Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
define resetting the target into the halted or running
[openocd.git] / src / target / arm7_9_common.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
12 * *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
17 * *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
23 #ifdef HAVE_CONFIG_H
24 #include "config.h"
25 #endif
26
27 #include "replacements.h"
28
29 #include "embeddedice.h"
30 #include "target.h"
31 #include "target_request.h"
32 #include "armv4_5.h"
33 #include "arm_jtag.h"
34 #include "jtag.h"
35 #include "log.h"
36 #include "arm7_9_common.h"
37 #include "breakpoints.h"
38
39 #include <stdlib.h>
40 #include <string.h>
41 #include <unistd.h>
42
43 #include <sys/types.h>
44 #include <sys/stat.h>
45 #include <sys/time.h>
46 #include <errno.h>
47
48 int arm7_9_debug_entry(target_t *target);
49 int arm7_9_enable_sw_bkpts(struct target_s *target);
50
51 /* command handler forward declarations */
52 int handle_arm7_9_write_xpsr_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
53 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
54 int handle_arm7_9_read_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
55 int handle_arm7_9_write_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
56 int handle_arm7_9_sw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
57 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
58 int handle_arm7_9_dbgrq_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
59 int handle_arm7_9_fast_memory_access_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
60 int handle_arm7_9_dcc_downloads_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
61 int handle_arm7_9_etm_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
62
63 int arm7_9_reinit_embeddedice(target_t *target)
64 {
65 armv4_5_common_t *armv4_5 = target->arch_info;
66 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
67
68 breakpoint_t *breakpoint = target->breakpoints;
69
70 arm7_9->wp_available = 2;
71 arm7_9->wp0_used = 0;
72 arm7_9->wp1_used = 0;
73
74 /* mark all hardware breakpoints as unset */
75 while (breakpoint)
76 {
77 if (breakpoint->type == BKPT_HARD)
78 {
79 breakpoint->set = 0;
80 }
81 breakpoint = breakpoint->next;
82 }
83
84 if (arm7_9->sw_bkpts_enabled && arm7_9->sw_bkpts_use_wp)
85 {
86 arm7_9->sw_bkpts_enabled = 0;
87 arm7_9_enable_sw_bkpts(target);
88 }
89
90 return ERROR_OK;
91 }
92
93 /* set things up after a reset / on startup */
94 int arm7_9_setup(target_t *target)
95 {
96 /* a test-logic reset have occured
97 * the EmbeddedICE registers have been reset
98 * hardware breakpoints have been cleared
99 */
100 return arm7_9_reinit_embeddedice(target);
101 }
102
103 int arm7_9_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p)
104 {
105 armv4_5_common_t *armv4_5 = target->arch_info;
106 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
107
108 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
109 {
110 return -1;
111 }
112
113 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
114 {
115 return -1;
116 }
117
118 *armv4_5_p = armv4_5;
119 *arm7_9_p = arm7_9;
120
121 return ERROR_OK;
122 }
123
124 int arm7_9_set_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
125 {
126 armv4_5_common_t *armv4_5 = target->arch_info;
127 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
128
129 if (target->state != TARGET_HALTED)
130 {
131 LOG_WARNING("target not halted");
132 return ERROR_TARGET_NOT_HALTED;
133 }
134
135 if (arm7_9->force_hw_bkpts)
136 breakpoint->type = BKPT_HARD;
137
138 if (breakpoint->set)
139 {
140 LOG_WARNING("breakpoint already set");
141 return ERROR_OK;
142 }
143
144 if (breakpoint->type == BKPT_HARD)
145 {
146 /* either an ARM (4 byte) or Thumb (2 byte) breakpoint */
147 u32 mask = (breakpoint->length == 4) ? 0x3u : 0x1u;
148 if (!arm7_9->wp0_used)
149 {
150 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], breakpoint->address);
151 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
152 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffffu);
153 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
154 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
155
156 jtag_execute_queue();
157 arm7_9->wp0_used = 1;
158 breakpoint->set = 1;
159 }
160 else if (!arm7_9->wp1_used)
161 {
162 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], breakpoint->address);
163 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
164 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffffu);
165 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
166 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
167
168 jtag_execute_queue();
169 arm7_9->wp1_used = 1;
170 breakpoint->set = 2;
171 }
172 else
173 {
174 LOG_ERROR("BUG: no hardware comparator available");
175 return ERROR_OK;
176 }
177 }
178 else if (breakpoint->type == BKPT_SOFT)
179 {
180 if (breakpoint->length == 4)
181 {
182 u32 verify = 0xffffffff;
183 /* keep the original instruction in target endianness */
184 target->type->read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr);
185 /* write the breakpoint instruction in target endianness (arm7_9->arm_bkpt is host endian) */
186 target_write_u32(target, breakpoint->address, arm7_9->arm_bkpt);
187
188 target->type->read_memory(target, breakpoint->address, 4, 1, (u8 *)&verify);
189 if (verify != arm7_9->arm_bkpt)
190 {
191 LOG_ERROR("Unable to set 32 bit software breakpoint at address %08x - check that memory is read/writable", breakpoint->address);
192 return ERROR_OK;
193 }
194 }
195 else
196 {
197 u16 verify = 0xffff;
198 /* keep the original instruction in target endianness */
199 target->type->read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr);
200 /* write the breakpoint instruction in target endianness (arm7_9->thumb_bkpt is host endian) */
201 target_write_u16(target, breakpoint->address, arm7_9->thumb_bkpt);
202
203 target->type->read_memory(target, breakpoint->address, 2, 1, (u8 *)&verify);
204 if (verify != arm7_9->thumb_bkpt)
205 {
206 LOG_ERROR("Unable to set thumb software breakpoint at address %08x - check that memory is read/writable", breakpoint->address);
207 return ERROR_OK;
208 }
209 }
210 breakpoint->set = 1;
211 }
212
213 return ERROR_OK;
214
215 }
216
217 int arm7_9_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
218 {
219 armv4_5_common_t *armv4_5 = target->arch_info;
220 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
221
222 if (target->state != TARGET_HALTED)
223 {
224 LOG_WARNING("target not halted");
225 return ERROR_TARGET_NOT_HALTED;
226 }
227
228 if (!breakpoint->set)
229 {
230 LOG_WARNING("breakpoint not set");
231 return ERROR_OK;
232 }
233
234 if (breakpoint->type == BKPT_HARD)
235 {
236 if (breakpoint->set == 1)
237 {
238 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
239 jtag_execute_queue();
240 arm7_9->wp0_used = 0;
241 }
242 else if (breakpoint->set == 2)
243 {
244 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
245 jtag_execute_queue();
246 arm7_9->wp1_used = 0;
247 }
248 breakpoint->set = 0;
249 }
250 else
251 {
252 /* restore original instruction (kept in target endianness) */
253 if (breakpoint->length == 4)
254 {
255 u32 current_instr;
256 /* check that user program as not modified breakpoint instruction */
257 target->type->read_memory(target, breakpoint->address, 4, 1, (u8*)&current_instr);
258 if (current_instr==arm7_9->arm_bkpt)
259 target->type->write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr);
260 }
261 else
262 {
263 u16 current_instr;
264 /* check that user program as not modified breakpoint instruction */
265 target->type->read_memory(target, breakpoint->address, 2, 1, (u8*)&current_instr);
266 if (current_instr==arm7_9->thumb_bkpt)
267 target->type->write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr);
268 }
269 breakpoint->set = 0;
270 }
271
272 return ERROR_OK;
273 }
274
275 int arm7_9_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
276 {
277 armv4_5_common_t *armv4_5 = target->arch_info;
278 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
279
280 if (target->state != TARGET_HALTED)
281 {
282 LOG_WARNING("target not halted");
283 return ERROR_TARGET_NOT_HALTED;
284 }
285
286 if (arm7_9->force_hw_bkpts)
287 {
288 LOG_DEBUG("forcing use of hardware breakpoint at address 0x%8.8x", breakpoint->address);
289 breakpoint->type = BKPT_HARD;
290 }
291
292 if ((breakpoint->type == BKPT_SOFT) && (arm7_9->sw_bkpts_enabled == 0))
293 {
294 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
295 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
296 }
297
298 if ((breakpoint->type == BKPT_HARD) && (arm7_9->wp_available < 1))
299 {
300 LOG_INFO("no watchpoint unit available for hardware breakpoint");
301 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
302 }
303
304 if ((breakpoint->length != 2) && (breakpoint->length != 4))
305 {
306 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
307 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
308 }
309
310 if (breakpoint->type == BKPT_HARD)
311 arm7_9->wp_available--;
312
313 return ERROR_OK;
314 }
315
316 int arm7_9_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
317 {
318 armv4_5_common_t *armv4_5 = target->arch_info;
319 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
320
321 if (target->state != TARGET_HALTED)
322 {
323 LOG_WARNING("target not halted");
324 return ERROR_TARGET_NOT_HALTED;
325 }
326
327 if (breakpoint->set)
328 {
329 arm7_9_unset_breakpoint(target, breakpoint);
330 }
331
332 if (breakpoint->type == BKPT_HARD)
333 arm7_9->wp_available++;
334
335 return ERROR_OK;
336 }
337
338 int arm7_9_set_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
339 {
340 armv4_5_common_t *armv4_5 = target->arch_info;
341 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
342 int rw_mask = 1;
343 u32 mask;
344
345 mask = watchpoint->length - 1;
346
347 if (target->state != TARGET_HALTED)
348 {
349 LOG_WARNING("target not halted");
350 return ERROR_TARGET_NOT_HALTED;
351 }
352
353 if (watchpoint->rw == WPT_ACCESS)
354 rw_mask = 0;
355 else
356 rw_mask = 1;
357
358 if (!arm7_9->wp0_used)
359 {
360 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], watchpoint->address);
361 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
362 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], watchpoint->mask);
363 if( watchpoint->mask != 0xffffffffu )
364 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], watchpoint->value);
365 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
366 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
367
368 jtag_execute_queue();
369 watchpoint->set = 1;
370 arm7_9->wp0_used = 2;
371 }
372 else if (!arm7_9->wp1_used)
373 {
374 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], watchpoint->address);
375 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
376 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], watchpoint->mask);
377 if( watchpoint->mask != 0xffffffffu )
378 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], watchpoint->value);
