1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
38 #define _DEBUG_INSTRUCTION_EXECUTION_
42 #define FNC_INFO LOG_DEBUG("-")
48 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
50 #define FNC_INFO_NOTIMPLEMENTED
53 static bool arm11_config_memwrite_burst
= true;
54 static bool arm11_config_memwrite_error_fatal
= true;
55 static uint32_t arm11_vcr
= 0;
56 static bool arm11_config_step_irq_enable
= false;
57 static bool arm11_config_hardware_step
= false;
59 static int arm11_regs_arch_type
= -1;
76 ARM11_REGISTER_SPSR_FIQ
,
77 ARM11_REGISTER_SPSR_SVC
,
78 ARM11_REGISTER_SPSR_ABT
,
79 ARM11_REGISTER_SPSR_IRQ
,
80 ARM11_REGISTER_SPSR_UND
,
81 ARM11_REGISTER_SPSR_MON
,
95 enum arm11_regtype type
;
98 /* update arm11_regcache_ids when changing this */
99 static const struct arm11_reg_defs arm11_reg_defs
[] =
101 {"r0", 0, 0, ARM11_REGISTER_CORE
},
102 {"r1", 1, 1, ARM11_REGISTER_CORE
},
103 {"r2", 2, 2, ARM11_REGISTER_CORE
},
104 {"r3", 3, 3, ARM11_REGISTER_CORE
},
105 {"r4", 4, 4, ARM11_REGISTER_CORE
},
106 {"r5", 5, 5, ARM11_REGISTER_CORE
},
107 {"r6", 6, 6, ARM11_REGISTER_CORE
},
108 {"r7", 7, 7, ARM11_REGISTER_CORE
},
109 {"r8", 8, 8, ARM11_REGISTER_CORE
},
110 {"r9", 9, 9, ARM11_REGISTER_CORE
},
111 {"r10", 10, 10, ARM11_REGISTER_CORE
},
112 {"r11", 11, 11, ARM11_REGISTER_CORE
},
113 {"r12", 12, 12, ARM11_REGISTER_CORE
},
114 {"sp", 13, 13, ARM11_REGISTER_CORE
},
115 {"lr", 14, 14, ARM11_REGISTER_CORE
},
116 {"pc", 15, 15, ARM11_REGISTER_CORE
},
118 #if ARM11_REGCACHE_FREGS
119 {"f0", 0, 16, ARM11_REGISTER_FX
},
120 {"f1", 1, 17, ARM11_REGISTER_FX
},
121 {"f2", 2, 18, ARM11_REGISTER_FX
},
122 {"f3", 3, 19, ARM11_REGISTER_FX
},
123 {"f4", 4, 20, ARM11_REGISTER_FX
},
124 {"f5", 5, 21, ARM11_REGISTER_FX
},
125 {"f6", 6, 22, ARM11_REGISTER_FX
},
126 {"f7", 7, 23, ARM11_REGISTER_FX
},
127 {"fps", 0, 24, ARM11_REGISTER_FPS
},
130 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
132 #if ARM11_REGCACHE_MODEREGS
133 {"r8_fiq", 8, -1, ARM11_REGISTER_FIQ
},
134 {"r9_fiq", 9, -1, ARM11_REGISTER_FIQ
},
135 {"r10_fiq", 10, -1, ARM11_REGISTER_FIQ
},
136 {"r11_fiq", 11, -1, ARM11_REGISTER_FIQ
},
137 {"r12_fiq", 12, -1, ARM11_REGISTER_FIQ
},
138 {"r13_fiq", 13, -1, ARM11_REGISTER_FIQ
},
139 {"r14_fiq", 14, -1, ARM11_REGISTER_FIQ
},
140 {"spsr_fiq", 0, -1, ARM11_REGISTER_SPSR_FIQ
},
142 {"r13_svc", 13, -1, ARM11_REGISTER_SVC
},
143 {"r14_svc", 14, -1, ARM11_REGISTER_SVC
},
144 {"spsr_svc", 0, -1, ARM11_REGISTER_SPSR_SVC
},
146 {"r13_abt", 13, -1, ARM11_REGISTER_ABT
},
147 {"r14_abt", 14, -1, ARM11_REGISTER_ABT
},
148 {"spsr_abt", 0, -1, ARM11_REGISTER_SPSR_ABT
},
150 {"r13_irq", 13, -1, ARM11_REGISTER_IRQ
},
151 {"r14_irq", 14, -1, ARM11_REGISTER_IRQ
},
152 {"spsr_irq", 0, -1, ARM11_REGISTER_SPSR_IRQ
},
154 {"r13_und", 13, -1, ARM11_REGISTER_UND
},
155 {"r14_und", 14, -1, ARM11_REGISTER_UND
},
156 {"spsr_und", 0, -1, ARM11_REGISTER_SPSR_UND
},
159 {"r13_mon", 13, -1, ARM11_REGISTER_MON
},
160 {"r14_mon", 14, -1, ARM11_REGISTER_MON
},
161 {"spsr_mon", 0, -1, ARM11_REGISTER_SPSR_MON
},
164 /* Debug Registers */
165 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
166 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
167 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
170 enum arm11_regcache_ids
173 ARM11_RC_RX
= ARM11_RC_R0
,
188 ARM11_RC_SP
= ARM11_RC_R13
,
190 ARM11_RC_LR
= ARM11_RC_R14
,
192 ARM11_RC_PC
= ARM11_RC_R15
,
194 #if ARM11_REGCACHE_FREGS
196 ARM11_RC_FX
= ARM11_RC_F0
,
209 #if ARM11_REGCACHE_MODEREGS
247 #define ARM11_GDB_REGISTER_COUNT 26
249 /* FIXME these are *identical* to the ARMv4_5 dummies ... except
250 * for their names, and being static vs global, and having different
251 * addresses. Ditto ARMv7a and ARMv7m dummies.
