1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
43 static bool arm11_config_memwrite_burst
= true;
44 static bool arm11_config_memwrite_error_fatal
= true;
45 static uint32_t arm11_vcr
= 0;
46 static bool arm11_config_step_irq_enable
= false;
47 static bool arm11_config_hardware_step
= false;
64 ARM11_REGISTER_SPSR_FIQ
,
65 ARM11_REGISTER_SPSR_SVC
,
66 ARM11_REGISTER_SPSR_ABT
,
67 ARM11_REGISTER_SPSR_IRQ
,
68 ARM11_REGISTER_SPSR_UND
,
69 ARM11_REGISTER_SPSR_MON
,
83 enum arm11_regtype type
;
86 /* update arm11_regcache_ids when changing this */
87 static const struct arm11_reg_defs arm11_reg_defs
[] =
89 {"r0", 0, 0, ARM11_REGISTER_CORE
},
90 {"r1", 1, 1, ARM11_REGISTER_CORE
},
91 {"r2", 2, 2, ARM11_REGISTER_CORE
},
92 {"r3", 3, 3, ARM11_REGISTER_CORE
},
93 {"r4", 4, 4, ARM11_REGISTER_CORE
},
94 {"r5", 5, 5, ARM11_REGISTER_CORE
},
95 {"r6", 6, 6, ARM11_REGISTER_CORE
},
96 {"r7", 7, 7, ARM11_REGISTER_CORE
},
97 {"r8", 8, 8, ARM11_REGISTER_CORE
},
98 {"r9", 9, 9, ARM11_REGISTER_CORE
},
99 {"r10", 10, 10, ARM11_REGISTER_CORE
},
100 {"r11", 11, 11, ARM11_REGISTER_CORE
},
101 {"r12", 12, 12, ARM11_REGISTER_CORE
},
102 {"sp", 13, 13, ARM11_REGISTER_CORE
},
103 {"lr", 14, 14, ARM11_REGISTER_CORE
},
104 {"pc", 15, 15, ARM11_REGISTER_CORE
},
106 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
108 /* Debug Registers */
109 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
110 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
111 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
114 enum arm11_regcache_ids
117 ARM11_RC_RX
= ARM11_RC_R0
,
132 ARM11_RC_SP
= ARM11_RC_R13
,
134 ARM11_RC_LR
= ARM11_RC_R14
,
136 ARM11_RC_PC
= ARM11_RC_R15
,
147 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
148 static int arm11_step(struct target
*target
, int current
,
149 uint32_t address
, int handle_breakpoints
);
151 static int arm11_build_reg_cache(struct target
*target
);
152 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
);
153 static int arm11_get_reg(struct reg
*reg
);
156 /** Check and if necessary take control of the system
158 * \param arm11 Target state variable.
159 * \param dscr If the current DSCR content is
160 * available a pointer to a word holding the
161 * DSCR can be passed. Otherwise use NULL.
163 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
165 uint32_t dscr_local_tmp_copy
;
169 dscr
= &dscr_local_tmp_copy
;
171 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
174 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
176 LOG_DEBUG("Bringing target into debug mode");
178 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
179 arm11_write_DSCR(arm11
, *dscr
);
181 /* add further reset initialization here */
183 arm11
->simulate_reset_on_next_halt
= true;
185 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
187 /** \todo TODO: this needs further scrutiny because
188 * arm11_on_enter_debug_state() never gets properly called.
189 * As a result we don't read the actual register states from
193 arm11
->target
->state
= TARGET_HALTED
;
194 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
198 arm11
->target
->state
= TARGET_RUNNING
;
199 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
202 arm11_sc7_clear_vbw(arm11
);
211 (arm11->reg_values[ARM11_RC_##x])
213 /** Save processor state.
215 * This is called when the HALT instruction has succeeded
216 * or on other occasions that stop the processor.
219 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
223 /* REVISIT entire cache should already be invalid !!! */
224 register_cache_invalidate(arm11
->arm
.core_cache
);
226 for (size_t i
= 0; i
< ARRAY_SIZE(arm11
->reg_values
); i
++)
228 arm11
->reg_list
[i
].valid
= 1;
229 arm11
->reg_list
[i
].dirty
= 0;
233 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
237 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
239 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
241 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
243 struct scan_field chain5_fields
[3];
245 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
246 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
247 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
249 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
253 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
257 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
258 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
259 ARM1136 seems to require this to issue ITR's as well */
261 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
263 /* this executes JTAG queue: */
265 arm11_write_DSCR(arm11
, new_dscr
);