379 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
380 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
381
382 jtag_execute_queue();
383 watchpoint->set = 2;
384 arm7_9->wp1_used = 2;
385 }
386 else
387 {
388 LOG_ERROR("BUG: no hardware comparator available");
389 return ERROR_OK;
390 }
391
392 return ERROR_OK;
393 }
394
395 int arm7_9_unset_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
396 {
397 armv4_5_common_t *armv4_5 = target->arch_info;
398 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
399
400 if (target->state != TARGET_HALTED)
401 {
402 LOG_WARNING("target not halted");
403 return ERROR_TARGET_NOT_HALTED;
404 }
405
406 if (!watchpoint->set)
407 {
408 LOG_WARNING("breakpoint not set");
409 return ERROR_OK;
410 }
411
412 if (watchpoint->set == 1)
413 {
414 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
415 jtag_execute_queue();
416 arm7_9->wp0_used = 0;
417 }
418 else if (watchpoint->set == 2)
419 {
420 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
421 jtag_execute_queue();
422 arm7_9->wp1_used = 0;
423 }
424 watchpoint->set = 0;
425
426 return ERROR_OK;
427 }
428
429 int arm7_9_add_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
430 {
431 armv4_5_common_t *armv4_5 = target->arch_info;
432 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
433
434 if (target->state != TARGET_HALTED)
435 {
436 LOG_WARNING("target not halted");
437 return ERROR_TARGET_NOT_HALTED;
438 }
439
440 if (arm7_9->wp_available < 1)
441 {
442 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
443 }
444
445 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
446 {
447 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
448 }
449
450 arm7_9->wp_available--;
451
452 return ERROR_OK;
453 }
454
455 int arm7_9_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
456 {
457 armv4_5_common_t *armv4_5 = target->arch_info;
458 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
459
460 if (target->state != TARGET_HALTED)
461 {
462 LOG_WARNING("target not halted");
463 return ERROR_TARGET_NOT_HALTED;
464 }
465
466 if (watchpoint->set)
467 {
468 arm7_9_unset_watchpoint(target, watchpoint);
469 }
470
471 arm7_9->wp_available++;
472
473 return ERROR_OK;
474 }
475
476 int arm7_9_enable_sw_bkpts(struct target_s *target)
477 {
478 armv4_5_common_t *armv4_5 = target->arch_info;
479 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
480 int retval;
481
482 if (arm7_9->sw_bkpts_enabled)
483 return ERROR_OK;
484
485 if (arm7_9->wp_available < 1)
486 {
487 LOG_WARNING("can't enable sw breakpoints with no watchpoint unit available");
488 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
489 }
490 arm7_9->wp_available--;
491
492 if (!arm7_9->wp0_used)
493 {
494 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], arm7_9->arm_bkpt);
495 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0x0);
496 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffffu);
497 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
498 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
499 arm7_9->sw_bkpts_enabled = 1;
500 arm7_9->wp0_used = 3;
501 }
502 else if (!arm7_9->wp1_used)
503 {
504 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], arm7_9->arm_bkpt);
505 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0x0);
506 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0xffffffffu);
507 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
508 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
509 arm7_9->sw_bkpts_enabled = 2;
510 arm7_9->wp1_used = 3;
511 }
512 else
513 {
514 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
515 return ERROR_FAIL;
516 }
517
518 if ((retval = jtag_execute_queue()) != ERROR_OK)
519 {
520 LOG_ERROR("error writing EmbeddedICE registers to enable sw breakpoints");
521 return ERROR_FAIL;
522 };
523
524 return ERROR_OK;
525 }
526
527 int arm7_9_disable_sw_bkpts(struct target_s *target)
528 {
529 armv4_5_common_t *armv4_5 = target->arch_info;
530 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
531
532 if (!arm7_9->sw_bkpts_enabled)
533 return ERROR_OK;
534
535 if (arm7_9->sw_bkpts_enabled == 1)
536 {
537 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
538 arm7_9->sw_bkpts_enabled = 0;
539 arm7_9->wp0_used = 0;
540 arm7_9->wp_available++;
541 }
542 else if (arm7_9->sw_bkpts_enabled == 2)
543 {
544 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
545 arm7_9->sw_bkpts_enabled = 0;
546 arm7_9->wp1_used = 0;
547 arm7_9->wp_available++;
548 }
549
550 return ERROR_OK;
551 }
552
553 int arm7_9_execute_sys_speed(struct target_s *target)
554 {
555 int timeout;
556 int retval;
557
558 armv4_5_common_t *armv4_5 = target->arch_info;
559 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
560 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
561 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
562
563 /* set RESTART instruction */
564 jtag_add_end_state(TAP_RTI);
565 if (arm7_9->need_bypass_before_restart) {
566 arm7_9->need_bypass_before_restart = 0;
567 arm_jtag_set_instr(jtag_info, 0xf, NULL);
568 }
569 arm_jtag_set_instr(jtag_info, 0x4, NULL);
570
571 for (timeout=0; timeout<50; timeout++)
572 {
573 /* read debug status register */
574 embeddedice_read_reg(dbg_stat);
575 if ((retval = jtag_execute_queue()) != ERROR_OK)
576 return retval;
577 if ((buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
578 && (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_SYSCOMP, 1)))
579 break;
580 usleep(100000);
581 }
582 if (timeout == 50)
583 {
584 LOG_ERROR("timeout waiting for SYSCOMP & DBGACK, last DBG_STATUS: %x", buf_get_u32(dbg_stat->value, 0, dbg_stat->size));
585 return ERROR_TARGET_TIMEOUT;
586 }
587
588 return ERROR_OK;
589 }
590
591 int arm7_9_execute_fast_sys_speed(struct target_s *target)
592 {
593 static int set=0;
594 static u8 check_value[4], check_mask[4];
595
596 armv4_5_common_t *armv4_5 = target->arch_info;
597 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
598 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
599 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
600
601 /* set RESTART instruction */
602 jtag_add_end_state(TAP_RTI);
603 if (arm7_9->need_bypass_before_restart) {
604 arm7_9->need_bypass_before_restart = 0;
605 arm_jtag_set_instr(jtag_info, 0xf, NULL);
606 }
607 arm_jtag_set_instr(jtag_info, 0x4, NULL);
608
609 if (!set)
610 {
611 /* check for DBGACK and SYSCOMP set (others don't care) */
612
613 /* NB! These are constants that must be available until after next jtag_execute() and
614 we evaluate the values upon first execution in lieu of setting up these constants
615 during early setup.
616 */
617 buf_set_u32(check_value, 0, 32, 0x9);
618 buf_set_u32(check_mask, 0, 32, 0x9);
619 set=1;
620 }
621
622 /* read debug status register */
623 embeddedice_read_reg_w_check(dbg_stat, check_value, check_value);
624
625 return ERROR_OK;
626 }
627
628 int arm7_9_target_request_data(target_t *target, u32 size, u8 *buffer)
629 {
630 armv4_5_common_t *armv4_5 = target->arch_info;
631 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
632 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
633 u32 *data;
634 int i;
635
636 data = malloc(size * (sizeof(u32)));
637
638 embeddedice_receive(jtag_info, data, size);
639
640 for (i = 0; i < size; i++)
641 {
642 h_u32_to_le(buffer + (i * 4), data[i]);
643 }
644
645 free(data);
646
647 return ERROR_OK;
648 }
649
650 int arm7_9_handle_target_request(void *priv)
651 {
652 target_t *target = priv;
653 if (!target->type->examined)
654 return ERROR_OK;
655 armv4_5_common_t *armv4_5 = target->arch_info;
656 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
657 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
658 reg_t *dcc_control = &arm7_9->eice_cache->reg_list[EICE_COMMS_CTRL];
659
660
661 if (!target->dbg_msg_enabled)
662 return ERROR_OK;
663
664 if (target->state == TARGET_RUNNING)
665 {
666 /* read DCC control register */
667 embeddedice_read_reg(dcc_control);
668 jtag_execute_queue();
669
670 /* check W bit */
671 if (buf_get_u32(dcc_control->value, 1, 1) == 1)
672 {
673 u32 request;
674
675 embeddedice_receive(jtag_info, &request, 1);
676 target_request(target, request);
677 }
678 }
679
680 return ERROR_OK;
681 }
682
683 int arm7_9_poll(target_t *target)
684 {
685 int retval;
686 armv4_5_common_t *armv4_5 = target->arch_info;
687 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
688 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
689
690 /* read debug status register */
691 embeddedice_read_reg(dbg_stat);
692 if ((retval = jtag_execute_queue()) != ERROR_OK)
693 {
694 return retval;
695 }
696
697 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
698 {
699 /* LOG_DEBUG("DBGACK set, dbg_state->value: 0x%x", buf_get_u32(dbg_stat->value, 0, 32));*/
700 if (target->state == TARGET_UNKNOWN)
701 {
702 target->state = TARGET_RUNNING;
703 LOG_WARNING("DBGACK set while target was in unknown state. Reset or initialize target.");
704 }
705 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_RESET))
706 {
707 int check_pc=0;
708 if (target->state == TARGET_RESET)
709 {
710 if (target->reset_halt)
711 {
712 if ((jtag_reset_config & RESET_SRST_PULLS_TRST)==0)
713 {
714 check_pc = 1;
715 }
716 }
717 }
718
719 target->state = TARGET_HALTED;
720
721 if ((retval = arm7_9_debug_entry(target)) != ERROR_OK)
722 return retval;
723
724 if (check_pc)
725 {
726 reg_t *reg = register_get_by_name(target->reg_cache, "pc", 1);
727 u32 t=*((u32 *)reg->value);
728 if (t!=0)
729 {
730 LOG_ERROR("PC was not 0. Does this target need srst_pulls_trst?");
731 }
732 }
733
734 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
735 }
736 if (target->state == TARGET_DEBUG_RUNNING)
737 {
738 target->state = TARGET_HALTED;
739 if ((retval = arm7_9_debug_entry(target)) != ERROR_OK)
740 return retval;
741
742 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
743 }
744 if (target->state != TARGET_HALTED)
745 {
746 LOG_WARNING("DBGACK set, but the target did not end up in the halted stated %d", target->state);
747 }
748 }
749 else
750 {
751 if (target->state != TARGET_DEBUG_RUNNING)
752 target->state = TARGET_RUNNING;
753 }
754
755 return ERROR_OK;
756 }
757
758 /*
759 Some -S targets (ARM966E-S in the STR912 isn't affected, ARM926EJ-S
760 in the LPC3180 and AT91SAM9260 is affected) completely stop the JTAG clock
761 while the core is held in reset(SRST). It isn't possible to program the halt
762 condition once reset was asserted, hence a hook that allows the target to set
763 up its reset-halt condition prior to asserting reset.
764 */
765
766 int arm7_9_assert_reset(target_t *target)
767 {
768 armv4_5_common_t *armv4_5 = target->arch_info;
769 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
770 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
771
772 if (!(jtag_reset_config & RESET_HAS_SRST))
773 {
774 LOG_ERROR("Can't assert SRST");
775 return ERROR_FAIL;
776 }
777
778 if (target->reset_halt)
779 {
780 /*
781 * Some targets do not support communication while SRST is asserted. We need to
782 * set up the reset vector catch here.
