Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
ARM11: use standard single step simulation
[openocd.git] / src / target / arm11.c
1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
3 * Michael Bruck *
4 * *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
6 * *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
8 * *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
13 * *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
18 * *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
24
25 #ifdef HAVE_CONFIG_H
26 #include "config.h"
27 #endif
28
29 #include "etm.h"
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
36 #include "register.h"
37
38
39 #if 0
40 #define _DEBUG_INSTRUCTION_EXECUTION_
41 #endif
42
43 static bool arm11_config_memwrite_burst = true;
44 static bool arm11_config_memwrite_error_fatal = true;
45 static uint32_t arm11_vcr = 0;
46 static bool arm11_config_step_irq_enable = false;
47 static bool arm11_config_hardware_step = false;
48
49 enum arm11_regtype
50 {
51 ARM11_REGISTER_CORE,
52 ARM11_REGISTER_CPSR,
53
54 ARM11_REGISTER_FX,
55 ARM11_REGISTER_FPS,
56
57 ARM11_REGISTER_FIQ,
58 ARM11_REGISTER_SVC,
59 ARM11_REGISTER_ABT,
60 ARM11_REGISTER_IRQ,
61 ARM11_REGISTER_UND,
62 ARM11_REGISTER_MON,
63
64 ARM11_REGISTER_SPSR_FIQ,
65 ARM11_REGISTER_SPSR_SVC,
66 ARM11_REGISTER_SPSR_ABT,
67 ARM11_REGISTER_SPSR_IRQ,
68 ARM11_REGISTER_SPSR_UND,
69 ARM11_REGISTER_SPSR_MON,
70
71 /* debug regs */
72 ARM11_REGISTER_DSCR,
73 ARM11_REGISTER_WDTR,
74 ARM11_REGISTER_RDTR,
75 };
76
77
78 struct arm11_reg_defs
79 {
80 char * name;
81 uint32_t num;
82 int gdb_num;
83 enum arm11_regtype type;
84 };
85
86 /* update arm11_regcache_ids when changing this */
87 static const struct arm11_reg_defs arm11_reg_defs[] =
88 {
89 {"r0", 0, 0, ARM11_REGISTER_CORE},
90 {"r1", 1, 1, ARM11_REGISTER_CORE},
91 {"r2", 2, 2, ARM11_REGISTER_CORE},
92 {"r3", 3, 3, ARM11_REGISTER_CORE},
93 {"r4", 4, 4, ARM11_REGISTER_CORE},
94 {"r5", 5, 5, ARM11_REGISTER_CORE},
95 {"r6", 6, 6, ARM11_REGISTER_CORE},
96 {"r7", 7, 7, ARM11_REGISTER_CORE},
97 {"r8", 8, 8, ARM11_REGISTER_CORE},
98 {"r9", 9, 9, ARM11_REGISTER_CORE},
99 {"r10", 10, 10, ARM11_REGISTER_CORE},
100 {"r11", 11, 11, ARM11_REGISTER_CORE},
101 {"r12", 12, 12, ARM11_REGISTER_CORE},
102 {"sp", 13, 13, ARM11_REGISTER_CORE},
103 {"lr", 14, 14, ARM11_REGISTER_CORE},
104 {"pc", 15, 15, ARM11_REGISTER_CORE},
105
106 {"cpsr", 0, 25, ARM11_REGISTER_CPSR},
107
108 /* Debug Registers */
109 {"dscr", 0, -1, ARM11_REGISTER_DSCR},
110 {"wdtr", 0, -1, ARM11_REGISTER_WDTR},
111 {"rdtr", 0, -1, ARM11_REGISTER_RDTR},
112 };
113
114 enum arm11_regcache_ids
115 {
116 ARM11_RC_R0,
117 ARM11_RC_RX = ARM11_RC_R0,
118
119 ARM11_RC_R1,
120 ARM11_RC_R2,
121 ARM11_RC_R3,
122 ARM11_RC_R4,
123 ARM11_RC_R5,
124 ARM11_RC_R6,
125 ARM11_RC_R7,
126 ARM11_RC_R8,
127 ARM11_RC_R9,
128 ARM11_RC_R10,
129 ARM11_RC_R11,
130 ARM11_RC_R12,
131 ARM11_RC_R13,
132 ARM11_RC_SP = ARM11_RC_R13,
133 ARM11_RC_R14,
134 ARM11_RC_LR = ARM11_RC_R14,
135 ARM11_RC_R15,
136 ARM11_RC_PC = ARM11_RC_R15,
137
138 ARM11_RC_CPSR,
139
140 ARM11_RC_DSCR,
141 ARM11_RC_WDTR,
142 ARM11_RC_RDTR,
143
144 ARM11_RC_MAX,
145 };
146
147 static int arm11_on_enter_debug_state(struct arm11_common *arm11);
148 static int arm11_step(struct target *target, int current,
149 uint32_t address, int handle_breakpoints);
150 /* helpers */
151 static int arm11_build_reg_cache(struct target *target);
152 static int arm11_set_reg(struct reg *reg, uint8_t *buf);
153 static int arm11_get_reg(struct reg *reg);
154
155
156 /** Check and if necessary take control of the system
157 *
158 * \param arm11 Target state variable.
159 * \param dscr If the current DSCR content is
160 * available a pointer to a word holding the
161 * DSCR can be passed. Otherwise use NULL.
162 */
163 static int arm11_check_init(struct arm11_common *arm11, uint32_t *dscr)
164 {
165 uint32_t dscr_local_tmp_copy;
166
167 if (!dscr)
168 {
169 dscr = &dscr_local_tmp_copy;
170
171 CHECK_RETVAL(arm11_read_DSCR(arm11, dscr));
172 }
173
174 if (!(*dscr & ARM11_DSCR_MODE_SELECT))
175 {
176 LOG_DEBUG("Bringing target into debug mode");
177
178 *dscr |= ARM11_DSCR_MODE_SELECT; /* Halt debug-mode */
179 arm11_write_DSCR(arm11, *dscr);
180
181 /* add further reset initialization here */
182
183 arm11->simulate_reset_on_next_halt = true;
184
185 if (*dscr & ARM11_DSCR_CORE_HALTED)
186 {
187 /** \todo TODO: this needs further scrutiny because
188 * arm11_on_enter_debug_state() never gets properly called.
189 * As a result we don't read the actual register states from
190 * the target.
191 */
192
193 arm11->target->state = TARGET_HALTED;
194 arm11->target->debug_reason = arm11_get_DSCR_debug_reason(*dscr);
195 }
196 else
197 {
198 arm11->target->state = TARGET_RUNNING;
199 arm11->target->debug_reason = DBG_REASON_NOTHALTED;
200 }
201
202 arm11_sc7_clear_vbw(arm11);
203 }
204
205 return ERROR_OK;
206 }
207
208
209
210 #define R(x) \
211 (arm11->reg_values[ARM11_RC_##x])
212
213 /** Save processor state.
214 *
215 * This is called when the HALT instruction has succeeded
216 * or on other occasions that stop the processor.
