1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
24 #include "replacements.h"
26 #include "embeddedice.h"
32 #include "arm7_9_common.h"
33 #include "breakpoints.h"
39 #include <sys/types.h>
44 int arm7_9_debug_entry(target_t
*target
);
45 int arm7_9_enable_sw_bkpts(struct target_s
*target
);
47 /* command handler forward declarations */
48 int handle_arm7_9_write_xpsr_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
49 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
50 int handle_arm7_9_read_core_reg_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
51 int handle_arm7_9_write_core_reg_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
52 int handle_arm7_9_sw_bkpts_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
53 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
54 int handle_arm7_9_dbgrq_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
55 int handle_arm7_9_fast_memory_access_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
56 int handle_arm7_9_dcc_downloads_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
57 int handle_arm7_9_etm_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
59 int arm7_9_reinit_embeddedice(target_t
*target
)
61 armv4_5_common_t
*armv4_5
= target
->arch_info
;
62 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
64 breakpoint_t
*breakpoint
= target
->breakpoints
;
66 arm7_9
->wp_available
= 2;
70 /* mark all hardware breakpoints as unset */
73 if (breakpoint
->type
== BKPT_HARD
)
77 breakpoint
= breakpoint
->next
;
80 if (arm7_9
->sw_bkpts_enabled
&& arm7_9
->sw_bkpts_use_wp
)
82 arm7_9
->sw_bkpts_enabled
= 0;
83 arm7_9_enable_sw_bkpts(target
);
86 arm7_9
->reinit_embeddedice
= 0;
91 int arm7_9_jtag_callback(enum jtag_event event
, void *priv
)
93 target_t
*target
= priv
;
94 armv4_5_common_t
*armv4_5
= target
->arch_info
;
95 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
97 /* a test-logic reset occured
98 * the EmbeddedICE registers have been reset
99 * hardware breakpoints have been cleared
101 if (event
== JTAG_TRST_ASSERTED
)
103 arm7_9
->reinit_embeddedice
= 1;
109 int arm7_9_get_arch_pointers(target_t
*target
, armv4_5_common_t
**armv4_5_p
, arm7_9_common_t
**arm7_9_p
)
111 armv4_5_common_t
*armv4_5
= target
->arch_info
;
112 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
114 if (armv4_5
->common_magic
!= ARMV4_5_COMMON_MAGIC
)
119 if (arm7_9
->common_magic
!= ARM7_9_COMMON_MAGIC
)
124 *armv4_5_p
= armv4_5
;
130 int arm7_9_set_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
132 armv4_5_common_t
*armv4_5
= target
->arch_info
;
133 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
135 if (target
->state
!= TARGET_HALTED
)
137 WARNING("target not halted");
138 return ERROR_TARGET_NOT_HALTED
;
141 if (arm7_9
->force_hw_bkpts
)
142 breakpoint
->type
= BKPT_HARD
;
146 WARNING("breakpoint already set");
150 if (breakpoint
->type
== BKPT_HARD
)
152 /* either an ARM (4 byte) or Thumb (2 byte) breakpoint */
153 u32 mask
= (breakpoint
->length
== 4) ? 0x3u
: 0x1u
;
154 if (!arm7_9
->wp0_used
)
156 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_VALUE
], breakpoint
->address
);
157 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], mask
);
158 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0xffffffffu
);
159 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], ~EICE_W_CTRL_nOPC
& 0xff);
160 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
);
162 jtag_execute_queue();
163 arm7_9
->wp0_used
= 1;
166 else if (!arm7_9
->wp1_used
)
168 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_VALUE
], breakpoint
->address
);
169 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
], mask
);
170 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
], 0xffffffffu
);
171 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
], ~EICE_W_CTRL_nOPC
& 0xff);
172 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
);
174 jtag_execute_queue();
175 arm7_9
->wp1_used
= 1;
180 ERROR("BUG: no hardware comparator available");
184 else if (breakpoint
->type
== BKPT_SOFT
)
186 if (breakpoint
->length
== 4)
188 /* keep the original instruction in target endianness */
189 target
->type
->read_memory(target
, breakpoint
->address
, 4, 1, breakpoint
->orig_instr
);
190 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
191 target_write_u32(target
, breakpoint
->address
, arm7_9
->arm_bkpt
);
195 /* keep the original instruction in target endianness */
196 target
->type
->read_memory(target
, breakpoint
->address
, 2, 1, breakpoint
->orig_instr
);
197 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
198 target_write_u32(target
, breakpoint
->address
, arm7_9
->thumb_bkpt
);
207 int arm7_9_unset_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
209 armv4_5_common_t
*armv4_5
= target
->arch_info
;
210 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
212 if (target
->state
!= TARGET_HALTED
)
214 WARNING("target not halted");
215 return ERROR_TARGET_NOT_HALTED
;
218 if (!breakpoint
->set
)
220 WARNING("breakpoint not set");
224 if (breakpoint
->type
== BKPT_HARD
)
226 if (breakpoint
->set
== 1)
228 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x0);
229 jtag_execute_queue();
230 arm7_9
->wp0_used
= 0;
232 else if (breakpoint
->set
== 2)
234 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], 0x0);
235 jtag_execute_queue();
236 arm7_9
->wp1_used
= 0;
242 /* restore original instruction (kept in target endianness) */
243 if (breakpoint
->length
== 4)
245 target
->type
->write_memory(target
, breakpoint
->address
, 4, 1, breakpoint
->orig_instr
);
249 target
->type
->write_memory(target
, breakpoint
->address
, 2, 1, breakpoint
->orig_instr
);
257 int arm7_9_add_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
259 armv4_5_common_t
*armv4_5
= target
->arch_info
;
260 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
262 if (target
->state
!= TARGET_HALTED
)
264 WARNING("target not halted");
265 return ERROR_TARGET_NOT_HALTED
;
268 if (arm7_9
->force_hw_bkpts
)
270 DEBUG("forcing use of hardware breakpoint at address 0x%8.8x", breakpoint
->address
);
271 breakpoint
->type
= BKPT_HARD
;
274 if ((breakpoint
->type
== BKPT_SOFT
) && (arm7_9
->sw_bkpts_enabled
== 0))
276 INFO("sw breakpoint requested, but software breakpoints not enabled");
277 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
280 if ((breakpoint
->type
== BKPT_HARD
) && (arm7_9
->wp_available
< 1))
282 INFO("no watchpoint unit available for hardware breakpoint");
283 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
286 if ((breakpoint
->length
!= 2) && (breakpoint
->length
!= 4))
288 INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
289 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
292 if (breakpoint
->type
== BKPT_HARD
)
293 arm7_9
->wp_available
--;
298 int arm7_9_remove_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
300 armv4_5_common_t
*armv4_5
= target
->arch_info
;
301 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
303 if (target
->state
!= TARGET_HALTED
)
305 WARNING("target not halted");
306 return ERROR_TARGET_NOT_HALTED
;
311 arm7_9_unset_breakpoint(target
, breakpoint
);
314 if (breakpoint
->type
== BKPT_HARD
)
315 arm7_9
->wp_available
++;
320 int arm7_9_set_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
322 armv4_5_common_t
*armv4_5
= target
->arch_info
;
323 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
327 mask
= watchpoint
->length
- 1;
329 if (target
->state
!= TARGET_HALTED
)
331 WARNING("target not halted");
332 return ERROR_TARGET_NOT_HALTED
;
335 if (watchpoint
->rw
== WPT_ACCESS
)
340 if (!arm7_9
->wp0_used
)
342 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_VALUE
], watchpoint
->address
);
343 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], mask
);
344 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], watchpoint
->mask
);
345 if( watchpoint
->mask
!= 0xffffffffu
)
346 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_VALUE
], watchpoint
->value
);
347 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], 0xff & ~EICE_W_CTRL_nOPC
& ~rw_mask
);
