1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
38 #define _DEBUG_INSTRUCTION_EXECUTION_
42 #define FNC_INFO LOG_DEBUG("-")
48 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
50 #define FNC_INFO_NOTIMPLEMENTED
53 static bool arm11_config_memwrite_burst
= true;
54 static bool arm11_config_memwrite_error_fatal
= true;
55 static uint32_t arm11_vcr
= 0;
56 static bool arm11_config_step_irq_enable
= false;
57 static bool arm11_config_hardware_step
= false;
59 static int arm11_regs_arch_type
= -1;
76 ARM11_REGISTER_SPSR_FIQ
,
77 ARM11_REGISTER_SPSR_SVC
,
78 ARM11_REGISTER_SPSR_ABT
,
79 ARM11_REGISTER_SPSR_IRQ
,
80 ARM11_REGISTER_SPSR_UND
,
81 ARM11_REGISTER_SPSR_MON
,
95 enum arm11_regtype type
;
98 /* update arm11_regcache_ids when changing this */
99 static const struct arm11_reg_defs arm11_reg_defs
[] =
101 {"r0", 0, 0, ARM11_REGISTER_CORE
},
102 {"r1", 1, 1, ARM11_REGISTER_CORE
},
103 {"r2", 2, 2, ARM11_REGISTER_CORE
},
104 {"r3", 3, 3, ARM11_REGISTER_CORE
},
105 {"r4", 4, 4, ARM11_REGISTER_CORE
},
106 {"r5", 5, 5, ARM11_REGISTER_CORE
},
107 {"r6", 6, 6, ARM11_REGISTER_CORE
},
108 {"r7", 7, 7, ARM11_REGISTER_CORE
},
109 {"r8", 8, 8, ARM11_REGISTER_CORE
},
110 {"r9", 9, 9, ARM11_REGISTER_CORE
},
111 {"r10", 10, 10, ARM11_REGISTER_CORE
},
112 {"r11", 11, 11, ARM11_REGISTER_CORE
},
113 {"r12", 12, 12, ARM11_REGISTER_CORE
},
114 {"sp", 13, 13, ARM11_REGISTER_CORE
},
115 {"lr", 14, 14, ARM11_REGISTER_CORE
},
116 {"pc", 15, 15, ARM11_REGISTER_CORE
},
118 #if ARM11_REGCACHE_FREGS
119 {"f0", 0, 16, ARM11_REGISTER_FX
},
120 {"f1", 1, 17, ARM11_REGISTER_FX
},
121 {"f2", 2, 18, ARM11_REGISTER_FX
},
122 {"f3", 3, 19, ARM11_REGISTER_FX
},
123 {"f4", 4, 20, ARM11_REGISTER_FX
},
124 {"f5", 5, 21, ARM11_REGISTER_FX
},
125 {"f6", 6, 22, ARM11_REGISTER_FX
},
126 {"f7", 7, 23, ARM11_REGISTER_FX
},
127 {"fps", 0, 24, ARM11_REGISTER_FPS
},
130 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
132 #if ARM11_REGCACHE_MODEREGS
133 {"r8_fiq", 8, -1, ARM11_REGISTER_FIQ
},
134 {"r9_fiq", 9, -1, ARM11_REGISTER_FIQ
},
135 {"r10_fiq", 10, -1, ARM11_REGISTER_FIQ
},
136 {"r11_fiq", 11, -1, ARM11_REGISTER_FIQ
},
137 {"r12_fiq", 12, -1, ARM11_REGISTER_FIQ
},
138 {"r13_fiq", 13, -1, ARM11_REGISTER_FIQ
},
139 {"r14_fiq", 14, -1, ARM11_REGISTER_FIQ
},
140 {"spsr_fiq", 0, -1, ARM11_REGISTER_SPSR_FIQ
},
142 {"r13_svc", 13, -1, ARM11_REGISTER_SVC
},
143 {"r14_svc", 14, -1, ARM11_REGISTER_SVC
},
144 {"spsr_svc", 0, -1, ARM11_REGISTER_SPSR_SVC
},
146 {"r13_abt", 13, -1, ARM11_REGISTER_ABT
},
147 {"r14_abt", 14, -1, ARM11_REGISTER_ABT
},
148 {"spsr_abt", 0, -1, ARM11_REGISTER_SPSR_ABT
},
150 {"r13_irq", 13, -1, ARM11_REGISTER_IRQ
},
151 {"r14_irq", 14, -1, ARM11_REGISTER_IRQ
},
152 {"spsr_irq", 0, -1, ARM11_REGISTER_SPSR_IRQ
},
154 {"r13_und", 13, -1, ARM11_REGISTER_UND
},
155 {"r14_und", 14, -1, ARM11_REGISTER_UND
},
156 {"spsr_und", 0, -1, ARM11_REGISTER_SPSR_UND
},
159 {"r13_mon", 13, -1, ARM11_REGISTER_MON
},
160 {"r14_mon", 14, -1, ARM11_REGISTER_MON
},
161 {"spsr_mon", 0, -1, ARM11_REGISTER_SPSR_MON
},
164 /* Debug Registers */
165 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
166 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
167 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
170 enum arm11_regcache_ids
173 ARM11_RC_RX
= ARM11_RC_R0
,
188 ARM11_RC_SP
= ARM11_RC_R13
,
190 ARM11_RC_LR
= ARM11_RC_R14
,
192 ARM11_RC_PC
= ARM11_RC_R15
,
194 #if ARM11_REGCACHE_FREGS
196 ARM11_RC_FX
= ARM11_RC_F0
,
209 #if ARM11_REGCACHE_MODEREGS
247 #define ARM11_GDB_REGISTER_COUNT 26
249 /* FIXME these are *identical* to the ARMv4_5 dummies ... except
250 * for their names, and being static vs global, and having different
251 * addresses. Ditto ARMv7a and ARMv7m dummies.
