1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
43 static bool arm11_config_memwrite_burst
= true;
44 static bool arm11_config_memwrite_error_fatal
= true;
45 static uint32_t arm11_vcr
= 0;
46 static bool arm11_config_step_irq_enable
= false;
47 static bool arm11_config_hardware_step
= false;
64 ARM11_REGISTER_SPSR_FIQ
,
65 ARM11_REGISTER_SPSR_SVC
,
66 ARM11_REGISTER_SPSR_ABT
,
67 ARM11_REGISTER_SPSR_IRQ
,
68 ARM11_REGISTER_SPSR_UND
,
69 ARM11_REGISTER_SPSR_MON
,
83 enum arm11_regtype type
;
86 /* update arm11_regcache_ids when changing this */
87 static const struct arm11_reg_defs arm11_reg_defs
[] =
89 {"r0", 0, 0, ARM11_REGISTER_CORE
},
90 {"r1", 1, 1, ARM11_REGISTER_CORE
},
91 {"r2", 2, 2, ARM11_REGISTER_CORE
},
92 {"r3", 3, 3, ARM11_REGISTER_CORE
},
93 {"r4", 4, 4, ARM11_REGISTER_CORE
},
94 {"r5", 5, 5, ARM11_REGISTER_CORE
},
95 {"r6", 6, 6, ARM11_REGISTER_CORE
},
96 {"r7", 7, 7, ARM11_REGISTER_CORE
},
97 {"r8", 8, 8, ARM11_REGISTER_CORE
},
98 {"r9", 9, 9, ARM11_REGISTER_CORE
},
99 {"r10", 10, 10, ARM11_REGISTER_CORE
},
100 {"r11", 11, 11, ARM11_REGISTER_CORE
},
101 {"r12", 12, 12, ARM11_REGISTER_CORE
},
102 {"sp", 13, 13, ARM11_REGISTER_CORE
},
103 {"lr", 14, 14, ARM11_REGISTER_CORE
},
104 {"pc", 15, 15, ARM11_REGISTER_CORE
},
106 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
108 /* Debug Registers */
109 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
110 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
111 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
114 enum arm11_regcache_ids
117 ARM11_RC_RX
= ARM11_RC_R0
,
132 ARM11_RC_SP
= ARM11_RC_R13
,
134 ARM11_RC_LR
= ARM11_RC_R14
,
136 ARM11_RC_PC
= ARM11_RC_R15
,
147 /* GDB expects ARMs to give R0..R15, CPSR, and 7 FPA dummies */
148 #define ARM11_GDB_REGISTER_COUNT 26
150 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
);
151 static int arm11_step(struct target
*target
, int current
,
152 uint32_t address
, int handle_breakpoints
);
154 static int arm11_build_reg_cache(struct target
*target
);
155 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
);
156 static int arm11_get_reg(struct reg
*reg
);
159 /** Check and if necessary take control of the system
161 * \param arm11 Target state variable.
162 * \param dscr If the current DSCR content is
163 * available a pointer to a word holding the
164 * DSCR can be passed. Otherwise use NULL.
166 static int arm11_check_init(struct arm11_common
*arm11
, uint32_t *dscr
)
168 uint32_t dscr_local_tmp_copy
;
172 dscr
= &dscr_local_tmp_copy
;
174 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
177 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
179 LOG_DEBUG("Bringing target into debug mode");
181 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
182 arm11_write_DSCR(arm11
, *dscr
);
184 /* add further reset initialization here */
186 arm11
->simulate_reset_on_next_halt
= true;
188 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
190 /** \todo TODO: this needs further scrutiny because
191 * arm11_on_enter_debug_state() never gets properly called.
192 * As a result we don't read the actual register states from
196 arm11
->target
->state
= TARGET_HALTED
;
197 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
201 arm11
->target
->state
= TARGET_RUNNING
;
202 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
205 arm11_sc7_clear_vbw(arm11
);
214 (arm11->reg_values[ARM11_RC_##x])
216 /** Save processor state.
218 * This is called when the HALT instruction has succeeded
219 * or on other occasions that stop the processor.
222 static int arm11_on_enter_debug_state(struct arm11_common
*arm11
)
226 for (size_t i
= 0; i
< ARRAY_SIZE(arm11
->reg_values
); i
++)
228 arm11
->reg_list
[i
].valid
= 1;
229 arm11
->reg_list
[i
].dirty
= 0;
233 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
237 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
239 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
241 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
243 struct scan_field chain5_fields
[3];
245 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
246 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
247 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
249 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
253 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
257 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
258 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
259 ARM1136 seems to require this to issue ITR's as well */
261 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
263 /* this executes JTAG queue: */
265 arm11_write_DSCR(arm11
, new_dscr
);