254 static uint8_t arm11_gdb_dummy_fp_value
[12];
256 static struct reg arm11_gdb_dummy_fp_reg
=
258 .name
= "GDB dummy floating-point register",
259 .value
= arm11_gdb_dummy_fp_value
,
267 static uint8_t arm11_gdb_dummy_fps_value
[4];
269 static struct reg arm11_gdb_dummy_fps_reg
=
271 .name
= "GDB dummy floating-point status register",
272 .value
= arm11_gdb_dummy_fps_value
,
281 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
282 static int arm11_step(struct target
*target
, int current
,
283 uint32_t address
, int handle_breakpoints
);
285 static int arm11_build_reg_cache(struct target
*target
);
286 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
);
287 static int arm11_get_reg(struct reg
*reg
);
289 static void arm11_record_register_history(struct arm11_common
* arm11
);
290 static void arm11_dump_reg_changes(struct arm11_common
* arm11
);
293 /** Check and if necessary take control of the system
295 * \param arm11 Target state variable.
296 * \param dscr If the current DSCR content is
297 * available a pointer to a word holding the
298 * DSCR can be passed. Otherwise use NULL.
300 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
304 uint32_t dscr_local_tmp_copy
;
308 dscr
= &dscr_local_tmp_copy
;
310 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
313 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
315 LOG_DEBUG("Bringing target into debug mode");
317 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
318 arm11_write_DSCR(arm11
, *dscr
);
320 /* add further reset initialization here */
322 arm11
->simulate_reset_on_next_halt
= true;
324 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
326 /** \todo TODO: this needs further scrutiny because
327 * arm11_on_enter_debug_state() never gets properly called.
328 * As a result we don't read the actual register states from
332 arm11
->target
->state
= TARGET_HALTED
;
333 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
337 arm11
->target
->state
= TARGET_RUNNING
;
338 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
341 arm11_sc7_clear_vbw(arm11
);
350 (arm11->reg_values[ARM11_RC_##x])
352 /** Save processor state.
354 * This is called when the HALT instruction has succeeded
355 * or on other occasions that stop the processor.
358 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
363 for (size_t i
= 0; i
< asizeof(arm11
->reg_values
); i
++)
365 arm11
->reg_list
[i
].valid
= 1;
366 arm11
->reg_list
[i
].dirty
= 0;
370 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
374 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
376 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
378 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
380 struct scan_field chain5_fields
[3];
382 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
383 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
384 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
386 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
390 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
394 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
395 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
396 ARM1136 seems to require this to issue ITR's as well */
398 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
400 /* this executes JTAG queue: */
402 arm11_write_DSCR(arm11
, new_dscr
);
406 Before executing any instruction in debug state you have to drain the write buffer.
407 This ensures that no imprecise Data Aborts can return at a later point:*/
409 /** \todo TODO: Test drain write buffer. */
414 /* MRC p14,0,R0,c5,c10,0 */
415 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
417 /* mcr 15, 0, r0, cr7, cr10, {4} */
418 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
420 uint32_t dscr
= arm11_read_DSCR(arm11
);
422 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
424 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
426 arm11_run_instr_no_data1(arm11
, 0xe320f000);
428 dscr
= arm11_read_DSCR(arm11
);
430 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
437 retval
= arm11_run_instr_data_prepare(arm11
);
438 if (retval
!= ERROR_OK
)
443 /** \todo TODO: handle other mode registers */
445 for (size_t i
= 0; i
< 15; i
++)
447 /* MCR p14,0,R?,c0,c5,0 */
448 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
449 if (retval
!= ERROR_OK
)
455 /* check rDTRfull in DSCR */
457 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
459 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
460 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
461 if (retval
!= ERROR_OK
)
466 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
471 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
472 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
473 if (retval
!= ERROR_OK
)
478 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
479 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
480 if (retval
!= ERROR_OK
)
483 /* adjust PC depending on ARM state */
485 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
487 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
489 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
491 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
495 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
498 if (arm11
->simulate_reset_on_next_halt
)
500 arm11
->simulate_reset_on_next_halt
= false;
502 LOG_DEBUG("Reset c1 Control Register");
504 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
506 /* MCR p15,0,R0,c1,c0,0 */
507 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
508 if (retval
!= ERROR_OK
)
513 retval
= arm11_run_instr_data_finish(arm11
);
514 if (retval
!= ERROR_OK
)
517 arm11_dump_reg_changes(arm11
);
522 void arm11_dump_reg_changes(struct arm11_common
* arm11
)
525 if (!(debug_level
>= LOG_LVL_DEBUG
))
530 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
532 if (!arm11
->reg_list
[i
].valid
)
534 if (arm11
->reg_history
[i
].valid
)
535 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
539 if (arm11
->reg_history
[i
].valid
)
541 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
542 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
546 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
552 /** Restore processor state
554 * This is called in preparation for the RESTART function.