254 static uint8_t arm11_gdb_dummy_fp_value
[12];
256 static struct reg arm11_gdb_dummy_fp_reg
=
258 .name
= "GDB dummy floating-point register",
259 .value
= arm11_gdb_dummy_fp_value
,
267 static uint8_t arm11_gdb_dummy_fps_value
[4];
269 static struct reg arm11_gdb_dummy_fps_reg
=
271 .name
= "GDB dummy floating-point status register",
272 .value
= arm11_gdb_dummy_fps_value
,
281 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
282 static int arm11_step(struct target
*target
, int current
,
283 uint32_t address
, int handle_breakpoints
);
285 static int arm11_build_reg_cache(struct target
*target
);
286 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
);
287 static int arm11_get_reg(struct reg
*reg
);
289 static void arm11_record_register_history(struct arm11_common
* arm11
);
290 static void arm11_dump_reg_changes(struct arm11_common
* arm11
);
293 /** Check and if necessary take control of the system
295 * \param arm11 Target state variable.
296 * \param dscr If the current DSCR content is
297 * available a pointer to a word holding the
298 * DSCR can be passed. Otherwise use NULL.
300 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
304 uint32_t dscr_local_tmp_copy
;
308 dscr
= &dscr_local_tmp_copy
;
310 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
313 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
315 LOG_DEBUG("Bringing target into debug mode");
317 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
318 arm11_write_DSCR(arm11
, *dscr
);
320 /* add further reset initialization here */
322 arm11
->simulate_reset_on_next_halt
= true;
324 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
326 /** \todo TODO: this needs further scrutiny because
327 * arm11_on_enter_debug_state() never gets properly called.
328 * As a result we don't read the actual register states from
332 arm11
->target
->state
= TARGET_HALTED
;
333 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
337 arm11
->target
->state
= TARGET_RUNNING
;
338 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
341 arm11_sc7_clear_vbw(arm11
);
350 (arm11->reg_values[ARM11_RC_##x])
352 /** Save processor state.
354 * This is called when the HALT instruction has succeeded
355 * or on other occasions that stop the processor.
358 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
363 for (size_t i
= 0; i
< asizeof(arm11
->reg_values
); i
++)
365 arm11
->reg_list
[i
].valid
= 1;
366 arm11
->reg_list
[i
].dirty
= 0;
370 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
374 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
376 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
378 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
380 struct scan_field chain5_fields
[3];
382 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
383 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
384 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
386 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
390 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
394 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
395 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
396 ARM1136 seems to require this to issue ITR's as well */
398 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
400 /* this executes JTAG queue: */
402 arm11_write_DSCR(arm11
, new_dscr
);
406 Before executing any instruction in debug state you have to drain the write buffer.
407 This ensures that no imprecise Data Aborts can return at a later point:*/
409 /** \todo TODO: Test drain write buffer. */
414 /* MRC p14,0,R0,c5,c10,0 */
415 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
417 /* mcr 15, 0, r0, cr7, cr10, {4} */
418 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
420 uint32_t dscr
= arm11_read_DSCR(arm11
);
422 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
424 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
426 arm11_run_instr_no_data1(arm11
, 0xe320f000);
428 dscr
= arm11_read_DSCR(arm11
);
430 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
437 retval
= arm11_run_instr_data_prepare(arm11
);
438 if (retval
!= ERROR_OK
)
443 /** \todo TODO: handle other mode registers */
445 for (size_t i
= 0; i
< 15; i
++)
447 /* MCR p14,0,R?,c0,c5,0 */
448 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
449 if (retval
!= ERROR_OK
)
455 /* check rDTRfull in DSCR */
457 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
459 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
460 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
461 if (retval
!= ERROR_OK
)
466 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
471 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
472 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
473 if (retval
!= ERROR_OK
)
478 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
479 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
480 if (retval
!= ERROR_OK
)
483 /* adjust PC depending on ARM state */
485 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
487 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
489 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
491 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
495 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
498 if (arm11
->simulate_reset_on_next_halt
)
500 arm11
->simulate_reset_on_next_halt
= false;
502 LOG_DEBUG("Reset c1 Control Register");
504 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
506 /* MCR p15,0,R0,c1,c0,0 */
507 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
508 if (retval
!= ERROR_OK
)
513 retval
= arm11_run_instr_data_finish(arm11
);
514 if (retval
!= ERROR_OK
)
517 arm11_dump_reg_changes(arm11
);
522 void arm11_dump_reg_changes(struct arm11_common
* arm11
)
525 if (!(debug_level
>= LOG_LVL_DEBUG
))
530 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
532 if (!arm11
->reg_list
[i
].valid
)
534 if (arm11
->reg_history
[i
].valid
)
535 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
539 if (arm11
->reg_history
[i
].valid
)
541 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
542 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
546 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
552 /** Restore processor state
554 * This is called in preparation for the RESTART function.
