1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
31 #include "arm_simulator.h"
32 #include "time_support.h"
33 #include "target_type.h"
37 #define _DEBUG_INSTRUCTION_EXECUTION_
41 #define FNC_INFO LOG_DEBUG("-")
47 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
49 #define FNC_INFO_NOTIMPLEMENTED
52 static int arm11_on_enter_debug_state(arm11_common_t
* arm11
);
54 bool arm11_config_memwrite_burst
= true;
55 bool arm11_config_memwrite_error_fatal
= true;
56 uint32_t arm11_vcr
= 0;
57 bool arm11_config_step_irq_enable
= false;
58 bool arm11_config_hardware_step
= false;
60 #define ARM11_HANDLER(x) \
63 target_type_t arm11_target
=
68 ARM11_HANDLER(arch_state
),
70 ARM11_HANDLER(target_request_data
),
73 ARM11_HANDLER(resume
),
76 ARM11_HANDLER(assert_reset
),
77 ARM11_HANDLER(deassert_reset
),
78 ARM11_HANDLER(soft_reset_halt
),
80 ARM11_HANDLER(get_gdb_reg_list
),
82 ARM11_HANDLER(read_memory
),
83 ARM11_HANDLER(write_memory
),
85 ARM11_HANDLER(bulk_write_memory
),
87 ARM11_HANDLER(checksum_memory
),
89 ARM11_HANDLER(add_breakpoint
),
90 ARM11_HANDLER(remove_breakpoint
),
91 ARM11_HANDLER(add_watchpoint
),
92 ARM11_HANDLER(remove_watchpoint
),
94 ARM11_HANDLER(run_algorithm
),
96 ARM11_HANDLER(register_commands
),
97 ARM11_HANDLER(target_create
),
98 ARM11_HANDLER(init_target
),
99 ARM11_HANDLER(examine
),
102 int arm11_regs_arch_type
= -1;
120 ARM11_REGISTER_SPSR_FIQ
,
121 ARM11_REGISTER_SPSR_SVC
,
122 ARM11_REGISTER_SPSR_ABT
,
123 ARM11_REGISTER_SPSR_IRQ
,
124 ARM11_REGISTER_SPSR_UND
,
125 ARM11_REGISTER_SPSR_MON
,
134 typedef struct arm11_reg_defs_s
139 enum arm11_regtype type
;
142 /* update arm11_regcache_ids when changing this */
143 static const arm11_reg_defs_t arm11_reg_defs
[] =
145 {"r0", 0, 0, ARM11_REGISTER_CORE
},
146 {"r1", 1, 1, ARM11_REGISTER_CORE
},
147 {"r2", 2, 2, ARM11_REGISTER_CORE
},
148 {"r3", 3, 3, ARM11_REGISTER_CORE
},
149 {"r4", 4, 4, ARM11_REGISTER_CORE
},
150 {"r5", 5, 5, ARM11_REGISTER_CORE
},
151 {"r6", 6, 6, ARM11_REGISTER_CORE
},
152 {"r7", 7, 7, ARM11_REGISTER_CORE
},
153 {"r8", 8, 8, ARM11_REGISTER_CORE
},
154 {"r9", 9, 9, ARM11_REGISTER_CORE
},
155 {"r10", 10, 10, ARM11_REGISTER_CORE
},
156 {"r11", 11, 11, ARM11_REGISTER_CORE
},
157 {"r12", 12, 12, ARM11_REGISTER_CORE
},
158 {"sp", 13, 13, ARM11_REGISTER_CORE
},
159 {"lr", 14, 14, ARM11_REGISTER_CORE
},
160 {"pc", 15, 15, ARM11_REGISTER_CORE
},
162 #if ARM11_REGCACHE_FREGS
163 {"f0", 0, 16, ARM11_REGISTER_FX
},
164 {"f1", 1, 17, ARM11_REGISTER_FX
},
165 {"f2", 2, 18, ARM11_REGISTER_FX
},
166 {"f3", 3, 19, ARM11_REGISTER_FX
},
167 {"f4", 4, 20, ARM11_REGISTER_FX
},
168 {"f5", 5, 21, ARM11_REGISTER_FX
},
169 {"f6", 6, 22, ARM11_REGISTER_FX
},
170 {"f7", 7, 23, ARM11_REGISTER_FX
},
171 {"fps", 0, 24, ARM11_REGISTER_FPS
},
174 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
176 #if ARM11_REGCACHE_MODEREGS
177 {"r8_fiq", 8, -1, ARM11_REGISTER_FIQ
},
178 {"r9_fiq", 9, -1, ARM11_REGISTER_FIQ
},
179 {"r10_fiq", 10, -1, ARM11_REGISTER_FIQ
},
180 {"r11_fiq", 11, -1, ARM11_REGISTER_FIQ
},
181 {"r12_fiq", 12, -1, ARM11_REGISTER_FIQ
},
182 {"r13_fiq", 13, -1, ARM11_REGISTER_FIQ
},
183 {"r14_fiq", 14, -1, ARM11_REGISTER_FIQ
},
184 {"spsr_fiq", 0, -1, ARM11_REGISTER_SPSR_FIQ
},
186 {"r13_svc", 13, -1, ARM11_REGISTER_SVC
},
187 {"r14_svc", 14, -1, ARM11_REGISTER_SVC
},
188 {"spsr_svc", 0, -1, ARM11_REGISTER_SPSR_SVC
},
190 {"r13_abt", 13, -1, ARM11_REGISTER_ABT
},
191 {"r14_abt", 14, -1, ARM11_REGISTER_ABT
},
192 {"spsr_abt", 0, -1, ARM11_REGISTER_SPSR_ABT
},
194 {"r13_irq", 13, -1, ARM11_REGISTER_IRQ
},
195 {"r14_irq", 14, -1, ARM11_REGISTER_IRQ
},
196 {"spsr_irq", 0, -1, ARM11_REGISTER_SPSR_IRQ
},
198 {"r13_und", 13, -1, ARM11_REGISTER_UND
},
199 {"r14_und", 14, -1, ARM11_REGISTER_UND
},
200 {"spsr_und", 0, -1, ARM11_REGISTER_SPSR_UND
},
203 {"r13_mon", 13, -1, ARM11_REGISTER_MON
},
204 {"r14_mon", 14, -1, ARM11_REGISTER_MON
},
205 {"spsr_mon", 0, -1, ARM11_REGISTER_SPSR_MON
},
208 /* Debug Registers */
209 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
210 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
211 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
214 enum arm11_regcache_ids
217 ARM11_RC_RX
= ARM11_RC_R0
,
232 ARM11_RC_SP
= ARM11_RC_R13
,
234 ARM11_RC_LR
= ARM11_RC_R14
,
236 ARM11_RC_PC
= ARM11_RC_R15
,
238 #if ARM11_REGCACHE_FREGS
240 ARM11_RC_FX
= ARM11_RC_F0
,
253 #if ARM11_REGCACHE_MODEREGS
291 #define ARM11_GDB_REGISTER_COUNT 26
293 uint8_t arm11_gdb_dummy_fp_value
[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
295 reg_t arm11_gdb_dummy_fp_reg
=
297 "GDB dummy floating-point register", arm11_gdb_dummy_fp_value
, 0, 1, 96, NULL
, 0, NULL
, 0
300 uint8_t arm11_gdb_dummy_fps_value
[] = {0, 0, 0, 0};
302 reg_t arm11_gdb_dummy_fps_reg
=
304 "GDB dummy floating-point status register", arm11_gdb_dummy_fps_value
, 0, 1, 32, NULL
, 0, NULL
, 0
309 /** Check and if necessary take control of the system
311 * \param arm11 Target state variable.
312 * \param dscr If the current DSCR content is
313 * available a pointer to a word holding the
314 * DSCR can be passed. Otherwise use NULL.
316 int arm11_check_init(arm11_common_t
