1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
38 #define _DEBUG_INSTRUCTION_EXECUTION_
42 #define FNC_INFO LOG_DEBUG("-")
48 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
50 #define FNC_INFO_NOTIMPLEMENTED
53 static bool arm11_config_memwrite_burst
= true;
54 static bool arm11_config_memwrite_error_fatal
= true;
55 static uint32_t arm11_vcr
= 0;
56 static bool arm11_config_step_irq_enable
= false;
57 static bool arm11_config_hardware_step
= false;
59 static int arm11_regs_arch_type
= -1;
76 ARM11_REGISTER_SPSR_FIQ
,
77 ARM11_REGISTER_SPSR_SVC
,
78 ARM11_REGISTER_SPSR_ABT
,
79 ARM11_REGISTER_SPSR_IRQ
,
80 ARM11_REGISTER_SPSR_UND
,
81 ARM11_REGISTER_SPSR_MON
,
95 enum arm11_regtype type
;
98 /* update arm11_regcache_ids when changing this */
99 static const struct arm11_reg_defs arm11_reg_defs
[] =
101 {"r0", 0, 0, ARM11_REGISTER_CORE
},
102 {"r1", 1, 1, ARM11_REGISTER_CORE
},
103 {"r2", 2, 2, ARM11_REGISTER_CORE
},
104 {"r3", 3, 3, ARM11_REGISTER_CORE
},
105 {"r4", 4, 4, ARM11_REGISTER_CORE
},
106 {"r5", 5, 5, ARM11_REGISTER_CORE
},
107 {"r6", 6, 6, ARM11_REGISTER_CORE
},
108 {"r7", 7, 7, ARM11_REGISTER_CORE
},
109 {"r8", 8, 8, ARM11_REGISTER_CORE
},
110 {"r9", 9, 9, ARM11_REGISTER_CORE
},
111 {"r10", 10, 10, ARM11_REGISTER_CORE
},
112 {"r11", 11, 11, ARM11_REGISTER_CORE
},
113 {"r12", 12, 12, ARM11_REGISTER_CORE
},
114 {"sp", 13, 13, ARM11_REGISTER_CORE
},
115 {"lr", 14, 14, ARM11_REGISTER_CORE
},
116 {"pc", 15, 15, ARM11_REGISTER_CORE
},
118 #if ARM11_REGCACHE_FREGS
119 {"f0", 0, 16, ARM11_REGISTER_FX
},
120 {"f1", 1, 17, ARM11_REGISTER_FX
},
121 {"f2", 2, 18, ARM11_REGISTER_FX
},
122 {"f3", 3, 19, ARM11_REGISTER_FX
},
123 {"f4", 4, 20, ARM11_REGISTER_FX
},
124 {"f5", 5, 21, ARM11_REGISTER_FX
},
125 {"f6", 6, 22, ARM11_REGISTER_FX
},
126 {"f7", 7, 23, ARM11_REGISTER_FX
},
127 {"fps", 0, 24, ARM11_REGISTER_FPS
},
130 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
132 #if ARM11_REGCACHE_MODEREGS
133 {"r8_fiq", 8, -1, ARM11_REGISTER_FIQ
},
134 {"r9_fiq", 9, -1, ARM11_REGISTER_FIQ
},
135 {"r10_fiq", 10, -1, ARM11_REGISTER_FIQ
},
136 {"r11_fiq", 11, -1, ARM11_REGISTER_FIQ
},
137 {"r12_fiq", 12, -1, ARM11_REGISTER_FIQ
},
138 {"r13_fiq", 13, -1, ARM11_REGISTER_FIQ
},
139 {"r14_fiq", 14, -1, ARM11_REGISTER_FIQ
},
140 {"spsr_fiq", 0, -1, ARM11_REGISTER_SPSR_FIQ
},
142 {"r13_svc", 13, -1, ARM11_REGISTER_SVC
},
143 {"r14_svc", 14, -1, ARM11_REGISTER_SVC
},
144 {"spsr_svc", 0, -1, ARM11_REGISTER_SPSR_SVC
},
146 {"r13_abt", 13, -1, ARM11_REGISTER_ABT
},
147 {"r14_abt", 14, -1, ARM11_REGISTER_ABT
},
148 {"spsr_abt", 0, -1, ARM11_REGISTER_SPSR_ABT
},
150 {"r13_irq", 13, -1, ARM11_REGISTER_IRQ
},
151 {"r14_irq", 14, -1, ARM11_REGISTER_IRQ
},
152 {"spsr_irq", 0, -1, ARM11_REGISTER_SPSR_IRQ
},
154 {"r13_und", 13, -1, ARM11_REGISTER_UND
},
155 {"r14_und", 14, -1, ARM11_REGISTER_UND
},
156 {"spsr_und", 0, -1, ARM11_REGISTER_SPSR_UND
},
159 {"r13_mon", 13, -1, ARM11_REGISTER_MON
},
160 {"r14_mon", 14, -1, ARM11_REGISTER_MON
},
161 {"spsr_mon", 0, -1, ARM11_REGISTER_SPSR_MON
},
164 /* Debug Registers */
165 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
166 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
167 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
170 enum arm11_regcache_ids
173 ARM11_RC_RX
= ARM11_RC_R0
,
188 ARM11_RC_SP
= ARM11_RC_R13
,
190 ARM11_RC_LR
= ARM11_RC_R14
,
192 ARM11_RC_PC
= ARM11_RC_R15
,
194 #if ARM11_REGCACHE_FREGS
196 ARM11_RC_FX
= ARM11_RC_F0
,
209 #if ARM11_REGCACHE_MODEREGS
247 #define ARM11_GDB_REGISTER_COUNT 26
249 static uint8_t arm11_gdb_dummy_fp_value
[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
251 static reg_t arm11_gdb_dummy_fp_reg
=
253 "GDB dummy floating-point register", arm11_gdb_dummy_fp_value
, 0, 1, 96, NULL
, 0, NULL
, 0
256 static uint8_t arm11_gdb_dummy_fps_value
[] = {0, 0, 0, 0};
258 static reg_t arm11_gdb_dummy_fps_reg
=
260 "GDB dummy floating-point status register", arm11_gdb_dummy_fps_value
, 0, 1, 32, NULL
, 0, NULL
, 0
264 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
265 static int arm11_step(struct target_s
*target
, int current
,
266 uint32_t address
, int handle_breakpoints
);
268 static int arm11_build_reg_cache(target_t
*target
);
269 static int arm11_set_reg(reg_t
*reg
, uint8_t *buf
);
270 static int arm11_get_reg(reg_t
*reg
);
272 static void arm11_record_register_history(struct arm11_common
* arm11
);
273 static void arm11_dump_reg_changes(struct arm11_common
* arm11
);
276 /** Check and if necessary take control of the system
278 * \param arm11 Target state variable.