217 *
218 */
219 static int arm11_on_enter_debug_state(struct arm11_common *arm11)
220 {
221 int retval;
222
223 /* REVISIT entire cache should already be invalid !!! */
224 register_cache_invalidate(arm11->arm.core_cache);
225
226 for (size_t i = 0; i < ARRAY_SIZE(arm11->reg_values); i++)
227 {
228 arm11->reg_list[i].valid = 1;
229 arm11->reg_list[i].dirty = 0;
230 }
231
232 /* Save DSCR */
233 CHECK_RETVAL(arm11_read_DSCR(arm11, &R(DSCR)));
234
235 /* Save wDTR */
236
237 if (R(DSCR) & ARM11_DSCR_WDTR_FULL)
238 {
239 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
240
241 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
242
243 struct scan_field chain5_fields[3];
244
245 arm11_setup_field(arm11, 32, NULL, &R(WDTR), chain5_fields + 0);
246 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 1);
247 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
248
249 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
250 }
251 else
252 {
253 arm11->reg_list[ARM11_RC_WDTR].valid = 0;
254 }
255
256
257 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
258 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
259 ARM1136 seems to require this to issue ITR's as well */
260
261 uint32_t new_dscr = R(DSCR) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE;
262
263 /* this executes JTAG queue: */
264
265 arm11_write_DSCR(arm11, new_dscr);
266
267
268 /* From the spec:
269 Before executing any instruction in debug state you have to drain the write buffer.
270 This ensures that no imprecise Data Aborts can return at a later point:*/
271
272 /** \todo TODO: Test drain write buffer. */
273
274 #if 0
275 while (1)
276 {
277 /* MRC p14,0,R0,c5,c10,0 */
278 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
279
280 /* mcr 15, 0, r0, cr7, cr10, {4} */
281 arm11_run_instr_no_data1(arm11, 0xee070f9a);
282
283 uint32_t dscr = arm11_read_DSCR(arm11);
284
285 LOG_DEBUG("DRAIN, DSCR %08x", dscr);
286
287 if (dscr & ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT)
288 {
289 arm11_run_instr_no_data1(arm11, 0xe320f000);
290
291 dscr = arm11_read_DSCR(arm11);
292
293 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr);
294
295 break;
296 }
297 }
298 #endif
299
300 retval = arm_dpm_read_current_registers(&arm11->dpm);
301 if (retval != ERROR_OK)
302 LOG_ERROR("DPM REG READ -- fail %d", retval);
303
304 retval = arm11_run_instr_data_prepare(arm11);
305 if (retval != ERROR_OK)
306 return retval;
307
308 /* save r0 - r14 */
309
310 /** \todo TODO: handle other mode registers */
311
312 for (size_t i = 0; i < 15; i++)
313 {
314 /* MCR p14,0,R?,c0,c5,0 */
315 retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15 | (i << 12), &R(RX + i), 1);
316 if (retval != ERROR_OK)
317 return retval;
318 }
319
320 /* save rDTR */
321
322 /* check rDTRfull in DSCR */
323
324 if (R(DSCR) & ARM11_DSCR_RDTR_FULL)
325 {
326 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
327 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xEE100E15, &R(RDTR));
328 if (retval != ERROR_OK)
329 return retval;
330 }
331 else
332 {
333 arm11->reg_list[ARM11_RC_RDTR].valid = 0;
334 }
335
336 /* save CPSR */
337
338 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
339 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xE10F0000, &R(CPSR));
340 if (retval != ERROR_OK)
341 return retval;
342
343 /* save PC */
344
345 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
346 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xE1A0000F, &R(PC));
347 if (retval != ERROR_OK)
348 return retval;
349
350 /* adjust PC depending on ARM state */
351
352 if (R(CPSR) & ARM11_CPSR_J) /* Java state */
353 {
354 arm11->reg_values[ARM11_RC_PC] -= 0;
355 }
356 else if (R(CPSR) & ARM11_CPSR_T) /* Thumb state */
357 {
358 arm11->reg_values[ARM11_RC_PC] -= 4;
359 }
360 else /* ARM state */
361 {
362 arm11->reg_values[ARM11_RC_PC] -= 8;
363 }
364
365 if (arm11->simulate_reset_on_next_halt)
366 {
367 arm11->simulate_reset_on_next_halt = false;
368
369 LOG_DEBUG("Reset c1 Control Register");
370
371 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
372
373 /* MCR p15,0,R0,c1,c0,0 */
374 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee010f10, 0);
375 if (retval != ERROR_OK)
376 return retval;
377
378 }
379
380 retval = arm11_run_instr_data_finish(arm11);
381 if (retval != ERROR_OK)
382 return retval;
383
384 return ERROR_OK;
385 }
386
387 /** Restore processor state
388 *
389 * This is called in preparation for the RESTART function.
390 *
391 */
392 static int arm11_leave_debug_state(struct arm11_common *arm11)
393 {
394 int retval;
395
396 retval = arm11_run_instr_data_prepare(arm11);
397 if (retval != ERROR_OK)
398 return retval;
399
400 /** \todo TODO: handle other mode registers */
401
402 /* restore R1 - R14 */
403
404 for (unsigned i = 1; i < 15; i++)
405 {
406 if (!arm11->reg_list[ARM11_RC_RX + i].dirty)
407 continue;
408
409 /* MRC p14,0,r?,c0,c5,0 */
410 arm11_run_instr_data_to_core1(arm11,
411 0xee100e15 | (i << 12), R(RX + i));
412
413 // LOG_DEBUG("RESTORE R%u %08x", i, R(RX + i));
414 }
415
416 retval = arm11_run_instr_data_finish(arm11);
417 if (retval != ERROR_OK)
418 return retval;
419
420 /* spec says clear wDTR and rDTR; we assume they are clear as
421 otherwise our programming would be sloppy */
422 {
423 uint32_t DSCR;
424
425 CHECK_RETVAL(arm11_read_DSCR(arm11, &DSCR));
426
427 if (DSCR & (ARM11_DSCR_RDTR_FULL | ARM11_DSCR_WDTR_FULL))
428 {
429 /*
430 The wDTR/rDTR two registers that are used to send/receive data to/from
431 the core in tandem with corresponding instruction codes that are
432 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
433 registers hold data that was written by one side (CPU or JTAG) and not
434 read out by the other side.
