1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
24 #include "replacements.h"
26 #include "embeddedice.h"
32 #include "arm7_9_common.h"
33 #include "breakpoints.h"
39 #include <sys/types.h>
44 int arm7_9_debug_entry(target_t
*target
);
45 int arm7_9_enable_sw_bkpts(struct target_s
*target
);
47 /* command handler forward declarations */
48 int handle_arm7_9_write_xpsr_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
49 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
50 int handle_arm7_9_read_core_reg_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
51 int handle_arm7_9_write_core_reg_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
52 int handle_arm7_9_sw_bkpts_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
53 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
54 int handle_arm7_9_dbgrq_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
55 int handle_arm7_9_fast_memory_access_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
56 int handle_arm7_9_dcc_downloads_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
57 int handle_arm7_9_etm_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
58 int handle_arm7_9_etb_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
60 int arm7_9_reinit_embeddedice(target_t
*target
)
62 armv4_5_common_t
*armv4_5
= target
->arch_info
;
63 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
65 breakpoint_t
*breakpoint
= target
->breakpoints
;
67 arm7_9
->wp_available
= 2;
71 /* mark all hardware breakpoints as unset */
74 if (breakpoint
->type
== BKPT_HARD
)
78 breakpoint
= breakpoint
->next
;
81 if (arm7_9
->sw_bkpts_enabled
&& arm7_9
->sw_bkpts_use_wp
)
83 arm7_9
->sw_bkpts_enabled
= 0;
84 arm7_9_enable_sw_bkpts(target
);
87 arm7_9
->reinit_embeddedice
= 0;
92 int arm7_9_jtag_callback(enum jtag_event event
, void *priv
)
94 target_t
*target
= priv
;
95 armv4_5_common_t
*armv4_5
= target
->arch_info
;
96 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
98 /* a test-logic reset occured
99 * the EmbeddedICE registers have been reset
100 * hardware breakpoints have been cleared
102 if (event
== JTAG_TRST_ASSERTED
)
104 arm7_9
->reinit_embeddedice
= 1;
110 int arm7_9_get_arch_pointers(target_t
*target
, armv4_5_common_t
**armv4_5_p
, arm7_9_common_t
**arm7_9_p
)
112 armv4_5_common_t
*armv4_5
= target
->arch_info
;
113 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
115 if (armv4_5
->common_magic
!= ARMV4_5_COMMON_MAGIC
)
120 if (arm7_9
->common_magic
!= ARM7_9_COMMON_MAGIC
)
125 *armv4_5_p
= armv4_5
;
131 int arm7_9_set_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
133 armv4_5_common_t
*armv4_5
= target
->arch_info
;
134 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
136 if (target
->state
!= TARGET_HALTED
)
138 WARNING("target not halted");
139 return ERROR_TARGET_NOT_HALTED
;
142 if (arm7_9
->force_hw_bkpts
)
143 breakpoint
->type
= BKPT_HARD
;
147 WARNING("breakpoint already set");
151 if (breakpoint
->type
== BKPT_HARD
)
153 /* either an ARM (4 byte) or Thumb (2 byte) breakpoint */
154 u32 mask
= (breakpoint
->length
== 4) ? 0x3u
: 0x1u
;
155 if (!arm7_9
->wp0_used
)
157 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_VALUE
], breakpoint
->address
);
158 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], mask
);
159 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0xffffffffu
);
160 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], ~EICE_W_CTRL_nOPC
& 0xff);
161 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
);
163 jtag_execute_queue();
164 arm7_9
->wp0_used
= 1;
167 else if (!arm7_9
->wp1_used
)
169 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_VALUE
], breakpoint
->address
);
170 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
], mask
);
171 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
], 0xffffffffu
);
172 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
], ~EICE_W_CTRL_nOPC
& 0xff);
173 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
);
175 jtag_execute_queue();
176 arm7_9
->wp1_used
= 1;
181 ERROR("BUG: no hardware comparator available");
185 else if (breakpoint
->type
== BKPT_SOFT
)
187 if (breakpoint
->length
== 4)
189 /* keep the original instruction in target endianness */
190 target
->type
->read_memory(target
, breakpoint
->address
, 4, 1, breakpoint
->orig_instr
);
191 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
192 target_write_u32(target
, breakpoint
->address
, arm7_9
->arm_bkpt
);
196 /* keep the original instruction in target endianness */
197 target
->type
->read_memory(target
, breakpoint
->address
, 2, 1, breakpoint
->orig_instr
);
198 /* write the original instruction in target endianness (arm7_9->arm_bkpt is host endian) */
199 target_write_u32(target
, breakpoint
->address
, arm7_9
->thumb_bkpt
);
208 int arm7_9_unset_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
210 armv4_5_common_t
*armv4_5
= target
->arch_info
;
211 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