279 * \param dscr If the current DSCR content is
280 * available a pointer to a word holding the
281 * DSCR can be passed. Otherwise use NULL.
283 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
287 uint32_t dscr_local_tmp_copy
;
291 dscr
= &dscr_local_tmp_copy
;
293 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
296 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
298 LOG_DEBUG("Bringing target into debug mode");
300 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
301 arm11_write_DSCR(arm11
, *dscr
);
303 /* add further reset initialization here */
305 arm11
->simulate_reset_on_next_halt
= true;
307 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
309 /** \todo TODO: this needs further scrutiny because
310 * arm11_on_enter_debug_state() never gets properly called.
311 * As a result we don't read the actual register states from
315 arm11
->target
->state
= TARGET_HALTED
;
316 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
320 arm11
->target
->state
= TARGET_RUNNING
;
321 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
324 arm11_sc7_clear_vbw(arm11
);
333 (arm11->reg_values[ARM11_RC_##x])
335 /** Save processor state.
337 * This is called when the HALT instruction has succeeded
338 * or on other occasions that stop the processor.
341 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
346 for (size_t i
= 0; i
< asizeof(arm11
->reg_values
); i
++)
348 arm11
->reg_list
[i
].valid
= 1;
349 arm11
->reg_list
[i
].dirty
= 0;
353 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
357 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
359 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
361 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
363 struct scan_field chain5_fields
[3];
365 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
366 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
367 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
369 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
373 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
377 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
378 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
379 ARM1136 seems to require this to issue ITR's as well */
381 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
383 /* this executes JTAG queue: */
385 arm11_write_DSCR(arm11
, new_dscr
);
389 Before executing any instruction in debug state you have to drain the write buffer.
390 This ensures that no imprecise Data Aborts can return at a later point:*/
392 /** \todo TODO: Test drain write buffer. */
397 /* MRC p14,0,R0,c5,c10,0 */
398 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
400 /* mcr 15, 0, r0, cr7, cr10, {4} */
401 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
403 uint32_t dscr
= arm11_read_DSCR(arm11
);
405 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
407 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
409 arm11_run_instr_no_data1(arm11
, 0xe320f000);
411 dscr
= arm11_read_DSCR(arm11
);
413 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
420 retval
= arm11_run_instr_data_prepare(arm11
);
421 if (retval
!= ERROR_OK
)
426 /** \todo TODO: handle other mode registers */
428 for (size_t i
= 0; i
< 15; i
++)
430 /* MCR p14,0,R?,c0,c5,0 */
431 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
432 if (retval
!= ERROR_OK
)
438 /* check rDTRfull in DSCR */
440 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
442 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
443 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
444 if (retval
!= ERROR_OK
)
449 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
454 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
455 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
456 if (retval
!= ERROR_OK
)
461 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
462 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
463 if (retval
!= ERROR_OK
)
466 /* adjust PC depending on ARM state */
468 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
470 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
472 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
474 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
478 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
481 if (arm11
->simulate_reset_on_next_halt
)
483 arm11
->simulate_reset_on_next_halt
= false;
485 LOG_DEBUG("Reset c1 Control Register");
487 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
489 /* MCR p15,0,R0,c1,c0,0 */
490 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
491 if (retval
!= ERROR_OK
)
496 retval
= arm11_run_instr_data_finish(arm11
);
497 if (retval
!= ERROR_OK
)
500 arm11_dump_reg_changes(arm11
);
505 void arm11_dump_reg_changes(struct arm11_common
* arm11
)
508 if (!(debug_level
>= LOG_LVL_DEBUG
))
513 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
515 if (!arm11
->reg_list
[i
].valid
)
517 if (arm11
->reg_history
[i
].valid
)
518 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
522 if (arm11
->reg_history
[i
].valid
)
524 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
525 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
529 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
535 /** Restore processor state
537 * This is called in preparation for the RESTART function.
