1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
43 static bool arm11_config_memwrite_burst
= true;
44 static bool arm11_config_memwrite_error_fatal
= true;
45 static uint32_t arm11_vcr
= 0;
46 static bool arm11_config_step_irq_enable
= false;
47 static bool arm11_config_hardware_step
= false;
64 ARM11_REGISTER_SPSR_FIQ
,
65 ARM11_REGISTER_SPSR_SVC
,
66 ARM11_REGISTER_SPSR_ABT
,
67 ARM11_REGISTER_SPSR_IRQ
,
68 ARM11_REGISTER_SPSR_UND
,
69 ARM11_REGISTER_SPSR_MON
,
83 enum arm11_regtype type
;
86 /* update arm11_regcache_ids when changing this */
87 static const struct arm11_reg_defs arm11_reg_defs
[] =
89 {"r0", 0, 0, ARM11_REGISTER_CORE
},
90 {"r1", 1, 1, ARM11_REGISTER_CORE
},
91 {"r2", 2, 2, ARM11_REGISTER_CORE
},
92 {"r3", 3, 3, ARM11_REGISTER_CORE
},
93 {"r4", 4, 4, ARM11_REGISTER_CORE
},
94 {"r5", 5, 5, ARM11_REGISTER_CORE
},
95 {"r6", 6, 6, ARM11_REGISTER_CORE
},
96 {"r7", 7, 7, ARM11_REGISTER_CORE
},
97 {"r8", 8, 8, ARM11_REGISTER_CORE
},
98 {"r9", 9, 9, ARM11_REGISTER_CORE
},
99 {"r10", 10, 10, ARM11_REGISTER_CORE
},
100 {"r11", 11, 11, ARM11_REGISTER_CORE
},
101 {"r12", 12, 12, ARM11_REGISTER_CORE
},
102 {"sp", 13, 13, ARM11_REGISTER_CORE
},
103 {"lr", 14, 14, ARM11_REGISTER_CORE
},
104 {"pc", 15, 15, ARM11_REGISTER_CORE
},
106 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
108 /* Debug Registers */
109 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
110 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
111 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
114 enum arm11_regcache_ids
117 ARM11_RC_RX
= ARM11_RC_R0
,
132 ARM11_RC_SP
= ARM11_RC_R13
,
134 ARM11_RC_LR
= ARM11_RC_R14
,
136 ARM11_RC_PC
= ARM11_RC_R15
,
147 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
148 static int arm11_step(struct target
*target
, int current
,
149 uint32_t address
, int handle_breakpoints
);
151 static int arm11_build_reg_cache(struct target
*target
);
152 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
);
153 static int arm11_get_reg(struct reg
*reg
);
156 /** Check and if necessary take control of the system
158 * \param arm11 Target state variable.
159 * \param dscr If the current DSCR content is
160 * available a pointer to a word holding the
161 * DSCR can be passed. Otherwise use NULL.
163 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
165 uint32_t dscr_local_tmp_copy
;
169 dscr
= &dscr_local_tmp_copy
;
171 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
174 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
176 LOG_DEBUG("Bringing target into debug mode");
178 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
179 arm11_write_DSCR(arm11
, *dscr
);
181 /* add further reset initialization here */
183 arm11
->simulate_reset_on_next_halt
= true;
185 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
187 /** \todo TODO: this needs further scrutiny because
188 * arm11_on_enter_debug_state() never gets properly called.
189 * As a result we don't read the actual register states from
193 arm11
->target
->state
= TARGET_HALTED
;
194 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
198 arm11
->target
->state
= TARGET_RUNNING
;
199 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
202 arm11_sc7_clear_vbw(arm11
);
211 (arm11->reg_values[ARM11_RC_##x])
213 /** Save processor state.
215 * This is called when the HALT instruction has succeeded
216 * or on other occasions that stop the processor.
219 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
223 /* REVISIT entire cache should already be invalid !!! */
224 register_cache_invalidate(arm11
->arm
.core_cache
);
226 for (size_t i
= 0; i
< ARRAY_SIZE(arm11
->reg_values
); i
++)
228 arm11
->reg_list
[i
].valid
= 1;
229 arm11
->reg_list
[i
].dirty
= 0;
233 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
237 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
239 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
241 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
243 struct scan_field chain5_fields
[3];
245 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
246 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
247 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
249 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
253 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
257 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
258 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
259 ARM1136 seems to require this to issue ITR's as well */
261 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
263 /* this executes JTAG queue: */
265 arm11_write_DSCR(arm11
, new_dscr
);