348 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
| EICE_W_CTRL_nOPC
| (watchpoint
->rw
& 1));
350 jtag_execute_queue();
352 arm7_9
->wp0_used
= 2;
354 else if (!arm7_9
->wp1_used
)
356 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_VALUE
], watchpoint
->address
);
357 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
], mask
);
358 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
], watchpoint
->mask
);
359 if( watchpoint
->mask
!= 0xffffffffu
)
360 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_VALUE
], watchpoint
->value
);
361 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
], 0xff & ~EICE_W_CTRL_nOPC
& ~rw_mask
);
362 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
| EICE_W_CTRL_nOPC
| (watchpoint
->rw
& 1));
364 jtag_execute_queue();
366 arm7_9
->wp1_used
= 2;
370 ERROR("BUG: no hardware comparator available");
377 int arm7_9_unset_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
379 armv4_5_common_t
*armv4_5
= target
->arch_info
;
380 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
382 if (target
->state
!= TARGET_HALTED
)
384 WARNING("target not halted");
385 return ERROR_TARGET_NOT_HALTED
;
388 if (!watchpoint
->set
)
390 WARNING("breakpoint not set");
394 if (watchpoint
->set
== 1)
396 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x0);
397 jtag_execute_queue();
398 arm7_9
->wp0_used
= 0;
400 else if (watchpoint
->set
== 2)
402 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], 0x0);
403 jtag_execute_queue();
404 arm7_9
->wp1_used
= 0;
411 int arm7_9_add_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
413 armv4_5_common_t
*armv4_5
= target
->arch_info
;
414 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
416 if (target
->state
!= TARGET_HALTED
)
418 WARNING("target not halted");
419 return ERROR_TARGET_NOT_HALTED
;
422 if (arm7_9
->wp_available
< 1)
424 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
427 if ((watchpoint
->length
!= 1) && (watchpoint
->length
!= 2) && (watchpoint
->length
!= 4))
429 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
432 arm7_9
->wp_available
--;
437 int arm7_9_remove_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
439 armv4_5_common_t
*armv4_5
= target
->arch_info
;
440 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
442 if (target
->state
!= TARGET_HALTED
)
444 WARNING("target not halted");
445 return ERROR_TARGET_NOT_HALTED
;
450 arm7_9_unset_watchpoint(target
, watchpoint
);
453 arm7_9
->wp_available
++;
458 int arm7_9_enable_sw_bkpts(struct target_s
*target
)
460 armv4_5_common_t
*armv4_5
= target
->arch_info
;
461 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
464 if (arm7_9
->sw_bkpts_enabled
)
467 if (arm7_9
->wp_available
< 1)
469 WARNING("can't enable sw breakpoints with no watchpoint unit available");
470 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
472 arm7_9
->wp_available
--;
474 if (!arm7_9
->wp0_used
)
476 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_VALUE
], arm7_9
->arm_bkpt
);
477 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0x0);
478 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], 0xffffffffu
);
479 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], ~EICE_W_CTRL_nOPC
& 0xff);
480 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
);
481 arm7_9
->sw_bkpts_enabled
= 1;
482 arm7_9
->wp0_used
= 3;
484 else if (!arm7_9
->wp1_used
)
486 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_VALUE
], arm7_9
->arm_bkpt
);
487 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
], 0x0);
488 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
], 0xffffffffu
);
489 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
], ~EICE_W_CTRL_nOPC
& 0xff);
490 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
);
491 arm7_9
->sw_bkpts_enabled
= 2;
492 arm7_9
->wp1_used
= 3;
496 ERROR("BUG: both watchpoints used, but wp_available >= 1");
500 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
502 ERROR("error writing EmbeddedICE registers to enable sw breakpoints");
509 int arm7_9_disable_sw_bkpts(struct target_s
*target
)
511 armv4_5_common_t
*armv4_5
= target
->arch_info
;
512 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
514 if (!arm7_9
->sw_bkpts_enabled
)
517 if (arm7_9
->sw_bkpts_enabled
== 1)
519 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x0);
520 arm7_9
->sw_bkpts_enabled
= 0;
521 arm7_9
->wp0_used
= 0;
522 arm7_9
->wp_available
++;
524 else if (arm7_9
->sw_bkpts_enabled
== 2)
526 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], 0x0);
527 arm7_9
->sw_bkpts_enabled
= 0;
528 arm7_9
->wp1_used
= 0;
529 arm7_9
->wp_available
++;
535 int arm7_9_execute_sys_speed(struct target_s
*target
)
540 armv4_5_common_t
*armv4_5
= target
->arch_info
;
541 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
542 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
543 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
545 /* set RESTART instruction */
546 jtag_add_end_state(TAP_RTI
);
547 arm_jtag_set_instr(jtag_info
, 0x4, NULL
);
549 for (timeout
=0; timeout
<50; timeout
++)
551 /* read debug status register */
552 embeddedice_read_reg(dbg_stat
);
553 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
555 if ((buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1))
556 && (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_SYSCOMP
, 1)))
562 ERROR("timeout waiting for SYSCOMP & DBGACK, last DBG_STATUS: %x", buf_get_u32(dbg_stat
->value
, 0, dbg_stat
->size
));
563 return ERROR_TARGET_TIMEOUT
;
569 int arm7_9_execute_fast_sys_speed(struct target_s
*target
)
571 u8 check_value
[4], check_mask
[4];
573 armv4_5_common_t
*armv4_5
= target
->arch_info
;
574 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
575 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
576 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
578 /* set RESTART instruction */
579 jtag_add_end_state(TAP_RTI
);
580 arm_jtag_set_instr(jtag_info
, 0x4, NULL
);
582 /* check for DBGACK and SYSCOMP set (others don't care) */
583 buf_set_u32(check_value
, 0, 32, 0x9);
584 buf_set_u32(check_mask
, 0, 32, 0x9);
586 /* read debug status register */
587 embeddedice_read_reg_w_check(dbg_stat
, check_value
, check_value
);
592 enum target_state
arm7_9_poll(target_t
*target
)
595 armv4_5_common_t
*armv4_5
= target
->arch_info
;
596 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
597 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
599 if (arm7_9
->reinit_embeddedice
)
601 arm7_9_reinit_embeddedice(target
);
604 /* read debug status register */
605 embeddedice_read_reg(dbg_stat
);
606 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
610 case ERROR_JTAG_QUEUE_FAILED
:
611 ERROR("JTAG queue failed while reading EmbeddedICE status register");
619 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1))
621 DEBUG("DBGACK set, dbg_state->value: 0x%x", buf_get_u32(dbg_stat
->value
, 0, 32));
622 if ((target
->state
== TARGET_UNKNOWN
))
624 WARNING("DBGACK set while target was in unknown state. Reset or initialize target before resuming");
625 target
->state
= TARGET_RUNNING
;
627 if ((target
->state
== TARGET_RUNNING
) || (target
->state
== TARGET_RESET
))
629 target
->state
= TARGET_HALTED
;
630 if ((retval
= arm7_9_debug_entry(target
)) != ERROR_OK
)
633 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
635 if (target
->state
== TARGET_DEBUG_RUNNING
)
637 target
->state
= TARGET_HALTED
;
638 if ((retval
= arm7_9_debug_entry(target
)) != ERROR_OK
)
641 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_HALTED
);
646 if (target
->state
!= TARGET_DEBUG_RUNNING
)
647 target
->state
= TARGET_RUNNING
;
650 return target
->state
;
653 int arm7_9_assert_reset(target_t
*target
)
657 DEBUG("target->state: %s", target_state_strings
[target
->state
]);
659 if (target
->state
== TARGET_HALTED
|| target
->state
== TARGET_UNKNOWN
)
661 /* if the target wasn't running, there might be working areas allocated */
662 target_free_all_working_areas(target
);
664 /* assert SRST and TRST */
665 /* system would get ouf sync if we didn't reset test-logic, too */
666 if ((retval
= jtag_add_reset(1, 1)) != ERROR_OK