213 if (target
->state
!= TARGET_HALTED
)
215 WARNING("target not halted");
216 return ERROR_TARGET_NOT_HALTED
;
219 if (!breakpoint
->set
)
221 WARNING("breakpoint not set");
225 if (breakpoint
->type
== BKPT_HARD
)
227 if (breakpoint
->set
== 1)
229 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x0);
230 jtag_execute_queue();
231 arm7_9
->wp0_used
= 0;
233 else if (breakpoint
->set
== 2)
235 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], 0x0);
236 jtag_execute_queue();
237 arm7_9
->wp1_used
= 0;
243 /* restore original instruction (kept in target endianness) */
244 if (breakpoint
->length
== 4)
246 target
->type
->write_memory(target
, breakpoint
->address
, 4, 1, breakpoint
->orig_instr
);
250 target
->type
->write_memory(target
, breakpoint
->address
, 2, 1, breakpoint
->orig_instr
);
258 int arm7_9_add_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
260 armv4_5_common_t
*armv4_5
= target
->arch_info
;
261 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
263 if (target
->state
!= TARGET_HALTED
)
265 WARNING("target not halted");
266 return ERROR_TARGET_NOT_HALTED
;
269 if (arm7_9
->force_hw_bkpts
)
271 DEBUG("forcing use of hardware breakpoint at address 0x%8.8x", breakpoint
->address
);
272 breakpoint
->type
= BKPT_HARD
;
275 if ((breakpoint
->type
== BKPT_SOFT
) && (arm7_9
->sw_bkpts_enabled
== 0))
277 INFO("sw breakpoint requested, but software breakpoints not enabled");
278 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
281 if ((breakpoint
->type
== BKPT_HARD
) && (arm7_9
->wp_available
< 1))
283 INFO("no watchpoint unit available for hardware breakpoint");
284 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
287 if ((breakpoint
->length
!= 2) && (breakpoint
->length
!= 4))
289 INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
290 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
293 if (breakpoint
->type
== BKPT_HARD
)
294 arm7_9
->wp_available
--;
299 int arm7_9_remove_breakpoint(struct target_s
*target
, breakpoint_t
*breakpoint
)
301 armv4_5_common_t
*armv4_5
= target
->arch_info
;
302 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
304 if (target
->state
!= TARGET_HALTED
)
306 WARNING("target not halted");
307 return ERROR_TARGET_NOT_HALTED
;
312 arm7_9_unset_breakpoint(target
, breakpoint
);
315 if (breakpoint
->type
== BKPT_HARD
)
316 arm7_9
->wp_available
++;
321 int arm7_9_set_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
323 armv4_5_common_t
*armv4_5
= target
->arch_info
;
324 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
328 mask
= watchpoint
->length
- 1;
330 if (target
->state
!= TARGET_HALTED
)
332 WARNING("target not halted");
333 return ERROR_TARGET_NOT_HALTED
;
336 if (watchpoint
->rw
== WPT_ACCESS
)
341 if (!arm7_9
->wp0_used
)
343 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_VALUE
], watchpoint
->address
);
344 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], mask
);
345 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], watchpoint
->mask
);
346 if( watchpoint
->mask
!= 0xffffffffu
)
347 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_VALUE
], watchpoint
->value
);
348 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], 0xff & ~EICE_W_CTRL_nOPC
& ~rw_mask
);
349 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
| EICE_W_CTRL_nOPC
| (watchpoint
->rw
& 1));
351 jtag_execute_queue();
353 arm7_9
->wp0_used
= 2;
355 else if (!arm7_9
->wp1_used
)
357 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_VALUE
], watchpoint
->address
);
358 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
], mask
);
359 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
], watchpoint
->mask
);
360 if( watchpoint
->mask
!= 0xffffffffu
)
361 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_VALUE
], watchpoint
->value
);
362 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
], 0xff & ~EICE_W_CTRL_nOPC
& ~rw_mask
);
363 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
| EICE_W_CTRL_nOPC
| (watchpoint
->rw
& 1));
365 jtag_execute_queue();
367 arm7_9
->wp1_used
= 2;
371 ERROR("BUG: no hardware comparator available");
378 int arm7_9_unset_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
380 armv4_5_common_t
*armv4_5
= target
->arch_info
;
381 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
383 if (target
->state
!= TARGET_HALTED
)
385 WARNING("target not halted");
386 return ERROR_TARGET_NOT_HALTED
;
389 if (!watchpoint
->set
)
391 WARNING("breakpoint not set");
395 if (watchpoint
->set
== 1)
397 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x0);
398 jtag_execute_queue();
399 arm7_9
->wp0_used
= 0;
401 else if (watchpoint
->set
== 2)
403 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], 0x0);
404 jtag_execute_queue();
405 arm7_9
->wp1_used
= 0;
412 int arm7_9_add_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
414 armv4_5_common_t
*armv4_5
= target
->arch_info
;
415 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
417 if (target