269 Before executing any instruction in debug state you have to drain the write buffer.
270 This ensures that no imprecise Data Aborts can return at a later point:*/
272 /** \todo TODO: Test drain write buffer. */
277 /* MRC p14,0,R0,c5,c10,0 */
278 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
280 /* mcr 15, 0, r0, cr7, cr10, {4} */
281 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
283 uint32_t dscr
= arm11_read_DSCR(arm11
);
285 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
287 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
289 arm11_run_instr_no_data1(arm11
, 0xe320f000);
291 dscr
= arm11_read_DSCR(arm11
);
293 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
300 retval
= arm_dpm_read_current_registers(&arm11
->dpm
);
301 if (retval
!= ERROR_OK
)
302 LOG_ERROR("DPM REG READ -- fail %d", retval
);
304 retval
= arm11_run_instr_data_prepare(arm11
);
305 if (retval
!= ERROR_OK
)
310 /** \todo TODO: handle other mode registers */
312 for (size_t i
= 0; i
< 15; i
++)
314 /* MCR p14,0,R?,c0,c5,0 */
315 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
316 if (retval
!= ERROR_OK
)
322 /* check rDTRfull in DSCR */
324 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
326 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
327 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
328 if (retval
!= ERROR_OK
)
333 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
338 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
339 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
340 if (retval
!= ERROR_OK
)
345 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
346 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
347 if (retval
!= ERROR_OK
)
350 /* adjust PC depending on ARM state */
352 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
354 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
356 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
358 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
362 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
365 if (arm11
->simulate_reset_on_next_halt
)
367 arm11
->simulate_reset_on_next_halt
= false;
369 LOG_DEBUG("Reset c1 Control Register");
371 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
373 /* MCR p15,0,R0,c1,c0,0 */
374 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
375 if (retval
!= ERROR_OK
)
380 retval
= arm11_run_instr_data_finish(arm11
);
381 if (retval
!= ERROR_OK
)
387 /** Restore processor state
389 * This is called in preparation for the RESTART function.
392 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
396 retval
= arm11_run_instr_data_prepare(arm11
);
397 if (retval
!= ERROR_OK
)
400 /** \todo TODO: handle other mode registers */
402 /* restore R1 - R14 */
404 for (unsigned i
= 1; i
< 15; i
++)
406 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
409 /* MRC p14,0,r?,c0,c5,0 */
410 arm11_run_instr_data_to_core1(arm11
,
411 0xee100e15 | (i
<< 12), R(RX
+ i
));
413 // LOG_DEBUG("RESTORE R%u %08x", i, R(RX + i));
416 retval
= arm11_run_instr_data_finish(arm11
);
417 if (retval
!= ERROR_OK
)
420 /* spec says clear wDTR and rDTR; we assume they are clear as
421 otherwise our programming would be sloppy */
425 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
427 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
430 The wDTR/rDTR two registers that are used to send/receive data to/from
431 the core in tandem with corresponding instruction codes that are
432 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
433 registers hold data that was written by one side (CPU or JTAG) and not
434 read out by the other side.
436 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
441 /* DEBUG for now, trust "new" code only for shadowed registers */
442 retval
= arm_dpm_write_dirty_registers(&arm11
->dpm
);
444 retval
= arm11_run_instr_data_prepare(arm11
);
445 if (retval
!= ERROR_OK
)
448 /* restore original wDTR */
450 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
452 /* MCR p14,0,R0,c0,c5,0 */
453 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
454 if (retval
!= ERROR_OK
)
461 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
462 if (retval
!= ERROR_OK
)
469 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
470 if (retval
!= ERROR_OK
)
476 /* MRC p14,0,r0,c0,c5,0 */
477 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
479 retval
= arm11_run_instr_data_finish(arm11
);
480 if (retval
!= ERROR_OK
)
483 /* DEBUG use this when "new" code is really managing core registers */
484 // retval = arm_dpm_write_dirty_registers(&arm11->dpm);
486 register_cache_invalidate(arm11
->arm
.core_cache
);
490 arm11_write_DSCR(arm11
, R(DSCR
));
494 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
496 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
498 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
500 struct scan_field chain5_fields
[3];
502 uint8_t Ready
= 0; /* ignored */
503 uint8_t Valid
= 0; /* ignored */
505 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
506 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
507 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
509 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
515 /* poll current target status */
516 static int arm11_poll(struct target
*target
)
519 struct arm11_common
*arm11
= target_to_arm11(target
);
522 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
524 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
526 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
528 if (dscr
& ARM11_DSCR_CORE_HALTED
)
530 if (target
->state
!= TARGET_HALTED