)
668 if (retval
== ERROR_JTAG_RESET_CANT_SRST
)
670 WARNING("can't assert srst");
675 ERROR("unknown error");
679 jtag_add_sleep(5000);
680 if ((retval
= jtag_add_reset(0, 1)) != ERROR_OK
)
682 if (retval
== ERROR_JTAG_RESET_WOULD_ASSERT_TRST
)
684 WARNING("srst resets test logic, too");
685 retval
= jtag_add_reset(1, 1);
691 if ((retval
= jtag_add_reset(0, 1)) != ERROR_OK
)
693 if (retval
== ERROR_JTAG_RESET_WOULD_ASSERT_TRST
)
695 WARNING("srst resets test logic, too");
696 retval
= jtag_add_reset(1, 1);
699 if (retval
== ERROR_JTAG_RESET_CANT_SRST
)
701 WARNING("can't assert srst");
704 else if (retval
!= ERROR_OK
)
706 ERROR("unknown error");
712 target
->state
= TARGET_RESET
;
713 jtag_add_sleep(50000);
715 armv4_5_invalidate_core_regs(target
);
721 int arm7_9_deassert_reset(target_t
*target
)
723 DEBUG("target->state: %s", target_state_strings
[target
->state
]);
725 /* deassert reset lines */
726 jtag_add_reset(0, 0);
731 int arm7_9_clear_halt(target_t
*target
)
733 armv4_5_common_t
*armv4_5
= target
->arch_info
;
734 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
735 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
737 /* we used DBGRQ only if we didn't come out of reset */
738 if (!arm7_9
->debug_entry_from_reset
&& arm7_9
->use_dbgrq
)
740 /* program EmbeddedICE Debug Control Register to deassert DBGRQ
742 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGRQ
, 1, 0);
743 embeddedice_store_reg(dbg_ctrl
);
747 if (arm7_9
->debug_entry_from_reset
&& arm7_9
->has_vector_catch
)
749 /* if we came out of reset, and vector catch is supported, we used
750 * vector catch to enter debug state
751 * restore the register in that case
753 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_VEC_CATCH
]);
757 /* restore registers if watchpoint unit 0 was in use
759 if (arm7_9
->wp0_used
)
761 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
]);
762 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
]);
763 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
]);
765 /* control value always has to be restored, as it was either disabled,
766 * or enabled with possibly different bits
768 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
]);
775 int arm7_9_soft_reset_halt(struct target_s
*target
)
777 armv4_5_common_t
*armv4_5
= target
->arch_info
;
778 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
779 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
780 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
783 if (target
->state
== TARGET_RUNNING
)
785 target
->type
->halt(target
);
788 while (buf_get_u32(dbg_stat
->value
, EICE_DBG_CONTROL_DBGACK
, 1) == 0)
790 embeddedice_read_reg(dbg_stat
);
791 jtag_execute_queue();
793 target
->state
= TARGET_HALTED
;
795 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
796 * ensure that DBGRQ is cleared
798 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 1);
799 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGRQ
, 1, 0);
800 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_INTDIS
, 1, 1);
801 embeddedice_store_reg(dbg_ctrl
);
803 arm7_9_clear_halt(target
);
805 /* if the target is in Thumb state, change to ARM state */
806 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_ITBIT
, 1))
808 u32 r0_thumb
, pc_thumb
;
809 DEBUG("target entered debug from Thumb state, changing to ARM");
810 /* Entered debug from Thumb mode */
811 armv4_5
->core_state
= ARMV4_5_STATE_THUMB
;
812 arm7_9
->change_to_arm(target
, &r0_thumb
, &pc_thumb
);
815 /* all register content is now invalid */
816 armv4_5_invalidate_core_regs(target
);
818 /* SVC, ARM state, IRQ and FIQ disabled */
819 buf_set_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8, 0xd3);
820 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 1;
821 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
823 /* start fetching from 0x0 */
824 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, 0x0);
825 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
826 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
828 armv4_5
->core_mode
= ARMV4_5_MODE_SVC
;
829 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
831 /* reset registers */
832 for (i
= 0; i
<= 14; i
++)
834 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).value
, 0, 32, 0xffffffff);
835 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 1;
836 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).valid
= 1;
839 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
844 int arm7_9_prepare_reset_halt(target_t
*target
)
846 armv4_5_common_t
*armv4_5
= target
->arch_info
;
847 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
849 if (arm7_9
->has_vector_catch
)
851 /* program vector catch register to catch reset vector */
852 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_VEC_CATCH
], 0x1);
856 /* program watchpoint unit to match on reset vector address */
857 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], 0x3);
858 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0x0);
859 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x100);
860 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], 0xf7);
866 int arm7_9_halt(target_t
*target
)
868 armv4_5_common_t
*armv4_5
= target
->arch_info
;
869 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
870 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
872 DEBUG("target->state: %s", target_state_strings
[target
->state
]);
874 if (target
->state
== TARGET_HALTED
)
876 WARNING("target was already halted");
877 return ERROR_TARGET_ALREADY_HALTED
;
880 if (target
->state
== TARGET_UNKNOWN
)
882 WARNING("target was in unknown state when halt was requested");
885 if (target
->state
== TARGET_RESET
)
887 if ((jtag_reset_config
& RESET_SRST_PULLS_TRST
) && jtag_srst
)
889 ERROR("can't request a halt while in reset if nSRST pulls nTRST");
890 return ERROR_TARGET_FAILURE
;
894 /* we came here in a reset_halt or reset_init sequence
895 * debug entry was already prepared in arm7_9_prepare_reset_halt()
897 target
->debug_reason
= DBG_REASON_DBGRQ
;
903 if (arm7_9
->use_dbgrq
)
905 /* program EmbeddedICE Debug Control Register to assert DBGRQ
907 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGRQ
, 1, 1);
908 embeddedice_store_reg(dbg_ctrl
);
912 /* program watchpoint unit to match on any address
914 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], 0xffffffff);
915 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0xffffffff);
916 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x100);
917 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], 0xf7);
920 target
->debug_reason
= DBG_REASON_DBGRQ
;
925 int arm7_9_debug_entry(target_t
*target
)
930 u32 r0_thumb
, pc_thumb
;
933 /* get pointers to arch-specific information */
934 armv4_5_common_t
*armv4_5
= target
->arch_info
;
935 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
936 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
937 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
939 #ifdef _DEBUG_ARM7_9_
943 if (arm7_9
->pre_debug_entry
)
944 arm7_9
->pre_debug_entry(target
);
946 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
947 * ensure that DBGRQ is cleared
949 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 1);
950 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGRQ
, 1, 0);
951 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_INTDIS
, 1, 1);
952 embeddedice_store_reg(dbg_ctrl
);
954 arm7_9_clear_halt(target
);
956 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
960 case ERROR_JTAG_QUEUE_FAILED
:
961 ERROR("JTAG queue failed while writing EmbeddedICE control register");
969 if ((retval
= arm7_9
->examine_debug_reason(target
)) != ERROR_OK
)
973 if (target
->state
!= TARGET_HALTED
)
975 WARNING("target not halted");
976 return ERROR_TARGET_NOT_HALTED
;
979 /* if the target is in Thumb state, change to ARM state */
980 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_ITBIT
, 1))
982 DEBUG("target entered debug from Thumb state");
983 /* Entered debug from Thumb mode */
984 armv4_5
->core_state
= ARMV4_5_STATE_THUMB
;
985 arm7_9
->change_to_arm(target
