1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
31 #include "arm_simulator.h"
32 #include "time_support.h"
33 #include "target_type.h"
37 #define _DEBUG_INSTRUCTION_EXECUTION_
41 #define FNC_INFO LOG_DEBUG("-")
47 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
49 #define FNC_INFO_NOTIMPLEMENTED
52 static int arm11_on_enter_debug_state(arm11_common_t
* arm11
);
54 bool arm11_config_memwrite_burst
= true;
55 bool arm11_config_memwrite_error_fatal
= true;
56 uint32_t arm11_vcr
= 0;
57 bool arm11_config_step_irq_enable
= false;
58 bool arm11_config_hardware_step
= false;
60 #define ARM11_HANDLER(x) \
64 static int arm11_mrc(target_t
*target
, int cpnum
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
);
65 static int arm11_mcr(target_t
*target
, int cpnum
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
);
67 target_type_t arm11_target
=
72 ARM11_HANDLER(arch_state
),
74 ARM11_HANDLER(target_request_data
),
77 ARM11_HANDLER(resume
),
80 ARM11_HANDLER(assert_reset
),
81 ARM11_HANDLER(deassert_reset
),
82 ARM11_HANDLER(soft_reset_halt
),
84 ARM11_HANDLER(get_gdb_reg_list
),
86 ARM11_HANDLER(read_memory
),
87 ARM11_HANDLER(write_memory
),
89 ARM11_HANDLER(bulk_write_memory
),
91 ARM11_HANDLER(checksum_memory
),
93 ARM11_HANDLER(add_breakpoint
),
94 ARM11_HANDLER(remove_breakpoint
),
95 ARM11_HANDLER(add_watchpoint
),
96 ARM11_HANDLER(remove_watchpoint
),
98 ARM11_HANDLER(run_algorithm
),
100 ARM11_HANDLER(register_commands
),
101 ARM11_HANDLER(target_create
),
102 ARM11_HANDLER(init_target
),
103 ARM11_HANDLER(examine
),
109 int arm11_regs_arch_type
= -1;
127 ARM11_REGISTER_SPSR_FIQ
,
128 ARM11_REGISTER_SPSR_SVC
,
129 ARM11_REGISTER_SPSR_ABT
,
130 ARM11_REGISTER_SPSR_IRQ
,
131 ARM11_REGISTER_SPSR_UND
,
132 ARM11_REGISTER_SPSR_MON
,
141 typedef struct arm11_reg_defs_s
146 enum arm11_regtype type
;
149 /* update arm11_regcache_ids when changing this */
150 static const arm11_reg_defs_t arm11_reg_defs
[] =
152 {"r0", 0, 0, ARM11_REGISTER_CORE
},
153 {"r1", 1, 1, ARM11_REGISTER_CORE
},
154 {"r2", 2, 2, ARM11_REGISTER_CORE
},
155 {"r3", 3, 3, ARM11_REGISTER_CORE
},
156 {"r4", 4, 4, ARM11_REGISTER_CORE
},
157 {"r5", 5, 5, ARM11_REGISTER_CORE
},
158 {"r6", 6, 6, ARM11_REGISTER_CORE
},
159 {"r7", 7, 7, ARM11_REGISTER_CORE
},
160 {"r8", 8, 8, ARM11_REGISTER_CORE
},
161 {"r9", 9, 9, ARM11_REGISTER_CORE
},
162 {"r10", 10, 10, ARM11_REGISTER_CORE
},
163 {"r11", 11, 11, ARM11_REGISTER_CORE
},
164 {"r12", 12, 12, ARM11_REGISTER_CORE
},
165 {"sp", 13, 13, ARM11_REGISTER_CORE
},
166 {"lr", 14, 14, ARM11_REGISTER_CORE
},
167 {"pc", 15, 15, ARM11_REGISTER_CORE
},
169 #if ARM11_REGCACHE_FREGS
170 {"f0", 0, 16, ARM11_REGISTER_FX
},
171 {"f1", 1, 17, ARM11_REGISTER_FX
},
172 {"f2", 2, 18, ARM11_REGISTER_FX
},
173 {"f3", 3, 19, ARM11_REGISTER_FX
},
174 {"f4", 4, 20, ARM11_REGISTER_FX
},
175 {"f5", 5, 21, ARM11_REGISTER_FX
},
176 {"f6", 6, 22, ARM11_REGISTER_FX
},
177 {"f7", 7, 23, ARM11_REGISTER_FX
},
178 {"fps", 0, 24, ARM11_REGISTER_FPS
},
181 {"cpsr", 0, 25, ARM11_REGISTER_CPSR
},
183 #if ARM11_REGCACHE_MODEREGS
184 {"r8_fiq", 8, -1, ARM11_REGISTER_FIQ
},
185 {"r9_fiq", 9, -1, ARM11_REGISTER_FIQ
},
186 {"r10_fiq", 10, -1, ARM11_REGISTER_FIQ
},
187 {"r11_fiq", 11, -1, ARM11_REGISTER_FIQ
},
188 {"r12_fiq", 12, -1, ARM11_REGISTER_FIQ
},
189 {"r13_fiq", 13, -1, ARM11_REGISTER_FIQ
},
190 {"r14_fiq", 14, -1, ARM11_REGISTER_FIQ
},
191 {"spsr_fiq", 0, -1, ARM11_REGISTER_SPSR_FIQ
},
193 {"r13_svc", 13, -1, ARM11_REGISTER_SVC
},
194 {"r14_svc", 14, -1, ARM11_REGISTER_SVC
},
195 {"spsr_svc", 0, -1, ARM11_REGISTER_SPSR_SVC
},
197 {"r13_abt", 13, -1, ARM11_REGISTER_ABT
},
198 {"r14_abt", 14, -1, ARM11_REGISTER_ABT
},
199 {"spsr_abt", 0, -1, ARM11_REGISTER_SPSR_ABT
},
201 {"r13_irq", 13, -1, ARM11_REGISTER_IRQ
},
202 {"r14_irq", 14, -1, ARM11_REGISTER_IRQ
},
203 {"spsr_irq", 0, -1, ARM11_REGISTER_SPSR_IRQ
},
205 {"r13_und", 13, -1, ARM11_REGISTER_UND
},
206 {"r14_und", 14, -1, ARM11_REGISTER_UND
},
207 {"spsr_und", 0, -1, ARM11_REGISTER_SPSR_UND
},
210 {"r13_mon", 13, -1, ARM11_REGISTER_MON
},
211 {"r14_mon", 14, -1, ARM11_REGISTER_MON
},
212 {"spsr_mon", 0, -1, ARM11_REGISTER_SPSR_MON
},
215 /* Debug Registers */
216 {"dscr", 0, -1, ARM11_REGISTER_DSCR
},
217 {"wdtr", 0, -1, ARM11_REGISTER_WDTR
},
218 {"rdtr", 0, -1, ARM11_REGISTER_RDTR
},
221 enum arm11_regcache_ids
224 ARM11_RC_RX
= ARM11_RC_R0
,
239 ARM11_RC_SP
= ARM11_RC_R13
,
241 ARM11_RC_LR
= ARM11_RC_R14
,
243 ARM11_RC_PC
= ARM11_RC_R15
,
245 #if ARM11_REGCACHE_FREGS
247 ARM11_RC_FX
= ARM11_RC_F0
,
260 #if ARM11_REGCACHE_MODEREGS
298 #define ARM11_GDB_REGISTER_COUNT 26
300 uint8_t arm11_gdb_dummy_fp_value
[] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
302 reg_t arm11_gdb_dummy_fp_reg
=
304 "GDB dummy floating-point register", arm11_gdb_dummy_fp_value
, 0, 1, 96, NULL
, 0, NULL
, 0
307 uint8_t arm11_gdb_dummy_fps_value
[] = {0, 0, 0, 0};
309 reg_t arm11_gdb_dummy_fps_reg
=
311 "GDB dummy floating-point status register", arm11_gdb_dummy_fps_value
, 0, 1, 32, NULL
, 0, NULL
, 0
316 /** Check and if necessary take control of the system
318 * \param arm11 Target state variable.