557 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
562 retval
= arm11_run_instr_data_prepare(arm11
);
563 if (retval
!= ERROR_OK
)
566 /** \todo TODO: handle other mode registers */
568 /* restore R1 - R14 */
570 for (size_t i
= 1; i
< 15; i
++)
572 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
575 /* MRC p14,0,r?,c0,c5,0 */
576 arm11_run_instr_data_to_core1(arm11
, 0xee100e15 | (i
<< 12), R(RX
+ i
));
578 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
581 retval
= arm11_run_instr_data_finish(arm11
);
582 if (retval
!= ERROR_OK
)
585 /* spec says clear wDTR and rDTR; we assume they are clear as
586 otherwise our programming would be sloppy */
590 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
592 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
595 The wDTR/rDTR two registers that are used to send/receive data to/from
596 the core in tandem with corresponding instruction codes that are
597 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
598 registers hold data that was written by one side (CPU or JTAG) and not
599 read out by the other side.
601 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
606 retval
= arm11_run_instr_data_prepare(arm11
);
607 if (retval
!= ERROR_OK
)
610 /* restore original wDTR */
612 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
614 /* MCR p14,0,R0,c0,c5,0 */
615 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
616 if (retval
!= ERROR_OK
)
623 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
624 if (retval
!= ERROR_OK
)
631 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
632 if (retval
!= ERROR_OK
)
638 /* MRC p14,0,r0,c0,c5,0 */
639 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
641 retval
= arm11_run_instr_data_finish(arm11
);
642 if (retval
!= ERROR_OK
)
647 arm11_write_DSCR(arm11
, R(DSCR
));
651 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
653 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
655 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
657 struct scan_field chain5_fields
[3];
659 uint8_t Ready
= 0; /* ignored */
660 uint8_t Valid
= 0; /* ignored */
662 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
663 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
664 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
666 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
669 arm11_record_register_history(arm11
);
674 static void arm11_record_register_history(struct arm11_common
*arm11
)
676 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
678 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
679 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
681 arm11
->reg_list
[i
].valid
= 0;
682 arm11
->reg_list
[i
].dirty
= 0;
687 /* poll current target status */
688 static int arm11_poll(struct target
*target
)
693 struct arm11_common
* arm11
= target
->arch_info
;
697 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
699 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
701 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
703 if (dscr
& ARM11_DSCR_CORE_HALTED
)
705 if (target
->state
!= TARGET_HALTED
)
707 enum target_state old_state
= target
->state
;
709 LOG_DEBUG("enter TARGET_HALTED");
710 target
->state
= TARGET_HALTED
;
711 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
712 retval
= arm11_on_enter_debug_state(arm11
);
713 if (retval
!= ERROR_OK
)
716 target_call_event_callbacks(target
,
717 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
722 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
724 LOG_DEBUG("enter TARGET_RUNNING");
725 target
->state
= TARGET_RUNNING
;
726 target
->debug_reason
= DBG_REASON_NOTHALTED
;
732 /* architecture specific status reply */
733 static int arm11_arch_state(struct target
*target
)
735 struct arm11_common
* arm11
= target
->arch_info
;
737 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
738 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
745 /* target request support */
746 static int arm11_target_request_data(struct target
*target
,
747 uint32_t size
, uint8_t *buffer
)
749 FNC_INFO_NOTIMPLEMENTED
;
754 /* target execution control */
755 static int arm11_halt(struct target
*target
)
759 struct arm11_common
* arm11
= target
->arch_info
;
761 LOG_DEBUG("target->state: %s",
762 target_state_name(target
));
764 if (target
->state
== TARGET_UNKNOWN
)
766 arm11
->simulate_reset_on_next_halt
= true;
769 if (target
->state
== TARGET_HALTED
)
771 LOG_DEBUG("target was already halted");
775 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
777 CHECK_RETVAL(jtag_execute_queue());
784 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
786 if (dscr
& ARM11_DSCR_CORE_HALTED
)
797 if ((timeval_ms()-then
) > 1000)
799 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
806 arm11_on_enter_debug_state(arm11
);
808 enum target_state old_state
= target
->state
;
810 target
->state
= TARGET_HALTED
;
811 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
814 target_call_event_callbacks(target
,
815 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
820 static int arm11_resume(struct target
*target
, int current
,
821 uint32_t address
, int handle_breakpoints
, int debug_execution
)
825 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
826 // current, address, handle_breakpoints, debug_execution);
828 struct arm11_common
* arm11
= target
->arch_info
;
830 LOG_DEBUG("target->state: %s",
831 target_state_name(target
));
834 if (target
->state
!= TARGET_HALTED
)
836 LOG_ERROR("Target not halted");
837 return ERROR_TARGET_NOT_HALTED
;
843 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
845 /* clear breakpoints/watchpoints and VCR*/
846 arm11_sc7_clear_vbw(arm11
);
848 /* Set up breakpoints */
849 if (!debug_execution
)
851 /* check if one matches PC and step over it if necessary */
853 struct breakpoint
* bp
;
855 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
857 if (bp
->address
== R(PC
))
859 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
860 arm11_step(target
, 1, 0, 0);
865 /* set all breakpoints */
869 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
871 struct arm11_sc7_action brp
[2];
874 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
875 brp
[0].value
= bp
->address
;
877 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
878 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
880 arm11_sc7_run(arm11
, brp
, asizeof(brp
));
882 LOG_DEBUG("Add BP " ZU
" at %08" PRIx32
"", brp_num
, bp
->address
);
887 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
890 arm11_leave_debug_state(arm11
);
892 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