, &r0_thumb
, &pc_thumb
);
986 DEBUG("r0_thumb: 0x%8.8x, pc_thumb: 0x%8.8x", r0_thumb
, pc_thumb
);
990 DEBUG("target entered debug from ARM state");
991 /* Entered debug from ARM mode */
992 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
995 for (i
= 0; i
< 16; i
++)
996 context_p
[i
] = &context
[i
];
997 /* save core registers (r0 - r15 of current core mode) */
998 arm7_9
->read_core_regs(target
, 0xffff, context_p
);
1000 arm7_9
->read_xpsr(target
, &cpsr
, 0);
1002 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1005 /* if the core has been executing in Thumb state, set the T bit */
1006 if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1009 buf_set_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32, cpsr
);
1010 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 0;
1011 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
1013 armv4_5
->core_mode
= cpsr
& 0x1f;
1015 if (armv4_5_mode_to_number(armv4_5
->core_mode
) == -1)
1017 target
->state
= TARGET_UNKNOWN
;
1018 ERROR("cpsr contains invalid mode value - communication failure");
1019 return ERROR_TARGET_FAILURE
;
1022 DEBUG("target entered debug state in %s mode", armv4_5_mode_strings
[armv4_5_mode_to_number(armv4_5
->core_mode
)]);
1024 if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1026 DEBUG("thumb state, applying fixups");
1027 context
[0] = r0_thumb
;
1028 context
[15] = pc_thumb
;
1029 } else if (armv4_5
->core_state
== ARMV4_5_STATE_ARM
)
1031 /* adjust value stored by STM */
1032 context
[15] -= 3 * 4;
1035 if ((target
->debug_reason
== DBG_REASON_BREAKPOINT
)
1036 || (target
->debug_reason
== DBG_REASON_SINGLESTEP
)
1037 || (target
->debug_reason
== DBG_REASON_WATCHPOINT
)
1038 || (target
->debug_reason
== DBG_REASON_WPTANDBKPT
)
1039 || ((target
->debug_reason
== DBG_REASON_DBGRQ
) && (arm7_9
->use_dbgrq
== 0)))
1040 context
[15] -= 3 * ((armv4_5
->core_state
== ARMV4_5_STATE_ARM
) ? 4 : 2);
1041 else if (target
->debug_reason
== DBG_REASON_DBGRQ
)
1042 context
[15] -= arm7_9
->dbgreq_adjust_pc
* ((armv4_5
->core_state
== ARMV4_5_STATE_ARM
) ? 4 : 2);
1045 ERROR("unknown debug reason: %i", target
->debug_reason
);
1049 for (i
=0; i
<=15; i
++)
1051 DEBUG("r%i: 0x%8.8x", i
, context
[i
]);
1052 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).value
, 0, 32, context
[i
]);
1053 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 0;
1054 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).valid
= 1;
1057 DEBUG("entered debug state at PC 0x%x", context
[15]);
1059 /* exceptions other than USR & SYS have a saved program status register */
1060 if ((armv4_5_mode_to_number(armv4_5
->core_mode
) != ARMV4_5_MODE_USR
) && (armv4_5_mode_to_number(armv4_5
->core_mode
) != ARMV4_5_MODE_SYS
))
1063 arm7_9
->read_xpsr(target
, &spsr
, 1);
1064 jtag_execute_queue();
1065 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).value
, 0, 32, spsr
);
1066 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).dirty
= 0;
1067 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).valid
= 1;
1070 /* r0 and r15 (pc) have to be restored later */
1071 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 0).dirty
= 1;
1072 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 15).dirty
= 1;
1074 if ((retval
= jtag
->execute_queue()) != ERROR_OK
)
1077 if (arm7_9
->post_debug_entry
)
1078 arm7_9
->post_debug_entry(target
);
1083 int arm7_9_full_context(target_t
*target
)
1087 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1088 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1092 if (target
->state
!= TARGET_HALTED
)
1094 WARNING("target not halted");
1095 return ERROR_TARGET_NOT_HALTED
;
1098 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1099 * SYS shares registers with User, so we don't touch SYS
1101 for(i
= 0; i
< 6; i
++)
1108 /* check if there are invalid registers in the current mode
1110 for (j
= 0; j
<= 16; j
++)
1112 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
== 0)
1120 /* change processor mode (and mask T bit) */
1121 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1122 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1124 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1126 for (j
= 0; j
< 15; j
++)
1128 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
== 0)
1130 reg_p
[j
] = (u32
*)ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).value
;
1132 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
= 1;
1133 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).dirty
= 0;
1137 /* if only the PSR is invalid, mask is all zeroes */
1139 arm7_9
->read_core_regs(target
, mask
, reg_p
);
1141 /* check if the PSR has to be read */
1142 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).valid
== 0)
1144 arm7_9
->read_xpsr(target
, (u32
*)ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).value
, 1);
1145 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).valid
= 1;
1146 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).dirty
= 0;
1151 /* restore processor mode (mask T bit) */
1152 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
1154 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1156 ERROR("JTAG failure");
1162 int arm7_9_restore_context(target_t
*target
)
1164 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1165 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1167 armv4_5_core_reg_t
*reg_arch_info
;
1168 enum armv4_5_mode current_mode
= armv4_5
->core_mode
;
1175 if (target
->state
!= TARGET_HALTED
)
1177 WARNING("target not halted");
1178 return ERROR_TARGET_NOT_HALTED
;
1181 if (arm7_9
->pre_restore_context
)
1182 arm7_9
->pre_restore_context(target
);
1184 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1185 * SYS shares registers with User, so we don't touch SYS
1187 for (i
= 0; i
< 6; i
++)
1189 DEBUG("examining %s mode", armv4_5_mode_strings
[i
]);
1192 /* check if there are dirty registers in the current mode
1194 for (j
= 0; j
<= 16; j
++)
1196 reg
= &ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
);
1197 reg_arch_info
= reg
->arch_info
;
1198 if (reg
->dirty
== 1)
1200 if (reg
->valid
== 1)
1203 DEBUG("examining dirty reg: %s", reg
->name
);
1204 if ((reg_arch_info
->mode
!= ARMV4_5_MODE_ANY
)
1205 && (reg_arch_info
->mode
!= current_mode
)
1206 && !((reg_arch_info
->mode
== ARMV4_5_MODE_USR
) && (armv4_5
->core_mode
== ARMV4_5_MODE_SYS
))
1207 && !((reg_arch_info
->mode
== ARMV4_5_MODE_SYS
) && (armv4_5
->core_mode
== ARMV4_5_MODE_USR
)))
1210 DEBUG("require mode change");
1215 ERROR("BUG: dirty register '%s', but no valid data", reg
->name
);
1231 /* change processor mode (mask T bit) */
1232 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1233 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1235 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1236 current_mode
= armv4_5_number_to_mode(i
);
1239 for (j
= 0; j
<= 14; j
++)
1241 reg
= &ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
);
1242 reg_arch_info
= reg
->arch_info
;
1245 if (reg
->dirty
== 1)
1247 regs
[j
] = buf_get_u32(reg
->value
, 0, 32);
1252 DEBUG("writing register %i of mode %s with value 0x%8.8x", j
, armv4_5_mode_strings
[i
], regs
[j
]);
1258 arm7_9
->write_core_regs(target
, mask
, regs
);
1261 reg
= &ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16);
1262 reg_arch_info
= reg
->arch_info
;
1263 if ((reg
->dirty
) && (reg_arch_info
->mode
!= ARMV4_5_MODE_ANY
))
1265 DEBUG("writing SPSR of mode %i with value 0x%8.8x", i
, buf_get_u32(reg
->value
, 0, 32));
1266 arm7_9
->write_xpsr(target
, buf_get_u32(reg
->value
, 0, 32), 1);
1271 if ((armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
== 0) && (armv4_5
->core_mode
!= current_mode
))
1273 /* restore processor mode (mask T bit) */
1276 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1277 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1279 DEBUG("writing lower 8 bit of cpsr with value 0x%2.2x", tmp_cpsr
);
1280 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1282 else if (armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
== 1)
1284 /* CPSR has been changed, full restore necessary (mask T bit) */