319 * \param dscr If the current DSCR content is
320 * available a pointer to a word holding the
321 * DSCR can be passed. Otherwise use NULL.
323 int arm11_check_init(arm11_common_t
* arm11
, uint32_t * dscr
)
327 uint32_t dscr_local_tmp_copy
;
331 dscr
= &dscr_local_tmp_copy
;
333 CHECK_RETVAL(arm11_read_DSCR(arm11
, dscr
));
336 if (!(*dscr
& ARM11_DSCR_MODE_SELECT
))
338 LOG_DEBUG("Bringing target into debug mode");
340 *dscr
|= ARM11_DSCR_MODE_SELECT
; /* Halt debug-mode */
341 arm11_write_DSCR(arm11
, *dscr
);
343 /* add further reset initialization here */
345 arm11
->simulate_reset_on_next_halt
= true;
347 if (*dscr
& ARM11_DSCR_CORE_HALTED
)
349 /** \todo TODO: this needs further scrutiny because
350 * arm11_on_enter_debug_state() never gets properly called.
351 * As a result we don't read the actual register states from
355 arm11
->target
->state
= TARGET_HALTED
;
356 arm11
->target
->debug_reason
= arm11_get_DSCR_debug_reason(*dscr
);
360 arm11
->target
->state
= TARGET_RUNNING
;
361 arm11
->target
->debug_reason
= DBG_REASON_NOTHALTED
;
364 arm11_sc7_clear_vbw(arm11
);
373 (arm11->reg_values[ARM11_RC_##x])
375 /** Save processor state.
377 * This is called when the HALT instruction has succeeded
378 * or on other occasions that stop the processor.
381 static int arm11_on_enter_debug_state(arm11_common_t
* arm11
)
386 for (size_t i
= 0; i
< asizeof(arm11
->reg_values
); i
++)
388 arm11
->reg_list
[i
].valid
= 1;
389 arm11
->reg_list
[i
].dirty
= 0;
393 CHECK_RETVAL(arm11_read_DSCR(arm11
, &R(DSCR
)));
397 if (R(DSCR
) & ARM11_DSCR_WDTR_FULL
)
399 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
401 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
403 scan_field_t chain5_fields
[3];
405 arm11_setup_field(arm11
, 32, NULL
, &R(WDTR
), chain5_fields
+ 0);
406 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 1);
407 arm11_setup_field(arm11
, 1, NULL
, NULL
, chain5_fields
+ 2);
409 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
413 arm11
->reg_list
[ARM11_RC_WDTR
].valid
= 0;
417 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
418 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
419 ARM1136 seems to require this to issue ITR's as well */
421 uint32_t new_dscr
= R(DSCR
) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE
;
423 /* this executes JTAG queue: */
425 arm11_write_DSCR(arm11
, new_dscr
);
429 Before executing any instruction in debug state you have to drain the write buffer.
430 This ensures that no imprecise Data Aborts can return at a later point:*/
432 /** \todo TODO: Test drain write buffer. */
437 /* MRC p14,0,R0,c5,c10,0 */
438 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
440 /* mcr 15, 0, r0, cr7, cr10, {4} */
441 arm11_run_instr_no_data1(arm11
, 0xee070f9a);
443 uint32_t dscr
= arm11_read_DSCR(arm11
);
445 LOG_DEBUG("DRAIN, DSCR %08x", dscr
);
447 if (dscr
& ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT
)
449 arm11_run_instr_no_data1(arm11
, 0xe320f000);
451 dscr
= arm11_read_DSCR(arm11
);
453 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr
);
460 retval
= arm11_run_instr_data_prepare(arm11
);
461 if (retval
!= ERROR_OK
)
466 /** \todo TODO: handle other mode registers */
468 for (size_t i
= 0; i
< 15; i
++)
470 /* MCR p14,0,R?,c0,c5,0 */
471 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15 | (i
<< 12), &R(RX
+ i
), 1);
472 if (retval
!= ERROR_OK
)
478 /* check rDTRfull in DSCR */
480 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
)
482 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
483 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xEE100E15, &R(RDTR
));
484 if (retval
!= ERROR_OK
)
489 arm11
->reg_list
[ARM11_RC_RDTR
].valid
= 0;
494 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
495 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE10F0000, &R(CPSR
));
496 if (retval
!= ERROR_OK
)
501 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
502 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, 0xE1A0000F, &R(PC
));
503 if (retval
!= ERROR_OK
)
506 /* adjust PC depending on ARM state */
508 if (R(CPSR
) & ARM11_CPSR_J
) /* Java state */
510 arm11
->reg_values
[ARM11_RC_PC
] -= 0;
512 else if (R(CPSR
) & ARM11_CPSR_T
) /* Thumb state */
514 arm11
->reg_values
[ARM11_RC_PC
] -= 4;
518 arm11
->reg_values
[ARM11_RC_PC
] -= 8;
521 if (arm11
->simulate_reset_on_next_halt
)
523 arm11
->simulate_reset_on_next_halt
= false;
525 LOG_DEBUG("Reset c1 Control Register");
527 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
529 /* MCR p15,0,R0,c1,c0,0 */
530 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee010f10, 0);
531 if (retval
!= ERROR_OK
)
536 retval
= arm11_run_instr_data_finish(arm11
);
537 if (retval
!= ERROR_OK
)
540 arm11_dump_reg_changes(arm11
);
545 void arm11_dump_reg_changes(arm11_common_t
* arm11
)
548 if (!(debug_level
>= LOG_LVL_DEBUG
))
553 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
555 if (!arm11
->reg_list
[i
].valid
)
557 if (arm11
->reg_history
[i
].valid
)
558 LOG_DEBUG("%8s INVALID (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_history
[i
].value
);
562 if (arm11
->reg_history
[i
].valid
)
564 if (arm11
->reg_history
[i
].value
!= arm11
->reg_values
[i
])
565 LOG_DEBUG("%8s %08" PRIx32
" (%08" PRIx32
")", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
], arm11
->reg_history
[i
].value
);
569 LOG_DEBUG("%8s %08" PRIx32
" (INVALID)", arm11_reg_defs
[i
].name
, arm11
->reg_values
[i
]);
575 /** Restore processor state
577 * This is called in preparation for the RESTART function.
