Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
gaffe in previous commit fixed. "reset run" now works again for arm7/9
[openocd.git] / src / target / arm7_9_common.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
12 * *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
17 * *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
23 #ifdef HAVE_CONFIG_H
24 #include "config.h"
25 #endif
26
27 #include "replacements.h"
28
29 #include "embeddedice.h"
30 #include "target.h"
31 #include "target_request.h"
32 #include "armv4_5.h"
33 #include "arm_jtag.h"
34 #include "jtag.h"
35 #include "log.h"
36 #include "arm7_9_common.h"
37 #include "breakpoints.h"
38
39 #include <stdlib.h>
40 #include <string.h>
41 #include <unistd.h>
42
43 #include <sys/types.h>
44 #include <sys/stat.h>
45 #include <sys/time.h>
46 #include <errno.h>
47
48 int arm7_9_debug_entry(target_t *target);
49 int arm7_9_enable_sw_bkpts(struct target_s *target);
50
51 /* command handler forward declarations */
52 int handle_arm7_9_write_xpsr_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
53 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
54 int handle_arm7_9_read_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
55 int handle_arm7_9_write_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
56 int handle_arm7_9_sw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
57 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
58 int handle_arm7_9_dbgrq_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
59 int handle_arm7_9_fast_memory_access_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
60 int handle_arm7_9_dcc_downloads_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
61 int handle_arm7_9_etm_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
62
63 int arm7_9_reinit_embeddedice(target_t *target)
64 {
65 armv4_5_common_t *armv4_5 = target->arch_info;
66 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
67
68 breakpoint_t *breakpoint = target->breakpoints;
69
70 arm7_9->wp_available = 2;
71 arm7_9->wp0_used = 0;
72 arm7_9->wp1_used = 0;
73
74 /* mark all hardware breakpoints as unset */
75 while (breakpoint)
76 {
77 if (breakpoint->type == BKPT_HARD)
78 {
79 breakpoint->set = 0;
80 }
81 breakpoint = breakpoint->next;
82 }
83
84 if (arm7_9->sw_bkpts_enabled && arm7_9->sw_bkpts_use_wp)
85 {
86 arm7_9->sw_bkpts_enabled = 0;
87 arm7_9_enable_sw_bkpts(target);
88 }
89
90 return ERROR_OK;
91 }
92
93 /* set things up after a reset / on startup */
94 int arm7_9_setup(target_t *target)
95 {
96 /* a test-logic reset have occured
97 * the EmbeddedICE registers have been reset
98 * hardware breakpoints have been cleared
99 */
100 return arm7_9_reinit_embeddedice(target);
101 }
102
103 int arm7_9_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p)
104 {
105 armv4_5_common_t *armv4_5 = target->arch_info;
106 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
107
108 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
109 {
110 return -1;
111 }
112
113 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
114 {
115 return -1;
116 }
117
118 *armv4_5_p = armv4_5;
119 *arm7_9_p = arm7_9;
120
121 return ERROR_OK;
122 }
123
124 int arm7_9_set_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
125 {
126 armv4_5_common_t *armv4_5 = target->arch_info;
127 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
128
129 if (target->state != TARGET_HALTED)
130 {
131 LOG_WARNING("target not halted");
132 return ERROR_TARGET_NOT_HALTED;
133 }
134
135 if (arm7_9->force_hw_bkpts)
136 breakpoint->type = BKPT_HARD;
137
138 if (breakpoint->set)
139 {
140 LOG_WARNING("breakpoint already set");
141 return ERROR_OK;
142 }
143
144 if (breakpoint->type == BKPT_HARD)
145 {
146 /* either an ARM (4 byte) or Thumb (2 byte) breakpoint */
147 u32 mask = (breakpoint->length == 4) ? 0x3u : 0x1u;
148 if (!arm7_9->wp0_used)
149 {
150 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], breakpoint->address);
151 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
152 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffffu);
153 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
154 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
155
156 jtag_execute_queue();
157 arm7_9->wp0_used = 1;
158 breakpoint->set = 1;
159 }
160 else if (!arm7_9->wp1_used)
161 {
162 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], breakpoint->address);
163 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
164 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffffu);
165 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
166 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
167
168 jtag_execute_queue();
169 arm7_9->wp1_used = 1;
170 breakpoint->set = 2;
171 }
172 else
173 {
174 LOG_ERROR("BUG: no hardware comparator available");
175 return ERROR_OK;
176 }
177 }
178 else if (breakpoint->type == BKPT_SOFT)
179 {
180 if (breakpoint->length == 4)
181 {
182 u32 verify = 0xffffffff;
183 /* keep the original instruction in target endianness */
184 target->type->read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr);
185 /* write the breakpoint instruction in target endianness (arm7_9->arm_bkpt is host endian) */
186 target_write_u32(target, breakpoint->address, arm7_9->arm_bkpt);
187
188 target->type->read_memory(target, breakpoint->address, 4, 1, (u8 *)&verify);
189 if (verify != arm7_9->arm_bkpt)
190 {
191 LOG_ERROR("Unable to set 32 bit software breakpoint at address %08x - check that memory is read/writable", breakpoint->address);
192 return ERROR_OK;
193 }
194 }
195 else
196 {
197 u16 verify = 0xffff;
198 /* keep the original instruction in target endianness */
199 target->type->read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr);
200 /* write the breakpoint instruction in target endianness (arm7_9->thumb_bkpt is host endian) */
201 target_write_u16(target, breakpoint->address, arm7_9->thumb_bkpt);
202
203 target->type->read_memory(target, breakpoint->address, 2, 1, (u8 *)&verify);
204 if (verify != arm7_9->thumb_bkpt)
205 {
206 LOG_ERROR("Unable to set thumb software breakpoint at address %08x - check that memory is read/writable", breakpoint->address);
207 return ERROR_OK;
208 }
209 }
210 breakpoint->set = 1;
211 }
212
213 return ERROR_OK;
214
215 }
216
217 int arm7_9_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
218 {
219 armv4_5_common_t *armv4_5 = target->arch_info;
220 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
221
222 if (target->state != TARGET_HALTED)
223 {
224 LOG_WARNING("target not halted");
225 return ERROR_TARGET_NOT_HALTED;
226 }
227
228 if (!breakpoint->set)
229 {
230 LOG_WARNING("breakpoint not set");
231 return ERROR_OK;
232 }
233
234 if (breakpoint->type == BKPT_HARD)
235 {
236 if (breakpoint->set == 1)
237 {
238 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
239 jtag_execute_queue();
240 arm7_9->wp0_used = 0;
241 }
242 else if (breakpoint->set == 2)
243 {
244 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
245 jtag_execute_queue();
246 arm7_9->wp1_used = 0;
247 }
248 breakpoint->set = 0;
249 }
250 else
251 {
252 /* restore original instruction (kept in target endianness) */
253 if (breakpoint->length == 4)
254 {
255 u32 current_instr;
256 /* check that user program as not modified breakpoint instruction */
257 target->type->read_memory(target, breakpoint->address, 4, 1, (u8*)&current_instr);
258 if (current_instr==arm7_9->arm_bkpt)
259 target->type->write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr);
260 }
261 else
262 {
263 u16 current_instr;
264 /* check that user program as not modified breakpoint instruction */
265 target->type->read_memory(target, breakpoint->address, 2, 1, (u8*)&current_instr);
266 if (current_instr==arm7_9->thumb_bkpt)
267 target->type->write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr);
268 }
269 breakpoint->set = 0;
270 }
271
272 return ERROR_OK;
273 }
274
275 int arm7_9_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
276 {
277 armv4_5_common_t *armv4_5 = target->arch_info;
278 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
279
280 if (target->state != TARGET_HALTED)
281 {
282 LOG_WARNING("target not halted");
283 return ERROR_TARGET_NOT_HALTED;
284 }
285
286 if (arm7_9->force_hw_bkpts)
287 {
288 LOG_DEBUG("forcing use of hardware breakpoint at address 0x%8.8x", breakpoint->address);
289 breakpoint->type = BKPT_HARD;
290 }
291
292 if ((breakpoint->type == BKPT_SOFT) && (arm7_9->sw_bkpts_enabled == 0))
293 {
294 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
295 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
296 }
297
298 if ((breakpoint->type == BKPT_HARD) && (arm7_9->wp_available < 1))
299 {
300 LOG_INFO("no watchpoint unit available for hardware breakpoint");
301 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
302 }
303
304 if ((breakpoint->length != 2) && (breakpoint->length != 4))
305 {
306 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
307 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
308 }
309
310 if (breakpoint->type == BKPT_HARD)
311 arm7_9->wp_available--;
312
313 return ERROR_OK;
314 }
315
316 int arm7_9_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
317 {
318 armv4_5_common_t *armv4_5 = target->arch_info;
319 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
320
321 if (target->state != TARGET_HALTED)
322 {
323 LOG_WARNING("target not halted");
324 return ERROR_TARGET_NOT_HALTED;
325 }
326
327 if (breakpoint->set)
328 {
329 arm7_9_unset_breakpoint(target, breakpoint);
330 }
331
332 if (breakpoint->type == BKPT_HARD)
333 arm7_9->wp_available++;
334
335 return ERROR_OK;
336 }
337
338 int arm7_9_set_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
339 {
340 armv4_5_common_t *armv4_5 = target->arch_info;
341 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
342 int rw_mask = 1;
343 u32 mask;
344
345 mask = watchpoint->length - 1;
346
347 if (target->state != TARGET_HALTED)
348 {
349 LOG_WARNING("target not halted");
350 return ERROR_TARGET_NOT_HALTED;
351 }
352
353 if (watchpoint->rw == WPT_ACCESS)
354 rw_mask = 0;
355 else
356 rw_mask = 1;
357
358 if (!arm7_9->wp0_used)
359 {
360 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], watchpoint->address);
361 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
362 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], watchpoint->mask);
363 if( watchpoint->mask != 0xffffffffu )
364 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], watchpoint->value);
365 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
366 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
367
368 jtag_execute_queue();
369 watchpoint->set = 1;
370 arm7_9->wp0_used = 2;
371 }
372 else if (!arm7_9->wp1_used)
373 {
374 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], watchpoint->address);
375 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
376 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], watchpoint->mask);
377 if( watchpoint->mask != 0xffffffffu )
378 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], watchpoint->value);