269 Before executing any instruction in debug state you have to drain the write buffer.
270 This ensures that no imprecise Data Aborts can return at a later point:*/
272 /** \todo TODO: Test drain write buffer. */
277 /* MRC p14,0,R0,c5,c10,0 */
278 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
280 /* mcr 15, 0, r0, cr7, cr10, {4} */
281 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
283 uint32_t dscr
= arm11_read_DSCR(arm11
);
285 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
287 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
289 arm11_run_instr_no_data1(arm11
, 0xe320f000);
291 dscr
= arm11_read_DSCR(arm11
);
293 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
300 retval
= arm11_run_instr_data_prepare(arm11
);
301 if (retval
!= ERROR_OK
)
306 /** \todo TODO: handle other mode registers */
308 for (size_t i
= 0; i
< 15; i
++)
310 /* MCR p14,0,R?,c0,c5,0 */
311 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
312 if (retval
!= ERROR_OK
)
318 /* check rDTRfull in DSCR */
320 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
322 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
323 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
324 if (retval
!= ERROR_OK
)
329 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
334 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
335 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
336 if (retval
!= ERROR_OK
)
341 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
342 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
343 if (retval
!= ERROR_OK
)
346 /* adjust PC depending on ARM state */
348 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
350 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
352 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
354 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
358 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
361 if (arm11
->simulate_reset_on_next_halt
)
363 arm11
->simulate_reset_on_next_halt
= false;
365 LOG_DEBUG("Reset c1 Control Register");
367 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
369 /* MCR p15,0,R0,c1,c0,0 */
370 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
371 if (retval
!= ERROR_OK
)
376 retval
= arm11_run_instr_data_finish(arm11
);
377 if (retval
!= ERROR_OK
)
383 /** Restore processor state
385 * This is called in preparation for the RESTART function.
388 static int arm11_leave_debug_state(struct arm11_common
*arm11
)
392 retval
= arm11_run_instr_data_prepare(arm11
);
393 if (retval
!= ERROR_OK
)
396 /** \todo TODO: handle other mode registers */
398 /* restore R1 - R14 */
400 for (unsigned i
= 1; i
< 15; i
++)
402 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
405 /* MRC p14,0,r?,c0,c5,0 */
406 arm11_run_instr_data_to_core1(arm11
,
407 0xee100e15 | (i
<< 12), R(RX
+ i
));
409 // LOG_DEBUG("RESTORE R%u %08x", i, R(RX + i));
412 retval
= arm11_run_instr_data_finish(arm11
);
413 if (retval
!= ERROR_OK
)
416 /* spec says clear wDTR and rDTR; we assume they are clear as
417 otherwise our programming would be sloppy */
421 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
423 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
426 The wDTR/rDTR two registers that are used to send/receive data to/from
427 the core in tandem with corresponding instruction codes that are
428 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
429 registers hold data that was written by one side (CPU or JTAG) and not
430 read out by the other side.
432 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
437 retval
= arm11_run_instr_data_prepare(arm11
);
438 if (retval
!= ERROR_OK
)
441 /* restore original wDTR */
443 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
445 /* MCR p14,0,R0,c0,c5,0 */
446 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
447 if (retval
!= ERROR_OK
)
454 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
455 if (retval
!= ERROR_OK
)
462 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
463 if (retval
!= ERROR_OK
)
469 /* MRC p14,0,r0,c0,c5,0 */
470 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
472 retval
= arm11_run_instr_data_finish(arm11
);
473 if (retval
!= ERROR_OK
)
478 arm11_write_DSCR(arm11
, R(DSCR
));
482 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
484 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
486 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
488 struct scan_field chain5_fields
[3];
490 uint8_t Ready
= 0; /* ignored */
491 uint8_t Valid
= 0; /* ignored */
493 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
494 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
495 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
497 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
503 /* poll current target status */
504 static int arm11_poll(struct target
*target
)
507 struct arm11_common
*arm11
= target_to_arm11(target
);
510 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
512 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
514 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
516 if (dscr
& ARM11_DSCR_CORE_HALTED
)
518 if (target
->state
!= TARGET_HALTED
)
520 enum target_state old_state
= target
->state
;
522 LOG_DEBUG("enter TARGET_HALTED");
523 target
->state
= TARGET_HALTED
;
524 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
525 retval
= arm11_on_enter_debug_state(arm11
);
526 if (retval
!= ERROR_OK
)
529 target_call_event_callbacks(target
,
530 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
535 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
537 LOG_DEBUG("enter TARGET_RUNNING");
538 target
->state
= TARGET_RUNNING
;
539 target
->debug_reason
= DBG_REASON_NOTHALTED
;
545 /* architecture specific status reply */
