1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
44 #define FNC_INFO LOG_DEBUG("-")
50 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
52 #define FNC_INFO_NOTIMPLEMENTED
55 static bool arm11_config_memwrite_burst
= true;
56 static bool arm11_config_memwrite_error_fatal
= true;
57 static uint32_t arm11_vcr
= 0;
58 static bool arm11_config_step_irq_enable
= false;
59 static bool arm11_config_hardware_step
= false;
61 static int arm11_regs_arch_type
= -1;
78 ARM11_REGISTER_SPSR_FIQ
,
79 ARM11_REGISTER_SPSR_SVC
,
80 ARM11_REGISTER_SPSR_ABT
,
81 ARM11_REGISTER_SPSR_IRQ
,
82 ARM11_REGISTER_SPSR_UND
,
83 ARM11_REGISTER_SPSR_MON
,
97 enum arm11_regtype type
;
100 /* update arm11_regcache_ids when changing this */
101 static const struct arm11_reg_defs arm11_reg_defs
[] =
103 {"r0", 0, 0, ARM11_REGISTER_CORE
},
104 {"r1", 1, 1, ARM11_REGISTER_CORE
},
105 {"r2", 2, 2, ARM11_REGISTER_CORE
},
106 {"r3", 3, 3, ARM11_REGISTER_CORE
},
107 {"r4", 4, 4, ARM11_REGISTER_CORE
},
108 {"r5", 5, 5, ARM11_REGISTER_CORE
},
109 {"r6", 6, 6, ARM11_REGISTER_CORE
},
110 {"r7", 7, 7, ARM11_REGISTER_CORE
},
111 {"r8", 8, 8, ARM11_REGISTER_CORE
},
112 {"r9", 9, 9, ARM11_REGISTER_CORE
},
113 {"r10", 10, 10, ARM11_REGISTER_CORE
},
114 {"r11", 11, 11, ARM11_REGISTER_CORE
},
115 {"r12", 12, 12, ARM11_REGISTER_CORE
},
116 {"sp", 13, 13, ARM11_REGISTER_CORE
},
117 {"lr", 14, 14, ARM11_REGISTER_CORE
},
118 {"pc", 15, 15, ARM11_REGISTER_CORE
},
120 #if ARM11_REGCACHE_FREGS
121 {"f0", 0, 16, ARM11_REGISTER_FX
},
122 {"f1", 1, 17, ARM11_REGISTER_FX
},
123 {"f2", 2, 18, ARM11_REGISTER_FX
},
124 {"f3", 3, 19, ARM11_REGISTER_FX
},
125 {"f4", 4, 20, ARM11_REGISTER_FX
},
126 {"f5", 5, 21, ARM11_REGISTER_FX
},
127 {"f6", 6, 22, ARM11_REGISTER_FX
},
128 {"f7", 7, 23, ARM11_REGISTER_FX
},
129 {"fps", 0, 24, ARM11_REGISTER_FPS
},
132 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
134 #if ARM11_REGCACHE_MODEREGS
135 {"r8_fiq", 8, -1, ARM11_REGISTER_FIQ
},
136 {"r9_fiq", 9, -1, ARM11_REGISTER_FIQ
},
137 {"r10_fiq", 10, -1, ARM11_REGISTER_FIQ
},
138 {"r11_fiq", 11, -1, ARM11_REGISTER_FIQ
},
139 {"r12_fiq", 12, -1, ARM11_REGISTER_FIQ
},
140 {"r13_fiq", 13, -1, ARM11_REGISTER_FIQ
},
141 {"r14_fiq", 14, -1, ARM11_REGISTER_FIQ
},
142 {"spsr_fiq", 0, -1, ARM11_REGISTER_SPSR_FIQ
},
144 {"r13_svc", 13, -1, ARM11_REGISTER_SVC
},
145 {"r14_svc", 14, -1, ARM11_REGISTER_SVC
},
146 {"spsr_svc", 0, -1, ARM11_REGISTER_SPSR_SVC
},
148 {"r13_abt", 13, -1, ARM11_REGISTER_ABT
},
149 {"r14_abt", 14, -1, ARM11_REGISTER_ABT
},
150 {"spsr_abt", 0, -1, ARM11_REGISTER_SPSR_ABT
},
152 {"r13_irq", 13, -1, ARM11_REGISTER_IRQ
},
153 {"r14_irq", 14, -1, ARM11_REGISTER_IRQ
},
154 {"spsr_irq", 0, -1, ARM11_REGISTER_SPSR_IRQ
},
156 {"r13_und", 13, -1, ARM11_REGISTER_UND
},
157 {"r14_und", 14, -1, ARM11_REGISTER_UND
},
158 {"spsr_und", 0, -1, ARM11_REGISTER_SPSR_UND
},
161 {"r13_mon", 13, -1, ARM11_REGISTER_MON
},
162 {"r14_mon", 14, -1, ARM11_REGISTER_MON
},
163 {"spsr_mon", 0, -1, ARM11_REGISTER_SPSR_MON
},
166 /* Debug Registers */
167 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
168 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
169 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
172 enum arm11_regcache_ids
175 ARM11_RC_RX
= ARM11_RC_R0
,
190 ARM11_RC_SP
= ARM11_RC_R13
,
192 ARM11_RC_LR
= ARM11_RC_R14
,
194 ARM11_RC_PC
= ARM11_RC_R15
,
196 #if ARM11_REGCACHE_FREGS
198 ARM11_RC_FX
= ARM11_RC_F0
,
211 #if ARM11_REGCACHE_MODEREGS
249 #define ARM11_GDB_REGISTER_COUNT 26
251 /* FIXME these are *identical* to the ARMv4_5 dummies ... except
252 * for their names, and being static vs global, and having different
253 * addresses. Ditto ARMv7a and ARMv7m dummies.