269 Before executing any instruction in debug state you have to drain the write buffer.
270 This ensures that no imprecise Data Aborts can return at a later point:*/
272 /** \todo TODO: Test drain write buffer. */
277 /* MRC p14,0,R0,c5,c10,0 */
278 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
280 /* mcr 15, 0, r0, cr7, cr10, {4} */
281 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
283 uint32_t dscr
= arm11_read_DSCR(arm11
);
285 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
287 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
289 arm11_run_instr_no_data1(arm11
, 0xe320f000);
291 dscr
= arm11_read_DSCR(arm11
);
293 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
300 retval
= arm_dpm_read_current_registers(&arm11
->dpm
);
301 if (retval
!= ERROR_OK
)
302 LOG_ERROR("DPM REG READ -- fail %d", retval
);
304 retval
= arm11_run_instr_data_prepare(arm11
);
305 if (retval
!= ERROR_OK
)
310 /** \todo TODO: handle other mode registers */
312 for (size_t i
= 0; i
< 15; i
++)
314 /* MCR p14,0,R?,c0,c5,0 */
315 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
316 if (retval
!= ERROR_OK
)
322 /* check rDTRfull in DSCR */
324 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
326 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
327 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
328 if (retval
!= ERROR_OK
)
333 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
338 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
339 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
340 if (retval
!= ERROR_OK
)
345 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
346 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
347 if (retval
!= ERROR_OK
)
350 /* adjust PC depending on ARM state */
352 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
354 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
356 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
358 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
362 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
365 if (arm11
->simulate_reset_on_next_halt
)
367 arm11
->simulate_reset_on_next_halt
= false;
369 LOG_DEBUG("Reset c1 Control Register");
371 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
373 /* MCR p15,0,R0,c1,c0,0 */
374 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
375 if (retval
!= ERROR_OK
)
380 retval
= arm11_run_instr_data_finish(arm11
);
381 if (retval
!= ERROR_OK
)
387 /** Restore processor state
389 * This is called in preparation for the RESTART function.
392 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
396 retval
= arm11_run_instr_data_prepare(arm11
);
397 if (retval
!= ERROR_OK
)
400 /** \todo TODO: handle other mode registers */
402 /* restore R1 - R14 */
404 for (unsigned i
= 1; i
< 15; i
++)
406 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
409 /* MRC p14,0,r?,c0,c5,0 */
410 arm11_run_instr_data_to_core1(arm11
,
411 0xee100e15 | (i
<< 12), R(RX
+ i
));
413 // LOG_DEBUG("RESTORE R%u %08x", i, R(RX + i));
416 retval
= arm11_run_instr_data_finish(arm11
);
417 if (retval
!= ERROR_OK
)
420 /* spec says clear wDTR and rDTR; we assume they are clear as
421 otherwise our programming would be sloppy */
425 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
427 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
430 The wDTR/rDTR two registers that are used to send/receive data to/from
431 the core in tandem with corresponding instruction codes that are
432 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
433 registers hold data that was written by one side (CPU or JTAG) and not
434 read out by the other side.
436 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
441 /* DEBUG for now, trust "new" code only for shadowed registers */
442 retval
= arm_dpm_write_dirty_registers(&arm11
->dpm
);
444 retval
= arm11_run_instr_data_prepare(arm11
);
445 if (retval
!= ERROR_OK
)
448 /* restore original wDTR */
450 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
452 /* MCR p14,0,R0,c0,c5,0 */
453 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
454 if (retval
!= ERROR_OK
)
461 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
462 if (retval
!= ERROR_OK
)
469 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
470 if (retval
!= ERROR_OK
)
476 /* MRC p14,0,r0,c0,c5,0 */
477 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
479 retval
= arm11_run_instr_data_finish(arm11
);
480 if (retval
!= ERROR_OK
)
483 /* DEBUG use this when "new" code is really managing core registers */
484 // retval = arm_dpm_write_dirty_registers(&arm11->dpm);
486 register_cache_invalidate(arm11
->arm
.core_cache
);
490 arm11_write_DSCR(arm11
, R(DSCR
));
494 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
496 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
498 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
500 struct scan_field chain5_fields
[3];
502 uint8_t Ready
= 0; /* ignored */
503 uint8_t Valid
= 0; /* ignored */
505 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
506 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
507 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
509 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
515 /* poll current target status */
516 static int arm11_poll(struct target
*target
)
519 struct arm11_common
*arm11
= target_to_arm11(target
);
522 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
524 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
526 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
528 if (dscr
& ARM11_DSCR_CORE_HALTED
)
530 if (target
->state
!= TARGET_HALTED
)
532 enum target_state old_state
= target
->state
;
534 LOG_DEBUG("enter TARGET_HALTED");
535 target
->state
= TARGET_HALTED
;
536 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