557 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
562 retval
= arm11_run_instr_data_prepare(arm11
);
563 if (retval
!= ERROR_OK
)
566 /** \todo TODO: handle other mode registers */
568 /* restore R1 - R14 */
570 for (size_t i
= 1; i
< 15; i
++)
572 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
575 /* MRC p14,0,r?,c0,c5,0 */
576 arm11_run_instr_data_to_core1(arm11
, 0xee100e15 | (i
<< 12), R(RX
+ i
));
578 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
581 retval
= arm11_run_instr_data_finish(arm11
);
582 if (retval
!= ERROR_OK
)
585 /* spec says clear wDTR and rDTR; we assume they are clear as
586 otherwise our programming would be sloppy */
590 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
592 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
595 The wDTR/rDTR two registers that are used to send/receive data to/from
596 the core in tandem with corresponding instruction codes that are
597 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
598 registers hold data that was written by one side (CPU or JTAG) and not
599 read out by the other side.
601 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
606 retval
= arm11_run_instr_data_prepare(arm11
);
607 if (retval
!= ERROR_OK
)
610 /* restore original wDTR */
612 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
614 /* MCR p14,0,R0,c0,c5,0 */
615 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
616 if (retval
!= ERROR_OK
)
623 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
624 if (retval
!= ERROR_OK
)
631 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
632 if (retval
!= ERROR_OK
)
638 /* MRC p14,0,r0,c0,c5,0 */
639 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
641 retval
= arm11_run_instr_data_finish(arm11
);
642 if (retval
!= ERROR_OK
)
647 arm11_write_DSCR(arm11
, R(DSCR
));
651 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
653 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
655 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
657 struct scan_field chain5_fields
[3];
659 uint8_t Ready
= 0; /* ignored */
660 uint8_t Valid
= 0; /* ignored */
662 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
663 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
664 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
666 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
669 arm11_record_register_history(arm11
);
674 static void arm11_record_register_history(struct arm11_common
*arm11
)
676 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
678 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
679 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
681 arm11
->reg_list
[i
].valid
= 0;
682 arm11
->reg_list
[i
].dirty
= 0;
687 /* poll current target status */
688 static int arm11_poll(struct target
*target
)
692 struct arm11_common
*arm11
= target_to_arm11(target
);
695 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
697 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
699 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
701 if (dscr
& ARM11_DSCR_CORE_HALTED
)
703 if (target
->state
!= TARGET_HALTED
)
705 enum target_state old_state
= target
->state
;
707 LOG_DEBUG("enter TARGET_HALTED");
708 target
->state
= TARGET_HALTED
;
709 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
710 retval
= arm11_on_enter_debug_state(arm11
);
711 if (retval
!= ERROR_OK
)
714 target_call_event_callbacks(target
,
715 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
720 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
722 LOG_DEBUG("enter TARGET_RUNNING");
723 target
->state
= TARGET_RUNNING
;
724 target
->debug_reason
= DBG_REASON_NOTHALTED
;
730 /* architecture specific status reply */
731 static int arm11_arch_state(struct target
*target
)
733 struct arm11_common
*arm11
= target_to_arm11(target
);
735 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
736 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
743 /* target request support */
744 static int arm11_target_request_data(struct target
*target
,
745 uint32_t size
, uint8_t *buffer
)
747 FNC_INFO_NOTIMPLEMENTED
;
752 /* target execution control */
753 static int arm11_halt(struct target
*target
)
756 struct arm11_common
*arm11
= target_to_arm11(target
);
758 LOG_DEBUG("target->state: %s",
759 target_state_name(target
));
761 if (target
->state
== TARGET_UNKNOWN
)
763 arm11
->simulate_reset_on_next_halt
= true;
766 if (target
->state
== TARGET_HALTED
)
768 LOG_DEBUG("target was already halted");
772 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
774 CHECK_RETVAL(jtag_execute_queue());
781 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
783 if (dscr
& ARM11_DSCR_CORE_HALTED
)
794 if ((timeval_ms()-then
) > 1000)
796 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
803 arm11_on_enter_debug_state(arm11
);
805 enum target_state old_state
= target
->state
;
807 target
->state
= TARGET_HALTED
;
808 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
811 target_call_event_callbacks(target
,
812 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
817 static int arm11_resume(struct target
*target
, int current
,
818 uint32_t address
, int handle_breakpoints
, int debug_execution
)
822 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
823 // current, address, handle_breakpoints, debug_execution);
825 struct arm11_common
*arm11
= target_to_arm11(target
);
827 LOG_DEBUG("target->state: %s",
828 target_state_name(target
));
831 if (target
->state
!= TARGET_HALTED
)
833 LOG_ERROR("Target not halted");
834 return ERROR_TARGET_NOT_HALTED
;
840 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
842 /* clear breakpoints/watchpoints and VCR*/
843 arm11_sc7_clear_vbw(arm11
);
845 /* Set up breakpoints */
846 if (!debug_execution
)
848 /* check if one matches PC and step over it if necessary */
850 struct breakpoint
* bp
;
852 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
854 if (bp
->address
== R(PC
))
856 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
857 arm11_step(target
, 1, 0, 0);
862 /* set all breakpoints */
866 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
868 struct arm11_sc7_action brp
[2];
871 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
872 brp
[0].value
= bp
->address
;
874 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
875 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
877 arm11_sc7_run(arm11
, brp
, asizeof(brp
));
879 LOG_DEBUG("Add BP " ZU
" at %08" PRIx32
"", brp_num
, bp
->address
);
884 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
887 arm11_leave_debug_state(arm11
);
889 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