)
532 enum target_state old_state
= target
->state
;
534 LOG_DEBUG("enter TARGET_HALTED");
535 target
->state
= TARGET_HALTED
;
536 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
537 retval
= arm11_on_enter_debug_state(arm11
);
538 if (retval
!= ERROR_OK
)
541 target_call_event_callbacks(target
,
542 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
547 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
549 LOG_DEBUG("enter TARGET_RUNNING");
550 target
->state
= TARGET_RUNNING
;
551 target
->debug_reason
= DBG_REASON_NOTHALTED
;
557 /* architecture specific status reply */
558 static int arm11_arch_state(struct target
*target
)
562 retval
= armv4_5_arch_state(target
);
564 /* REVISIT also display ARM11-specific MMU and cache status ... */
569 /* target request support */
570 static int arm11_target_request_data(struct target
*target
,
571 uint32_t size
, uint8_t *buffer
)
573 LOG_WARNING("Not implemented: %s", __func__
);
578 /* target execution control */
579 static int arm11_halt(struct target
*target
)
581 struct arm11_common
*arm11
= target_to_arm11(target
);
583 LOG_DEBUG("target->state: %s",
584 target_state_name(target
));
586 if (target
->state
== TARGET_UNKNOWN
)
588 arm11
->simulate_reset_on_next_halt
= true;
591 if (target
->state
== TARGET_HALTED
)
593 LOG_DEBUG("target was already halted");
597 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
599 CHECK_RETVAL(jtag_execute_queue());
606 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
608 if (dscr
& ARM11_DSCR_CORE_HALTED
)
619 if ((timeval_ms()-then
) > 1000)
621 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
628 arm11_on_enter_debug_state(arm11
);
630 enum target_state old_state
= target
->state
;
632 target
->state
= TARGET_HALTED
;
633 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
636 target_call_event_callbacks(target
,
637 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
642 static int arm11_resume(struct target
*target
, int current
,
643 uint32_t address
, int handle_breakpoints
, int debug_execution
)
645 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
646 // current, address, handle_breakpoints, debug_execution);
648 struct arm11_common
*arm11
= target_to_arm11(target
);
650 LOG_DEBUG("target->state: %s",
651 target_state_name(target
));
654 if (target
->state
!= TARGET_HALTED
)
656 LOG_ERROR("Target not halted");
657 return ERROR_TARGET_NOT_HALTED
;
663 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
665 /* clear breakpoints/watchpoints and VCR*/
666 arm11_sc7_clear_vbw(arm11
);
668 /* Set up breakpoints */
669 if (!debug_execution
)
671 /* check if one matches PC and step over it if necessary */
673 struct breakpoint
* bp
;
675 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
677 if (bp
->address
== R(PC
))
679 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
680 arm11_step(target
, 1, 0, 0);
685 /* set all breakpoints */
687 unsigned brp_num
= 0;
689 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
691 struct arm11_sc7_action brp
[2];
694 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
695 brp
[0].value
= bp
->address
;
697 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
698 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
700 arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
));
702 LOG_DEBUG("Add BP %d at %08" PRIx32
, brp_num
,
708 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
711 arm11_leave_debug_state(arm11
);
713 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
715 CHECK_RETVAL(jtag_execute_queue());
722 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
724 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
726 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
737 if ((timeval_ms()-then
) > 1000)
739 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
746 if (!debug_execution
)
748 target
->state
= TARGET_RUNNING
;
749 target
->debug_reason
= DBG_REASON_NOTHALTED
;
751 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
755 target
->state
= TARGET_DEBUG_RUNNING
;
756 target
->debug_reason
= DBG_REASON_NOTHALTED
;
758 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
765 static int armv4_5_to_arm11(int reg
)
772 return ARM11_RC_CPSR
;
774 /* FIX!!! handle thumb better! */
775 return ARM11_RC_CPSR
;
777 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
783 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
785 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
787 reg
=armv4_5_to_arm11(reg
);
789 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
792 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
793 int reg
, uint32_t value
)
795 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
797 reg
=armv4_5_to_arm11(reg
);
799 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
802 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
805 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
807 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
810 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
812 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
814 /* FIX!!!! we should implement thumb for arm11 */
815 return ARMV4_5_STATE_ARM
;
818 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
819 enum armv4_5_state mode
)
821 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
823 /* FIX!!!! we should implement thumb for arm11 */
824 LOG_ERROR("Not implemented: %s", __func__
);
828 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
830 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
832 /* FIX!!!! we should implement something that returns the current mode here!!! */