379 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
380 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
381
382 jtag_execute_queue();
383 watchpoint->set = 2;
384 arm7_9->wp1_used = 2;
385 }
386 else
387 {
388 LOG_ERROR("BUG: no hardware comparator available");
389 return ERROR_OK;
390 }
391
392 return ERROR_OK;
393 }
394
395 int arm7_9_unset_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
396 {
397 armv4_5_common_t *armv4_5 = target->arch_info;
398 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
399
400 if (target->state != TARGET_HALTED)
401 {
402 LOG_WARNING("target not halted");
403 return ERROR_TARGET_NOT_HALTED;
404 }
405
406 if (!watchpoint->set)
407 {
408 LOG_WARNING("breakpoint not set");
409 return ERROR_OK;
410 }
411
412 if (watchpoint->set == 1)
413 {
414 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
415 jtag_execute_queue();
416 arm7_9->wp0_used = 0;
417 }
418 else if (watchpoint->set == 2)
419 {
420 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
421 jtag_execute_queue();
422 arm7_9->wp1_used = 0;
423 }
424 watchpoint->set = 0;
425
426 return ERROR_OK;
427 }
428
429 int arm7_9_add_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
430 {
431 armv4_5_common_t *armv4_5 = target->arch_info;
432 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
433
434 if (target->state != TARGET_HALTED)
435 {
436 LOG_WARNING("target not halted");
437 return ERROR_TARGET_NOT_HALTED;
438 }
439
440 if (arm7_9->wp_available < 1)
441 {
442 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
443 }
444
445 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
446 {
447 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
448 }
449
450 arm7_9->wp_available--;
451
452 return ERROR_OK;
453 }
454
455 int arm7_9_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
456 {
457 armv4_5_common_t *armv4_5 = target->arch_info;
458 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
459
460 if (target->state != TARGET_HALTED)
461 {
462 LOG_WARNING("target not halted");
463 return ERROR_TARGET_NOT_HALTED;
464 }
465
466 if (watchpoint->set)
467 {
468 arm7_9_unset_watchpoint(target, watchpoint);
469 }
470
471 arm7_9->wp_available++;
472
473 return ERROR_OK;
474 }
475
476 int arm7_9_enable_sw_bkpts(struct target_s *target)
477 {
478 armv4_5_common_t *armv4_5 = target->arch_info;
479 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
480 int retval;
481
482 if (arm7_9->sw_bkpts_enabled)
483 return ERROR_OK;
484
485 if (arm7_9->wp_available < 1)
486 {
487 LOG_WARNING("can't enable sw breakpoints with no watchpoint unit available");
488 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
489 }
490 arm7_9->wp_available--;
491
492 if (!arm7_9->wp0_used)
493 {
494 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], arm7_9->arm_bkpt);
495 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0x0);
496 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffffu);
497 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
498 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
499 arm7_9->sw_bkpts_enabled = 1;
500 arm7_9->wp0_used = 3;
501 }
502 else if (!arm7_9->wp1_used)
503 {
504 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], arm7_9->arm_bkpt);
505 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0x0);
506 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0xffffffffu);
507 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
508 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
509 arm7_9->sw_bkpts_enabled = 2;
510 arm7_9->wp1_used = 3;
511 }
512 else
513 {
514 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
515 return ERROR_FAIL;
516 }
517
518 if ((retval = jtag_execute_queue()) != ERROR_OK)
519 {
520 LOG_ERROR("error writing EmbeddedICE registers to enable sw breakpoints");
521 return ERROR_FAIL;
522 };
523
524 return ERROR_OK;
525 }
526
527 int arm7_9_disable_sw_bkpts(struct target_s *target)
528 {
529 armv4_5_common_t *armv4_5 = target->arch_info;
530 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
531
532 if (!arm7_9->sw_bkpts_enabled)
533 return ERROR_OK;
534
535 if (arm7_9->sw_bkpts_enabled == 1)
536 {
537 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
538 arm7_9->sw_bkpts_enabled = 0;
539 arm7_9->wp0_used = 0;
540 arm7_9->wp_available++;
541 }
542 else if (arm7_9->sw_bkpts_enabled == 2)
543 {
544 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
545 arm7_9->sw_bkpts_enabled = 0;
546 arm7_9->wp1_used = 0;
547 arm7_9->wp_available++;
548 }
549
550 return ERROR_OK;
551 }
552
553 int arm7_9_execute_sys_speed(struct target_s *target)
554 {
555 int timeout;
556 int retval;
557
558 armv4_5_common_t *armv4_5 = target->arch_info;
559 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
560 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
561 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
562
563 /* set RESTART instruction */
564 jtag_add_end_state(TAP_RTI);
565 if (arm7_9->need_bypass_before_restart) {
566 arm7_9->need_bypass_before_restart = 0;
567 arm_jtag_set_instr(jtag_info, 0xf, NULL);
568 }
569 arm_jtag_set_instr(jtag_info, 0x4, NULL);
570
571 for (timeout=0; timeout<50; timeout++)
572 {
573 /* read debug status register */
574 embeddedice_read_reg(dbg_stat);
575 if ((retval = jtag_execute_queue()) != ERROR_OK)
576 return retval;
577 if ((buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
578 && (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_SYSCOMP, 1)))
579 break;
580 usleep(100000);
581 }
582 if (timeout == 50)
583 {
584 LOG_ERROR("timeout waiting for SYSCOMP & DBGACK, last DBG_STATUS: %x", buf_get_u32(dbg_stat->value, 0, dbg_stat->size));
585 return ERROR_TARGET_TIMEOUT;
586 }
587
588 return ERROR_OK;
589 }
590
591 int arm7_9_execute_fast_sys_speed(struct target_s *target)
592 {
593 static int set=0;
594 static u8 check_value[4], check_mask[4];
595
596 armv4_5_common_t *armv4_5 = target->arch_info;
597 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
598 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
599 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
600
601 /* set RESTART instruction */
602 jtag_add_end_state(TAP_RTI);
603 if (arm7_9->need_bypass_before_restart) {
604 arm7_9->need_bypass_before_restart = 0;
605 arm_jtag_set_instr(jtag_info, 0xf, NULL);
606 }
607 arm_jtag_set_instr(jtag_info, 0x4, NULL);
608
609 if (!set)
610 {
611 /* check for DBGACK and SYSCOMP set (others don't care) */
612
613 /* NB! These are constants that must be available until after next jtag_execute() and
614 we evaluate the values upon first execution in lieu of setting up these constants
615 during early setup.
616 */
617 buf_set_u32(check_value, 0, 32, 0x9);
618 buf_set_u32(check_mask, 0, 32, 0x9);
619 set=1;
620 }
621
622 /* read debug status register */
623 embeddedice_read_reg_w_check(dbg_stat, check_value, check_value);
624
625 return ERROR_OK;
626 }
627
628 int arm7_9_target_request_data(target_t *target, u32 size, u8 *buffer)
629 {
630 armv4_5_common_t *armv4_5 = target->arch_info;
631 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
632 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
633 u32 *data;
634 int i;
635
636 data = malloc(size * (sizeof(u32)));
637
638 embeddedice_receive(jtag_info, data, size);
639
640 for (i = 0; i < size; i++)
641 {
642 h_u32_to_le(buffer + (i * 4), data[i]);
643 }
644
645 free(data);
646
647 return ERROR_OK;
648 }
649
650 int arm7_9_handle_target_request(void *priv)
651 {
652 target_t *target = priv;
653 if (!target->type->examined)
654 return ERROR_OK;
655 armv4_5_common_t *armv4_5 = target->arch_info;
656 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
657 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
658 reg_t *dcc_control = &arm7_9->eice_cache->reg_list[EICE_COMMS_CTRL];
659
660
661 if (!target->dbg_msg_enabled)
662 return ERROR_OK;
663
664 if (target->state == TARGET_RUNNING)
665 {
666 /* read DCC control register */
667 embeddedice_read_reg(dcc_control);
668 jtag_execute_queue();
669
670 /* check W bit */
671 if (buf_get_u32(dcc_control->value, 1, 1) == 1)
672 {
673 u32 request;
674
675 embeddedice_receive(jtag_info, &request, 1);
676 target_request(target, request);
677 }
678 }
679
680 return ERROR_OK;
681 }
682
683 int arm7_9_poll(target_t *target)
684 {
685 int retval;
686 armv4_5_common_t *armv4_5 = target->arch_info;
687 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
688 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
689
690 /* read debug status register */
691 embeddedice_read_reg(dbg_stat);
692 if ((retval = jtag_execute_queue()) != ERROR_OK)
693 {
694 return retval;
695 }
696
697 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
698 {
699 /* LOG_DEBUG("DBGACK set, dbg_state->value: 0x%x", buf_get_u32(dbg_stat->value, 0, 32));*/
700 if (target->state == TARGET_UNKNOWN)
701 {
702 target->state = TARGET_RUNNING;
703 LOG_WARNING("DBGACK set while target was in unknown state. Reset or initialize target.");
704 }
705 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_RESET))
706 {
707 int check_pc=0;
708 if (target->state == TARGET_RESET)
709 {
710 if (target->reset_halt)
711 {
712 if ((jtag_reset_config & RESET_SRST_PULLS_TRST)==0)
713 {
714 check_pc = 1;
715 }
716 }
717 }
718
719 target->state = TARGET_HALTED;
720
721 if ((retval = arm7_9_debug_entry(target)) != ERROR_OK)
722 return retval;
723
724 if (check_pc)
725 {
726 reg_t *reg = register_get_by_name(target->reg_cache, "pc", 1);
727 u32 t=*((u32 *)reg->value);
728 if (t!=0)
729 {
730 LOG_ERROR("PC was not 0. Does this target need srst_pulls_trst?");
731 }
732 }
733
734 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
735 }
736 if (target->state == TARGET_DEBUG_RUNNING)
737 {
738 target->state = TARGET_HALTED;
739 if ((retval = arm7_9_debug_entry(target)) != ERROR_OK)
740 return retval;
741
742 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
743 }
744 if (target->state != TARGET_HALTED)
745 {
746 LOG_WARNING("DBGACK set, but the target did not end up in the halted stated %d", target->state);
747 }
748 }
749 else
750 {
751 if (target->state != TARGET_DEBUG_RUNNING)
752 target->state = TARGET_RUNNING;
753 }
754
755 return ERROR_OK;
756 }
757
758 /*
759 Some -S targets (ARM966E-S in the STR912 isn't affected, ARM926EJ-S
760 in the LPC3180 and AT91SAM9260 is affected) completely stop the JTAG clock
761 while the core is held in reset(SRST). It isn't possible to program the halt
762 condition once reset was asserted, hence a hook that allows the target to set
763 up its reset-halt condition prior to asserting reset.
764 */
765
766 int arm7_9_assert_reset(target_t *target)
767 {
768 armv4_5_common_t *armv4_5 = target->arch_info;
769 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
770 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
771
772 if (!(jtag_reset_config & RESET_HAS_SRST))
773 {
774 LOG_ERROR("Can't assert SRST");
775 return ERROR_FAIL;
776 }
777
778 if (target->reset_halt)
779 {
780 /*
781 * Some targets do not support communication while SRST is asserted. We need to
782 * set up the reset vector catch here.