435 */
436 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32 ")", DSCR);
437 return ERROR_FAIL;
438 }
439 }
440
441 /* DEBUG for now, trust "new" code only for shadowed registers */
442 retval = arm_dpm_write_dirty_registers(&arm11->dpm);
443
444 retval = arm11_run_instr_data_prepare(arm11);
445 if (retval != ERROR_OK)
446 return retval;
447
448 /* restore original wDTR */
449
450 if ((R(DSCR) & ARM11_DSCR_WDTR_FULL) || arm11->reg_list[ARM11_RC_WDTR].dirty)
451 {
452 /* MCR p14,0,R0,c0,c5,0 */
453 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee000e15, R(WDTR));
454 if (retval != ERROR_OK)
455 return retval;
456 }
457
458 /* restore CPSR */
459
460 /* MSR CPSR,R0*/
461 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xe129f000, R(CPSR));
462 if (retval != ERROR_OK)
463 return retval;
464
465
466 /* restore PC */
467
468 /* MOV PC,R0 */
469 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xe1a0f000, R(PC));
470 if (retval != ERROR_OK)
471 return retval;
472
473
474 /* restore R0 */
475
476 /* MRC p14,0,r0,c0,c5,0 */
477 arm11_run_instr_data_to_core1(arm11, 0xee100e15, R(R0));
478
479 retval = arm11_run_instr_data_finish(arm11);
480 if (retval != ERROR_OK)
481 return retval;
482
483 /* DEBUG use this when "new" code is really managing core registers */
484 // retval = arm_dpm_write_dirty_registers(&arm11->dpm);
485
486 register_cache_invalidate(arm11->arm.core_cache);
487
488 /* restore DSCR */
489
490 arm11_write_DSCR(arm11, R(DSCR));
491
492 /* restore rDTR */
493
494 if (R(DSCR) & ARM11_DSCR_RDTR_FULL || arm11->reg_list[ARM11_RC_RDTR].dirty)
495 {
496 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
497
498 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
499
500 struct scan_field chain5_fields[3];
501
502 uint8_t Ready = 0; /* ignored */
503 uint8_t Valid = 0; /* ignored */
504
505 arm11_setup_field(arm11, 32, &R(RDTR), NULL, chain5_fields + 0);
506 arm11_setup_field(arm11, 1, &Ready, NULL, chain5_fields + 1);
507 arm11_setup_field(arm11, 1, &Valid, NULL, chain5_fields + 2);
508
509 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
510 }
511
512 return ERROR_OK;
513 }
514
515 /* poll current target status */
516 static int arm11_poll(struct target *target)
517 {
518 int retval;
519 struct arm11_common *arm11 = target_to_arm11(target);
520 uint32_t dscr;
521
522 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
523
524 LOG_DEBUG("DSCR %08" PRIx32 "", dscr);
525
526 CHECK_RETVAL(arm11_check_init(arm11, &dscr));
527
528 if (dscr & ARM11_DSCR_CORE_HALTED)
529 {
530 if (target->state != TARGET_HALTED)
531 {
532 enum target_state old_state = target->state;
533
534 LOG_DEBUG("enter TARGET_HALTED");
535 target->state = TARGET_HALTED;
536 target->debug_reason = arm11_get_DSCR_debug_reason(dscr);
537 retval = arm11_on_enter_debug_state(arm11);
538 if (retval != ERROR_OK)
539 return retval;
540
541 target_call_event_callbacks(target,
542 old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED);
543 }
544 }
545 else
546 {
547 if (target->state != TARGET_RUNNING && target->state != TARGET_DEBUG_RUNNING)
548 {
549 LOG_DEBUG("enter TARGET_RUNNING");
550 target->state = TARGET_RUNNING;
551 target->debug_reason = DBG_REASON_NOTHALTED;
552 }
553 }
554
555 return ERROR_OK;
556 }
557 /* architecture specific status reply */
558 static int arm11_arch_state(struct target *target)
559 {
560 int retval;
561
562 retval = armv4_5_arch_state(target);
563
564 /* REVISIT also display ARM11-specific MMU and cache status ... */
565
566 return retval;
567 }
568
569 /* target request support */
570 static int arm11_target_request_data(struct target *target,
571 uint32_t size, uint8_t *buffer)
572 {
573 LOG_WARNING("Not implemented: %s", __func__);
574
575 return ERROR_FAIL;
576 }
577
578 /* target execution control */
579 static int arm11_halt(struct target *target)
580 {
581 struct arm11_common *arm11 = target_to_arm11(target);
582
583 LOG_DEBUG("target->state: %s",
584 target_state_name(target));
585
586 if (target->state == TARGET_UNKNOWN)
587 {
588 arm11->simulate_reset_on_next_halt = true;
589 }
590
591 if (target->state == TARGET_HALTED)
592 {
593 LOG_DEBUG("target was already halted");
594 return ERROR_OK;
595 }
596
597 arm11_add_IR(arm11, ARM11_HALT, TAP_IDLE);
598
599 CHECK_RETVAL(jtag_execute_queue());
600
601 uint32_t dscr;
602
603 int i = 0;
604 while (1)
605 {
606 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
607
608 if (dscr & ARM11_DSCR_CORE_HALTED)
609 break;
610
611
612 long long then = 0;
613 if (i == 1000)
614 {
615 then = timeval_ms();
616 }
617 if (i >= 1000)
618 {
619 if ((timeval_ms()-then) > 1000)
620 {
621 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
622 return ERROR_FAIL;
623 }
624 }
625 i++;
626 }
627
628 arm11_on_enter_debug_state(arm11);
629
630 enum target_state old_state = target->state;
631
632 target->state = TARGET_HALTED;
633 target->debug_reason = arm11_get_DSCR_debug_reason(dscr);
634
635 CHECK_RETVAL(
636 target_call_event_callbacks(target,
637 old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED));
638
639 return ERROR_OK;
640 }
641
642 static int arm11_resume(struct target *target, int current,
643 uint32_t address, int handle_breakpoints, int debug_execution)
644 {
645 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
646 // current, address, handle_breakpoints, debug_execution);
647
648 struct arm11_common *arm11 = target_to_arm11(target);
649
650 LOG_DEBUG("target->state: %s",
651 target_state_name(target));
652
653
654 if (target->state != TARGET_HALTED)
655 {
656 LOG_ERROR("Target not halted");
657 return ERROR_TARGET_NOT_HALTED;
658 }
659
660 if (!current)
661 R(PC) = address;
662
663 LOG_DEBUG("RESUME PC %08" PRIx32 "%s", R(PC), !current ? "!" : "");
664
665 /* clear breakpoints/watchpoints and VCR*/
666 arm11_sc7_clear_vbw(arm11);
667
668 /* Set up breakpoints */
669 if (!debug_execution)
670 {
671 /* check if one matches PC and step over it if necessary */
672
673 struct breakpoint * bp;
674
675 for (bp = target->breakpoints; bp; bp = bp->next)
676 {
677 if (bp->address == R(PC))
678 {
679 LOG_DEBUG("must step over %08" PRIx32 "", bp->address);
680 arm11_step(target, 1, 0, 0);
681 break;
682 }
683 }
684
685 /* set all breakpoints */
686
687 unsigned brp_num = 0;
688
689 for (bp = target->breakpoints; bp; bp = bp->next)
690 {
691 struct arm11_sc7_action brp[2];
692
693 brp[0].write = 1;
694 brp[0].address = ARM11_SC7_BVR0 + brp_num;
695 brp[0].value = bp->address;
696 brp[1].write = 1;
697 brp[1].address = ARM11_SC7_BCR0 + brp_num;
698 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
699
700 arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp));
701
702 LOG_DEBUG("Add BP %d at %08" PRIx32, brp_num,
703 bp->address);
704
705 brp_num++;
706 }
707
708 arm11_sc7_set_vcr(arm11, arm11_vcr);
709 }
710
711 arm11_leave_debug_state(arm11);
712
713 arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
714
715 CHECK_RETVAL(jtag_execute_queue());
716
717 int i = 0;
718 while (1)
719 {
720 uint32_t dscr;
721
722 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
723
724 LOG_DEBUG("DSCR %08" PRIx32 "", dscr);
725
726 if (dscr & ARM11_DSCR_CORE_RESTARTED)
727 break;
728
729
730 long long then = 0;
731 if (i == 1000)
732 {
733 then = timeval_ms();
734 }
735 if (i >= 1000)
736 {
737 if ((timeval_ms()-then) > 1000)
738 {
739 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
740 return ERROR_FAIL;
741 }
742 }
743 i++;
744 }
745
746 if (!debug_execution)
747 {
748 target->state = TARGET_RUNNING;
749 target->debug_reason = DBG_REASON_NOTHALTED;
750
751 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
752 }
753 else
754 {
755 target->state = TARGET_DEBUG_RUNNING;
756 target->debug_reason = DBG_REASON_NOTHALTED;
757
758 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
759 }
760
761 return ERROR_OK;
762 }
763
764 static int arm11_step(struct target *target, int current,
765 uint32_t address, int handle_breakpoints)
766 {
767 LOG_DEBUG("target->state: %s",
768 target_state_name(target));
769
770 if (target->state != TARGET_HALTED)
771 {
772 LOG_WARNING("target was not halted");
773 return ERROR_TARGET_NOT_HALTED;
774 }
775
776 struct arm11_common *arm11 = target_to_arm11(target);
777
778 if (!current)
779 R(PC) = address;
780
781 LOG_DEBUG("STEP PC %08" PRIx32 "%s", R(PC), !current ? "!" : "");
782
783
784 /** \todo TODO: Thumb not supported here */
785
786 uint32_t next_instruction;
787
788 CHECK_RETVAL(arm11_read_memory_word(arm11, R(PC), &next_instruction));
789
790 /* skip over BKPT */
791 if ((next_instruction & 0xFFF00070) == 0xe1200070)
792 {
793 R(PC) += 4;
794 arm11->reg_list[ARM11_RC_PC].valid = 1;
795 arm11->reg_list[ARM11_RC_PC].dirty = 0;
796 LOG_DEBUG("Skipping BKPT");
797 }
798 /* skip over Wait for interrupt / Standby */
799 /* mcr 15, 0, r?, cr7, cr0, {4} */
800 else if ((next_instruction & 0xFFFF0FFF) == 0xee070f90)
801 {
802 R(PC) += 4;
803 arm11->reg_list[ARM11_RC_PC].valid = 1;
804 arm11->reg_list[ARM11_RC_PC].dirty = 0;
805 LOG_DEBUG("Skipping WFI");
806 }
807 /* ignore B to self */
808 else if ((next_instruction & 0xFEFFFFFF) == 0xeafffffe)
809 {
810 LOG_DEBUG("Not stepping jump to self");
811 }
812 else
813 {
814 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
815 * with this. */
816
817 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
818 * the VCR might be something worth looking into. */
819
820
821 /* Set up breakpoint for stepping */
822
823 struct arm11_sc7_action brp[2];
824
825 brp[0].write = 1;
826 brp[0].address = ARM11_SC7_BVR0;
827 brp[1].write = 1;
828 brp[1].address = ARM11_SC7_BCR0;
829
830 if (arm11_config_hardware_step)
831 {
832 /* Hardware single stepping ("instruction address
833 * mismatch") is used if enabled. It's not quite
834 * exactly "run one instruction"; "branch to here"
835 * loops won't break, neither will some other cases,
836 * but it's probably the best default.