* arm11
, uint32_t * dscr
)
320 uint32_t dscr_local_tmp_copy
;
324 dscr
= &dscr_local_tmp_copy
;
326 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
329 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
331 LOG_DEBUG("Bringing target into debug mode");
333 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
334 arm11_write_DSCR(arm11
, *dscr
);
336 /* add further reset initialization here */
338 arm11
->simulate_reset_on_next_halt
= true;
340 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
342 /** \todo TODO: this needs further scrutiny because
343 * arm11_on_enter_debug_state() never gets properly called.
344 * As a result we don't read the actual register states from
348 arm11
->target
->state
= TARGET_HALTED
;
349 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
353 arm11
->target
->state
= TARGET_RUNNING
;
354 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
357 arm11_sc7_clear_vbw(arm11
);
366 (arm11->reg_values[ARM11_RC_##x])
368 /** Save processor state.
370 * This is called when the HALT instruction has succeeded
371 * or on other occasions that stop the processor.
374 static int arm11_on_enter_debug_state(arm11_common_t
* arm11
)
379 for (size_t i
= 0; i
< asizeof(arm11
->reg_values
); i
++)
381 arm11
->reg_list
[i
].valid
= 1;
382 arm11
->reg_list
[i
].dirty
= 0;
386 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
390 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
392 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
394 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
396 scan_field_t chain5_fields
[3];
398 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
399 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
400 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
402 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
406 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
410 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
411 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
412 ARM1136 seems to require this to issue ITR's as well */
414 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
416 /* this executes JTAG queue: */
418 arm11_write_DSCR(arm11
, new_dscr
);
422 Before executing any instruction in debug state you have to drain the write buffer.
423 This ensures that no imprecise Data Aborts can return at a later point:*/
425 /** \todo TODO: Test drain write buffer. */
430 /* MRC p14,0,R0,c5,c10,0 */
431 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
433 /* mcr 15, 0, r0, cr7, cr10, {4} */
434 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
436 uint32_t dscr
= arm11_read_DSCR(arm11
);
438 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
440 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
442 arm11_run_instr_no_data1(arm11
, 0xe320f000);
444 dscr
= arm11_read_DSCR(arm11
);
446 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
453 retval
= arm11_run_instr_data_prepare(arm11
);
454 if (retval
!= ERROR_OK
)
459 /** \todo TODO: handle other mode registers */
461 for (size_t i
= 0; i
< 15; i
++)
463 /* MCR p14,0,R?,c0,c5,0 */
464 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
465 if (retval
!= ERROR_OK
)
471 /* check rDTRfull in DSCR */
473 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
475 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
476 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
477 if (retval
!= ERROR_OK
)
482 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
487 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
488 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
489 if (retval
!= ERROR_OK
)
494 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
495 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
496 if (retval
!= ERROR_OK
)
499 /* adjust PC depending on ARM state */
501 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
503 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
505 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
507 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
511 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
514 if (arm11
->simulate_reset_on_next_halt
)
516 arm11
->simulate_reset_on_next_halt
= false;
518 LOG_DEBUG("Reset c1 Control Register");
520 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
522 /* MCR p15,0,R0,c1,c0,0 */
523 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
524 if (retval
!= ERROR_OK
)
529 retval
= arm11_run_instr_data_finish(arm11
);
530 if (retval
!= ERROR_OK
)
533 arm11_dump_reg_changes(arm11
);
538 void arm11_dump_reg_changes(arm11_common_t
* arm11
)
541 if (!(debug_level
>= LOG_LVL_DEBUG
))
546 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
548 if (!arm11
->reg_list
[i
].valid
)
550 if (arm11
->reg_history
[i
].valid
)
551 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
555 if (arm11
->reg_history
[i
].valid
)
557 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
558 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
562 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
568 /** Restore processor state
570 * This is called in preparation for the RESTART function.