546 static int arm11_arch_state(struct target
*target
)
548 struct arm11_common
*arm11
= target_to_arm11(target
);
550 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
551 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
558 /* target request support */
559 static int arm11_target_request_data(struct target
*target
,
560 uint32_t size
, uint8_t *buffer
)
562 LOG_WARNING("Not implemented: %s", __func__
);
567 /* target execution control */
568 static int arm11_halt(struct target
*target
)
570 struct arm11_common
*arm11
= target_to_arm11(target
);
572 LOG_DEBUG("target->state: %s",
573 target_state_name(target
));
575 if (target
->state
== TARGET_UNKNOWN
)
577 arm11
->simulate_reset_on_next_halt
= true;
580 if (target
->state
== TARGET_HALTED
)
582 LOG_DEBUG("target was already halted");
586 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
588 CHECK_RETVAL(jtag_execute_queue());
595 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
597 if (dscr
& ARM11_DSCR_CORE_HALTED
)
608 if ((timeval_ms()-then
) > 1000)
610 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
617 arm11_on_enter_debug_state(arm11
);
619 enum target_state old_state
= target
->state
;
621 target
->state
= TARGET_HALTED
;
622 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
625 target_call_event_callbacks(target
,
626 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
631 static int arm11_resume(struct target
*target
, int current
,
632 uint32_t address
, int handle_breakpoints
, int debug_execution
)
634 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
635 // current, address, handle_breakpoints, debug_execution);
637 struct arm11_common
*arm11
= target_to_arm11(target
);
639 LOG_DEBUG("target->state: %s",
640 target_state_name(target
));
643 if (target
->state
!= TARGET_HALTED
)
645 LOG_ERROR("Target not halted");
646 return ERROR_TARGET_NOT_HALTED
;
652 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
654 /* clear breakpoints/watchpoints and VCR*/
655 arm11_sc7_clear_vbw(arm11
);
657 /* Set up breakpoints */
658 if (!debug_execution
)
660 /* check if one matches PC and step over it if necessary */
662 struct breakpoint
* bp
;
664 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
666 if (bp
->address
== R(PC
))
668 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
669 arm11_step(target
, 1, 0, 0);
674 /* set all breakpoints */
676 unsigned brp_num
= 0;
678 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
680 struct arm11_sc7_action brp
[2];
683 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
684 brp
[0].value
= bp
->address
;
686 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
687 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
689 arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
));
691 LOG_DEBUG("Add BP %d at %08" PRIx32
, brp_num
,
697 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
700 arm11_leave_debug_state(arm11
);
702 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
704 CHECK_RETVAL(jtag_execute_queue());
711 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
713 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
715 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
726 if ((timeval_ms()-then
) > 1000)
728 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
735 if (!debug_execution
)
737 target
->state
= TARGET_RUNNING
;
738 target
->debug_reason
= DBG_REASON_NOTHALTED
;
740 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
744 target
->state
= TARGET_DEBUG_RUNNING
;
745 target
->debug_reason
= DBG_REASON_NOTHALTED
;
747 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
754 static int armv4_5_to_arm11(int reg
)
761 return ARM11_RC_CPSR
;
763 /* FIX!!! handle thumb better! */
764 return ARM11_RC_CPSR
;
766 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
772 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
774 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
776 reg
=armv4_5_to_arm11(reg
);
778 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
781 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
,
782 int reg
, uint32_t value
)
784 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
786 reg
=armv4_5_to_arm11(reg
);
788 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
791 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
,
794 struct arm11_common
* arm11
= (struct arm11_common
*)sim
->user_data
;
796 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
799 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
801 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
803 /* FIX!!!! we should implement thumb for arm11 */
804 return ARMV4_5_STATE_ARM
;
807 static void arm11_sim_set_state(struct arm_sim_interface
*sim
,
808 enum armv4_5_state mode
)
810 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
812 /* FIX!!!! we should implement thumb for arm11 */
813 LOG_ERROR("Not implemented: %s", __func__
);
817 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
819 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
821 /* FIX!!!! we should implement something that returns the current mode here!!! */
822 return ARMV4_5_MODE_USR
;
825 static int arm11_simulate_step(struct target
*target
, uint32_t *dry_run_pc
)
827 struct arm_sim_interface sim
;
829 sim
.user_data
=target
->arch_info
;
830 sim
.get_reg
=&arm11_sim_get_reg
;
831 sim
.set_reg
=&arm11_sim_set_reg
;
832 sim
.get_reg_mode
=&arm11_sim_get_reg
;
833 sim
.set_reg_mode
=&arm11_sim_set_reg
;
834 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
835 sim
.get_mode
=&arm11_sim_get_mode
;
836 sim
.get_state
=&arm11_sim_get_state
;
837 sim
.set_state
=&arm11_sim_set_state
;
839 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