1285 DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1286 arm7_9
->write_xpsr(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32) & ~0x20, 0);
1287 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 0;
1288 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
1292 DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1293 arm7_9
->write_pc(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1294 armv4_5
->core_cache
->reg_list
[15].dirty
= 0;
1296 if (arm7_9
->post_restore_context
)
1297 arm7_9
->post_restore_context(target
);
1302 int arm7_9_restart_core(struct target_s
*target
)
1304 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1305 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1306 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
1308 /* set RESTART instruction */
1309 jtag_add_end_state(TAP_RTI
);
1310 arm_jtag_set_instr(jtag_info
, 0x4, NULL
);
1312 jtag_add_runtest(1, TAP_RTI
);
1313 if ((jtag_execute_queue()) != ERROR_OK
)
1321 void arm7_9_enable_watchpoints(struct target_s
*target
)
1323 watchpoint_t
*watchpoint
= target
->watchpoints
;
1327 if (watchpoint
->set
== 0)
1328 arm7_9_set_watchpoint(target
, watchpoint
);
1329 watchpoint
= watchpoint
->next
;
1333 void arm7_9_enable_breakpoints(struct target_s
*target
)
1335 breakpoint_t
*breakpoint
= target
->breakpoints
;
1337 /* set any pending breakpoints */
1340 if (breakpoint
->set
== 0)
1341 arm7_9_set_breakpoint(target
, breakpoint
);
1342 breakpoint
= breakpoint
->next
;
1346 void arm7_9_disable_bkpts_and_wpts(struct target_s
*target
)
1348 breakpoint_t
*breakpoint
= target
->breakpoints
;
1349 watchpoint_t
*watchpoint
= target
->watchpoints
;
1351 /* set any pending breakpoints */
1354 if (breakpoint
->set
!= 0)
1355 arm7_9_unset_breakpoint(target
, breakpoint
);
1356 breakpoint
= breakpoint
->next
;
1361 if (watchpoint
->set
!= 0)
1362 arm7_9_unset_watchpoint(target
, watchpoint
);
1363 watchpoint
= watchpoint
->next
;
1367 int arm7_9_resume(struct target_s
*target
, int current
, u32 address
, int handle_breakpoints
, int debug_execution
)
1369 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1370 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1371 breakpoint_t
*breakpoint
= target
->breakpoints
;
1372 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
1376 if (target
->state
!= TARGET_HALTED
)
1378 WARNING("target not halted");
1379 return ERROR_TARGET_NOT_HALTED
;
1382 if (!debug_execution
)
1384 target_free_all_working_areas(target
);
1387 /* current = 1: continue on current pc, otherwise continue at <address> */
1389 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, address
);
1391 /* the front-end may request us not to handle breakpoints */
1392 if (handle_breakpoints
)
1394 if ((breakpoint
= breakpoint_find(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))))
1396 DEBUG("unset breakpoint at 0x%8.8x", breakpoint
->address
);
1397 arm7_9_unset_breakpoint(target
, breakpoint
);
1399 DEBUG("enable single-step");
1400 arm7_9
->enable_single_step(target
);
1402 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1404 arm7_9_restore_context(target
);
1406 if (armv4_5
->core_state
== ARMV4_5_STATE_ARM
)
1407 arm7_9
->branch_resume(target
);
1408 else if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1410 arm7_9
->branch_resume_thumb(target
);
1414 ERROR("unhandled core state");
1418 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 0);
1419 embeddedice_write_reg(dbg_ctrl
, buf_get_u32(dbg_ctrl
->value
, 0, dbg_ctrl
->size
));
1420 arm7_9_execute_sys_speed(target
);
1422 DEBUG("disable single-step");
1423 arm7_9
->disable_single_step(target
);
1425 arm7_9_debug_entry(target
);
1426 DEBUG("new PC after step: 0x%8.8x", buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1428 DEBUG("set breakpoint at 0x%8.8x", breakpoint
->address
);
1429 arm7_9_set_breakpoint(target
, breakpoint
);
1433 /* enable any pending breakpoints and watchpoints */
1434 arm7_9_enable_breakpoints(target
);
1435 arm7_9_enable_watchpoints(target
);
1437 arm7_9_restore_context(target
);
1439 if (armv4_5
->core_state
== ARMV4_5_STATE_ARM
)
1441 arm7_9
->branch_resume(target
);
1443 else if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1445 arm7_9
->branch_resume_thumb(target
);
1449 ERROR("unhandled core state");
1453 /* deassert DBGACK and INTDIS */
1454 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 0);
1455 /* INTDIS only when we really resume, not during debug execution */
1456 if (!debug_execution
)
1457 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_INTDIS
, 1, 0);
1458 embeddedice_write_reg(dbg_ctrl
, buf_get_u32(dbg_ctrl
->value
, 0, dbg_ctrl
->size
));
1460 arm7_9_restart_core(target
);
1462 target
->debug_reason
= DBG_REASON_NOTHALTED
;
1464 if (!debug_execution
)
1466 /* registers are now invalid */
1467 armv4_5_invalidate_core_regs(target
);
1468 target
->state
= TARGET_RUNNING
;
1469 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1473 target
->state
= TARGET_DEBUG_RUNNING
;
1474 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_RESUMED
);
1477 DEBUG("target resumed");
1482 void arm7_9_enable_eice_step(target_t
*target
)
1484 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1485 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1487 /* setup an inverse breakpoint on the current PC
1488 * - comparator 1 matches the current address
1489 * - rangeout from comparator 1 is connected to comparator 0 rangein
1490 * - comparator 0 matches any address, as long as rangein is low */
1491 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], 0xffffffff);
1492 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0xffffffff);
1493 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x100);
1494 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], 0x77);
1495 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_VALUE
], buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1496 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
], 0);
1497 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
], 0xffffffff);
1498 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], 0x0);
1499 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
], 0xf7);
1502 void arm7_9_disable_eice_step(target_t
*target
)
1504 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1505 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1507 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
]);
1508 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
]);
1509 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
]);
1510 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
]);
1511 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_VALUE
]);
1512 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
]);
1513 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
]);
1514 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
]);
1515 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
]);
1518 int arm7_9_step(struct target_s
*target
, int current
, u32 address
, int handle_breakpoints
)
1520 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1521 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1522 breakpoint_t
*breakpoint
= NULL
;
1524 if (target
->state
!= TARGET_HALTED
)
1526 WARNING("target not halted");
1527 return ERROR_TARGET_NOT_HALTED
;
1530 /* current = 1: continue on current pc, otherwise continue at <address> */
1532 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, address
);
1534 /* the front-end may request us not to handle breakpoints */
1535 if (handle_breakpoints
)
1536 if ((breakpoint
= breakpoint_find(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))))
1537 arm7_9_unset_breakpoint(target
, breakpoint
);
1539 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1541 arm7_9_restore_context(target
);
1543 arm7_9
->enable_single_step(target
);
1545 if (armv4_5
->core_state
== ARMV4_5_STATE_ARM
)
1547 arm7_9
->branch_resume(target
);
1549 else if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1551 arm7_9
->branch_resume_thumb(target
);
1555 ERROR("unhandled core state");