573 int arm11_leave_debug_state(arm11_common_t
* arm11
)
578 retval
= arm11_run_instr_data_prepare(arm11
);
579 if (retval
!= ERROR_OK
)
582 /** \todo TODO: handle other mode registers */
584 /* restore R1 - R14 */
586 for (size_t i
= 1; i
< 15; i
++)
588 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
591 /* MRC p14,0,r?,c0,c5,0 */
592 arm11_run_instr_data_to_core1(arm11
, 0xee100e15 | (i
<< 12), R(RX
+ i
));
594 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
597 retval
= arm11_run_instr_data_finish(arm11
);
598 if (retval
!= ERROR_OK
)
601 /* spec says clear wDTR and rDTR; we assume they are clear as
602 otherwise our programming would be sloppy */
606 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
608 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
611 The wDTR/rDTR two registers that are used to send/receive data to/from
612 the core in tandem with corresponding instruction codes that are
613 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
614 registers hold data that was written by one side (CPU or JTAG) and not
615 read out by the other side.
617 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
622 retval
= arm11_run_instr_data_prepare(arm11
);
623 if (retval
!= ERROR_OK
)
626 /* restore original wDTR */
628 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
630 /* MCR p14,0,R0,c0,c5,0 */
631 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
632 if (retval
!= ERROR_OK
)
639 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
640 if (retval
!= ERROR_OK
)
647 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
648 if (retval
!= ERROR_OK
)
654 /* MRC p14,0,r0,c0,c5,0 */
655 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
657 retval
= arm11_run_instr_data_finish(arm11
);
658 if (retval
!= ERROR_OK
)
663 arm11_write_DSCR(arm11
, R(DSCR
));
667 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
669 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
671 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
673 scan_field_t chain5_fields
[3];
675 uint8_t Ready
= 0; /* ignored */
676 uint8_t Valid
= 0; /* ignored */
678 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
679 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
680 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
682 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
685 arm11_record_register_history(arm11
);
690 void arm11_record_register_history(arm11_common_t
* arm11
)
692 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
694 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
695 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
697 arm11
->reg_list
[i
].valid
= 0;
698 arm11
->reg_list
[i
].dirty
= 0;
703 /* poll current target status */
704 int arm11_poll(struct target_s
*target
)
709 arm11_common_t
* arm11
= target
->arch_info
;
713 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
715 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
717 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
719 if (dscr
& ARM11_DSCR_CORE_HALTED
)
721 if (target
->state
!= TARGET_HALTED
)
723 enum target_state old_state
= target
->state
;
725 LOG_DEBUG("enter TARGET_HALTED");
726 target
->state
= TARGET_HALTED
;
727 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
728 retval
= arm11_on_enter_debug_state(arm11
);
729 if (retval
!= ERROR_OK
)
732 target_call_event_callbacks(target
,
733 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
738 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
740 LOG_DEBUG("enter TARGET_RUNNING");
741 target
->state
= TARGET_RUNNING
;
742 target
->debug_reason
= DBG_REASON_NOTHALTED
;
748 /* architecture specific status reply */
749 int arm11_arch_state(struct target_s
*target
)
751 arm11_common_t
* arm11
= target
->arch_info
;
753 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
754 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
761 /* target request support */
762 int arm11_target_request_data(struct target_s
*target
, uint32_t size
, uint8_t *buffer
)
764 FNC_INFO_NOTIMPLEMENTED
;
769 /* target execution control */
770 int arm11_halt(struct target_s
*target
)
774 arm11_common_t
* arm11
= target
->arch_info
;
776 LOG_DEBUG("target->state: %s",
777 target_state_name(target
));
779 if (target
->state
== TARGET_UNKNOWN
)
781 arm11
->simulate_reset_on_next_halt
= true;
784 if (target
->state
== TARGET_HALTED
)
786 LOG_DEBUG("target was already halted");
790 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
792 CHECK_RETVAL(jtag_execute_queue());
799 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
801 if (dscr
& ARM11_DSCR_CORE_HALTED
)
812 if ((timeval_ms()-then
) > 1000)
814 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
821 arm11_on_enter_debug_state(arm11
);
823 enum target_state old_state
= target
->state
;
825 target
->state
= TARGET_HALTED
;
826 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
829 target_call_event_callbacks(target
,
830 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
835 int arm11_resume(struct target_s
*target
, int current
, uint32_t address
, int handle_breakpoints
, int debug_execution
)
839 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
840 // current, address, handle_breakpoints, debug_execution);
842 arm11_common_t
* arm11
= target
->arch_info
;
844 LOG_DEBUG("target->state: %s",
845 target_state_name(target
));
848 if (target
->state
!= TARGET_HALTED
)
850 LOG_ERROR("Target not halted");
851 return ERROR_TARGET_NOT_HALTED
;
857 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
859 /* clear breakpoints/watchpoints and VCR*/
860 arm11_sc7_clear_vbw(arm11
);
862 /* Set up breakpoints */
863 if (!debug_execution
)
865 /* check if one matches PC and step over it if necessary */
869 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
871 if (bp
->address
== R(PC
))
873 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
874 arm11_step(target
, 1, 0, 0);
879 /* set all breakpoints */
883 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
885 arm11_sc7_action_t brp
[2];
888 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
889 brp
[0].value
= bp
->address
;
891 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
892 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
894 arm11_sc7_run(arm11
, brp
, asizeof(brp
));
896 LOG_DEBUG("Add BP " ZU
" at %08" PRIx32
"", brp_num
, bp
->address
);
901 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
904 arm11_leave_debug_state(arm11
);
906 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
908 CHECK_RETVAL(jtag_execute_queue());