833 return ARMV4_5_MODE_USR
;
836 static int arm11_simulate_step(struct target
*target
, uint32_t *dry_run_pc
)
838 struct arm_sim_interface sim
;
840 sim
.user_data
=target
->arch_info
;
841 sim
.get_reg
=&arm11_sim_get_reg
;
842 sim
.set_reg
=&arm11_sim_set_reg
;
843 sim
.get_reg_mode
=&arm11_sim_get_reg
;
844 sim
.set_reg_mode
=&arm11_sim_set_reg
;
845 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
846 sim
.get_mode
=&arm11_sim_get_mode
;
847 sim
.get_state
=&arm11_sim_get_state
;
848 sim
.set_state
=&arm11_sim_set_state
;
850 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
854 static int arm11_step(struct target
*target
, int current
,
855 uint32_t address
, int handle_breakpoints
)
857 LOG_DEBUG("target->state: %s",
858 target_state_name(target
));
860 if (target
->state
!= TARGET_HALTED
)
862 LOG_WARNING("target was not halted");
863 return ERROR_TARGET_NOT_HALTED
;
866 struct arm11_common
*arm11
= target_to_arm11(target
);
871 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
874 /** \todo TODO: Thumb not supported here */
876 uint32_t next_instruction
;
878 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
881 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
884 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
885 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
886 LOG_DEBUG("Skipping BKPT");
888 /* skip over Wait for interrupt / Standby */
889 /* mcr 15, 0, r?, cr7, cr0, {4} */
890 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
893 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
894 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
895 LOG_DEBUG("Skipping WFI");
897 /* ignore B to self */
898 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
900 LOG_DEBUG("Not stepping jump to self");
904 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
907 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
908 * the VCR might be something worth looking into. */
911 /* Set up breakpoint for stepping */
913 struct arm11_sc7_action brp
[2];
916 brp
[0].address
= ARM11_SC7_BVR0
;
918 brp
[1].address
= ARM11_SC7_BCR0
;
920 if (arm11_config_hardware_step
)
922 /* hardware single stepping be used if possible or is it better to
923 * always use the same code path? Hardware single stepping is not supported
926 brp
[0].value
= R(PC
);
927 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
930 /* sets a breakpoint on the next PC(calculated by simulation),
934 retval
= arm11_simulate_step(target
, &next_pc
);
935 if (retval
!= ERROR_OK
)
938 brp
[0].value
= next_pc
;
939 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
942 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
)));
947 if (arm11_config_step_irq_enable
)
948 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
950 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
953 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
955 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
957 CHECK_RETVAL(jtag_execute_queue());
965 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
967 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
969 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
970 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
980 if ((timeval_ms()-then
) > 1000)
982 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
989 /* clear breakpoint */
990 arm11_sc7_clear_vbw(arm11
);
993 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
995 /* restore default state */
996 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1000 // target->state = TARGET_HALTED;
1001 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1003 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1008 static int arm11_assert_reset(struct target
*target
)
1011 struct arm11_common
*arm11
= target_to_arm11(target
);
1013 retval
= arm11_check_init(arm11
, NULL
);
1014 if (retval
!= ERROR_OK
)
1017 target
->state
= TARGET_UNKNOWN
;
1019 /* we would very much like to reset into the halted, state,
1020 * but resetting and halting is second best... */
1021 if (target
->reset_halt
)
1023 CHECK_RETVAL(target_halt(target
));
1027 /* srst is funny. We can not do *anything* else while it's asserted
1028 * and it has unkonwn side effects. Make sure no other code runs
1031 * Code below assumes srst:
1033 * - Causes power-on-reset (but of what parts of the system?). Bug
1036 * - Messes us TAP state without asserting trst.
1038 * - There is another bug in the arm11 core. When you generate an access to
1039 * external logic (for example ddr controller via AHB bus) and that block
1040 * is not configured (perhaps it is still held in reset), that transaction
1041 * will never complete. This will hang arm11 core but it will also hang
1042 * JTAG controller. Nothing, short of srst assertion will bring it out of
1047 * - What should the PC be after an srst reset when starting in the halted
1051 jtag_add_reset(0, 1);
1052 jtag_add_reset(0, 0);
1054 /* How long do we have to wait? */
1055 jtag_add_sleep(5000);
1057 /* un-mess up TAP state */
1060 retval
= jtag_execute_queue();
1061 if (retval
!= ERROR_OK
)
1069 static int arm11_deassert_reset(struct target
*target
)
1074 static int arm11_soft_reset_halt(struct target
*target
)
1076 LOG_WARNING("Not implemented: %s", __func__
);
1081 /* target memory access
1082 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1083 * count: number of items of <size>
1085 * arm11_config_memrw_no_increment - in the future we may want to be able
1086 * to read/write a range of data to a "port". a "port" is an action on
1087 * read memory address for some peripheral.