843 static int arm11_step(struct target
*target
, int current
,
844 uint32_t address
, int handle_breakpoints
)
846 LOG_DEBUG("target->state: %s",
847 target_state_name(target
));
849 if (target
->state
!= TARGET_HALTED
)
851 LOG_WARNING("target was not halted");
852 return ERROR_TARGET_NOT_HALTED
;
855 struct arm11_common
*arm11
= target_to_arm11(target
);
860 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
863 /** \todo TODO: Thumb not supported here */
865 uint32_t next_instruction
;
867 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
870 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
873 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
874 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
875 LOG_DEBUG("Skipping BKPT");
877 /* skip over Wait for interrupt / Standby */
878 /* mcr 15, 0, r?, cr7, cr0, {4} */
879 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
882 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
883 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
884 LOG_DEBUG("Skipping WFI");
886 /* ignore B to self */
887 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
889 LOG_DEBUG("Not stepping jump to self");
893 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
896 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
897 * the VCR might be something worth looking into. */
900 /* Set up breakpoint for stepping */
902 struct arm11_sc7_action brp
[2];
905 brp
[0].address
= ARM11_SC7_BVR0
;
907 brp
[1].address
= ARM11_SC7_BCR0
;
909 if (arm11_config_hardware_step
)
911 /* hardware single stepping be used if possible or is it better to
912 * always use the same code path? Hardware single stepping is not supported
915 brp
[0].value
= R(PC
);
916 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
919 /* sets a breakpoint on the next PC(calculated by simulation),
923 retval
= arm11_simulate_step(target
, &next_pc
);
924 if (retval
!= ERROR_OK
)
927 brp
[0].value
= next_pc
;
928 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
931 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, ARRAY_SIZE(brp
)));
936 if (arm11_config_step_irq_enable
)
937 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
939 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
942 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
944 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
946 CHECK_RETVAL(jtag_execute_queue());
954 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
956 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
958 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
959 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
969 if ((timeval_ms()-then
) > 1000)
971 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
978 /* clear breakpoint */
979 arm11_sc7_clear_vbw(arm11
);
982 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
984 /* restore default state */
985 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
989 // target->state = TARGET_HALTED;
990 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
992 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
997 static int arm11_assert_reset(struct target
*target
)
1000 struct arm11_common
*arm11
= target_to_arm11(target
);
1002 retval
= arm11_check_init(arm11
, NULL
);
1003 if (retval
!= ERROR_OK
)
1006 target
->state
= TARGET_UNKNOWN
;
1008 /* we would very much like to reset into the halted, state,
1009 * but resetting and halting is second best... */
1010 if (target
->reset_halt
)
1012 CHECK_RETVAL(target_halt(target
));
1016 /* srst is funny. We can not do *anything* else while it's asserted
1017 * and it has unkonwn side effects. Make sure no other code runs
1020 * Code below assumes srst:
1022 * - Causes power-on-reset (but of what parts of the system?). Bug
1025 * - Messes us TAP state without asserting trst.
1027 * - There is another bug in the arm11 core. When you generate an access to
1028 * external logic (for example ddr controller via AHB bus) and that block
1029 * is not configured (perhaps it is still held in reset), that transaction
1030 * will never complete. This will hang arm11 core but it will also hang
1031 * JTAG controller. Nothing, short of srst assertion will bring it out of
1036 * - What should the PC be after an srst reset when starting in the halted
1040 jtag_add_reset(0, 1);
1041 jtag_add_reset(0, 0);
1043 /* How long do we have to wait? */
1044 jtag_add_sleep(5000);
1046 /* un-mess up TAP state */
1049 retval
= jtag_execute_queue();
1050 if (retval
!= ERROR_OK
)
1058 static int arm11_deassert_reset(struct target
*target
)
1063 static int arm11_soft_reset_halt(struct target
*target
)
1065 LOG_WARNING("Not implemented: %s", __func__
);
1070 /* target register access for gdb */
1071 static int arm11_get_gdb_reg_list(struct target
*target
,
1072 struct reg
**reg_list
[], int *reg_list_size
)
1074 struct arm11_common
*arm11
= target_to_arm11(target
);
1076 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1077 *reg_list
= malloc(sizeof(struct reg
*) * ARM11_GDB_REGISTER_COUNT
);
1079 /* nine unused legacy FPA registers are expected by GDB */
1080 for (size_t i
= 16; i
< 24; i
++)
1081 (*reg_list
)[i
] = &arm_gdb_dummy_fp_reg
;
1082 (*reg_list
)[24] = &arm_gdb_dummy_fps_reg
;
1084 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1086 if (arm11_reg_defs
[i
].gdb_num
== -1)
1089 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1095 /* target memory access
1096 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1097 * count: number of items of <size>
1099 * arm11_config_memrw_no_increment - in the future we may want to be able
1100 * to read/write a range of data to a "port". a "port" is an action on
1101 * read memory address for some peripheral.