894 CHECK_RETVAL(jtag_execute_queue());
901 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
903 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
905 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
916 if ((timeval_ms()-then
) > 1000)
918 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
925 if (!debug_execution
)
927 target
->state
= TARGET_RUNNING
;
928 target
->debug_reason
= DBG_REASON_NOTHALTED
;
930 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
934 target
->state
= TARGET_DEBUG_RUNNING
;
935 target
->debug_reason
= DBG_REASON_NOTHALTED
;
937 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
944 static int armv4_5_to_arm11(int reg
)
951 return ARM11_RC_CPSR
;
953 /* FIX!!! handle thumb better! */
954 return ARM11_RC_CPSR
;
956 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
962 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
964 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
966 reg
=armv4_5_to_arm11(reg
);
968 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
971 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
972 int reg
, uint32_t value
)
974 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
976 reg
=armv4_5_to_arm11(reg
);
978 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
981 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
984 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
986 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
989 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
991 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
993 /* FIX!!!! we should implement thumb for arm11 */
994 return ARMV4_5_STATE_ARM
;
997 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
998 enum armv4_5_state mode
)
1000 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
1002 /* FIX!!!! we should implement thumb for arm11 */
1003 LOG_ERROR("Not implemetned!");
1007 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
1009 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
1011 /* FIX!!!! we should implement something that returns the current mode here!!! */
1012 return ARMV4_5_MODE_USR
;
1015 static int arm11_simulate_step(struct target
*target
, uint32_t *dry_run_pc
)
1017 struct arm_sim_interface sim
;
1019 sim
.user_data
=target
->arch_info
;
1020 sim
.get_reg
=&arm11_sim_get_reg
;
1021 sim
.set_reg
=&arm11_sim_set_reg
;
1022 sim
.get_reg_mode
=&arm11_sim_get_reg
;
1023 sim
.set_reg_mode
=&arm11_sim_set_reg
;
1024 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
1025 sim
.get_mode
=&arm11_sim_get_mode
;
1026 sim
.get_state
=&arm11_sim_get_state
;
1027 sim
.set_state
=&arm11_sim_set_state
;
1029 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
1033 static int arm11_step(struct target
*target
, int current
,
1034 uint32_t address
, int handle_breakpoints
)
1038 LOG_DEBUG("target->state: %s",
1039 target_state_name(target
));
1041 if (target
->state
!= TARGET_HALTED
)
1043 LOG_WARNING("target was not halted");
1044 return ERROR_TARGET_NOT_HALTED
;
1047 struct arm11_common
* arm11
= target
->arch_info
;
1052 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
1055 /** \todo TODO: Thumb not supported here */
1057 uint32_t next_instruction
;
1059 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
1061 /* skip over BKPT */
1062 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
1065 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1066 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1067 LOG_DEBUG("Skipping BKPT");
1069 /* skip over Wait for interrupt / Standby */
1070 /* mcr 15, 0, r?, cr7, cr0, {4} */
1071 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
1074 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1075 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1076 LOG_DEBUG("Skipping WFI");
1078 /* ignore B to self */
1079 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
1081 LOG_DEBUG("Not stepping jump to self");
1085 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
1088 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
1089 * the VCR might be something worth looking into. */
1092 /* Set up breakpoint for stepping */
1094 struct arm11_sc7_action brp
[2];
1097 brp
[0].address
= ARM11_SC7_BVR0
;
1099 brp
[1].address
= ARM11_SC7_BCR0
;
1101 if (arm11_config_hardware_step
)
1103 /* hardware single stepping be used if possible or is it better to
1104 * always use the same code path? Hardware single stepping is not supported
1107 brp
[0].value
= R(PC
);
1108 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
1111 /* sets a breakpoint on the next PC(calculated by simulation),
1115 retval
= arm11_simulate_step(target
, &next_pc
);
1116 if (retval
!= ERROR_OK
)
1119 brp
[0].value
= next_pc
;
1120 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1123 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, asizeof(brp
)));
1128 if (arm11_config_step_irq_enable
)
1129 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1131 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1134 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1136 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1138 CHECK_RETVAL(jtag_execute_queue());
1146 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1148 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1150 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1151 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1157 then
= timeval_ms();
1161 if ((timeval_ms()-then
) > 1000)
1163 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1170 /* clear breakpoint */
1171 arm11_sc7_clear_vbw(arm11
);
1174 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1176 /* restore default state */
1177 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1181 // target->state = TARGET_HALTED;
1182 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1184 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1189 static int arm11_assert_reset(struct target
*target
)
1194 struct arm11_common
* arm11
= target
->arch_info
;
1195 retval
= arm11_check_init(arm11
, NULL
);
1196 if (retval
!= ERROR_OK
)
1199 target
->state
= TARGET_UNKNOWN
;
1201 /* we would very much like to reset into the halted, state,
1202 * but resetting and halting is second best... */
1203 if (target
->reset_halt
)
1205 CHECK_RETVAL(target_halt(target
));
1209 /* srst is funny. We can not do *anything* else while it's asserted
1210 * and it has unkonwn side effects. Make sure no other code runs
1213 * Code below assumes srst:
1215 * - Causes power-on-reset (but of what parts of the system?). Bug
1218 * - Messes us TAP state without asserting trst.