1089 static int arm11_read_memory_inner(struct target
*target
,
1090 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1091 bool arm11_config_memrw_no_increment
)
1093 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1096 if (target
->state
!= TARGET_HALTED
)
1098 LOG_WARNING("target was not halted");
1099 return ERROR_TARGET_NOT_HALTED
;
1102 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1104 struct arm11_common
*arm11
= target_to_arm11(target
);
1106 retval
= arm11_run_instr_data_prepare(arm11
);
1107 if (retval
!= ERROR_OK
)
1110 /* MRC p14,0,r0,c0,c5,0 */
1111 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1112 if (retval
!= ERROR_OK
)
1118 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1119 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1121 for (size_t i
= 0; i
< count
; i
++)
1123 /* ldrb r1, [r0], #1 */
1125 arm11_run_instr_no_data1(arm11
,
1126 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1129 /* MCR p14,0,R1,c0,c5,0 */
1130 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1139 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1141 for (size_t i
= 0; i
< count
; i
++)
1143 /* ldrh r1, [r0], #2 */
1144 arm11_run_instr_no_data1(arm11
,
1145 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1149 /* MCR p14,0,R1,c0,c5,0 */
1150 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1152 uint16_t svalue
= res
;
1153 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1161 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1162 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1163 uint32_t *words
= (uint32_t *)buffer
;
1165 /* LDC p14,c5,[R0],#4 */
1166 /* LDC p14,c5,[R0] */
1167 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1172 return arm11_run_instr_data_finish(arm11
);
1175 static int arm11_read_memory(struct target
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1177 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1181 * arm11_config_memrw_no_increment - in the future we may want to be able
1182 * to read/write a range of data to a "port". a "port" is an action on
1183 * read memory address for some peripheral.
1185 static int arm11_write_memory_inner(struct target
*target
,
1186 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1187 bool arm11_config_memrw_no_increment
)
1191 if (target
->state
!= TARGET_HALTED
)
1193 LOG_WARNING("target was not halted");
1194 return ERROR_TARGET_NOT_HALTED
;
1197 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1199 struct arm11_common
*arm11
= target_to_arm11(target
);
1201 retval
= arm11_run_instr_data_prepare(arm11
);
1202 if (retval
!= ERROR_OK
)
1205 /* MRC p14,0,r0,c0,c5,0 */
1206 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1207 if (retval
!= ERROR_OK
)
1210 /* burst writes are not used for single words as those may well be
1211 * reset init script writes.
1213 * The other advantage is that as burst writes are default, we'll
1214 * now exercise both burst and non-burst code paths with the
1215 * default settings, increasing code coverage.
1217 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1223 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1225 for (size_t i
= 0; i
< count
; i
++)
1227 /* MRC p14,0,r1,c0,c5,0 */
1228 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1229 if (retval
!= ERROR_OK
)
1232 /* strb r1, [r0], #1 */
1234 retval
= arm11_run_instr_no_data1(arm11
,
1235 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1236 if (retval
!= ERROR_OK
)
1245 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1247 for (size_t i
= 0; i
< count
; i
++)
1250 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1252 /* MRC p14,0,r1,c0,c5,0 */
1253 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1254 if (retval
!= ERROR_OK
)
1257 /* strh r1, [r0], #2 */
1259 retval
= arm11_run_instr_no_data1(arm11
,
1260 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1261 if (retval
!= ERROR_OK
)
1269 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1271 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1272 uint32_t *words
= (uint32_t*)buffer
;
1276 /* STC p14,c5,[R0],#4 */
1277 /* STC p14,c5,[R0]*/
1278 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1279 if (retval
!= ERROR_OK
)
1284 /* STC p14,c5,[R0],#4 */
1285 /* STC p14,c5,[R0]*/
1286 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1287 if (retval
!= ERROR_OK
)
1295 /* r0 verification */
1296 if (!arm11_config_memrw_no_increment
)
1300 /* MCR p14,0,R0,c0,c5,0 */
1301 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1302 if (retval
!= ERROR_OK
)
1305 if (address
+ size
* count
!= r0
)
1307 LOG_ERROR("Data transfer failed. Expected end "
1308 "address 0x%08x, got 0x%08x",
1309 (unsigned) (address
+ size
* count
),
1313 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1315 if (arm11_config_memwrite_error_fatal
)
1320 return arm11_run_instr_data_finish(arm11
);
1323 static int arm11_write_memory(struct target
*target
,
1324 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1326 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1329 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1330 static int arm11_bulk_write_memory(struct target
*target
,
1331 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1333 if (target
->state
!= TARGET_HALTED
)
1335 LOG_WARNING("target was not halted");
1336 return ERROR_TARGET_NOT_HALTED
;
1339 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1342 /* target break-/watchpoint control
1343 * rw: 0 = write, 1 = read, 2 = access
1345 static int arm11_add_breakpoint(struct target
*target
,
1346 struct breakpoint
*breakpoint
)
1348 struct arm11_common
*arm11
= target_to_arm11(target
);
1351 if (breakpoint
->type
== BKPT_SOFT
)
1353 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1354 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1358 if (!arm11
->free_brps
)
1360 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1361 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1364 if (breakpoint