537 retval
= arm11_on_enter_debug_state(arm11
);
538 if (retval
!= ERROR_OK
)
541 target_call_event_callbacks(target
,
542 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
547 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
549 LOG_DEBUG("enter TARGET_RUNNING");
550 target
->state
= TARGET_RUNNING
;
551 target
->debug_reason
= DBG_REASON_NOTHALTED
;
557 /* architecture specific status reply */
558 static int arm11_arch_state(struct target
*target
)
562 retval
= armv4_5_arch_state(target
);
564 /* REVISIT also display ARM11-specific MMU and cache status ... */
569 /* target request support */
570 static int arm11_target_request_data(struct target
*target
,
571 uint32_t size
, uint8_t *buffer
)
573 LOG_WARNING("Not implemented: %s", __func__
);
578 /* target execution control */
579 static int arm11_halt(struct target
*target
)
581 struct arm11_common
*arm11
= target_to_arm11(target
);
583 LOG_DEBUG("target->state: %s",
584 target_state_name(target
));
586 if (target
->state
== TARGET_UNKNOWN
)
588 arm11
->simulate_reset_on_next_halt
= true;
591 if (target
->state
== TARGET_HALTED
)
593 LOG_DEBUG("target was already halted");
597 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
599 CHECK_RETVAL(jtag_execute_queue());
606 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
608 if (dscr
& ARM11_DSCR_CORE_HALTED
)
619 if ((timeval_ms()-then
) > 1000)
621 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
628 arm11_on_enter_debug_state(arm11
);
630 enum target_state old_state
= target
->state
;
632 target
->state
= TARGET_HALTED
;
633 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
636 target_call_event_callbacks(target
,
637 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
642 static int arm11_resume(struct target
*target
, int current
,
643 uint32_t address
, int handle_breakpoints
, int debug_execution
)
645 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
646 // current, address, handle_breakpoints, debug_execution);
648 struct arm11_common
*arm11
= target_to_arm11(target
);
650 LOG_DEBUG("target->state: %s",
651 target_state_name(target
));
654 if (target
->state
!= TARGET_HALTED
)
656 LOG_ERROR("Target not halted");
657 return ERROR_TARGET_NOT_HALTED
;
663 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
665 /* clear breakpoints/watchpoints and VCR*/
666 arm11_sc7_clear_vbw(arm11
);
668 /* Set up breakpoints */
669 if (!debug_execution
)
671 /* check if one matches PC and step over it if necessary */
673 struct breakpoint
* bp
;
675 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
677 if (bp
->address
== R(PC
))
679 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
680 arm11_step(target
, 1, 0, 0);
685 /* set all breakpoints */
687 unsigned brp_num
= 0;
689 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
691 struct arm11_sc7_action brp
[2];
694 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
695 brp
[0].value
= bp
->address
;
697 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
698 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
700 arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
));
702 LOG_DEBUG("Add BP %d at %08" PRIx32
, brp_num
,
708 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
711 arm11_leave_debug_state(arm11
);
713 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
715 CHECK_RETVAL(jtag_execute_queue());
722 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
724 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
726 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
737 if ((timeval_ms()-then
) > 1000)
739 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
746 if (!debug_execution
)
748 target
->state
= TARGET_RUNNING
;
749 target
->debug_reason
= DBG_REASON_NOTHALTED
;
751 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
755 target
->state
= TARGET_DEBUG_RUNNING
;
756 target
->debug_reason
= DBG_REASON_NOTHALTED
;
758 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
764 static int arm11_step(struct target
*target
, int current
,
765 uint32_t address
, int handle_breakpoints
)
767 LOG_DEBUG("target->state: %s",
768 target_state_name(target
));
770 if (target
->state
!= TARGET_HALTED
)
772 LOG_WARNING("target was not halted");
773 return ERROR_TARGET_NOT_HALTED
;
776 struct arm11_common
*arm11
= target_to_arm11(target
);
781 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
784 /** \todo TODO: Thumb not supported here */
786 uint32_t next_instruction
;
788 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
791 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
794 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
795 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
796 LOG_DEBUG("Skipping BKPT");
798 /* skip over Wait for interrupt / Standby */
799 /* mcr 15, 0, r?, cr7, cr0, {4} */
800 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
803 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
804 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
805 LOG_DEBUG("Skipping WFI");
807 /* ignore B to self */
808 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
810 LOG_DEBUG("Not stepping jump to self");
814 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
817 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
818 * the VCR might be something worth looking into. */
821 /* Set up breakpoint for stepping */
823 struct arm11_sc7_action brp
[2];
826 brp
[0].address
= ARM11_SC7_BVR0
;
828 brp
[1].address
= ARM11_SC7_BCR0
;
830 if (arm11_config_hardware_step
)
832 /* Hardware single stepping ("instruction address
833 * mismatch") is used if enabled. It's not quite
834 * exactly "run one instruction"; "branch to here"
835 * loops won't break, neither will some other cases,
836 * but it's probably the best default.