783 *
784 * If TRST is asserted, then these settings will be reset anyway, so setting them
785 * here is harmless.
786 */
787 if (arm7_9->has_vector_catch)
788 {
789 /* program vector catch register to catch reset vector */
790 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH], 0x1);
791 }
792 else
793 {
794 /* program watchpoint unit to match on reset vector address */
795 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], 0x0);
796 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0x3);
797 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
798 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
799 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
800 }
801 }
802
803 /* here we should issue a srst only, but we may have to assert trst as well */
804 if (jtag_reset_config & RESET_SRST_PULLS_TRST)
805 {
806 jtag_add_reset(1, 1);
807 } else
808 {
809 jtag_add_reset(0, 1);
810 }
811
812
813 target->state = TARGET_RESET;
814 jtag_add_sleep(50000);
815
816 armv4_5_invalidate_core_regs(target);
817
818 if ((target->reset_halt)&&((jtag_reset_config & RESET_SRST_PULLS_TRST)==0))
819 {
820 /* debug entry was already prepared in arm7_9_assert_reset() */
821 target->debug_reason = DBG_REASON_DBGRQ;
822 }
823
824 return ERROR_OK;
825
826 }
827
828 int arm7_9_deassert_reset(target_t *target)
829 {
830 int retval=ERROR_OK;
831 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
832
833 /* deassert reset lines */
834 jtag_add_reset(0, 0);
835
836 if (target->reset_halt&&(jtag_reset_config & RESET_SRST_PULLS_TRST)!=0)
837 {
838 LOG_WARNING("srst pulls trst - can not reset into halted mode. Issuing halt after reset.");
839 /* set up embedded ice registers again */
840 if ((retval=target->type->examine(target))!=ERROR_OK)
841 return retval;
842
843 if ((retval=target_poll(target))!=ERROR_OK)
844 {
845 return retval;
846 }
847
848 if ((retval=target_halt(target))!=ERROR_OK)
849 {
850 return retval;
851 }
852
853 }
854 return retval;
855 }
856
857 int arm7_9_clear_halt(target_t *target)
858 {
859 armv4_5_common_t *armv4_5 = target->arch_info;
860 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
861 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
862
863 /* we used DBGRQ only if we didn't come out of reset */
864 if (!arm7_9->debug_entry_from_reset && arm7_9->use_dbgrq)
865 {
866 /* program EmbeddedICE Debug Control Register to deassert DBGRQ
867 */
868 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
869 embeddedice_store_reg(dbg_ctrl);
870 }
871 else
872 {
873 if (arm7_9->debug_entry_from_reset && arm7_9->has_vector_catch)
874 {
875 /* if we came out of reset, and vector catch is supported, we used
876 * vector catch to enter debug state
877 * restore the register in that case
878 */
879 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH]);
880 }
881 else
882 {
883 /* restore registers if watchpoint unit 0 was in use
884 */
885 if (arm7_9->wp0_used)
886 {
887 if (arm7_9->debug_entry_from_reset)
888 {
889 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE]);
890 }
891 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
892 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
893 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
894 }
895 /* control value always has to be restored, as it was either disabled,
896 * or enabled with possibly different bits
897 */
898 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
899 }
900 }
901
902 return ERROR_OK;
903 }
904
905 int arm7_9_soft_reset_halt(struct target_s *target)
906 {
907 armv4_5_common_t *armv4_5 = target->arch_info;
908 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
909 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
910 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
911 int i;
912 int retval;
913
914 if ((retval=target_halt(target))!=ERROR_OK)
915 return retval;
916
917 for (i=0; i<10; i++)
918 {
919 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) != 0)
920 break;
921 embeddedice_read_reg(dbg_stat);
922 if ((retval=jtag_execute_queue())!=ERROR_OK)
923 return retval;
924 /* do not eat all CPU, time out after 1 se*/
925 usleep(100*1000);
926
927 }
928 if (i==10)
929 {
930 LOG_ERROR("Failed to halt CPU after 1 sec");
931 return ERROR_TARGET_TIMEOUT;
932 }
933 target->state = TARGET_HALTED;
934
935 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
936 * ensure that DBGRQ is cleared
937 */
938 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
939 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
940 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
941 embeddedice_store_reg(dbg_ctrl);
942
943 arm7_9_clear_halt(target);
944
945 /* if the target is in Thumb state, change to ARM state */
946 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1))
947 {
948 u32 r0_thumb, pc_thumb;
949 LOG_DEBUG("target entered debug from Thumb state, changing to ARM");
950 /* Entered debug from Thumb mode */
951 armv4_5->core_state = ARMV4_5_STATE_THUMB;
952 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
953 }
954
955 /* all register content is now invalid */
956 armv4_5_invalidate_core_regs(target);
957
958 /* SVC, ARM state, IRQ and FIQ disabled */
959 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
960 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
961 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
962
963 /* start fetching from 0x0 */
964 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
965 armv4_5->core_cache->reg_list[15].dirty = 1;
966 armv4_5->core_cache->reg_list[15].valid = 1;
967
968 armv4_5->core_mode = ARMV4_5_MODE_SVC;
969 armv4_5->core_state = ARMV4_5_STATE_ARM;
970
971 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
972 return ERROR_FAIL;
973
974 /* reset registers */
975 for (i = 0; i <= 14; i++)
976 {
977 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, 0xffffffff);
978 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 1;
979 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
980 }
981
982 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
983
984 return ERROR_OK;
985 }
986
987 int arm7_9_halt(target_t *target)
988 {
989 if (target->state==TARGET_RESET)
990 {
991 LOG_ERROR("BUG: arm7/9 does not support halt during reset. This is handled in arm7_9_assert_reset()");
992 return ERROR_OK;
993 }
994
995 armv4_5_common_t *armv4_5 = target->arch_info;
996 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
997 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
998
999 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
1000
1001 if (target->state == TARGET_HALTED)
1002 {
1003 LOG_DEBUG("target was already halted");
1004 return ERROR_OK;
1005 }
1006
1007 if (target->state == TARGET_UNKNOWN)
1008 {
1009 LOG_WARNING("target was in unknown state when halt was requested");
1010 }
1011
1012 if (arm7_9->use_dbgrq)
1013 {
1014 /* program EmbeddedICE Debug Control Register to assert DBGRQ
1015 */
1016 if (arm7_9->set_special_dbgrq) {
1017 arm7_9->set_special_dbgrq(target);
1018 } else {
1019 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 1);
1020 embeddedice_store_reg(dbg_ctrl);
1021 }
1022 }
1023 else
1024 {
1025 /* program watchpoint unit to match on any address
1026 */
1027 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1028 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1029 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1030 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1031 }
1032
1033 target->debug_reason = DBG_REASON_DBGRQ;
1034
1035 return ERROR_OK;
1036 }
1037
1038 int arm7_9_debug_entry(target_t *target)
1039 {
1040 int i;
1041 u32 context[16];
1042 u32* context_p[16];
1043 u32 r0_thumb, pc_thumb;
1044 u32 cpsr;
1045 int retval;
1046 /* get pointers to arch-specific information */
1047 armv4_5_common_t *armv4_5 = target->arch_info;
1048 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1049 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1050 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1051
1052 #ifdef _DEBUG_ARM7_9_
1053 LOG_DEBUG("-");
1054 #endif
1055
1056 if (arm7_9->pre_debug_entry)
1057 arm7_9->pre_debug_entry(target);
1058
1059 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1060 * ensure that DBGRQ is cleared
1061 */
1062 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1063 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1064 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1065 embeddedice_store_reg(dbg_ctrl);
1066
1067 arm7_9_clear_halt(target);
1068
1069 if ((retval = jtag_execute_queue()) != ERROR_OK)
1070 {
1071 return retval;
1072 }
1073
1074 if ((retval = arm7_9->examine_debug_reason(target)) != ERROR_OK)
1075 return retval;
1076
1077
1078 if (target->state != TARGET_HALTED)
1079 {
1080 LOG_WARNING("target not halted");
1081 return ERROR_TARGET_NOT_HALTED;
1082 }
1083
1084 /* if the target is in Thumb state, change to ARM state */
1085 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1))
1086 {
1087 LOG_DEBUG("target entered debug from Thumb state");
1088 /* Entered debug from Thumb mode */
1089 armv4_5->core_state = ARMV4_5_STATE_THUMB;
1090 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1091 LOG_DEBUG("r0_thumb: 0x%8.8x, pc_thumb: 0x%8.8x", r0_thumb, pc_thumb);
1092 }
1093 else
1094 {
1095 LOG_DEBUG("target entered debug from ARM state");
1096 /* Entered debug from ARM mode */
1097 armv4_5->core_state = ARMV4_5_STATE_ARM;
1098 }
1099
1100 for (i = 0; i < 16; i++)
1101 context_p[i] = &context[i];
1102 /* save core registers (r0 - r15 of current core mode) */
1103 arm7_9->read_core_regs(target, 0xffff, context_p);
1104
1105 arm7_9->read_xpsr(target, &cpsr, 0);
1106
1107 if ((retval = jtag_execute_queue()) != ERROR_OK)
1108 return retval;
1109
1110 /* if the core has been executing in Thumb state, set the T bit */
1111 if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1112 cpsr |= 0x20;
1113
1114 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, cpsr);
1115 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 0;
1116 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
1117
1118 armv4_5->core_mode = cpsr & 0x1f;
1119
1120 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
1121 {
1122 target->state = TARGET_UNKNOWN;
1123 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1124 return ERROR_TARGET_FAILURE;
1125 }
1126
1127 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
1128
1129 if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1130 {
1131 LOG_DEBUG("thumb state, applying fixups");
1132 context[0] = r0_thumb;
1133 context[15] = pc_thumb;
1134 } else if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1135 {
1136 /* adjust value stored by STM */
1137 context[15] -= 3 * 4;
1138 }
1139
1140 if ((target->debug_reason == DBG_REASON_BREAKPOINT)