915 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
917 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
919 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
930 if ((timeval_ms()-then
) > 1000)
932 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
939 if (!debug_execution
)
941 target
->state
= TARGET_RUNNING
;
942 target
->debug_reason
= DBG_REASON_NOTHALTED
;
944 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
948 target
->state
= TARGET_DEBUG_RUNNING
;
949 target
->debug_reason
= DBG_REASON_NOTHALTED
;
951 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
958 static int armv4_5_to_arm11(int reg
)
965 return ARM11_RC_CPSR
;
967 /* FIX!!! handle thumb better! */
968 return ARM11_RC_CPSR
;
970 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
976 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
978 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
980 reg
=armv4_5_to_arm11(reg
);
982 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
985 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
, int reg
, uint32_t value
)
987 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
989 reg
=armv4_5_to_arm11(reg
);
991 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
994 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
, int pos
, int bits
)
996 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
998 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
1001 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
1003 // arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
1005 /* FIX!!!! we should implement thumb for arm11 */
1006 return ARMV4_5_STATE_ARM
;
1009 static void arm11_sim_set_state(struct arm_sim_interface
*sim
, enum armv4_5_state mode
)
1011 // arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
1013 /* FIX!!!! we should implement thumb for arm11 */
1014 LOG_ERROR("Not implemetned!");
1018 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
1020 //arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
1022 /* FIX!!!! we should implement something that returns the current mode here!!! */
1023 return ARMV4_5_MODE_USR
;
1026 static int arm11_simulate_step(target_t
*target
, uint32_t *dry_run_pc
)
1028 struct arm_sim_interface sim
;
1030 sim
.user_data
=target
->arch_info
;
1031 sim
.get_reg
=&arm11_sim_get_reg
;
1032 sim
.set_reg
=&arm11_sim_set_reg
;
1033 sim
.get_reg_mode
=&arm11_sim_get_reg
;
1034 sim
.set_reg_mode
=&arm11_sim_set_reg
;
1035 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
1036 sim
.get_mode
=&arm11_sim_get_mode
;
1037 sim
.get_state
=&arm11_sim_get_state
;
1038 sim
.set_state
=&arm11_sim_set_state
;
1040 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
1044 int arm11_step(struct target_s
*target
, int current
, uint32_t address
, int handle_breakpoints
)
1048 LOG_DEBUG("target->state: %s",
1049 target_state_name(target
));
1051 if (target
->state
!= TARGET_HALTED
)
1053 LOG_WARNING("target was not halted");
1054 return ERROR_TARGET_NOT_HALTED
;
1057 arm11_common_t
* arm11
= target
->arch_info
;
1062 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
1065 /** \todo TODO: Thumb not supported here */
1067 uint32_t next_instruction
;
1069 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
1071 /* skip over BKPT */
1072 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
1075 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1076 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1077 LOG_DEBUG("Skipping BKPT");
1079 /* skip over Wait for interrupt / Standby */
1080 /* mcr 15, 0, r?, cr7, cr0, {4} */
1081 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
1084 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1085 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1086 LOG_DEBUG("Skipping WFI");
1088 /* ignore B to self */
1089 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
1091 LOG_DEBUG("Not stepping jump to self");
1095 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
1098 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
1099 * the VCR might be something worth looking into. */
1102 /* Set up breakpoint for stepping */
1104 arm11_sc7_action_t brp
[2];
1107 brp
[0].address
= ARM11_SC7_BVR0
;
1109 brp
[1].address
= ARM11_SC7_BCR0
;
1111 if (arm11_config_hardware_step
)
1113 /* hardware single stepping be used if possible or is it better to
1114 * always use the same code path? Hardware single stepping is not supported
1117 brp
[0].value
= R(PC
);
1118 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
1121 /* sets a breakpoint on the next PC(calculated by simulation),
1125 retval
= arm11_simulate_step(target
, &next_pc
);
1126 if (retval
!= ERROR_OK
)
1129 brp
[0].value
= next_pc
;
1130 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1133 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, asizeof(brp
)));
1138 if (arm11_config_step_irq_enable
)
1139 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1141 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1144 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1146 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1148 CHECK_RETVAL(jtag_execute_queue());
1156 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1158 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1160 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1161 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1167 then
= timeval_ms();
1171 if ((timeval_ms()-then
) > 1000)
1173 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1180 /* clear breakpoint */
1181 arm11_sc7_clear_vbw(arm11
);
1184 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1186 /* restore default state */
1187 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1191 // target->state = TARGET_HALTED;
1192 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1194 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1199 int arm11_assert_reset(target_t
*target
)
1204 arm11_common_t
* arm11
= target
->arch_info
;
1205 retval
= arm11_check_init(arm11
, NULL
);
1206 if (retval
!= ERROR_OK
)
1209 target
->state
= TARGET_UNKNOWN
;
1211 /* we would very much like to reset into the halted, state,
1212 * but resetting and halting is second best... */
1213 if (target
->reset_halt
)
1215 CHECK_RETVAL(target_halt(target
));
1219 /* srst is funny. We can not do *anything* else while it's asserted
1220 * and it has unkonwn side effects. Make sure no other code runs
1223 * Code below assumes srst:
1225 * - Causes power-on-reset (but of what parts of the system?). Bug
1228 * - Messes us TAP state without asserting trst.