256 static uint8_t arm11_gdb_dummy_fp_value
[12];
258 static struct reg arm11_gdb_dummy_fp_reg
=
260 .name
= "GDB dummy floating-point register",
261 .value
= arm11_gdb_dummy_fp_value
,
269 static uint8_t arm11_gdb_dummy_fps_value
[4];
271 static struct reg arm11_gdb_dummy_fps_reg
=
273 .name
= "GDB dummy floating-point status register",
274 .value
= arm11_gdb_dummy_fps_value
,
283 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
284 static int arm11_step(struct target
*target
, int current
,
285 uint32_t address
, int handle_breakpoints
);
287 static int arm11_build_reg_cache(struct target
*target
);
288 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
);
289 static int arm11_get_reg(struct reg
*reg
);
291 static void arm11_record_register_history(struct arm11_common
* arm11
);
292 static void arm11_dump_reg_changes(struct arm11_common
* arm11
);
295 /** Check and if necessary take control of the system
297 * \param arm11 Target state variable.
298 * \param dscr If the current DSCR content is
299 * available a pointer to a word holding the
300 * DSCR can be passed. Otherwise use NULL.
302 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
306 uint32_t dscr_local_tmp_copy
;
310 dscr
= &dscr_local_tmp_copy
;
312 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
315 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
317 LOG_DEBUG("Bringing target into debug mode");
319 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
320 arm11_write_DSCR(arm11
, *dscr
);
322 /* add further reset initialization here */
324 arm11
->simulate_reset_on_next_halt
= true;
326 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
328 /** \todo TODO: this needs further scrutiny because
329 * arm11_on_enter_debug_state() never gets properly called.
330 * As a result we don't read the actual register states from
334 arm11
->target
->state
= TARGET_HALTED
;
335 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
339 arm11
->target
->state
= TARGET_RUNNING
;
340 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
343 arm11_sc7_clear_vbw(arm11
);
352 (arm11->reg_values[ARM11_RC_##x])
354 /** Save processor state.
356 * This is called when the HALT instruction has succeeded
357 * or on other occasions that stop the processor.
360 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
365 for (size_t i
= 0; i
< ARRAY_SIZE(arm11
->reg_values
); i
++)
367 arm11
->reg_list
[i
].valid
= 1;
368 arm11
->reg_list
[i
].dirty
= 0;
372 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
376 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
378 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
380 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
382 struct scan_field chain5_fields
[3];
384 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
385 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
386 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
388 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
392 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
396 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
397 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
398 ARM1136 seems to require this to issue ITR's as well */
400 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
402 /* this executes JTAG queue: */
404 arm11_write_DSCR(arm11
, new_dscr
);
408 Before executing any instruction in debug state you have to drain the write buffer.
409 This ensures that no imprecise Data Aborts can return at a later point:*/
411 /** \todo TODO: Test drain write buffer. */
416 /* MRC p14,0,R0,c5,c10,0 */
417 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
419 /* mcr 15, 0, r0, cr7, cr10, {4} */
420 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
422 uint32_t dscr
= arm11_read_DSCR(arm11
);
424 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
426 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
428 arm11_run_instr_no_data1(arm11
, 0xe320f000);
430 dscr
= arm11_read_DSCR(arm11
);
432 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
439 retval
= arm11_run_instr_data_prepare(arm11
);
440 if (retval
!= ERROR_OK
)
445 /** \todo TODO: handle other mode registers */
447 for (size_t i
= 0; i
< 15; i
++)
449 /* MCR p14,0,R?,c0,c5,0 */
450 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
451 if (retval
!= ERROR_OK
)
457 /* check rDTRfull in DSCR */
459 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
461 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
462 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
463 if (retval
!= ERROR_OK
)
468 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
473 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
474 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
475 if (retval
!= ERROR_OK
)
480 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
481 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
482 if (retval
!= ERROR_OK
)
485 /* adjust PC depending on ARM state */
487 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
489 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
491 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
493 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
497 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
500 if (arm11
->simulate_reset_on_next_halt
)
502 arm11
->simulate_reset_on_next_halt
= false;
504 LOG_DEBUG("Reset c1 Control Register");
506 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
508 /* MCR p15,0,R0,c1,c0,0 */
509 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
510 if (retval
!= ERROR_OK
)
515 retval
= arm11_run_instr_data_finish(arm11
);
516 if (retval
!= ERROR_OK
)
519 arm11_dump_reg_changes(arm11
);
524 void arm11_dump_reg_changes(struct arm11_common
* arm11
)
527 if (!(debug_level
>= LOG_LVL_DEBUG
))
532 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
534 if (!arm11
->reg_list
[i
].valid
)
536 if (arm11
->reg_history
[i
].valid
)
537 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
541 if (arm11
->reg_history
[i
].valid
)
543 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
544 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
548 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
554 /** Restore processor state
556 * This is called in preparation for the RESTART function.