891 CHECK_RETVAL(jtag_execute_queue());
898 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
900 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
902 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
913 if ((timeval_ms()-then
) > 1000)
915 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
922 if (!debug_execution
)
924 target
->state
= TARGET_RUNNING
;
925 target
->debug_reason
= DBG_REASON_NOTHALTED
;
927 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
931 target
->state
= TARGET_DEBUG_RUNNING
;
932 target
->debug_reason
= DBG_REASON_NOTHALTED
;
934 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
941 static int armv4_5_to_arm11(int reg
)
948 return ARM11_RC_CPSR
;
950 /* FIX!!! handle thumb better! */
951 return ARM11_RC_CPSR
;
953 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
959 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
961 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
963 reg
=armv4_5_to_arm11(reg
);
965 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
968 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
969 int reg
, uint32_t value
)
971 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
973 reg
=armv4_5_to_arm11(reg
);
975 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
978 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
981 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
983 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
986 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
988 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
990 /* FIX!!!! we should implement thumb for arm11 */
991 return ARMV4_5_STATE_ARM
;
994 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
995 enum armv4_5_state mode
)
997 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
999 /* FIX!!!! we should implement thumb for arm11 */
1000 LOG_ERROR("Not implemetned!");
1004 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
1006 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
1008 /* FIX!!!! we should implement something that returns the current mode here!!! */
1009 return ARMV4_5_MODE_USR
;
1012 static int arm11_simulate_step(struct target
*target
, uint32_t *dry_run_pc
)
1014 struct arm_sim_interface sim
;
1016 sim
.user_data
=target
->arch_info
;
1017 sim
.get_reg
=&arm11_sim_get_reg
;
1018 sim
.set_reg
=&arm11_sim_set_reg
;
1019 sim
.get_reg_mode
=&arm11_sim_get_reg
;
1020 sim
.set_reg_mode
=&arm11_sim_set_reg
;
1021 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
1022 sim
.get_mode
=&arm11_sim_get_mode
;
1023 sim
.get_state
=&arm11_sim_get_state
;
1024 sim
.set_state
=&arm11_sim_set_state
;
1026 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
1030 static int arm11_step(struct target
*target
, int current
,
1031 uint32_t address
, int handle_breakpoints
)
1035 LOG_DEBUG("target->state: %s",
1036 target_state_name(target
));
1038 if (target
->state
!= TARGET_HALTED
)
1040 LOG_WARNING("target was not halted");
1041 return ERROR_TARGET_NOT_HALTED
;
1044 struct arm11_common
*arm11
= target_to_arm11(target
);
1049 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
1052 /** \todo TODO: Thumb not supported here */
1054 uint32_t next_instruction
;
1056 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
1058 /* skip over BKPT */
1059 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
1062 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1063 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1064 LOG_DEBUG("Skipping BKPT");
1066 /* skip over Wait for interrupt / Standby */
1067 /* mcr 15, 0, r?, cr7, cr0, {4} */
1068 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
1071 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1072 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1073 LOG_DEBUG("Skipping WFI");
1075 /* ignore B to self */
1076 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
1078 LOG_DEBUG("Not stepping jump to self");
1082 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
1085 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
1086 * the VCR might be something worth looking into. */
1089 /* Set up breakpoint for stepping */
1091 struct arm11_sc7_action brp
[2];
1094 brp
[0].address
= ARM11_SC7_BVR0
;
1096 brp
[1].address
= ARM11_SC7_BCR0
;
1098 if (arm11_config_hardware_step
)
1100 /* hardware single stepping be used if possible or is it better to
1101 * always use the same code path? Hardware single stepping is not supported
1104 brp
[0].value
= R(PC
);
1105 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
1108 /* sets a breakpoint on the next PC(calculated by simulation),
1112 retval
= arm11_simulate_step(target
, &next_pc
);
1113 if (retval
!= ERROR_OK
)
1116 brp
[0].value
= next_pc
;
1117 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1120 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, asizeof(brp
)));
1125 if (arm11_config_step_irq_enable
)
1126 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1128 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1131 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1133 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1135 CHECK_RETVAL(jtag_execute_queue());
1143 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1145 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1147 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1148 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1154 then
= timeval_ms();
1158 if ((timeval_ms()-then
) > 1000)
1160 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1167 /* clear breakpoint */
1168 arm11_sc7_clear_vbw(arm11
);
1171 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1173 /* restore default state */
1174 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1178 // target->state = TARGET_HALTED;
1179 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1181 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1186 static int arm11_assert_reset(struct target
*target
)
1190 struct arm11_common
*arm11
= target_to_arm11(target
);
1192 retval
= arm11_check_init(arm11
, NULL
);
1193 if (retval
!= ERROR_OK
)
1196 target
->state
= TARGET_UNKNOWN
;
1198 /* we would very much like to reset into the halted, state,
1199 * but resetting and halting is second best... */
1200 if (target
->reset_halt
)
1202 CHECK_RETVAL(target_halt(target
));
1206 /* srst is funny. We can not do *anything* else while it's asserted
1207 * and it has unkonwn side effects. Make sure no other code runs
1210 * Code below assumes srst:
1212 * - Causes power-on-reset (but of what parts of the system?). Bug
1215 * - Messes us TAP state without asserting trst.