1220 * - There is another bug in the arm11 core. When you generate an access to
1221 * external logic (for example ddr controller via AHB bus) and that block
1222 * is not configured (perhaps it is still held in reset), that transaction
1223 * will never complete. This will hang arm11 core but it will also hang
1224 * JTAG controller. Nothing, short of srst assertion will bring it out of
1229 * - What should the PC be after an srst reset when starting in the halted
1233 jtag_add_reset(0, 1);
1234 jtag_add_reset(0, 0);
1236 /* How long do we have to wait? */
1237 jtag_add_sleep(5000);
1239 /* un-mess up TAP state */
1242 retval
= jtag_execute_queue();
1243 if (retval
!= ERROR_OK
)
1251 static int arm11_deassert_reset(struct target
*target
)
1256 static int arm11_soft_reset_halt(struct target
*target
)
1258 FNC_INFO_NOTIMPLEMENTED
;
1263 /* target register access for gdb */
1264 static int arm11_get_gdb_reg_list(struct target
*target
,
1265 struct reg
**reg_list
[], int *reg_list_size
)
1269 struct arm11_common
* arm11
= target
->arch_info
;
1271 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1272 *reg_list
= malloc(sizeof(struct reg
*) * ARM11_GDB_REGISTER_COUNT
);
1274 for (size_t i
= 16; i
< 24; i
++)
1276 (*reg_list
)[i
] = &arm11_gdb_dummy_fp_reg
;
1279 (*reg_list
)[24] = &arm11_gdb_dummy_fps_reg
;
1281 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1283 if (arm11_reg_defs
[i
].gdb_num
== -1)
1286 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1292 /* target memory access
1293 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1294 * count: number of items of <size>
1296 * arm11_config_memrw_no_increment - in the future we may want to be able
1297 * to read/write a range of data to a "port". a "port" is an action on
1298 * read memory address for some peripheral.
1300 static int arm11_read_memory_inner(struct target
*target
,
1301 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1302 bool arm11_config_memrw_no_increment
)
1304 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1309 if (target
->state
!= TARGET_HALTED
)
1311 LOG_WARNING("target was not halted");
1312 return ERROR_TARGET_NOT_HALTED
;
1315 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1317 struct arm11_common
* arm11
= target
->arch_info
;
1319 retval
= arm11_run_instr_data_prepare(arm11
);
1320 if (retval
!= ERROR_OK
)
1323 /* MRC p14,0,r0,c0,c5,0 */
1324 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1325 if (retval
!= ERROR_OK
)
1331 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1332 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1334 for (size_t i
= 0; i
< count
; i
++)
1336 /* ldrb r1, [r0], #1 */
1338 arm11_run_instr_no_data1(arm11
,
1339 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1342 /* MCR p14,0,R1,c0,c5,0 */
1343 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1352 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1354 for (size_t i
= 0; i
< count
; i
++)
1356 /* ldrh r1, [r0], #2 */
1357 arm11_run_instr_no_data1(arm11
,
1358 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1362 /* MCR p14,0,R1,c0,c5,0 */
1363 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1365 uint16_t svalue
= res
;
1366 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1374 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1375 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1376 uint32_t *words
= (uint32_t *)buffer
;
1378 /* LDC p14,c5,[R0],#4 */
1379 /* LDC p14,c5,[R0] */
1380 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1385 return arm11_run_instr_data_finish(arm11
);
1388 static int arm11_read_memory(struct target
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1390 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1394 * arm11_config_memrw_no_increment - in the future we may want to be able
1395 * to read/write a range of data to a "port". a "port" is an action on
1396 * read memory address for some peripheral.
1398 static int arm11_write_memory_inner(struct target
*target
,
1399 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1400 bool arm11_config_memrw_no_increment
)
1405 if (target
->state
!= TARGET_HALTED
)
1407 LOG_WARNING("target was not halted");
1408 return ERROR_TARGET_NOT_HALTED
;
1411 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1413 struct arm11_common
* arm11
= target
->arch_info
;
1415 retval
= arm11_run_instr_data_prepare(arm11
);
1416 if (retval
!= ERROR_OK
)
1419 /* MRC p14,0,r0,c0,c5,0 */
1420 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1421 if (retval
!= ERROR_OK
)
1424 /* burst writes are not used for single words as those may well be
1425 * reset init script writes.
1427 * The other advantage is that as burst writes are default, we'll
1428 * now exercise both burst and non-burst code paths with the
1429 * default settings, increasing code coverage.