1103 static int arm11_read_memory_inner(struct target
*target
,
1104 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1105 bool arm11_config_memrw_no_increment
)
1107 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1110 if (target
->state
!= TARGET_HALTED
)
1112 LOG_WARNING("target was not halted");
1113 return ERROR_TARGET_NOT_HALTED
;
1116 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1118 struct arm11_common
*arm11
= target_to_arm11(target
);
1120 retval
= arm11_run_instr_data_prepare(arm11
);
1121 if (retval
!= ERROR_OK
)
1124 /* MRC p14,0,r0,c0,c5,0 */
1125 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1126 if (retval
!= ERROR_OK
)
1132 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1133 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1135 for (size_t i
= 0; i
< count
; i
++)
1137 /* ldrb r1, [r0], #1 */
1139 arm11_run_instr_no_data1(arm11
,
1140 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1143 /* MCR p14,0,R1,c0,c5,0 */
1144 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1153 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1155 for (size_t i
= 0; i
< count
; i
++)
1157 /* ldrh r1, [r0], #2 */
1158 arm11_run_instr_no_data1(arm11
,
1159 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1163 /* MCR p14,0,R1,c0,c5,0 */
1164 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1166 uint16_t svalue
= res
;
1167 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1175 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1176 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1177 uint32_t *words
= (uint32_t *)buffer
;
1179 /* LDC p14,c5,[R0],#4 */
1180 /* LDC p14,c5,[R0] */
1181 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1186 return arm11_run_instr_data_finish(arm11
);
1189 static int arm11_read_memory(struct target
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1191 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1195 * arm11_config_memrw_no_increment - in the future we may want to be able
1196 * to read/write a range of data to a "port". a "port" is an action on
1197 * read memory address for some peripheral.
1199 static int arm11_write_memory_inner(struct target
*target
,
1200 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1201 bool arm11_config_memrw_no_increment
)
1205 if (target
->state
!= TARGET_HALTED
)
1207 LOG_WARNING("target was not halted");
1208 return ERROR_TARGET_NOT_HALTED
;
1211 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1213 struct arm11_common
*arm11
= target_to_arm11(target
);
1215 retval
= arm11_run_instr_data_prepare(arm11
);
1216 if (retval
!= ERROR_OK
)
1219 /* MRC p14,0,r0,c0,c5,0 */
1220 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1221 if (retval
!= ERROR_OK
)
1224 /* burst writes are not used for single words as those may well be
1225 * reset init script writes.
1227 * The other advantage is that as burst writes are default, we'll
1228 * now exercise both burst and non-burst code paths with the
1229 * default settings, increasing code coverage.
1231 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1237 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1239 for (size_t i
= 0; i
< count
; i
++)
1241 /* MRC p14,0,r1,c0,c5,0 */
1242 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1243 if (retval
!= ERROR_OK
)
1246 /* strb r1, [r0], #1 */
1248 retval
= arm11_run_instr_no_data1(arm11
,
1249 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1250 if (retval
!= ERROR_OK
)
1259 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1261 for (size_t i
= 0; i
< count
; i
++)
1264 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1266 /* MRC p14,0,r1,c0,c5,0 */
1267 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1268 if (retval
!= ERROR_OK
)
1271 /* strh r1, [r0], #2 */
1273 retval
= arm11_run_instr_no_data1(arm11
,
1274 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1275 if (retval
!= ERROR_OK
)
1283 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1285 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1286 uint32_t *words
= (uint32_t*)buffer
;
1290 /* STC p14,c5,[R0],#4 */
1291 /* STC p14,c5,[R0]*/
1292 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1293 if (retval
!= ERROR_OK
)
1298 /* STC p14,c5,[R0],#4 */
1299 /* STC p14,c5,[R0]*/
1300 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1301 if (retval
!= ERROR_OK
)
1309 /* r0 verification */
1310 if (!arm11_config_memrw_no_increment
)
1314 /* MCR p14,0,R0,c0,c5,0 */
1315 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1316 if (retval
!= ERROR_OK
)
1319 if (address
+ size
* count
!= r0
)
1321 LOG_ERROR("Data transfer failed. Expected end "
1322 "address 0x%08x, got 0x%08x",
1323 (unsigned) (address
+ size
* count
),
1327 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1329 if (arm11_config_memwrite_error_fatal
)
1334 return arm11_run_instr_data_finish(arm11
);
1337 static int arm11_write_memory(struct target
*target
,
1338 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1340 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1343 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1344 static int arm11_bulk_write_memory(struct target
*target
,
1345 uint32_t address
, uint32_t count
, uint8_t *buffer
)
1347 if (target
->state
!= TARGET_HALTED
)
1349 LOG_WARNING("target was not halted");
1350 return ERROR_TARGET_NOT_HALTED
;
1353 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1356 /* target break-/watchpoint control
1357 * rw: 0 = write, 1 = read, 2 = access
1359 static int arm11_add_breakpoint(struct target
*target
,
1360 struct breakpoint
*breakpoint
)
1362 struct arm11_common
*arm11
= target_to_arm11(target
);
1365 if (breakpoint
->type
== BKPT_SOFT
)
1367 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1368 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1372 if (!arm11
->free_brps
)
1374 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1375 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1378 if (breakpoint