1217 * - There is another bug in the arm11 core. When you generate an access to
1218 * external logic (for example ddr controller via AHB bus) and that block
1219 * is not configured (perhaps it is still held in reset), that transaction
1220 * will never complete. This will hang arm11 core but it will also hang
1221 * JTAG controller. Nothing, short of srst assertion will bring it out of
1226 * - What should the PC be after an srst reset when starting in the halted
1230 jtag_add_reset(0, 1);
1231 jtag_add_reset(0, 0);
1233 /* How long do we have to wait? */
1234 jtag_add_sleep(5000);
1236 /* un-mess up TAP state */
1239 retval
= jtag_execute_queue();
1240 if (retval
!= ERROR_OK
)
1248 static int arm11_deassert_reset(struct target
*target
)
1253 static int arm11_soft_reset_halt(struct target
*target
)
1255 FNC_INFO_NOTIMPLEMENTED
;
1260 /* target register access for gdb */
1261 static int arm11_get_gdb_reg_list(struct target
*target
,
1262 struct reg
**reg_list
[], int *reg_list_size
)
1265 struct arm11_common
*arm11
= target_to_arm11(target
);
1267 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1268 *reg_list
= malloc(sizeof(struct reg
*) * ARM11_GDB_REGISTER_COUNT
);
1270 for (size_t i
= 16; i
< 24; i
++)
1272 (*reg_list
)[i
] = &arm11_gdb_dummy_fp_reg
;
1275 (*reg_list
)[24] = &arm11_gdb_dummy_fps_reg
;
1277 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1279 if (arm11_reg_defs
[i
].gdb_num
== -1)
1282 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1288 /* target memory access
1289 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1290 * count: number of items of <size>
1292 * arm11_config_memrw_no_increment - in the future we may want to be able
1293 * to read/write a range of data to a "port". a "port" is an action on
1294 * read memory address for some peripheral.
1296 static int arm11_read_memory_inner(struct target
*target
,
1297 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1298 bool arm11_config_memrw_no_increment
)
1300 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1305 if (target
->state
!= TARGET_HALTED
)
1307 LOG_WARNING("target was not halted");
1308 return ERROR_TARGET_NOT_HALTED
;
1311 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1313 struct arm11_common
*arm11
= target_to_arm11(target
);
1315 retval
= arm11_run_instr_data_prepare(arm11
);
1316 if (retval
!= ERROR_OK
)
1319 /* MRC p14,0,r0,c0,c5,0 */
1320 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1321 if (retval
!= ERROR_OK
)
1327 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1328 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1330 for (size_t i
= 0; i
< count
; i
++)
1332 /* ldrb r1, [r0], #1 */
1334 arm11_run_instr_no_data1(arm11
,
1335 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1338 /* MCR p14,0,R1,c0,c5,0 */
1339 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1348 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1350 for (size_t i
= 0; i
< count
; i
++)
1352 /* ldrh r1, [r0], #2 */
1353 arm11_run_instr_no_data1(arm11
,
1354 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1358 /* MCR p14,0,R1,c0,c5,0 */
1359 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1361 uint16_t svalue
= res
;
1362 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1370 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1371 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1372 uint32_t *words
= (uint32_t *)buffer
;
1374 /* LDC p14,c5,[R0],#4 */
1375 /* LDC p14,c5,[R0] */
1376 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1381 return arm11_run_instr_data_finish(arm11
);
1384 static int arm11_read_memory(struct target
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1386 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1390 * arm11_config_memrw_no_increment - in the future we may want to be able
1391 * to read/write a range of data to a "port". a "port" is an action on
1392 * read memory address for some peripheral.
1394 static int arm11_write_memory_inner(struct target
*target
,
1395 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1396 bool arm11_config_memrw_no_increment
)
1401 if (target
->state
!= TARGET_HALTED
)
1403 LOG_WARNING("target was not halted");
1404 return ERROR_TARGET_NOT_HALTED
;
1407 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1409 struct arm11_common
*arm11
= target_to_arm11(target
);
1411 retval
= arm11_run_instr_data_prepare(arm11
);
1412 if (retval
!= ERROR_OK
)
1415 /* MRC p14,0,r0,c0,c5,0 */
1416 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1417 if (retval
!= ERROR_OK
)
1420 /* burst writes are not used for single words as those may well be
1421 * reset init script writes.
1423 * The other advantage is that as burst writes are default, we'll
1424 * now exercise both burst and non-burst code paths with the
1425 * default settings, increasing code coverage.