1431 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1437 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1439 for (size_t i
= 0; i
< count
; i
++)
1441 /* MRC p14,0,r1,c0,c5,0 */
1442 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1443 if (retval
!= ERROR_OK
)
1446 /* strb r1, [r0], #1 */
1448 retval
= arm11_run_instr_no_data1(arm11
,
1449 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1450 if (retval
!= ERROR_OK
)
1459 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1461 for (size_t i
= 0; i
< count
; i
++)
1464 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1466 /* MRC p14,0,r1,c0,c5,0 */
1467 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1468 if (retval
!= ERROR_OK
)
1471 /* strh r1, [r0], #2 */
1473 retval
= arm11_run_instr_no_data1(arm11
,
1474 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1475 if (retval
!= ERROR_OK
)
1483 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1485 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1486 uint32_t *words
= (uint32_t*)buffer
;
1490 /* STC p14,c5,[R0],#4 */
1491 /* STC p14,c5,[R0]*/
1492 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1493 if (retval
!= ERROR_OK
)
1498 /* STC p14,c5,[R0],#4 */
1499 /* STC p14,c5,[R0]*/
1500 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1501 if (retval
!= ERROR_OK
)
1509 /* r0 verification */
1510 if (!arm11_config_memrw_no_increment
)
1514 /* MCR p14,0,R0,c0,c5,0 */
1515 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1516 if (retval
!= ERROR_OK
)
1519 if (address
+ size
* count
!= r0
)
1521 LOG_ERROR("Data transfer failed. Expected end "
1522 "address 0x%08x, got 0x%08x",
1523 (unsigned) (address
+ size
* count
),
1527 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1529 if (arm11_config_memwrite_error_fatal
)
1534 return arm11_run_instr_data_finish(arm11
);
1537 static int arm11_write_memory(struct target
*target
,
1538 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1540 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1543 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1544 static int arm11_bulk_write_memory(struct target
*target
,
1545 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1549 if (target
->state
!= TARGET_HALTED
)
1551 LOG_WARNING("target was not halted");
1552 return ERROR_TARGET_NOT_HALTED
;
1555 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1558 /* here we have nothing target specific to contribute, so we fail and then the
1559 * fallback code will read data from the target and calculate the CRC on the
1562 static int arm11_checksum_memory(struct target
*target
,
1563 uint32_t address
, uint32_t count
, uint32_t* checksum
)
1568 /* target break-/watchpoint control
1569 * rw: 0 = write, 1 = read, 2 = access
1571 static int arm11_add_breakpoint(struct target
*target
,
1572 struct breakpoint
*breakpoint
)
1576 struct arm11_common
* arm11
= target
->arch_info
;
1579 if (breakpoint
->type
== BKPT_SOFT
)
1581 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1582 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1586 if (!arm11
->free_brps
)
1588 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1589 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1592 if (breakpoint
->length
!= 4)
1594 LOG_DEBUG("only breakpoints of four bytes length supported");
1595 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1603 static int arm11_remove_breakpoint(struct target
*target
,
1604 struct breakpoint
*breakpoint
)
1608 struct arm11_common
* arm11
= target
->arch_info
;
1615 static int arm11_add_watchpoint(struct target
*target
,
1616 struct watchpoint
*watchpoint
)
1618 FNC_INFO_NOTIMPLEMENTED
;
1623 static int arm11_remove_watchpoint(struct target
*target
,
1624 struct watchpoint
*watchpoint
)
1626 FNC_INFO_NOTIMPLEMENTED
;
1631 // HACKHACKHACK - FIXME mode/state
1632 /* target algorithm support */
1633 static int arm11_run_algorithm(struct target
*target
,
1634 int num_mem_params
, struct mem_param
*mem_params
,
1635 int num_reg_params
, struct reg_param
*reg_params
,
1636 uint32_t entry_point
, uint32_t exit_point
,
1637 int timeout_ms
, void *arch_info
)
1639 struct arm11_common
*arm11
= target
->arch_info
;
1640 // enum armv4_5_state core_state = arm11->core_state;
1641 // enum armv4_5_mode core_mode = arm11->core_mode;
1642 uint32_t context
[16];
1644 int exit_breakpoint_size
= 0;
1645 int retval
= ERROR_OK
;
1646 LOG_DEBUG("Running algorithm");
1649 if (target
->state
!= TARGET_HALTED
)
1651 LOG_WARNING("target not halted");
1652 return ERROR_TARGET_NOT_HALTED
;
1656 // if (armv4_5_mode_to_number(arm11->core_mode)==-1)
1657 // return ERROR_FAIL;
1660 for (unsigned i
= 0; i
< 16; i
++)
1662 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1663 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1666 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1667 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1669 for (int i
= 0; i
< num_mem_params
; i
++)
1671 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1674 // Set register parameters
1675 for (int i
= 0; i
< num_reg_params
; i
++)
1677 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1680 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1684 if (reg
->size
!= reg_params
[i
].size
)
1686 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1689 arm11_set_reg(reg
,reg_params
[i
].value
);
1690 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1693 exit_breakpoint_size
= 4;
1695 /* arm11->core_state = arm11_algorithm_info->core_state;
1696 if (arm11->core_state == ARMV4_5_STATE_ARM)
1697 exit_breakpoint_size = 4;
1698 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1699 exit_breakpoint_size = 2;
1702 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1708 /* arm11 at this point only supports ARM not THUMB mode
1709 however if this test needs to be reactivated the current state can be read back
1712 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1714 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1715 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1716 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1717 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1721 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1723 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1724 retval
= ERROR_TARGET_FAILURE
;
1728 // no debug, otherwise breakpoint is not set
1729 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1731 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1733 if (target
->state
!= TARGET_HALTED
)
1735 CHECK_RETVAL(target_halt(target
));
1737 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1739 retval
= ERROR_TARGET_TIMEOUT
;
1741 goto del_breakpoint
;
1744 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1746 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1747 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1748 retval
= ERROR_TARGET_TIMEOUT
;
1749 goto del_breakpoint
;
1752 for (int i
= 0; i
< num_mem_params
; i
++)
1754 if (mem_params
[i
].direction
!= PARAM_OUT
)
1755 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1758 for (int i
= 0; i
< num_reg_params
; i
++)
1760 if (reg_params
[i
].direction
!= PARAM_OUT
)
1762 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1765 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1769 if (reg
->size
!= reg_params
[i
].size
)
1771 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1775 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1780 breakpoint_remove(target
, exit_point
);
1784 for (size_t i
= 0; i
< 16; i
++)
1786 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1787 arm11
->reg_list
[i
].name
, context
[i
]);
1788 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1790 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1791 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1793 // arm11->core_state = core_state;
1794 // arm11->core_mode = core_mode;
1799 static int arm11_target_create(struct target
*target
, Jim_Interp
*interp
)
1803 NEW(struct arm11_common
, arm11
, 1);
1805 arm11
->target
= target
;
1807 if (target
->tap
== NULL
)
1810 if (target
->tap
->ir_length
!= 5)
1812 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1813 return ERROR_COMMAND_SYNTAX_ERROR
;
1816 target
->arch_info
= arm11
;
1821 static int arm11_init_target(struct command_context
*cmd_ctx
,
1822 struct target
*target
)
1824 /* Initialize anything we can set up without talking to the target */
1825 return arm11_build_reg_cache(target
);
1828 /* talk to the target and set things up */
1829 static int arm11_examine(struct target
*target
)
1835 struct arm11_common
* arm11
= target
->arch_info
;
1839 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1841 struct scan_field idcode_field
;
1843 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1845 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1849 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1851 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1853 struct scan_field chain0_fields
[2];
1855 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1856 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1858 arm11_add_dr_scan_vc(asizeof(chain0_fields
), chain0_fields
, TAP_IDLE
);
1860 CHECK_RETVAL(jtag_execute_queue());
1862 switch (arm11
->device_id
& 0x0FFFF000)
1864 case 0x07B36000: LOG_INFO("found ARM1136"); break;
1865 case 0x07B56000: LOG_INFO("found ARM1156"); break;
1866 case 0x07B76000: LOG_INFO("found ARM1176"); break;
1869 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1874 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1876 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1877 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1879 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1883 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1884 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1886 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1887 arm11
->free_brps
= arm11
->brp
;
1888 arm11
->free_wrps
= arm11
->wrp
;
1890 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1892 (int)(arm11
->implementor
),
1895 /* as a side-effect this reads DSCR and thus
1896 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1897 * as suggested by the spec.