540 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
545 retval
= arm11_run_instr_data_prepare(arm11
);
546 if (retval
!= ERROR_OK
)
549 /** \todo TODO: handle other mode registers */
551 /* restore R1 - R14 */
553 for (size_t i
= 1; i
< 15; i
++)
555 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
558 /* MRC p14,0,r?,c0,c5,0 */
559 arm11_run_instr_data_to_core1(arm11
, 0xee100e15 | (i
<< 12), R(RX
+ i
));
561 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
564 retval
= arm11_run_instr_data_finish(arm11
);
565 if (retval
!= ERROR_OK
)
568 /* spec says clear wDTR and rDTR; we assume they are clear as
569 otherwise our programming would be sloppy */
573 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
575 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
578 The wDTR/rDTR two registers that are used to send/receive data to/from
579 the core in tandem with corresponding instruction codes that are
580 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
581 registers hold data that was written by one side (CPU or JTAG) and not
582 read out by the other side.
584 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
589 retval
= arm11_run_instr_data_prepare(arm11
);
590 if (retval
!= ERROR_OK
)
593 /* restore original wDTR */
595 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
597 /* MCR p14,0,R0,c0,c5,0 */
598 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
599 if (retval
!= ERROR_OK
)
606 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
607 if (retval
!= ERROR_OK
)
614 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
615 if (retval
!= ERROR_OK
)
621 /* MRC p14,0,r0,c0,c5,0 */
622 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
624 retval
= arm11_run_instr_data_finish(arm11
);
625 if (retval
!= ERROR_OK
)
630 arm11_write_DSCR(arm11
, R(DSCR
));
634 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
636 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
638 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
640 struct scan_field chain5_fields
[3];
642 uint8_t Ready
= 0; /* ignored */
643 uint8_t Valid
= 0; /* ignored */
645 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
646 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
647 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
649 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
652 arm11_record_register_history(arm11
);
657 static void arm11_record_register_history(struct arm11_common
*arm11
)
659 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
661 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
662 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
664 arm11
->reg_list
[i
].valid
= 0;
665 arm11
->reg_list
[i
].dirty
= 0;
670 /* poll current target status */
671 static int arm11_poll(struct target_s
*target
)
676 struct arm11_common
* arm11
= target
->arch_info
;
680 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
682 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
684 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
686 if (dscr
& ARM11_DSCR_CORE_HALTED
)
688 if (target
->state
!= TARGET_HALTED
)
690 enum target_state old_state
= target
->state
;
692 LOG_DEBUG("enter TARGET_HALTED");
693 target
->state
= TARGET_HALTED
;
694 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
695 retval
= arm11_on_enter_debug_state(arm11
);
696 if (retval
!= ERROR_OK
)
699 target_call_event_callbacks(target
,
700 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
705 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
707 LOG_DEBUG("enter TARGET_RUNNING");
708 target
->state
= TARGET_RUNNING
;
709 target
->debug_reason
= DBG_REASON_NOTHALTED
;
715 /* architecture specific status reply */
716 static int arm11_arch_state(struct target_s
*target
)
718 struct arm11_common
* arm11
= target
->arch_info
;
720 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
721 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
728 /* target request support */
729 static int arm11_target_request_data(struct target_s
*target
,
730 uint32_t size
, uint8_t *buffer
)
732 FNC_INFO_NOTIMPLEMENTED
;
737 /* target execution control */
738 static int arm11_halt(struct target_s
*target
)
742 struct arm11_common
* arm11
= target
->arch_info
;
744 LOG_DEBUG("target->state: %s",
745 target_state_name(target
));
747 if (target
->state
== TARGET_UNKNOWN
)
749 arm11
->simulate_reset_on_next_halt
= true;
752 if (target
->state
== TARGET_HALTED
)
754 LOG_DEBUG("target was already halted");
758 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
760 CHECK_RETVAL(jtag_execute_queue());
767 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
769 if (dscr
& ARM11_DSCR_CORE_HALTED
)
780 if ((timeval_ms()-then
) > 1000)
782 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
789 arm11_on_enter_debug_state(arm11
);
791 enum target_state old_state
= target
->state
;
793 target
->state
= TARGET_HALTED
;
794 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
797 target_call_event_callbacks(target
,
798 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
803 static int arm11_resume(struct target_s
*target
, int current
,
804 uint32_t address
, int handle_breakpoints
, int debug_execution
)
808 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
809 // current, address, handle_breakpoints, debug_execution);
811 struct arm11_common
* arm11
= target
->arch_info
;
813 LOG_DEBUG("target->state: %s",
814 target_state_name(target
));
817 if (target
->state
!= TARGET_HALTED
)
819 LOG_ERROR("Target not halted");
820 return ERROR_TARGET_NOT_HALTED
;
826 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
828 /* clear breakpoints/watchpoints and VCR*/
829 arm11_sc7_clear_vbw(arm11
);
831 /* Set up breakpoints */
832 if (!debug_execution
)
834 /* check if one matches PC and step over it if necessary */
838 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
840 if (bp
->address
== R(PC
))
842 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
843 arm11_step(target
, 1, 0, 0);
848 /* set all breakpoints */
852 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
854 struct arm11_sc7_action brp
[2];
857 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
858 brp
[0].value
= bp
->address
;
860 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
861 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
863 arm11_sc7_run(arm11
, brp
, asizeof(brp
));
865 LOG_DEBUG("Add BP " ZU
" at %08" PRIx32
"", brp_num
, bp
->address
);
870 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
873 arm11_leave_debug_state(arm11
);
875 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