837 *
838 * Hardware single stepping isn't supported on v6
839 * debug modules. ARM1176 and v7 can support it...
840 *
841 * FIXME Thumb stepping likely needs to use 0x03
842 * or 0xc0 byte masks, not 0x0f.
843 */
844 brp[0].value = R(PC);
845 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5)
846 | (0 << 14) | (0 << 16) | (0 << 20)
847 | (2 << 21);
848 } else
849 {
850 /* Sets a breakpoint on the next PC, as calculated
851 * by instruction set simulation.
852 *
853 * REVISIT stepping Thumb on ARM1156 requires Thumb2
854 * support from the simulator.
855 */
856 uint32_t next_pc;
857 int retval;
858
859 retval = arm_simulate_step(target, &next_pc);
860 if (retval != ERROR_OK)
861 return retval;
862
863 brp[0].value = next_pc;
864 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5)
865 | (0 << 14) | (0 << 16) | (0 << 20)
866 | (0 << 21);
867 }
868
869 CHECK_RETVAL(arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp)));
870
871 /* resume */
872
873
874 if (arm11_config_step_irq_enable)
875 R(DSCR) &= ~ARM11_DSCR_INTERRUPTS_DISABLE; /* should be redundant */
876 else
877 R(DSCR) |= ARM11_DSCR_INTERRUPTS_DISABLE;
878
879
880 CHECK_RETVAL(arm11_leave_debug_state(arm11));
881
882 arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
883
884 CHECK_RETVAL(jtag_execute_queue());
885
886 /* wait for halt */
887 int i = 0;
888 while (1)
889 {
890 uint32_t dscr;
891
892 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
893
894 LOG_DEBUG("DSCR %08" PRIx32 "e", dscr);
895
896 if ((dscr & (ARM11_DSCR_CORE_RESTARTED | ARM11_DSCR_CORE_HALTED)) ==
897 (ARM11_DSCR_CORE_RESTARTED | ARM11_DSCR_CORE_HALTED))
898 break;
899
900 long long then = 0;
901 if (i == 1000)
902 {
903 then = timeval_ms();
904 }
905 if (i >= 1000)
906 {
907 if ((timeval_ms()-then) > 1000)
908 {
909 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
910 return ERROR_FAIL;
911 }
912 }
913 i++;
914 }
915
916 /* clear breakpoint */
917 arm11_sc7_clear_vbw(arm11);
918
919 /* save state */
920 CHECK_RETVAL(arm11_on_enter_debug_state(arm11));
921
922 /* restore default state */
923 R(DSCR) &= ~ARM11_DSCR_INTERRUPTS_DISABLE;
924
925 }
926
927 // target->state = TARGET_HALTED;
928 target->debug_reason = DBG_REASON_SINGLESTEP;
929
930 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_HALTED));
931
932 return ERROR_OK;
933 }
934
935 static int arm11_assert_reset(struct target *target)
936 {
937 int retval;
938 struct arm11_common *arm11 = target_to_arm11(target);
939
940 retval = arm11_check_init(arm11, NULL);
941 if (retval != ERROR_OK)
942 return retval;
943
944 target->state = TARGET_UNKNOWN;
945
946 /* we would very much like to reset into the halted, state,
947 * but resetting and halting is second best... */
948 if (target->reset_halt)
949 {
950 CHECK_RETVAL(target_halt(target));
951 }
952
953
954 /* srst is funny. We can not do *anything* else while it's asserted
955 * and it has unkonwn side effects. Make sure no other code runs
956 * meanwhile.
957 *
958 * Code below assumes srst:
959 *
960 * - Causes power-on-reset (but of what parts of the system?). Bug
961 * in arm11?
962 *
963 * - Messes us TAP state without asserting trst.
964 *
965 * - There is another bug in the arm11 core. When you generate an access to
966 * external logic (for example ddr controller via AHB bus) and that block
967 * is not configured (perhaps it is still held in reset), that transaction
968 * will never complete. This will hang arm11 core but it will also hang
969 * JTAG controller. Nothing, short of srst assertion will bring it out of
970 * this.
971 *
972 * Mysteries:
973 *
974 * - What should the PC be after an srst reset when starting in the halted
975 * state?
976 */
977
978 jtag_add_reset(0, 1);
979 jtag_add_reset(0, 0);
980
981 /* How long do we have to wait? */
982 jtag_add_sleep(5000);
983
984 /* un-mess up TAP state */
985 jtag_add_tlr();
986
987 retval = jtag_execute_queue();
988 if (retval != ERROR_OK)
989 {
990 return retval;
991 }
992
993 return ERROR_OK;
994 }
995
996 static int arm11_deassert_reset(struct target *target)
997 {
998 return ERROR_OK;
999 }
1000
1001 static int arm11_soft_reset_halt(struct target *target)
1002 {
1003 LOG_WARNING("Not implemented: %s", __func__);
1004
1005 return ERROR_FAIL;
1006 }
1007
1008 /* target memory access
1009 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1010 * count: number of items of <size>
1011 *
1012 * arm11_config_memrw_no_increment - in the future we may want to be able
1013 * to read/write a range of data to a "port". a "port" is an action on
1014 * read memory address for some peripheral.