783 *
784 * If TRST is asserted, then these settings will be reset anyway, so setting them
785 * here is harmless.
786 */
787 if (arm7_9->has_vector_catch)
788 {
789 /* program vector catch register to catch reset vector */
790 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH], 0x1);
791 }
792 else
793 {
794 /* program watchpoint unit to match on reset vector address */
795 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], 0x0);
796 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0x3);
797 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
798 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
799 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
800 }
801 }
802
803 /* here we should issue a srst only, but we may have to assert trst as well */
804 if (jtag_reset_config & RESET_SRST_PULLS_TRST)
805 {
806 jtag_add_reset(1, 1);
807 } else
808 {
809 jtag_add_reset(0, 1);
810 }
811
812
813 target->state = TARGET_RESET;
814 jtag_add_sleep(50000);
815
816 armv4_5_invalidate_core_regs(target);
817
818 if ((target->reset_halt)&&((jtag_reset_config & RESET_SRST_PULLS_TRST)==0))
819 {
820 /* debug entry was already prepared in arm7_9_assert_reset() */
821 target->debug_reason = DBG_REASON_DBGRQ;
822 }
823
824 return ERROR_OK;
825
826 }
827
828 int arm7_9_deassert_reset(target_t *target)
829 {
830 int retval=ERROR_OK;
831 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
832
833 /* deassert reset lines */
834 jtag_add_reset(0, 0);
835
836 if ((jtag_reset_config & RESET_SRST_PULLS_TRST)!=0)
837 {
838 /* set up embedded ice registers again */
839 if ((retval=target->type->examine(target))!=ERROR_OK)
840 return retval;
841 }
842 return retval;
843 }
844
845 int arm7_9_clear_halt(target_t *target)
846 {
847 armv4_5_common_t *armv4_5 = target->arch_info;
848 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
849 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
850
851 /* we used DBGRQ only if we didn't come out of reset */
852 if (!arm7_9->debug_entry_from_reset && arm7_9->use_dbgrq)
853 {
854 /* program EmbeddedICE Debug Control Register to deassert DBGRQ
855 */
856 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
857 embeddedice_store_reg(dbg_ctrl);
858 }
859 else
860 {
861 if (arm7_9->debug_entry_from_reset && arm7_9->has_vector_catch)
862 {
863 /* if we came out of reset, and vector catch is supported, we used
864 * vector catch to enter debug state
865 * restore the register in that case
866 */
867 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH]);
868 }
869 else
870 {
871 /* restore registers if watchpoint unit 0 was in use
872 */
873 if (arm7_9->wp0_used)
874 {
875 if (arm7_9->debug_entry_from_reset)
876 {
877 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE]);
878 }
879 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
880 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
881 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
882 }
883 /* control value always has to be restored, as it was either disabled,
884 * or enabled with possibly different bits
885 */
886 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
887 }
888 }
889
890 return ERROR_OK;
891 }
892
893 int arm7_9_soft_reset_halt(struct target_s *target)
894 {
895 armv4_5_common_t *armv4_5 = target->arch_info;
896 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
897 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
898 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
899 int i;
900 int retval;
901
902 if ((retval=target_halt(target))!=ERROR_OK)
903 return retval;
904
905 for (i=0; i<10; i++)
906 {
907 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) != 0)
908 break;
909 embeddedice_read_reg(dbg_stat);
910 if ((retval=jtag_execute_queue())!=ERROR_OK)
911 return retval;
912 /* do not eat all CPU, time out after 1 se*/
913 usleep(100*1000);
914
915 }
916 if (i==10)
917 {
918 LOG_ERROR("Failed to halt CPU after 1 sec");
919 return ERROR_TARGET_TIMEOUT;
920 }
921 target->state = TARGET_HALTED;
922
923 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
924 * ensure that DBGRQ is cleared
925 */
926 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
927 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
928 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
929 embeddedice_store_reg(dbg_ctrl);
930
931 arm7_9_clear_halt(target);
932
933 /* if the target is in Thumb state, change to ARM state */
934 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1))
935 {
936 u32 r0_thumb, pc_thumb;
937 LOG_DEBUG("target entered debug from Thumb state, changing to ARM");
938 /* Entered debug from Thumb mode */
939 armv4_5->core_state = ARMV4_5_STATE_THUMB;
940 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
941 }
942
943 /* all register content is now invalid */
944 armv4_5_invalidate_core_regs(target);
945
946 /* SVC, ARM state, IRQ and FIQ disabled */
947 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
948 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
949 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
950
951 /* start fetching from 0x0 */
952 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
953 armv4_5->core_cache->reg_list[15].dirty = 1;
954 armv4_5->core_cache->reg_list[15].valid = 1;
955
956 armv4_5->core_mode = ARMV4_5_MODE_SVC;
957 armv4_5->core_state = ARMV4_5_STATE_ARM;
958
959 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
960 return ERROR_FAIL;
961
962 /* reset registers */
963 for (i = 0; i <= 14; i++)
964 {
965 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, 0xffffffff);
966 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 1;
967 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
968 }
969
970 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
971
972 return ERROR_OK;
973 }
974
975 int arm7_9_halt(target_t *target)
976 {
977 if (target->state==TARGET_RESET)
978 {
979 LOG_ERROR("BUG: arm7/9 does not support halt during reset. This is handled in arm7_9_assert_reset()");
980 return ERROR_OK;
981 }
982
983 armv4_5_common_t *armv4_5 = target->arch_info;
984 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
985 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
986
987 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
988
989 if (target->state == TARGET_HALTED)
990 {
991 LOG_DEBUG("target was already halted");
992 return ERROR_OK;
993 }
994
995 if (target->state == TARGET_UNKNOWN)
996 {
997 LOG_WARNING("target was in unknown state when halt was requested");
998 }
999
1000 if (arm7_9->use_dbgrq)
1001 {
1002 /* program EmbeddedICE Debug Control Register to assert DBGRQ
1003 */
1004 if (arm7_9->set_special_dbgrq) {
1005 arm7_9->set_special_dbgrq(target);
1006 } else {
1007 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 1);
1008 embeddedice_store_reg(dbg_ctrl);
1009 }
1010 }
1011 else
1012 {
1013 /* program watchpoint unit to match on any address
1014 */
1015 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1016 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1017 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1018 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1019 }
1020
1021 target->debug_reason = DBG_REASON_DBGRQ;
1022
1023 return ERROR_OK;
1024 }
1025
1026 int arm7_9_debug_entry(target_t *target)
1027 {
1028 int i;
1029 u32 context[16];
1030 u32* context_p[16];
1031 u32 r0_thumb, pc_thumb;
1032 u32 cpsr;
1033 int retval;
1034 /* get pointers to arch-specific information */
1035 armv4_5_common_t *armv4_5 = target->arch_info;
1036 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1037 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1038 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1039
1040 #ifdef _DEBUG_ARM7_9_
1041 LOG_DEBUG("-");
1042 #endif
1043
1044 if (arm7_9->pre_debug_entry)
1045 arm7_9->pre_debug_entry(target);
1046
1047 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1048 * ensure that DBGRQ is cleared
1049 */
1050 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1051 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1052 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1053 embeddedice_store_reg(dbg_ctrl);
1054
1055 arm7_9_clear_halt(target);
1056
1057 if ((retval = jtag_execute_queue()) != ERROR_OK)
1058 {
1059 return retval;
1060 }
1061
1062 if ((retval = arm7_9->examine_debug_reason(target)) != ERROR_OK)
1063 return retval;
1064
1065
1066 if (target->state != TARGET_HALTED)
1067 {
1068 LOG_WARNING("target not halted");
1069 return ERROR_TARGET_NOT_HALTED;
1070 }
1071
1072 /* if the target is in Thumb state, change to ARM state */
1073 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1))
1074 {
1075 LOG_DEBUG("target entered debug from Thumb state");
1076 /* Entered debug from Thumb mode */
1077 armv4_5->core_state = ARMV4_5_STATE_THUMB;
1078 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1079 LOG_DEBUG("r0_thumb: 0x%8.8x, pc_thumb: 0x%8.8x", r0_thumb, pc_thumb);
1080 }
1081 else
1082 {
1083 LOG_DEBUG("target entered debug from ARM state");
1084 /* Entered debug from ARM mode */
1085 armv4_5->core_state = ARMV4_5_STATE_ARM;
1086 }
1087
1088 for (i = 0; i < 16; i++)
1089 context_p[i] = &context[i];
1090 /* save core registers (r0 - r15 of current core mode) */
1091 arm7_9->read_core_regs(target, 0xffff, context_p);
1092
1093 arm7_9->read_xpsr(target, &cpsr, 0);
1094
1095 if ((retval = jtag_execute_queue()) != ERROR_OK)
1096 return retval;
1097
1098 /* if the core has been executing in Thumb state, set the T bit */
1099 if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1100 cpsr |= 0x20;
1101
1102 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, cpsr);
1103 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 0;
1104 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
1105
1106 armv4_5->core_mode = cpsr & 0x1f;
1107
1108 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
1109 {
1110 target->state = TARGET_UNKNOWN;
1111 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1112 return ERROR_TARGET_FAILURE;
1113 }
1114
1115 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
1116
1117 if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1118 {
1119 LOG_DEBUG("thumb state, applying fixups");
1120 context[0] = r0_thumb;
1121 context[15] = pc_thumb;
1122 } else if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1123 {
1124 /* adjust value stored by STM */
1125 context[15] -= 3 * 4;
1126 }
1127
1128 if ((target->debug_reason == DBG_REASON_BREAKPOINT)
1129 || (target->debug_reason == DBG_REASON_SINGLESTEP)
1130 || (target->debug_reason == DBG_REASON_WATCHPOINT)
1131 || (target->debug_reason == DBG_REASON_WPTANDBKPT)
1132 || ((target->debug_reason == DBG_REASON_DBGRQ) && (arm7_9->use_dbgrq == 0)))
