1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
44 #define FNC_INFO LOG_DEBUG("-")
50 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
52 #define FNC_INFO_NOTIMPLEMENTED
55 static bool arm11_config_memwrite_burst
= true;
56 static bool arm11_config_memwrite_error_fatal
= true;
57 static uint32_t arm11_vcr
= 0;
58 static bool arm11_config_step_irq_enable
= false;
59 static bool arm11_config_hardware_step
= false;
76 ARM11_REGISTER_SPSR_FIQ
,
77 ARM11_REGISTER_SPSR_SVC
,
78 ARM11_REGISTER_SPSR_ABT
,
79 ARM11_REGISTER_SPSR_IRQ
,
80 ARM11_REGISTER_SPSR_UND
,
81 ARM11_REGISTER_SPSR_MON
,
95 enum arm11_regtype type
;
98 /* update arm11_regcache_ids when changing this */
99 static const struct arm11_reg_defs arm11_reg_defs
[] =
101 {"r0", 0, 0, ARM11_REGISTER_CORE
},
102 {"r1", 1, 1, ARM11_REGISTER_CORE
},
103 {"r2", 2, 2, ARM11_REGISTER_CORE
},
104 {"r3", 3, 3, ARM11_REGISTER_CORE
},
105 {"r4", 4, 4, ARM11_REGISTER_CORE
},
106 {"r5", 5, 5, ARM11_REGISTER_CORE
},
107 {"r6", 6, 6, ARM11_REGISTER_CORE
},
108 {"r7", 7, 7, ARM11_REGISTER_CORE
},
109 {"r8", 8, 8, ARM11_REGISTER_CORE
},
110 {"r9", 9, 9, ARM11_REGISTER_CORE
},
111 {"r10", 10, 10, ARM11_REGISTER_CORE
},
112 {"r11", 11, 11, ARM11_REGISTER_CORE
},
113 {"r12", 12, 12, ARM11_REGISTER_CORE
},
114 {"sp", 13, 13, ARM11_REGISTER_CORE
},
115 {"lr", 14, 14, ARM11_REGISTER_CORE
},
116 {"pc", 15, 15, ARM11_REGISTER_CORE
},
118 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
120 /* Debug Registers */
121 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
122 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
123 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
126 enum arm11_regcache_ids
129 ARM11_RC_RX
= ARM11_RC_R0
,
144 ARM11_RC_SP
= ARM11_RC_R13
,
146 ARM11_RC_LR
= ARM11_RC_R14
,
148 ARM11_RC_PC
= ARM11_RC_R15
,
159 /* GDB expects ARMs to give R0..R15, CPSR, and 7 FPA dummies */
160 #define ARM11_GDB_REGISTER_COUNT 26
162 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
163 static int arm11_step(struct target
*target
, int current
,
164 uint32_t address
, int handle_breakpoints
);
166 static int arm11_build_reg_cache(struct target
*target
);
167 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
);
168 static int arm11_get_reg(struct reg
*reg
);
170 static void arm11_record_register_history(struct arm11_common
* arm11
);
171 static void arm11_dump_reg_changes(struct arm11_common
* arm11
);
174 /** Check and if necessary take control of the system
176 * \param arm11 Target state variable.
177 * \param dscr If the current DSCR content is
178 * available a pointer to a word holding the
179 * DSCR can be passed. Otherwise use NULL.
181 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
185 uint32_t dscr_local_tmp_copy
;
189 dscr
= &dscr_local_tmp_copy
;
191 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
194 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
196 LOG_DEBUG("Bringing target into debug mode");
198 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
199 arm11_write_DSCR(arm11
, *dscr
);
201 /* add further reset initialization here */
203 arm11
->simulate_reset_on_next_halt
= true;
205 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
207 /** \todo TODO: this needs further scrutiny because
208 * arm11_on_enter_debug_state() never gets properly called.
209 * As a result we don't read the actual register states from
213 arm11
->target
->state
= TARGET_HALTED
;
214 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
218 arm11
->target
->state
= TARGET_RUNNING
;
219 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
222 arm11_sc7_clear_vbw(arm11
);
231 (arm11->reg_values[ARM11_RC_##x])
233 /** Save processor state.
235 * This is called when the HALT instruction has succeeded
236 * or on other occasions that stop the processor.