1559 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1561 arm7_9_execute_sys_speed(target
);
1562 arm7_9
->disable_single_step(target
);
1564 /* registers are now invalid */
1565 armv4_5_invalidate_core_regs(target
);
1567 arm7_9_debug_entry(target
);
1569 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
1572 arm7_9_set_breakpoint(target
, breakpoint
);
1574 DEBUG("target stepped");
1580 int arm7_9_read_core_reg(struct target_s
*target
, int num
, enum armv4_5_mode mode
)
1585 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1586 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1587 enum armv4_5_mode reg_mode
= ((armv4_5_core_reg_t
*)ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).arch_info
)->mode
;
1589 if ((num
< 0) || (num
> 16))
1590 return ERROR_INVALID_ARGUMENTS
;
1592 if ((mode
!= ARMV4_5_MODE_ANY
)
1593 && (mode
!= armv4_5
->core_mode
)
1594 && (reg_mode
!= ARMV4_5_MODE_ANY
))
1598 /* change processor mode (mask T bit) */
1599 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1602 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1605 if ((num
>= 0) && (num
<= 15))
1607 /* read a normal core register */
1608 reg_p
[num
] = &value
;
1610 arm7_9
->read_core_regs(target
, 1 << num
, reg_p
);
1614 /* read a program status register
1615 * if the register mode is MODE_ANY, we read the cpsr, otherwise a spsr
1617 armv4_5_core_reg_t
*arch_info
= ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).arch_info
;
1618 int spsr
= (arch_info
->mode
== ARMV4_5_MODE_ANY
) ? 0 : 1;
1620 arm7_9
->read_xpsr(target
, &value
, spsr
);
1623 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1625 ERROR("JTAG failure");
1629 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).valid
= 1;
1630 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).dirty
= 0;
1631 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).value
, 0, 32, value
);
1633 if ((mode
!= ARMV4_5_MODE_ANY
)
1634 && (mode
!= armv4_5
->core_mode
)
1635 && (reg_mode
!= ARMV4_5_MODE_ANY
)) {
1636 /* restore processor mode (mask T bit) */
1637 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
1644 int arm7_9_write_core_reg(struct target_s
*target
, int num
, enum armv4_5_mode mode
, u32 value
)
1648 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1649 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1650 enum armv4_5_mode reg_mode
= ((armv4_5_core_reg_t
*)ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).arch_info
)->mode
;
1652 if ((num
< 0) || (num
> 16))
1653 return ERROR_INVALID_ARGUMENTS
;
1655 if ((mode
!= ARMV4_5_MODE_ANY
)
1656 && (mode
!= armv4_5
->core_mode
)
1657 && (reg_mode
!= ARMV4_5_MODE_ANY
)) {
1660 /* change processor mode (mask T bit) */
1661 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1664 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1667 if ((num
>= 0) && (num
<= 15))
1669 /* write a normal core register */
1672 arm7_9
->write_core_regs(target
, 1 << num
, reg
);
1676 /* write a program status register
1677 * if the register mode is MODE_ANY, we write the cpsr, otherwise a spsr
1679 armv4_5_core_reg_t
*arch_info
= ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).arch_info
;
1680 int spsr
= (arch_info
->mode
== ARMV4_5_MODE_ANY
) ? 0 : 1;
1682 /* if we're writing the CPSR, mask the T bit */
1686 arm7_9
->write_xpsr(target
, value
, spsr
);
1689 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).valid
= 1;
1690 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).dirty
= 0;
1692 if ((mode
!= ARMV4_5_MODE_ANY
)
1693 && (mode
!= armv4_5
->core_mode
)
1694 && (reg_mode
!= ARMV4_5_MODE_ANY
)) {
1695 /* restore processor mode (mask T bit) */
1696 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
1699 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1701 ERROR("JTAG failure");
1709 int arm7_9_read_memory(struct target_s
*target
, u32 address
, u32 size
, u32 count
, u8
*buffer
)
1711 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1712 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1715 int num_accesses
= 0;
1716 int thisrun_accesses
;
1722 DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address
, size
, count
);
1724 if (target
->state
!= TARGET_HALTED
)
1726 WARNING("target not halted");
1727 return ERROR_TARGET_NOT_HALTED
;
1730 /* sanitize arguments */
1731 if (((size
!= 4) && (size
!= 2) && (size
!= 1)) || (count
== 0) || !(buffer
))
1732 return ERROR_INVALID_ARGUMENTS
;
1734 if (((size
== 4) && (address
& 0x3u
)) || ((size
== 2) && (address
& 0x1u
)))
1735 return ERROR_TARGET_UNALIGNED_ACCESS
;
1737 /* load the base register with the address of the first word */
1739 arm7_9
->write_core_regs(target
, 0x1, reg
);
1744 while (num_accesses
< count
)
1747 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1748 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1750 if (last_reg
<= thisrun_accesses
)
1751 last_reg
= thisrun_accesses
;
1753 arm7_9
->load_word_regs(target
, reg_list
);
1755 /* fast memory reads are only safe when the target is running
1756 * from a sufficiently high clock (32 kHz is usually too slow)
1758 if (arm7_9
->fast_memory_access
)
1759 arm7_9_execute_fast_sys_speed(target
);
1761 arm7_9_execute_sys_speed(target
);
1763 arm7_9
->read_core_regs_target_buffer(target
, reg_list
, buffer
, 4);
1765 /* advance buffer, count number of accesses */
1766 buffer
+= thisrun_accesses
* 4;
1767 num_accesses
+= thisrun_accesses
;
1771 while (num_accesses
< count
)
1774 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1775 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1777 for (i
= 1; i
<= thisrun_accesses
; i
++)
1781 arm7_9
->load_hword_reg(target
, i
);
1782 /* fast memory reads are only safe when the target is running
1783 * from a sufficiently high clock (32 kHz is usually too slow)
1785 if (arm7_9
->fast_memory_access
)
1786 arm7_9_execute_fast_sys_speed(target
);
1788 arm7_9_execute_sys_speed(target
);
1791 arm7_9
->read_core_regs_target_buffer(target
, reg_list
, buffer
, 2);
1793 /* advance buffer, count number of accesses */
1794 buffer
+= thisrun_accesses
* 2;
1795 num_accesses
+= thisrun_accesses
;
1799 while (num_accesses
< count
)
1802 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1803 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1805 for (i
= 1; i
<= thisrun_accesses
; i
++)
1809 arm7_9
->load_byte_reg(target
, i
);
1810 /* fast memory reads are only safe when the target is running
1811 * from a sufficiently high clock (32 kHz is usually too slow)
1813 if (arm7_9
->fast_memory_access
)
1814 arm7_9_execute_fast_sys_speed(target
);
1816 arm7_9_execute_sys_speed(target
);
1819 arm7_9
->read_core_regs_target_buffer(target
, reg_list
, buffer
, 1);
1821 /* advance buffer, count number of accesses */
1822 buffer
+= thisrun_accesses
* 1;
1823 num_accesses
+= thisrun_accesses
;
1827 ERROR("BUG: we shouldn't get here");
1832 for (i
=0; i
<=last_reg
; i
++)
1833 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 1;
1835 arm7_9
->read_xpsr(target
, &cpsr
, 0);
1836 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1838 ERROR("JTAG error while reading cpsr");
1842 if (((cpsr
& 0x1f) == ARMV4_5_MODE_ABT
) && (armv4_5
->core_mode
!= ARMV4_5_MODE_ABT
))
1844 WARNING("memory read caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address
, size
, count
);
1846 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
1848 return ERROR_TARGET_DATA_ABORT
;
1854 int arm7_9_write_memory(struct target_s
*target
, u32 address
, u32 size
, u32 count
, u8
*buffer
)
1856 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1857 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1858 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
1861 int num_accesses
= 0;
1862 int thisrun_accesses
;
1868 DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address
, size
, count
);
1870 if (target
->state
!= TARGET_HALTED
)
1872 WARNING("target not halted");
1873 return ERROR_TARGET_NOT_HALTED
;
1876 /* sanitize arguments */
1877 if (((size
!= 4) && (size
!= 2) && (size
!= 1)) || (count
== 0) || !(buffer
))
1878 return ERROR_INVALID_ARGUMENTS
;
1880 if (((size