559 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
564 retval
= arm11_run_instr_data_prepare(arm11
);
565 if (retval
!= ERROR_OK
)
568 /** \todo TODO: handle other mode registers */
570 /* restore R1 - R14 */
572 for (size_t i
= 1; i
< 15; i
++)
574 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
577 /* MRC p14,0,r?,c0,c5,0 */
578 arm11_run_instr_data_to_core1(arm11
, 0xee100e15 | (i
<< 12), R(RX
+ i
));
580 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
583 retval
= arm11_run_instr_data_finish(arm11
);
584 if (retval
!= ERROR_OK
)
587 /* spec says clear wDTR and rDTR; we assume they are clear as
588 otherwise our programming would be sloppy */
592 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
594 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
597 The wDTR/rDTR two registers that are used to send/receive data to/from
598 the core in tandem with corresponding instruction codes that are
599 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
600 registers hold data that was written by one side (CPU or JTAG) and not
601 read out by the other side.
603 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
608 retval
= arm11_run_instr_data_prepare(arm11
);
609 if (retval
!= ERROR_OK
)
612 /* restore original wDTR */
614 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
616 /* MCR p14,0,R0,c0,c5,0 */
617 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
618 if (retval
!= ERROR_OK
)
625 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
626 if (retval
!= ERROR_OK
)
633 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
634 if (retval
!= ERROR_OK
)
640 /* MRC p14,0,r0,c0,c5,0 */
641 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
643 retval
= arm11_run_instr_data_finish(arm11
);
644 if (retval
!= ERROR_OK
)
649 arm11_write_DSCR(arm11
, R(DSCR
));
653 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
655 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
657 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
659 struct scan_field chain5_fields
[3];
661 uint8_t Ready
= 0; /* ignored */
662 uint8_t Valid
= 0; /* ignored */
664 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
665 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
666 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
668 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
671 arm11_record_register_history(arm11
);
676 static void arm11_record_register_history(struct arm11_common
*arm11
)
678 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
680 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
681 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
683 arm11
->reg_list
[i
].valid
= 0;
684 arm11
->reg_list
[i
].dirty
= 0;
689 /* poll current target status */
690 static int arm11_poll(struct target
*target
)
694 struct arm11_common
*arm11
= target_to_arm11(target
);
697 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
699 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
701 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
703 if (dscr
& ARM11_DSCR_CORE_HALTED
)
705 if (target
->state
!= TARGET_HALTED
)
707 enum target_state old_state
= target
->state
;
709 LOG_DEBUG("enter TARGET_HALTED");
710 target
->state
= TARGET_HALTED
;
711 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
712 retval
= arm11_on_enter_debug_state(arm11
);
713 if (retval
!= ERROR_OK
)
716 target_call_event_callbacks(target
,
717 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
722 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
724 LOG_DEBUG("enter TARGET_RUNNING");
725 target
->state
= TARGET_RUNNING
;
726 target
->debug_reason
= DBG_REASON_NOTHALTED
;
732 /* architecture specific status reply */
733 static int arm11_arch_state(struct target
*target
)
735 struct arm11_common
*arm11
= target_to_arm11(target
);
737 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
738 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
745 /* target request support */
746 static int arm11_target_request_data(struct target
*target
,
747 uint32_t size
, uint8_t *buffer
)
749 FNC_INFO_NOTIMPLEMENTED
;
754 /* target execution control */
755 static int arm11_halt(struct target
*target
)
758 struct arm11_common
*arm11
= target_to_arm11(target
);
760 LOG_DEBUG("target->state: %s",
761 target_state_name(target
));
763 if (target
->state
== TARGET_UNKNOWN
)
765 arm11
->simulate_reset_on_next_halt
= true;
768 if (target
->state
== TARGET_HALTED
)
770 LOG_DEBUG("target was already halted");
774 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
776 CHECK_RETVAL(jtag_execute_queue());
783 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
785 if (dscr
& ARM11_DSCR_CORE_HALTED
)
796 if ((timeval_ms()-then
) > 1000)
798 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
805 arm11_on_enter_debug_state(arm11
);
807 enum target_state old_state
= target
->state
;
809 target
->state
= TARGET_HALTED
;
810 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
813 target_call_event_callbacks(target
,
814 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
819 static int arm11_resume(struct target
*target
, int current
,
820 uint32_t address
, int handle_breakpoints
, int debug_execution
)
824 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
825 // current, address, handle_breakpoints, debug_execution);
827 struct arm11_common
*arm11
= target_to_arm11(target
);
829 LOG_DEBUG("target->state: %s",
830 target_state_name(target
));
833 if (target
->state
!= TARGET_HALTED
)
835 LOG_ERROR("Target not halted");
836 return ERROR_TARGET_NOT_HALTED
;
842 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
844 /* clear breakpoints/watchpoints and VCR*/
845 arm11_sc7_clear_vbw(arm11
);
847 /* Set up breakpoints */
848 if (!debug_execution
)
850 /* check if one matches PC and step over it if necessary */
852 struct breakpoint
* bp
;
854 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
856 if (bp
->address
== R(PC
))
858 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
859 arm11_step(target
, 1, 0, 0);
864 /* set all breakpoints */
868 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
870 struct arm11_sc7_action brp
[2];
873 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
874 brp
[0].value
= bp
->address
;
876 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
877 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
879 arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
));
881 LOG_DEBUG("Add BP " ZU
" at %08" PRIx32
"", brp_num
, bp
->address
);
886 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
889 arm11_leave_debug_state(arm11
);
891 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