239 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
244 for (size_t i
= 0; i
< ARRAY_SIZE(arm11
->reg_values
); i
++)
246 arm11
->reg_list
[i
].valid
= 1;
247 arm11
->reg_list
[i
].dirty
= 0;
251 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
255 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
257 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
259 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
261 struct scan_field chain5_fields
[3];
263 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
264 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
265 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
267 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
271 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
275 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
276 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
277 ARM1136 seems to require this to issue ITR's as well */
279 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
281 /* this executes JTAG queue: */
283 arm11_write_DSCR(arm11
, new_dscr
);
287 Before executing any instruction in debug state you have to drain the write buffer.
288 This ensures that no imprecise Data Aborts can return at a later point:*/
290 /** \todo TODO: Test drain write buffer. */
295 /* MRC p14,0,R0,c5,c10,0 */
296 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
298 /* mcr 15, 0, r0, cr7, cr10, {4} */
299 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
301 uint32_t dscr
= arm11_read_DSCR(arm11
);
303 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
305 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
307 arm11_run_instr_no_data1(arm11
, 0xe320f000);
309 dscr
= arm11_read_DSCR(arm11
);
311 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
318 retval
= arm11_run_instr_data_prepare(arm11
);
319 if (retval
!= ERROR_OK
)
324 /** \todo TODO: handle other mode registers */
326 for (size_t i
= 0; i
< 15; i
++)
328 /* MCR p14,0,R?,c0,c5,0 */
329 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
330 if (retval
!= ERROR_OK
)
336 /* check rDTRfull in DSCR */
338 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
340 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
341 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
342 if (retval
!= ERROR_OK
)
347 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
352 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
353 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
354 if (retval
!= ERROR_OK
)
359 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
360 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
361 if (retval
!= ERROR_OK
)
364 /* adjust PC depending on ARM state */
366 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
368 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
370 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
372 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
376 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
379 if (arm11
->simulate_reset_on_next_halt
)
381 arm11
->simulate_reset_on_next_halt
= false;
383 LOG_DEBUG("Reset c1 Control Register");
385 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
387 /* MCR p15,0,R0,c1,c0,0 */
388 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
389 if (retval
!= ERROR_OK
)
394 retval
= arm11_run_instr_data_finish(arm11
);
395 if (retval
!= ERROR_OK
)
398 arm11_dump_reg_changes(arm11
);
403 void arm11_dump_reg_changes(struct arm11_common
* arm11
)
406 if (!(debug_level
>= LOG_LVL_DEBUG
))
411 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
413 if (!arm11
->reg_list
[i
].valid
)
415 if (arm11
->reg_history
[i
].valid
)
416 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
420 if (arm11
->reg_history
[i
].valid
)
422 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
423 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
427 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
433 /** Restore processor state
435 * This is called in preparation for the RESTART function.
438 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
443 retval
= arm11_run_instr_data_prepare(arm11
);
444 if (retval
!= ERROR_OK
)
447 /** \todo TODO: handle other mode registers */
449 /* restore R1 - R14 */
451 for (size_t i
= 1; i
< 15; i
++)
453 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
456 /* MRC p14,0,r?,c0,c5,0 */
457 arm11_run_instr_data_to_core1(arm11
, 0xee100e15 | (i
<< 12), R(RX
+ i
));
459 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
462 retval
= arm11_run_instr_data_finish(arm11
);
463 if (retval
!= ERROR_OK
)
466 /* spec says clear wDTR and rDTR; we assume they are clear as
467 otherwise our programming would be sloppy */
471 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
473 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
476 The wDTR/rDTR two registers that are used to send/receive data to/from
477 the core in tandem with corresponding instruction codes that are
478 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
479 registers hold data that was written by one side (CPU or JTAG) and not
480 read out by the other side.
482 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
487 retval
= arm11_run_instr_data_prepare(arm11
);
488 if (retval
!= ERROR_OK
)
491 /* restore original wDTR */
493 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
495 /* MCR p14,0,R0,c0,c5,0 */
496 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
497 if (retval
!= ERROR_OK
)
504 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
505 if (retval
!= ERROR_OK
)
512 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
513 if (retval
!= ERROR_OK
)
519 /* MRC p14,0,r0,c0,c5,0 */
520 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
522 retval
= arm11_run_instr_data_finish(arm11
);
523 if (retval
!= ERROR_OK
)
528 arm11_write_DSCR(arm11
, R(DSCR
));
532 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
534 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
536 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
538 struct scan_field chain5_fields
[3];
540 uint8_t Ready
= 0; /* ignored */
541 uint8_t Valid
= 0; /* ignored */
543 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
544 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
545 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
547 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