877 CHECK_RETVAL(jtag_execute_queue());
884 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
886 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
888 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
899 if ((timeval_ms()-then
) > 1000)
901 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
908 if (!debug_execution
)
910 target
->state
= TARGET_RUNNING
;
911 target
->debug_reason
= DBG_REASON_NOTHALTED
;
913 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
917 target
->state
= TARGET_DEBUG_RUNNING
;
918 target
->debug_reason
= DBG_REASON_NOTHALTED
;
920 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
927 static int armv4_5_to_arm11(int reg
)
934 return ARM11_RC_CPSR
;
936 /* FIX!!! handle thumb better! */
937 return ARM11_RC_CPSR
;
939 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
945 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
947 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
949 reg
=armv4_5_to_arm11(reg
);
951 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
954 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
955 int reg
, uint32_t value
)
957 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
959 reg
=armv4_5_to_arm11(reg
);
961 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
964 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
967 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
969 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
972 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
974 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
976 /* FIX!!!! we should implement thumb for arm11 */
977 return ARMV4_5_STATE_ARM
;
980 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
981 enum armv4_5_state mode
)
983 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
985 /* FIX!!!! we should implement thumb for arm11 */
986 LOG_ERROR("Not implemetned!");
990 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
992 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
994 /* FIX!!!! we should implement something that returns the current mode here!!! */
995 return ARMV4_5_MODE_USR
;
998 static int arm11_simulate_step(target_t
*target
, uint32_t *dry_run_pc
)
1000 struct arm_sim_interface sim
;
1002 sim
.user_data
=target
->arch_info
;
1003 sim
.get_reg
=&arm11_sim_get_reg
;
1004 sim
.set_reg
=&arm11_sim_set_reg
;
1005 sim
.get_reg_mode
=&arm11_sim_get_reg
;
1006 sim
.set_reg_mode
=&arm11_sim_set_reg
;
1007 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
1008 sim
.get_mode
=&arm11_sim_get_mode
;
1009 sim
.get_state
=&arm11_sim_get_state
;
1010 sim
.set_state
=&arm11_sim_set_state
;
1012 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
1016 static int arm11_step(struct target_s
*target
, int current
,
1017 uint32_t address
, int handle_breakpoints
)
1021 LOG_DEBUG("target->state: %s",
1022 target_state_name(target
));
1024 if (target
->state
!= TARGET_HALTED
)
1026 LOG_WARNING("target was not halted");
1027 return ERROR_TARGET_NOT_HALTED
;
1030 struct arm11_common
* arm11
= target
->arch_info
;
1035 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
1038 /** \todo TODO: Thumb not supported here */
1040 uint32_t next_instruction
;
1042 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
1044 /* skip over BKPT */
1045 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
1048 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1049 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1050 LOG_DEBUG("Skipping BKPT");
1052 /* skip over Wait for interrupt / Standby */
1053 /* mcr 15, 0, r?, cr7, cr0, {4} */
1054 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
1057 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1058 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1059 LOG_DEBUG("Skipping WFI");
1061 /* ignore B to self */
1062 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
1064 LOG_DEBUG("Not stepping jump to self");
1068 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
1071 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
1072 * the VCR might be something worth looking into. */
1075 /* Set up breakpoint for stepping */
1077 struct arm11_sc7_action brp
[2];
1080 brp
[0].address
= ARM11_SC7_BVR0
;
1082 brp
[1].address
= ARM11_SC7_BCR0
;
1084 if (arm11_config_hardware_step
)
1086 /* hardware single stepping be used if possible or is it better to
1087 * always use the same code path? Hardware single stepping is not supported
1090 brp
[0].value
= R(PC
);
1091 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
1094 /* sets a breakpoint on the next PC(calculated by simulation),
1098 retval
= arm11_simulate_step(target
, &next_pc
);
1099 if (retval
!= ERROR_OK
)
1102 brp
[0].value
= next_pc
;
1103 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1106 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, asizeof(brp
)));
1111 if (arm11_config_step_irq_enable
)
1112 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1114 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1117 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1119 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1121 CHECK_RETVAL(jtag_execute_queue());
1129 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1131 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1133 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1134 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1140 then
= timeval_ms();
1144 if ((timeval_ms()-then
) > 1000)
1146 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1153 /* clear breakpoint */
1154 arm11_sc7_clear_vbw(arm11
);
1157 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1159 /* restore default state */
1160 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1164 // target->state = TARGET_HALTED;
1165 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1167 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1172 static int arm11_assert_reset(target_t
*target
)
1177 struct arm11_common
* arm11
= target
->arch_info
;
1178 retval
= arm11_check_init(arm11
, NULL
);
1179 if (retval
!= ERROR_OK
)
1182 target
->state
= TARGET_UNKNOWN
;
1184 /* we would very much like to reset into the halted, state,
1185 * but resetting and halting is second best... */
1186 if (target
->reset_halt
)
1188 CHECK_RETVAL(target_halt(target
));
1192 /* srst is funny. We can not do *anything* else while it's asserted
1193 * and it has unkonwn side effects. Make sure no other code runs
1196 * Code below assumes srst:
1198 * - Causes power-on-reset (but of what parts of the system?). Bug
1201 * - Messes us TAP state without asserting trst.