893 CHECK_RETVAL(jtag_execute_queue());
900 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
902 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
904 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
915 if ((timeval_ms()-then
) > 1000)
917 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
924 if (!debug_execution
)
926 target
->state
= TARGET_RUNNING
;
927 target
->debug_reason
= DBG_REASON_NOTHALTED
;
929 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
933 target
->state
= TARGET_DEBUG_RUNNING
;
934 target
->debug_reason
= DBG_REASON_NOTHALTED
;
936 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
943 static int armv4_5_to_arm11(int reg
)
950 return ARM11_RC_CPSR
;
952 /* FIX!!! handle thumb better! */
953 return ARM11_RC_CPSR
;
955 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
961 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
963 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
965 reg
=armv4_5_to_arm11(reg
);
967 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
970 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
971 int reg
, uint32_t value
)
973 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
975 reg
=armv4_5_to_arm11(reg
);
977 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
980 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
983 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
985 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
988 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
990 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
992 /* FIX!!!! we should implement thumb for arm11 */
993 return ARMV4_5_STATE_ARM
;
996 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
997 enum armv4_5_state mode
)
999 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
1001 /* FIX!!!! we should implement thumb for arm11 */
1002 LOG_ERROR("Not implemetned!");
1006 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
1008 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
1010 /* FIX!!!! we should implement something that returns the current mode here!!! */
1011 return ARMV4_5_MODE_USR
;
1014 static int arm11_simulate_step(struct target
*target
, uint32_t *dry_run_pc
)
1016 struct arm_sim_interface sim
;
1018 sim
.user_data
=target
->arch_info
;
1019 sim
.get_reg
=&arm11_sim_get_reg
;
1020 sim
.set_reg
=&arm11_sim_set_reg
;
1021 sim
.get_reg_mode
=&arm11_sim_get_reg
;
1022 sim
.set_reg_mode
=&arm11_sim_set_reg
;
1023 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
1024 sim
.get_mode
=&arm11_sim_get_mode
;
1025 sim
.get_state
=&arm11_sim_get_state
;
1026 sim
.set_state
=&arm11_sim_set_state
;
1028 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
1032 static int arm11_step(struct target
*target
, int current
,
1033 uint32_t address
, int handle_breakpoints
)
1037 LOG_DEBUG("target->state: %s",
1038 target_state_name(target
));
1040 if (target
->state
!= TARGET_HALTED
)
1042 LOG_WARNING("target was not halted");
1043 return ERROR_TARGET_NOT_HALTED
;
1046 struct arm11_common
*arm11
= target_to_arm11(target
);
1051 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
1054 /** \todo TODO: Thumb not supported here */
1056 uint32_t next_instruction
;
1058 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
1060 /* skip over BKPT */
1061 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
1064 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1065 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1066 LOG_DEBUG("Skipping BKPT");
1068 /* skip over Wait for interrupt / Standby */
1069 /* mcr 15, 0, r?, cr7, cr0, {4} */
1070 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
1073 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1074 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1075 LOG_DEBUG("Skipping WFI");
1077 /* ignore B to self */
1078 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
1080 LOG_DEBUG("Not stepping jump to self");
1084 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
1087 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
1088 * the VCR might be something worth looking into. */
1091 /* Set up breakpoint for stepping */
1093 struct arm11_sc7_action brp
[2];
1096 brp
[0].address
= ARM11_SC7_BVR0
;
1098 brp
[1].address
= ARM11_SC7_BCR0
;
1100 if (arm11_config_hardware_step
)
1102 /* hardware single stepping be used if possible or is it better to
1103 * always use the same code path? Hardware single stepping is not supported
1106 brp
[0].value
= R(PC
);
1107 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
1110 /* sets a breakpoint on the next PC(calculated by simulation),
1114 retval
= arm11_simulate_step(target
, &next_pc
);
1115 if (retval
!= ERROR_OK
)
1118 brp
[0].value
= next_pc
;
1119 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1122 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
)));
1127 if (arm11_config_step_irq_enable
)
1128 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1130 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1133 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1135 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1137 CHECK_RETVAL(jtag_execute_queue());
1145 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1147 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1149 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1150 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1156 then
= timeval_ms();
1160 if ((timeval_ms()-then
) > 1000)
1162 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1169 /* clear breakpoint */
1170 arm11_sc7_clear_vbw(arm11
);
1173 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1175 /* restore default state */
1176 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1180 // target->state = TARGET_HALTED;
1181 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1183 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1188 static int arm11_assert_reset(struct target
*target
)
1192 struct arm11_common
*arm11
= target_to_arm11(target
);
1194 retval
= arm11_check_init(arm11
, NULL
);
1195 if (retval
!= ERROR_OK
)
1198 target
->state
= TARGET_UNKNOWN
;
1200 /* we would very much like to reset into the halted, state,
1201 * but resetting and halting is second best... */
1202 if (target
->reset_halt
)
1204 CHECK_RETVAL(target_halt(target
));
1208 /* srst is funny. We can not do *anything* else while it's asserted
1209 * and it has unkonwn side effects. Make sure no other code runs
1212 * Code below assumes srst:
1214 * - Causes power-on-reset (but of what parts of the system?). Bug
1217 * - Messes us TAP state without asserting trst.