1015 */
1016 static int arm11_read_memory_inner(struct target *target,
1017 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
1018 bool arm11_config_memrw_no_increment)
1019 {
1020 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1021 int retval;
1022
1023 if (target->state != TARGET_HALTED)
1024 {
1025 LOG_WARNING("target was not halted");
1026 return ERROR_TARGET_NOT_HALTED;
1027 }
1028
1029 LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
1030
1031 struct arm11_common *arm11 = target_to_arm11(target);
1032
1033 retval = arm11_run_instr_data_prepare(arm11);
1034 if (retval != ERROR_OK)
1035 return retval;
1036
1037 /* MRC p14,0,r0,c0,c5,0 */
1038 retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
1039 if (retval != ERROR_OK)
1040 return retval;
1041
1042 switch (size)
1043 {
1044 case 1:
1045 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1046 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1047
1048 for (size_t i = 0; i < count; i++)
1049 {
1050 /* ldrb r1, [r0], #1 */
1051 /* ldrb r1, [r0] */
1052 arm11_run_instr_no_data1(arm11,
1053 !arm11_config_memrw_no_increment ? 0xe4d01001 : 0xe5d01000);
1054
1055 uint32_t res;
1056 /* MCR p14,0,R1,c0,c5,0 */
1057 arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
1058
1059 *buffer++ = res;
1060 }
1061
1062 break;
1063
1064 case 2:
1065 {
1066 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1067
1068 for (size_t i = 0; i < count; i++)
1069 {
1070 /* ldrh r1, [r0], #2 */
1071 arm11_run_instr_no_data1(arm11,
1072 !arm11_config_memrw_no_increment ? 0xe0d010b2 : 0xe1d010b0);
1073
1074 uint32_t res;
1075
1076 /* MCR p14,0,R1,c0,c5,0 */
1077 arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
1078
1079 uint16_t svalue = res;
1080 memcpy(buffer + i * sizeof(uint16_t), &svalue, sizeof(uint16_t));
1081 }
1082
1083 break;
1084 }
1085
1086 case 4:
1087 {
1088 uint32_t instr = !arm11_config_memrw_no_increment ? 0xecb05e01 : 0xed905e00;
1089 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1090 uint32_t *words = (uint32_t *)buffer;
1091
1092 /* LDC p14,c5,[R0],#4 */
1093 /* LDC p14,c5,[R0] */
1094 arm11_run_instr_data_from_core(arm11, instr, words, count);
1095 break;
1096 }
1097 }
1098
1099 return arm11_run_instr_data_finish(arm11);
1100 }
1101
1102 static int arm11_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
1103 {
1104 return arm11_read_memory_inner(target, address, size, count, buffer, false);
1105 }
1106
1107 /*
1108 * arm11_config_memrw_no_increment - in the future we may want to be able
1109 * to read/write a range of data to a "port". a "port" is an action on
1110 * read memory address for some peripheral.
1111 */
1112 static int arm11_write_memory_inner(struct target *target,
1113 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
1114 bool arm11_config_memrw_no_increment)
1115 {
1116 int retval;
1117
1118 if (target->state != TARGET_HALTED)
1119 {
1120 LOG_WARNING("target was not halted");
1121 return ERROR_TARGET_NOT_HALTED;
1122 }
1123
1124 LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
1125
1126 struct arm11_common *arm11 = target_to_arm11(target);
1127
1128 retval = arm11_run_instr_data_prepare(arm11);
1129 if (retval != ERROR_OK)
1130 return retval;
1131
1132 /* MRC p14,0,r0,c0,c5,0 */
1133 retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
1134 if (retval != ERROR_OK)
1135 return retval;
1136
1137 /* burst writes are not used for single words as those may well be
1138 * reset init script writes.
1139 *
1140 * The other advantage is that as burst writes are default, we'll
1141 * now exercise both burst and non-burst code paths with the
1142 * default settings, increasing code coverage.
1143 */
1144 bool burst = arm11_config_memwrite_burst && (count > 1);
1145
1146 switch (size)
1147 {
1148 case 1:
1149 {
1150 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1151
1152 for (size_t i = 0; i < count; i++)
1153 {
1154 /* MRC p14,0,r1,c0,c5,0 */
1155 retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, *buffer++);
1156 if (retval != ERROR_OK)
1157 return retval;
1158
1159 /* strb r1, [r0], #1 */
1160 /* strb r1, [r0] */
1161 retval = arm11_run_instr_no_data1(arm11,
1162 !arm11_config_memrw_no_increment ? 0xe4c01001 : 0xe5c01000);
1163 if (retval != ERROR_OK)
1164 return retval;
1165 }
1166
1167 break;
1168 }
1169
1170 case 2:
1171 {
1172 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1173
1174 for (size_t i = 0; i < count; i++)
1175 {
1176 uint16_t value;
1177 memcpy(&value, buffer + i * sizeof(uint16_t), sizeof(uint16_t));
1178
1179 /* MRC p14,0,r1,c0,c5,0 */
1180 retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, value);
1181 if (retval != ERROR_OK)
1182 return retval;
1183
1184 /* strh r1, [r0], #2 */
1185 /* strh r1, [r0] */
1186 retval = arm11_run_instr_no_data1(arm11,
1187 !arm11_config_memrw_no_increment ? 0xe0c010b2 : 0xe1c010b0);
1188 if (retval != ERROR_OK)
1189 return retval;
1190 }
1191
1192 break;
1193 }
1194
1195 case 4: {
1196 uint32_t instr = !arm11_config_memrw_no_increment ? 0xeca05e01 : 0xed805e00;
1197
1198 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1199 uint32_t *words = (uint32_t*)buffer;
1200
1201 if (!burst)
1202 {
1203 /* STC p14,c5,[R0],#4 */
1204 /* STC p14,c5,[R0]*/
1205 retval = arm11_run_instr_data_to_core(arm11, instr, words, count);
1206 if (retval != ERROR_OK)
1207 return retval;
1208 }
1209 else
1210 {
1211 /* STC p14,c5,[R0],#4 */
1212 /* STC p14,c5,[R0]*/
1213 retval = arm11_run_instr_data_to_core_noack(arm11, instr, words, count);
1214 if (retval != ERROR_OK)
1215 return retval;
1216 }
1217
1218 break;
1219 }
1220 }
1221
1222 /* r0 verification */
1223 if (!arm11_config_memrw_no_increment)
1224 {
1225 uint32_t r0;
1226
1227 /* MCR p14,0,R0,c0,c5,0 */
1228 retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15, &r0, 1);
1229 if (retval != ERROR_OK)
1230 return retval;
1231
1232 if (address + size * count != r0)
1233 {
1234 LOG_ERROR("Data transfer failed. Expected end "
1235 "address 0x%08x, got 0x%08x",
1236 (unsigned) (address + size * count),
1237 (unsigned) r0);
1238
1239 if (burst)
1240 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1241
1242 if (arm11_config_memwrite_error_fatal)
1243 return ERROR_FAIL;
1244 }
1245 }
1246
1247 return arm11_run_instr_data_finish(arm11);
1248 }
1249
1250 static int arm11_write_memory(struct target *target,
1251 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
1252 {
1253 return arm11_write_memory_inner(target, address, size, count, buffer, false);
1254 }
1255
1256 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1257 static int arm11_bulk_write_memory(struct target *target,
1258 uint32_t address, uint32_t count, uint8_t *buffer)
1259 {
1260 if (target->state != TARGET_HALTED)
1261 {
1262 LOG_WARNING("target was not halted");
1263 return ERROR_TARGET_NOT_HALTED;
1264 }
1265
1266 return arm11_write_memory(target, address, 4, count, buffer);
1267 }
1268
1269 /* target break-/watchpoint control
1270 * rw: 0 = write, 1 = read, 2 = access
1271 */
1272 static int arm11_add_breakpoint(struct target *target,
1273 struct breakpoint *breakpoint)
1274 {
1275 struct arm11_common *arm11 = target_to_arm11(target);
1276
1277 #if 0
1278 if (breakpoint->type == BKPT_SOFT)
1279 {
1280 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1281 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1282 }
1283 #endif
1284
1285 if (!arm11->free_brps)
1286 {