1141 || (target->debug_reason == DBG_REASON_SINGLESTEP)
1142 || (target->debug_reason == DBG_REASON_WATCHPOINT)
1143 || (target->debug_reason == DBG_REASON_WPTANDBKPT)
1144 || ((target->debug_reason == DBG_REASON_DBGRQ) && (arm7_9->use_dbgrq == 0)))
1145 context[15] -= 3 * ((armv4_5->core_state == ARMV4_5_STATE_ARM) ? 4 : 2);
1146 else if (target->debug_reason == DBG_REASON_DBGRQ)
1147 context[15] -= arm7_9->dbgreq_adjust_pc * ((armv4_5->core_state == ARMV4_5_STATE_ARM) ? 4 : 2);
1148 else
1149 {
1150 LOG_ERROR("unknown debug reason: %i", target->debug_reason);
1151 }
1152
1153 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1154 return ERROR_FAIL;
1155
1156 for (i=0; i<=15; i++)
1157 {
1158 LOG_DEBUG("r%i: 0x%8.8x", i, context[i]);
1159 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, context[i]);
1160 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1161 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1162 }
1163
1164 LOG_DEBUG("entered debug state at PC 0x%x", context[15]);
1165
1166 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1167 return ERROR_FAIL;
1168
1169 /* exceptions other than USR & SYS have a saved program status register */
1170 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
1171 {
1172 u32 spsr;
1173 arm7_9->read_xpsr(target, &spsr, 1);
1174 jtag_execute_queue();
1175 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, spsr);
1176 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1177 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1178 }
1179
1180 /* r0 and r15 (pc) have to be restored later */
1181 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1182 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 15).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 15).valid;
1183
1184 if ((retval = jtag_execute_queue()) != ERROR_OK)
1185 return retval;
1186
1187 if (arm7_9->post_debug_entry)
1188 arm7_9->post_debug_entry(target);
1189
1190 return ERROR_OK;
1191 }
1192
1193 int arm7_9_full_context(target_t *target)
1194 {
1195 int i;
1196 int retval;
1197 armv4_5_common_t *armv4_5 = target->arch_info;
1198 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1199
1200 LOG_DEBUG("-");
1201
1202 if (target->state != TARGET_HALTED)
1203 {
1204 LOG_WARNING("target not halted");
1205 return ERROR_TARGET_NOT_HALTED;
1206 }
1207
1208 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1209 return ERROR_FAIL;
1210
1211 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1212 * SYS shares registers with User, so we don't touch SYS
1213 */
1214 for(i = 0; i < 6; i++)
1215 {
1216 u32 mask = 0;
1217 u32* reg_p[16];
1218 int j;
1219 int valid = 1;
1220
1221 /* check if there are invalid registers in the current mode
1222 */
1223 for (j = 0; j <= 16; j++)
1224 {
1225 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1226 valid = 0;
1227 }
1228
1229 if (!valid)
1230 {
1231 u32 tmp_cpsr;
1232
1233 /* change processor mode (and mask T bit) */
1234 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1235 tmp_cpsr |= armv4_5_number_to_mode(i);
1236 tmp_cpsr &= ~0x20;
1237 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1238
1239 for (j = 0; j < 15; j++)
1240 {
1241 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1242 {
1243 reg_p[j] = (u32*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value;
1244 mask |= 1 << j;
1245 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1246 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1247 }
1248 }
1249
1250 /* if only the PSR is invalid, mask is all zeroes */
1251 if (mask)
1252 arm7_9->read_core_regs(target, mask, reg_p);
1253
1254 /* check if the PSR has to be read */
1255 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid == 0)
1256 {
1257 arm7_9->read_xpsr(target, (u32*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).value, 1);
1258 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1259 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1260 }
1261 }
1262 }
1263
1264 /* restore processor mode (mask T bit) */
1265 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1266
1267 if ((retval = jtag_execute_queue()) != ERROR_OK)
1268 {
1269 return retval;
1270 }
1271 return ERROR_OK;
1272 }
1273
1274 int arm7_9_restore_context(target_t *target)
1275 {
1276 armv4_5_common_t *armv4_5 = target->arch_info;
1277 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1278 reg_t *reg;
1279 armv4_5_core_reg_t *reg_arch_info;
1280 enum armv4_5_mode current_mode = armv4_5->core_mode;
1281 int i, j;
1282 int dirty;
1283 int mode_change;
1284
1285 LOG_DEBUG("-");
1286
1287 if (target->state != TARGET_HALTED)
1288 {
1289 LOG_WARNING("target not halted");
1290 return ERROR_TARGET_NOT_HALTED;
1291 }
1292
1293 if (arm7_9->pre_restore_context)
1294 arm7_9->pre_restore_context(target);
1295
1296 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1297 return ERROR_FAIL;
1298
1299 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1300 * SYS shares registers with User, so we don't touch SYS
1301 */
1302 for (i = 0; i < 6; i++)
1303 {
1304 LOG_DEBUG("examining %s mode", armv4_5_mode_strings[i]);
1305 dirty = 0;
1306 mode_change = 0;
1307 /* check if there are dirty registers in the current mode
1308 */
1309 for (j = 0; j <= 16; j++)
1310 {
1311 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j);
1312 reg_arch_info = reg->arch_info;
1313 if (reg->dirty == 1)
1314 {
1315 if (reg->valid == 1)
1316 {
1317 dirty = 1;
1318 LOG_DEBUG("examining dirty reg: %s", reg->name);
1319 if ((reg_arch_info->mode != ARMV4_5_MODE_ANY)
1320 && (reg_arch_info->mode != current_mode)
1321 && !((reg_arch_info->mode == ARMV4_5_MODE_USR) && (armv4_5->core_mode == ARMV4_5_MODE_SYS))
1322 && !((reg_arch_info->mode == ARMV4_5_MODE_SYS) && (armv4_5->core_mode == ARMV4_5_MODE_USR)))
1323 {
1324 mode_change = 1;
1325 LOG_DEBUG("require mode change");
1326 }
1327 }
1328 else
1329 {
1330 LOG_ERROR("BUG: dirty register '%s', but no valid data", reg->name);
1331 }
1332 }
1333 }
1334
1335 if (dirty)
1336 {
1337 u32 mask = 0x0;
1338 int num_regs = 0;
1339 u32 regs[16];
1340
1341 if (mode_change)
1342 {
1343 u32 tmp_cpsr;
1344
1345 /* change processor mode (mask T bit) */
1346 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1347 tmp_cpsr |= armv4_5_number_to_mode(i);
1348 tmp_cpsr &= ~0x20;
1349 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1350 current_mode = armv4_5_number_to_mode(i);
1351 }
1352
1353 for (j = 0; j <= 14; j++)
1354 {
1355 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j);
1356 reg_arch_info = reg->arch_info;
1357
1358
1359 if (reg->dirty == 1)
1360 {
1361 regs[j] = buf_get_u32(reg->value, 0, 32);
1362 mask |= 1 << j;
1363 num_regs++;
1364 reg->dirty = 0;
1365 reg->valid = 1;
1366 LOG_DEBUG("writing register %i of mode %s with value 0x%8.8x", j, armv4_5_mode_strings[i], regs[j]);
1367 }
1368 }
1369
1370 if (mask)
1371 {
1372 arm7_9->write_core_regs(target, mask, regs);
1373 }
1374
1375 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16);
1376 reg_arch_info = reg->arch_info;
1377 if ((reg->dirty) && (reg_arch_info->mode != ARMV4_5_MODE_ANY))
1378 {
1379 LOG_DEBUG("writing SPSR of mode %i with value 0x%8.8x", i, buf_get_u32(reg->value, 0, 32));
1380 arm7_9->write_xpsr(target, buf_get_u32(reg->value, 0, 32), 1);
1381 }
1382 }
1383 }
1384
1385 if ((armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty == 0) && (armv4_5->core_mode != current_mode))
1386 {
1387 /* restore processor mode (mask T bit) */
1388 u32 tmp_cpsr;
1389
1390 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1391 tmp_cpsr |= armv4_5_number_to_mode(i);
1392 tmp_cpsr &= ~0x20;
1393 LOG_DEBUG("writing lower 8 bit of cpsr with value 0x%2.2x", tmp_cpsr);
1394 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1395 }
1396 else if (armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty == 1)
1397 {
1398 /* CPSR has been changed, full restore necessary (mask T bit) */
1399 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1400 arm7_9->write_xpsr(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32) & ~0x20, 0);
1401 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 0;
1402 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
1403 }
1404
1405 /* restore PC */
1406 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1407 arm7_9->write_pc(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1408 armv4_5->core_cache->reg_list[15].dirty = 0;
1409
1410 if (arm7_9->post_restore_context)
1411 arm7_9->post_restore_context(target);
1412
1413 return ERROR_OK;
1414 }
1415
1416 int arm7_9_restart_core(struct target_s *target)
1417 {
1418 armv4_5_common_t *armv4_5 = target->arch_info;
1419 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1420 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
1421
1422 /* set RESTART instruction */
1423 jtag_add_end_state(TAP_RTI);
1424 if (arm7_9->need_bypass_before_restart) {
1425 arm7_9->need_bypass_before_restart = 0;
1426 arm_jtag_set_instr(jtag_info, 0xf, NULL);
1427 }
1428 arm_jtag_set_instr(jtag_info, 0x4, NULL);
1429
1430 jtag_add_runtest(1, TAP_RTI);
1431 return jtag_execute_queue();
1432 }
1433
1434 void arm7_9_enable_watchpoints(struct target_s *target)
1435 {
1436 watchpoint_t *watchpoint = target->watchpoints;
1437
1438 while (watchpoint)
1439 {
1440 if (watchpoint->set == 0)
1441 arm7_9_set_watchpoint(target, watchpoint);
1442 watchpoint = watchpoint->next;
1443 }
1444 }
1445
1446 void arm7_9_enable_breakpoints(struct target_s *target)
1447 {
1448 breakpoint_t *breakpoint = target->breakpoints;
1449
1450 /* set any pending breakpoints */
1451 while (breakpoint)
1452 {
1453 if (breakpoint->set == 0)
1454 arm7_9_set_breakpoint(target, breakpoint);
1455 breakpoint = breakpoint->next;
1456 }
1457 }
1458
1459 void arm7_9_disable_bkpts_and_wpts(struct target_s *target)
1460 {
1461 breakpoint_t *breakpoint = target->breakpoints;
1462 watchpoint_t *watchpoint = target->watchpoints;
1463
1464 /* set any pending breakpoints */
1465 while (breakpoint)
1466 {
1467 if (breakpoint->set != 0)
1468 arm7_9_unset_breakpoint(target, breakpoint);
1469 breakpoint = breakpoint->next;
1470 }
1471
1472 while (watchpoint)
1473 {
1474 if (watchpoint->set != 0)
1475 arm7_9_unset_watchpoint(target, watchpoint);
1476 watchpoint = watchpoint->next;
1477 }
1478 }
1479
1480 int arm7_9_resume(struct target_s *target, int current, u32 address, int handle_breakpoints, int debug_execution)
1481 {
1482 armv4_5_common_t *armv4_5 = target->arch_info;
1483 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1484 breakpoint_t *breakpoint = target->breakpoints;
1485 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1486 int err;
1487
1488 LOG_DEBUG("-");
1489
1490 if (target->state != TARGET_HALTED)
1491 {
1492 LOG_WARNING("target not halted");
1493 return ERROR_TARGET_NOT_HALTED;