1427 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1433 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1435 for (size_t i
= 0; i
< count
; i
++)
1437 /* MRC p14,0,r1,c0,c5,0 */
1438 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1439 if (retval
!= ERROR_OK
)
1442 /* strb r1, [r0], #1 */
1444 retval
= arm11_run_instr_no_data1(arm11
,
1445 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1446 if (retval
!= ERROR_OK
)
1455 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1457 for (size_t i
= 0; i
< count
; i
++)
1460 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1462 /* MRC p14,0,r1,c0,c5,0 */
1463 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1464 if (retval
!= ERROR_OK
)
1467 /* strh r1, [r0], #2 */
1469 retval
= arm11_run_instr_no_data1(arm11
,
1470 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1471 if (retval
!= ERROR_OK
)
1479 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1481 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1482 uint32_t *words
= (uint32_t*)buffer
;
1486 /* STC p14,c5,[R0],#4 */
1487 /* STC p14,c5,[R0]*/
1488 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1489 if (retval
!= ERROR_OK
)
1494 /* STC p14,c5,[R0],#4 */
1495 /* STC p14,c5,[R0]*/
1496 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1497 if (retval
!= ERROR_OK
)
1505 /* r0 verification */
1506 if (!arm11_config_memrw_no_increment
)
1510 /* MCR p14,0,R0,c0,c5,0 */
1511 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1512 if (retval
!= ERROR_OK
)
1515 if (address
+ size
* count
!= r0
)
1517 LOG_ERROR("Data transfer failed. Expected end "
1518 "address 0x%08x, got 0x%08x",
1519 (unsigned) (address
+ size
* count
),
1523 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1525 if (arm11_config_memwrite_error_fatal
)
1530 return arm11_run_instr_data_finish(arm11
);
1533 static int arm11_write_memory(struct target
*target
,
1534 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1536 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1539 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1540 static int arm11_bulk_write_memory(struct target
*target
,
1541 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1545 if (target
->state
!= TARGET_HALTED
)
1547 LOG_WARNING("target was not halted");
1548 return ERROR_TARGET_NOT_HALTED
;
1551 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1554 /* here we have nothing target specific to contribute, so we fail and then the
1555 * fallback code will read data from the target and calculate the CRC on the
1558 static int arm11_checksum_memory(struct target
*target
,
1559 uint32_t address
, uint32_t count
, uint32_t* checksum
)
1564 /* target break-/watchpoint control
1565 * rw: 0 = write, 1 = read, 2 = access
1567 static int arm11_add_breakpoint(struct target
*target
,
1568 struct breakpoint
*breakpoint
)
1571 struct arm11_common
*arm11
= target_to_arm11(target
);
1574 if (breakpoint
->type
== BKPT_SOFT
)
1576 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1577 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1581 if (!arm11
->free_brps
)
1583 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1584 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1587 if (breakpoint
->length
!= 4)
1589 LOG_DEBUG("only breakpoints of four bytes length supported");
1590 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1598 static int arm11_remove_breakpoint(struct target
*target
,
1599 struct breakpoint
*breakpoint
)
1602 struct arm11_common
*arm11
= target_to_arm11(target
);
1609 static int arm11_add_watchpoint(struct target
*target
,
1610 struct watchpoint
*watchpoint
)
1612 FNC_INFO_NOTIMPLEMENTED
;
1617 static int arm11_remove_watchpoint(struct target
*target
,
1618 struct watchpoint
*watchpoint
)
1620 FNC_INFO_NOTIMPLEMENTED
;
1625 // HACKHACKHACK - FIXME mode/state
1626 /* target algorithm support */
1627 static int arm11_run_algorithm(struct target
*target
,
1628 int num_mem_params
, struct mem_param
*mem_params
,
1629 int num_reg_params
, struct reg_param
*reg_params
,
1630 uint32_t entry_point
, uint32_t exit_point
,
1631 int timeout_ms
, void *arch_info
)
1633 struct arm11_common
*arm11
= target_to_arm11(target
);
1634 // enum armv4_5_state core_state = arm11->core_state;
1635 // enum armv4_5_mode core_mode = arm11->core_mode;
1636 uint32_t context
[16];
1638 int exit_breakpoint_size
= 0;
1639 int retval
= ERROR_OK
;
1640 LOG_DEBUG("Running algorithm");
1643 if (target
->state
!= TARGET_HALTED
)
1645 LOG_WARNING("target not halted");
1646 return ERROR_TARGET_NOT_HALTED
;
1650 // if (armv4_5_mode_to_number(arm11->core_mode)==-1)
1651 // return ERROR_FAIL;
1654 for (unsigned i
= 0; i
< 16; i
++)
1656 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1657 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1660 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1661 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1663 for (int i
= 0; i
< num_mem_params
; i
++)
1665 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1668 // Set register parameters
1669 for (int i
= 0; i
< num_reg_params
; i
++)
1671 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1674 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1678 if (reg
->size
!= reg_params
[i
].size
)
1680 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1683 arm11_set_reg(reg
,reg_params
[i
].value
);
1684 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1687 exit_breakpoint_size
= 4;
1689 /* arm11->core_state = arm11_algorithm_info->core_state;
1690 if (arm11->core_state == ARMV4_5_STATE_ARM)
1691 exit_breakpoint_size = 4;
1692 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1693 exit_breakpoint_size = 2;
1696 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1702 /* arm11 at this point only supports ARM not THUMB mode
1703 however if this test needs to be reactivated the current state can be read back