838 * Hardware single stepping isn't supported on v6
839 * debug modules. ARM1176 and v7 can support it...
841 * FIXME Thumb stepping likely needs to use 0x03
842 * or 0xc0 byte masks, not 0x0f.
844 brp
[0].value
= R(PC
);
845 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5)
846 | (0 << 14) | (0 << 16) | (0 << 20)
850 /* Sets a breakpoint on the next PC, as calculated
851 * by instruction set simulation.
853 * REVISIT stepping Thumb on ARM1156 requires Thumb2
854 * support from the simulator.
859 retval
= arm_simulate_step(target
, &next_pc
);
860 if (retval
!= ERROR_OK
)
863 brp
[0].value
= next_pc
;
864 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5)
865 | (0 << 14) | (0 << 16) | (0 << 20)
869 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
)));
874 if (arm11_config_step_irq_enable
)
875 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
877 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
880 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
882 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
884 CHECK_RETVAL(jtag_execute_queue());
892 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
894 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
896 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
897 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
907 if ((timeval_ms()-then
) > 1000)
909 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
916 /* clear breakpoint */
917 arm11_sc7_clear_vbw(arm11
);
920 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
922 /* restore default state */
923 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
927 // target->state = TARGET_HALTED;
928 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
930 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
935 static int arm11_assert_reset(struct target
*target
)
938 struct arm11_common
*arm11
= target_to_arm11(target
);
940 retval
= arm11_check_init(arm11
, NULL
);
941 if (retval
!= ERROR_OK
)
944 target
->state
= TARGET_UNKNOWN
;
946 /* we would very much like to reset into the halted, state,
947 * but resetting and halting is second best... */
948 if (target
->reset_halt
)
950 CHECK_RETVAL(target_halt(target
));
954 /* srst is funny. We can not do *anything* else while it's asserted
955 * and it has unkonwn side effects. Make sure no other code runs
958 * Code below assumes srst:
960 * - Causes power-on-reset (but of what parts of the system?). Bug
963 * - Messes us TAP state without asserting trst.
965 * - There is another bug in the arm11 core. When you generate an access to
966 * external logic (for example ddr controller via AHB bus) and that block
967 * is not configured (perhaps it is still held in reset), that transaction
968 * will never complete. This will hang arm11 core but it will also hang
969 * JTAG controller. Nothing, short of srst assertion will bring it out of
974 * - What should the PC be after an srst reset when starting in the halted
978 jtag_add_reset(0, 1);
979 jtag_add_reset(0, 0);
981 /* How long do we have to wait? */
982 jtag_add_sleep(5000);
984 /* un-mess up TAP state */
987 retval
= jtag_execute_queue();
988 if (retval
!= ERROR_OK
)
996 static int arm11_deassert_reset(struct target
*target
)
1001 static int arm11_soft_reset_halt(struct target
*target
)
1003 LOG_WARNING("Not implemented: %s", __func__
);
1008 /* target memory access
1009 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1010 * count: number of items of <size>
1012 * arm11_config_memrw_no_increment - in the future we may want to be able
1013 * to read/write a range of data to a "port". a "port" is an action on
1014 * read memory address for some peripheral.
1016 static int arm11_read_memory_inner(struct target
*target
,
1017 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1018 bool arm11_config_memrw_no_increment
)
1020 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1023 if (target
->state
!= TARGET_HALTED
)
1025 LOG_WARNING("target was not halted");
1026 return ERROR_TARGET_NOT_HALTED
;
1029 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1031 struct arm11_common
*arm11
= target_to_arm11(target
);
1033 retval
= arm11_run_instr_data_prepare(arm11
);
1034 if (retval
!= ERROR_OK
)
1037 /* MRC p14,0,r0,c0,c5,0 */
1038 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1039 if (retval
!= ERROR_OK
)
1045 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1046 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1048 for (size_t i
= 0; i
< count
; i
++)
1050 /* ldrb r1, [r0], #1 */
1052 arm11_run_instr_no_data1(arm11
,
1053 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1056 /* MCR p14,0,R1,c0,c5,0 */
1057 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1066 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1068 for (size_t i
= 0; i
< count
; i
++)
1070 /* ldrh r1, [r0], #2 */
1071 arm11_run_instr_no_data1(arm11
,
1072 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1076 /* MCR p14,0,R1,c0,c5,0 */
1077 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1079 uint16_t svalue
= res
;
1080 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1088 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1089 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1090 uint32_t *words
= (uint32_t *)buffer
;
1092 /* LDC p14,c5,[R0],#4 */
1093 /* LDC p14,c5,[R0] */
1094 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1099 return arm11_run_instr_data_finish(arm11
);
1102 static int arm11_read_memory(struct target
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1104 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1108 * arm11_config_memrw_no_increment - in the future we may want to be able
1109 * to read/write a range of data to a "port". a "port" is an action on
1110 * read memory address for some peripheral.