1494 }
1495
1496 if (!debug_execution)
1497 {
1498 target_free_all_working_areas(target);
1499 }
1500
1501 /* current = 1: continue on current pc, otherwise continue at <address> */
1502 if (!current)
1503 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1504
1505 /* the front-end may request us not to handle breakpoints */
1506 if (handle_breakpoints)
1507 {
1508 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1509 {
1510 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
1511 arm7_9_unset_breakpoint(target, breakpoint);
1512
1513 LOG_DEBUG("enable single-step");
1514 arm7_9->enable_single_step(target);
1515
1516 target->debug_reason = DBG_REASON_SINGLESTEP;
1517
1518 arm7_9_restore_context(target);
1519
1520 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1521 arm7_9->branch_resume(target);
1522 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1523 {
1524 arm7_9->branch_resume_thumb(target);
1525 }
1526 else
1527 {
1528 LOG_ERROR("unhandled core state");
1529 return ERROR_FAIL;
1530 }
1531
1532 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1533 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1534 err = arm7_9_execute_sys_speed(target);
1535
1536 LOG_DEBUG("disable single-step");
1537 arm7_9->disable_single_step(target);
1538
1539 if (err != ERROR_OK)
1540 {
1541 arm7_9_set_breakpoint(target, breakpoint);
1542 target->state = TARGET_UNKNOWN;
1543 return err;
1544 }
1545
1546 arm7_9_debug_entry(target);
1547 LOG_DEBUG("new PC after step: 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1548
1549 LOG_DEBUG("set breakpoint at 0x%8.8x", breakpoint->address);
1550 arm7_9_set_breakpoint(target, breakpoint);
1551 }
1552 }
1553
1554 /* enable any pending breakpoints and watchpoints */
1555 arm7_9_enable_breakpoints(target);
1556 arm7_9_enable_watchpoints(target);
1557
1558 arm7_9_restore_context(target);
1559
1560 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1561 {
1562 arm7_9->branch_resume(target);
1563 }
1564 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1565 {
1566 arm7_9->branch_resume_thumb(target);
1567 }
1568 else
1569 {
1570 LOG_ERROR("unhandled core state");
1571 return ERROR_FAIL;
1572 }
1573
1574 /* deassert DBGACK and INTDIS */
1575 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1576 /* INTDIS only when we really resume, not during debug execution */
1577 if (!debug_execution)
1578 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 0);
1579 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1580
1581 arm7_9_restart_core(target);
1582
1583 target->debug_reason = DBG_REASON_NOTHALTED;
1584
1585 if (!debug_execution)
1586 {
1587 /* registers are now invalid */
1588 armv4_5_invalidate_core_regs(target);
1589 target->state = TARGET_RUNNING;
1590 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1591 }
1592 else
1593 {
1594 target->state = TARGET_DEBUG_RUNNING;
1595 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1596 }
1597
1598 LOG_DEBUG("target resumed");
1599
1600 return ERROR_OK;
1601 }
1602
1603 void arm7_9_enable_eice_step(target_t *target)
1604 {
1605 armv4_5_common_t *armv4_5 = target->arch_info;
1606 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1607
1608 /* setup an inverse breakpoint on the current PC
1609 * - comparator 1 matches the current address
1610 * - rangeout from comparator 1 is connected to comparator 0 rangein
1611 * - comparator 0 matches any address, as long as rangein is low */
1612 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1613 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1614 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1615 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~(EICE_W_CTRL_RANGE|EICE_W_CTRL_nOPC) & 0xff);
1616 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1617 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1618 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1619 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
1620 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1621 }
1622
1623 void arm7_9_disable_eice_step(target_t *target)
1624 {
1625 armv4_5_common_t *armv4_5 = target->arch_info;
1626 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1627
1628 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
1629 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
1630 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1631 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
1632 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE]);
1633 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK]);
1634 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK]);
1635 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK]);
1636 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE]);
1637 }
1638
1639 int arm7_9_step(struct target_s *target, int current, u32 address, int handle_breakpoints)
1640 {
1641 armv4_5_common_t *armv4_5 = target->arch_info;
1642 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1643 breakpoint_t *breakpoint = NULL;
1644 int err;
1645
1646 if (target->state != TARGET_HALTED)
1647 {
1648 LOG_WARNING("target not halted");
1649 return ERROR_TARGET_NOT_HALTED;
1650 }
1651
1652 /* current = 1: continue on current pc, otherwise continue at <address> */
1653 if (!current)
1654 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1655
1656 /* the front-end may request us not to handle breakpoints */
1657 if (handle_breakpoints)
1658 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1659 arm7_9_unset_breakpoint(target, breakpoint);
1660
1661 target->debug_reason = DBG_REASON_SINGLESTEP;
1662
1663 arm7_9_restore_context(target);
1664
1665 arm7_9->enable_single_step(target);
1666
1667 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1668 {
1669 arm7_9->branch_resume(target);
1670 }
1671 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1672 {
1673 arm7_9->branch_resume_thumb(target);
1674 }
1675 else
1676 {
1677 LOG_ERROR("unhandled core state");
1678 return ERROR_FAIL;
1679 }
1680
1681 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1682
1683 err = arm7_9_execute_sys_speed(target);
1684 arm7_9->disable_single_step(target);
1685
1686 /* registers are now invalid */
1687 armv4_5_invalidate_core_regs(target);
1688
1689 if (err != ERROR_OK)
1690 {
1691 target->state = TARGET_UNKNOWN;
1692 } else {
1693 arm7_9_debug_entry(target);
1694 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1695 LOG_DEBUG("target stepped");
1696 }
1697
1698 if (breakpoint)
1699 arm7_9_set_breakpoint(target, breakpoint);
1700
1701 return err;
1702
1703 }
1704
1705 int arm7_9_read_core_reg(struct target_s *target, int num, enum armv4_5_mode mode)
1706 {
1707 u32* reg_p[16];
1708 u32 value;
1709 int retval;
1710 armv4_5_common_t *armv4_5 = target->arch_info;
1711 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1712
1713 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1714 return ERROR_FAIL;
1715
1716 enum armv4_5_mode reg_mode = ((armv4_5_core_reg_t*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info)->mode;
1717
1718 if ((num < 0) || (num > 16))
1719 return ERROR_INVALID_ARGUMENTS;
1720
1721 if ((mode != ARMV4_5_MODE_ANY)
1722 && (mode != armv4_5->core_mode)
1723 && (reg_mode != ARMV4_5_MODE_ANY))
1724 {
1725 u32 tmp_cpsr;
1726
1727 /* change processor mode (mask T bit) */
1728 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1729 tmp_cpsr |= mode;
1730 tmp_cpsr &= ~0x20;
1731 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1732 }
1733
1734 if ((num >= 0) && (num <= 15))
1735 {
1736 /* read a normal core register */
1737 reg_p[num] = &value;
1738
1739 arm7_9->read_core_regs(target, 1 << num, reg_p);
1740 }
1741 else
1742 {
1743 /* read a program status register
1744 * if the register mode is MODE_ANY, we read the cpsr, otherwise a spsr
1745 */
1746 armv4_5_core_reg_t *arch_info = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info;
1747 int spsr = (arch_info->mode == ARMV4_5_MODE_ANY) ? 0 : 1;
1748
1749 arm7_9->read_xpsr(target, &value, spsr);
1750 }
1751
1752 if ((retval = jtag_execute_queue()) != ERROR_OK)
1753 {
1754 return retval;
1755 }
1756
1757 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
1758 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
1759 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).value, 0, 32, value);
1760
1761 if ((mode != ARMV4_5_MODE_ANY)
1762 && (mode != armv4_5->core_mode)
1763 && (reg_mode != ARMV4_5_MODE_ANY)) {
1764 /* restore processor mode (mask T bit) */
1765 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1766 }
1767
1768 return ERROR_OK;
1769
1770 }
1771
1772 int arm7_9_write_core_reg(struct target_s *target, int num, enum armv4_5_mode mode, u32 value)
1773 {
1774 u32 reg[16];
1775 armv4_5_common_t *armv4_5 = target->arch_info;
1776 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1777
1778 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1779 return ERROR_FAIL;
1780
1781 enum armv4_5_mode reg_mode = ((armv4_5_core_reg_t*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info)->mode;
1782
1783 if ((num < 0) || (num > 16))
1784 return ERROR_INVALID_ARGUMENTS;
1785
1786 if ((mode != ARMV4_5_MODE_ANY)
1787 && (mode != armv4_5->core_mode)
1788 && (reg_mode != ARMV4_5_MODE_ANY)) {
1789 u32 tmp_cpsr;
1790
1791 /* change processor mode (mask T bit) */
1792 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1793 tmp_cpsr |= mode;
1794 tmp_cpsr &= ~0x20;
1795 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1796 }
1797
1798 if ((num >= 0) && (num <= 15))
1799 {
1800 /* write a normal core register */
1801 reg[num] = value;
1802
1803 arm7_9->write_core_regs(target, 1 << num, reg);
1804 }
1805 else
1806 {
1807 /* write a program status register
1808 * if the register mode is MODE_ANY, we write the cpsr, otherwise a spsr
1809 */
1810 armv4_5_core_reg_t *arch_info = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info;
1811 int spsr = (arch_info->mode == ARMV4_5_MODE_ANY) ? 0 : 1;
1812
1813 /* if we're writing the CPSR, mask the T bit */
1814 if (!spsr)
1815 value &= ~0x20;
1816
1817 arm7_9->write_xpsr(target, value, spsr);
1818 }
1819
1820 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
1821 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
1822
1823 if ((mode != ARMV4_5_MODE_ANY)
1824 && (mode != armv4_5->core_mode)
1825 && (reg_mode != ARMV4_5_MODE_ANY)) {
1826 /* restore processor mode (mask T bit) */
1827 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1828 }
1829
1830 return jtag_execute_queue();
1831 }
1832
1833 int arm7_9_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1834 {
1835 armv4_5_common_t *armv4_5 = target->arch_info;
1836 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1837
1838 u32 reg[16];
1839 int num_accesses = 0;