->length
!= 4)
1366 LOG_DEBUG("only breakpoints of four bytes length supported");
1367 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1375 static int arm11_remove_breakpoint(struct target
*target
,
1376 struct breakpoint
*breakpoint
)
1378 struct arm11_common
*arm11
= target_to_arm11(target
);
1385 static int arm11_add_watchpoint(struct target
*target
,
1386 struct watchpoint
*watchpoint
)
1388 LOG_WARNING("Not implemented: %s", __func__
);
1393 static int arm11_remove_watchpoint(struct target
*target
,
1394 struct watchpoint
*watchpoint
)
1396 LOG_WARNING("Not implemented: %s", __func__
);
1401 // HACKHACKHACK - FIXME mode/state
1402 /* target algorithm support */
1403 static int arm11_run_algorithm(struct target
*target
,
1404 int num_mem_params
, struct mem_param
*mem_params
,
1405 int num_reg_params
, struct reg_param
*reg_params
,
1406 uint32_t entry_point
, uint32_t exit_point
,
1407 int timeout_ms
, void *arch_info
)
1409 struct arm11_common
*arm11
= target_to_arm11(target
);
1410 // enum armv4_5_state core_state = arm11->core_state;
1411 // enum armv4_5_mode core_mode = arm11->core_mode;
1412 uint32_t context
[16];
1414 int exit_breakpoint_size
= 0;
1415 int retval
= ERROR_OK
;
1416 LOG_DEBUG("Running algorithm");
1419 if (target
->state
!= TARGET_HALTED
)
1421 LOG_WARNING("target not halted");
1422 return ERROR_TARGET_NOT_HALTED
;
1426 // if (!is_arm_mode(arm11->core_mode))
1427 // return ERROR_FAIL;
1430 for (unsigned i
= 0; i
< 16; i
++)
1432 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1433 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1436 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1437 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1439 for (int i
= 0; i
< num_mem_params
; i
++)
1441 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1444 // Set register parameters
1445 for (int i
= 0; i
< num_reg_params
; i
++)
1447 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1450 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1451 return ERROR_INVALID_ARGUMENTS
;
1454 if (reg
->size
!= reg_params
[i
].size
)
1456 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1457 return ERROR_INVALID_ARGUMENTS
;
1459 arm11_set_reg(reg
,reg_params
[i
].value
);
1460 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1463 exit_breakpoint_size
= 4;
1465 /* arm11->core_state = arm11_algorithm_info->core_state;
1466 if (arm11->core_state == ARMV4_5_STATE_ARM)
1467 exit_breakpoint_size = 4;
1468 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1469 exit_breakpoint_size = 2;
1472 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1478 /* arm11 at this point only supports ARM not THUMB mode
1479 however if this test needs to be reactivated the current state can be read back
1482 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1484 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1485 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1486 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1487 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1491 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1493 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1494 retval
= ERROR_TARGET_FAILURE
;
1498 // no debug, otherwise breakpoint is not set
1499 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1501 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1503 if (target
->state
!= TARGET_HALTED
)
1505 CHECK_RETVAL(target_halt(target
));
1507 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1509 retval
= ERROR_TARGET_TIMEOUT
;
1511 goto del_breakpoint
;
1514 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1516 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1517 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1518 retval
= ERROR_TARGET_TIMEOUT
;
1519 goto del_breakpoint
;
1522 for (int i
= 0; i
< num_mem_params
; i
++)
1524 if (mem_params
[i
].direction
!= PARAM_OUT
)
1525 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1528 for (int i
= 0; i
< num_reg_params
; i
++)
1530 if (reg_params
[i
].direction
!= PARAM_OUT
)
1532 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1535 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1536 retval
= ERROR_INVALID_ARGUMENTS
;
1537 goto del_breakpoint
;
1540 if (reg
->size
!= reg_params
[i
].size
)
1542 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1543 retval
= ERROR_INVALID_ARGUMENTS
;
1544 goto del_breakpoint
;
1547 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1552 breakpoint_remove(target
, exit_point
);
1556 for (size_t i
= 0; i
< 16; i
++)
1558 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1559 arm11
->reg_list
[i
].name
, context
[i
]);
1560 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1562 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1563 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1565 // arm11->core_state = core_state;
1566 // arm11->core_mode = core_mode;
1571 static int arm11_target_create(struct target
*target
, Jim_Interp
*interp
)
1573 struct arm11_common
*arm11
;
1575 if (target
->tap
== NULL
)
1578 if (target
->tap
->ir_length
!= 5)
1580 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1581 return ERROR_COMMAND_SYNTAX_ERROR
;
1584 arm11
= calloc(1, sizeof *arm11
);
1588 armv4_5_init_arch_info(target
, &arm11
->arm
);
1590 arm11
->target
= target
;
1592 arm11
->jtag_info
.tap
= target
->tap
;
1593 arm11
->jtag_info
.scann_size
= 5;
1594 arm11
->jtag_info
.scann_instr
= ARM11_SCAN_N
;
1595 /* cur_scan_chain == 0 */
1596 arm11
->jtag_info
.intest_instr
= ARM11_INTEST
;
1601 static int arm11_init_target(struct command_context
*cmd_ctx
,
1602 struct target
*target
)
1604 /* Initialize anything we can set up without talking to the target */
1606 /* FIXME Switch to use the standard build_reg_cache() not custom
1607 * code. Do it from examine(), after we check whether we're
1608 * an arm1176 and thus support the Secure Monitor mode.