1112 static int arm11_write_memory_inner(struct target
*target
,
1113 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1114 bool arm11_config_memrw_no_increment
)
1118 if (target
->state
!= TARGET_HALTED
)
1120 LOG_WARNING("target was not halted");
1121 return ERROR_TARGET_NOT_HALTED
;
1124 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1126 struct arm11_common
*arm11
= target_to_arm11(target
);
1128 retval
= arm11_run_instr_data_prepare(arm11
);
1129 if (retval
!= ERROR_OK
)
1132 /* MRC p14,0,r0,c0,c5,0 */
1133 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1134 if (retval
!= ERROR_OK
)
1137 /* burst writes are not used for single words as those may well be
1138 * reset init script writes.
1140 * The other advantage is that as burst writes are default, we'll
1141 * now exercise both burst and non-burst code paths with the
1142 * default settings, increasing code coverage.
1144 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1150 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1152 for (size_t i
= 0; i
< count
; i
++)
1154 /* MRC p14,0,r1,c0,c5,0 */
1155 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1156 if (retval
!= ERROR_OK
)
1159 /* strb r1, [r0], #1 */
1161 retval
= arm11_run_instr_no_data1(arm11
,
1162 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1163 if (retval
!= ERROR_OK
)
1172 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1174 for (size_t i
= 0; i
< count
; i
++)
1177 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1179 /* MRC p14,0,r1,c0,c5,0 */
1180 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1181 if (retval
!= ERROR_OK
)
1184 /* strh r1, [r0], #2 */
1186 retval
= arm11_run_instr_no_data1(arm11
,
1187 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1188 if (retval
!= ERROR_OK
)
1196 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1198 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1199 uint32_t *words
= (uint32_t*)buffer
;
1203 /* STC p14,c5,[R0],#4 */
1204 /* STC p14,c5,[R0]*/
1205 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1206 if (retval
!= ERROR_OK
)
1211 /* STC p14,c5,[R0],#4 */
1212 /* STC p14,c5,[R0]*/
1213 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1214 if (retval
!= ERROR_OK
)
1222 /* r0 verification */
1223 if (!arm11_config_memrw_no_increment
)
1227 /* MCR p14,0,R0,c0,c5,0 */
1228 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1229 if (retval
!= ERROR_OK
)
1232 if (address
+ size
* count
!= r0
)
1234 LOG_ERROR("Data transfer failed. Expected end "
1235 "address 0x%08x, got 0x%08x",
1236 (unsigned) (address
+ size
* count
),
1240 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1242 if (arm11_config_memwrite_error_fatal
)
1247 return arm11_run_instr_data_finish(arm11
);
1250 static int arm11_write_memory(struct target
*target
,
1251 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1253 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1256 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1257 static int arm11_bulk_write_memory(struct target
*target
,
1258 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1260 if (target
->state
!= TARGET_HALTED
)
1262 LOG_WARNING("target was not halted");
1263 return ERROR_TARGET_NOT_HALTED
;
1266 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1269 /* target break-/watchpoint control
1270 * rw: 0 = write, 1 = read, 2 = access
1272 static int arm11_add_breakpoint(struct target
*target
,
1273 struct breakpoint
*breakpoint
)
1275 struct arm11_common
*arm11
= target_to_arm11(target
);
1278 if (breakpoint
->type
== BKPT_SOFT
)
1280 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1281 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1285 if (!arm11
->free_brps
)
1287 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1288 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1291 if (breakpoint
->length
!= 4)
1293 LOG_DEBUG("only breakpoints of four bytes length supported");
1294 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1302 static int arm11_remove_breakpoint(struct target
*target
,
1303 struct breakpoint
*breakpoint
)
1305 struct arm11_common
*arm11
= target_to_arm11(target
);
1312 static int arm11_add_watchpoint(struct target
*target
,
1313 struct watchpoint
*watchpoint
)
1315 LOG_WARNING("Not implemented: %s", __func__
);
1320 static int arm11_remove_watchpoint(struct target
*target
,
1321 struct watchpoint
*watchpoint
)
1323 LOG_WARNING("Not implemented: %s", __func__
);
1328 // HACKHACKHACK - FIXME mode/state
1329 /* target algorithm support */
1330 static int arm11_run_algorithm(struct target
*target
,
1331 int num_mem_params
, struct mem_param
*mem_params
,
1332 int num_reg_params
, struct reg_param
*reg_params
,
1333 uint32_t entry_point
, uint32_t exit_point
,
1334 int timeout_ms
, void *arch_info
)
1336 struct arm11_common
*arm11
= target_to_arm11(target
);
1337 // enum armv4_5_state core_state = arm11->core_state;