1219 * - There is another bug in the arm11 core. When you generate an access to
1220 * external logic (for example ddr controller via AHB bus) and that block
1221 * is not configured (perhaps it is still held in reset), that transaction
1222 * will never complete. This will hang arm11 core but it will also hang
1223 * JTAG controller. Nothing, short of srst assertion will bring it out of
1228 * - What should the PC be after an srst reset when starting in the halted
1232 jtag_add_reset(0, 1);
1233 jtag_add_reset(0, 0);
1235 /* How long do we have to wait? */
1236 jtag_add_sleep(5000);
1238 /* un-mess up TAP state */
1241 retval
= jtag_execute_queue();
1242 if (retval
!= ERROR_OK
)
1250 static int arm11_deassert_reset(struct target
*target
)
1255 static int arm11_soft_reset_halt(struct target
*target
)
1257 FNC_INFO_NOTIMPLEMENTED
;
1262 /* target register access for gdb */
1263 static int arm11_get_gdb_reg_list(struct target
*target
,
1264 struct reg
**reg_list
[], int *reg_list_size
)
1267 struct arm11_common
*arm11
= target_to_arm11(target
);
1269 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1270 *reg_list
= malloc(sizeof(struct reg
*) * ARM11_GDB_REGISTER_COUNT
);
1272 for (size_t i
= 16; i
< 24; i
++)
1274 (*reg_list
)[i
] = &arm11_gdb_dummy_fp_reg
;
1277 (*reg_list
)[24] = &arm11_gdb_dummy_fps_reg
;
1279 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1281 if (arm11_reg_defs
[i
].gdb_num
== -1)
1284 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1290 /* target memory access
1291 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1292 * count: number of items of <size>
1294 * arm11_config_memrw_no_increment - in the future we may want to be able
1295 * to read/write a range of data to a "port". a "port" is an action on
1296 * read memory address for some peripheral.
1298 static int arm11_read_memory_inner(struct target
*target
,
1299 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1300 bool arm11_config_memrw_no_increment
)
1302 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1307 if (target
->state
!= TARGET_HALTED
)
1309 LOG_WARNING("target was not halted");
1310 return ERROR_TARGET_NOT_HALTED
;
1313 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1315 struct arm11_common
*arm11
= target_to_arm11(target
);
1317 retval
= arm11_run_instr_data_prepare(arm11
);
1318 if (retval
!= ERROR_OK
)
1321 /* MRC p14,0,r0,c0,c5,0 */
1322 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1323 if (retval
!= ERROR_OK
)
1329 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1330 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1332 for (size_t i
= 0; i
< count
; i
++)
1334 /* ldrb r1, [r0], #1 */
1336 arm11_run_instr_no_data1(arm11
,
1337 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1340 /* MCR p14,0,R1,c0,c5,0 */
1341 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1350 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1352 for (size_t i
= 0; i
< count
; i
++)
1354 /* ldrh r1, [r0], #2 */
1355 arm11_run_instr_no_data1(arm11
,
1356 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1360 /* MCR p14,0,R1,c0,c5,0 */
1361 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1363 uint16_t svalue
= res
;
1364 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1372 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1373 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1374 uint32_t *words
= (uint32_t *)buffer
;
1376 /* LDC p14,c5,[R0],#4 */
1377 /* LDC p14,c5,[R0] */
1378 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1383 return arm11_run_instr_data_finish(arm11
);
1386 static int arm11_read_memory(struct target
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1388 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1392 * arm11_config_memrw_no_increment - in the future we may want to be able
1393 * to read/write a range of data to a "port". a "port" is an action on
1394 * read memory address for some peripheral.
1396 static int arm11_write_memory_inner(struct target
*target
,
1397 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1398 bool arm11_config_memrw_no_increment
)
1403 if (target
->state
!= TARGET_HALTED
)
1405 LOG_WARNING("target was not halted");
1406 return ERROR_TARGET_NOT_HALTED
;
1409 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1411 struct arm11_common
*arm11
= target_to_arm11(target
);
1413 retval
= arm11_run_instr_data_prepare(arm11
);
1414 if (retval
!= ERROR_OK
)
1417 /* MRC p14,0,r0,c0,c5,0 */
1418 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1419 if (retval
!= ERROR_OK
)
1422 /* burst writes are not used for single words as those may well be
1423 * reset init script writes.
1425 * The other advantage is that as burst writes are default, we'll
1426 * now exercise both burst and non-burst code paths with the
1427 * default settings, increasing code coverage.