1203 * - There is another bug in the arm11 core. When you generate an access to
1204 * external logic (for example ddr controller via AHB bus) and that block
1205 * is not configured (perhaps it is still held in reset), that transaction
1206 * will never complete. This will hang arm11 core but it will also hang
1207 * JTAG controller. Nothing, short of srst assertion will bring it out of
1212 * - What should the PC be after an srst reset when starting in the halted
1216 jtag_add_reset(0, 1);
1217 jtag_add_reset(0, 0);
1219 /* How long do we have to wait? */
1220 jtag_add_sleep(5000);
1222 /* un-mess up TAP state */
1225 retval
= jtag_execute_queue();
1226 if (retval
!= ERROR_OK
)
1234 static int arm11_deassert_reset(target_t
*target
)
1239 static int arm11_soft_reset_halt(struct target_s
*target
)
1241 FNC_INFO_NOTIMPLEMENTED
;
1246 /* target register access for gdb */
1247 static int arm11_get_gdb_reg_list(struct target_s
*target
,
1248 struct reg_s
**reg_list
[], int *reg_list_size
)
1252 struct arm11_common
* arm11
= target
->arch_info
;
1254 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1255 *reg_list
= malloc(sizeof(reg_t
*) * ARM11_GDB_REGISTER_COUNT
);
1257 for (size_t i
= 16; i
< 24; i
++)
1259 (*reg_list
)[i
] = &arm11_gdb_dummy_fp_reg
;
1262 (*reg_list
)[24] = &arm11_gdb_dummy_fps_reg
;
1264 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1266 if (arm11_reg_defs
[i
].gdb_num
== -1)
1269 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1275 /* target memory access
1276 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1277 * count: number of items of <size>
1279 * arm11_config_memrw_no_increment - in the future we may want to be able
1280 * to read/write a range of data to a "port". a "port" is an action on
1281 * read memory address for some peripheral.
1283 static int arm11_read_memory_inner(struct target_s
*target
,
1284 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1285 bool arm11_config_memrw_no_increment
)
1287 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1292 if (target
->state
!= TARGET_HALTED
)
1294 LOG_WARNING("target was not halted");
1295 return ERROR_TARGET_NOT_HALTED
;
1298 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1300 struct arm11_common
* arm11
= target
->arch_info
;
1302 retval
= arm11_run_instr_data_prepare(arm11
);
1303 if (retval
!= ERROR_OK
)
1306 /* MRC p14,0,r0,c0,c5,0 */
1307 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1308 if (retval
!= ERROR_OK
)
1314 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1315 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1317 for (size_t i
= 0; i
< count
; i
++)
1319 /* ldrb r1, [r0], #1 */
1321 arm11_run_instr_no_data1(arm11
,
1322 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1325 /* MCR p14,0,R1,c0,c5,0 */
1326 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1335 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1337 for (size_t i
= 0; i
< count
; i
++)
1339 /* ldrh r1, [r0], #2 */
1340 arm11_run_instr_no_data1(arm11
,
1341 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1345 /* MCR p14,0,R1,c0,c5,0 */
1346 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1348 uint16_t svalue
= res
;
1349 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1357 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1358 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1359 uint32_t *words
= (uint32_t *)buffer
;
1361 /* LDC p14,c5,[R0],#4 */
1362 /* LDC p14,c5,[R0] */
1363 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1368 return arm11_run_instr_data_finish(arm11
);
1371 static int arm11_read_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1373 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1377 * arm11_config_memrw_no_increment - in the future we may want to be able
1378 * to read/write a range of data to a "port". a "port" is an action on
1379 * read memory address for some peripheral.
1381 static int arm11_write_memory_inner(struct target_s
*target
,
1382 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1383 bool arm11_config_memrw_no_increment
)
1388 if (target
->state
!= TARGET_HALTED
)
1390 LOG_WARNING("target was not halted");
1391 return ERROR_TARGET_NOT_HALTED
;
1394 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1396 struct arm11_common
* arm11
= target
->arch_info
;
1398 retval
= arm11_run_instr_data_prepare(arm11
);
1399 if (retval
!= ERROR_OK
)
1402 /* MRC p14,0,r0,c0,c5,0 */
1403 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1404 if (retval
!= ERROR_OK
)
1407 /* burst writes are not used for single words as those may well be
1408 * reset init script writes.
1410 * The other advantage is that as burst writes are default, we'll
1411 * now exercise both burst and non-burst code paths with the
1412 * default settings, increasing code coverage.
1414 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1420 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1422 for (size_t i
= 0; i
< count
; i
++)
1424 /* MRC p14,0,r1,c0,c5,0 */
1425 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1426 if (retval
!= ERROR_OK
)
1429 /* strb r1, [r0], #1 */
1431 retval
= arm11_run_instr_no_data1(arm11
,
1432 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1433 if (retval
!= ERROR_OK
)
1442 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1444 for (size_t i
= 0; i
< count
; i
++)
1447 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1449 /* MRC p14,0,r1,c0,c5,0 */
1450 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1451 if (retval
!= ERROR_OK
)
1454 /* strh r1, [r0], #2 */
1456 retval
= arm11_run_instr_no_data1(arm11
,
1457 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1458 if (retval
!= ERROR_OK
)
1466 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1468 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1469 uint32_t *words
= (uint32_t*)buffer
;
1473 /* STC p14,c5,[R0],#4 */
1474 /* STC p14,c5,[R0]*/
1475 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1476 if (retval
!= ERROR_OK
)
1481 /* STC p14,c5,[R0],#4 */
1482 /* STC p14,c5,[R0]*/
1483 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1484 if (retval
!= ERROR_OK
)
1492 /* r0 verification */
1493 if (!arm11_config_memrw_no_increment
)
1497 /* MCR p14,0,R0,c0,c5,0 */
1498 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1499 if (retval
!= ERROR_OK
)
1502 if (address
+ size
* count
!= r0
)
1504 LOG_ERROR("Data transfer failed. Expected end "
1505 "address 0x%08x, got 0x%08x",
1506 (unsigned) (address
+ size
* count
),
1510 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1512 if (arm11_config_memwrite_error_fatal
)
1517 return arm11_run_instr_data_finish(arm11
);
1520 static int arm11_write_memory(struct target_s
*target
,
1521 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1523 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1526 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1527 static int arm11_bulk_write_memory(struct target_s
*target
,
1528 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1532 if (target
->state
!= TARGET_HALTED
)
1534 LOG_WARNING("target was not halted");
1535 return ERROR_TARGET_NOT_HALTED
;
1538 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1541 /* here we have nothing target specific to contribute, so we fail and then the
1542 * fallback code will read data from the target and calculate the CRC on the
1545 static int arm11_checksum_memory(struct target_s
*target
,
1546 uint32_t address
, uint32_t count
, uint32_t* checksum
)
1551 /* target break-/watchpoint control