550 arm11_record_register_history(arm11
);
555 static void arm11_record_register_history(struct arm11_common
*arm11
)
557 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
559 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
560 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
562 arm11
->reg_list
[i
].valid
= 0;
563 arm11
->reg_list
[i
].dirty
= 0;
568 /* poll current target status */
569 static int arm11_poll(struct target
*target
)
573 struct arm11_common
*arm11
= target_to_arm11(target
);
576 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
578 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
580 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
582 if (dscr
& ARM11_DSCR_CORE_HALTED
)
584 if (target
->state
!= TARGET_HALTED
)
586 enum target_state old_state
= target
->state
;
588 LOG_DEBUG("enter TARGET_HALTED");
589 target
->state
= TARGET_HALTED
;
590 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
591 retval
= arm11_on_enter_debug_state(arm11
);
592 if (retval
!= ERROR_OK
)
595 target_call_event_callbacks(target
,
596 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
601 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
603 LOG_DEBUG("enter TARGET_RUNNING");
604 target
->state
= TARGET_RUNNING
;
605 target
->debug_reason
= DBG_REASON_NOTHALTED
;
611 /* architecture specific status reply */
612 static int arm11_arch_state(struct target
*target
)
614 struct arm11_common
*arm11
= target_to_arm11(target
);
616 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
617 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
624 /* target request support */
625 static int arm11_target_request_data(struct target
*target
,
626 uint32_t size
, uint8_t *buffer
)
628 FNC_INFO_NOTIMPLEMENTED
;
633 /* target execution control */
634 static int arm11_halt(struct target
*target
)
637 struct arm11_common
*arm11
= target_to_arm11(target
);
639 LOG_DEBUG("target->state: %s",
640 target_state_name(target
));
642 if (target
->state
== TARGET_UNKNOWN
)
644 arm11
->simulate_reset_on_next_halt
= true;
647 if (target
->state
== TARGET_HALTED
)
649 LOG_DEBUG("target was already halted");
653 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
655 CHECK_RETVAL(jtag_execute_queue());
662 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
664 if (dscr
& ARM11_DSCR_CORE_HALTED
)
675 if ((timeval_ms()-then
) > 1000)
677 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
684 arm11_on_enter_debug_state(arm11
);
686 enum target_state old_state
= target
->state
;
688 target
->state
= TARGET_HALTED
;
689 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
692 target_call_event_callbacks(target
,
693 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
698 static int arm11_resume(struct target
*target
, int current
,
699 uint32_t address
, int handle_breakpoints
, int debug_execution
)
703 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
704 // current, address, handle_breakpoints, debug_execution);
706 struct arm11_common
*arm11
= target_to_arm11(target
);
708 LOG_DEBUG("target->state: %s",
709 target_state_name(target
));
712 if (target
->state
!= TARGET_HALTED
)
714 LOG_ERROR("Target not halted");
715 return ERROR_TARGET_NOT_HALTED
;
721 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
723 /* clear breakpoints/watchpoints and VCR*/
724 arm11_sc7_clear_vbw(arm11
);
726 /* Set up breakpoints */
727 if (!debug_execution
)
729 /* check if one matches PC and step over it if necessary */
731 struct breakpoint
* bp
;
733 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
735 if (bp
->address
== R(PC
))
737 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
738 arm11_step(target
, 1, 0, 0);
743 /* set all breakpoints */
747 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
749 struct arm11_sc7_action brp
[2];
752 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
753 brp
[0].value
= bp
->address
;
755 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
756 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
758 arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
));
760 LOG_DEBUG("Add BP " ZU
" at %08" PRIx32
"", brp_num
, bp
->address
);
765 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
768 arm11_leave_debug_state(arm11
);
770 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
772 CHECK_RETVAL(jtag_execute_queue());
779 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
781 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
783 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
794 if ((timeval_ms()-then
) > 1000)
796 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
803 if (!debug_execution
)
805 target
->state
= TARGET_RUNNING
;
806 target
->debug_reason
= DBG_REASON_NOTHALTED
;
808 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
812 target
->state
= TARGET_DEBUG_RUNNING
;
813 target
->debug_reason
= DBG_REASON_NOTHALTED
;
815 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
822 static int armv4_5_to_arm11(int reg
)
829 return ARM11_RC_CPSR
;
831 /* FIX!!! handle thumb better! */
832 return ARM11_RC_CPSR
;
834 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
840 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
842 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
844 reg
=armv4_5_to_arm11(reg
);
846 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
849 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
850 int reg
, uint32_t value
)
852 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
854 reg
=armv4_5_to_arm11(reg
);
856 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
859 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
862 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
864 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
867 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
869 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
871 /* FIX!!!! we should implement thumb for arm11 */
872 return ARMV4_5_STATE_ARM
;
875 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
876 enum armv4_5_state mode
)
878 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
880 /* FIX!!!! we should implement thumb for arm11 */
881 LOG_ERROR("Not implemetned!");
885 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
887 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
889 /* FIX!!!! we should implement something that returns the current mode here!!! */