1840 int thisrun_accesses;
1841 int i;
1842 u32 cpsr;
1843 int retval;
1844 int last_reg = 0;
1845
1846 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
1847
1848 if (target->state != TARGET_HALTED)
1849 {
1850 LOG_WARNING("target not halted");
1851 return ERROR_TARGET_NOT_HALTED;
1852 }
1853
1854 /* sanitize arguments */
1855 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1856 return ERROR_INVALID_ARGUMENTS;
1857
1858 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1859 return ERROR_TARGET_UNALIGNED_ACCESS;
1860
1861 /* load the base register with the address of the first word */
1862 reg[0] = address;
1863 arm7_9->write_core_regs(target, 0x1, reg);
1864
1865 switch (size)
1866 {
1867 case 4:
1868 while (num_accesses < count)
1869 {
1870 u32 reg_list;
1871 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1872 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1873
1874 if (last_reg <= thisrun_accesses)
1875 last_reg = thisrun_accesses;
1876
1877 arm7_9->load_word_regs(target, reg_list);
1878
1879 /* fast memory reads are only safe when the target is running
1880 * from a sufficiently high clock (32 kHz is usually too slow)
1881 */
1882 if (arm7_9->fast_memory_access)
1883 arm7_9_execute_fast_sys_speed(target);
1884 else
1885 arm7_9_execute_sys_speed(target);
1886
1887 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 4);
1888
1889 /* advance buffer, count number of accesses */
1890 buffer += thisrun_accesses * 4;
1891 num_accesses += thisrun_accesses;
1892 }
1893 break;
1894 case 2:
1895 while (num_accesses < count)
1896 {
1897 u32 reg_list;
1898 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1899 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1900
1901 for (i = 1; i <= thisrun_accesses; i++)
1902 {
1903 if (i > last_reg)
1904 last_reg = i;
1905 arm7_9->load_hword_reg(target, i);
1906 /* fast memory reads are only safe when the target is running
1907 * from a sufficiently high clock (32 kHz is usually too slow)
1908 */
1909 if (arm7_9->fast_memory_access)
1910 arm7_9_execute_fast_sys_speed(target);
1911 else
1912 arm7_9_execute_sys_speed(target);
1913 }
1914
1915 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 2);
1916
1917 /* advance buffer, count number of accesses */
1918 buffer += thisrun_accesses * 2;
1919 num_accesses += thisrun_accesses;
1920 }
1921 break;
1922 case 1:
1923 while (num_accesses < count)
1924 {
1925 u32 reg_list;
1926 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1927 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1928
1929 for (i = 1; i <= thisrun_accesses; i++)
1930 {
1931 if (i > last_reg)
1932 last_reg = i;
1933 arm7_9->load_byte_reg(target, i);
1934 /* fast memory reads are only safe when the target is running
1935 * from a sufficiently high clock (32 kHz is usually too slow)
1936 */
1937 if (arm7_9->fast_memory_access)
1938 arm7_9_execute_fast_sys_speed(target);
1939 else
1940 arm7_9_execute_sys_speed(target);
1941 }
1942
1943 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 1);
1944
1945 /* advance buffer, count number of accesses */
1946 buffer += thisrun_accesses * 1;
1947 num_accesses += thisrun_accesses;
1948 }
1949 break;
1950 default:
1951 LOG_ERROR("BUG: we shouldn't get here");
1952 exit(-1);
1953 break;
1954 }
1955
1956 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1957 return ERROR_FAIL;
1958
1959 for (i=0; i<=last_reg; i++)
1960 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid;
1961
1962 arm7_9->read_xpsr(target, &cpsr, 0);
1963 if ((retval = jtag_execute_queue()) != ERROR_OK)
1964 {
1965 LOG_ERROR("JTAG error while reading cpsr");
1966 return ERROR_TARGET_DATA_ABORT;
1967 }
1968
1969 if (((cpsr & 0x1f) == ARMV4_5_MODE_ABT) && (armv4_5->core_mode != ARMV4_5_MODE_ABT))
1970 {
1971 LOG_WARNING("memory read caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address, size, count);
1972
1973 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1974
1975 return ERROR_TARGET_DATA_ABORT;
1976 }
1977
1978 return ERROR_OK;
1979 }
1980
1981 int arm7_9_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1982 {
1983 armv4_5_common_t *armv4_5 = target->arch_info;
1984 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1985 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1986
1987 u32 reg[16];
1988 int num_accesses = 0;
1989 int thisrun_accesses;
1990 int i;
1991 u32 cpsr;
1992 int retval;
1993 int last_reg = 0;
1994
1995 #ifdef _DEBUG_ARM7_9_
1996 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
1997 #endif
1998
1999 if (target->state != TARGET_HALTED)
2000 {
2001 LOG_WARNING("target not halted");
2002 return ERROR_TARGET_NOT_HALTED;
2003 }
2004
2005 /* sanitize arguments */
2006 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2007 return ERROR_INVALID_ARGUMENTS;
2008
2009 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2010 return ERROR_TARGET_UNALIGNED_ACCESS;
2011
2012 /* load the base register with the address of the first word */
2013 reg[0] = address;
2014 arm7_9->write_core_regs(target, 0x1, reg);
2015
2016 /* Clear DBGACK, to make sure memory fetches work as expected */
2017 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
2018 embeddedice_store_reg(dbg_ctrl);
2019
2020 switch (size)
2021 {
2022 case 4:
2023 while (num_accesses < count)
2024 {
2025 u32 reg_list;
2026 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2027 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2028
2029 for (i = 1; i <= thisrun_accesses; i++)
2030 {
2031 if (i > last_reg)
2032 last_reg = i;
2033 reg[i] = target_buffer_get_u32(target, buffer);
2034 buffer += 4;
2035 }
2036
2037 arm7_9->write_core_regs(target, reg_list, reg);
2038
2039 arm7_9->store_word_regs(target, reg_list);
2040
2041 /* fast memory writes are only safe when the target is running
2042 * from a sufficiently high clock (32 kHz is usually too slow)
2043 */
2044 if (arm7_9->fast_memory_access)
2045 arm7_9_execute_fast_sys_speed(target);
2046 else
2047 arm7_9_execute_sys_speed(target);
2048
2049 num_accesses += thisrun_accesses;
2050 }
2051 break;
2052 case 2:
2053 while (num_accesses < count)
2054 {
2055 u32 reg_list;
2056 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2057 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2058
2059 for (i = 1; i <= thisrun_accesses; i++)
2060 {
2061 if (i > last_reg)
2062 last_reg = i;
2063 reg[i] = target_buffer_get_u16(target, buffer) & 0xffff;
2064 buffer += 2;
2065 }
2066
2067 arm7_9->write_core_regs(target, reg_list, reg);
2068
2069 for (i = 1; i <= thisrun_accesses; i++)
2070 {
2071 arm7_9->store_hword_reg(target, i);
2072
2073 /* fast memory writes are only safe when the target is running
2074 * from a sufficiently high clock (32 kHz is usually too slow)
2075 */
2076 if (arm7_9->fast_memory_access)
2077 arm7_9_execute_fast_sys_speed(target);
2078 else
2079 arm7_9_execute_sys_speed(target);
2080 }
2081
2082 num_accesses += thisrun_accesses;
2083 }
2084 break;
2085 case 1:
2086 while (num_accesses < count)
2087 {
2088 u32 reg_list;
2089 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2090 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2091
2092 for (i = 1; i <= thisrun_accesses; i++)
2093 {
2094 if (i > last_reg)
2095 last_reg = i;
2096 reg[i] = *buffer++ & 0xff;
2097 }
2098
2099 arm7_9->write_core_regs(target, reg_list, reg);
2100
2101 for (i = 1; i <= thisrun_accesses; i++)
2102 {
2103 arm7_9->store_byte_reg(target, i);
2104 /* fast memory writes are only safe when the target is running
2105 * from a sufficiently high clock (32 kHz is usually too slow)
2106 */
2107 if (arm7_9->fast_memory_access)
2108 arm7_9_execute_fast_sys_speed(target);
2109 else
2110 arm7_9_execute_sys_speed(target);
2111 }
2112
2113 num_accesses += thisrun_accesses;
2114 }
2115 break;
2116 default:
2117 LOG_ERROR("BUG: we shouldn't get here");
2118 exit(-1);
2119 break;
2120 }
2121
2122 /* Re-Set DBGACK */
2123 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
2124 embeddedice_store_reg(dbg_ctrl);
2125
2126 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
2127 return ERROR_FAIL;
2128
2129 for (i=0; i<=last_reg; i++)
2130 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid;
2131
2132 arm7_9->read_xpsr(target, &cpsr, 0);
2133 if ((retval = jtag_execute_queue()) != ERROR_OK)
2134 {
2135 LOG_ERROR("JTAG error while reading cpsr");
2136 return ERROR_TARGET_DATA_ABORT;
2137 }
2138
2139 if (((cpsr & 0x1f) == ARMV4_5_MODE_ABT) && (armv4_5->core_mode != ARMV4_5_MODE_ABT))
2140 {
2141 LOG_WARNING("memory write caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address, size, count);
2142
2143 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
2144
2145 return ERROR_TARGET_DATA_ABORT;
2146 }
2147
2148 return ERROR_OK;
2149 }
2150
2151 static const u32 dcc_code[] =
2152 {
2153 /* MRC TST BNE MRC STR B */
2154 0xee101e10, 0xe3110001, 0x0afffffc, 0xee111e10, 0xe4801004, 0xeafffff9
2155 };
2156
2157 int arm7_9_bulk_write_memory(target_t *target, u32 address, u32 count, u8 *buffer)
2158 {
2159 armv4_5_common_t *armv4_5 = target->arch_info;
2160 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
2161 enum armv4_5_state core_state = armv4_5->core_state;
2162 u32 r0 = buf_get_u32(armv4_5->core_cache->reg_list[0].value, 0, 32);
2163 u32 r1 = buf_get_u32(armv4_5->core_cache->reg_list[1].value, 0, 32);
2164 u32 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2165 int i;
2166
2167 if (!arm7_9->dcc_downloads)
2168 return target->type->write_memory(target, address, 4, count, buffer);
2169
2170 /* regrab previously allocated working_area, or allocate a new one */
2171 if (!arm7_9->dcc_working_area)
2172 {
2173 u8 dcc_code_buf[6 * 4];
2174
2175 /* make sure we have a working area */
2176 if (target_alloc_working_area(target, 24, &arm7_9->dcc_working_area) != ERROR_OK)
2177 {
2178 LOG_INFO("no working area available, falling back to memory writes");
2179 return target->type->write_memory(target, address, 4, count, buffer);
2180 }
2181
2182 /* copy target instructions to target endianness */
2183 for (i = 0; i < 6; i++)
2184 {
2185 target_buffer_set_u32(target, dcc_code_buf + i*4, dcc_code[i]);
2186 }
2187
2188 /* write DCC code to working area */
2189 target->type->write_memory(target, arm7_9->dcc_working_area->address, 4, 6, dcc_code_buf);
2190 }
2191
2192 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, address);
2193 armv4_5->core_cache->reg_list[0].valid = 1;
2194 armv4_5->core_cache->reg_list[0].dirty = 1;
2195 armv4_5->core_state = ARMV4_5_STATE_ARM;
2196
2197 arm7_9_resume(target, 0, arm7_9->dcc_working_area->address, 1, 1);
2198
2199 int little=target->endianness==TARGET_LITTLE_ENDIAN;
2200 if (count>2)
2201 {
2202 /* Handle first & last using standard embeddedice_write_reg and the middle ones w/the
2203 core function repeated.