1133 context[15] -= 3 * ((armv4_5->core_state == ARMV4_5_STATE_ARM) ? 4 : 2);
1134 else if (target->debug_reason == DBG_REASON_DBGRQ)
1135 context[15] -= arm7_9->dbgreq_adjust_pc * ((armv4_5->core_state == ARMV4_5_STATE_ARM) ? 4 : 2);
1136 else
1137 {
1138 LOG_ERROR("unknown debug reason: %i", target->debug_reason);
1139 }
1140
1141 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1142 return ERROR_FAIL;
1143
1144 for (i=0; i<=15; i++)
1145 {
1146 LOG_DEBUG("r%i: 0x%8.8x", i, context[i]);
1147 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, context[i]);
1148 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1149 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1150 }
1151
1152 LOG_DEBUG("entered debug state at PC 0x%x", context[15]);
1153
1154 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1155 return ERROR_FAIL;
1156
1157 /* exceptions other than USR & SYS have a saved program status register */
1158 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
1159 {
1160 u32 spsr;
1161 arm7_9->read_xpsr(target, &spsr, 1);
1162 jtag_execute_queue();
1163 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, spsr);
1164 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1165 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1166 }
1167
1168 /* r0 and r15 (pc) have to be restored later */
1169 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1170 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 15).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 15).valid;
1171
1172 if ((retval = jtag_execute_queue()) != ERROR_OK)
1173 return retval;
1174
1175 if (arm7_9->post_debug_entry)
1176 arm7_9->post_debug_entry(target);
1177
1178 return ERROR_OK;
1179 }
1180
1181 int arm7_9_full_context(target_t *target)
1182 {
1183 int i;
1184 int retval;
1185 armv4_5_common_t *armv4_5 = target->arch_info;
1186 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1187
1188 LOG_DEBUG("-");
1189
1190 if (target->state != TARGET_HALTED)
1191 {
1192 LOG_WARNING("target not halted");
1193 return ERROR_TARGET_NOT_HALTED;
1194 }
1195
1196 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1197 return ERROR_FAIL;
1198
1199 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1200 * SYS shares registers with User, so we don't touch SYS
1201 */
1202 for(i = 0; i < 6; i++)
1203 {
1204 u32 mask = 0;
1205 u32* reg_p[16];
1206 int j;
1207 int valid = 1;
1208
1209 /* check if there are invalid registers in the current mode
1210 */
1211 for (j = 0; j <= 16; j++)
1212 {
1213 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1214 valid = 0;
1215 }
1216
1217 if (!valid)
1218 {
1219 u32 tmp_cpsr;
1220
1221 /* change processor mode (and mask T bit) */
1222 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1223 tmp_cpsr |= armv4_5_number_to_mode(i);
1224 tmp_cpsr &= ~0x20;
1225 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1226
1227 for (j = 0; j < 15; j++)
1228 {
1229 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1230 {
1231 reg_p[j] = (u32*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value;
1232 mask |= 1 << j;
1233 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1234 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1235 }
1236 }
1237
1238 /* if only the PSR is invalid, mask is all zeroes */
1239 if (mask)
1240 arm7_9->read_core_regs(target, mask, reg_p);
1241
1242 /* check if the PSR has to be read */
1243 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid == 0)
1244 {
1245 arm7_9->read_xpsr(target, (u32*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).value, 1);
1246 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1247 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1248 }
1249 }
1250 }
1251
1252 /* restore processor mode (mask T bit) */
1253 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1254
1255 if ((retval = jtag_execute_queue()) != ERROR_OK)
1256 {
1257 return retval;
1258 }
1259 return ERROR_OK;
1260 }
1261
1262 int arm7_9_restore_context(target_t *target)
1263 {
1264 armv4_5_common_t *armv4_5 = target->arch_info;
1265 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1266 reg_t *reg;
1267 armv4_5_core_reg_t *reg_arch_info;
1268 enum armv4_5_mode current_mode = armv4_5->core_mode;
1269 int i, j;
1270 int dirty;
1271 int mode_change;
1272
1273 LOG_DEBUG("-");
1274
1275 if (target->state != TARGET_HALTED)
1276 {
1277 LOG_WARNING("target not halted");
1278 return ERROR_TARGET_NOT_HALTED;
1279 }
1280
1281 if (arm7_9->pre_restore_context)
1282 arm7_9->pre_restore_context(target);
1283
1284 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1285 return ERROR_FAIL;
1286
1287 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1288 * SYS shares registers with User, so we don't touch SYS
1289 */
1290 for (i = 0; i < 6; i++)
1291 {
1292 LOG_DEBUG("examining %s mode", armv4_5_mode_strings[i]);
1293 dirty = 0;
1294 mode_change = 0;
1295 /* check if there are dirty registers in the current mode
1296 */
1297 for (j = 0; j <= 16; j++)
1298 {
1299 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j);
1300 reg_arch_info = reg->arch_info;
1301 if (reg->dirty == 1)
1302 {
1303 if (reg->valid == 1)
1304 {
1305 dirty = 1;
1306 LOG_DEBUG("examining dirty reg: %s", reg->name);
1307 if ((reg_arch_info->mode != ARMV4_5_MODE_ANY)
1308 && (reg_arch_info->mode != current_mode)
1309 && !((reg_arch_info->mode == ARMV4_5_MODE_USR) && (armv4_5->core_mode == ARMV4_5_MODE_SYS))
1310 && !((reg_arch_info->mode == ARMV4_5_MODE_SYS) && (armv4_5->core_mode == ARMV4_5_MODE_USR)))
1311 {
1312 mode_change = 1;
1313 LOG_DEBUG("require mode change");
1314 }
1315 }
1316 else
1317 {
1318 LOG_ERROR("BUG: dirty register '%s', but no valid data", reg->name);
1319 }
1320 }
1321 }
1322
1323 if (dirty)
1324 {
1325 u32 mask = 0x0;
1326 int num_regs = 0;
1327 u32 regs[16];
1328
1329 if (mode_change)
1330 {
1331 u32 tmp_cpsr;
1332
1333 /* change processor mode (mask T bit) */
1334 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1335 tmp_cpsr |= armv4_5_number_to_mode(i);
1336 tmp_cpsr &= ~0x20;
1337 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1338 current_mode = armv4_5_number_to_mode(i);
1339 }
1340
1341 for (j = 0; j <= 14; j++)
1342 {
1343 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j);
1344 reg_arch_info = reg->arch_info;
1345
1346
1347 if (reg->dirty == 1)
1348 {
1349 regs[j] = buf_get_u32(reg->value, 0, 32);
1350 mask |= 1 << j;
1351 num_regs++;
1352 reg->dirty = 0;
1353 reg->valid = 1;
1354 LOG_DEBUG("writing register %i of mode %s with value 0x%8.8x", j, armv4_5_mode_strings[i], regs[j]);
1355 }
1356 }
1357
1358 if (mask)
1359 {
1360 arm7_9->write_core_regs(target, mask, regs);
1361 }
1362
1363 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16);
1364 reg_arch_info = reg->arch_info;
1365 if ((reg->dirty) && (reg_arch_info->mode != ARMV4_5_MODE_ANY))
1366 {
1367 LOG_DEBUG("writing SPSR of mode %i with value 0x%8.8x", i, buf_get_u32(reg->value, 0, 32));
1368 arm7_9->write_xpsr(target, buf_get_u32(reg->value, 0, 32), 1);
1369 }
1370 }
1371 }
1372
1373 if ((armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty == 0) && (armv4_5->core_mode != current_mode))
1374 {
1375 /* restore processor mode (mask T bit) */
1376 u32 tmp_cpsr;
1377
1378 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1379 tmp_cpsr |= armv4_5_number_to_mode(i);
1380 tmp_cpsr &= ~0x20;
1381 LOG_DEBUG("writing lower 8 bit of cpsr with value 0x%2.2x", tmp_cpsr);
1382 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1383 }
1384 else if (armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty == 1)
1385 {
1386 /* CPSR has been changed, full restore necessary (mask T bit) */
1387 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1388 arm7_9->write_xpsr(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32) & ~0x20, 0);
1389 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 0;
1390 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
1391 }
1392
1393 /* restore PC */
1394 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1395 arm7_9->write_pc(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1396 armv4_5->core_cache->reg_list[15].dirty = 0;
1397
1398 if (arm7_9->post_restore_context)
1399 arm7_9->post_restore_context(target);
1400
1401 return ERROR_OK;
1402 }
1403
1404 int arm7_9_restart_core(struct target_s *target)
1405 {
1406 armv4_5_common_t *armv4_5 = target->arch_info;
1407 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1408 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
1409
1410 /* set RESTART instruction */
1411 jtag_add_end_state(TAP_RTI);
1412 if (arm7_9->need_bypass_before_restart) {
1413 arm7_9->need_bypass_before_restart = 0;
1414 arm_jtag_set_instr(jtag_info, 0xf, NULL);
1415 }
1416 arm_jtag_set_instr(jtag_info, 0x4, NULL);
1417
1418 jtag_add_runtest(1, TAP_RTI);
1419 return jtag_execute_queue();
1420 }
1421
1422 void arm7_9_enable_watchpoints(struct target_s *target)
1423 {
1424 watchpoint_t *watchpoint = target->watchpoints;
1425
1426 while (watchpoint)
1427 {
1428 if (watchpoint->set == 0)
1429 arm7_9_set_watchpoint(target, watchpoint);
1430 watchpoint = watchpoint->next;
1431 }
1432 }
1433
1434 void arm7_9_enable_breakpoints(struct target_s *target)
1435 {
1436 breakpoint_t *breakpoint = target->breakpoints;
1437
1438 /* set any pending breakpoints */
1439 while (breakpoint)
1440 {
1441 if (breakpoint->set == 0)
1442 arm7_9_set_breakpoint(target, breakpoint);
1443 breakpoint = breakpoint->next;
1444 }
1445 }
1446
1447 void arm7_9_disable_bkpts_and_wpts(struct target_s *target)
1448 {
1449 breakpoint_t *breakpoint = target->breakpoints;
1450 watchpoint_t *watchpoint = target->watchpoints;
1451
1452 /* set any pending breakpoints */
1453 while (breakpoint)
1454 {
1455 if (breakpoint->set != 0)
1456 arm7_9_unset_breakpoint(target, breakpoint);
1457 breakpoint = breakpoint->next;
1458 }
1459
1460 while (watchpoint)
1461 {
1462 if (watchpoint->set != 0)
1463 arm7_9_unset_watchpoint(target, watchpoint);
1464 watchpoint = watchpoint->next;
1465 }
1466 }
1467
1468 int arm7_9_resume(struct target_s *target, int current, u32 address, int handle_breakpoints, int debug_execution)
1469 {
1470 armv4_5_common_t *armv4_5 = target->arch_info;
1471 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1472 breakpoint_t *breakpoint = target->breakpoints;
1473 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1474 int err;
1475
1476 LOG_DEBUG("-");
1477
1478 if (target->state != TARGET_HALTED)
1479 {
1480 LOG_WARNING("target not halted");
1481 return ERROR_TARGET_NOT_HALTED;
1482 }
1483
1484 if (!debug_execution)
1485 {
1486 target_free_all_working_areas(target);
1487 }
1488