1610 return arm11_build_reg_cache(target
);
1613 /* talk to the target and set things up */
1614 static int arm11_examine(struct target
*target
)
1618 struct arm11_common
*arm11
= target_to_arm11(target
);
1619 uint32_t didr
, device_id
;
1620 uint8_t implementor
;
1622 /* FIXME split into do-first-time and do-every-time logic ... */
1626 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1628 struct scan_field idcode_field
;
1630 arm11_setup_field(arm11
, 32, NULL
, &device_id
, &idcode_field
);
1632 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1636 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1638 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1640 struct scan_field chain0_fields
[2];
1642 arm11_setup_field(arm11
, 32, NULL
, &didr
, chain0_fields
+ 0);
1643 arm11_setup_field(arm11
, 8, NULL
, &implementor
, chain0_fields
+ 1);
1645 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields
), chain0_fields
, TAP_IDLE
);
1647 CHECK_RETVAL(jtag_execute_queue());
1649 switch (device_id
& 0x0FFFF000)
1658 arm11
->arm
.core_type
= ARM_MODE_MON
;
1662 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1665 LOG_INFO("found %s", type
);
1667 /* unlikely this could ever fail, but ... */
1668 switch ((didr
>> 16) & 0x0F) {
1669 case ARM11_DEBUG_V6
:
1670 case ARM11_DEBUG_V61
: /* supports security extensions */
1673 LOG_ERROR("Only ARM v6 and v6.1 debug supported.");
1677 arm11
->brp
= ((didr
>> 24) & 0x0F) + 1;
1678 arm11
->wrp
= ((didr
>> 28) & 0x0F) + 1;
1680 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1681 arm11
->free_brps
= arm11
->brp
;
1682 arm11
->free_wrps
= arm11
->wrp
;
1684 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
,
1685 device_id
, implementor
, didr
);
1687 /* as a side-effect this reads DSCR and thus
1688 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1689 * as suggested by the spec.
1692 retval
= arm11_check_init(arm11
, NULL
);
1693 if (retval
!= ERROR_OK
)
1696 /* Build register cache "late", after target_init(), since we
1697 * want to know if this core supports Secure Monitor mode.
1699 if (!target_was_examined(target
)) {
1700 arm11_dpm_init(arm11
, didr
);
1701 retval
= arm_dpm_setup(&arm11
->dpm
);
1704 /* ETM on ARM11 still uses original scanchain 6 access mode */
1705 if (arm11
->arm
.etm
&& !target_was_examined(target
)) {
1706 *register_get_last_cache_p(&target
->reg_cache
) =
1707 etm_build_reg_cache(target
, &arm11
->jtag_info
,
1709 retval
= etm_setup(target
);
1712 target_set_examined(target
);
1718 /** Load a register that is marked !valid in the register cache */
1719 static int arm11_get_reg(struct reg
*reg
)
1721 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1723 if (target
->state
!= TARGET_HALTED
)
1725 LOG_WARNING("target was not halted");
1726 return ERROR_TARGET_NOT_HALTED
;
1729 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1732 struct arm11_common
*arm11
= target_to_arm11(target
);
1733 const struct arm11_reg_defs
*arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1739 /** Change a value in the register cache */
1740 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
)
1742 struct target
*target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1743 struct arm11_common
*arm11
= target_to_arm11(target
);
1744 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1746 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1753 static const struct reg_arch_type arm11_reg_type
= {
1754 .get
= arm11_get_reg
,
1755 .set
= arm11_set_reg
,
1758 static int arm11_build_reg_cache(struct target
*target
)
1760 struct arm11_common
*arm11
= target_to_arm11(target
);
1761 struct reg_cache
*cache
;
1762 struct reg
*reg_list
;
1763 struct arm11_reg_state
*arm11_reg_states
;
1765 cache
= calloc(1, sizeof *cache
);
1766 reg_list
= calloc(ARM11_REGCACHE_COUNT
, sizeof *reg_list
);
1767 arm11_reg_states
= calloc(ARM11_REGCACHE_COUNT
,
1768 sizeof *arm11_reg_states
);
1769 if (!cache
|| !reg_list
|| !arm11_reg_states
) {
1772 free(arm11_reg_states
);
1776 arm11
->reg_list
= reg_list
;
1778 /* Build the process context cache */
1779 cache
->name
= "arm11 registers";
1781 cache
->reg_list
= reg_list
;
1782 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1784 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1787 arm11
->core_cache
= cache
;
1788 // armv7m->process_context = cache;
1792 /* Not very elegant assertion */
1793 if (ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11
->reg_values
) ||
1794 ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11_reg_defs
) ||
1795 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1797 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d %u %u %d)",
1798 ARM11_REGCACHE_COUNT
,
1799 (unsigned) ARRAY_SIZE(arm11
->reg_values
),
1800 (unsigned) ARRAY_SIZE(arm11_reg_defs
),
1802 /* FIXME minimally, use a build_bug_on(X) mechanism;
1803 * runtime exit() here is bad!