2204 */
2205 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2206 buffer+=4;
2207
2208 embeddedice_reg_t *ice_reg = arm7_9->eice_cache->reg_list[EICE_COMMS_DATA].arch_info;
2209 u8 reg_addr = ice_reg->addr & 0x1f;
2210 int chain_pos = ice_reg->jtag_info->chain_pos;
2211
2212 embeddedice_write_dcc(chain_pos, reg_addr, buffer, little, count-2);
2213 buffer += (count-2)*4;
2214
2215 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2216 } else
2217 {
2218 for (i = 0; i < count; i++)
2219 {
2220 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2221 buffer += 4;
2222 }
2223 }
2224
2225 target_halt(target);
2226
2227 for (i=0; i<100; i++)
2228 {
2229 target_poll(target);
2230 if (target->state == TARGET_HALTED)
2231 break;
2232 usleep(1000); /* sleep 1ms */
2233 }
2234 if (i == 100)
2235 {
2236 LOG_ERROR("bulk write timed out, target not halted");
2237 return ERROR_TARGET_TIMEOUT;
2238 }
2239
2240 /* restore target state */
2241 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, r0);
2242 armv4_5->core_cache->reg_list[0].valid = 1;
2243 armv4_5->core_cache->reg_list[0].dirty = 1;
2244 buf_set_u32(armv4_5->core_cache->reg_list[1].value, 0, 32, r1);
2245 armv4_5->core_cache->reg_list[1].valid = 1;
2246 armv4_5->core_cache->reg_list[1].dirty = 1;
2247 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
2248 armv4_5->core_cache->reg_list[15].valid = 1;
2249 armv4_5->core_cache->reg_list[15].dirty = 1;
2250 armv4_5->core_state = core_state;
2251
2252 return ERROR_OK;
2253 }
2254
2255 int arm7_9_checksum_memory(struct target_s *target, u32 address, u32 count, u32* checksum)
2256 {
2257 working_area_t *crc_algorithm;
2258 armv4_5_algorithm_t armv4_5_info;
2259 reg_param_t reg_params[2];
2260 int retval;
2261
2262 u32 arm7_9_crc_code[] = {
2263 0xE1A02000, /* mov r2, r0 */
2264 0xE3E00000, /* mov r0, #0xffffffff */
2265 0xE1A03001, /* mov r3, r1 */
2266 0xE3A04000, /* mov r4, #0 */
2267 0xEA00000B, /* b ncomp */
2268 /* nbyte: */
2269 0xE7D21004, /* ldrb r1, [r2, r4] */
2270 0xE59F7030, /* ldr r7, CRC32XOR */
2271 0xE0200C01, /* eor r0, r0, r1, asl 24 */
2272 0xE3A05000, /* mov r5, #0 */
2273 /* loop: */
2274 0xE3500000, /* cmp r0, #0 */
2275 0xE1A06080, /* mov r6, r0, asl #1 */
2276 0xE2855001, /* add r5, r5, #1 */
2277 0xE1A00006, /* mov r0, r6 */
2278 0xB0260007, /* eorlt r0, r6, r7 */
2279 0xE3550008, /* cmp r5, #8 */
2280 0x1AFFFFF8, /* bne loop */
2281 0xE2844001, /* add r4, r4, #1 */
2282 /* ncomp: */
2283 0xE1540003, /* cmp r4, r3 */
2284 0x1AFFFFF1, /* bne nbyte */
2285 /* end: */
2286 0xEAFFFFFE, /* b end */
2287 0x04C11DB7 /* CRC32XOR: .word 0x04C11DB7 */
2288 };
2289
2290 int i;
2291
2292 if (target_alloc_working_area(target, sizeof(arm7_9_crc_code), &crc_algorithm) != ERROR_OK)
2293 {
2294 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2295 }
2296
2297 /* convert flash writing code into a buffer in target endianness */
2298 for (i = 0; i < (sizeof(arm7_9_crc_code)/sizeof(u32)); i++)
2299 target_write_u32(target, crc_algorithm->address + i*sizeof(u32), arm7_9_crc_code[i]);
2300
2301 armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;
2302 armv4_5_info.core_mode = ARMV4_5_MODE_SVC;
2303 armv4_5_info.core_state = ARMV4_5_STATE_ARM;
2304
2305 init_reg_param(&reg_params[0], "r0", 32, PARAM_IN_OUT);
2306 init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);
2307
2308 buf_set_u32(reg_params[0].value, 0, 32, address);
2309 buf_set_u32(reg_params[1].value, 0, 32, count);
2310
2311 if ((retval = target->type->run_algorithm(target, 0, NULL, 2, reg_params,
2312 crc_algorithm->address, crc_algorithm->address + (sizeof(arm7_9_crc_code) - 8), 20000, &armv4_5_info)) != ERROR_OK)
2313 {
2314 LOG_ERROR("error executing arm7_9 crc algorithm");
2315 destroy_reg_param(&reg_params[0]);
2316 destroy_reg_param(&reg_params[1]);
2317 target_free_working_area(target, crc_algorithm);
2318 return retval;
2319 }
2320
2321 *checksum = buf_get_u32(reg_params[0].value, 0, 32);
2322
2323 destroy_reg_param(&reg_params[0]);
2324 destroy_reg_param(&reg_params[1]);
2325
2326 target_free_working_area(target, crc_algorithm);
2327
2328 return ERROR_OK;
2329 }
2330
2331 int arm7_9_blank_check_memory(struct target_s *target, u32 address, u32 count, u32* blank)
2332 {
2333 working_area_t *erase_check_algorithm;
2334 reg_param_t reg_params[3];
2335 armv4_5_algorithm_t armv4_5_info;
2336 int retval;
2337 int i;
2338
2339 u32 erase_check_code[] =
2340 {
2341 /* loop: */
2342 0xe4d03001, /* ldrb r3, [r0], #1 */
2343 0xe0022003, /* and r2, r2, r3 */
2344 0xe2511001, /* subs r1, r1, #1 */
2345 0x1afffffb, /* bne loop */
2346 /* end: */
2347 0xeafffffe /* b end */
2348 };
2349
2350 /* make sure we have a working area */
2351 if (target_alloc_working_area(target, sizeof(erase_check_code), &erase_check_algorithm) != ERROR_OK)
2352 {
2353 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2354 }
2355
2356 /* convert flash writing code into a buffer in target endianness */
2357 for (i = 0; i < (sizeof(erase_check_code)/sizeof(u32)); i++)
2358 target_write_u32(target, erase_check_algorithm->address + i*sizeof(u32), erase_check_code[i]);
2359
2360 armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;
2361 armv4_5_info.core_mode = ARMV4_5_MODE_SVC;
2362 armv4_5_info.core_state = ARMV4_5_STATE_ARM;
2363
2364 init_reg_param(&reg_params[0], "r0", 32, PARAM_OUT);
2365 buf_set_u32(reg_params[0].value, 0, 32, address);
2366
2367 init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);
2368 buf_set_u32(reg_params[1].value, 0, 32, count);
2369
2370 init_reg_param(&reg_params[2], "r2", 32, PARAM_IN_OUT);
2371 buf_set_u32(reg_params[2].value, 0, 32, 0xff);
2372
2373 if ((retval = target->type->run_algorithm(target, 0, NULL, 3, reg_params,
2374 erase_check_algorithm->address, erase_check_algorithm->address + (sizeof(erase_check_code) - 4), 10000, &armv4_5_info)) != ERROR_OK)
2375 {
2376 destroy_reg_param(&reg_params[0]);
2377 destroy_reg_param(&reg_params[1]);
2378 destroy_reg_param(&reg_params[2]);
2379 target_free_working_area(target, erase_check_algorithm);
2380 return 0;
2381 }
2382
2383 *blank = buf_get_u32(reg_params[2].value, 0, 32);
2384
2385 destroy_reg_param(&reg_params[0]);
2386 destroy_reg_param(&reg_params[1]);
2387 destroy_reg_param(&reg_params[2]);
2388
2389 target_free_working_area(target, erase_check_algorithm);
2390
2391 return ERROR_OK;
2392 }
2393
2394 int arm7_9_register_commands(struct command_context_s *cmd_ctx)
2395 {
2396 command_t *arm7_9_cmd;
2397
2398 arm7_9_cmd = register_command(cmd_ctx, NULL, "arm7_9", NULL, COMMAND_ANY, "arm7/9 specific commands");
2399
2400 register_command(cmd_ctx, arm7_9_cmd, "write_xpsr", handle_arm7_9_write_xpsr_command, COMMAND_EXEC, "write program status register <value> <not cpsr|spsr>");
2401 register_command(cmd_ctx, arm7_9_cmd, "write_xpsr_im8", handle_arm7_9_write_xpsr_im8_command, COMMAND_EXEC, "write program status register <8bit immediate> <rotate> <not cpsr|spsr>");
2402
2403 register_command(cmd_ctx, arm7_9_cmd, "write_core_reg", handle_arm7_9_write_core_reg_command, COMMAND_EXEC, "write core register <num> <mode> <value>");
2404
2405 register_command(cmd_ctx, arm7_9_cmd, "sw_bkpts", handle_arm7_9_sw_bkpts_command, COMMAND_EXEC, "support for software breakpoints <enable|disable>");
2406 register_command(cmd_ctx, arm7_9_cmd, "force_hw_bkpts", handle_arm7_9_force_hw_bkpts_command, COMMAND_EXEC, "use hardware breakpoints for all breakpoints (disables sw breakpoint support) <enable|disable>");
2407 register_command(cmd_ctx, arm7_9_cmd, "dbgrq", handle_arm7_9_dbgrq_command,
2408 COMMAND_ANY, "use EmbeddedICE dbgrq instead of breakpoint for target halt requests <enable|disable>");
2409 register_command(cmd_ctx, arm7_9_cmd, "fast_writes", handle_arm7_9_fast_memory_access_command,
2410 COMMAND_ANY, "(deprecated, see: arm7_9 fast_memory_access)");
2411 register_command(cmd_ctx, arm7_9_cmd, "fast_memory_access", handle_arm7_9_fast_memory_access_command,
2412 COMMAND_ANY, "use fast memory accesses instead of slower but potentially unsafe slow accesses <enable|disable>");
2413 register_command(cmd_ctx, arm7_9_cmd, "dcc_downloads", handle_arm7_9_dcc_downloads_command,
2414 COMMAND_ANY, "use DCC downloads for larger memory writes <enable|disable>");
2415
2416 armv4_5_register_commands(cmd_ctx);
2417
2418 etm_register_commands(cmd_ctx);
2419
2420 return ERROR_OK;
2421 }
2422
2423 int handle_arm7_9_write_xpsr_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2424 {
2425 u32 value;
2426 int spsr;
2427 int retval;
2428 target_t *target = get_current_target(cmd_ctx);
2429 armv4_5_common_t *armv4_5;
2430 arm7_9_common_t *arm7_9;
2431
2432 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2433 {