1489 /* current = 1: continue on current pc, otherwise continue at <address> */
1490 if (!current)
1491 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1492
1493 /* the front-end may request us not to handle breakpoints */
1494 if (handle_breakpoints)
1495 {
1496 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1497 {
1498 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
1499 arm7_9_unset_breakpoint(target, breakpoint);
1500
1501 LOG_DEBUG("enable single-step");
1502 arm7_9->enable_single_step(target);
1503
1504 target->debug_reason = DBG_REASON_SINGLESTEP;
1505
1506 arm7_9_restore_context(target);
1507
1508 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1509 arm7_9->branch_resume(target);
1510 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1511 {
1512 arm7_9->branch_resume_thumb(target);
1513 }
1514 else
1515 {
1516 LOG_ERROR("unhandled core state");
1517 return ERROR_FAIL;
1518 }
1519
1520 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1521 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1522 err = arm7_9_execute_sys_speed(target);
1523
1524 LOG_DEBUG("disable single-step");
1525 arm7_9->disable_single_step(target);
1526
1527 if (err != ERROR_OK)
1528 {
1529 arm7_9_set_breakpoint(target, breakpoint);
1530 target->state = TARGET_UNKNOWN;
1531 return err;
1532 }
1533
1534 arm7_9_debug_entry(target);
1535 LOG_DEBUG("new PC after step: 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1536
1537 LOG_DEBUG("set breakpoint at 0x%8.8x", breakpoint->address);
1538 arm7_9_set_breakpoint(target, breakpoint);
1539 }
1540 }
1541
1542 /* enable any pending breakpoints and watchpoints */
1543 arm7_9_enable_breakpoints(target);
1544 arm7_9_enable_watchpoints(target);
1545
1546 arm7_9_restore_context(target);
1547
1548 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1549 {
1550 arm7_9->branch_resume(target);
1551 }
1552 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1553 {
1554 arm7_9->branch_resume_thumb(target);
1555 }
1556 else
1557 {
1558 LOG_ERROR("unhandled core state");
1559 return ERROR_FAIL;
1560 }
1561
1562 /* deassert DBGACK and INTDIS */
1563 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1564 /* INTDIS only when we really resume, not during debug execution */
1565 if (!debug_execution)
1566 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 0);
1567 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1568
1569 arm7_9_restart_core(target);
1570
1571 target->debug_reason = DBG_REASON_NOTHALTED;
1572
1573 if (!debug_execution)
1574 {
1575 /* registers are now invalid */
1576 armv4_5_invalidate_core_regs(target);
1577 target->state = TARGET_RUNNING;
1578 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1579 }
1580 else
1581 {
1582 target->state = TARGET_DEBUG_RUNNING;
1583 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1584 }
1585
1586 LOG_DEBUG("target resumed");
1587
1588 return ERROR_OK;
1589 }
1590
1591 void arm7_9_enable_eice_step(target_t *target)
1592 {
1593 armv4_5_common_t *armv4_5 = target->arch_info;
1594 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1595
1596 /* setup an inverse breakpoint on the current PC
1597 * - comparator 1 matches the current address
1598 * - rangeout from comparator 1 is connected to comparator 0 rangein
1599 * - comparator 0 matches any address, as long as rangein is low */
1600 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1601 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1602 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1603 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~(EICE_W_CTRL_RANGE|EICE_W_CTRL_nOPC) & 0xff);
1604 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1605 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1606 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1607 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
1608 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1609 }
1610
1611 void arm7_9_disable_eice_step(target_t *target)
1612 {
1613 armv4_5_common_t *armv4_5 = target->arch_info;
1614 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1615
1616 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
1617 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
1618 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1619 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
1620 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE]);
1621 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK]);
1622 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK]);
1623 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK]);
1624 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE]);
1625 }
1626
1627 int arm7_9_step(struct target_s *target, int current, u32 address, int handle_breakpoints)
1628 {
1629 armv4_5_common_t *armv4_5 = target->arch_info;
1630 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1631 breakpoint_t *breakpoint = NULL;
1632 int err;
1633
1634 if (target->state != TARGET_HALTED)
1635 {
1636 LOG_WARNING("target not halted");
1637 return ERROR_TARGET_NOT_HALTED;
1638 }
1639
1640 /* current = 1: continue on current pc, otherwise continue at <address> */
1641 if (!current)
1642 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1643
1644 /* the front-end may request us not to handle breakpoints */
1645 if (handle_breakpoints)
1646 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1647 arm7_9_unset_breakpoint(target, breakpoint);
1648
1649 target->debug_reason = DBG_REASON_SINGLESTEP;
1650
1651 arm7_9_restore_context(target);
1652
1653 arm7_9->enable_single_step(target);
1654
1655 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1656 {
1657 arm7_9->branch_resume(target);
1658 }
1659 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1660 {
1661 arm7_9->branch_resume_thumb(target);
1662 }
1663 else
1664 {
1665 LOG_ERROR("unhandled core state");
1666 return ERROR_FAIL;
1667 }
1668
1669 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1670
1671 err = arm7_9_execute_sys_speed(target);
1672 arm7_9->disable_single_step(target);
1673
1674 /* registers are now invalid */
1675 armv4_5_invalidate_core_regs(target);
1676
1677 if (err != ERROR_OK)
1678 {
1679 target->state = TARGET_UNKNOWN;
1680 } else {
1681 arm7_9_debug_entry(target);
1682 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1683 LOG_DEBUG("target stepped");
1684 }
1685
1686 if (breakpoint)
1687 arm7_9_set_breakpoint(target, breakpoint);
1688
1689 return err;
1690
1691 }
1692
1693 int arm7_9_read_core_reg(struct target_s *target, int num, enum armv4_5_mode mode)
1694 {
1695 u32* reg_p[16];
1696 u32 value;
1697 int retval;
1698 armv4_5_common_t *armv4_5 = target->arch_info;
1699 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1700
1701 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1702 return ERROR_FAIL;
1703
1704 enum armv4_5_mode reg_mode = ((armv4_5_core_reg_t*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info)->mode;
1705
1706 if ((num < 0) || (num > 16))
1707 return ERROR_INVALID_ARGUMENTS;
1708
1709 if ((mode != ARMV4_5_MODE_ANY)
1710 && (mode != armv4_5->core_mode)
1711 && (reg_mode != ARMV4_5_MODE_ANY))
1712 {
1713 u32 tmp_cpsr;
1714
1715 /* change processor mode (mask T bit) */
1716 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1717 tmp_cpsr |= mode;
1718 tmp_cpsr &= ~0x20;
1719 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1720 }
1721
1722 if ((num >= 0) && (num <= 15))
1723 {
1724 /* read a normal core register */
1725 reg_p[num] = &value;
1726
1727 arm7_9->read_core_regs(target, 1 << num, reg_p);
1728 }
1729 else
1730 {
1731 /* read a program status register
1732 * if the register mode is MODE_ANY, we read the cpsr, otherwise a spsr
1733 */
1734 armv4_5_core_reg_t *arch_info = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info;
1735 int spsr = (arch_info->mode == ARMV4_5_MODE_ANY) ? 0 : 1;
1736
1737 arm7_9->read_xpsr(target, &value, spsr);
1738 }
1739
1740 if ((retval = jtag_execute_queue()) != ERROR_OK)
1741 {
1742 return retval;
1743 }
1744
1745 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
1746 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
1747 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).value, 0, 32, value);
1748
1749 if ((mode != ARMV4_5_MODE_ANY)
1750 && (mode != armv4_5->core_mode)
1751 && (reg_mode != ARMV4_5_MODE_ANY)) {
1752 /* restore processor mode (mask T bit) */
1753 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1754 }
1755
1756 return ERROR_OK;
1757
1758 }
1759
1760 int arm7_9_write_core_reg(struct target_s *target, int num, enum armv4_5_mode mode, u32 value)
1761 {
1762 u32 reg[16];
1763 armv4_5_common_t *armv4_5 = target->arch_info;
1764 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1765
1766 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1767 return ERROR_FAIL;
1768
1769 enum armv4_5_mode reg_mode = ((armv4_5_core_reg_t*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info)->mode;
1770
1771 if ((num < 0) || (num > 16))
1772 return ERROR_INVALID_ARGUMENTS;
1773
1774 if ((mode != ARMV4_5_MODE_ANY)
1775 && (mode != armv4_5->core_mode)
1776 && (reg_mode != ARMV4_5_MODE_ANY)) {
1777 u32 tmp_cpsr;
1778
1779 /* change processor mode (mask T bit) */
1780 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1781 tmp_cpsr |= mode;
1782 tmp_cpsr &= ~0x20;
1783 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1784 }
1785
1786 if ((num >= 0) && (num <= 15))
1787 {
1788 /* write a normal core register */
1789 reg[num] = value;
1790
1791 arm7_9->write_core_regs(target, 1 << num, reg);
1792 }
1793 else
1794 {
1795 /* write a program status register
1796 * if the register mode is MODE_ANY, we write the cpsr, otherwise a spsr
1797 */
1798 armv4_5_core_reg_t *arch_info = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info;
1799 int spsr = (arch_info->mode == ARMV4_5_MODE_ANY) ? 0 : 1;
1800
1801 /* if we're writing the CPSR, mask the T bit */
1802 if (!spsr)
1803 value &= ~0x20;
1804
1805 arm7_9->write_xpsr(target, value, spsr);
1806 }
1807
1808 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
1809 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
1810
1811 if ((mode != ARMV4_5_MODE_ANY)
1812 && (mode != armv4_5->core_mode)
1813 && (reg_mode != ARMV4_5_MODE_ANY)) {
1814 /* restore processor mode (mask T bit) */
1815 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1816 }
1817
1818 return jtag_execute_queue();
1819 }
1820
1821 int arm7_9_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1822 {
1823 armv4_5_common_t *armv4_5 = target->arch_info;
1824 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1825
1826 u32 reg[16];
1827 int num_accesses = 0;
1828 int thisrun_accesses;
1829 int i;
1830 u32 cpsr;
1831 int retval;