580 int arm11_leave_debug_state(arm11_common_t
* arm11
)
585 retval
= arm11_run_instr_data_prepare(arm11
);
586 if (retval
!= ERROR_OK
)
589 /** \todo TODO: handle other mode registers */
591 /* restore R1 - R14 */
593 for (size_t i
= 1; i
< 15; i
++)
595 if (!arm11
->reg_list
[ARM11_RC_RX
+ i
].dirty
)
598 /* MRC p14,0,r?,c0,c5,0 */
599 arm11_run_instr_data_to_core1(arm11
, 0xee100e15 | (i
<< 12), R(RX
+ i
));
601 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
604 retval
= arm11_run_instr_data_finish(arm11
);
605 if (retval
!= ERROR_OK
)
608 /* spec says clear wDTR and rDTR; we assume they are clear as
609 otherwise our programming would be sloppy */
613 CHECK_RETVAL(arm11_read_DSCR(arm11
, &DSCR
));
615 if (DSCR
& (ARM11_DSCR_RDTR_FULL
| ARM11_DSCR_WDTR_FULL
))
618 The wDTR/rDTR two registers that are used to send/receive data to/from
619 the core in tandem with corresponding instruction codes that are
620 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
621 registers hold data that was written by one side (CPU or JTAG) and not
622 read out by the other side.
624 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32
")", DSCR
);
629 retval
= arm11_run_instr_data_prepare(arm11
);
630 if (retval
!= ERROR_OK
)
633 /* restore original wDTR */
635 if ((R(DSCR
) & ARM11_DSCR_WDTR_FULL
) || arm11
->reg_list
[ARM11_RC_WDTR
].dirty
)
637 /* MCR p14,0,R0,c0,c5,0 */
638 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xee000e15, R(WDTR
));
639 if (retval
!= ERROR_OK
)
646 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe129f000, R(CPSR
));
647 if (retval
!= ERROR_OK
)
654 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, 0xe1a0f000, R(PC
));
655 if (retval
!= ERROR_OK
)
661 /* MRC p14,0,r0,c0,c5,0 */
662 arm11_run_instr_data_to_core1(arm11
, 0xee100e15, R(R0
));
664 retval
= arm11_run_instr_data_finish(arm11
);
665 if (retval
!= ERROR_OK
)
670 arm11_write_DSCR(arm11
, R(DSCR
));
674 if (R(DSCR
) & ARM11_DSCR_RDTR_FULL
|| arm11
->reg_list
[ARM11_RC_RDTR
].dirty
)
676 arm11_add_debug_SCAN_N(arm11
, 0x05, ARM11_TAP_DEFAULT
);
678 arm11_add_IR(arm11
, ARM11_EXTEST
, ARM11_TAP_DEFAULT
);
680 scan_field_t chain5_fields
[3];
682 uint8_t Ready
= 0; /* ignored */
683 uint8_t Valid
= 0; /* ignored */
685 arm11_setup_field(arm11
, 32, &R(RDTR
), NULL
, chain5_fields
+ 0);
686 arm11_setup_field(arm11
, 1, &Ready
, NULL
, chain5_fields
+ 1);
687 arm11_setup_field(arm11
, 1, &Valid
, NULL
, chain5_fields
+ 2);
689 arm11_add_dr_scan_vc(asizeof(chain5_fields
), chain5_fields
, TAP_DRPAUSE
);
692 arm11_record_register_history(arm11
);
697 void arm11_record_register_history(arm11_common_t
* arm11
)
699 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
701 arm11
->reg_history
[i
].value
= arm11
->reg_values
[i
];
702 arm11
->reg_history
[i
].valid
= arm11
->reg_list
[i
].valid
;
704 arm11
->reg_list
[i
].valid
= 0;
705 arm11
->reg_list
[i
].dirty
= 0;
710 /* poll current target status */
711 int arm11_poll(struct target_s
*target
)
716 arm11_common_t
* arm11
= target
->arch_info
;
720 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
722 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
724 CHECK_RETVAL(arm11_check_init(arm11
, &dscr
));
726 if (dscr
& ARM11_DSCR_CORE_HALTED
)
728 if (target
->state
!= TARGET_HALTED
)
730 enum target_state old_state
= target
->state
;
732 LOG_DEBUG("enter TARGET_HALTED");
733 target
->state
= TARGET_HALTED
;
734 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
735 retval
= arm11_on_enter_debug_state(arm11
);
736 if (retval
!= ERROR_OK
)
739 target_call_event_callbacks(target
,
740 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
);
745 if (target
->state
!= TARGET_RUNNING
&& target
->state
!= TARGET_DEBUG_RUNNING
)
747 LOG_DEBUG("enter TARGET_RUNNING");
748 target
->state
= TARGET_RUNNING
;
749 target
->debug_reason
= DBG_REASON_NOTHALTED
;
755 /* architecture specific status reply */
756 int arm11_arch_state(struct target_s
*target
)
758 arm11_common_t
* arm11
= target
->arch_info
;
760 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"",
761 Jim_Nvp_value2name_simple(nvp_target_debug_reason
, target
->debug_reason
)->name
,
768 /* target request support */
769 int arm11_target_request_data(struct target_s
*target
, uint32_t size
, uint8_t *buffer
)
771 FNC_INFO_NOTIMPLEMENTED
;
776 /* target execution control */
777 int arm11_halt(struct target_s
*target
)
781 arm11_common_t
* arm11
= target
->arch_info
;
783 LOG_DEBUG("target->state: %s",
784 target_state_name(target
));
786 if (target
->state
== TARGET_UNKNOWN
)
788 arm11
->simulate_reset_on_next_halt
= true;
791 if (target
->state
== TARGET_HALTED
)
793 LOG_DEBUG("target was already halted");
797 arm11_add_IR(arm11
, ARM11_HALT
, TAP_IDLE
);
799 CHECK_RETVAL(jtag_execute_queue());
806 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
808 if (dscr
& ARM11_DSCR_CORE_HALTED
)
819 if ((timeval_ms()-then
) > 1000)
821 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
828 arm11_on_enter_debug_state(arm11
);
830 enum target_state old_state
= target
->state
;
832 target
->state
= TARGET_HALTED
;
833 target
->debug_reason
= arm11_get_DSCR_debug_reason(dscr
);
836 target_call_event_callbacks(target
,
837 old_state
== TARGET_DEBUG_RUNNING
? TARGET_EVENT_DEBUG_HALTED
: TARGET_EVENT_HALTED
));
842 int arm11_resume(struct target_s
*target
, int current
, uint32_t address
, int handle_breakpoints
, int debug_execution
)
846 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
847 // current, address, handle_breakpoints, debug_execution);
849 arm11_common_t
* arm11
= target
->arch_info
;
851 LOG_DEBUG("target->state: %s",
852 target_state_name(target
));
855 if (target
->state
!= TARGET_HALTED
)
857 LOG_ERROR("Target not halted");
858 return ERROR_TARGET_NOT_HALTED
;
864 LOG_DEBUG("RESUME PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
866 /* clear breakpoints/watchpoints and VCR*/
867 arm11_sc7_clear_vbw(arm11
);
869 /* Set up breakpoints */
870 if (!debug_execution
)
872 /* check if one matches PC and step over it if necessary */
876 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
878 if (bp
->address
== R(PC
))
880 LOG_DEBUG("must step over %08" PRIx32
"", bp
->address
);
881 arm11_step(target
, 1, 0, 0);
886 /* set all breakpoints */
890 for (bp
= target
->breakpoints
; bp
; bp
= bp
->next
)
892 arm11_sc7_action_t brp
[2];
895 brp
[0].address
= ARM11_SC7_BVR0
+ brp_num
;
896 brp
[0].value
= bp
->address
;
898 brp
[1].address
= ARM11_SC7_BCR0
+ brp_num
;
899 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
901 arm11_sc7_run(arm11
, brp
, asizeof(brp
));
903 LOG_DEBUG("Add BP " ZU
" at %08" PRIx32
"", brp_num
, bp
->address
);
908 arm11_sc7_set_vcr(arm11
, arm11_vcr
);
911 arm11_leave_debug_state(arm11
);
913 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