1287 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1288 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1289 }
1290
1291 if (breakpoint->length != 4)
1292 {
1293 LOG_DEBUG("only breakpoints of four bytes length supported");
1294 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1295 }
1296
1297 arm11->free_brps--;
1298
1299 return ERROR_OK;
1300 }
1301
1302 static int arm11_remove_breakpoint(struct target *target,
1303 struct breakpoint *breakpoint)
1304 {
1305 struct arm11_common *arm11 = target_to_arm11(target);
1306
1307 arm11->free_brps++;
1308
1309 return ERROR_OK;
1310 }
1311
1312 static int arm11_add_watchpoint(struct target *target,
1313 struct watchpoint *watchpoint)
1314 {
1315 LOG_WARNING("Not implemented: %s", __func__);
1316
1317 return ERROR_FAIL;
1318 }
1319
1320 static int arm11_remove_watchpoint(struct target *target,
1321 struct watchpoint *watchpoint)
1322 {
1323 LOG_WARNING("Not implemented: %s", __func__);
1324
1325 return ERROR_FAIL;
1326 }
1327
1328 // HACKHACKHACK - FIXME mode/state
1329 /* target algorithm support */
1330 static int arm11_run_algorithm(struct target *target,
1331 int num_mem_params, struct mem_param *mem_params,
1332 int num_reg_params, struct reg_param *reg_params,
1333 uint32_t entry_point, uint32_t exit_point,
1334 int timeout_ms, void *arch_info)
1335 {
1336 struct arm11_common *arm11 = target_to_arm11(target);
1337 // enum armv4_5_state core_state = arm11->core_state;
1338 // enum armv4_5_mode core_mode = arm11->core_mode;
1339 uint32_t context[16];
1340 uint32_t cpsr;
1341 int exit_breakpoint_size = 0;
1342 int retval = ERROR_OK;
1343 LOG_DEBUG("Running algorithm");
1344
1345
1346 if (target->state != TARGET_HALTED)
1347 {
1348 LOG_WARNING("target not halted");
1349 return ERROR_TARGET_NOT_HALTED;
1350 }
1351
1352 // FIXME
1353 // if (!is_arm_mode(arm11->core_mode))
1354 // return ERROR_FAIL;
1355
1356 // Save regs
1357 for (unsigned i = 0; i < 16; i++)
1358 {
1359 context[i] = buf_get_u32((uint8_t*)(&arm11->reg_values[i]),0,32);
1360 LOG_DEBUG("Save %u: 0x%" PRIx32 "", i, context[i]);
1361 }
1362
1363 cpsr = buf_get_u32((uint8_t*)(arm11->reg_values + ARM11_RC_CPSR),0,32);
1364 LOG_DEBUG("Save CPSR: 0x%" PRIx32 "", cpsr);
1365
1366 for (int i = 0; i < num_mem_params; i++)
1367 {
1368 target_write_buffer(target, mem_params[i].address, mem_params[i].size, mem_params[i].value);
1369 }
1370
1371 // Set register parameters
1372 for (int i = 0; i < num_reg_params; i++)
1373 {
1374 struct reg *reg = register_get_by_name(arm11->core_cache, reg_params[i].reg_name, 0);
1375 if (!reg)
1376 {
1377 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1378 return ERROR_INVALID_ARGUMENTS;
1379 }
1380
1381 if (reg->size != reg_params[i].size)
1382 {
1383 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params[i].reg_name);
1384 return ERROR_INVALID_ARGUMENTS;
1385 }
1386 arm11_set_reg(reg,reg_params[i].value);
1387 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1388 }
1389
1390 exit_breakpoint_size = 4;
1391
1392 /* arm11->core_state = arm11_algorithm_info->core_state;
1393 if (arm11->core_state == ARMV4_5_STATE_ARM)
1394 exit_breakpoint_size = 4;
1395 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1396 exit_breakpoint_size = 2;
1397 else
1398 {
1399 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1400 exit(-1);
1401 }
1402 */
1403
1404
1405 /* arm11 at this point only supports ARM not THUMB mode
1406 however if this test needs to be reactivated the current state can be read back
1407 from CPSR */
1408 #if 0
1409 if (arm11_algorithm_info->core_mode != ARMV4_5_MODE_ANY)
1410 {
1411 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info->core_mode);
1412 buf_set_u32(arm11->reg_list[ARM11_RC_CPSR].value, 0, 5, arm11_algorithm_info->core_mode);
1413 arm11->reg_list[ARM11_RC_CPSR].dirty = 1;
1414 arm11->reg_list[ARM11_RC_CPSR].valid = 1;
1415 }
1416 #endif
1417
1418 if ((retval = breakpoint_add(target, exit_point, exit_breakpoint_size, BKPT_HARD)) != ERROR_OK)
1419 {
1420 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1421 retval = ERROR_TARGET_FAILURE;
1422 goto restore;
1423 }
1424
1425 // no debug, otherwise breakpoint is not set
1426 CHECK_RETVAL(target_resume(target, 0, entry_point, 1, 0));
1427
1428 CHECK_RETVAL(target_wait_state(target, TARGET_HALTED, timeout_ms));
1429
1430 if (target->state != TARGET_HALTED)
1431 {
1432 CHECK_RETVAL(target_halt(target));
1433
1434 CHECK_RETVAL(target_wait_state(target, TARGET_HALTED, 500));
1435
1436 retval = ERROR_TARGET_TIMEOUT;
1437
1438 goto del_breakpoint;
1439 }
1440
1441 if (buf_get_u32(arm11->reg_list[15].value, 0, 32) != exit_point)
1442 {
1443 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32 "",
1444 buf_get_u32(arm11->reg_list[15].value, 0, 32));
1445 retval = ERROR_TARGET_TIMEOUT;
1446 goto del_breakpoint;
1447 }
1448
1449 for (int i = 0; i < num_mem_params; i++)
1450 {
1451 if (mem_params[i].direction != PARAM_OUT)
1452 target_read_buffer(target, mem_params[i].address, mem_params[i].size, mem_params[i].value);
1453 }
1454
1455 for (int i = 0; i < num_reg_params; i++)
1456 {
1457 if (reg_params[i].direction != PARAM_OUT)
1458 {
1459 struct reg *reg = register_get_by_name(arm11->core_cache, reg_params[i].reg_name, 0);
1460 if (!reg)
1461 {
1462 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1463 retval = ERROR_INVALID_ARGUMENTS;
1464 goto del_breakpoint;
1465 }
1466
1467 if (reg->size != reg_params[i].size)
1468 {
1469 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params[i].reg_name);
1470 retval = ERROR_INVALID_ARGUMENTS;
1471 goto del_breakpoint;
1472 }
1473
1474 buf_set_u32(reg_params[i].value, 0, 32, buf_get_u32(reg->value, 0, 32));
1475 }
1476 }
1477
1478 del_breakpoint:
1479 breakpoint_remove(target, exit_point);
1480
1481 restore:
1482 // Restore context
1483 for (size_t i = 0; i < 16; i++)
1484 {
1485 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32 "",
1486 arm11->reg_list[i].name, context[i]);
1487 arm11_set_reg(&arm11->reg_list[i], (uint8_t*)&context[i]);
1488 }
1489 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32 "", cpsr);
1490 arm11_set_reg(&arm11->reg_list[ARM11_RC_CPSR], (uint8_t*)&cpsr);
1491
1492 // arm11->core_state = core_state;
1493 // arm11->core_mode = core_mode;
1494
1495 return retval;
1496 }
1497
1498 static int arm11_target_create(struct target *target, Jim_Interp *interp)
1499 {
1500 struct arm11_common *arm11;
1501
1502 if (target->tap == NULL)
1503 return ERROR_FAIL;
1504
1505 if (target->tap->ir_length != 5)
1506 {
1507 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1508 return ERROR_COMMAND_SYNTAX_ERROR;
1509 }
1510
1511 arm11 = calloc(1, sizeof *arm11);
1512 if (!arm11)
1513 return ERROR_FAIL;
1514
1515 armv4_5_init_arch_info(target, &arm11->arm);
1516
1517 arm11->target = target;
1518
1519 arm11->jtag_info.tap = target->tap;
1520 arm11->jtag_info.scann_size = 5;
1521 arm11->jtag_info.scann_instr = ARM11_SCAN_N;
1522 /* cur_scan_chain == 0 */
1523 arm11->jtag_info.intest_instr = ARM11_INTEST;
1524
1525 return ERROR_OK;
1526 }
1527
1528 static int arm11_init_target(struct command_context *cmd_ctx,
1529 struct target *target)
1530 {
1531 /* Initialize anything we can set up without talking to the target */
1532
1533 /* FIXME Switch to use the standard build_reg_cache() not custom
1534 * code. Do it from examine(), after we check whether we're
1535 * an arm1176 and thus support the Secure Monitor mode.