1832 int last_reg = 0;
1833
1834 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
1835
1836 if (target->state != TARGET_HALTED)
1837 {
1838 LOG_WARNING("target not halted");
1839 return ERROR_TARGET_NOT_HALTED;
1840 }
1841
1842 /* sanitize arguments */
1843 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1844 return ERROR_INVALID_ARGUMENTS;
1845
1846 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1847 return ERROR_TARGET_UNALIGNED_ACCESS;
1848
1849 /* load the base register with the address of the first word */
1850 reg[0] = address;
1851 arm7_9->write_core_regs(target, 0x1, reg);
1852
1853 switch (size)
1854 {
1855 case 4:
1856 while (num_accesses < count)
1857 {
1858 u32 reg_list;
1859 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1860 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1861
1862 if (last_reg <= thisrun_accesses)
1863 last_reg = thisrun_accesses;
1864
1865 arm7_9->load_word_regs(target, reg_list);
1866
1867 /* fast memory reads are only safe when the target is running
1868 * from a sufficiently high clock (32 kHz is usually too slow)
1869 */
1870 if (arm7_9->fast_memory_access)
1871 arm7_9_execute_fast_sys_speed(target);
1872 else
1873 arm7_9_execute_sys_speed(target);
1874
1875 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 4);
1876
1877 /* advance buffer, count number of accesses */
1878 buffer += thisrun_accesses * 4;
1879 num_accesses += thisrun_accesses;
1880 }
1881 break;
1882 case 2:
1883 while (num_accesses < count)
1884 {
1885 u32 reg_list;
1886 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1887 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1888
1889 for (i = 1; i <= thisrun_accesses; i++)
1890 {
1891 if (i > last_reg)
1892 last_reg = i;
1893 arm7_9->load_hword_reg(target, i);
1894 /* fast memory reads are only safe when the target is running
1895 * from a sufficiently high clock (32 kHz is usually too slow)
1896 */
1897 if (arm7_9->fast_memory_access)
1898 arm7_9_execute_fast_sys_speed(target);
1899 else
1900 arm7_9_execute_sys_speed(target);
1901 }
1902
1903 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 2);
1904
1905 /* advance buffer, count number of accesses */
1906 buffer += thisrun_accesses * 2;
1907 num_accesses += thisrun_accesses;
1908 }
1909 break;
1910 case 1:
1911 while (num_accesses < count)
1912 {
1913 u32 reg_list;
1914 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1915 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1916
1917 for (i = 1; i <= thisrun_accesses; i++)
1918 {
1919 if (i > last_reg)
1920 last_reg = i;
1921 arm7_9->load_byte_reg(target, i);
1922 /* fast memory reads are only safe when the target is running
1923 * from a sufficiently high clock (32 kHz is usually too slow)
1924 */
1925 if (arm7_9->fast_memory_access)
1926 arm7_9_execute_fast_sys_speed(target);
1927 else
1928 arm7_9_execute_sys_speed(target);
1929 }
1930
1931 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 1);
1932
1933 /* advance buffer, count number of accesses */
1934 buffer += thisrun_accesses * 1;
1935 num_accesses += thisrun_accesses;
1936 }
1937 break;
1938 default:
1939 LOG_ERROR("BUG: we shouldn't get here");
1940 exit(-1);
1941 break;
1942 }
1943
1944 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1945 return ERROR_FAIL;
1946
1947 for (i=0; i<=last_reg; i++)
1948 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid;
1949
1950 arm7_9->read_xpsr(target, &cpsr, 0);
1951 if ((retval = jtag_execute_queue()) != ERROR_OK)
1952 {
1953 LOG_ERROR("JTAG error while reading cpsr");
1954 return ERROR_TARGET_DATA_ABORT;
1955 }
1956
1957 if (((cpsr & 0x1f) == ARMV4_5_MODE_ABT) && (armv4_5->core_mode != ARMV4_5_MODE_ABT))
1958 {
1959 LOG_WARNING("memory read caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address, size, count);
1960
1961 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1962
1963 return ERROR_TARGET_DATA_ABORT;
1964 }
1965
1966 return ERROR_OK;
1967 }
1968
1969 int arm7_9_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1970 {
1971 armv4_5_common_t *armv4_5 = target->arch_info;
1972 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1973 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1974
1975 u32 reg[16];
1976 int num_accesses = 0;
1977 int thisrun_accesses;
1978 int i;
1979 u32 cpsr;
1980 int retval;
1981 int last_reg = 0;
1982
1983 #ifdef _DEBUG_ARM7_9_
1984 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
1985 #endif
1986
1987 if (target->state != TARGET_HALTED)
1988 {
1989 LOG_WARNING("target not halted");
1990 return ERROR_TARGET_NOT_HALTED;
1991 }
1992
1993 /* sanitize arguments */
1994 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1995 return ERROR_INVALID_ARGUMENTS;
1996
1997 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1998 return ERROR_TARGET_UNALIGNED_ACCESS;
1999
2000 /* load the base register with the address of the first word */
2001 reg[0] = address;
2002 arm7_9->write_core_regs(target, 0x1, reg);
2003
2004 /* Clear DBGACK, to make sure memory fetches work as expected */
2005 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
2006 embeddedice_store_reg(dbg_ctrl);
2007
2008 switch (size)
2009 {
2010 case 4:
2011 while (num_accesses < count)
2012 {
2013 u32 reg_list;
2014 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2015 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2016
2017 for (i = 1; i <= thisrun_accesses; i++)
2018 {
2019 if (i > last_reg)
2020 last_reg = i;
2021 reg[i] = target_buffer_get_u32(target, buffer);
2022 buffer += 4;
2023 }
2024
2025 arm7_9->write_core_regs(target, reg_list, reg);
2026
2027 arm7_9->store_word_regs(target, reg_list);
2028
2029 /* fast memory writes are only safe when the target is running
2030 * from a sufficiently high clock (32 kHz is usually too slow)
2031 */
2032 if (arm7_9->fast_memory_access)
2033 arm7_9_execute_fast_sys_speed(target);
2034 else
2035 arm7_9_execute_sys_speed(target);
2036
2037 num_accesses += thisrun_accesses;
2038 }
2039 break;
2040 case 2:
2041 while (num_accesses < count)
2042 {
2043 u32 reg_list;
2044 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2045 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2046
2047 for (i = 1; i <= thisrun_accesses; i++)
2048 {
2049 if (i > last_reg)
2050 last_reg = i;
2051 reg[i] = target_buffer_get_u16(target, buffer) & 0xffff;
2052 buffer += 2;
2053 }
2054
2055 arm7_9->write_core_regs(target, reg_list, reg);
2056
2057 for (i = 1; i <= thisrun_accesses; i++)
2058 {
2059 arm7_9->store_hword_reg(target, i);
2060
2061 /* fast memory writes are only safe when the target is running
2062 * from a sufficiently high clock (32 kHz is usually too slow)
2063 */
2064 if (arm7_9->fast_memory_access)
2065 arm7_9_execute_fast_sys_speed(target);
2066 else
2067 arm7_9_execute_sys_speed(target);
2068 }
2069
2070 num_accesses += thisrun_accesses;
2071 }
2072 break;
2073 case 1:
2074 while (num_accesses < count)
2075 {
2076 u32 reg_list;
2077 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2078 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2079
2080 for (i = 1; i <= thisrun_accesses; i++)
2081 {
2082 if (i > last_reg)
2083 last_reg = i;
2084 reg[i] = *buffer++ & 0xff;
2085 }
2086
2087 arm7_9->write_core_regs(target, reg_list, reg);
2088
2089 for (i = 1; i <= thisrun_accesses; i++)
2090 {
2091 arm7_9->store_byte_reg(target, i);
2092 /* fast memory writes are only safe when the target is running
2093 * from a sufficiently high clock (32 kHz is usually too slow)
2094 */
2095 if (arm7_9->fast_memory_access)
2096 arm7_9_execute_fast_sys_speed(target);
2097 else
2098 arm7_9_execute_sys_speed(target);
2099 }
2100
2101 num_accesses += thisrun_accesses;
2102 }
2103 break;
2104 default:
2105 LOG_ERROR("BUG: we shouldn't get here");
2106 exit(-1);
2107 break;
2108 }
2109
2110 /* Re-Set DBGACK */
2111 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
2112 embeddedice_store_reg(dbg_ctrl);
2113
2114 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
2115 return ERROR_FAIL;
2116
2117 for (i=0; i<=last_reg; i++)
2118 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid;
2119
2120 arm7_9->read_xpsr(target, &cpsr, 0);
2121 if ((retval = jtag_execute_queue()) != ERROR_OK)
2122 {
2123 LOG_ERROR("JTAG error while reading cpsr");
2124 return ERROR_TARGET_DATA_ABORT;
2125 }
2126
2127 if (((cpsr & 0x1f) == ARMV4_5_MODE_ABT) && (armv4_5->core_mode != ARMV4_5_MODE_ABT))
2128 {
2129 LOG_WARNING("memory write caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address, size, count);
2130
2131 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
2132
2133 return ERROR_TARGET_DATA_ABORT;
2134 }
2135
2136 return ERROR_OK;
2137 }
2138
2139 static const u32 dcc_code[] =
2140 {
2141 /* MRC TST BNE MRC STR B */
2142 0xee101e10, 0xe3110001, 0x0afffffc, 0xee111e10, 0xe4801004, 0xeafffff9
2143 };
2144
2145 int arm7_9_bulk_write_memory(target_t *target, u32 address, u32 count, u8 *buffer)
2146 {
2147 armv4_5_common_t *armv4_5 = target->arch_info;
2148 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
2149 enum armv4_5_state core_state = armv4_5->core_state;
2150 u32 r0 = buf_get_u32(armv4_5->core_cache->reg_list[0].value, 0, 32);
2151 u32 r1 = buf_get_u32(armv4_5->core_cache->reg_list[1].value, 0, 32);
2152 u32 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2153 int i;
2154
2155 if (!arm7_9->dcc_downloads)
2156 return target->type->write_memory(target, address, 4, count, buffer);
2157
2158 /* regrab previously allocated working_area, or allocate a new one */
2159 if (!arm7_9->dcc_working_area)
2160 {
2161 u8 dcc_code_buf[6 * 4];
2162
2163 /* make sure we have a working area */
2164 if (target_alloc_working_area(target, 24, &arm7_9->dcc_working_area) != ERROR_OK)
2165 {
2166 LOG_INFO("no working area available, falling back to memory writes");
2167 return target->type->write_memory(target, address, 4, count, buffer);
2168 }
2169
2170 /* copy target instructions to target endianness */
2171 for (i = 0; i < 6; i++)
2172 {
2173 target_buffer_set_u32(target, dcc_code_buf + i*4, dcc_code[i]);
2174 }
2175
2176 /* write DCC code to working area */
2177 target->type->write_memory(target, arm7_9->dcc_working_area->address, 4, 6, dcc_code_buf);
2178 }
2179
2180 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, address);
2181 armv4_5->core_cache->reg_list[0].valid = 1;
2182 armv4_5->core_cache->reg_list[0].dirty = 1;
2183 armv4_5->core_state = ARMV4_5_STATE_ARM;
2184
2185 arm7_9_resume(target, 0, arm7_9->dcc_working_area->address, 1, 1);
2186
2187 int little=target->endianness==TARGET_LITTLE_ENDIAN;
2188 if (count>2)
2189 {
2190 /* Handle first & last using standard embeddedice_write_reg and the middle ones w/the
2191 core function repeated.