915 CHECK_RETVAL(jtag_execute_queue());
922 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
924 LOG_DEBUG("DSCR %08" PRIx32
"", dscr
);
926 if (dscr
& ARM11_DSCR_CORE_RESTARTED
)
937 if ((timeval_ms()-then
) > 1000)
939 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
946 if (!debug_execution
)
948 target
->state
= TARGET_RUNNING
;
949 target
->debug_reason
= DBG_REASON_NOTHALTED
;
951 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
955 target
->state
= TARGET_DEBUG_RUNNING
;
956 target
->debug_reason
= DBG_REASON_NOTHALTED
;
958 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
));
965 static int armv4_5_to_arm11(int reg
)
972 return ARM11_RC_CPSR
;
974 /* FIX!!! handle thumb better! */
975 return ARM11_RC_CPSR
;
977 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg
);
983 static uint32_t arm11_sim_get_reg(struct arm_sim_interface
*sim
, int reg
)
985 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
987 reg
=armv4_5_to_arm11(reg
);
989 return buf_get_u32(arm11
->reg_list
[reg
].value
, 0, 32);
992 static void arm11_sim_set_reg(struct arm_sim_interface
*sim
, int reg
, uint32_t value
)
994 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
996 reg
=armv4_5_to_arm11(reg
);
998 buf_set_u32(arm11
->reg_list
[reg
].value
, 0, 32, value
);
1001 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface
*sim
, int pos
, int bits
)
1003 arm11_common_t
* arm11
= (arm11_common_t
*)sim
->user_data
;
1005 return buf_get_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, pos
, bits
);
1008 static enum armv4_5_state
arm11_sim_get_state(struct arm_sim_interface
*sim
)
1010 // arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
1012 /* FIX!!!! we should implement thumb for arm11 */
1013 return ARMV4_5_STATE_ARM
;
1016 static void arm11_sim_set_state(struct arm_sim_interface
*sim
, enum armv4_5_state mode
)
1018 // arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
1020 /* FIX!!!! we should implement thumb for arm11 */
1021 LOG_ERROR("Not implemetned!");
1025 static enum armv4_5_mode
arm11_sim_get_mode(struct arm_sim_interface
*sim
)
1027 //arm11_common_t * arm11 = (arm11_common_t *)sim->user_data;
1029 /* FIX!!!! we should implement something that returns the current mode here!!! */
1030 return ARMV4_5_MODE_USR
;
1033 static int arm11_simulate_step(target_t
*target
, uint32_t *dry_run_pc
)
1035 struct arm_sim_interface sim
;
1037 sim
.user_data
=target
->arch_info
;
1038 sim
.get_reg
=&arm11_sim_get_reg
;
1039 sim
.set_reg
=&arm11_sim_set_reg
;
1040 sim
.get_reg_mode
=&arm11_sim_get_reg
;
1041 sim
.set_reg_mode
=&arm11_sim_set_reg
;
1042 sim
.get_cpsr
=&arm11_sim_get_cpsr
;
1043 sim
.get_mode
=&arm11_sim_get_mode
;
1044 sim
.get_state
=&arm11_sim_get_state
;
1045 sim
.set_state
=&arm11_sim_set_state
;
1047 return arm_simulate_step_core(target
, dry_run_pc
, &sim
);
1051 int arm11_step(struct target_s
*target
, int current
, uint32_t address
, int handle_breakpoints
)
1055 LOG_DEBUG("target->state: %s",
1056 target_state_name(target
));
1058 if (target
->state
!= TARGET_HALTED
)
1060 LOG_WARNING("target was not halted");
1061 return ERROR_TARGET_NOT_HALTED
;
1064 arm11_common_t
* arm11
= target
->arch_info
;
1069 LOG_DEBUG("STEP PC %08" PRIx32
"%s", R(PC
), !current
? "!" : "");
1072 /** \todo TODO: Thumb not supported here */
1074 uint32_t next_instruction
;
1076 CHECK_RETVAL(arm11_read_memory_word(arm11
, R(PC
), &next_instruction
));
1078 /* skip over BKPT */
1079 if ((next_instruction
& 0xFFF00070) == 0xe1200070)
1082 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1083 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1084 LOG_DEBUG("Skipping BKPT");
1086 /* skip over Wait for interrupt / Standby */
1087 /* mcr 15, 0, r?, cr7, cr0, {4} */
1088 else if ((next_instruction
& 0xFFFF0FFF) == 0xee070f90)
1091 arm11
->reg_list
[ARM11_RC_PC
].valid
= 1;
1092 arm11
->reg_list
[ARM11_RC_PC
].dirty
= 0;
1093 LOG_DEBUG("Skipping WFI");
1095 /* ignore B to self */
1096 else if ((next_instruction
& 0xFEFFFFFF) == 0xeafffffe)
1098 LOG_DEBUG("Not stepping jump to self");
1102 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
1105 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
1106 * the VCR might be something worth looking into. */
1109 /* Set up breakpoint for stepping */
1111 arm11_sc7_action_t brp
[2];
1114 brp
[0].address
= ARM11_SC7_BVR0
;
1116 brp
[1].address
= ARM11_SC7_BCR0
;
1118 if (arm11_config_hardware_step
)
1120 /* hardware single stepping be used if possible or is it better to
1121 * always use the same code path? Hardware single stepping is not supported
1124 brp
[0].value
= R(PC
);
1125 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
1128 /* sets a breakpoint on the next PC(calculated by simulation),
1132 retval
= arm11_simulate_step(target
, &next_pc
);
1133 if (retval
!= ERROR_OK
)
1136 brp
[0].value
= next_pc
;
1137 brp
[1].value
= 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1140 CHECK_RETVAL(arm11_sc7_run(arm11
, brp
, asizeof(brp
)));
1145 if (arm11_config_step_irq_enable
)
1146 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
; /* should be redundant */
1148 R(DSCR
) |= ARM11_DSCR_INTERRUPTS_DISABLE
;
1151 CHECK_RETVAL(arm11_leave_debug_state(arm11
));
1153 arm11_add_IR(arm11
, ARM11_RESTART
, TAP_IDLE
);
1155 CHECK_RETVAL(jtag_execute_queue());
1163 CHECK_RETVAL(arm11_read_DSCR(arm11
, &dscr
));
1165 LOG_DEBUG("DSCR %08" PRIx32
"e", dscr
);
1167 if ((dscr
& (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
)) ==
1168 (ARM11_DSCR_CORE_RESTARTED
| ARM11_DSCR_CORE_HALTED
))
1174 then
= timeval_ms();
1178 if ((timeval_ms()-then
) > 1000)
1180 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1187 /* clear breakpoint */
1188 arm11_sc7_clear_vbw(arm11
);
1191 CHECK_RETVAL(arm11_on_enter_debug_state(arm11
));
1193 /* restore default state */
1194 R(DSCR
) &= ~ARM11_DSCR_INTERRUPTS_DISABLE
;
1198 // target->state = TARGET_HALTED;
1199 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1201 CHECK_RETVAL(target_call_event_callbacks(target
, TARGET_EVENT_HALTED
));
1206 int arm11_assert_reset(target_t
*target
)
1211 arm11_common_t
* arm11
= target
->arch_info
;
1212 retval
= arm11_check_init(arm11
, NULL
);
1213 if (retval
!= ERROR_OK
)
1216 target
->state
= TARGET_UNKNOWN
;
1218 /* we would very much like to reset into the halted, state,
1219 * but resetting and halting is second best... */
1220 if (target
->reset_halt
)
1222 CHECK_RETVAL(target_halt(target
));
1226 /* srst is funny. We can not do *anything* else while it's asserted
1227 * and it has unkonwn side effects. Make sure no other code runs
1230 * Code below assumes srst:
1232 * - Causes power-on-reset (but of what parts of the system?). Bug
1235 * - Messes us TAP state without asserting trst.