1338 // enum armv4_5_mode core_mode = arm11->core_mode;
1339 uint32_t context
[16];
1341 int exit_breakpoint_size
= 0;
1342 int retval
= ERROR_OK
;
1343 LOG_DEBUG("Running algorithm");
1346 if (target
->state
!= TARGET_HALTED
)
1348 LOG_WARNING("target not halted");
1349 return ERROR_TARGET_NOT_HALTED
;
1353 // if (!is_arm_mode(arm11->core_mode))
1354 // return ERROR_FAIL;
1357 for (unsigned i
= 0; i
< 16; i
++)
1359 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1360 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1363 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1364 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1366 for (int i
= 0; i
< num_mem_params
; i
++)
1368 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1371 // Set register parameters
1372 for (int i
= 0; i
< num_reg_params
; i
++)
1374 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1377 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1378 return ERROR_INVALID_ARGUMENTS
;
1381 if (reg
->size
!= reg_params
[i
].size
)
1383 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1384 return ERROR_INVALID_ARGUMENTS
;
1386 arm11_set_reg(reg
,reg_params
[i
].value
);
1387 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1390 exit_breakpoint_size
= 4;
1392 /* arm11->core_state = arm11_algorithm_info->core_state;
1393 if (arm11->core_state == ARMV4_5_STATE_ARM)
1394 exit_breakpoint_size = 4;
1395 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1396 exit_breakpoint_size = 2;
1399 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1405 /* arm11 at this point only supports ARM not THUMB mode
1406 however if this test needs to be reactivated the current state can be read back
1409 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1411 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1412 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1413 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1414 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1418 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1420 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1421 retval
= ERROR_TARGET_FAILURE
;
1425 // no debug, otherwise breakpoint is not set
1426 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1428 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1430 if (target
->state
!= TARGET_HALTED
)
1432 CHECK_RETVAL(target_halt(target
));
1434 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1436 retval
= ERROR_TARGET_TIMEOUT
;
1438 goto del_breakpoint
;
1441 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1443 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1444 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1445 retval
= ERROR_TARGET_TIMEOUT
;
1446 goto del_breakpoint
;
1449 for (int i
= 0; i
< num_mem_params
; i
++)
1451 if (mem_params
[i
].direction
!= PARAM_OUT
)
1452 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1455 for (int i
= 0; i
< num_reg_params
; i
++)
1457 if (reg_params
[i
].direction
!= PARAM_OUT
)
1459 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1462 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1463 retval
= ERROR_INVALID_ARGUMENTS
;
1464 goto del_breakpoint
;
1467 if (reg
->size
!= reg_params
[i
].size
)
1469 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1470 retval
= ERROR_INVALID_ARGUMENTS
;
1471 goto del_breakpoint
;
1474 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1479 breakpoint_remove(target
, exit_point
);
1483 for (size_t i
= 0; i
< 16; i
++)
1485 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1486 arm11
->reg_list
[i
].name
, context
[i
]);
1487 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1489 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1490 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1492 // arm11->core_state = core_state;
1493 // arm11->core_mode = core_mode;
1498 static int arm11_target_create(struct target
*target
, Jim_Interp
*interp
)
1500 struct arm11_common
*arm11
;
1502 if (target
->tap
== NULL
)
1505 if (target
->tap
->ir_length
!= 5)
1507 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1508 return ERROR_COMMAND_SYNTAX_ERROR
;
1511 arm11
= calloc(1, sizeof *arm11
);
1515 armv4_5_init_arch_info(target
, &arm11
->arm
);
1517 arm11
->target
= target
;
1519 arm11
->jtag_info
.tap
= target
->tap
;
1520 arm11
->jtag_info
.scann_size
= 5;
1521 arm11
->jtag_info
.scann_instr
= ARM11_SCAN_N
;
1522 /* cur_scan_chain == 0 */
1523 arm11
->jtag_info
.intest_instr
= ARM11_INTEST
;
1528 static int arm11_init_target(struct command_context
*cmd_ctx
,
1529 struct target
*target
)
1531 /* Initialize anything we can set up without talking to the target */
1533 /* FIXME Switch to use the standard build_reg_cache() not custom
1534 * code. Do it from examine(), after we check whether we're
1535 * an arm1176 and thus support the Secure Monitor mode.