2192 */
2193 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2194 buffer+=4;
2195
2196 embeddedice_reg_t *ice_reg = arm7_9->eice_cache->reg_list[EICE_COMMS_DATA].arch_info;
2197 u8 reg_addr = ice_reg->addr & 0x1f;
2198 int chain_pos = ice_reg->jtag_info->chain_pos;
2199
2200 embeddedice_write_dcc(chain_pos, reg_addr, buffer, little, count-2);
2201 buffer += (count-2)*4;
2202
2203 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2204 } else
2205 {
2206 for (i = 0; i < count; i++)
2207 {
2208 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2209 buffer += 4;
2210 }
2211 }
2212
2213 target_halt(target);
2214
2215 for (i=0; i<100; i++)
2216 {
2217 target_poll(target);
2218 if (target->state == TARGET_HALTED)
2219 break;
2220 usleep(1000); /* sleep 1ms */
2221 }
2222 if (i == 100)
2223 {
2224 LOG_ERROR("bulk write timed out, target not halted");
2225 return ERROR_TARGET_TIMEOUT;
2226 }
2227
2228 /* restore target state */
2229 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, r0);
2230 armv4_5->core_cache->reg_list[0].valid = 1;
2231 armv4_5->core_cache->reg_list[0].dirty = 1;
2232 buf_set_u32(armv4_5->core_cache->reg_list[1].value, 0, 32, r1);
2233 armv4_5->core_cache->reg_list[1].valid = 1;
2234 armv4_5->core_cache->reg_list[1].dirty = 1;
2235 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
2236 armv4_5->core_cache->reg_list[15].valid = 1;
2237 armv4_5->core_cache->reg_list[15].dirty = 1;
2238 armv4_5->core_state = core_state;
2239
2240 return ERROR_OK;
2241 }
2242
2243 int arm7_9_checksum_memory(struct target_s *target, u32 address, u32 count, u32* checksum)
2244 {
2245 working_area_t *crc_algorithm;
2246 armv4_5_algorithm_t armv4_5_info;
2247 reg_param_t reg_params[2];
2248 int retval;
2249
2250 u32 arm7_9_crc_code[] = {
2251 0xE1A02000, /* mov r2, r0 */
2252 0xE3E00000, /* mov r0, #0xffffffff */
2253 0xE1A03001, /* mov r3, r1 */
2254 0xE3A04000, /* mov r4, #0 */
2255 0xEA00000B, /* b ncomp */
2256 /* nbyte: */
2257 0xE7D21004, /* ldrb r1, [r2, r4] */
2258 0xE59F7030, /* ldr r7, CRC32XOR */
2259 0xE0200C01, /* eor r0, r0, r1, asl 24 */
2260 0xE3A05000, /* mov r5, #0 */
2261 /* loop: */
2262 0xE3500000, /* cmp r0, #0 */
2263 0xE1A06080, /* mov r6, r0, asl #1 */
2264 0xE2855001, /* add r5, r5, #1 */
2265 0xE1A00006, /* mov r0, r6 */
2266 0xB0260007, /* eorlt r0, r6, r7 */
2267 0xE3550008, /* cmp r5, #8 */
2268 0x1AFFFFF8, /* bne loop */
2269 0xE2844001, /* add r4, r4, #1 */
2270 /* ncomp: */
2271 0xE1540003, /* cmp r4, r3 */
2272 0x1AFFFFF1, /* bne nbyte */
2273 /* end: */
2274 0xEAFFFFFE, /* b end */
2275 0x04C11DB7 /* CRC32XOR: .word 0x04C11DB7 */
2276 };
2277
2278 int i;
2279
2280 if (target_alloc_working_area(target, sizeof(arm7_9_crc_code), &crc_algorithm) != ERROR_OK)
2281 {
2282 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2283 }
2284
2285 /* convert flash writing code into a buffer in target endianness */
2286 for (i = 0; i < (sizeof(arm7_9_crc_code)/sizeof(u32)); i++)
2287 target_write_u32(target, crc_algorithm->address + i*sizeof(u32), arm7_9_crc_code[i]);
2288
2289 armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;
2290 armv4_5_info.core_mode = ARMV4_5_MODE_SVC;
2291 armv4_5_info.core_state = ARMV4_5_STATE_ARM;
2292
2293 init_reg_param(&reg_params[0], "r0", 32, PARAM_IN_OUT);
2294 init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);
2295
2296 buf_set_u32(reg_params[0].value, 0, 32, address);
2297 buf_set_u32(reg_params[1].value, 0, 32, count);
2298
2299 if ((retval = target->type->run_algorithm(target, 0, NULL, 2, reg_params,
2300 crc_algorithm->address, crc_algorithm->address + (sizeof(arm7_9_crc_code) - 8), 20000, &armv4_5_info)) != ERROR_OK)
2301 {
2302 LOG_ERROR("error executing arm7_9 crc algorithm");
2303 destroy_reg_param(&reg_params[0]);
2304 destroy_reg_param(&reg_params[1]);
2305 target_free_working_area(target, crc_algorithm);
2306 return retval;
2307 }
2308
2309 *checksum = buf_get_u32(reg_params[0].value, 0, 32);
2310
2311 destroy_reg_param(&reg_params[0]);
2312 destroy_reg_param(&reg_params[1]);
2313
2314 target_free_working_area(target, crc_algorithm);
2315
2316 return ERROR_OK;
2317 }
2318
2319 int arm7_9_blank_check_memory(struct target_s *target, u32 address, u32 count, u32* blank)
2320 {
2321 working_area_t *erase_check_algorithm;
2322 reg_param_t reg_params[3];
2323 armv4_5_algorithm_t armv4_5_info;
2324 int retval;
2325 int i;
2326
2327 u32 erase_check_code[] =
2328 {
2329 /* loop: */
2330 0xe4d03001, /* ldrb r3, [r0], #1 */
2331 0xe0022003, /* and r2, r2, r3 */
2332 0xe2511001, /* subs r1, r1, #1 */
2333 0x1afffffb, /* bne loop */
2334 /* end: */
2335 0xeafffffe /* b end */
2336 };
2337
2338 /* make sure we have a working area */
2339 if (target_alloc_working_area(target, sizeof(erase_check_code), &erase_check_algorithm) != ERROR_OK)
2340 {
2341 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2342 }
2343
2344 /* convert flash writing code into a buffer in target endianness */
2345 for (i = 0; i < (sizeof(erase_check_code)/sizeof(u32)); i++)
2346 target_write_u32(target, erase_check_algorithm->address + i*sizeof(u32), erase_check_code[i]);
2347
2348 armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;
2349 armv4_5_info.core_mode = ARMV4_5_MODE_SVC;
2350 armv4_5_info.core_state = ARMV4_5_STATE_ARM;
2351
2352 init_reg_param(&reg_params[0], "r0", 32, PARAM_OUT);
2353 buf_set_u32(reg_params[0].value, 0, 32, address);
2354
2355 init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);
2356 buf_set_u32(reg_params[1].value, 0, 32, count);
2357
2358 init_reg_param(&reg_params[2], "r2", 32, PARAM_IN_OUT);
2359 buf_set_u32(reg_params[2].value, 0, 32, 0xff);
2360
2361 if ((retval = target->type->run_algorithm(target, 0, NULL, 3, reg_params,
2362 erase_check_algorithm->address, erase_check_algorithm->address + (sizeof(erase_check_code) - 4), 10000, &armv4_5_info)) != ERROR_OK)
2363 {
2364 destroy_reg_param(&reg_params[0]);
2365 destroy_reg_param(&reg_params[1]);
2366 destroy_reg_param(&reg_params[2]);
2367 target_free_working_area(target, erase_check_algorithm);
2368 return 0;
2369 }
2370
2371 *blank = buf_get_u32(reg_params[2].value, 0, 32);
2372
2373 destroy_reg_param(&reg_params[0]);
2374 destroy_reg_param(&reg_params[1]);
2375 destroy_reg_param(&reg_params[2]);
2376
2377 target_free_working_area(target, erase_check_algorithm);
2378
2379 return ERROR_OK;
2380 }
2381
2382 int arm7_9_register_commands(struct command_context_s *cmd_ctx)
2383 {
2384 command_t *arm7_9_cmd;
2385
2386 arm7_9_cmd = register_command(cmd_ctx, NULL, "arm7_9", NULL, COMMAND_ANY, "arm7/9 specific commands");
2387
2388 register_command(cmd_ctx, arm7_9_cmd, "write_xpsr", handle_arm7_9_write_xpsr_command, COMMAND_EXEC, "write program status register <value> <not cpsr|spsr>");
2389 register_command(cmd_ctx, arm7_9_cmd, "write_xpsr_im8", handle_arm7_9_write_xpsr_im8_command, COMMAND_EXEC, "write program status register <8bit immediate> <rotate> <not cpsr|spsr>");
2390
2391 register_command(cmd_ctx, arm7_9_cmd, "write_core_reg", handle_arm7_9_write_core_reg_command, COMMAND_EXEC, "write core register <num> <mode> <value>");
2392
2393 register_command(cmd_ctx, arm7_9_cmd, "sw_bkpts", handle_arm7_9_sw_bkpts_command, COMMAND_EXEC, "support for software breakpoints <enable|disable>");
2394 register_command(cmd_ctx, arm7_9_cmd, "force_hw_bkpts", handle_arm7_9_force_hw_bkpts_command, COMMAND_EXEC, "use hardware breakpoints for all breakpoints (disables sw breakpoint support) <enable|disable>");
2395 register_command(cmd_ctx, arm7_9_cmd, "dbgrq", handle_arm7_9_dbgrq_command,
2396 COMMAND_ANY, "use EmbeddedICE dbgrq instead of breakpoint for target halt requests <enable|disable>");
2397 register_command(cmd_ctx, arm7_9_cmd, "fast_writes", handle_arm7_9_fast_memory_access_command,
2398 COMMAND_ANY, "(deprecated, see: arm7_9 fast_memory_access)");
2399 register_command(cmd_ctx, arm7_9_cmd, "fast_memory_access", handle_arm7_9_fast_memory_access_command,
2400 COMMAND_ANY, "use fast memory accesses instead of slower but potentially unsafe slow accesses <enable|disable>");
2401 register_command(cmd_ctx, arm7_9_cmd, "dcc_downloads", handle_arm7_9_dcc_downloads_command,
2402 COMMAND_ANY, "use DCC downloads for larger memory writes <enable|disable>");
2403
2404 armv4_5_register_commands(cmd_ctx);
2405
2406 etm_register_commands(cmd_ctx);
2407
2408 return ERROR_OK;
2409 }
2410
2411 int handle_arm7_9_write_xpsr_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2412 {
2413 u32 value;
2414 int spsr;
2415 int retval;
2416 target_t *target = get_current_target(cmd_ctx);
2417 armv4_5_common_t *armv4_5;
2418 arm7_9_common_t *arm7_9;
2419
2420 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2421 {