1552 * rw: 0 = write, 1 = read, 2 = access
1554 static int arm11_add_breakpoint(struct target_s
*target
,
1555 breakpoint_t
*breakpoint
)
1559 struct arm11_common
* arm11
= target
->arch_info
;
1562 if (breakpoint
->type
== BKPT_SOFT
)
1564 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1565 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1569 if (!arm11
->free_brps
)
1571 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1572 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1575 if (breakpoint
->length
!= 4)
1577 LOG_DEBUG("only breakpoints of four bytes length supported");
1578 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1586 static int arm11_remove_breakpoint(struct target_s
*target
,
1587 breakpoint_t
*breakpoint
)
1591 struct arm11_common
* arm11
= target
->arch_info
;
1598 static int arm11_add_watchpoint(struct target_s
*target
,
1599 watchpoint_t
*watchpoint
)
1601 FNC_INFO_NOTIMPLEMENTED
;
1606 static int arm11_remove_watchpoint(struct target_s
*target
,
1607 watchpoint_t
*watchpoint
)
1609 FNC_INFO_NOTIMPLEMENTED
;
1614 // HACKHACKHACK - FIXME mode/state
1615 /* target algorithm support */
1616 static int arm11_run_algorithm(struct target_s
*target
,
1617 int num_mem_params
, struct mem_param
*mem_params
,
1618 int num_reg_params
, struct reg_param
*reg_params
,
1619 uint32_t entry_point
, uint32_t exit_point
,
1620 int timeout_ms
, void *arch_info
)
1622 struct arm11_common
*arm11
= target
->arch_info
;
1623 // enum armv4_5_state core_state = arm11->core_state;
1624 // enum armv4_5_mode core_mode = arm11->core_mode;
1625 uint32_t context
[16];
1627 int exit_breakpoint_size
= 0;
1628 int retval
= ERROR_OK
;
1629 LOG_DEBUG("Running algorithm");
1632 if (target
->state
!= TARGET_HALTED
)
1634 LOG_WARNING("target not halted");
1635 return ERROR_TARGET_NOT_HALTED
;
1639 // if (armv4_5_mode_to_number(arm11->core_mode)==-1)
1640 // return ERROR_FAIL;
1643 for (unsigned i
= 0; i
< 16; i
++)
1645 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1646 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1649 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1650 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1652 for (int i
= 0; i
< num_mem_params
; i
++)
1654 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1657 // Set register parameters
1658 for (int i
= 0; i
< num_reg_params
; i
++)
1660 reg_t
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1663 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1667 if (reg
->size
!= reg_params
[i
].size
)
1669 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1672 arm11_set_reg(reg
,reg_params
[i
].value
);
1673 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1676 exit_breakpoint_size
= 4;
1678 /* arm11->core_state = arm11_algorithm_info->core_state;
1679 if (arm11->core_state == ARMV4_5_STATE_ARM)
1680 exit_breakpoint_size = 4;
1681 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1682 exit_breakpoint_size = 2;
1685 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1691 /* arm11 at this point only supports ARM not THUMB mode
1692 however if this test needs to be reactivated the current state can be read back
1695 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1697 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1698 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1699 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1700 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1704 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1706 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1707 retval
= ERROR_TARGET_FAILURE
;
1711 // no debug, otherwise breakpoint is not set
1712 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1714 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1716 if (target
->state
!= TARGET_HALTED
)
1718 CHECK_RETVAL(target_halt(target
));
1720 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1722 retval
= ERROR_TARGET_TIMEOUT
;
1724 goto del_breakpoint
;
1727 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1729 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1730 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1731 retval
= ERROR_TARGET_TIMEOUT
;
1732 goto del_breakpoint
;
1735 for (int i
= 0; i
< num_mem_params
; i
++)
1737 if (mem_params
[i
].direction
!= PARAM_OUT
)
1738 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1741 for (int i
= 0; i
< num_reg_params
; i
++)
1743 if (reg_params
[i
].direction
!= PARAM_OUT
)
1745 reg_t
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1748 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1752 if (reg
->size
!= reg_params
[i
].size
)
1754 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1758 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1763 breakpoint_remove(target
, exit_point
);
1767 for (size_t i
= 0; i
< 16; i
++)
1769 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1770 arm11
->reg_list
[i
].name
, context
[i
]);
1771 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1773 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1774 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1776 // arm11->core_state = core_state;
1777 // arm11->core_mode = core_mode;
1782 static int arm11_target_create(struct target_s
*target
, Jim_Interp
*interp
)
1786 NEW(struct arm11_common
, arm11
, 1);
1788 arm11
->target
= target
;
1790 if (target
->tap
== NULL
)
1793 if (target
->tap
->ir_length
!= 5)
1795 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1796 return ERROR_COMMAND_SYNTAX_ERROR
;
1799 target
->arch_info
= arm11
;
1804 static int arm11_init_target(struct command_context_s
*cmd_ctx
,
1805 struct target_s
*target
)
1807 /* Initialize anything we can set up without talking to the target */
1808 return arm11_build_reg_cache(target
);
1811 /* talk to the target and set things up */
1812 static int arm11_examine(struct target_s
*target
)
1818 struct arm11_common
* arm11
= target
->arch_info
;
1822 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1824 struct scan_field idcode_field
;
1826 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1828 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1832 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1834 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1836 struct scan_field chain0_fields
[2];
1838 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1839 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1841 arm11_add_dr_scan_vc(asizeof(chain0_fields
), chain0_fields
, TAP_IDLE
);
1843 CHECK_RETVAL(jtag_execute_queue());
1845 switch (arm11
->device_id
& 0x0FFFF000)
1847 case 0x07B36000: LOG_INFO("found ARM1136"); break;
1848 case 0x07B56000: LOG_INFO("found ARM1156"); break;
1849 case 0x07B76000: LOG_INFO("found ARM1176"); break;
1852 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1857 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1859 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1860 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1862 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1866 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1867 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1869 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1870 arm11
->free_brps
= arm11
->brp
;
1871 arm11
->free_wrps
= arm11
->wrp
;
1873 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1875 (int)(arm11
->implementor
),
1878 /* as a side-effect this reads DSCR and thus
1879 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1880 * as suggested by the spec.