1900 retval
= arm11_check_init(arm11
, NULL
);
1901 if (retval
!= ERROR_OK
)
1904 target_set_examined(target
);
1910 /** Load a register that is marked !valid in the register cache */
1911 static int arm11_get_reg(struct reg
*reg
)
1915 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1917 if (target
->state
!= TARGET_HALTED
)
1919 LOG_WARNING("target was not halted");
1920 return ERROR_TARGET_NOT_HALTED
;
1923 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1926 struct arm11_common
*arm11
= target
->arch_info
;
1927 const struct arm11_reg_defs
* arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1933 /** Change a value in the register cache */
1934 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
)
1938 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1939 struct arm11_common
*arm11
= target
->arch_info
;
1940 // const struct arm11_reg_defs * arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1942 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1949 static int arm11_build_reg_cache(struct target
*target
)
1951 struct arm11_common
*arm11
= target
->arch_info
;
1953 NEW(struct reg_cache
, cache
, 1);
1954 NEW(struct reg
, reg_list
, ARM11_REGCACHE_COUNT
);
1955 NEW(struct arm11_reg_state
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1957 if (arm11_regs_arch_type
== -1)
1958 arm11_regs_arch_type
= register_reg_arch_type(arm11_get_reg
, arm11_set_reg
);
1960 register_init_dummy(&arm11_gdb_dummy_fp_reg
);
1961 register_init_dummy(&arm11_gdb_dummy_fps_reg
);
1963 arm11
->reg_list
= reg_list
;
1965 /* Build the process context cache */
1966 cache
->name
= "arm11 registers";
1968 cache
->reg_list
= reg_list
;
1969 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1971 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1974 arm11
->core_cache
= cache
;
1975 // armv7m->process_context = cache;
1979 /* Not very elegant assertion */
1980 if (ARM11_REGCACHE_COUNT
!= asizeof(arm11
->reg_values
) ||
1981 ARM11_REGCACHE_COUNT
!= asizeof(arm11_reg_defs
) ||
1982 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1984 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU
" " ZU
" %d)", ARM11_REGCACHE_COUNT
, asizeof(arm11
->reg_values
), asizeof(arm11_reg_defs
), ARM11_RC_MAX
);
1988 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1990 struct reg
* r
= reg_list
+ i
;
1991 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
1992 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
1996 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1999 r
->arch_type
= arm11_regs_arch_type
;
2003 rs
->target
= target
;
2009 static COMMAND_HELPER(arm11_handle_bool
, bool *var
, char *name
)
2013 LOG_INFO("%s is %s.", name
, *var
? "enabled" : "disabled");
2018 return ERROR_COMMAND_SYNTAX_ERROR
;
2023 case 'f': /* false */
2025 case 'd': /* disable */
2031 case 't': /* true */
2033 case 'e': /* enable */
2039 LOG_INFO("%s %s.", *var
? "Enabled" : "Disabled", name
);
2044 #define BOOL_WRAPPER(name, print_name) \
2045 COMMAND_HANDLER(arm11_handle_bool_##name) \
2047 return CALL_COMMAND_HANDLER(arm11_handle_bool, \
2048 &arm11_config_##name, print_name); \
2051 BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
2052 BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
2053 BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
2054 BOOL_WRAPPER(hardware_step
, "hardware single step")
2056 COMMAND_HANDLER(arm11_handle_vcr
)
2062 COMMAND_PARSE_NUMBER(u32
, args
[0], arm11_vcr
);
2065 return ERROR_COMMAND_SYNTAX_ERROR
;
2068 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
2072 static const uint32_t arm11_coproc_instruction_limits
[] =
2074 15, /* coprocessor */
2079 0xFFFFFFFF, /* value */
2082 static struct arm11_common
* arm11_find_target(const char * arg
)
2084 struct jtag_tap
* tap
;
2087 tap
= jtag_tap_by_string(arg
);
2092 for (t
= all_targets
; t
; t
= t
->next
)
2097 /* if (t->type == arm11_target) */
2098 if (0 == strcmp(target_get_name(t
), "arm11"))
2099 return t
->arch_info
;
2105 static int arm11_mrc_inner(struct target
*target
, int cpnum
,
2106 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
2107 uint32_t *value
, bool read
)
2111 if (target
->state
!= TARGET_HALTED
)
2113 LOG_ERROR("Target not halted");
2117 struct arm11_common
* arm11
= target
->arch_info
;
2119 uint32_t instr
= 0xEE000010 |
2127 instr
|= 0x00100000;
2129 retval
= arm11_run_instr_data_prepare(arm11