2434 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2435 return ERROR_OK;
2436 }
2437
2438 if (target->state != TARGET_HALTED)
2439 {
2440 command_print(cmd_ctx, "can't write registers while running");
2441 return ERROR_OK;
2442 }
2443
2444 if (argc < 2)
2445 {
2446 command_print(cmd_ctx, "usage: write_xpsr <value> <not cpsr|spsr>");
2447 return ERROR_OK;
2448 }
2449
2450 value = strtoul(args[0], NULL, 0);
2451 spsr = strtol(args[1], NULL, 0);
2452
2453 /* if we're writing the CPSR, mask the T bit */
2454 if (!spsr)
2455 value &= ~0x20;
2456
2457 arm7_9->write_xpsr(target, value, spsr);
2458 if ((retval = jtag_execute_queue()) != ERROR_OK)
2459 {
2460 LOG_ERROR("JTAG error while writing to xpsr");
2461 return retval;
2462 }
2463
2464 return ERROR_OK;
2465 }
2466
2467 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2468 {
2469 u32 value;
2470 int rotate;
2471 int spsr;
2472 int retval;
2473 target_t *target = get_current_target(cmd_ctx);
2474 armv4_5_common_t *armv4_5;
2475 arm7_9_common_t *arm7_9;
2476
2477 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2478 {
2479 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2480 return ERROR_OK;
2481 }
2482
2483 if (target->state != TARGET_HALTED)
2484 {
2485 command_print(cmd_ctx, "can't write registers while running");
2486 return ERROR_OK;
2487 }
2488
2489 if (argc < 3)
2490 {
2491 command_print(cmd_ctx, "usage: write_xpsr_im8 <im8> <rotate> <not cpsr|spsr>");
2492 return ERROR_OK;
2493 }
2494
2495 value = strtoul(args[0], NULL, 0);
2496 rotate = strtol(args[1], NULL, 0);
2497 spsr = strtol(args[2], NULL, 0);
2498
2499 arm7_9->write_xpsr_im8(target, value, rotate, spsr);
2500 if ((retval = jtag_execute_queue()) != ERROR_OK)
2501 {
2502 LOG_ERROR("JTAG error while writing 8-bit immediate to xpsr");
2503 return retval;
2504 }
2505
2506 return ERROR_OK;
2507 }
2508
2509 int handle_arm7_9_write_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2510 {
2511 u32 value;
2512 u32 mode;
2513 int num;
2514 target_t *target = get_current_target(cmd_ctx);
2515 armv4_5_common_t *armv4_5;
2516 arm7_9_common_t *arm7_9;
2517
2518 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2519 {
2520 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2521 return ERROR_OK;
2522 }
2523
2524 if (target->state != TARGET_HALTED)
2525 {
2526 command_print(cmd_ctx, "can't write registers while running");
2527 return ERROR_OK;
2528 }
2529
2530 if (argc < 3)
2531 {
2532 command_print(cmd_ctx, "usage: write_core_reg <num> <mode> <value>");
2533 return ERROR_OK;
2534 }
2535
2536 num = strtol(args[0], NULL, 0);
2537 mode = strtoul(args[1], NULL, 0);
2538 value = strtoul(args[2], NULL, 0);
2539
2540 arm7_9_write_core_reg(target, num, mode, value);
2541
2542 return ERROR_OK;
2543 }
2544
2545 int handle_arm7_9_sw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2546 {
2547 target_t *target = get_current_target(cmd_ctx);
2548 armv4_5_common_t *armv4_5;
2549 arm7_9_common_t *arm7_9;
2550
2551 if (target->state != TARGET_HALTED)
2552 {
2553 LOG_ERROR("target not halted");
2554 return ERROR_TARGET_NOT_HALTED;
2555 }
2556
2557 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2558 {
2559 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2560 return ERROR_OK;
2561 }
2562
2563 if (argc == 0)
2564 {
2565 command_print(cmd_ctx, "software breakpoints %s", (arm7_9->sw_bkpts_enabled) ? "enabled" : "disabled");
2566 return ERROR_OK;
2567 }
2568
2569 if (strcmp("enable", args[0]) == 0)
2570 {
2571 if (arm7_9->sw_bkpts_use_wp)
2572 {
2573 arm7_9_enable_sw_bkpts(target);
2574 }
2575 else
2576 {
2577 arm7_9->sw_bkpts_enabled = 1;
2578 }
2579 }
2580 else if (strcmp("disable", args[0]) == 0)
2581 {
2582 if (arm7_9->sw_bkpts_use_wp)
2583 {
2584 arm7_9_disable_sw_bkpts(target);
2585 }
2586 else
2587 {
2588 arm7_9->sw_bkpts_enabled = 0;
2589 }
2590 }
2591 else
2592 {
2593 command_print(cmd_ctx, "usage: arm7_9 sw_bkpts <enable|disable>");
2594 }
2595
2596 command_print(cmd_ctx, "software breakpoints %s", (arm7_9->sw_bkpts_enabled) ? "enabled" : "disabled");
2597
2598 return ERROR_OK;
2599 }
2600
2601 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2602 {
2603 target_t *target = get_current_target(cmd_ctx);
2604 armv4_5_common_t *armv4_5;
2605 arm7_9_common_t *arm7_9;
2606
2607 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2608 {
2609 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2610 return ERROR_OK;
2611 }
2612
2613 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
2614 {
2615 arm7_9->force_hw_bkpts = 1;
2616 if (arm7_9->sw_bkpts_use_wp)
2617 {
2618 arm7_9_disable_sw_bkpts(target);
2619 }
2620 }
2621 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
2622 {
2623 arm7_9->force_hw_bkpts = 0;
2624 }
2625 else
2626 {
2627 command_print(cmd_ctx, "usage: arm7_9 force_hw_bkpts <enable|disable>");
2628 }
2629
2630 command_print(cmd_ctx, "force hardware breakpoints %s", (arm7_9->force_hw_bkpts) ? "enabled" : "disabled");
2631
2632 return ERROR_OK;
2633 }
2634
2635 int handle_arm7_9_dbgrq_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2636 {
2637 target_t *target = get_current_target(cmd_ctx);
2638 armv4_5_common_t *armv4_5;
2639 arm7_9_common_t *arm7_9;
2640
2641 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2642 {
2643 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2644 return ERROR_OK;
2645 }
2646
2647 if (argc > 0)
2648 {
2649 if (strcmp("enable", args[0]) == 0)
2650 {
2651 arm7_9->use_dbgrq = 1;
2652 }
2653 else if (strcmp("disable", args[0]) == 0)
2654 {
2655 arm7_9->use_dbgrq = 0;
2656 }
2657 else
2658 {
2659 command_print(cmd_ctx, "usage: arm7_9 dbgrq <enable|disable>");
2660 }
2661 }
2662
2663 command_print(cmd_ctx, "use of EmbeddedICE dbgrq instead of breakpoint for target halt %s", (arm7_9->use_dbgrq) ? "enabled" : "disabled");
2664
2665 return ERROR_OK;
2666 }
2667
2668 int handle_arm7_9_fast_memory_access_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2669 {
2670 target_t *target = get_current_target(cmd_ctx);
2671 armv4_5_common_t *armv4_5;
2672 arm7_9_common_t *arm7_9;
2673
2674 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2675 {
2676 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2677 return ERROR_OK;
2678 }
2679
2680 if (argc > 0)
2681 {
2682 if (strcmp("enable", args[0]) == 0)
2683 {
2684 arm7_9->fast_memory_access = 1;
2685 }
2686 else if (strcmp("disable", args[0]) == 0)
2687 {
2688 arm7_9->fast_memory_access = 0;
2689 }
2690 else
2691 {
2692 command_print(cmd_ctx, "usage: arm7_9 fast_memory_access <enable|disable>");
2693 }
2694 }
2695
2696 command_print(cmd_ctx, "fast memory access is %s", (arm7_9->fast_memory_access) ? "enabled" : "disabled");
2697
2698 return ERROR_OK;
2699 }
2700
2701 int handle_arm7_9_dcc_downloads_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2702 {
2703 target_t *target = get_current_target(cmd_ctx);
2704 armv4_5_common_t *armv4_5;
2705 arm7_9_common_t *arm7_9;
2706
2707 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2708 {
2709 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2710 return ERROR_OK;
2711 }
2712
2713 if (argc > 0)
2714 {
2715 if (strcmp("enable", args[0]) == 0)
2716 {
2717 arm7_9->dcc_downloads = 1;
2718 }
2719 else if (strcmp("disable", args[0]) == 0)
2720 {
2721 arm7_9->dcc_downloads = 0;
2722 }
2723 else
2724 {
2725 command_print(cmd_ctx, "usage: arm7_9 dcc_downloads <enable|disable>");
2726 }
2727 }
2728
2729 command_print(cmd_ctx, "dcc downloads are %s", (arm7_9->dcc_downloads) ? "enabled" : "disabled");
2730
2731 return ERROR_OK;
2732 }
2733
2734 int arm7_9_init_arch_info(target_t *target, arm7_9_common_t *arm7_9)
2735 {
2736 armv4_5_common_t *armv4_5 = &arm7_9->armv4_5_common;
2737
2738 arm7_9->common_magic = ARM7_9_COMMON_MAGIC;
2739
2740 arm_jtag_setup_connection(&arm7_9->jtag_info);
2741 arm7_9->wp_available = 2;
2742 arm7_9->wp0_used = 0;
2743 arm7_9->wp1_used = 0;
2744 arm7_9->force_hw_bkpts = 0;
2745 arm7_9->use_dbgrq = 0;
2746
2747 arm7_9->etm_ctx = NULL;
2748 arm7_9->has_single_step = 0;
2749 arm7_9->has_monitor_mode = 0;
2750 arm7_9->has_vector_catch = 0;
2751
2752 arm7_9->debug_entry_from_reset = 0;
2753
2754 arm7_9->dcc_working_area = NULL;
2755
2756 arm7_9->fast_memory_access = fast_and_dangerous;
2757 arm7_9->dcc_downloads = fast_and_dangerous;
2758
2759 arm7_9->need_bypass_before_restart = 0;
2760
2761 armv4_5->arch_info = arm7_9;
2762 armv4_5->read_core_reg = arm7_9_read_core_reg;
2763 armv4_5->write_core_reg = arm7_9_write_core_reg;
2764 armv4_5->full_context = arm7_9_full_context;
2765
2766 armv4_5_init_arch_info(target, armv4_5);
2767
2768 target_register_timer_callback(arm7_9_handle_target_request, 1, 1, target);
2769
2770 return ERROR_OK;
2771 }
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)