1429 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1435 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1437 for (size_t i
= 0; i
< count
; i
++)
1439 /* MRC p14,0,r1,c0,c5,0 */
1440 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1441 if (retval
!= ERROR_OK
)
1444 /* strb r1, [r0], #1 */
1446 retval
= arm11_run_instr_no_data1(arm11
,
1447 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1448 if (retval
!= ERROR_OK
)
1457 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1459 for (size_t i
= 0; i
< count
; i
++)
1462 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1464 /* MRC p14,0,r1,c0,c5,0 */
1465 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1466 if (retval
!= ERROR_OK
)
1469 /* strh r1, [r0], #2 */
1471 retval
= arm11_run_instr_no_data1(arm11
,
1472 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1473 if (retval
!= ERROR_OK
)
1481 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1483 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1484 uint32_t *words
= (uint32_t*)buffer
;
1488 /* STC p14,c5,[R0],#4 */
1489 /* STC p14,c5,[R0]*/
1490 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1491 if (retval
!= ERROR_OK
)
1496 /* STC p14,c5,[R0],#4 */
1497 /* STC p14,c5,[R0]*/
1498 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1499 if (retval
!= ERROR_OK
)
1507 /* r0 verification */
1508 if (!arm11_config_memrw_no_increment
)
1512 /* MCR p14,0,R0,c0,c5,0 */
1513 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1514 if (retval
!= ERROR_OK
)
1517 if (address
+ size
* count
!= r0
)
1519 LOG_ERROR("Data transfer failed. Expected end "
1520 "address 0x%08x, got 0x%08x",
1521 (unsigned) (address
+ size
* count
),
1525 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1527 if (arm11_config_memwrite_error_fatal
)
1532 return arm11_run_instr_data_finish(arm11
);
1535 static int arm11_write_memory(struct target
*target
,
1536 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1538 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1541 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1542 static int arm11_bulk_write_memory(struct target
*target
,
1543 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1547 if (target
->state
!= TARGET_HALTED
)
1549 LOG_WARNING("target was not halted");
1550 return ERROR_TARGET_NOT_HALTED
;
1553 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1556 /* target break-/watchpoint control
1557 * rw: 0 = write, 1 = read, 2 = access
1559 static int arm11_add_breakpoint(struct target
*target
,
1560 struct breakpoint
*breakpoint
)
1563 struct arm11_common
*arm11
= target_to_arm11(target
);
1566 if (breakpoint
->type
== BKPT_SOFT
)
1568 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1569 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1573 if (!arm11
->free_brps
)
1575 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1576 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1579 if (breakpoint
->length
!= 4)
1581 LOG_DEBUG("only breakpoints of four bytes length supported");
1582 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1590 static int arm11_remove_breakpoint(struct target
*target
,
1591 struct breakpoint
*breakpoint
)
1594 struct arm11_common
*arm11
= target_to_arm11(target
);
1601 static int arm11_add_watchpoint(struct target
*target
,
1602 struct watchpoint
*watchpoint
)
1604 FNC_INFO_NOTIMPLEMENTED
;
1609 static int arm11_remove_watchpoint(struct target
*target
,
1610 struct watchpoint
*watchpoint
)
1612 FNC_INFO_NOTIMPLEMENTED
;
1617 // HACKHACKHACK - FIXME mode/state
1618 /* target algorithm support */
1619 static int arm11_run_algorithm(struct target
*target
,
1620 int num_mem_params
, struct mem_param
*mem_params
,
1621 int num_reg_params
, struct reg_param
*reg_params
,
1622 uint32_t entry_point
, uint32_t exit_point
,
1623 int timeout_ms
, void *arch_info
)
1625 struct arm11_common
*arm11
= target_to_arm11(target
);
1626 // enum armv4_5_state core_state = arm11->core_state;
1627 // enum armv4_5_mode core_mode = arm11->core_mode;
1628 uint32_t context
[16];
1630 int exit_breakpoint_size
= 0;
1631 int retval
= ERROR_OK
;
1632 LOG_DEBUG("Running algorithm");
1635 if (target
->state
!= TARGET_HALTED
)
1637 LOG_WARNING("target not halted");
1638 return ERROR_TARGET_NOT_HALTED
;
1642 // if (armv4_5_mode_to_number(arm11->core_mode)==-1)
1643 // return ERROR_FAIL;
1646 for (unsigned i
= 0; i
< 16; i
++)
1648 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1649 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1652 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1653 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1655 for (int i
= 0; i
< num_mem_params
; i
++)
1657 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1660 // Set register parameters
1661 for (int i
= 0; i
< num_reg_params
; i
++)
1663 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1666 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1667 return ERROR_INVALID_ARGUMENTS
;
1670 if (reg
->size
!= reg_params
[i
].size
)
1672 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1673 return ERROR_INVALID_ARGUMENTS
;
1675 arm11_set_reg(reg
,reg_params
[i
].value
);
1676 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1679 exit_breakpoint_size
= 4;
1681 /* arm11->core_state = arm11_algorithm_info->core_state;
1682 if (arm11->core_state == ARMV4_5_STATE_ARM)
1683 exit_breakpoint_size = 4;
1684 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1685 exit_breakpoint_size = 2;
1688 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1694 /* arm11 at this point only supports ARM not THUMB mode
1695 however if this test needs to be reactivated the current state can be read back
1698 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1700 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1701 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1702 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1703 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1707 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1709 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1710 retval