1883 retval
= arm11_check_init(arm11
, NULL
);
1884 if (retval
!= ERROR_OK
)
1887 target_set_examined(target
);
1893 /** Load a register that is marked !valid in the register cache */
1894 static int arm11_get_reg(reg_t
*reg
)
1898 target_t
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1900 if (target
->state
!= TARGET_HALTED
)
1902 LOG_WARNING("target was not halted");
1903 return ERROR_TARGET_NOT_HALTED
;
1906 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1909 struct arm11_common
*arm11
= target
->arch_info
;
1910 const struct arm11_reg_defs
* arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1916 /** Change a value in the register cache */
1917 static int arm11_set_reg(reg_t
*reg
, uint8_t *buf
)
1921 target_t
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1922 struct arm11_common
*arm11
= target
->arch_info
;
1923 // const struct arm11_reg_defs * arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1925 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1932 static int arm11_build_reg_cache(target_t
*target
)
1934 struct arm11_common
*arm11
= target
->arch_info
;
1936 NEW(reg_cache_t
, cache
, 1);
1937 NEW(reg_t
, reg_list
, ARM11_REGCACHE_COUNT
);
1938 NEW(struct arm11_reg_state
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1940 if (arm11_regs_arch_type
== -1)
1941 arm11_regs_arch_type
= register_reg_arch_type(arm11_get_reg
, arm11_set_reg
);
1943 register_init_dummy(&arm11_gdb_dummy_fp_reg
);
1944 register_init_dummy(&arm11_gdb_dummy_fps_reg
);
1946 arm11
->reg_list
= reg_list
;
1948 /* Build the process context cache */
1949 cache
->name
= "arm11 registers";
1951 cache
->reg_list
= reg_list
;
1952 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1954 reg_cache_t
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1957 arm11
->core_cache
= cache
;
1958 // armv7m->process_context = cache;
1962 /* Not very elegant assertion */
1963 if (ARM11_REGCACHE_COUNT
!= asizeof(arm11
->reg_values
) ||
1964 ARM11_REGCACHE_COUNT
!= asizeof(arm11_reg_defs
) ||
1965 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1967 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU
" " ZU
" %d)", ARM11_REGCACHE_COUNT
, asizeof(arm11
->reg_values
), asizeof(arm11_reg_defs
), ARM11_RC_MAX
);
1971 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1973 reg_t
* r
= reg_list
+ i
;
1974 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
1975 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
1979 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1982 r
->bitfield_desc
= NULL
;
1983 r
->num_bitfields
= 0;
1984 r
->arch_type
= arm11_regs_arch_type
;
1988 rs
->target
= target
;
1994 static COMMAND_HELPER(arm11_handle_bool
, bool *var
, char *name
)
1998 LOG_INFO("%s is %s.", name
, *var
? "enabled" : "disabled");
2003 return ERROR_COMMAND_SYNTAX_ERROR
;
2008 case 'f': /* false */
2010 case 'd': /* disable */
2016 case 't': /* true */
2018 case 'e': /* enable */
2024 LOG_INFO("%s %s.", *var
? "Enabled" : "Disabled", name
);
2029 #define BOOL_WRAPPER(name, print_name) \
2030 COMMAND_HANDLER(arm11_handle_bool_##name) \
2032 return CALL_COMMAND_HANDLER(arm11_handle_bool, \
2033 &arm11_config_##name, print_name); \
2036 BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
2037 BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
2038 BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
2039 BOOL_WRAPPER(hardware_step
, "hardware single step")
2041 COMMAND_HANDLER(arm11_handle_vcr
)
2047 COMMAND_PARSE_NUMBER(u32
, args
[0], arm11_vcr
);
2050 return ERROR_COMMAND_SYNTAX_ERROR
;
2053 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
2057 static const uint32_t arm11_coproc_instruction_limits
[] =
2059 15, /* coprocessor */
2064 0xFFFFFFFF, /* value */
2067 static struct arm11_common
* arm11_find_target(const char * arg
)
2069 struct jtag_tap
* tap
;
2072 tap
= jtag_tap_by_string(arg
);
2077 for (t
= all_targets
; t
; t
= t
->next
)
2082 /* if (t->type == arm11_target) */
2083 if (0 == strcmp(target_get_name(t
), "arm11"))
2084 return t
->arch_info
;
2090 static int arm11_mrc_inner(target_t
*target
, int cpnum
,
2091 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
2092 uint32_t *value
, bool read
)
2096 if (target
->state
!= TARGET_HALTED
)
2098 LOG_ERROR("Target not halted");
2102 struct arm11_common
* arm11
= target
->arch_info
;
2104 uint32_t instr
= 0xEE000010 |
2112 instr
|= 0x00100000;
2114 retval