);
2130 if (retval
!= ERROR_OK
)
2135 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
2136 if (retval
!= ERROR_OK
)
2141 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
2142 if (retval
!= ERROR_OK
)
2146 return arm11_run_instr_data_finish(arm11
);
2149 static int arm11_mrc(struct target
*target
, int cpnum
,
2150 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
2152 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
2155 static int arm11_mcr(struct target
*target
, int cpnum
,
2156 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
2158 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
2161 static COMMAND_HELPER(arm11_handle_etm_read_write
, bool read
)
2163 if (argc
!= (read
? 2 : 3))
2165 LOG_ERROR("Invalid number of arguments.");
2166 return ERROR_COMMAND_SYNTAX_ERROR
;
2169 struct arm11_common
* arm11
= arm11_find_target(args
[0]);
2173 LOG_ERROR("Parameter 1 is not the target name of an ARM11 device.");
2174 return ERROR_COMMAND_SYNTAX_ERROR
;
2178 COMMAND_PARSE_NUMBER(u32
, args
[1], address
);
2183 COMMAND_PARSE_NUMBER(u32
, args
[2], value
);
2185 LOG_INFO("ETM write register 0x%02" PRIx32
" (%" PRId32
") = 0x%08" PRIx32
" (%" PRId32
")",
2186 address
, address
, value
, value
);
2188 CHECK_RETVAL(arm11_write_etm(arm11
, address
, value
));
2194 CHECK_RETVAL(arm11_read_etm(arm11
, address
, &value
));
2196 LOG_INFO("ETM read register 0x%02" PRIx32
" (%" PRId32
") = 0x%08" PRIx32
" (%" PRId32
")",
2197 address
, address
, value
, value
);
2203 COMMAND_HANDLER(arm11_handle_etmr
)
2205 return CALL_COMMAND_HANDLER(arm11_handle_etm_read_write
, true);
2208 COMMAND_HANDLER(arm11_handle_etmw
)
2210 return CALL_COMMAND_HANDLER(arm11_handle_etm_read_write
, false);
2213 #define ARM11_HANDLER(x) .x = arm11_##x
2215 struct target_type arm11_target
= {
2218 ARM11_HANDLER(poll
),
2219 ARM11_HANDLER(arch_state
),
2221 ARM11_HANDLER(target_request_data
),
2223 ARM11_HANDLER(halt
),
2224 ARM11_HANDLER(resume
),
2225 ARM11_HANDLER(step
),
2227 ARM11_HANDLER(assert_reset
),
2228 ARM11_HANDLER(deassert_reset
),
2229 ARM11_HANDLER(soft_reset_halt
),
2231 ARM11_HANDLER(get_gdb_reg_list
),
2233 ARM11_HANDLER(read_memory
),
2234 ARM11_HANDLER(write_memory
),
2236 ARM11_HANDLER(bulk_write_memory
),
2238 ARM11_HANDLER(checksum_memory
),
2240 ARM11_HANDLER(add_breakpoint
),
2241 ARM11_HANDLER(remove_breakpoint
),
2242 ARM11_HANDLER(add_watchpoint
),
2243 ARM11_HANDLER(remove_watchpoint
),
2245 ARM11_HANDLER(run_algorithm
),
2247 ARM11_HANDLER(register_commands
),
2248 ARM11_HANDLER(target_create
),
2249 ARM11_HANDLER(init_target
),
2250 ARM11_HANDLER(examine
),
2257 int arm11_register_commands(struct command_context
*cmd_ctx
)
2261 struct command
*top_cmd
, *mw_cmd
;
2263 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
2264 NULL
, COMMAND_ANY
, NULL
);
2266 register_command(cmd_ctx
, top_cmd
, "etmr",
2267 arm11_handle_etmr
, COMMAND_ANY
,
2268 "Read Embedded Trace Macrocell (ETM) register. etmr <jtag_target> <ETM register address>");
2270 register_command(cmd_ctx
, top_cmd
, "etmw",
2271 arm11_handle_etmw
, COMMAND_ANY
,
2272 "Write Embedded Trace Macrocell (ETM) register. etmr <jtag_target> <ETM register address> <value>");
2274 /* "hardware_step" is only here to check if the default
2275 * simulate + breakpoint implementation is broken.
2276 * TEMPORARY! NOT DOCUMENTED!
2278 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2279 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2280 "DEBUG ONLY - Hardware single stepping"
2281 " (default: disabled)");
2283 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2284 NULL
, COMMAND_ANY
, NULL
);
2285 register_command(cmd_ctx
, mw_cmd
, "burst",
2286 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2287 "Enable/Disable non-standard but fast burst mode"
2288 " (default: enabled)");
2289 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2290 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2291 "Terminate program if transfer error was found"
2292 " (default: enabled)");
2294 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2295 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2296 "Enable interrupts while stepping"
2297 " (default: disabled)");
2298 register_command(cmd_ctx
, top_cmd
, "vcr",
2299 arm11_handle_vcr
, COMMAND_ANY
,
2300 "Control (Interrupt) Vector Catch Register");
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)