890 return ARMV4_5_MODE_USR
;
893 static int arm11_simulate_step(struct target
*target
, uint32_t *dry_run_pc
)
895 struct arm_sim_interface sim
;
897 sim
.user_data
=target
->arch_info
;
898 sim
.get_reg
=&arm11_sim_get_reg
;
899 sim
.set_reg
=&arm11_sim_set_reg
;
900 sim
.get_reg_mode
=&arm11_sim_get_reg
;
901 sim
.set_reg_mode
=&arm11_sim_set_reg
;
902 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
903 sim
.get_mode
=&arm11_sim_get_mode
;
904 sim
.get_state
=&arm11_sim_get_state
;
905 sim
.set_state
=&arm11_sim_set_state
;
907 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
911 static int arm11_step(struct target
*target
, int current
,
912 uint32_t address
, int handle_breakpoints
)
916 LOG_DEBUG("target->state: %s",
917 target_state_name(target
));
919 if (target
->state
!= TARGET_HALTED
)
921 LOG_WARNING("target was not halted");
922 return ERROR_TARGET_NOT_HALTED
;
925 struct arm11_common
*arm11
= target_to_arm11(target
);
930 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
933 /** \todo TODO: Thumb not supported here */
935 uint32_t next_instruction
;
937 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
940 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
943 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
944 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
945 LOG_DEBUG("Skipping BKPT");
947 /* skip over Wait for interrupt / Standby */
948 /* mcr 15, 0, r?, cr7, cr0, {4} */
949 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
952 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
953 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
954 LOG_DEBUG("Skipping WFI");
956 /* ignore B to self */
957 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
959 LOG_DEBUG("Not stepping jump to self");
963 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
966 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
967 * the VCR might be something worth looking into. */
970 /* Set up breakpoint for stepping */
972 struct arm11_sc7_action brp
[2];
975 brp
[0].address
= ARM11_SC7_BVR0
;
977 brp
[1].address
= ARM11_SC7_BCR0
;
979 if (arm11_config_hardware_step
)
981 /* hardware single stepping be used if possible or is it better to
982 * always use the same code path? Hardware single stepping is not supported
985 brp
[0].value
= R(PC
);
986 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
989 /* sets a breakpoint on the next PC(calculated by simulation),
993 retval
= arm11_simulate_step(target
, &next_pc
);
994 if (retval
!= ERROR_OK
)
997 brp
[0].value
= next_pc
;
998 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1001 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
)));
1006 if (arm11_config_step_irq_enable
)
1007 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1009 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1012 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1014 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1016 CHECK_RETVAL(jtag_execute_queue());
1024 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1026 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1028 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1029 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1035 then
= timeval_ms();
1039 if ((timeval_ms()-then
) > 1000)
1041 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1048 /* clear breakpoint */
1049 arm11_sc7_clear_vbw(arm11
);
1052 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1054 /* restore default state */
1055 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1059 // target->state = TARGET_HALTED;
1060 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1062 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1067 static int arm11_assert_reset(struct target
*target
)
1071 struct arm11_common
*arm11
= target_to_arm11(target
);
1073 retval
= arm11_check_init(arm11
, NULL
);
1074 if (retval
!= ERROR_OK
)
1077 target
->state
= TARGET_UNKNOWN
;
1079 /* we would very much like to reset into the halted, state,
1080 * but resetting and halting is second best... */
1081 if (target
->reset_halt
)
1083 CHECK_RETVAL(target_halt(target
));
1087 /* srst is funny. We can not do *anything* else while it's asserted
1088 * and it has unkonwn side effects. Make sure no other code runs
1091 * Code below assumes srst:
1093 * - Causes power-on-reset (but of what parts of the system?). Bug
1096 * - Messes us TAP state without asserting trst.
1098 * - There is another bug in the arm11 core. When you generate an access to
1099 * external logic (for example ddr controller via AHB bus) and that block
1100 * is not configured (perhaps it is still held in reset), that transaction
1101 * will never complete. This will hang arm11 core but it will also hang
1102 * JTAG controller. Nothing, short of srst assertion will bring it out of
1107 * - What should the PC be after an srst reset when starting in the halted
1111 jtag_add_reset(0, 1);
1112 jtag_add_reset(0, 0);
1114 /* How long do we have to wait? */
1115 jtag_add_sleep(5000);
1117 /* un-mess up TAP state */
1120 retval
= jtag_execute_queue();
1121 if (retval
!= ERROR_OK
)
1129 static int arm11_deassert_reset(struct target
*target
)
1134 static int arm11_soft_reset_halt(struct target
*target
)
1136 FNC_INFO_NOTIMPLEMENTED
;
1141 /* target register access for gdb */
1142 static int arm11_get_gdb_reg_list(struct target
*target
,
1143 struct reg
**reg_list
[], int *reg_list_size
)
1146 struct arm11_common
*arm11
= target_to_arm11(target
);
1148 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1149 *reg_list
= malloc(sizeof(struct reg
*) * ARM11_GDB_REGISTER_COUNT
);
1151 /* nine unused legacy FPA registers are expected by GDB */
1152 for (size_t i
= 16; i
< 24; i
++)
1153 (*reg_list
)[i
] = &arm_gdb_dummy_fp_reg
;
1154 (*reg_list
)[24] = &arm_gdb_dummy_fps_reg
;
1156 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1158 if (arm11_reg_defs
[i
].gdb_num
== -1)
1161 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1167 /* target memory access
1168 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1169 * count: number of items of <size>
1171 * arm11_config_memrw_no_increment - in the future we may want to be able
1172 * to read/write a range of data to a "port". a "port" is an action on
1173 * read memory address for some peripheral.