1706 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1708 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1709 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1710 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1711 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1715 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1717 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1718 retval
= ERROR_TARGET_FAILURE
;
1722 // no debug, otherwise breakpoint is not set
1723 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1725 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1727 if (target
->state
!= TARGET_HALTED
)
1729 CHECK_RETVAL(target_halt(target
));
1731 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1733 retval
= ERROR_TARGET_TIMEOUT
;
1735 goto del_breakpoint
;
1738 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1740 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1741 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1742 retval
= ERROR_TARGET_TIMEOUT
;
1743 goto del_breakpoint
;
1746 for (int i
= 0; i
< num_mem_params
; i
++)
1748 if (mem_params
[i
].direction
!= PARAM_OUT
)
1749 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1752 for (int i
= 0; i
< num_reg_params
; i
++)
1754 if (reg_params
[i
].direction
!= PARAM_OUT
)
1756 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1759 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1763 if (reg
->size
!= reg_params
[i
].size
)
1765 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1769 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1774 breakpoint_remove(target
, exit_point
);
1778 for (size_t i
= 0; i
< 16; i
++)
1780 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1781 arm11
->reg_list
[i
].name
, context
[i
]);
1782 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1784 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1785 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1787 // arm11->core_state = core_state;
1788 // arm11->core_mode = core_mode;
1793 static int arm11_target_create(struct target
*target
, Jim_Interp
*interp
)
1797 NEW(struct arm11_common
, arm11
, 1);
1799 arm11
->target
= target
;
1801 if (target
->tap
== NULL
)
1804 if (target
->tap
->ir_length
!= 5)
1806 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1807 return ERROR_COMMAND_SYNTAX_ERROR
;
1810 armv4_5_init_arch_info(target
, &arm11
->arm
);
1812 arm11
->jtag_info
.tap
= target
->tap
;
1813 arm11
->jtag_info
.scann_size
= 5;
1814 arm11
->jtag_info
.scann_instr
= ARM11_SCAN_N
;
1815 /* cur_scan_chain == 0 */
1816 arm11
->jtag_info
.intest_instr
= ARM11_INTEST
;
1821 static int arm11_init_target(struct command_context
*cmd_ctx
,
1822 struct target
*target
)
1824 /* Initialize anything we can set up without talking to the target */
1825 return arm11_build_reg_cache(target
);
1828 /* talk to the target and set things up */
1829 static int arm11_examine(struct target
*target
)
1834 struct arm11_common
*arm11
= target_to_arm11(target
);
1838 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1840 struct scan_field idcode_field
;
1842 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1844 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1848 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1850 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1852 struct scan_field chain0_fields
[2];
1854 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1855 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1857 arm11_add_dr_scan_vc(asizeof(chain0_fields
), chain0_fields
, TAP_IDLE
);
1859 CHECK_RETVAL(jtag_execute_queue());
1861 switch (arm11
->device_id
& 0x0FFFF000)
1863 case 0x07B36000: LOG_INFO("found ARM1136"); break;
1864 case 0x07B56000: LOG_INFO("found ARM1156"); break;
1865 case 0x07B76000: LOG_INFO("found ARM1176"); break;
1867 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1871 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1873 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1874 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1876 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1880 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1881 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1883 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1884 arm11
->free_brps
= arm11
->brp
;
1885 arm11
->free_wrps
= arm11
->wrp
;
1887 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1889 (int)(arm11
->implementor
),
1892 /* as a side-effect this reads DSCR and thus
1893 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1894 * as suggested by the spec.
1897 retval
= arm11_check_init(arm11
, NULL
);
1898 if (retval
!= ERROR_OK
)
1901 /* ETM on ARM11 still uses original scanchain 6 access mode */
1902 if (arm11
->arm
.etm
&& !target_was_examined(target
)) {
1903 *register_get_last_cache_p(&target
->reg_cache
) =
1904 etm_build_reg_cache(target
, &arm11
->jtag_info
,
1906 retval
= etm_setup(target
);
1909 /* FIXME this sets a flag in the (shared) arm11_target structure,
1910 * not in the (per-cpu) "target" structure ... so it's clearly
1911 * wrong in the case of e.g. two different ARM11 chips on the
1912 * same board. (Maybe ARM11 MPCore works though.) Whoever calls
1913 * the examine() method should set a target-specific flag...
1915 target_set_examined(target
);
1921 /** Load a register that is marked !valid in the register cache */
1922 static int arm11_get_reg(struct reg
*reg
)
1926 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1928 if (target
->state
!= TARGET_HALTED
)
1930 LOG_WARNING("target was not halted");
1931 return ERROR_TARGET_NOT_HALTED
;
1934 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1937 struct arm11_common
*arm11
= target_to_arm11(target
);
1938 const struct arm11_reg_defs
*arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1944 /** Change a value in the register cache */
1945 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
)
1949 struct target
*target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1950 struct arm11_common
*arm11
= target_to_arm11(target
);
1951 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1953 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1960 static int arm11_build_reg_cache(struct target