1230 * - There is another bug in the arm11 core. When you generate an access to
1231 * external logic (for example ddr controller via AHB bus) and that block
1232 * is not configured (perhaps it is still held in reset), that transaction
1233 * will never complete. This will hang arm11 core but it will also hang
1234 * JTAG controller. Nothing, short of srst assertion will bring it out of
1239 * - What should the PC be after an srst reset when starting in the halted
1243 jtag_add_reset(0, 1);
1244 jtag_add_reset(0, 0);
1246 /* How long do we have to wait? */
1247 jtag_add_sleep(5000);
1249 /* un-mess up TAP state */
1252 retval
= jtag_execute_queue();
1253 if (retval
!= ERROR_OK
)
1261 int arm11_deassert_reset(target_t
*target
)
1266 int arm11_soft_reset_halt(struct target_s
*target
)
1268 FNC_INFO_NOTIMPLEMENTED
;
1273 /* target register access for gdb */
1274 int arm11_get_gdb_reg_list(struct target_s
*target
, struct reg_s
**reg_list
[], int *reg_list_size
)
1278 arm11_common_t
* arm11
= target
->arch_info
;
1280 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1281 *reg_list
= malloc(sizeof(reg_t
*) * ARM11_GDB_REGISTER_COUNT
);
1283 for (size_t i
= 16; i
< 24; i
++)
1285 (*reg_list
)[i
] = &arm11_gdb_dummy_fp_reg
;
1288 (*reg_list
)[24] = &arm11_gdb_dummy_fps_reg
;
1290 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1292 if (arm11_reg_defs
[i
].gdb_num
== -1)
1295 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1301 /* target memory access
1302 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1303 * count: number of items of <size>
1305 * arm11_config_memrw_no_increment - in the future we may want to be able
1306 * to read/write a range of data to a "port". a "port" is an action on
1307 * read memory address for some peripheral.
1309 int arm11_read_memory_inner(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1310 bool arm11_config_memrw_no_increment
)
1312 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1317 if (target
->state
!= TARGET_HALTED
)
1319 LOG_WARNING("target was not halted");
1320 return ERROR_TARGET_NOT_HALTED
;
1323 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1325 arm11_common_t
* arm11
= target
->arch_info
;
1327 retval
= arm11_run_instr_data_prepare(arm11
);
1328 if (retval
!= ERROR_OK
)
1331 /* MRC p14,0,r0,c0,c5,0 */
1332 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1333 if (retval
!= ERROR_OK
)
1339 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1340 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1342 for (size_t i
= 0; i
< count
; i
++)
1344 /* ldrb r1, [r0], #1 */
1346 arm11_run_instr_no_data1(arm11
,
1347 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1350 /* MCR p14,0,R1,c0,c5,0 */
1351 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1360 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1362 for (size_t i
= 0; i
< count
; i
++)
1364 /* ldrh r1, [r0], #2 */
1365 arm11_run_instr_no_data1(arm11
,
1366 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1370 /* MCR p14,0,R1,c0,c5,0 */
1371 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1373 uint16_t svalue
= res
;
1374 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1382 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1383 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1384 uint32_t *words
= (uint32_t *)buffer
;
1386 /* LDC p14,c5,[R0],#4 */
1387 /* LDC p14,c5,[R0] */
1388 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1393 return arm11_run_instr_data_finish(arm11
);
1396 int arm11_read_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1398 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1402 * arm11_config_memrw_no_increment - in the future we may want to be able
1403 * to read/write a range of data to a "port". a "port" is an action on
1404 * read memory address for some peripheral.
1406 int arm11_write_memory_inner(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1407 bool arm11_config_memrw_no_increment
)
1412 if (target
->state
!= TARGET_HALTED
)
1414 LOG_WARNING("target was not halted");
1415 return ERROR_TARGET_NOT_HALTED
;
1418 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1420 arm11_common_t
* arm11
= target
->arch_info
;
1422 retval
= arm11_run_instr_data_prepare(arm11
);
1423 if (retval
!= ERROR_OK
)
1426 /* MRC p14,0,r0,c0,c5,0 */
1427 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1428 if (retval
!= ERROR_OK
)
1431 /* burst writes are not used for single words as those may well be
1432 * reset init script writes.
1434 * The other advantage is that as burst writes are default, we'll
1435 * now exercise both burst and non-burst code paths with the
1436 * default settings, increasing code coverage.