1175 static int arm11_read_memory_inner(struct target
*target
,
1176 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1177 bool arm11_config_memrw_no_increment
)
1179 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1184 if (target
->state
!= TARGET_HALTED
)
1186 LOG_WARNING("target was not halted");
1187 return ERROR_TARGET_NOT_HALTED
;
1190 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1192 struct arm11_common
*arm11
= target_to_arm11(target
);
1194 retval
= arm11_run_instr_data_prepare(arm11
);
1195 if (retval
!= ERROR_OK
)
1198 /* MRC p14,0,r0,c0,c5,0 */
1199 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1200 if (retval
!= ERROR_OK
)
1206 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1207 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1209 for (size_t i
= 0; i
< count
; i
++)
1211 /* ldrb r1, [r0], #1 */
1213 arm11_run_instr_no_data1(arm11
,
1214 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1217 /* MCR p14,0,R1,c0,c5,0 */
1218 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1227 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1229 for (size_t i
= 0; i
< count
; i
++)
1231 /* ldrh r1, [r0], #2 */
1232 arm11_run_instr_no_data1(arm11
,
1233 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1237 /* MCR p14,0,R1,c0,c5,0 */
1238 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1240 uint16_t svalue
= res
;
1241 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1249 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1250 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1251 uint32_t *words
= (uint32_t *)buffer
;
1253 /* LDC p14,c5,[R0],#4 */
1254 /* LDC p14,c5,[R0] */
1255 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1260 return arm11_run_instr_data_finish(arm11
);
1263 static int arm11_read_memory(struct target
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1265 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1269 * arm11_config_memrw_no_increment - in the future we may want to be able
1270 * to read/write a range of data to a "port". a "port" is an action on
1271 * read memory address for some peripheral.
1273 static int arm11_write_memory_inner(struct target
*target
,
1274 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1275 bool arm11_config_memrw_no_increment
)
1280 if (target
->state
!= TARGET_HALTED
)
1282 LOG_WARNING("target was not halted");
1283 return ERROR_TARGET_NOT_HALTED
;
1286 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1288 struct arm11_common
*arm11
= target_to_arm11(target
);
1290 retval
= arm11_run_instr_data_prepare(arm11
);
1291 if (retval
!= ERROR_OK
)
1294 /* MRC p14,0,r0,c0,c5,0 */
1295 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1296 if (retval
!= ERROR_OK
)
1299 /* burst writes are not used for single words as those may well be
1300 * reset init script writes.
1302 * The other advantage is that as burst writes are default, we'll
1303 * now exercise both burst and non-burst code paths with the
1304 * default settings, increasing code coverage.
1306 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1312 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1314 for (size_t i
= 0; i
< count
; i
++)
1316 /* MRC p14,0,r1,c0,c5,0 */
1317 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1318 if (retval
!= ERROR_OK
)
1321 /* strb r1, [r0], #1 */
1323 retval
= arm11_run_instr_no_data1(arm11
,
1324 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1325 if (retval
!= ERROR_OK
)
1334 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1336 for (size_t i
= 0; i
< count
; i
++)
1339 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1341 /* MRC p14,0,r1,c0,c5,0 */
1342 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1343 if (retval
!= ERROR_OK
)
1346 /* strh r1, [r0], #2 */
1348 retval
= arm11_run_instr_no_data1(arm11
,
1349 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1350 if (retval
!= ERROR_OK
)
1358 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1360 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1361 uint32_t *words
= (uint32_t*)buffer
;
1365 /* STC p14,c5,[R0],#4 */
1366 /* STC p14,c5,[R0]*/
1367 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1368 if (retval
!= ERROR_OK
)
1373 /* STC p14,c5,[R0],#4 */
1374 /* STC p14,c5,[R0]*/
1375 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1376 if (retval
!= ERROR_OK
)
1384 /* r0 verification */
1385 if (!arm11_config_memrw_no_increment
)
1389 /* MCR p14,0,R0,c0,c5,0 */
1390 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1391 if (retval
!= ERROR_OK
)
1394 if (address
+ size
* count
!= r0
)
1396 LOG_ERROR("Data transfer failed. Expected end "
1397 "address 0x%08x, got 0x%08x",
1398 (unsigned) (address
+ size
* count
),
1402 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1404 if (arm11_config_memwrite_error_fatal
)
1409 return arm11_run_instr_data_finish(arm11
);
1412 static int arm11_write_memory(struct target
*target
,
1413 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1415 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1418 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1419 static int arm11_bulk_write_memory(struct target
*target
,