== 4) && (address
& 0x3u
)) || ((size
== 2) && (address
& 0x1u
)))
1881 return ERROR_TARGET_UNALIGNED_ACCESS
;
1883 /* load the base register with the address of the first word */
1885 arm7_9
->write_core_regs(target
, 0x1, reg
);
1887 /* Clear DBGACK, to make sure memory fetches work as expected */
1888 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 0);
1889 embeddedice_store_reg(dbg_ctrl
);
1894 while (num_accesses
< count
)
1897 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1898 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1900 for (i
= 1; i
<= thisrun_accesses
; i
++)
1904 reg
[i
] = target_buffer_get_u32(target
, buffer
);
1908 arm7_9
->write_core_regs(target
, reg_list
, reg
);
1910 arm7_9
->store_word_regs(target
, reg_list
);
1912 /* fast memory writes are only safe when the target is running
1913 * from a sufficiently high clock (32 kHz is usually too slow)
1915 if (arm7_9
->fast_memory_access
)
1916 arm7_9_execute_fast_sys_speed(target
);
1918 arm7_9_execute_sys_speed(target
);
1920 num_accesses
+= thisrun_accesses
;
1924 while (num_accesses
< count
)
1927 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1928 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1930 for (i
= 1; i
<= thisrun_accesses
; i
++)
1934 reg
[i
] = target_buffer_get_u16(target
, buffer
) & 0xffff;
1938 arm7_9
->write_core_regs(target
, reg_list
, reg
);
1940 for (i
= 1; i
<= thisrun_accesses
; i
++)
1942 arm7_9
->store_hword_reg(target
, i
);
1944 /* fast memory writes are only safe when the target is running
1945 * from a sufficiently high clock (32 kHz is usually too slow)
1947 if (arm7_9
->fast_memory_access
)
1948 arm7_9_execute_fast_sys_speed(target
);
1950 arm7_9_execute_sys_speed(target
);
1953 num_accesses
+= thisrun_accesses
;
1957 while (num_accesses
< count
)
1960 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1961 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1963 for (i
= 1; i
<= thisrun_accesses
; i
++)
1967 reg
[i
] = *buffer
++ & 0xff;
1970 arm7_9
->write_core_regs(target
, reg_list
, reg
);
1972 for (i
= 1; i
<= thisrun_accesses
; i
++)
1974 arm7_9
->store_byte_reg(target
, i
);
1975 /* fast memory writes are only safe when the target is running
1976 * from a sufficiently high clock (32 kHz is usually too slow)
1978 if (arm7_9
->fast_memory_access
)
1979 arm7_9_execute_fast_sys_speed(target
);
1981 arm7_9_execute_sys_speed(target
);
1984 num_accesses
+= thisrun_accesses
;
1988 ERROR("BUG: we shouldn't get here");
1994 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 1);
1995 embeddedice_store_reg(dbg_ctrl
);
1997 for (i
=0; i
<=last_reg
; i
++)
1998 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 1;
2000 arm7_9
->read_xpsr(target
, &cpsr
, 0);
2001 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
2003 ERROR("JTAG error while reading cpsr");
2007 if (((cpsr
& 0x1f) == ARMV4_5_MODE_ABT
) && (armv4_5
->core_mode
!= ARMV4_5_MODE_ABT
))
2009 WARNING("memory write caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address
, size
, count
);
2011 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
2013 return ERROR_TARGET_DATA_ABORT
;
2019 int arm7_9_bulk_write_memory(target_t
*target
, u32 address
, u32 count
, u8
*buffer
)
2021 armv4_5_common_t
*armv4_5
= target
->arch_info
;
2022 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
2023 enum armv4_5_state core_state
= armv4_5
->core_state
;
2024 u32 r0
= buf_get_u32(armv4_5
->core_cache
->reg_list
[0].value
, 0, 32);
2025 u32 r1
= buf_get_u32(armv4_5
->core_cache
->reg_list
[1].value
, 0, 32);
2026 u32 pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
2031 /* MRC TST BNE MRC STR B */
2032 0xee101e10, 0xe3110001, 0x0afffffc, 0xee111e10, 0xe4801004, 0xeafffff9
2035 if (!arm7_9
->dcc_downloads
)
2036 return target
->type
->write_memory(target
, address
, 4, count
, buffer
);
2038 /* regrab previously allocated working_area, or allocate a new one */
2039 if (!arm7_9
->dcc_working_area
)
2041 u8 dcc_code_buf
[6 * 4];
2043 /* make sure we have a working area */
2044 if (target_alloc_working_area(target
, 24, &arm7_9
->dcc_working_area
) != ERROR_OK
)
2046 INFO("no working area available, falling back to memory writes");
2047 return target
->type
->write_memory(target
, address
, 4, count
, buffer
);
2050 /* copy target instructions to target endianness */
2051 for (i
= 0; i
< 6; i
++)
2053 target_buffer_set_u32(target
, dcc_code_buf
+ i
*4, dcc_code
[i
]);
2056 /* write DCC code to working area */
2057 target
->type
->write_memory(target
, arm7_9
->dcc_working_area
->address
, 4, 6, dcc_code_buf
);
2060 buf_set_u32(armv4_5
->core_cache
->reg_list
[0].value
, 0, 32, address
);
2061 armv4_5
->core_cache
->reg_list
[0].valid
= 1;
2062 armv4_5
->core_cache
->reg_list
[0].dirty
= 1;
2063 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
2065 arm7_9_resume(target
, 0, arm7_9
->dcc_working_area
->address
, 1, 1);
2067 for (i
= 0; i
< count
; i
++)
2069 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_COMMS_DATA
], target_buffer_get_u32(target
, buffer
));
2073 target
->type
->halt(target
);
2075 while (target
->state
!= TARGET_HALTED
)
2076 target
->type
->poll(target
);
2078 /* restore target state */
2079 buf_set_u32(armv4_5
->core_cache
->reg_list
[0].value
, 0, 32, r0
);
2080 armv4_5
->core_cache
->reg_list
[0].valid
= 1;
2081 armv4_5
->core_cache
->reg_list
[0].dirty
= 1;
2082 buf_set_u32(armv4_5
->core_cache
->reg_list
[1].value
, 0, 32, r1
);
2083 armv4_5
->core_cache
->reg_list
[1].valid
= 1;
2084 armv4_5
->core_cache
->reg_list
[1].dirty
= 1;
2085 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, pc
);
2086 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
2087 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
2088 armv4_5
->core_state
= core_state
;
2093 int arm7_9_register_commands(struct command_context_s
*cmd_ctx
)
2095 command_t
*arm7_9_cmd
;
2097 arm7_9_cmd
= register_command(cmd_ctx
, NULL
, "arm7_9", NULL
, COMMAND_ANY
, "arm7/9 specific commands");
2099 register_command(cmd_ctx
, arm7_9_cmd
, "etm", handle_arm7_9_etm_command
, COMMAND_CONFIG
, NULL
);
2101 register_command(cmd_ctx
, arm7_9_cmd
, "write_xpsr", handle_arm7_9_write_xpsr_command
, COMMAND_EXEC
, "write program status register <value> <not cpsr|spsr>");
2102 register_command(cmd_ctx
, arm7_9_cmd
, "write_xpsr_im8", handle_arm7_9_write_xpsr_im8_command
, COMMAND_EXEC
, "write program status register <8bit immediate> <rotate> <not cpsr|spsr>");
2104 register_command(cmd_ctx
, arm7_9_cmd
, "write_core_reg", handle_arm7_9_write_core_reg_command
, COMMAND_EXEC
, "write core register <num> <mode> <value>");
2106 register_command(cmd_ctx
, arm7_9_cmd
, "sw_bkpts", handle_arm7_9_sw_bkpts_command
, COMMAND_EXEC
, "support for software breakpoints <enable|disable>");
2107 register_command(cmd_ctx
, arm7_9_cmd
, "force_hw_bkpts", handle_arm7_9_force_hw_bkpts_command
, COMMAND_EXEC
, "use hardware breakpoints for all breakpoints (disables sw breakpoint support) <enable|disable>");
2108 register_command(cmd_ctx
, arm7_9_cmd
, "dbgrq", handle_arm7_9_dbgrq_command
,
2109 COMMAND_ANY
, "use EmbeddedICE dbgrq instead of breakpoint for target halt requests <enable|disable>");
2110 register_command(cmd_ctx
, arm7_9_cmd
, "fast_writes", handle_arm7_9_fast_memory_access_command
,
2111 COMMAND_ANY
, "(deprecated, see: arm7_9 fast_memory_access)");
2112 register_command(cmd_ctx
, arm7_9_cmd
, "fast_memory_access", handle_arm7_9_fast_memory_access_command
,
2113 COMMAND_ANY
, "use fast memory accesses instead of slower but potentially unsafe slow accesses <enable|disable>");
2114 register_command(cmd_ctx
, arm7_9_cmd
, "dcc_downloads", handle_arm7_9_dcc_downloads_command
,
2115 COMMAND_ANY
, "use DCC downloads for larger memory writes <enable|disable>");
2117 armv4_5_register_commands(cmd_ctx
);
2118 etb_register_commands(cmd_ctx
, arm7_9_cmd
);
2123 int handle_arm7_9_write_xpsr_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2128 target_t
*target
= get_current_target(cmd_ctx
);
2129 armv4_5_common_t
*armv4_5
;
2130 arm7_9_common_t
*arm7_9
;