1438 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1444 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1446 for (size_t i
= 0; i
< count
; i
++)
1448 /* MRC p14,0,r1,c0,c5,0 */
1449 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1450 if (retval
!= ERROR_OK
)
1453 /* strb r1, [r0], #1 */
1455 retval
= arm11_run_instr_no_data1(arm11
,
1456 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1457 if (retval
!= ERROR_OK
)
1466 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1468 for (size_t i
= 0; i
< count
; i
++)
1471 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1473 /* MRC p14,0,r1,c0,c5,0 */
1474 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1475 if (retval
!= ERROR_OK
)
1478 /* strh r1, [r0], #2 */
1480 retval
= arm11_run_instr_no_data1(arm11
,
1481 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1482 if (retval
!= ERROR_OK
)
1490 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1492 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1493 uint32_t *words
= (uint32_t*)buffer
;
1497 /* STC p14,c5,[R0],#4 */
1498 /* STC p14,c5,[R0]*/
1499 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1500 if (retval
!= ERROR_OK
)
1505 /* STC p14,c5,[R0],#4 */
1506 /* STC p14,c5,[R0]*/
1507 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1508 if (retval
!= ERROR_OK
)
1516 /* r0 verification */
1517 if (!arm11_config_memrw_no_increment
)
1521 /* MCR p14,0,R0,c0,c5,0 */
1522 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1523 if (retval
!= ERROR_OK
)
1526 if (address
+ size
* count
!= r0
)
1528 LOG_ERROR("Data transfer failed. Expected end "
1529 "address 0x%08x, got 0x%08x",
1530 (unsigned) (address
+ size
* count
),
1534 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1536 if (arm11_config_memwrite_error_fatal
)
1541 return arm11_run_instr_data_finish(arm11
);
1544 int arm11_write_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1546 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1549 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1550 int arm11_bulk_write_memory(struct target_s
*target
, uint32_t address
, uint32_t count
, uint8_t *buffer
)
1554 if (target
->state
!= TARGET_HALTED
)
1556 LOG_WARNING("target was not halted");
1557 return ERROR_TARGET_NOT_HALTED
;
1560 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1563 /* here we have nothing target specific to contribute, so we fail and then the
1564 * fallback code will read data from the target and calculate the CRC on the
1567 int arm11_checksum_memory(struct target_s
*target
, uint32_t address
, uint32_t count
, uint32_t* checksum
)
1572 /* target break-/watchpoint control
1573 * rw: 0 = write, 1 = read, 2 = access
1575 int arm11_add_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
1579 arm11_common_t
* arm11
= target
->arch_info
;
1582 if (breakpoint
->type
== BKPT_SOFT
)
1584 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1585 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1589 if (!arm11
->free_brps
)
1591 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1592 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1595 if (breakpoint
->length
!= 4)
1597 LOG_DEBUG("only breakpoints of four bytes length supported");
1598 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1606 int arm11_remove_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
1610 arm11_common_t
* arm11
= target
->arch_info
;
1617 int arm11_add_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
1619 FNC_INFO_NOTIMPLEMENTED
;
1624 int arm11_remove_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
1626 FNC_INFO_NOTIMPLEMENTED
;
1631 // HACKHACKHACK - FIXME mode/state
1632 /* target algorithm support */
1633 int arm11_run_algorithm(struct target_s
*target
, int num_mem_params
, mem_param_t
*mem_params
,
1634 int num_reg_params
, reg_param_t
*reg_params
, uint32_t entry_point
, uint32_t exit_point
,
1635 int timeout_ms
, void *arch_info
)
1637 arm11_common_t
*arm11
= target
->arch_info
;
1638 // enum armv4_5_state core_state = arm11->core_state;
1639 // enum armv4_5_mode core_mode = arm11->core_mode;
1640 uint32_t context
[16];
1642 int exit_breakpoint_size
= 0;
1643 int retval
= ERROR_OK
;
1644 LOG_DEBUG("Running algorithm");
1647 if (target
->state
!= TARGET_HALTED
)
1649 LOG_WARNING("target not halted");
1650 return ERROR_TARGET_NOT_HALTED
;
1654 // if (armv4_5_mode_to_number(arm11->core_mode)==-1)
1655 // return ERROR_FAIL;
1658 for (unsigned i
= 0; i
< 16; i
++)
1660 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1661 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1664 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1665 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1667 for (int i
= 0; i
< num_mem_params
; i
++)
1669 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1672 // Set register parameters
1673 for (int i
= 0; i
< num_reg_params
; i
++)
1675 reg_t
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1678 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1682 if (reg
->size
!= reg_params
[i
].size
)
1684 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1687 arm11_set_reg(reg
,reg_params
[i
].value
);
1688 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1691 exit_breakpoint_size
= 4;
1693 /* arm11->core_state = arm11_algorithm_info->core_state;
1694 if (arm11->core_state == ARMV4_5_STATE_ARM)
1695 exit_breakpoint_size = 4;
1696 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1697 exit_breakpoint_size = 2;
1700 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1706 /* arm11 at this point only supports ARM not THUMB mode
1707 however if this test needs to be reactivated the current state can be read back
1710 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1712 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1713 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1714 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1715 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1719 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1721 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1722 retval