= arm11_run_instr_data_prepare(arm11
);
2115 if (retval
!= ERROR_OK
)
2120 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
2121 if (retval
!= ERROR_OK
)
2126 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
2127 if (retval
!= ERROR_OK
)
2131 return arm11_run_instr_data_finish(arm11
);
2134 static int arm11_mrc(target_t
*target
, int cpnum
,
2135 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
2137 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
2140 static int arm11_mcr(target_t
*target
, int cpnum
,
2141 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
2143 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
2146 static COMMAND_HELPER(arm11_handle_etm_read_write
, bool read
)
2148 if (argc
!= (read
? 2 : 3))
2150 LOG_ERROR("Invalid number of arguments.");
2151 return ERROR_COMMAND_SYNTAX_ERROR
;
2154 struct arm11_common
* arm11
= arm11_find_target(args
[0]);
2158 LOG_ERROR("Parameter 1 is not the target name of an ARM11 device.");
2159 return ERROR_COMMAND_SYNTAX_ERROR
;
2163 COMMAND_PARSE_NUMBER(u32
, args
[1], address
);
2168 COMMAND_PARSE_NUMBER(u32
, args
[2], value
);
2170 LOG_INFO("ETM write register 0x%02" PRIx32
" (%" PRId32
") = 0x%08" PRIx32
" (%" PRId32
")",
2171 address
, address
, value
, value
);
2173 CHECK_RETVAL(arm11_write_etm(arm11
, address
, value
));
2179 CHECK_RETVAL(arm11_read_etm(arm11
, address
, &value
));
2181 LOG_INFO("ETM read register 0x%02" PRIx32
" (%" PRId32
") = 0x%08" PRIx32
" (%" PRId32
")",
2182 address
, address
, value
, value
);
2188 COMMAND_HANDLER(arm11_handle_etmr
)
2190 return CALL_COMMAND_HANDLER(arm11_handle_etm_read_write
, true);
2193 COMMAND_HANDLER(arm11_handle_etmw
)
2195 return CALL_COMMAND_HANDLER(arm11_handle_etm_read_write
, false);
2198 #define ARM11_HANDLER(x) .x = arm11_##x
2200 target_type_t arm11_target
= {
2203 ARM11_HANDLER(poll
),
2204 ARM11_HANDLER(arch_state
),
2206 ARM11_HANDLER(target_request_data
),
2208 ARM11_HANDLER(halt
),
2209 ARM11_HANDLER(resume
),
2210 ARM11_HANDLER(step
),
2212 ARM11_HANDLER(assert_reset
),
2213 ARM11_HANDLER(deassert_reset
),
2214 ARM11_HANDLER(soft_reset_halt
),
2216 ARM11_HANDLER(get_gdb_reg_list
),
2218 ARM11_HANDLER(read_memory
),
2219 ARM11_HANDLER(write_memory
),
2221 ARM11_HANDLER(bulk_write_memory
),
2223 ARM11_HANDLER(checksum_memory
),
2225 ARM11_HANDLER(add_breakpoint
),
2226 ARM11_HANDLER(remove_breakpoint
),
2227 ARM11_HANDLER(add_watchpoint
),
2228 ARM11_HANDLER(remove_watchpoint
),
2230 ARM11_HANDLER(run_algorithm
),
2232 ARM11_HANDLER(register_commands
),
2233 ARM11_HANDLER(target_create
),
2234 ARM11_HANDLER(init_target
),
2235 ARM11_HANDLER(examine
),
2242 int arm11_register_commands(struct command_context_s
*cmd_ctx
)
2246 command_t
*top_cmd
, *mw_cmd
;
2248 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
2249 NULL
, COMMAND_ANY
, NULL
);
2251 register_command(cmd_ctx
, top_cmd
, "etmr",
2252 arm11_handle_etmr
, COMMAND_ANY
,
2253 "Read Embedded Trace Macrocell (ETM) register. etmr <jtag_target> <ETM register address>");
2255 register_command(cmd_ctx
, top_cmd
, "etmw",
2256 arm11_handle_etmw
, COMMAND_ANY
,
2257 "Write Embedded Trace Macrocell (ETM) register. etmr <jtag_target> <ETM register address> <value>");
2259 /* "hardware_step" is only here to check if the default
2260 * simulate + breakpoint implementation is broken.
2261 * TEMPORARY! NOT DOCUMENTED!
2263 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2264 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2265 "DEBUG ONLY - Hardware single stepping"
2266 " (default: disabled)");
2268 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2269 NULL
, COMMAND_ANY
, NULL
);
2270 register_command(cmd_ctx
, mw_cmd
, "burst",
2271 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2272 "Enable/Disable non-standard but fast burst mode"
2273 " (default: enabled)");
2274 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2275 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2276 "Terminate program if transfer error was found"
2277 " (default: enabled)");
2279 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2280 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2281 "Enable interrupts while stepping"
2282 " (default: disabled)");
2283 register_command(cmd_ctx
, top_cmd
, "vcr",
2284 arm11_handle_vcr
, COMMAND_ANY
,
2285 "Control (Interrupt) Vector Catch Register");
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)