= ERROR_TARGET_FAILURE
;
1714 // no debug, otherwise breakpoint is not set
1715 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1717 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1719 if (target
->state
!= TARGET_HALTED
)
1721 CHECK_RETVAL(target_halt(target
));
1723 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1725 retval
= ERROR_TARGET_TIMEOUT
;
1727 goto del_breakpoint
;
1730 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1732 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1733 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1734 retval
= ERROR_TARGET_TIMEOUT
;
1735 goto del_breakpoint
;
1738 for (int i
= 0; i
< num_mem_params
; i
++)
1740 if (mem_params
[i
].direction
!= PARAM_OUT
)
1741 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1744 for (int i
= 0; i
< num_reg_params
; i
++)
1746 if (reg_params
[i
].direction
!= PARAM_OUT
)
1748 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1751 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1752 retval
= ERROR_INVALID_ARGUMENTS
;
1753 goto del_breakpoint
;
1756 if (reg
->size
!= reg_params
[i
].size
)
1758 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1759 retval
= ERROR_INVALID_ARGUMENTS
;
1760 goto del_breakpoint
;
1763 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1768 breakpoint_remove(target
, exit_point
);
1772 for (size_t i
= 0; i
< 16; i
++)
1774 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1775 arm11
->reg_list
[i
].name
, context
[i
]);
1776 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1778 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1779 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1781 // arm11->core_state = core_state;
1782 // arm11->core_mode = core_mode;
1787 static int arm11_target_create(struct target
*target
, Jim_Interp
*interp
)
1791 NEW(struct arm11_common
, arm11
, 1);
1793 arm11
->target
= target
;
1795 if (target
->tap
== NULL
)
1798 if (target
->tap
->ir_length
!= 5)
1800 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1801 return ERROR_COMMAND_SYNTAX_ERROR
;
1804 armv4_5_init_arch_info(target
, &arm11
->arm
);
1806 arm11
->jtag_info
.tap
= target
->tap
;
1807 arm11
->jtag_info
.scann_size
= 5;
1808 arm11
->jtag_info
.scann_instr
= ARM11_SCAN_N
;
1809 /* cur_scan_chain == 0 */
1810 arm11
->jtag_info
.intest_instr
= ARM11_INTEST
;
1815 static int arm11_init_target(struct command_context
*cmd_ctx
,
1816 struct target
*target
)
1818 /* Initialize anything we can set up without talking to the target */
1819 return arm11_build_reg_cache(target
);
1822 /* talk to the target and set things up */
1823 static int arm11_examine(struct target
*target
)
1828 struct arm11_common
*arm11
= target_to_arm11(target
);
1832 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1834 struct scan_field idcode_field
;
1836 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1838 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1842 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1844 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1846 struct scan_field chain0_fields
[2];
1848 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1849 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1851 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields
), chain0_fields
, TAP_IDLE
);
1853 CHECK_RETVAL(jtag_execute_queue());
1855 switch (arm11
->device_id
& 0x0FFFF000)
1857 case 0x07B36000: LOG_INFO("found ARM1136"); break;
1858 case 0x07B56000: LOG_INFO("found ARM1156"); break;
1859 case 0x07B76000: LOG_INFO("found ARM1176"); break;
1861 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1865 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1867 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1868 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1870 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1874 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1875 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1877 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1878 arm11
->free_brps
= arm11
->brp
;
1879 arm11
->free_wrps
= arm11
->wrp
;
1881 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1883 (int)(arm11
->implementor
),
1886 /* as a side-effect this reads DSCR and thus
1887 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1888 * as suggested by the spec.
1891 retval
= arm11_check_init(arm11
, NULL
);
1892 if (retval
!= ERROR_OK
)
1895 /* ETM on ARM11 still uses original scanchain 6 access mode */
1896 if (arm11
->arm
.etm
&& !target_was_examined(target
)) {
1897 *register_get_last_cache_p(&target
->reg_cache
) =
1898 etm_build_reg_cache(target
, &arm11
->jtag_info
,
1900 retval
= etm_setup(target
);
1903 target_set_examined(target
);
1909 /** Load a register that is marked !valid in the register cache */
1910 static int arm11_get_reg(struct reg
*reg
)
1914 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1916 if (target
->state
!= TARGET_HALTED
)
1918 LOG_WARNING("target was not halted");
1919 return ERROR_TARGET_NOT_HALTED
;
1922 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1925 struct arm11_common
*arm11
= target_to_arm11(target
);
1926 const struct arm11_reg_defs
*arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1932 /** Change a value in the register cache */
1933 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
)
1937 struct target
*target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1938 struct arm11_common
*arm11
= target_to_arm11(target
);
1939 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1941 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1948 static int arm11_build_reg_cache(struct target
*target
)
1950 struct arm11_common
*arm11
= target_to_arm11(target
);
1952 NEW(struct reg_cache
, cache
, 1);
1953 NEW(struct reg
, reg_list
, ARM11_REGCACHE_COUNT
);
1954 NEW(struct arm11_reg_state
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1956 if (arm11_regs_arch_type