->length
!= 4)
1380 LOG_DEBUG("only breakpoints of four bytes length supported");
1381 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1389 static int arm11_remove_breakpoint(struct target
*target
,
1390 struct breakpoint
*breakpoint
)
1392 struct arm11_common
*arm11
= target_to_arm11(target
);
1399 static int arm11_add_watchpoint(struct target
*target
,
1400 struct watchpoint
*watchpoint
)
1402 LOG_WARNING("Not implemented: %s", __func__
);
1407 static int arm11_remove_watchpoint(struct target
*target
,
1408 struct watchpoint
*watchpoint
)
1410 LOG_WARNING("Not implemented: %s", __func__
);
1415 // HACKHACKHACK - FIXME mode/state
1416 /* target algorithm support */
1417 static int arm11_run_algorithm(struct target
*target
,
1418 int num_mem_params
, struct mem_param
*mem_params
,
1419 int num_reg_params
, struct reg_param
*reg_params
,
1420 uint32_t entry_point
, uint32_t exit_point
,
1421 int timeout_ms
, void *arch_info
)
1423 struct arm11_common
*arm11
= target_to_arm11(target
);
1424 // enum armv4_5_state core_state = arm11->core_state;
1425 // enum armv4_5_mode core_mode = arm11->core_mode;
1426 uint32_t context
[16];
1428 int exit_breakpoint_size
= 0;
1429 int retval
= ERROR_OK
;
1430 LOG_DEBUG("Running algorithm");
1433 if (target
->state
!= TARGET_HALTED
)
1435 LOG_WARNING("target not halted");
1436 return ERROR_TARGET_NOT_HALTED
;
1440 // if (!is_arm_mode(arm11->core_mode))
1441 // return ERROR_FAIL;
1444 for (unsigned i
= 0; i
< 16; i
++)
1446 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1447 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1450 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1451 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1453 for (int i
= 0; i
< num_mem_params
; i
++)
1455 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1458 // Set register parameters
1459 for (int i
= 0; i
< num_reg_params
; i
++)
1461 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1464 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1465 return ERROR_INVALID_ARGUMENTS
;
1468 if (reg
->size
!= reg_params
[i
].size
)
1470 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1471 return ERROR_INVALID_ARGUMENTS
;
1473 arm11_set_reg(reg
,reg_params
[i
].value
);
1474 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1477 exit_breakpoint_size
= 4;
1479 /* arm11->core_state = arm11_algorithm_info->core_state;
1480 if (arm11->core_state == ARMV4_5_STATE_ARM)
1481 exit_breakpoint_size = 4;
1482 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1483 exit_breakpoint_size = 2;
1486 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1492 /* arm11 at this point only supports ARM not THUMB mode
1493 however if this test needs to be reactivated the current state can be read back
1496 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1498 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1499 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1500 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1501 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1505 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1507 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1508 retval
= ERROR_TARGET_FAILURE
;
1512 // no debug, otherwise breakpoint is not set
1513 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1515 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1517 if (target
->state
!= TARGET_HALTED
)
1519 CHECK_RETVAL(target_halt(target
));
1521 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1523 retval
= ERROR_TARGET_TIMEOUT
;
1525 goto del_breakpoint
;
1528 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1530 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1531 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1532 retval
= ERROR_TARGET_TIMEOUT
;
1533 goto del_breakpoint
;
1536 for (int i
= 0; i
< num_mem_params
; i
++)
1538 if (mem_params
[i
].direction
!= PARAM_OUT
)
1539 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1542 for (int i
= 0; i
< num_reg_params
; i
++)
1544 if (reg_params
[i
].direction
!= PARAM_OUT
)
1546 struct reg
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1549 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1550 retval
= ERROR_INVALID_ARGUMENTS
;
1551 goto del_breakpoint
;
1554 if (reg
->size
!= reg_params
[i
].size
)
1556 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1557 retval
= ERROR_INVALID_ARGUMENTS
;
1558 goto del_breakpoint
;
1561 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1566 breakpoint_remove(target
, exit_point
);
1570 for (size_t i
= 0; i
< 16; i
++)
1572 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1573 arm11
->reg_list
[i
].name
, context
[i
]);
1574 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1576 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1577 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1579 // arm11->core_state = core_state;
1580 // arm11->core_mode = core_mode;
1585 static int arm11_target_create(struct target
*target
, Jim_Interp
*interp
)
1587 struct arm11_common
*arm11
;
1589 if (target
->tap
== NULL
)
1592 if (target
->tap
->ir_length
!= 5)
1594 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1595 return ERROR_COMMAND_SYNTAX_ERROR
;
1598 arm11
= calloc(1, sizeof *arm11
);
1602 armv4_5_init_arch_info(target
, &arm11
->arm
);
1604 arm11
->target
= target
;
1606 arm11
->jtag_info
.tap
= target
->tap
;
1607 arm11
->jtag_info
.scann_size
= 5;
1608 arm11
->jtag_info
.scann_instr
= ARM11_SCAN_N
;
1609 /* cur_scan_chain == 0 */
1610 arm11
->jtag_info
.intest_instr
= ARM11_INTEST
;
1615 static int arm11_init_target(struct command_context
*cmd_ctx
,
1616 struct target
*target
)
1618 /* Initialize anything we can set up without talking to the target */
1620 /* FIXME Switch to use the standard build_reg_cache() not custom
1621 * code. Do it from examine(), after we check whether we're
1622 * an arm1176 and thus support the Secure Monitor mode.