1420 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1424 if (target
->state
!= TARGET_HALTED
)
1426 LOG_WARNING("target was not halted");
1427 return ERROR_TARGET_NOT_HALTED
;
1430 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1433 /* target break-/watchpoint control
1434 * rw: 0 = write, 1 = read, 2 = access
1436 static int arm11_add_breakpoint(struct target
*target
,
1437 struct breakpoint
*breakpoint
)
1440 struct arm11_common
*arm11
= target_to_arm11(target
);
1443 if (breakpoint
->type
== BKPT_SOFT
)
1445 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1446 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1450 if (!arm11
->free_brps
)
1452 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1453 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1456 if (breakpoint
->length
!= 4)
1458 LOG_DEBUG("only breakpoints of four bytes length supported");
1459 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1467 static int arm11_remove_breakpoint(struct target
*target
,
1468 struct breakpoint
*breakpoint
)
1471 struct arm11_common
*arm11
= target_to_arm11(target
);
1478 static int arm11_add_watchpoint(struct target
*target
,
1479 struct watchpoint
*watchpoint
)
1481 FNC_INFO_NOTIMPLEMENTED
;
1486 static int arm11_remove_watchpoint(struct target
*target
,
1487 struct watchpoint
*watchpoint
)
1489 FNC_INFO_NOTIMPLEMENTED
;
1494 // HACKHACKHACK - FIXME mode/state
1495 /* target algorithm support */
1496 static int arm11_run_algorithm(struct target
*target
,
1497 int num_mem_params
, struct mem_param
*mem_params
,
1498 int num_reg_params
, struct reg_param
*reg_params
,
1499 uint32_t entry_point
, uint32_t exit_point
,
1500 int timeout_ms
, void *arch_info
)
1502 struct arm11_common
*arm11
= target_to_arm11(target
);
1503 // enum armv4_5_state core_state = arm11->core_state;
1504 // enum armv4_5_mode core_mode = arm11->core_mode;
1505 uint32_t context
[16];
1507 int exit_breakpoint_size
= 0;
1508 int retval
= ERROR_OK
;
1509 LOG_DEBUG("Running algorithm");
1512 if (target
->state
!= TARGET_HALTED
)
1514 LOG_WARNING("target not halted");
1515 return ERROR_TARGET_NOT_HALTED
;
1519 // if (!is_arm_mode(arm11->core_mode))
1520 // return ERROR_FAIL;
1523 for (unsigned i
= 0; i
< 16; i
++)
1525 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1526 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1529 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1530 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1532 for (int i
= 0; i
< num_mem_params
; i
++)
1534 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1537 // Set register parameters
1538 for (int i
= 0; i
< num_reg_params
; i
++)
1540 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1543 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1544 return ERROR_INVALID_ARGUMENTS
;
1547 if (reg
->size
!= reg_params
[i
].size
)
1549 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1550 return ERROR_INVALID_ARGUMENTS
;
1552 arm11_set_reg(reg
,reg_params
[i
].value
);
1553 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1556 exit_breakpoint_size
= 4;
1558 /* arm11->core_state = arm11_algorithm_info->core_state;
1559 if (arm11->core_state == ARMV4_5_STATE_ARM)
1560 exit_breakpoint_size = 4;
1561 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1562 exit_breakpoint_size = 2;
1565 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1571 /* arm11 at this point only supports ARM not THUMB mode
1572 however if this test needs to be reactivated the current state can be read back
1575 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1577 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1578 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1579 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1580 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1584 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1586 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1587 retval
= ERROR_TARGET_FAILURE
;
1591 // no debug, otherwise breakpoint is not set
1592 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1594 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1596 if (target
->state
!= TARGET_HALTED
)
1598 CHECK_RETVAL(target_halt(target
));
1600 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1602 retval
= ERROR_TARGET_TIMEOUT
;
1604 goto del_breakpoint
;
1607 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1609 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1610 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1611 retval
= ERROR_TARGET_TIMEOUT
;
1612 goto del_breakpoint
;
1615 for (int i
= 0; i
< num_mem_params
; i
++)
1617 if (mem_params
[i
].direction
!= PARAM_OUT
)
1618 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1621 for (int i
= 0; i
< num_reg_params
; i
++)
1623 if (reg_params
[i
].direction
!= PARAM_OUT
)
1625 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1628 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1629 retval
= ERROR_INVALID_ARGUMENTS
;
1630 goto del_breakpoint
;
1633 if (reg
->size
!= reg_params
[i
].size
)
1635 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1636 retval
= ERROR_INVALID_ARGUMENTS
;
1637 goto del_breakpoint