*target
)
1962 struct arm11_common
*arm11
= target_to_arm11(target
);
1964 NEW(struct reg_cache
, cache
, 1);
1965 NEW(struct reg
, reg_list
, ARM11_REGCACHE_COUNT
);
1966 NEW(struct arm11_reg_state
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1968 if (arm11_regs_arch_type
== -1)
1969 arm11_regs_arch_type
= register_reg_arch_type(arm11_get_reg
, arm11_set_reg
);
1971 register_init_dummy(&arm11_gdb_dummy_fp_reg
);
1972 register_init_dummy(&arm11_gdb_dummy_fps_reg
);
1974 arm11
->reg_list
= reg_list
;
1976 /* Build the process context cache */
1977 cache
->name
= "arm11 registers";
1979 cache
->reg_list
= reg_list
;
1980 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1982 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1985 arm11
->core_cache
= cache
;
1986 // armv7m->process_context = cache;
1990 /* Not very elegant assertion */
1991 if (ARM11_REGCACHE_COUNT
!= asizeof(arm11
->reg_values
) ||
1992 ARM11_REGCACHE_COUNT
!= asizeof(arm11_reg_defs
) ||
1993 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1995 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU
" " ZU
" %d)", ARM11_REGCACHE_COUNT
, asizeof(arm11
->reg_values
), asizeof(arm11_reg_defs
), ARM11_RC_MAX
);
1999 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
2001 struct reg
* r
= reg_list
+ i
;
2002 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
2003 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
2007 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
2010 r
->arch_type
= arm11_regs_arch_type
;
2014 rs
->target
= target
;
2020 static COMMAND_HELPER(arm11_handle_bool
, bool *var
, char *name
)
2024 LOG_INFO("%s is %s.", name
, *var
? "enabled" : "disabled");
2029 return ERROR_COMMAND_SYNTAX_ERROR
;
2034 case 'f': /* false */
2036 case 'd': /* disable */
2042 case 't': /* true */
2044 case 'e': /* enable */
2050 LOG_INFO("%s %s.", *var
? "Enabled" : "Disabled", name
);
2055 #define BOOL_WRAPPER(name, print_name) \
2056 COMMAND_HANDLER(arm11_handle_bool_##name) \
2058 return CALL_COMMAND_HANDLER(arm11_handle_bool, \
2059 &arm11_config_##name, print_name); \
2062 BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
2063 BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
2064 BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
2065 BOOL_WRAPPER(hardware_step
, "hardware single step")
2067 COMMAND_HANDLER(arm11_handle_vcr
)
2073 COMMAND_PARSE_NUMBER(u32
, args
[0], arm11_vcr
);
2076 return ERROR_COMMAND_SYNTAX_ERROR
;
2079 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
2083 static const uint32_t arm11_coproc_instruction_limits
[] =
2085 15, /* coprocessor */
2090 0xFFFFFFFF, /* value */
2093 static int arm11_mrc_inner(struct target
*target
, int cpnum
,
2094 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
2095 uint32_t *value
, bool read
)
2098 struct arm11_common
*arm11
= target_to_arm11(target
);
2100 if (target
->state
!= TARGET_HALTED
)
2102 LOG_ERROR("Target not halted");
2106 uint32_t instr
= 0xEE000010 |
2114 instr
|= 0x00100000;
2116 retval
= arm11_run_instr_data_prepare(arm11
);
2117 if (retval
!= ERROR_OK
)
2122 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
2123 if (retval
!= ERROR_OK
)
2128 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
2129 if (retval
!= ERROR_OK
)
2133 return arm11_run_instr_data_finish(arm11
);
2136 static int arm11_mrc(struct target
*target
, int cpnum
,
2137 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
2139 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
2142 static int arm11_mcr(struct target
*target
, int cpnum
,
2143 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
2145 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
2148 #define ARM11_HANDLER(x) .x = arm11_##x
2150 struct target_type arm11_target
= {
2153 ARM11_HANDLER(poll
),
2154 ARM11_HANDLER(arch_state
),
2156 ARM11_HANDLER(target_request_data
),
2158 ARM11_HANDLER(halt
),
2159 ARM11_HANDLER(resume
),
2160 ARM11_HANDLER(step
),
2162 ARM11_HANDLER(assert_reset
),
2163 ARM11_HANDLER(deassert_reset
),
2164 ARM11_HANDLER(soft_reset_halt
),
2166 ARM11_HANDLER(get_gdb_reg_list
),
2168 ARM11_HANDLER(read_memory
),
2169 ARM11_HANDLER(write_memory
),
2171 ARM11_HANDLER(bulk_write_memory
),
2173 ARM11_HANDLER(checksum_memory
),
2175 ARM11_HANDLER(add_breakpoint
),
2176 ARM11_HANDLER(remove_breakpoint
),
2177 ARM11_HANDLER(add_watchpoint
),
2178 ARM11_HANDLER(remove_watchpoint
),
2180 ARM11_HANDLER(run_algorithm
),
2182 ARM11_HANDLER(register_commands
),
2183 ARM11_HANDLER(target_create
),
2184 ARM11_HANDLER(init_target
),
2185 ARM11_HANDLER(examine
),
2192 int arm11_register_commands(struct command_context
*cmd_ctx
)
2196 struct command
*top_cmd
, *mw_cmd
;
2198 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
2199 NULL
, COMMAND_ANY
, NULL
);
2201 /* "hardware_step" is only here to check if the default
2202 * simulate + breakpoint implementation is broken.
2203 * TEMPORARY! NOT DOCUMENTED!
2205 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2206 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2207 "DEBUG ONLY - Hardware single stepping"
2208 " (default: disabled)");
2210 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2211 NULL
, COMMAND_ANY
, NULL
);
2212 register_command(cmd_ctx
, mw_cmd
, "burst",
2213 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2214 "Enable/Disable non-standard but fast burst mode"
2215 " (default: enabled)");
2216 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2217 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2218 "Terminate program if transfer error was found"
2219 " (default: enabled)");
2221 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2222 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2223 "Enable interrupts while stepping"
2224 " (default: disabled)");
2225 register_command(cmd_ctx
, top_cmd
, "vcr",
2226 arm11_handle_vcr
, COMMAND_ANY
,
2227 "Control (Interrupt) Vector Catch Register");
2229 return etm_register_commands(cmd_ctx
);
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)