2422 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2423 return ERROR_OK;
2424 }
2425
2426 if (target->state != TARGET_HALTED)
2427 {
2428 command_print(cmd_ctx, "can't write registers while running");
2429 return ERROR_OK;
2430 }
2431
2432 if (argc < 2)
2433 {
2434 command_print(cmd_ctx, "usage: write_xpsr <value> <not cpsr|spsr>");
2435 return ERROR_OK;
2436 }
2437
2438 value = strtoul(args[0], NULL, 0);
2439 spsr = strtol(args[1], NULL, 0);
2440
2441 /* if we're writing the CPSR, mask the T bit */
2442 if (!spsr)
2443 value &= ~0x20;
2444
2445 arm7_9->write_xpsr(target, value, spsr);
2446 if ((retval = jtag_execute_queue()) != ERROR_OK)
2447 {
2448 LOG_ERROR("JTAG error while writing to xpsr");
2449 return retval;
2450 }
2451
2452 return ERROR_OK;
2453 }
2454
2455 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2456 {
2457 u32 value;
2458 int rotate;
2459 int spsr;
2460 int retval;
2461 target_t *target = get_current_target(cmd_ctx);
2462 armv4_5_common_t *armv4_5;
2463 arm7_9_common_t *arm7_9;
2464
2465 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2466 {
2467 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2468 return ERROR_OK;
2469 }
2470
2471 if (target->state != TARGET_HALTED)
2472 {
2473 command_print(cmd_ctx, "can't write registers while running");
2474 return ERROR_OK;
2475 }
2476
2477 if (argc < 3)
2478 {
2479 command_print(cmd_ctx, "usage: write_xpsr_im8 <im8> <rotate> <not cpsr|spsr>");
2480 return ERROR_OK;
2481 }
2482
2483 value = strtoul(args[0], NULL, 0);
2484 rotate = strtol(args[1], NULL, 0);
2485 spsr = strtol(args[2], NULL, 0);
2486
2487 arm7_9->write_xpsr_im8(target, value, rotate, spsr);
2488 if ((retval = jtag_execute_queue()) != ERROR_OK)
2489 {
2490 LOG_ERROR("JTAG error while writing 8-bit immediate to xpsr");
2491 return retval;
2492 }
2493
2494 return ERROR_OK;
2495 }
2496
2497 int handle_arm7_9_write_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2498 {
2499 u32 value;
2500 u32 mode;
2501 int num;
2502 target_t *target = get_current_target(cmd_ctx);
2503 armv4_5_common_t *armv4_5;
2504 arm7_9_common_t *arm7_9;
2505
2506 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2507 {
2508 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2509 return ERROR_OK;
2510 }
2511
2512 if (target->state != TARGET_HALTED)
2513 {
2514 command_print(cmd_ctx, "can't write registers while running");
2515 return ERROR_OK;
2516 }
2517
2518 if (argc < 3)
2519 {
2520 command_print(cmd_ctx, "usage: write_core_reg <num> <mode> <value>");
2521 return ERROR_OK;
2522 }
2523
2524 num = strtol(args[0], NULL, 0);
2525 mode = strtoul(args[1], NULL, 0);
2526 value = strtoul(args[2], NULL, 0);
2527
2528 arm7_9_write_core_reg(target, num, mode, value);
2529
2530 return ERROR_OK;
2531 }
2532
2533 int handle_arm7_9_sw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2534 {
2535 target_t *target = get_current_target(cmd_ctx);
2536 armv4_5_common_t *armv4_5;
2537 arm7_9_common_t *arm7_9;
2538
2539 if (target->state != TARGET_HALTED)
2540 {
2541 LOG_ERROR("target not halted");
2542 return ERROR_TARGET_NOT_HALTED;
2543 }
2544
2545 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2546 {
2547 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2548 return ERROR_OK;
2549 }
2550
2551 if (argc == 0)
2552 {
2553 command_print(cmd_ctx, "software breakpoints %s", (arm7_9->sw_bkpts_enabled) ? "enabled" : "disabled");
2554 return ERROR_OK;
2555 }
2556
2557 if (strcmp("enable", args[0]) == 0)
2558 {
2559 if (arm7_9->sw_bkpts_use_wp)
2560 {
2561 arm7_9_enable_sw_bkpts(target);
2562 }
2563 else
2564 {
2565 arm7_9->sw_bkpts_enabled = 1;
2566 }
2567 }
2568 else if (strcmp("disable", args[0]) == 0)
2569 {
2570 if (arm7_9->sw_bkpts_use_wp)
2571 {
2572 arm7_9_disable_sw_bkpts(target);
2573 }
2574 else
2575 {
2576 arm7_9->sw_bkpts_enabled = 0;
2577 }
2578 }
2579 else
2580 {
2581 command_print(cmd_ctx, "usage: arm7_9 sw_bkpts <enable|disable>");
2582 }
2583
2584 command_print(cmd_ctx, "software breakpoints %s", (arm7_9->sw_bkpts_enabled) ? "enabled" : "disabled");
2585
2586 return ERROR_OK;
2587 }
2588
2589 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2590 {
2591 target_t *target = get_current_target(cmd_ctx);
2592 armv4_5_common_t *armv4_5;
2593 arm7_9_common_t *arm7_9;
2594
2595 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2596 {
2597 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2598 return ERROR_OK;
2599 }
2600
2601 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
2602 {
2603 arm7_9->force_hw_bkpts = 1;
2604 if (arm7_9->sw_bkpts_use_wp)
2605 {
2606 arm7_9_disable_sw_bkpts(target);
2607 }
2608 }
2609 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
2610 {
2611 arm7_9->force_hw_bkpts = 0;
2612 }
2613 else
2614 {
2615 command_print(cmd_ctx, "usage: arm7_9 force_hw_bkpts <enable|disable>");
2616 }
2617
2618 command_print(cmd_ctx, "force hardware breakpoints %s", (arm7_9->force_hw_bkpts) ? "enabled" : "disabled");
2619
2620 return ERROR_OK;
2621 }
2622
2623 int handle_arm7_9_dbgrq_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2624 {
2625 target_t *target = get_current_target(cmd_ctx);
2626 armv4_5_common_t *armv4_5;
2627 arm7_9_common_t *arm7_9;
2628
2629 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2630 {
2631 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2632 return ERROR_OK;
2633 }
2634
2635 if (argc > 0)
2636 {
2637 if (strcmp("enable", args[0]) == 0)
2638 {
2639 arm7_9->use_dbgrq = 1;
2640 }
2641 else if (strcmp("disable", args[0]) == 0)
2642 {
2643 arm7_9->use_dbgrq = 0;
2644 }
2645 else
2646 {
2647 command_print(cmd_ctx, "usage: arm7_9 dbgrq <enable|disable>");
2648 }
2649 }
2650
2651 command_print(cmd_ctx, "use of EmbeddedICE dbgrq instead of breakpoint for target halt %s", (arm7_9->use_dbgrq) ? "enabled" : "disabled");
2652
2653 return ERROR_OK;
2654 }
2655
2656 int handle_arm7_9_fast_memory_access_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2657 {
2658 target_t *target = get_current_target(cmd_ctx);
2659 armv4_5_common_t *armv4_5;
2660 arm7_9_common_t *arm7_9;
2661
2662 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2663 {
2664 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2665 return ERROR_OK;
2666 }
2667
2668 if (argc > 0)
2669 {
2670 if (strcmp("enable", args[0]) == 0)
2671 {
2672 arm7_9->fast_memory_access = 1;
2673 }
2674 else if (strcmp("disable", args[0]) == 0)
2675 {
2676 arm7_9->fast_memory_access = 0;
2677 }
2678 else
2679 {
2680 command_print(cmd_ctx, "usage: arm7_9 fast_memory_access <enable|disable>");
2681 }
2682 }
2683
2684 command_print(cmd_ctx, "fast memory access is %s", (arm7_9->fast_memory_access) ? "enabled" : "disabled");
2685
2686 return ERROR_OK;
2687 }
2688
2689 int handle_arm7_9_dcc_downloads_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2690 {
2691 target_t *target = get_current_target(cmd_ctx);
2692 armv4_5_common_t *armv4_5;
2693 arm7_9_common_t *arm7_9;
2694
2695 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2696 {
2697 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2698 return ERROR_OK;
2699 }
2700
2701 if (argc > 0)
2702 {
2703 if (strcmp("enable", args[0]) == 0)
2704 {
2705 arm7_9->dcc_downloads = 1;
2706 }
2707 else if (strcmp("disable", args[0]) == 0)
2708 {
2709 arm7_9->dcc_downloads = 0;
2710 }
2711 else
2712 {
2713 command_print(cmd_ctx, "usage: arm7_9 dcc_downloads <enable|disable>");
2714 }
2715 }
2716
2717 command_print(cmd_ctx, "dcc downloads are %s", (arm7_9->dcc_downloads) ? "enabled" : "disabled");
2718
2719 return ERROR_OK;
2720 }
2721
2722 int arm7_9_init_arch_info(target_t *target, arm7_9_common_t *arm7_9)
2723 {
2724 armv4_5_common_t *armv4_5 = &arm7_9->armv4_5_common;
2725
2726 arm7_9->common_magic = ARM7_9_COMMON_MAGIC;
2727
2728 arm_jtag_setup_connection(&arm7_9->jtag_info);
2729 arm7_9->wp_available = 2;
2730 arm7_9->wp0_used = 0;
2731 arm7_9->wp1_used = 0;
2732 arm7_9->force_hw_bkpts = 0;
2733 arm7_9->use_dbgrq = 0;
2734
2735 arm7_9->etm_ctx = NULL;
2736 arm7_9->has_single_step = 0;
2737 arm7_9->has_monitor_mode = 0;
2738 arm7_9->has_vector_catch = 0;
2739
2740 arm7_9->debug_entry_from_reset = 0;
2741
2742 arm7_9->dcc_working_area = NULL;
2743
2744 arm7_9->fast_memory_access = fast_and_dangerous;
2745 arm7_9->dcc_downloads = fast_and_dangerous;
2746
2747 arm7_9->need_bypass_before_restart = 0;
2748
2749 armv4_5->arch_info = arm7_9;
2750 armv4_5->read_core_reg = arm7_9_read_core_reg;
2751 armv4_5->write_core_reg = arm7_9_write_core_reg;
2752 armv4_5->full_context = arm7_9_full_context;
2753
2754 armv4_5_init_arch_info(target, armv4_5);
2755
2756 target_register_timer_callback(arm7_9_handle_target_request, 1, 1, target);
2757
2758 return ERROR_OK;
2759 }
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)