1624 return arm11_build_reg_cache(target
);
1627 /* talk to the target and set things up */
1628 static int arm11_examine(struct target
*target
)
1632 struct arm11_common
*arm11
= target_to_arm11(target
);
1633 uint32_t didr
, device_id
;
1634 uint8_t implementor
;
1638 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1640 struct scan_field idcode_field
;
1642 arm11_setup_field(arm11
, 32, NULL
, &device_id
, &idcode_field
);
1644 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1648 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1650 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1652 struct scan_field chain0_fields
[2];
1654 arm11_setup_field(arm11
, 32, NULL
, &didr
, chain0_fields
+ 0);
1655 arm11_setup_field(arm11
, 8, NULL
, &implementor
, chain0_fields
+ 1);
1657 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields
), chain0_fields
, TAP_IDLE
);
1659 CHECK_RETVAL(jtag_execute_queue());
1661 switch (device_id
& 0x0FFFF000)
1670 arm11
->arm
.core_type
= ARM_MODE_MON
;
1674 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1677 LOG_INFO("found %s", type
);
1679 /* unlikely this could ever fail, but ... */
1680 switch ((didr
>> 16) & 0x0F) {
1681 case ARM11_DEBUG_V6
:
1682 case ARM11_DEBUG_V61
: /* supports security extensions */
1685 LOG_ERROR("Only ARM v6 and v6.1 debug supported.");
1689 arm11
->brp
= ((didr
>> 24) & 0x0F) + 1;
1690 arm11
->wrp
= ((didr
>> 28) & 0x0F) + 1;
1692 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1693 arm11
->free_brps
= arm11
->brp
;
1694 arm11
->free_wrps
= arm11
->wrp
;
1696 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
,
1697 device_id
, implementor
, didr
);
1699 /* as a side-effect this reads DSCR and thus
1700 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1701 * as suggested by the spec.
1704 retval
= arm11_check_init(arm11
, NULL
);
1705 if (retval
!= ERROR_OK
)
1708 /* ETM on ARM11 still uses original scanchain 6 access mode */
1709 if (arm11
->arm
.etm
&& !target_was_examined(target
)) {
1710 *register_get_last_cache_p(&target
->reg_cache
) =
1711 etm_build_reg_cache(target
, &arm11
->jtag_info
,
1713 retval
= etm_setup(target
);
1716 target_set_examined(target
);
1722 /** Load a register that is marked !valid in the register cache */
1723 static int arm11_get_reg(struct reg
*reg
)
1725 struct target
* target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1727 if (target
->state
!= TARGET_HALTED
)
1729 LOG_WARNING("target was not halted");
1730 return ERROR_TARGET_NOT_HALTED
;
1733 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1736 struct arm11_common
*arm11
= target_to_arm11(target
);
1737 const struct arm11_reg_defs
*arm11_reg_info
= arm11_reg_defs
+ ((struct arm11_reg_state
*)reg
->arch_info
)->def_index
;
1743 /** Change a value in the register cache */
1744 static int arm11_set_reg(struct reg
*reg
, uint8_t *buf
)
1746 struct target
*target
= ((struct arm11_reg_state
*)reg
->arch_info
)->target
;
1747 struct arm11_common
*arm11
= target_to_arm11(target
);
1748 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1750 arm11
->reg_values
[((struct arm11_reg_state
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1757 static const struct reg_arch_type arm11_reg_type
= {
1758 .get
= arm11_get_reg
,
1759 .set
= arm11_set_reg
,
1762 static int arm11_build_reg_cache(struct target
*target
)
1764 struct arm11_common
*arm11
= target_to_arm11(target
);
1765 struct reg_cache
*cache
;
1766 struct reg
*reg_list
;
1767 struct arm11_reg_state
*arm11_reg_states
;
1769 cache
= calloc(1, sizeof *cache
);
1770 reg_list
= calloc(ARM11_REGCACHE_COUNT
, sizeof *reg_list
);
1771 arm11_reg_states
= calloc(ARM11_REGCACHE_COUNT
,
1772 sizeof *arm11_reg_states
);
1773 if (!cache
|| !reg_list
|| !arm11_reg_states
) {
1776 free(arm11_reg_states
);
1780 arm11
->reg_list
= reg_list
;
1782 /* Build the process context cache */
1783 cache
->name
= "arm11 registers";
1785 cache
->reg_list
= reg_list
;
1786 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1788 struct reg_cache
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1791 arm11
->core_cache
= cache
;
1792 // armv7m->process_context = cache;
1796 /* Not very elegant assertion */
1797 if (ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11
->reg_values
) ||
1798 ARM11_REGCACHE_COUNT
!= ARRAY_SIZE(arm11_reg_defs
) ||
1799 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1801 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d %u %u %d)",
1802 ARM11_REGCACHE_COUNT
,
1803 (unsigned) ARRAY_SIZE(arm11
->reg_values
),
1804 (unsigned) ARRAY_SIZE(arm11_reg_defs
),
1806 /* FIXME minimally, use a build_bug_on(X) mechanism;
1807 * runtime exit() here is bad!