1808 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1810 struct reg
* r
= reg_list
+ i
;
1811 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
1812 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
1816 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1819 r
->type
= &arm11_reg_type
;
1823 rs
->target
= target
;
1829 #define ARM11_BOOL_WRAPPER(name, print_name) \
1830 COMMAND_HANDLER(arm11_handle_bool_##name) \
1832 return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
1833 &arm11_config_##name, print_name); \
1836 ARM11_BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
1837 ARM11_BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
1838 ARM11_BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
1839 ARM11_BOOL_WRAPPER(hardware_step
, "hardware single step")
1841 COMMAND_HANDLER(arm11_handle_vcr
)
1847 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], arm11_vcr
);
1850 return ERROR_COMMAND_SYNTAX_ERROR
;
1853 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
1857 static const uint32_t arm11_coproc_instruction_limits
[] =
1859 15, /* coprocessor */
1864 0xFFFFFFFF, /* value */
1867 static int arm11_mrc_inner(struct target
*target
, int cpnum
,
1868 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
1869 uint32_t *value
, bool read
)
1872 struct arm11_common
*arm11
= target_to_arm11(target
);
1874 if (target
->state
!= TARGET_HALTED
)
1876 LOG_ERROR("Target not halted");
1880 uint32_t instr
= 0xEE000010 |
1888 instr
|= 0x00100000;
1890 retval
= arm11_run_instr_data_prepare(arm11
);
1891 if (retval
!= ERROR_OK
)
1896 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
1897 if (retval
!= ERROR_OK
)
1902 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
1903 if (retval
!= ERROR_OK
)
1907 return arm11_run_instr_data_finish(arm11
);
1910 static int arm11_mrc(struct target
*target
, int cpnum
,
1911 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
1913 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
1916 static int arm11_mcr(struct target
*target
, int cpnum
,
1917 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
1919 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
1922 static int arm11_register_commands(struct command_context
*cmd_ctx
)
1924 struct command
*top_cmd
, *mw_cmd
;
1926 armv4_5_register_commands(cmd_ctx
);
1928 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
1929 NULL
, COMMAND_ANY
, NULL
);
1931 /* "hardware_step" is only here to check if the default
1932 * simulate + breakpoint implementation is broken.
1933 * TEMPORARY! NOT DOCUMENTED!
1935 register_command(cmd_ctx
, top_cmd
, "hardware_step",
1936 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
1937 "DEBUG ONLY - Hardware single stepping"
1938 " (default: disabled)");
1940 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
1941 NULL
, COMMAND_ANY
, NULL
);
1942 register_command(cmd_ctx
, mw_cmd
, "burst",
1943 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
1944 "Enable/Disable non-standard but fast burst mode"
1945 " (default: enabled)");
1946 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
1947 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
1948 "Terminate program if transfer error was found"
1949 " (default: enabled)");
1951 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
1952 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
1953 "Enable interrupts while stepping"
1954 " (default: disabled)");
1955 register_command(cmd_ctx
, top_cmd
, "vcr",
1956 arm11_handle_vcr
, COMMAND_ANY
,
1957 "Control (Interrupt) Vector Catch Register");
1959 return etm_register_commands(cmd_ctx
);
1962 /** Holds methods for ARM11xx targets. */
1963 struct target_type arm11_target
= {
1967 .arch_state
= arm11_arch_state
,
1969 .target_request_data
= arm11_target_request_data
,
1972 .resume
= arm11_resume
,
1975 .assert_reset
= arm11_assert_reset
,
1976 .deassert_reset
= arm11_deassert_reset
,
1977 .soft_reset_halt
= arm11_soft_reset_halt
,
1979 .get_gdb_reg_list
= armv4_5_get_gdb_reg_list
,
1981 .read_memory
= arm11_read_memory
,
1982 .write_memory
= arm11_write_memory
,
1984 .bulk_write_memory
= arm11_bulk_write_memory
,
1986 .checksum_memory
= arm_checksum_memory
,
1987 .blank_check_memory
= arm_blank_check_memory
,
1989 .add_breakpoint
= arm11_add_breakpoint
,
1990 .remove_breakpoint
= arm11_remove_breakpoint
,
1991 .add_watchpoint
= arm11_add_watchpoint
,
1992 .remove_watchpoint
= arm11_remove_watchpoint
,
1994 .run_algorithm
= arm11_run_algorithm
,
1996 .register_commands
= arm11_register_commands
,
1997 .target_create
= arm11_target_create
,
1998 .init_target
= arm11_init_target
,
1999 .examine
= arm11_examine
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)