1237 * - There is another bug in the arm11 core. When you generate an access to
1238 * external logic (for example ddr controller via AHB bus) and that block
1239 * is not configured (perhaps it is still held in reset), that transaction
1240 * will never complete. This will hang arm11 core but it will also hang
1241 * JTAG controller. Nothing, short of srst assertion will bring it out of
1246 * - What should the PC be after an srst reset when starting in the halted
1250 jtag_add_reset(0, 1);
1251 jtag_add_reset(0, 0);
1253 /* How long do we have to wait? */
1254 jtag_add_sleep(5000);
1256 /* un-mess up TAP state */
1259 retval
= jtag_execute_queue();
1260 if (retval
!= ERROR_OK
)
1268 int arm11_deassert_reset(target_t
*target
)
1273 int arm11_soft_reset_halt(struct target_s
*target
)
1275 FNC_INFO_NOTIMPLEMENTED
;
1280 /* target register access for gdb */
1281 int arm11_get_gdb_reg_list(struct target_s
*target
, struct reg_s
**reg_list
[], int *reg_list_size
)
1285 arm11_common_t
* arm11
= target
->arch_info
;
1287 *reg_list_size
= ARM11_GDB_REGISTER_COUNT
;
1288 *reg_list
= malloc(sizeof(reg_t
*) * ARM11_GDB_REGISTER_COUNT
);
1290 for (size_t i
= 16; i
< 24; i
++)
1292 (*reg_list
)[i
] = &arm11_gdb_dummy_fp_reg
;
1295 (*reg_list
)[24] = &arm11_gdb_dummy_fps_reg
;
1297 for (size_t i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1299 if (arm11_reg_defs
[i
].gdb_num
== -1)
1302 (*reg_list
)[arm11_reg_defs
[i
].gdb_num
] = arm11
->reg_list
+ i
;
1308 /* target memory access
1309 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1310 * count: number of items of <size>
1312 * arm11_config_memrw_no_increment - in the future we may want to be able
1313 * to read/write a range of data to a "port". a "port" is an action on
1314 * read memory address for some peripheral.
1316 int arm11_read_memory_inner(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1317 bool arm11_config_memrw_no_increment
)
1319 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1324 if (target
->state
!= TARGET_HALTED
)
1326 LOG_WARNING("target was not halted");
1327 return ERROR_TARGET_NOT_HALTED
;
1330 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1332 arm11_common_t
* arm11
= target
->arch_info
;
1334 retval
= arm11_run_instr_data_prepare(arm11
);
1335 if (retval
!= ERROR_OK
)
1338 /* MRC p14,0,r0,c0,c5,0 */
1339 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1340 if (retval
!= ERROR_OK
)
1346 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1347 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1349 for (size_t i
= 0; i
< count
; i
++)
1351 /* ldrb r1, [r0], #1 */
1353 arm11_run_instr_no_data1(arm11
,
1354 !arm11_config_memrw_no_increment
? 0xe4d01001 : 0xe5d01000);
1357 /* MCR p14,0,R1,c0,c5,0 */
1358 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1367 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1369 for (size_t i
= 0; i
< count
; i
++)
1371 /* ldrh r1, [r0], #2 */
1372 arm11_run_instr_no_data1(arm11
,
1373 !arm11_config_memrw_no_increment
? 0xe0d010b2 : 0xe1d010b0);
1377 /* MCR p14,0,R1,c0,c5,0 */
1378 arm11_run_instr_data_from_core(arm11
, 0xEE001E15, &res
, 1);
1380 uint16_t svalue
= res
;
1381 memcpy(buffer
+ i
* sizeof(uint16_t), &svalue
, sizeof(uint16_t));
1389 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xecb05e01 : 0xed905e00;
1390 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1391 uint32_t *words
= (uint32_t *)buffer
;
1393 /* LDC p14,c5,[R0],#4 */
1394 /* LDC p14,c5,[R0] */
1395 arm11_run_instr_data_from_core(arm11
, instr
, words
, count
);
1400 return arm11_run_instr_data_finish(arm11
);
1403 int arm11_read_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1405 return arm11_read_memory_inner(target
, address
, size
, count
, buffer
, false);
1409 * arm11_config_memrw_no_increment - in the future we may want to be able
1410 * to read/write a range of data to a "port". a "port" is an action on
1411 * read memory address for some peripheral.
1413 int arm11_write_memory_inner(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
,
1414 bool arm11_config_memrw_no_increment
)
1419 if (target
->state
!= TARGET_HALTED
)
1421 LOG_WARNING("target was not halted");
1422 return ERROR_TARGET_NOT_HALTED
;
1425 LOG_DEBUG("ADDR %08" PRIx32
" SIZE %08" PRIx32
" COUNT %08" PRIx32
"", address
, size
, count
);
1427 arm11_common_t
* arm11
= target
->arch_info
;
1429 retval
= arm11_run_instr_data_prepare(arm11
);
1430 if (retval
!= ERROR_OK
)
1433 /* MRC p14,0,r0,c0,c5,0 */
1434 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee100e15, address
);
1435 if (retval
!= ERROR_OK
)
1438 /* burst writes are not used for single words as those may well be
1439 * reset init script writes.
1441 * The other advantage is that as burst writes are default, we'll
1442 * now exercise both burst and non-burst code paths with the
1443 * default settings, increasing code coverage.