== -1)
1957 arm11_regs_arch_type
= register_reg_arch_type(arm11_get_reg
, arm11_set_reg
);
1959 register_init_dummy(&arm11_gdb_dummy_fp_reg
);
1960 register_init_dummy(&arm11_gdb_dummy_fps_reg
);
1962 arm11
->reg_list
= reg_list
;
1964 /* Build the process context cache */
1965 cache
->name
= "arm11 registers";
1967 cache
->reg_list
= reg_list
;
1968 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1970 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1973 arm11
->core_cache
= cache
;
1974 // armv7m->process_context = cache;
1978 /* Not very elegant assertion */
1979 if (ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11
->reg_values
) ||
1980 ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11_reg_defs
) ||
1981 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1983 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU
" " ZU
" %d)", ARM11_REGCACHE_COUNT
, ARRAY_SIZE(arm11
->reg_values
), ARRAY_SIZE(arm11_reg_defs
), ARM11_RC_MAX
);
1987 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1989 struct reg
* r
= reg_list
+ i
;
1990 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
1991 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
1995 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1998 r
->arch_type
= arm11_regs_arch_type
;
2002 rs
->target
= target
;
2008 static COMMAND_HELPER(arm11_handle_bool
, bool *var
, char *name
)
2012 LOG_INFO("%s is %s.", name
, *var
? "enabled" : "disabled");
2017 return ERROR_COMMAND_SYNTAX_ERROR
;
2022 case 'f': /* false */
2024 case 'd': /* disable */
2030 case 't': /* true */
2032 case 'e': /* enable */
2038 LOG_INFO("%s %s.", *var
? "Enabled" : "Disabled", name
);
2043 #define BOOL_WRAPPER(name, print_name) \
2044 COMMAND_HANDLER(arm11_handle_bool_##name) \
2046 return CALL_COMMAND_HANDLER(arm11_handle_bool, \
2047 &arm11_config_##name, print_name); \
2050 BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
2051 BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
2052 BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
2053 BOOL_WRAPPER(hardware_step
, "hardware single step")
2055 COMMAND_HANDLER(arm11_handle_vcr
)
2061 COMMAND_PARSE_NUMBER(u32
, args
[0], arm11_vcr
);
2064 return ERROR_COMMAND_SYNTAX_ERROR
;
2067 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
2071 static const uint32_t arm11_coproc_instruction_limits
[] =
2073 15, /* coprocessor */
2078 0xFFFFFFFF, /* value */
2081 static int arm11_mrc_inner(struct target
*target
, int cpnum
,
2082 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
2083 uint32_t *value
, bool read
)
2086 struct arm11_common
*arm11
= target_to_arm11(target
);
2088 if (target
->state
!= TARGET_HALTED
)
2090 LOG_ERROR("Target not halted");
2094 uint32_t instr
= 0xEE000010 |
2102 instr
|= 0x00100000;
2104 retval
= arm11_run_instr_data_prepare(arm11
);
2105 if (retval
!= ERROR_OK
)
2110 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
2111 if (retval
!= ERROR_OK
)
2116 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
2117 if (retval
!= ERROR_OK
)
2121 return arm11_run_instr_data_finish(arm11
);
2124 static int arm11_mrc(struct target
*target
, int cpnum
,
2125 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
2127 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
2130 static int arm11_mcr(struct target
*target
, int cpnum
,
2131 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
2133 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
2136 static int arm11_register_commands(struct command_context
*cmd_ctx
)
2140 struct command
*top_cmd
, *mw_cmd
;
2142 armv4_5_register_commands(cmd_ctx
);
2144 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
2145 NULL
, COMMAND_ANY
, NULL
);
2147 /* "hardware_step" is only here to check if the default
2148 * simulate + breakpoint implementation is broken.
2149 * TEMPORARY! NOT DOCUMENTED!
2151 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2152 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2153 "DEBUG ONLY - Hardware single stepping"
2154 " (default: disabled)");
2156 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2157 NULL
, COMMAND_ANY
, NULL
);
2158 register_command(cmd_ctx
, mw_cmd
, "burst",
2159 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2160 "Enable/Disable non-standard but fast burst mode"
2161 " (default: enabled)");
2162 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2163 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2164 "Terminate program if transfer error was found"
2165 " (default: enabled)");
2167 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2168 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2169 "Enable interrupts while stepping"
2170 " (default: disabled)");
2171 register_command(cmd_ctx
, top_cmd
, "vcr",
2172 arm11_handle_vcr
, COMMAND_ANY
,
2173 "Control (Interrupt) Vector Catch Register");
2175 return etm_register_commands(cmd_ctx
);
2178 /** Holds methods for ARM11xx targets. */
2179 struct target_type arm11_target
= {
2183 .arch_state
= arm11_arch_state
,
2185 .target_request_data
= arm11_target_request_data
,
2188 .resume
= arm11_resume
,
2191 .assert_reset
= arm11_assert_reset
,
2192 .deassert_reset
= arm11_deassert_reset
,
2193 .soft_reset_halt
= arm11_soft_reset_halt
,
2195 .get_gdb_reg_list
= arm11_get_gdb_reg_list
,
2197 .read_memory
= arm11_read_memory
,
2198 .write_memory
= arm11_write_memory
,
2200 .bulk_write_memory
= arm11_bulk_write_memory
,
2202 .checksum_memory
= arm_checksum_memory
,
2203 .blank_check_memory
= arm_blank_check_memory
,
2205 .add_breakpoint
= arm11_add_breakpoint
,
2206 .remove_breakpoint
= arm11_remove_breakpoint
,
2207 .add_watchpoint
= arm11_add_watchpoint
,
2208 .remove_watchpoint
= arm11_remove_watchpoint
,
2210 .run_algorithm
= arm11_run_algorithm
,
2212 .register_commands
= arm11_register_commands
,
2213 .target_create
= arm11_target_create
,
2214 .init_target
= arm11_init_target
,
2215 .examine
= arm11_examine
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)