1536 */
1537 return arm11_build_reg_cache(target);
1538 }
1539
1540 /* talk to the target and set things up */
1541 static int arm11_examine(struct target *target)
1542 {
1543 int retval;
1544 char *type;
1545 struct arm11_common *arm11 = target_to_arm11(target);
1546 uint32_t didr, device_id;
1547 uint8_t implementor;
1548
1549 /* FIXME split into do-first-time and do-every-time logic ... */
1550
1551 /* check IDCODE */
1552
1553 arm11_add_IR(arm11, ARM11_IDCODE, ARM11_TAP_DEFAULT);
1554
1555 struct scan_field idcode_field;
1556
1557 arm11_setup_field(arm11, 32, NULL, &device_id, &idcode_field);
1558
1559 arm11_add_dr_scan_vc(1, &idcode_field, TAP_DRPAUSE);
1560
1561 /* check DIDR */
1562
1563 arm11_add_debug_SCAN_N(arm11, 0x00, ARM11_TAP_DEFAULT);
1564
1565 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
1566
1567 struct scan_field chain0_fields[2];
1568
1569 arm11_setup_field(arm11, 32, NULL, &didr, chain0_fields + 0);
1570 arm11_setup_field(arm11, 8, NULL, &implementor, chain0_fields + 1);
1571
1572 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields), chain0_fields, TAP_IDLE);
1573
1574 CHECK_RETVAL(jtag_execute_queue());
1575
1576 switch (device_id & 0x0FFFF000)
1577 {
1578 case 0x07B36000:
1579 type = "ARM1136";
1580 break;
1581 case 0x07B56000:
1582 type = "ARM1156";
1583 break;
1584 case 0x07B76000:
1585 arm11->arm.core_type = ARM_MODE_MON;
1586 type = "ARM1176";
1587 break;
1588 default:
1589 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1590 return ERROR_FAIL;
1591 }
1592 LOG_INFO("found %s", type);
1593
1594 /* unlikely this could ever fail, but ... */
1595 switch ((didr >> 16) & 0x0F) {
1596 case ARM11_DEBUG_V6:
1597 case ARM11_DEBUG_V61: /* supports security extensions */
1598 break;
1599 default:
1600 LOG_ERROR("Only ARM v6 and v6.1 debug supported.");
1601 return ERROR_FAIL;
1602 }
1603
1604 arm11->brp = ((didr >> 24) & 0x0F) + 1;
1605 arm11->wrp = ((didr >> 28) & 0x0F) + 1;
1606
1607 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1608 arm11->free_brps = arm11->brp;
1609 arm11->free_wrps = arm11->wrp;
1610
1611 LOG_DEBUG("IDCODE %08" PRIx32 " IMPLEMENTOR %02x DIDR %08" PRIx32,
1612 device_id, implementor, didr);
1613
1614 /* as a side-effect this reads DSCR and thus
1615 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1616 * as suggested by the spec.
1617 */
1618
1619 retval = arm11_check_init(arm11, NULL);
1620 if (retval != ERROR_OK)
1621 return retval;
1622
1623 /* Build register cache "late", after target_init(), since we
1624 * want to know if this core supports Secure Monitor mode.
1625 */
1626 if (!target_was_examined(target)) {
1627 arm11_dpm_init(arm11, didr);
1628 retval = arm_dpm_setup(&arm11->dpm);
1629 }
1630
1631 /* ETM on ARM11 still uses original scanchain 6 access mode */
1632 if (arm11->arm.etm && !target_was_examined(target)) {
1633 *register_get_last_cache_p(&target->reg_cache) =
1634 etm_build_reg_cache(target, &arm11->jtag_info,
1635 arm11->arm.etm);
1636 retval = etm_setup(target);
1637 }
1638
1639 target_set_examined(target);
1640
1641 return ERROR_OK;
1642 }
1643
1644
1645 /** Load a register that is marked !valid in the register cache */
1646 static int arm11_get_reg(struct reg *reg)
1647 {
1648 struct target * target = ((struct arm11_reg_state *)reg->arch_info)->target;
1649
1650 if (target->state != TARGET_HALTED)
1651 {
1652 LOG_WARNING("target was not halted");
1653 return ERROR_TARGET_NOT_HALTED;
1654 }
1655
1656 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1657
1658 #if 0
1659 struct arm11_common *arm11 = target_to_arm11(target);
1660 const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1661 #endif
1662
1663 return ERROR_OK;
1664 }
1665
1666 /** Change a value in the register cache */
1667 static int arm11_set_reg(struct reg *reg, uint8_t *buf)
1668 {
1669 struct target *target = ((struct arm11_reg_state *)reg->arch_info)->target;
1670 struct arm11_common *arm11 = target_to_arm11(target);
1671 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1672
1673 arm11->reg_values[((struct arm11_reg_state *)reg->arch_info)->def_index] = buf_get_u32(buf, 0, 32);
1674 reg->valid = 1;
1675 reg->dirty = 1;
1676
1677 return ERROR_OK;
1678 }
1679
1680 static const struct reg_arch_type arm11_reg_type = {
1681 .get = arm11_get_reg,
1682 .set = arm11_set_reg,
1683 };
1684
1685 static int arm11_build_reg_cache(struct target *target)
1686 {
1687 struct arm11_common *arm11 = target_to_arm11(target);
1688 struct reg_cache *cache;
1689 struct reg *reg_list;
1690 struct arm11_reg_state *arm11_reg_states;
1691
1692 cache = calloc(1, sizeof *cache);
1693 reg_list = calloc(ARM11_REGCACHE_COUNT, sizeof *reg_list);
1694 arm11_reg_states = calloc(ARM11_REGCACHE_COUNT,
1695 sizeof *arm11_reg_states);
1696 if (!cache || !reg_list || !arm11_reg_states) {
1697 free(cache);
1698 free(reg_list);
1699 free(arm11_reg_states);
1700 return ERROR_FAIL;
1701 }
1702
1703 arm11->reg_list = reg_list;
1704
1705 /* Build the process context cache */
1706 cache->name = "arm11 registers";
1707 cache->next = NULL;
1708 cache->reg_list = reg_list;
1709 cache->num_regs = ARM11_REGCACHE_COUNT;
1710
1711 struct reg_cache **cache_p = register_get_last_cache_p(&target->reg_cache);
1712 (*cache_p) = cache;
1713
1714 arm11->core_cache = cache;
1715 // armv7m->process_context = cache;
1716
1717 size_t i;
1718
1719 /* Not very elegant assertion */
1720 if (ARM11_REGCACHE_COUNT != ARRAY_SIZE(arm11->reg_values) ||
1721 ARM11_REGCACHE_COUNT != ARRAY_SIZE(arm11_reg_defs) ||
1722 ARM11_REGCACHE_COUNT != ARM11_RC_MAX)
1723 {
1724 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d %u %u %d)",
1725 ARM11_REGCACHE_COUNT,
1726 (unsigned) ARRAY_SIZE(arm11->reg_values),
1727 (unsigned) ARRAY_SIZE(arm11_reg_defs),
1728 ARM11_RC_MAX);
1729 /* FIXME minimally, use a build_bug_on(X) mechanism;
1730 * runtime exit() here is bad!