2132 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2134 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2138 if (target
->state
!= TARGET_HALTED
)
2140 command_print(cmd_ctx
, "can't write registers while running");
2146 command_print(cmd_ctx
, "usage: write_xpsr <value> <not cpsr|spsr>");
2150 value
= strtoul(args
[0], NULL
, 0);
2151 spsr
= strtol(args
[1], NULL
, 0);
2153 /* if we're writing the CPSR, mask the T bit */
2157 arm7_9
->write_xpsr(target
, value
, spsr
);
2158 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
2160 ERROR("JTAG error while writing to xpsr");
2167 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2173 target_t
*target
= get_current_target(cmd_ctx
);
2174 armv4_5_common_t
*armv4_5
;
2175 arm7_9_common_t
*arm7_9
;
2177 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2179 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2183 if (target
->state
!= TARGET_HALTED
)
2185 command_print(cmd_ctx
, "can't write registers while running");
2191 command_print(cmd_ctx
, "usage: write_xpsr_im8 <im8> <rotate> <not cpsr|spsr>");
2195 value
= strtoul(args
[0], NULL
, 0);
2196 rotate
= strtol(args
[1], NULL
, 0);
2197 spsr
= strtol(args
[2], NULL
, 0);
2199 arm7_9
->write_xpsr_im8(target
, value
, rotate
, spsr
);
2200 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
2202 ERROR("JTAG error while writing 8-bit immediate to xpsr");
2209 int handle_arm7_9_write_core_reg_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2214 target_t
*target
= get_current_target(cmd_ctx
);
2215 armv4_5_common_t
*armv4_5
;
2216 arm7_9_common_t
*arm7_9
;
2218 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2220 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2224 if (target
->state
!= TARGET_HALTED
)
2226 command_print(cmd_ctx
, "can't write registers while running");
2232 command_print(cmd_ctx
, "usage: write_core_reg <num> <mode> <value>");
2236 num
= strtol(args
[0], NULL
, 0);
2237 mode
= strtoul(args
[1], NULL
, 0);
2238 value
= strtoul(args
[2], NULL
, 0);
2240 arm7_9_write_core_reg(target
, num
, mode
, value
);
2245 int handle_arm7_9_sw_bkpts_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2247 target_t
*target
= get_current_target(cmd_ctx
);
2248 armv4_5_common_t
*armv4_5
;
2249 arm7_9_common_t
*arm7_9
;
2251 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2253 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2259 command_print(cmd_ctx
, "software breakpoints %s", (arm7_9
->sw_bkpts_enabled
) ? "enabled" : "disabled");
2263 if (strcmp("enable", args
[0]) == 0)
2265 if (arm7_9
->sw_bkpts_use_wp
)
2267 arm7_9_enable_sw_bkpts(target
);
2271 arm7_9
->sw_bkpts_enabled
= 1;
2274 else if (strcmp("disable", args
[0]) == 0)
2276 if (arm7_9
->sw_bkpts_use_wp
)
2278 arm7_9_disable_sw_bkpts(target
);
2282 arm7_9
->sw_bkpts_enabled
= 0;
2287 command_print(cmd_ctx
, "usage: arm7_9 sw_bkpts <enable|disable>");
2290 command_print(cmd_ctx
, "software breakpoints %s", (arm7_9
->sw_bkpts_enabled
) ? "enabled" : "disabled");
2295 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2297 target_t
*target
= get_current_target(cmd_ctx
);
2298 armv4_5_common_t
*armv4_5
;
2299 arm7_9_common_t
*arm7_9
;
2301 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2303 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2307 if ((argc
>= 1) && (strcmp("enable", args
[0]) == 0))
2309 arm7_9
->force_hw_bkpts
= 1;
2310 if (arm7_9
->sw_bkpts_use_wp
)
2312 arm7_9_disable_sw_bkpts(target
);
2315 else if ((argc
>= 1) && (strcmp("disable", args
[0]) == 0))
2317 arm7_9
->force_hw_bkpts
= 0;
2321 command_print(cmd_ctx
, "usage: arm7_9 force_hw_bkpts <enable|disable>");
2324 command_print(cmd_ctx
, "force hardware breakpoints %s", (arm7_9
->force_hw_bkpts
) ? "enabled" : "disabled");
2329 int handle_arm7_9_dbgrq_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2331 target_t
*target
= get_current_target(cmd_ctx
);
2332 armv4_5_common_t
*armv4_5
;
2333 arm7_9_common_t
*arm7_9
;
2335 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2337 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2343 if (strcmp("enable", args
[0]) == 0)
2345 arm7_9
->use_dbgrq
= 1;
2347 else if (strcmp("disable", args
[0]) == 0)
2349 arm7_9
->use_dbgrq
= 0;
2353 command_print(cmd_ctx
, "usage: arm7_9 dbgrq <enable|disable>");
2357 command_print(cmd_ctx
, "use of EmbeddedICE dbgrq instead of breakpoint for target halt %s", (arm7_9
->use_dbgrq
) ? "enabled" : "disabled");
2362 int handle_arm7_9_fast_memory_access_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2364 target_t
*target
= get_current_target(cmd_ctx
);
2365 armv4_5_common_t
*armv4_5
;
2366 arm7_9_common_t
*arm7_9
;
2368 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2370 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2376 if (strcmp("enable", args
[0]) == 0)
2378 arm7_9
->fast_memory_access
= 1;
2380 else if (strcmp("disable", args
[0]) == 0)
2382 arm7_9
->fast_memory_access
= 0;
2386 command_print(cmd_ctx
, "usage: arm7_9 fast_memory_access <enable|disable>");
2390 command_print(cmd_ctx
, "fast memory access is %s", (arm7_9
->fast_memory_access
) ? "enabled" : "disabled");
2395 int handle_arm7_9_dcc_downloads_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2397 target_t
*target
= get_current_target(cmd_ctx
);
2398 armv4_5_common_t
*armv4_5
;
2399 arm7_9_common_t
*arm7_9
;
2401 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2403 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2409 if (strcmp("enable", args
[0]) == 0)
2411 arm7_9
->dcc_downloads
= 1;
2413 else if (strcmp("disable", args
[0]) == 0)
2415 arm7_9
->dcc_downloads
= 0;
2419 command_print(cmd_ctx
, "usage: arm7_9 dcc_downloads <enable|disable>");
2423 command_print(cmd_ctx
, "dcc downloads are %s", (arm7_9
->dcc_downloads
) ? "enabled" : "disabled");
2428 int handle_arm7_9_etm_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2431 armv4_5_common_t
*armv4_5
;
2432 arm7_9_common_t
*arm7_9
;
2436 ERROR("incomplete 'arm7_9 etm <target>' command");
2440 target
= get_target_by_num(strtoul(args
[0], NULL
, 0));
2444 ERROR("target number '%s' not defined", args
[0]);
2448 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2450 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2454 arm7_9
->has_etm
= 1;
2459 int handle_arm7_9_etb_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2462 jtag_device_t
*jtag_device
;
2463 armv4_5_common_t
*armv4_5
;
2464 arm7_9_common_t
*arm7_9
;
2468 ERROR("incomplete 'arm7_9 etb <target> <chain_pos>' command");
2472 target
= get_target_by_num(strtoul(args
[0], NULL
, 0));
2476 ERROR("target number '%s' not defined", args
[0]);
2480 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2482 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2486 jtag_device
= jtag_get_device(strtoul(args
[1], NULL
, 0));
2490 ERROR("jtag device number '%s' not defined", args
[1]);
2494 arm7_9
->etb
= malloc(sizeof(etb_t
));
2496 arm7_9
->etb
->chain_pos
= strtoul(args
[1], NULL
, 0);
2497 arm7_9
->etb
->cur_scan_chain
= -1;
2498 arm7_9
->etb
->reg_cache
= NULL
;
2503 int arm7_9_init_arch_info(target_t
*target
, arm7_9_common_t
*arm7_9
)
2505 armv4_5_common_t
*armv4_5
= &arm7_9
->armv4_5_common
;
2507 arm7_9
->common_magic
= ARM7_9_COMMON_MAGIC
;
2509 arm_jtag_setup_connection(&arm7_9
->jtag_info
);
2510 arm7_9
->wp_available
= 2;
2511 arm7_9
->wp0_used
= 0;
2512 arm7_9
->wp1_used
= 0;
2513 arm7_9
->force_hw_bkpts
= 0;
2514 arm7_9
->use_dbgrq
= 0;
2516 arm7_9
->has_etm
= 0;
2518 arm7_9
->has_single_step
= 0;
2519 arm7_9
->has_monitor_mode
= 0;
2520 arm7_9
->has_vector_catch
= 0;
2522 arm7_9
->reinit_embeddedice
= 0;
2524 arm7_9
->debug_entry_from_reset
= 0;
2526 arm7_9
->dcc_working_area
= NULL
;
2528 arm7_9
->fast_memory_access
= 0;
2529 arm7_9
->dcc_downloads
= 0;
2531 jtag_register_event_callback(arm7_9_jtag_callback
, target
);
2533 armv4_5
->arch_info
= arm7_9
;
2534 armv4_5
->read_core_reg
= arm7_9_read_core_reg
;
2535 armv4_5
->write_core_reg
= arm7_9_write_core_reg
;
2536 armv4_5
->full_context
= arm7_9_full_context
;
2538 armv4_5_init_arch_info(target
, armv4_5
);
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)