1812 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1814 struct reg
* r
= reg_list
+ i
;
1815 const struct arm11_reg_defs
* rd
= arm11_reg_defs
+ i
;
1816 struct arm11_reg_state
* rs
= arm11_reg_states
+ i
;
1820 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
1823 r
->type
= &arm11_reg_type
;
1827 rs
->target
= target
;
1833 #define ARM11_BOOL_WRAPPER(name, print_name) \
1834 COMMAND_HANDLER(arm11_handle_bool_##name) \
1836 return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
1837 &arm11_config_##name, print_name); \
1840 ARM11_BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
1841 ARM11_BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
1842 ARM11_BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
1843 ARM11_BOOL_WRAPPER(hardware_step
, "hardware single step")
1845 COMMAND_HANDLER(arm11_handle_vcr
)
1851 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], arm11_vcr
);
1854 return ERROR_COMMAND_SYNTAX_ERROR
;
1857 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
1861 static const uint32_t arm11_coproc_instruction_limits
[] =
1863 15, /* coprocessor */
1868 0xFFFFFFFF, /* value */
1871 static int arm11_mrc_inner(struct target
*target
, int cpnum
,
1872 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
,
1873 uint32_t *value
, bool read
)
1876 struct arm11_common
*arm11
= target_to_arm11(target
);
1878 if (target
->state
!= TARGET_HALTED
)
1880 LOG_ERROR("Target not halted");
1884 uint32_t instr
= 0xEE000010 |
1892 instr
|= 0x00100000;
1894 retval
= arm11_run_instr_data_prepare(arm11
);
1895 if (retval
!= ERROR_OK
)
1900 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
1901 if (retval
!= ERROR_OK
)
1906 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
1907 if (retval
!= ERROR_OK
)
1911 return arm11_run_instr_data_finish(arm11
);
1914 static int arm11_mrc(struct target
*target
, int cpnum
,
1915 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
1917 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
1920 static int arm11_mcr(struct target
*target
, int cpnum
,
1921 uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
1923 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
1926 static int arm11_register_commands(struct command_context
*cmd_ctx
)
1928 struct command
*top_cmd
, *mw_cmd
;
1930 armv4_5_register_commands(cmd_ctx
);
1932 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
1933 NULL
, COMMAND_ANY
, NULL
);
1935 /* "hardware_step" is only here to check if the default
1936 * simulate + breakpoint implementation is broken.
1937 * TEMPORARY! NOT DOCUMENTED!
1939 register_command(cmd_ctx
, top_cmd
, "hardware_step",
1940 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
1941 "DEBUG ONLY - Hardware single stepping"
1942 " (default: disabled)");
1944 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
1945 NULL
, COMMAND_ANY
, NULL
);
1946 register_command(cmd_ctx
, mw_cmd
, "burst",
1947 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
1948 "Enable/Disable non-standard but fast burst mode"
1949 " (default: enabled)");
1950 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
1951 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
1952 "Terminate program if transfer error was found"
1953 " (default: enabled)");
1955 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
1956 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
1957 "Enable interrupts while stepping"
1958 " (default: disabled)");
1959 register_command(cmd_ctx
, top_cmd
, "vcr",
1960 arm11_handle_vcr
, COMMAND_ANY
,
1961 "Control (Interrupt) Vector Catch Register");
1963 return etm_register_commands(cmd_ctx
);
1966 /** Holds methods for ARM11xx targets. */
1967 struct target_type arm11_target
= {
1971 .arch_state
= arm11_arch_state
,
1973 .target_request_data
= arm11_target_request_data
,
1976 .resume
= arm11_resume
,
1979 .assert_reset
= arm11_assert_reset
,
1980 .deassert_reset
= arm11_deassert_reset
,
1981 .soft_reset_halt
= arm11_soft_reset_halt
,
1983 .get_gdb_reg_list
= arm11_get_gdb_reg_list
,
1985 .read_memory
= arm11_read_memory
,
1986 .write_memory
= arm11_write_memory
,
1988 .bulk_write_memory
= arm11_bulk_write_memory
,
1990 .checksum_memory
= arm_checksum_memory
,
1991 .blank_check_memory
= arm_blank_check_memory
,
1993 .add_breakpoint
= arm11_add_breakpoint
,
1994 .remove_breakpoint
= arm11_remove_breakpoint
,
1995 .add_watchpoint
= arm11_add_watchpoint
,
1996 .remove_watchpoint
= arm11_remove_watchpoint
,
1998 .run_algorithm
= arm11_run_algorithm
,
2000 .register_commands
= arm11_register_commands
,
2001 .target_create
= arm11_target_create
,
2002 .init_target
= arm11_init_target
,
2003 .examine
= arm11_examine
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)