1731 */
1732 exit(-1);
1733 }
1734
1735 for (i = 0; i < ARM11_REGCACHE_COUNT; i++)
1736 {
1737 struct reg * r = reg_list + i;
1738 const struct arm11_reg_defs * rd = arm11_reg_defs + i;
1739 struct arm11_reg_state * rs = arm11_reg_states + i;
1740
1741 r->name = rd->name;
1742 r->size = 32;
1743 r->value = (uint8_t *)(arm11->reg_values + i);
1744 r->dirty = 0;
1745 r->valid = 0;
1746 r->type = &arm11_reg_type;
1747 r->arch_info = rs;
1748
1749 rs->def_index = i;
1750 rs->target = target;
1751 }
1752
1753 return ERROR_OK;
1754 }
1755
1756 /* FIXME all these BOOL_WRAPPER things should be modifying
1757 * per-instance state, not shared state; ditto the vector
1758 * catch register support. Scan chains with multiple cores
1759 * should be able to say "work with this core like this,
1760 * that core like that". Example, ARM11 MPCore ...
1761 */
1762
1763 #define ARM11_BOOL_WRAPPER(name, print_name) \
1764 COMMAND_HANDLER(arm11_handle_bool_##name) \
1765 { \
1766 return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
1767 &arm11_config_##name, print_name); \
1768 }
1769
1770 ARM11_BOOL_WRAPPER(memwrite_burst, "memory write burst mode")
1771 ARM11_BOOL_WRAPPER(memwrite_error_fatal, "fatal error mode for memory writes")
1772 ARM11_BOOL_WRAPPER(step_irq_enable, "IRQs while stepping")
1773 ARM11_BOOL_WRAPPER(hardware_step, "hardware single step")
1774
1775 COMMAND_HANDLER(arm11_handle_vcr)
1776 {
1777 switch (CMD_ARGC) {
1778 case 0:
1779 break;
1780 case 1:
1781 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], arm11_vcr);
1782 break;
1783 default:
1784 return ERROR_COMMAND_SYNTAX_ERROR;
1785 }
1786
1787 LOG_INFO("VCR 0x%08" PRIx32 "", arm11_vcr);
1788 return ERROR_OK;
1789 }
1790
1791 static const uint32_t arm11_coproc_instruction_limits[] =
1792 {
1793 15, /* coprocessor */
1794 7, /* opcode 1 */
1795 15, /* CRn */
1796 15, /* CRm */
1797 7, /* opcode 2 */
1798 0xFFFFFFFF, /* value */
1799 };
1800
1801 static int arm11_mrc_inner(struct target *target, int cpnum,
1802 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm,
1803 uint32_t *value, bool read)
1804 {
1805 int retval;
1806 struct arm11_common *arm11 = target_to_arm11(target);
1807
1808 if (target->state != TARGET_HALTED)
1809 {
1810 LOG_ERROR("Target not halted");
1811 return ERROR_FAIL;
1812 }
1813
1814 uint32_t instr = 0xEE000010 |
1815 (cpnum << 8) |
1816 (op1 << 21) |
1817 (CRn << 16) |
1818 (CRm << 0) |
1819 (op2 << 5);
1820
1821 if (read)
1822 instr |= 0x00100000;
1823
1824 retval = arm11_run_instr_data_prepare(arm11);
1825 if (retval != ERROR_OK)
1826 return retval;
1827
1828 if (read)
1829 {
1830 retval = arm11_run_instr_data_from_core_via_r0(arm11, instr, value);
1831 if (retval != ERROR_OK)
1832 return retval;
1833 }
1834 else
1835 {
1836 retval = arm11_run_instr_data_to_core_via_r0(arm11, instr, *value);
1837 if (retval != ERROR_OK)
1838 return retval;
1839 }
1840
1841 return arm11_run_instr_data_finish(arm11);
1842 }
1843
1844 static int arm11_mrc(struct target *target, int cpnum,
1845 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
1846 {
1847 return arm11_mrc_inner(target, cpnum, op1, op2, CRn, CRm, value, true);
1848 }
1849
1850 static int arm11_mcr(struct target *target, int cpnum,
1851 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
1852 {
1853 return arm11_mrc_inner(target, cpnum, op1, op2, CRn, CRm, &value, false);
1854 }
1855
1856 static int arm11_register_commands(struct command_context *cmd_ctx)
1857 {
1858 struct command *top_cmd, *mw_cmd;
1859
1860 armv4_5_register_commands(cmd_ctx);
1861
1862 top_cmd = register_command(cmd_ctx, NULL, "arm11",
1863 NULL, COMMAND_ANY, NULL);
1864
1865 /* "hardware_step" is only here to check if the default
1866 * simulate + breakpoint implementation is broken.
1867 * TEMPORARY! NOT DOCUMENTED!
1868 */
1869 register_command(cmd_ctx, top_cmd, "hardware_step",
1870 arm11_handle_bool_hardware_step, COMMAND_ANY,
1871 "DEBUG ONLY - Hardware single stepping"
1872 " (default: disabled)");
1873
1874 mw_cmd = register_command(cmd_ctx, top_cmd, "memwrite",
1875 NULL, COMMAND_ANY, NULL);
1876 register_command(cmd_ctx, mw_cmd, "burst",
1877 arm11_handle_bool_memwrite_burst, COMMAND_ANY,
1878 "Enable/Disable non-standard but fast burst mode"
1879 " (default: enabled)");
1880 register_command(cmd_ctx, mw_cmd, "error_fatal",
1881 arm11_handle_bool_memwrite_error_fatal, COMMAND_ANY,
1882 "Terminate program if transfer error was found"
1883 " (default: enabled)");
1884
1885 register_command(cmd_ctx, top_cmd, "step_irq_enable",
1886 arm11_handle_bool_step_irq_enable, COMMAND_ANY,
1887 "Enable interrupts while stepping"
1888 " (default: disabled)");
1889 register_command(cmd_ctx, top_cmd, "vcr",
1890 arm11_handle_vcr, COMMAND_ANY,
1891 "Control (Interrupt) Vector Catch Register");
1892
1893 return etm_register_commands(cmd_ctx);
1894 }
1895
1896 /** Holds methods for ARM11xx targets. */
1897 struct target_type arm11_target = {
1898 .name = "arm11",
1899
1900 .poll = arm11_poll,
1901 .arch_state = arm11_arch_state,
1902
1903 .target_request_data = arm11_target_request_data,
1904
1905 .halt = arm11_halt,
1906 .resume = arm11_resume,
1907 .step = arm11_step,
1908
1909 .assert_reset = arm11_assert_reset,
1910 .deassert_reset = arm11_deassert_reset,
1911 .soft_reset_halt = arm11_soft_reset_halt,
1912
1913 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
1914
1915 .read_memory = arm11_read_memory,
1916 .write_memory = arm11_write_memory,
1917
1918 .bulk_write_memory = arm11_bulk_write_memory,
1919
1920 .checksum_memory = arm_checksum_memory,
1921 .blank_check_memory = arm_blank_check_memory,
1922
1923 .add_breakpoint = arm11_add_breakpoint,
1924 .remove_breakpoint = arm11_remove_breakpoint,
1925 .add_watchpoint = arm11_add_watchpoint,
1926 .remove_watchpoint = arm11_remove_watchpoint,
1927
1928 .run_algorithm = arm11_run_algorithm,
1929
1930 .register_commands = arm11_register_commands,
1931 .target_create = arm11_target_create,
1932 .init_target = arm11_init_target,
1933 .examine = arm11_examine,
1934
1935 .mrc = arm11_mrc,
1936 .mcr = arm11_mcr,
1937 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)