cmd
, "burst",
2309 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2310 "Enable/Disable non-standard but fast burst mode"
2311 " (default: enabled)");
2312 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2313 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2314 "Terminate program if transfer error was found"
2315 " (default: enabled)");
2317 register_command(cmd_ctx
, top_cmd
, "mrc",
2318 arm11_handle_mrc
, COMMAND_ANY
,
2319 "Read Coprocessor register. mrc <jtag_target> <coprocessor> <opcode 1> <CRn> <CRm> <opcode 2>. All parameters are numbers only.");
2320 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2321 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2322 "Enable interrupts while stepping"
2323 " (default: disabled)");
2324 register_command(cmd_ctx
, top_cmd
, "vcr",
2325 arm11_handle_vcr
, COMMAND_ANY
,
2326 "Control (Interrupt) Vector Catch Register");
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)