= ERROR_TARGET_FAILURE
;
1726 // no debug, otherwise breakpoint is not set
1727 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1729 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1731 if (target
->state
!= TARGET_HALTED
)
1733 CHECK_RETVAL(target_halt(target
));
1735 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1737 retval
= ERROR_TARGET_TIMEOUT
;
1739 goto del_breakpoint
;
1742 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1744 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1745 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1746 retval
= ERROR_TARGET_TIMEOUT
;
1747 goto del_breakpoint
;
1750 for (int i
= 0; i
< num_mem_params
; i
++)
1752 if (mem_params
[i
].direction
!= PARAM_OUT
)
1753 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1756 for (int i
= 0; i
< num_reg_params
; i
++)
1758 if (reg_params
[i
].direction
!= PARAM_OUT
)
1760 reg_t
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1763 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1767 if (reg
->size
!= reg_params
[i
].size
)
1769 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1773 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1778 breakpoint_remove(target
, exit_point
);
1782 for (size_t i
= 0; i
< 16; i
++)
1784 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1785 arm11
->reg_list
[i
].name
, context
[i
]);
1786 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1788 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1789 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1791 // arm11->core_state = core_state;
1792 // arm11->core_mode = core_mode;
1797 int arm11_target_create(struct target_s
*target
, Jim_Interp
*interp
)
1801 NEW(arm11_common_t
, arm11
, 1);
1803 arm11
->target
= target
;
1805 if (target
->tap
== NULL
)
1808 if (target
->tap
->ir_length
!= 5)
1810 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1811 return ERROR_COMMAND_SYNTAX_ERROR
;
1814 target
->arch_info
= arm11
;
1819 int arm11_init_target(struct command_context_s
*cmd_ctx
, struct target_s
*target
)
1821 /* Initialize anything we can set up without talking to the target */
1822 return arm11_build_reg_cache(target
);
1825 /* talk to the target and set things up */
1826 int arm11_examine(struct target_s
*target
)
1832 arm11_common_t
* arm11
= target
->arch_info
;
1836 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1838 scan_field_t idcode_field
;
1840 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1842 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1846 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1848 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1850 scan_field_t chain0_fields
[2];
1852 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1853 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1855 arm11_add_dr_scan_vc(asizeof(chain0_fields
), chain0_fields
, TAP_IDLE
);
1857 CHECK_RETVAL(jtag_execute_queue());
1859 switch (arm11
->device_id
& 0x0FFFF000)
1861 case 0x07B36000: LOG_INFO("found ARM1136"); break;
1862 case 0x07B56000: LOG_INFO("found ARM1156"); break;
1863 case 0x07B76000: LOG_INFO("found ARM1176"); break;
1866 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1871 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1873 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1874 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1876 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1880 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1881 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1883 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1884 arm11
->free_brps
= arm11
->brp
;
1885 arm11
->free_wrps
= arm11
->wrp
;
1887 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1889 (int)(arm11
->implementor
),
1892 /* as a side-effect this reads DSCR and thus
1893 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1894 * as suggested by the spec.
1897 retval
= arm11_check_init(arm11
, NULL
);
1898 if (retval
!= ERROR_OK
)
1901 target_set_examined(target
);
1907 /** Load a register that is marked !valid in the register cache */
1908 int arm11_get_reg(reg_t
*reg
)
1912 target_t
* target
= ((arm11_reg_state_t
*)reg
->arch_info
)->target
;
1914 if (target
->state
!= TARGET_HALTED
)
1916 LOG_WARNING("target was not halted");
1917 return ERROR_TARGET_NOT_HALTED
;
1920 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1923 arm11_common_t
*arm11
= target
->arch_info
;
1924 const arm11_reg_defs_t
* arm11_reg_info
= arm11_reg_defs
+ ((arm11_reg_state_t
*)reg
->arch_info
)->def_index
;
1930 /** Change a value in the register cache */
1931 int arm11_set_reg(reg_t
*reg
, uint8_t *buf
)
1935 target_t
* target
= ((arm11_reg_state_t
*)reg
->arch_info
)->target
;
1936 arm11_common_t
*arm11
= target
->arch_info
;
1937 // const arm11_reg_defs_t * arm11_reg_info = arm11_reg_defs + ((arm11_reg_state_t *)reg->arch_info)->def_index;
1939 arm11
->reg_values
[((arm11_reg_state_t
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1946 int arm11_build_reg_cache(target_t
*target
)
1948 arm11_common_t
*arm11
= target
->arch_info
;
1950 NEW(reg_cache_t
, cache
, 1);
1951 NEW(reg_t
, reg_list
, ARM11_REGCACHE_COUNT
);
1952 NEW(arm11_reg_state_t
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1954 if (arm11_regs_arch_type
== -1)
1955 arm11_regs_arch_type
= register_reg_arch_type(arm11_get_reg
, arm11_set_reg
);
1957 register_init_dummy(&arm11_gdb_dummy_fp_reg
);
1958 register_init_dummy(&arm11_gdb_dummy_fps_reg
);
1960 arm11
->reg_list
= reg_list
;
1962 /* Build the process context cache */
1963 cache
->name
= "arm11 registers";
1965 cache
->reg_list
= reg_list
;
1966 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1968 reg_cache_t
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1971 arm11
->core_cache
= cache
;
1972 // armv7m->process_context = cache;