1445 bool burst
= arm11_config_memwrite_burst
&& (count
> 1);
1451 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1453 for (size_t i
= 0; i
< count
; i
++)
1455 /* MRC p14,0,r1,c0,c5,0 */
1456 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, *buffer
++);
1457 if (retval
!= ERROR_OK
)
1460 /* strb r1, [r0], #1 */
1462 retval
= arm11_run_instr_no_data1(arm11
,
1463 !arm11_config_memrw_no_increment
? 0xe4c01001 : 0xe5c01000);
1464 if (retval
!= ERROR_OK
)
1473 arm11
->reg_list
[ARM11_RC_R1
].dirty
= 1;
1475 for (size_t i
= 0; i
< count
; i
++)
1478 memcpy(&value
, buffer
+ i
* sizeof(uint16_t), sizeof(uint16_t));
1480 /* MRC p14,0,r1,c0,c5,0 */
1481 retval
= arm11_run_instr_data_to_core1(arm11
, 0xee101e15, value
);
1482 if (retval
!= ERROR_OK
)
1485 /* strh r1, [r0], #2 */
1487 retval
= arm11_run_instr_no_data1(arm11
,
1488 !arm11_config_memrw_no_increment
? 0xe0c010b2 : 0xe1c010b0);
1489 if (retval
!= ERROR_OK
)
1497 uint32_t instr
= !arm11_config_memrw_no_increment
? 0xeca05e01 : 0xed805e00;
1499 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1500 uint32_t *words
= (uint32_t*)buffer
;
1504 /* STC p14,c5,[R0],#4 */
1505 /* STC p14,c5,[R0]*/
1506 retval
= arm11_run_instr_data_to_core(arm11
, instr
, words
, count
);
1507 if (retval
!= ERROR_OK
)
1512 /* STC p14,c5,[R0],#4 */
1513 /* STC p14,c5,[R0]*/
1514 retval
= arm11_run_instr_data_to_core_noack(arm11
, instr
, words
, count
);
1515 if (retval
!= ERROR_OK
)
1523 /* r0 verification */
1524 if (!arm11_config_memrw_no_increment
)
1528 /* MCR p14,0,R0,c0,c5,0 */
1529 retval
= arm11_run_instr_data_from_core(arm11
, 0xEE000E15, &r0
, 1);
1530 if (retval
!= ERROR_OK
)
1533 if (address
+ size
* count
!= r0
)
1535 LOG_ERROR("Data transfer failed. Expected end "
1536 "address 0x%08x, got 0x%08x",
1537 (unsigned) (address
+ size
* count
),
1541 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1543 if (arm11_config_memwrite_error_fatal
)
1548 return arm11_run_instr_data_finish(arm11
);
1551 int arm11_write_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
1553 return arm11_write_memory_inner(target
, address
, size
, count
, buffer
, false);
1556 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1557 int arm11_bulk_write_memory(struct target_s
*target
, uint32_t address
, uint32_t count
, uint8_t *buffer
)
1561 if (target
->state
!= TARGET_HALTED
)
1563 LOG_WARNING("target was not halted");
1564 return ERROR_TARGET_NOT_HALTED
;
1567 return arm11_write_memory(target
, address
, 4, count
, buffer
);
1570 /* here we have nothing target specific to contribute, so we fail and then the
1571 * fallback code will read data from the target and calculate the CRC on the
1574 int arm11_checksum_memory(struct target_s
*target
, uint32_t address
, uint32_t count
, uint32_t* checksum
)
1579 /* target break-/watchpoint control
1580 * rw: 0 = write, 1 = read, 2 = access
1582 int arm11_add_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
1586 arm11_common_t
* arm11
= target
->arch_info
;
1589 if (breakpoint
->type
== BKPT_SOFT
)
1591 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1592 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1596 if (!arm11
->free_brps
)
1598 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1599 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1602 if (breakpoint
->length
!= 4)
1604 LOG_DEBUG("only breakpoints of four bytes length supported");
1605 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1613 int arm11_remove_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
1617 arm11_common_t
* arm11
= target
->arch_info
;
1624 int arm11_add_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
1626 FNC_INFO_NOTIMPLEMENTED
;
1631 int arm11_remove_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
1633 FNC_INFO_NOTIMPLEMENTED
;
1638 // HACKHACKHACK - FIXME mode/state
1639 /* target algorithm support */
1640 int arm11_run_algorithm(struct target_s
*target
, int num_mem_params
, mem_param_t
*mem_params
,
1641 int num_reg_params
, reg_param_t
*reg_params
, uint32_t entry_point
, uint32_t exit_point
,
1642 int timeout_ms
, void *arch_info
)
1644 arm11_common_t
*arm11
= target
->arch_info
;
1645 // enum armv4_5_state core_state = arm11->core_state;
1646 // enum armv4_5_mode core_mode = arm11->core_mode;
1647 uint32_t context
[16];
1649 int exit_breakpoint_size
= 0;
1650 int retval
= ERROR_OK
;
1651 LOG_DEBUG("Running algorithm");
1654 if (target
->state
!= TARGET_HALTED
)
1656 LOG_WARNING("target not halted");
1657 return ERROR_TARGET_NOT_HALTED
;
1661 // if (armv4_5_mode_to_number(arm11->core_mode)==-1)
1662 // return ERROR_FAIL;
1665 for (unsigned i
= 0; i
< 16; i
++)
1667 context
[i
] = buf_get_u32((uint8_t*)(&arm11
->reg_values
[i
]),0,32);
1668 LOG_DEBUG("Save %u: 0x%" PRIx32
"", i
, context
[i
]);
1671 cpsr
= buf_get_u32((uint8_t*)(arm11
->reg_values
+ ARM11_RC_CPSR
),0,32);
1672 LOG_DEBUG("Save CPSR: 0x%" PRIx32
"", cpsr
);
1674 for (int i
= 0; i
< num_mem_params
; i
++)
1676 target_write_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1679 // Set register parameters
1680 for (int i
= 0; i
< num_reg_params
; i
++)
1682 reg_t
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1685 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1689 if (reg
->size
!= reg_params
[i
].size
)
1691 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1694 arm11_set_reg(reg
,reg_params
[i
].value
);
1695 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1698 exit_breakpoint_size
= 4;
1700 /* arm11->core_state = arm11_algorithm_info->core_state;
1701 if (arm11->core_state == ARMV4_5_STATE_ARM)
1702 exit_breakpoint_size = 4;
1703 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1704 exit_breakpoint_size = 2;
1707 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1713 /* arm11 at this point only supports ARM not THUMB mode
1714 however if this test needs to be reactivated the current state can be read back
1717 if (arm11_algorithm_info
->core_mode
!= ARMV4_5_MODE_ANY
)
1719 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info
->core_mode
);
1720 buf_set_u32(arm11
->reg_list
[ARM11_RC_CPSR
].value
, 0, 5, arm11_algorithm_info
->core_mode
);
1721 arm11
->reg_list
[ARM11_RC_CPSR
].dirty
= 1;
1722 arm11
->reg_list
[ARM11_RC_CPSR
].valid
= 1;
1726 if ((retval
= breakpoint_add(target
, exit_point
, exit_breakpoint_size
, BKPT_HARD
)) != ERROR_OK
)
1728 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1729 retval
= ERROR_TARGET_FAILURE
;
1733 // no debug, otherwise breakpoint is not set