;
1640 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1645 breakpoint_remove(target
, exit_point
);
1649 for (size_t i
= 0; i
< 16; i
++)
1651 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1652 arm11
->reg_list
[i
].name
, context
[i
]);
1653 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1655 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1656 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1658 // arm11->core_state = core_state;
1659 // arm11->core_mode = core_mode;
1664 static int arm11_target_create(struct target
*target
, Jim_Interp
*interp
)
1668 NEW(struct arm11_common
, arm11
, 1);
1670 arm11
->target
= target
;
1672 if (target
->tap
== NULL
)
1675 if (target
->tap
->ir_length
!= 5)
1677 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1678 return ERROR_COMMAND_SYNTAX_ERROR
;
1681 armv4_5_init_arch_info(target
, &arm11
->arm
);
1683 arm11
->jtag_info
.tap
= target
->tap
;
1684 arm11
->jtag_info
.scann_size
= 5;
1685 arm11
->jtag_info
.scann_instr
= ARM11_SCAN_N
;
1686 /* cur_scan_chain == 0 */
1687 arm11
->jtag_info
.intest_instr
= ARM11_INTEST
;
1692 static int arm11_init_target(struct command_context
*cmd_ctx
,
1693 struct target
*target
)
1695 /* Initialize anything we can set up without talking to the target */
1697 /* FIXME Switch to use the standard build_reg_cache() not custom
1698 * code. Do it from examine(), after we check whether we're
1699 * an arm1176 and thus support the Secure Monitor mode.
1701 return arm11_build_reg_cache(target
);
1704 /* talk to the target and set things up */
1705 static int arm11_examine(struct target
*target
)
1710 struct arm11_common
*arm11
= target_to_arm11(target
);
1714 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1716 struct scan_field idcode_field
;
1718 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1720 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1724 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1726 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1728 struct scan_field chain0_fields
[2];
1730 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1731 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1733 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields
), chain0_fields
, TAP_IDLE
);
1735 CHECK_RETVAL(jtag_execute_queue());
1737 switch (arm11
->device_id
& 0x0FFFF000)
1746 arm11
->arm
.core_type
= ARM_MODE_MON
;
1750 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1753 LOG_INFO("found %s", type
);
1755 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1757 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1758 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1760 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1764 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1765 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1767 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1768 arm11
->free_brps
= arm11
->brp
;
1769 arm11
->free_wrps
= arm11
->wrp
;
1771 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1773 (int)(arm11
->implementor
),
1776 /* as a side-effect this reads DSCR and thus
1777 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1778 * as suggested by the spec.
1781 retval
= arm11_check_init(arm11
, NULL
);
1782 if (retval
!= ERROR_OK
)
1785 /* ETM on ARM11 still uses original scanchain 6 access mode */
1786 if (arm11
->arm
.etm
&& !target_was_examined(target
)) {
1787 *register_get_last_cache_p(&target
->reg_cache
) =
1788 etm_build_reg_cache(target
, &arm11
->jtag_info
,
1790 retval
= etm_setup(target
);
1793 target_set_examined(target
);
1799 /** Load a register that is marked !valid in the register cache */
1800 static int arm11_get_reg(struct reg
*reg
)
1804 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1806 if (target
->state
!= TARGET_HALTED
)
1808 LOG_WARNING("target was not halted");
1809 return ERROR_TARGET_NOT_HALTED
;
1812 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1815 struct arm11_common
*arm11
= target_to_arm11(target
);
1816 const struct arm11_reg_defs
*arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1822 /** Change a value in the register cache */
1823 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
)
1827 struct target
*target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1828 struct arm11_common
*arm11
= target_to_arm11(target
);
1829 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1831 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1838 static const struct reg_arch_type arm11_reg_type
= {
1839 .get
= arm11_get_reg
,
1840 .set
= arm11_set_reg
,
1843 static int arm11_build_reg_cache(struct target
*target
)
1845 struct arm11_common
*arm11
= target_to_arm11(target
);
1847 NEW(struct reg_cache
, cache
, 1);
1848 NEW(struct reg
, reg_list
, ARM11_REGCACHE_COUNT
);
1849 NEW(struct arm11_reg_state
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1851 arm11
->reg_list
= reg_list
;
1853 /* Build the process context cache */
1854 cache
->name
= "arm11 registers";
1856 cache
->reg_list
= reg_list
;
1857 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1859 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1862 arm11
->core_cache
= cache