1537 return arm11_build_reg_cache(target
);
1540 /* talk to the target and set things up */
1541 static int arm11_examine(struct target
*target
)
1545 struct arm11_common
*arm11
= target_to_arm11(target
);
1546 uint32_t didr
, device_id
;
1547 uint8_t implementor
;
1549 /* FIXME split into do-first-time and do-every-time logic ... */
1553 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1555 struct scan_field idcode_field
;
1557 arm11_setup_field(arm11
, 32, NULL
, &device_id
, &idcode_field
);
1559 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1563 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1565 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1567 struct scan_field chain0_fields
[2];
1569 arm11_setup_field(arm11
, 32, NULL
, &didr
, chain0_fields
+ 0);
1570 arm11_setup_field(arm11
, 8, NULL
, &implementor
, chain0_fields
+ 1);
1572 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields
), chain0_fields
, TAP_IDLE
);
1574 CHECK_RETVAL(jtag_execute_queue());
1576 switch (device_id
& 0x0FFFF000)
1585 arm11
->arm
.core_type
= ARM_MODE_MON
;
1589 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1592 LOG_INFO("found %s", type
);
1594 /* unlikely this could ever fail, but ... */
1595 switch ((didr
>> 16) & 0x0F) {
1596 case ARM11_DEBUG_V6
:
1597 case ARM11_DEBUG_V61
: /* supports security extensions */
1600 LOG_ERROR("Only ARM v6 and v6.1 debug supported.");
1604 arm11
->brp
= ((didr
>> 24) & 0x0F) + 1;
1605 arm11
->wrp
= ((didr
>> 28) & 0x0F) + 1;
1607 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1608 arm11
->free_brps
= arm11
->brp
;
1609 arm11
->free_wrps
= arm11
->wrp
;
1611 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
,
1612 device_id
, implementor
, didr
);
1614 /* as a side-effect this reads DSCR and thus
1615 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1616 * as suggested by the spec.
1619 retval
= arm11_check_init(arm11
, NULL
);
1620 if (retval
!= ERROR_OK
)
1623 /* Build register cache "late", after target_init(), since we
1624 * want to know if this core supports Secure Monitor mode.
1626 if (!target_was_examined(target
)) {
1627 arm11_dpm_init(arm11
, didr
);
1628 retval
= arm_dpm_setup(&arm11
->dpm
);
1631 /* ETM on ARM11 still uses original scanchain 6 access mode */
1632 if (arm11
->arm
.etm
&& !target_was_examined(target
)) {
1633 *register_get_last_cache_p(&target
->reg_cache
) =
1634 etm_build_reg_cache(target
, &arm11
->jtag_info
,
1636 retval
= etm_setup(target
);
1639 target_set_examined(target
);
1645 /** Load a register that is marked !valid in the register cache */
1646 static int arm11_get_reg(struct reg
*reg
)
1648 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1650 if (target
->state
!= TARGET_HALTED
)
1652 LOG_WARNING("target was not halted");
1653 return ERROR_TARGET_NOT_HALTED
;
1656 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1659 struct arm11_common
*arm11
= target_to_arm11(target
);
1660 const struct arm11_reg_defs
*arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1666 /** Change a value in the register cache */
1667 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
)
1669 struct target
*target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1670 struct arm11_common
*arm11
= target_to_arm11(target
);
1671 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1673 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1680 static const struct reg_arch_type arm11_reg_type
= {
1681 .get
= arm11_get_reg
,
1682 .set
= arm11_set_reg
,
1685 static int arm11_build_reg_cache(struct target
*target
)
1687 struct arm11_common
*arm11
= target_to_arm11(target
);
1688 struct reg_cache
*cache
;
1689 struct reg
*reg_list
;
1690 struct arm11_reg_state
*arm11_reg_states
;
1692 cache
= calloc(1, sizeof *cache
);
1693 reg_list
= calloc(ARM11_REGCACHE_COUNT
, sizeof *reg_list
);
1694 arm11_reg_states
= calloc(ARM11_REGCACHE_COUNT
,
1695 sizeof *arm11_reg_states
);
1696 if (!cache
|| !reg_list
|| !arm11_reg_states
) {
1699 free(arm11_reg_states
);
1703 arm11
->reg_list
= reg_list
;
1705 /* Build the process context cache */
1706 cache
->name
= "arm11 registers";
1708 cache
->reg_list
= reg_list
;
1709 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1711 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1714 arm11
->core_cache
= cache
;
1715 // armv7m->process_context = cache;
1719 /* Not very elegant assertion */
1720 if (ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11
->reg_values
) ||
1721 ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11_reg_defs
) ||
1722 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1724 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d %u %u %d)",
1725 ARM11_REGCACHE_COUNT
,
1726 (unsigned) ARRAY_SIZE(arm11
->reg_values
),
1727 (unsigned) ARRAY_SIZE(arm11_reg_defs
),
1729 /* FIXME minimally, use a build_bug_on(X) mechanism;
1730 * runtime exit() here is bad!