1734 CHECK_RETVAL(target_resume(target
, 0, entry_point
, 1, 0));
1736 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, timeout_ms
));
1738 if (target
->state
!= TARGET_HALTED
)
1740 CHECK_RETVAL(target_halt(target
));
1742 CHECK_RETVAL(target_wait_state(target
, TARGET_HALTED
, 500));
1744 retval
= ERROR_TARGET_TIMEOUT
;
1746 goto del_breakpoint
;
1749 if (buf_get_u32(arm11
->reg_list
[15].value
, 0, 32) != exit_point
)
1751 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32
"",
1752 buf_get_u32(arm11
->reg_list
[15].value
, 0, 32));
1753 retval
= ERROR_TARGET_TIMEOUT
;
1754 goto del_breakpoint
;
1757 for (int i
= 0; i
< num_mem_params
; i
++)
1759 if (mem_params
[i
].direction
!= PARAM_OUT
)
1760 target_read_buffer(target
, mem_params
[i
].address
, mem_params
[i
].size
, mem_params
[i
].value
);
1763 for (int i
= 0; i
< num_reg_params
; i
++)
1765 if (reg_params
[i
].direction
!= PARAM_OUT
)
1767 reg_t
*reg
= register_get_by_name(arm11
->core_cache
, reg_params
[i
].reg_name
, 0);
1770 LOG_ERROR("BUG: register '%s' not found", reg_params
[i
].reg_name
);
1774 if (reg
->size
!= reg_params
[i
].size
)
1776 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params
[i
].reg_name
);
1780 buf_set_u32(reg_params
[i
].value
, 0, 32, buf_get_u32(reg
->value
, 0, 32));
1785 breakpoint_remove(target
, exit_point
);
1789 for (size_t i
= 0; i
< 16; i
++)
1791 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32
"",
1792 arm11
->reg_list
[i
].name
, context
[i
]);
1793 arm11_set_reg(&arm11
->reg_list
[i
], (uint8_t*)&context
[i
]);
1795 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32
"", cpsr
);
1796 arm11_set_reg(&arm11
->reg_list
[ARM11_RC_CPSR
], (uint8_t*)&cpsr
);
1798 // arm11->core_state = core_state;
1799 // arm11->core_mode = core_mode;
1804 int arm11_target_create(struct target_s
*target
, Jim_Interp
*interp
)
1808 NEW(arm11_common_t
, arm11
, 1);
1810 arm11
->target
= target
;
1812 if (target
->tap
== NULL
)
1815 if (target
->tap
->ir_length
!= 5)
1817 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1818 return ERROR_COMMAND_SYNTAX_ERROR
;
1821 target
->arch_info
= arm11
;
1826 int arm11_init_target(struct command_context_s
*cmd_ctx
, struct target_s
*target
)
1828 /* Initialize anything we can set up without talking to the target */
1829 return arm11_build_reg_cache(target
);
1832 /* talk to the target and set things up */
1833 int arm11_examine(struct target_s
*target
)
1839 arm11_common_t
* arm11
= target
->arch_info
;
1843 arm11_add_IR(arm11
, ARM11_IDCODE
, ARM11_TAP_DEFAULT
);
1845 scan_field_t idcode_field
;
1847 arm11_setup_field(arm11
, 32, NULL
, &arm11
->device_id
, &idcode_field
);
1849 arm11_add_dr_scan_vc(1, &idcode_field
, TAP_DRPAUSE
);
1853 arm11_add_debug_SCAN_N(arm11
, 0x00, ARM11_TAP_DEFAULT
);
1855 arm11_add_IR(arm11
, ARM11_INTEST
, ARM11_TAP_DEFAULT
);
1857 scan_field_t chain0_fields
[2];
1859 arm11_setup_field(arm11
, 32, NULL
, &arm11
->didr
, chain0_fields
+ 0);
1860 arm11_setup_field(arm11
, 8, NULL
, &arm11
->implementor
, chain0_fields
+ 1);
1862 arm11_add_dr_scan_vc(asizeof(chain0_fields
), chain0_fields
, TAP_IDLE
);
1864 CHECK_RETVAL(jtag_execute_queue());
1866 switch (arm11
->device_id
& 0x0FFFF000)
1868 case 0x07B36000: LOG_INFO("found ARM1136"); break;
1869 case 0x07B56000: LOG_INFO("found ARM1156"); break;
1870 case 0x07B76000: LOG_INFO("found ARM1176"); break;
1873 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1878 arm11
->debug_version
= (arm11
->didr
>> 16) & 0x0F;
1880 if (arm11
->debug_version
!= ARM11_DEBUG_V6
&&
1881 arm11
->debug_version
!= ARM11_DEBUG_V61
)
1883 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1887 arm11
->brp
= ((arm11
->didr
>> 24) & 0x0F) + 1;
1888 arm11
->wrp
= ((arm11
->didr
>> 28) & 0x0F) + 1;
1890 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1891 arm11
->free_brps
= arm11
->brp
;
1892 arm11
->free_wrps
= arm11
->wrp
;
1894 LOG_DEBUG("IDCODE %08" PRIx32
" IMPLEMENTOR %02x DIDR %08" PRIx32
"",
1896 (int)(arm11
->implementor
),
1899 /* as a side-effect this reads DSCR and thus
1900 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1901 * as suggested by the spec.
1904 retval
= arm11_check_init(arm11
, NULL
);
1905 if (retval
!= ERROR_OK
)
1908 target_set_examined(target
);
1914 /** Load a register that is marked !valid in the register cache */
1915 int arm11_get_reg(reg_t
*reg
)
1919 target_t
* target
= ((arm11_reg_state_t
*)reg
->arch_info
)->target
;
1921 if (target
->state
!= TARGET_HALTED
)
1923 LOG_WARNING("target was not halted");
1924 return ERROR_TARGET_NOT_HALTED
;
1927 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1930 arm11_common_t
*arm11
= target
->arch_info
;
1931 const arm11_reg_defs_t
* arm11_reg_info
= arm11_reg_defs
+ ((arm11_reg_state_t
*)reg
->arch_info
)->def_index
;
1937 /** Change a value in the register cache */
1938 int arm11_set_reg(reg_t
*reg
, uint8_t *buf
)
1942 target_t
* target
= ((arm11_reg_state_t
*)reg
->arch_info
)->target
;
1943 arm11_common_t
*arm11
= target
->arch_info
;
1944 // const arm11_reg_defs_t * arm11_reg_info = arm11_reg_defs + ((arm11_reg_state_t *)reg->arch_info)->def_index;
1946 arm11
->reg_values
[((arm11_reg_state_t
*)reg
->arch_info
)->def_index
] = buf_get_u32(buf
, 0, 32);
1953 int arm11_build_reg_cache(target_t
*target
)
1955 arm11_common_t
*arm11
= target
->arch_info
;
1957 NEW(reg_cache_t
, cache
, 1);
1958 NEW(reg_t
, reg_list
, ARM11_REGCACHE_COUNT
);
1959 NEW(arm11_reg_state_t
, arm11_reg_states
, ARM11_REGCACHE_COUNT
);
1961 if (arm11_regs_arch_type
== -1)
1962 arm11_regs_arch_type
= register_reg_arch_type(arm11_get_reg
, arm11_set_reg
);
1964 register_init_dummy(&arm11_gdb_dummy_fp_reg
);
1965 register_init_dummy(&arm11_gdb_dummy_fps_reg
);
1967 arm11
->reg_list
= reg_list
;
1969 /* Build the process context cache */
1970 cache
->name
= "arm11 registers";
1972 cache
->reg_list
= reg_list
;
1973 cache
->num_regs
= ARM11_REGCACHE_COUNT
;
1975 reg_cache_t
**cache_p
= register_get_last_cache_p(&target
->reg_cache
);
1978 arm11
->core_cache
= cache
;
1979 // armv7m->process_context = cache;
1983 /* Not very elegant assertion */
1984 if (ARM11_REGCACHE_COUNT
!= asizeof(arm11
->reg_values
) ||
1985 ARM11_REGCACHE_COUNT
!= asizeof(arm11_reg_defs
) ||
1986 ARM11_REGCACHE_COUNT
!= ARM11_RC_MAX
)
1988 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU
" " ZU
" %d)", ARM11_REGCACHE_COUNT
, asizeof(arm11
->reg_values
), asizeof(arm11_reg_defs
), ARM11_RC_MAX
);
1992 for (i
= 0; i
< ARM11_REGCACHE_COUNT
; i
++)
1994 reg_t
* r
= reg_list