1976 /* Not very elegant assertion */
1977 if (ARM11_REGCACHE_COUNT
!= asizeof(arm11
->reg_values
) ||
1978 ARM11_REGCACHE_COUNT
!= asizeof(arm11_reg_defs
) ||
1979 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1981 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU
" " ZU
" %d)", ARM11_REGCACHE_COUNT
, asizeof(arm11
->reg_values
), asizeof(arm11_reg_defs
), ARM11_RC_MAX
);
1985 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1987 reg_t
* r
= reg_list
+ i
;
1988 const arm11_reg_defs_t
* rd
= arm11_reg_defs
+ i
;
1989 arm11_reg_state_t
* rs
= arm11_reg_states
+ i
;
1993 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1996 r
->bitfield_desc
= NULL
;
1997 r
->num_bitfields
= 0;
1998 r
->arch_type
= arm11_regs_arch_type
;
2002 rs
->target
= target
;
2008 int arm11_handle_bool(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
, bool * var
, char * name
)
2012 LOG_INFO("%s is %s.", name
, *var
? "enabled" : "disabled");
2017 return ERROR_COMMAND_SYNTAX_ERROR
;
2022 case 'f': /* false */
2024 case 'd': /* disable */
2030 case 't': /* true */
2032 case 'e': /* enable */
2038 LOG_INFO("%s %s.", *var
? "Enabled" : "Disabled", name
);
2043 #define BOOL_WRAPPER(name, print_name) \
2044 int arm11_handle_bool_##name(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc) \
2046 return arm11_handle_bool(cmd_ctx, cmd, args, argc, &arm11_config_##name, print_name); \
2049 BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
2050 BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
2051 BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
2052 BOOL_WRAPPER(hardware_step
, "hardware single step")
2054 int arm11_handle_vcr(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2058 arm11_vcr
= strtoul(args
[0], NULL
, 0);
2062 return ERROR_COMMAND_SYNTAX_ERROR
;
2065 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
2069 const uint32_t arm11_coproc_instruction_limits
[] =
2071 15, /* coprocessor */
2076 0xFFFFFFFF, /* value */
2079 arm11_common_t
* arm11_find_target(const char * arg
)
2084 tap
= jtag_tap_by_string(arg
);
2089 for (t
= all_targets
; t
; t
= t
->next
)
2094 /* if (t->type == arm11_target) */
2095 if (0 == strcmp(target_get_name(t
), "arm11"))
2096 return t
->arch_info
;
2102 int arm11_handle_mrc_mcr(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
, bool read
)
2106 if (argc
!= (read
? 6 : 7))
2108 LOG_ERROR("Invalid number of arguments.");
2109 return ERROR_COMMAND_SYNTAX_ERROR
;
2112 arm11_common_t
* arm11
= arm11_find_target(args
[0]);
2116 LOG_ERROR("Parameter 1 is not a the JTAG chain position of an ARM11 device.");
2117 return ERROR_COMMAND_SYNTAX_ERROR
;
2120 if (arm11
->target
->state
!= TARGET_HALTED
)
2122 LOG_WARNING("target was not halted");
2123 return ERROR_TARGET_NOT_HALTED
;
2128 for (size_t i
= 0; i
< (read
? 5 : 6); i
++)
2130 values
[i
] = strtoul(args
[i
+ 1], NULL
, 0);
2132 if (values
[i
] > arm11_coproc_instruction_limits
[i
])
2134 LOG_ERROR("Parameter %ld out of bounds (%" PRId32
" max).",
2136 arm11_coproc_instruction_limits
[i
]);
2137 return ERROR_COMMAND_SYNTAX_ERROR
;
2141 uint32_t instr
= 0xEE000010 |
2149 instr
|= 0x00100000;
2151 retval
= arm11_run_instr_data_prepare(arm11
);
2152 if (retval
!= ERROR_OK
)
2158 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, &result
);
2159 if (retval
!= ERROR_OK
)
2162 LOG_INFO("MRC p%d, %d, R0, c%d, c%d, %d = 0x%08" PRIx32
" (%" PRId32
")",
2167 (int)(values
[4]), result
, result
);
2171 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, values
[5]);
2172 if (retval
!= ERROR_OK
)
2175 LOG_INFO("MRC p%d, %d, R0 (#0x%08" PRIx32
"), c%d, c%d, %d",
2176 (int)(values
[0]), (int)(values
[1]),
2178 (int)(values
[2]), (int)(values
[3]), (int)(values
[4]));
2181 return arm11_run_instr_data_finish(arm11
);
2184 int arm11_handle_mrc(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2186 return arm11_handle_mrc_mcr(cmd_ctx
, cmd
, args
, argc
, true);
2189 int arm11_handle_mcr(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2191 return arm11_handle_mrc_mcr(cmd_ctx
, cmd
, args
, argc
, false);
2194 int arm11_register_commands(struct command_context_s
*cmd_ctx
)
2198 command_t
*top_cmd
, *mw_cmd
;
2200 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
2201 NULL
, COMMAND_ANY
, NULL
);
2203 /* "hardware_step" is only here to check if the default
2204 * simulate + breakpoint implementation is broken.
2205 * TEMPORARY! NOT DOCUMENTED!
2207 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2208 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2209 "DEBUG ONLY - Hardware single stepping"
2210 " (default: disabled)");
2212 register_command(cmd_ctx
, top_cmd
, "mcr",
2213 arm11_handle_mcr
, COMMAND_ANY
,
2214 "Write Coprocessor register. mcr <jtag_target> <coprocessor> <opcode 1> <CRn> <CRm> <opcode 2> <32bit value to write>. All parameters are numbers only.");
2216 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2217 NULL
, COMMAND_ANY
, NULL
);
2218 register_command(cmd_ctx
, mw_cmd
, "burst",
2219 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2220 "Enable/Disable non-standard but fast burst mode"
2221 " (default: enabled)");
2222 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2223 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2224 "Terminate program if transfer error was found"
2225 " (default: enabled)");
2227 register_command(cmd_ctx
, top_cmd
, "mrc",
2228 arm11_handle_mrc
, COMMAND_ANY
,
2229 "Read Coprocessor register. mrc <jtag_target> <coprocessor> <opcode 1> <CRn> <CRm> <opcode 2>. All parameters are numbers only.");
2230 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2231 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2232 "Enable interrupts while stepping"
2233 " (default: disabled)");
2234 register_command(cmd_ctx
, top_cmd
, "vcr",
2235 arm11_handle_vcr
, COMMAND_ANY
,
2236 "Control (Interrupt) Vector Catch Register");
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)