1735 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1737 struct reg
* r
= reg_list
+ i
;
1738 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
1739 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
1743 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1746 r
->type
= &arm11_reg_type
;
1750 rs
->target
= target
;
1756 /* FIXME all these BOOL_WRAPPER things should be modifying
1757 * per-instance state, not shared state; ditto the vector
1758 * catch register support. Scan chains with multiple cores
1759 * should be able to say "work with this core like this,
1760 * that core like that". Example, ARM11 MPCore ...
1763 #define ARM11_BOOL_WRAPPER(name, print_name) \
1764 COMMAND_HANDLER(arm11_handle_bool_##name) \
1766 return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
1767 &arm11_config_##name, print_name); \
1770 ARM11_BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
1771 ARM11_BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
1772 ARM11_BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
1773 ARM11_BOOL_WRAPPER(hardware_step
, "hardware single step")
1775 COMMAND_HANDLER(arm11_handle_vcr
)
1781 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], arm11_vcr
);
1784 return ERROR_COMMAND_SYNTAX_ERROR
;
1787 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
1791 static const uint32_t arm11_coproc_instruction_limits
[] =
1793 15, /* coprocessor */
1798 0xFFFFFFFF, /* value */
1801 static int arm11_mrc_inner(struct target
*target
, int cpnum
,
1802 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
1803 uint32_t *value
, bool read
)
1806 struct arm11_common
*arm11
= target_to_arm11(target
);
1808 if (target
->state
!= TARGET_HALTED
)
1810 LOG_ERROR("Target not halted");
1814 uint32_t instr
= 0xEE000010 |
1822 instr
|= 0x00100000;
1824 retval
= arm11_run_instr_data_prepare(arm11
);
1825 if (retval
!= ERROR_OK
)
1830 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
1831 if (retval
!= ERROR_OK
)
1836 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
1837 if (retval
!= ERROR_OK
)
1841 return arm11_run_instr_data_finish(arm11
);
1844 static int arm11_mrc(struct target
*target
, int cpnum
,
1845 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
1847 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
1850 static int arm11_mcr(struct target
*target
, int cpnum
,
1851 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
1853 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
1856 static int arm11_register_commands(struct command_context
*cmd_ctx
)
1858 struct command
*top_cmd
, *mw_cmd
;
1860 armv4_5_register_commands(cmd_ctx
);
1862 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
1863 NULL
, COMMAND_ANY
, NULL
);
1865 /* "hardware_step" is only here to check if the default
1866 * simulate + breakpoint implementation is broken.
1867 * TEMPORARY! NOT DOCUMENTED!
1869 register_command(cmd_ctx
, top_cmd
, "hardware_step",
1870 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
1871 "DEBUG ONLY - Hardware single stepping"
1872 " (default: disabled)");
1874 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
1875 NULL
, COMMAND_ANY
, NULL
);
1876 register_command(cmd_ctx
, mw_cmd
, "burst",
1877 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
1878 "Enable/Disable non-standard but fast burst mode"
1879 " (default: enabled)");
1880 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
1881 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
1882 "Terminate program if transfer error was found"
1883 " (default: enabled)");
1885 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
1886 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
1887 "Enable interrupts while stepping"
1888 " (default: disabled)");
1889 register_command(cmd_ctx
, top_cmd
, "vcr",
1890 arm11_handle_vcr
, COMMAND_ANY
,
1891 "Control (Interrupt) Vector Catch Register");
1893 return etm_register_commands(cmd_ctx
);
1896 /** Holds methods for ARM11xx targets. */
1897 struct target_type arm11_target
= {
1901 .arch_state
= arm11_arch_state
,
1903 .target_request_data
= arm11_target_request_data
,
1906 .resume
= arm11_resume
,
1909 .assert_reset
= arm11_assert_reset
,
1910 .deassert_reset
= arm11_deassert_reset
,
1911 .soft_reset_halt
= arm11_soft_reset_halt
,
1913 .get_gdb_reg_list
= armv4_5_get_gdb_reg_list
,
1915 .read_memory
= arm11_read_memory
,
1916 .write_memory
= arm11_write_memory
,
1918 .bulk_write_memory
= arm11_bulk_write_memory
,
1920 .checksum_memory
= arm_checksum_memory
,
1921 .blank_check_memory
= arm_blank_check_memory
,
1923 .add_breakpoint
= arm11_add_breakpoint
,
1924 .remove_breakpoint
= arm11_remove_breakpoint
,
1925 .add_watchpoint
= arm11_add_watchpoint
,
1926 .remove_watchpoint
= arm11_remove_watchpoint
,
1928 .run_algorithm
= arm11_run_algorithm
,
1930 .register_commands
= arm11_register_commands
,
1931 .target_create
= arm11_target_create
,
1932 .init_target
= arm11_init_target
,
1933 .examine
= arm11_examine
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)