+ i
;
1995 const arm11_reg_defs_t
* rd
= arm11_reg_defs
+ i
;
1996 arm11_reg_state_t
* rs
= arm11_reg_states
+ i
;
2000 r
->value
= (uint8_t *)(arm11
->reg_values
+ i
);
2003 r
->bitfield_desc
= NULL
;
2004 r
->num_bitfields
= 0;
2005 r
->arch_type
= arm11_regs_arch_type
;
2009 rs
->target
= target
;
2015 int arm11_handle_bool(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
, bool * var
, char * name
)
2019 LOG_INFO("%s is %s.", name
, *var
? "enabled" : "disabled");
2024 return ERROR_COMMAND_SYNTAX_ERROR
;
2029 case 'f': /* false */
2031 case 'd': /* disable */
2037 case 't': /* true */
2039 case 'e': /* enable */
2045 LOG_INFO("%s %s.", *var
? "Enabled" : "Disabled", name
);
2050 #define BOOL_WRAPPER(name, print_name) \
2051 int arm11_handle_bool_##name(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc) \
2053 return arm11_handle_bool(cmd_ctx, cmd, args, argc, &arm11_config_##name, print_name); \
2056 BOOL_WRAPPER(memwrite_burst
, "memory write burst mode")
2057 BOOL_WRAPPER(memwrite_error_fatal
, "fatal error mode for memory writes")
2058 BOOL_WRAPPER(step_irq_enable
, "IRQs while stepping")
2059 BOOL_WRAPPER(hardware_step
, "hardware single step")
2061 int arm11_handle_vcr(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2065 arm11_vcr
= strtoul(args
[0], NULL
, 0);
2069 return ERROR_COMMAND_SYNTAX_ERROR
;
2072 LOG_INFO("VCR 0x%08" PRIx32
"", arm11_vcr
);
2076 const uint32_t arm11_coproc_instruction_limits
[] =
2078 15, /* coprocessor */
2083 0xFFFFFFFF, /* value */
2086 arm11_common_t
* arm11_find_target(const char * arg
)
2091 tap
= jtag_tap_by_string(arg
);
2096 for (t
= all_targets
; t
; t
= t
->next
)
2101 /* if (t->type == arm11_target) */
2102 if (0 == strcmp(target_get_name(t
), "arm11"))
2103 return t
->arch_info
;
2109 int arm11_handle_mrc_mcr(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
, bool read
)
2113 if (argc
!= (read
? 6 : 7))
2115 LOG_ERROR("Invalid number of arguments.");
2116 return ERROR_COMMAND_SYNTAX_ERROR
;
2119 arm11_common_t
* arm11
= arm11_find_target(args
[0]);
2123 LOG_ERROR("Parameter 1 is not a the JTAG chain position of an ARM11 device.");
2124 return ERROR_COMMAND_SYNTAX_ERROR
;
2127 if (arm11
->target
->state
!= TARGET_HALTED
)
2129 LOG_WARNING("target was not halted");
2130 return ERROR_TARGET_NOT_HALTED
;
2135 for (size_t i
= 0; i
< (read
? 5 : 6); i
++)
2137 values
[i
] = strtoul(args
[i
+ 1], NULL
, 0);
2139 if (values
[i
] > arm11_coproc_instruction_limits
[i
])
2141 LOG_ERROR("Parameter %ld out of bounds (%" PRId32
" max).",
2143 arm11_coproc_instruction_limits
[i
]);
2144 return ERROR_COMMAND_SYNTAX_ERROR
;
2148 uint32_t instr
= 0xEE000010 |
2156 instr
|= 0x00100000;
2158 retval
= arm11_run_instr_data_prepare(arm11
);
2159 if (retval
!= ERROR_OK
)
2165 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, &result
);
2166 if (retval
!= ERROR_OK
)
2169 LOG_INFO("MRC p%d, %d, R0, c%d, c%d, %d = 0x%08" PRIx32
" (%" PRId32
")",
2174 (int)(values
[4]), result
, result
);
2178 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, values
[5]);
2179 if (retval
!= ERROR_OK
)
2182 LOG_INFO("MRC p%d, %d, R0 (#0x%08" PRIx32
"), c%d, c%d, %d",
2183 (int)(values
[0]), (int)(values
[1]),
2185 (int)(values
[2]), (int)(values
[3]), (int)(values
[4]));
2188 return arm11_run_instr_data_finish(arm11
);
2191 int arm11_handle_mrc(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2193 return arm11_handle_mrc_mcr(cmd_ctx
, cmd
, args
, argc
, true);
2196 int arm11_handle_mcr(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2198 return arm11_handle_mrc_mcr(cmd_ctx
, cmd
, args
, argc
, false);
2201 static int arm11_mrc_inner(target_t
*target
, int cpnum
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
, bool read
)
2205 if (target
->state
!= TARGET_HALTED
)
2207 LOG_ERROR("Target not halted");
2211 arm11_common_t
* arm11
= target
->arch_info
;
2213 uint32_t instr
= 0xEE000010 |
2221 instr
|= 0x00100000;
2223 retval
= arm11_run_instr_data_prepare(arm11
);
2224 if (retval
!= ERROR_OK
)
2229 retval
= arm11_run_instr_data_from_core_via_r0(arm11
, instr
, value
);
2230 if (retval
!= ERROR_OK
)
2235 retval
= arm11_run_instr_data_to_core_via_r0(arm11
, instr
, *value
);
2236 if (retval
!= ERROR_OK
)
2240 return arm11_run_instr_data_finish(arm11
);
2243 static int arm11_mrc(target_t
*target
, int cpnum
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
2245 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, value
, true);
2248 static int arm11_mcr(target_t
*target
, int cpnum
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
2250 return arm11_mrc_inner(target
, cpnum
, op1
, op2
, CRn
, CRm
, &value
, false);
2254 int arm11_register_commands(struct command_context_s
*cmd_ctx
)
2258 command_t
*top_cmd
, *mw_cmd
;
2260 top_cmd
= register_command(cmd_ctx
, NULL
, "arm11",
2261 NULL
, COMMAND_ANY
, NULL
);
2263 /* "hardware_step" is only here to check if the default
2264 * simulate + breakpoint implementation is broken.
2265 * TEMPORARY! NOT DOCUMENTED!
2267 register_command(cmd_ctx
, top_cmd
, "hardware_step",
2268 arm11_handle_bool_hardware_step
, COMMAND_ANY
,
2269 "DEBUG ONLY - Hardware single stepping"
2270 " (default: disabled)");
2272 register_command(cmd_ctx
, top_cmd
, "mcr",
2273 arm11_handle_mcr
, COMMAND_ANY
,
2274 "Write Coprocessor register. mcr <jtag_target> <coprocessor> <opcode 1> <CRn> <CRm> <opcode 2> <32bit value to write>. All parameters are numbers only.");
2276 mw_cmd
= register_command(cmd_ctx
, top_cmd
, "memwrite",
2277 NULL
, COMMAND_ANY
, NULL
);
2278 register_command(cmd_ctx
, mw_cmd
, "burst",
2279 arm11_handle_bool_memwrite_burst
, COMMAND_ANY
,
2280 "Enable/Disable non-standard but fast burst mode"
2281 " (default: enabled)");
2282 register_command(cmd_ctx
, mw_cmd
, "error_fatal",
2283 arm11_handle_bool_memwrite_error_fatal
, COMMAND_ANY
,
2284 "Terminate program if transfer error was found"
2285 " (default: enabled)");
2287 register_command(cmd_ctx
, top_cmd
, "mrc",
2288 arm11_handle_mrc
, COMMAND_ANY
,
2289 "Read Coprocessor register. mrc <jtag_target> <coprocessor> <opcode 1> <CRn> <CRm> <opcode 2>. All parameters are numbers only.");
2290 register_command(cmd_ctx
, top_cmd
, "step_irq_enable",
2291 arm11_handle_bool_step_irq_enable
, COMMAND_ANY
,
2292 "Enable interrupts while stepping"
2293 " (default: disabled)");
2294 register_command(cmd_ctx
, top_cmd
, "vcr",
2295 arm11_handle_vcr
, COMMAND_ANY
,
2296 "Control (Interrupt) Vector Catch Register");
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)