;
1863 // armv7m->process_context = cache;
1867 /* Not very elegant assertion */
1868 if (ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11
->reg_values
) ||
1869 ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11_reg_defs
) ||
1870 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1872 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU
" " ZU
" %d)", ARM11_REGCACHE_COUNT
, ARRAY_SIZE(arm11
->reg_values
), ARRAY_SIZE(arm11_reg_defs
), ARM11_RC_MAX
);
1876 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1878 struct reg
* r
= reg_list
+ i
;
1879 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
1880 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
1884 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1887 r
->type
= &arm11_reg_type
;
1891 rs
->target
= target
;
1897 #define ARM11_BOOL_WRAPPER(name, print_name) \
1898 COMMAND_HANDLER(arm11_handle_bool_##name) \
1900 return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
1901 &arm11_config_##name, print_name); \
1904 ARM11_BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
1905 ARM11_BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
1906 ARM11_BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
1907 ARM11_BOOL_WRAPPER(hardware_step
, "hardware single step")
1909 COMMAND_HANDLER(arm11_handle_vcr
)
1915 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], arm11_vcr
);
1918 return ERROR_COMMAND_SYNTAX_ERROR
;
1921 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
1925 static const uint32_t arm11_coproc_instruction_limits
[] =
1927 15, /* coprocessor */
1932 0xFFFFFFFF, /* value */
1935 static int arm11_mrc_inner(struct target
*target
, int cpnum
,
1936 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
1937 uint32_t *value
, bool read
)
1940 struct arm11_common
*arm11
= target_to_arm11(target
);
1942 if (target
->state
!= TARGET_HALTED
)
1944 LOG_ERROR("Target not halted");
1948 uint32_t instr
= 0xEE000010 |
1956 instr
|= 0x00100000;
1958 retval
= arm11_run_instr_data_prepare(arm11
);
1959 if (retval
!= ERROR_OK
)
1964 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
1965 if (retval
!= ERROR_OK
)
1970 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
1971 if (retval
!= ERROR_OK
)
1975 return arm11_run_instr_data_finish(arm11
);
1978 static int arm11_mrc(struct target
*target
, int cpnum
,
1979 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
1981 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
1984 static int arm11_mcr(struct target
*target
, int cpnum
,
1985 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
1987 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
1990 static int arm11_register_commands(struct command_context
*cmd_ctx
)
1994 struct command
*top_cmd
, *mw_cmd
;
1996 armv4_5_register_commands(cmd_ctx
);
1998 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
1999 NULL
, COMMAND_ANY
, NULL
);
2001 /* "hardware_step" is only here to check if the default
2002 * simulate + breakpoint implementation is broken.
2003 * TEMPORARY! NOT DOCUMENTED!
2005 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2006 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2007 "DEBUG ONLY - Hardware single stepping"
2008 " (default: disabled)");
2010 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2011 NULL
, COMMAND_ANY
, NULL
);
2012 register_command(cmd_ctx
, mw_cmd
, "burst",
2013 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2014 "Enable/Disable non-standard but fast burst mode"
2015 " (default: enabled)");
2016 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2017 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2018 "Terminate program if transfer error was found"
2019 " (default: enabled)");
2021 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2022 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2023 "Enable interrupts while stepping"
2024 " (default: disabled)");
2025 register_command(cmd_ctx
, top_cmd
, "vcr",
2026 arm11_handle_vcr
, COMMAND_ANY
,
2027 "Control (Interrupt) Vector Catch Register");
2029 return etm_register_commands(cmd_ctx
);
2032 /** Holds methods for ARM11xx targets. */
2033 struct target_type arm11_target
= {
2037 .arch_state
= arm11_arch_state
,
2039 .target_request_data
= arm11_target_request_data
,
2042 .resume
= arm11_resume
,
2045 .assert_reset
= arm11_assert_reset
,
2046 .deassert_reset
= arm11_deassert_reset
,
2047 .soft_reset_halt
= arm11_soft_reset_halt
,
2049 .get_gdb_reg_list
= arm11_get_gdb_reg_list
,
2051 .read_memory
= arm11_read_memory
,
2052 .write_memory
= arm11_write_memory
,
2054 .bulk_write_memory
= arm11_bulk_write_memory
,
2056 .checksum_memory
= arm_checksum_memory
,
2057 .blank_check_memory
= arm_blank_check_memory
,
2059 .add_breakpoint
= arm11_add_breakpoint
,
2060 .remove_breakpoint
= arm11_remove_breakpoint
,
2061 .add_watchpoint
= arm11_add_watchpoint
,
2062 .remove_watchpoint
= arm11_remove_watchpoint
,
2064 .run_algorithm
= arm11_run_algorithm
,
2066 .register_commands
= arm11_register_commands
,
2067 .target_create
= arm11_target_create
,
2068 .init_target
= arm11_init_target
,
2069 .examine
= arm11_examine
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)