->state
!= TARGET_HALTED
)
419 WARNING("target not halted");
420 return ERROR_TARGET_NOT_HALTED
;
423 if (arm7_9
->wp_available
< 1)
425 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
428 if ((watchpoint
->length
!= 1) && (watchpoint
->length
!= 2) && (watchpoint
->length
!= 4))
430 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
433 arm7_9
->wp_available
--;
438 int arm7_9_remove_watchpoint(struct target_s
*target
, watchpoint_t
*watchpoint
)
440 armv4_5_common_t
*armv4_5
= target
->arch_info
;
441 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
443 if (target
->state
!= TARGET_HALTED
)
445 WARNING("target not halted");
446 return ERROR_TARGET_NOT_HALTED
;
451 arm7_9_unset_watchpoint(target
, watchpoint
);
454 arm7_9
->wp_available
++;
459 int arm7_9_enable_sw_bkpts(struct target_s
*target
)
461 armv4_5_common_t
*armv4_5
= target
->arch_info
;
462 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
465 if (arm7_9
->sw_bkpts_enabled
)
468 if (arm7_9
->wp_available
< 1)
470 WARNING("can't enable sw breakpoints with no watchpoint unit available");
471 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
473 arm7_9
->wp_available
--;
475 if (!arm7_9
->wp0_used
)
477 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_VALUE
], arm7_9
->arm_bkpt
);
478 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0x0);
479 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], 0xffffffffu
);
480 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], ~EICE_W_CTRL_nOPC
& 0xff);
481 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
);
482 arm7_9
->sw_bkpts_enabled
= 1;
483 arm7_9
->wp0_used
= 3;
485 else if (!arm7_9
->wp1_used
)
487 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_VALUE
], arm7_9
->arm_bkpt
);
488 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
], 0x0);
489 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
], 0xffffffffu
);
490 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
], ~EICE_W_CTRL_nOPC
& 0xff);
491 embeddedice_set_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], EICE_W_CTRL_ENABLE
);
492 arm7_9
->sw_bkpts_enabled
= 2;
493 arm7_9
->wp1_used
= 3;
497 ERROR("BUG: both watchpoints used, but wp_available >= 1");
501 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
503 ERROR("error writing EmbeddedICE registers to enable sw breakpoints");
510 int arm7_9_disable_sw_bkpts(struct target_s
*target
)
512 armv4_5_common_t
*armv4_5
= target
->arch_info
;
513 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
515 if (!arm7_9
->sw_bkpts_enabled
)
518 if (arm7_9
->sw_bkpts_enabled
== 1)
520 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x0);
521 arm7_9
->sw_bkpts_enabled
= 0;
522 arm7_9
->wp0_used
= 0;
523 arm7_9
->wp_available
++;
525 else if (arm7_9
->sw_bkpts_enabled
== 2)
527 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], 0x0);
528 arm7_9
->sw_bkpts_enabled
= 0;
529 arm7_9
->wp1_used
= 0;
530 arm7_9
->wp_available
++;
536 int arm7_9_execute_sys_speed(struct target_s
*target
)
541 armv4_5_common_t
*armv4_5
= target
->arch_info
;
542 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
543 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
544 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
546 /* set RESTART instruction */
547 jtag_add_end_state(TAP_RTI
);
548 arm_jtag_set_instr(jtag_info
, 0x4);
550 for (timeout
=0; timeout
<50; timeout
++)
552 /* read debug status register */
553 embeddedice_read_reg(dbg_stat
);
554 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
556 if ((buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1))
557 && (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_SYSCOMP
, 1)))
563 ERROR("timeout waiting for SYSCOMP & DBGACK, last DBG_STATUS: %x", buf_get_u32(dbg_stat
->value
, 0, dbg_stat
->size
));
564 return ERROR_TARGET_TIMEOUT
;
570 int arm7_9_execute_fast_sys_speed(struct target_s
*target
)
572 u8 check_value
[4], check_mask
[4];
574 armv4_5_common_t
*armv4_5
= target
->arch_info
;
575 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
576 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
577 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
579 /* set RESTART instruction */
580 jtag_add_end_state(TAP_RTI
);
581 arm_jtag_set_instr(jtag_info
, 0x4);
583 /* check for DBGACK and SYSCOMP set (others don't care) */
584 buf_set_u32(check_value
, 0, 32, 0x9);
585 buf_set_u32(check_mask
, 0, 32, 0x9);
587 /* read debug status register */
588 embeddedice_read_reg_w_check(dbg_stat
, check_value
, check_value
);
593 enum target_state
arm7_9_poll(target_t
*target
)
596 armv4_5_common_t
*armv4_5
= target
->arch_info
;
597 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
598 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
600 if (arm7_9
->reinit_embeddedice
)
602 arm7_9_reinit_embeddedice(target
);
605 /* read debug status register */
606 embeddedice_read_reg(dbg_stat
);
607 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
611 case ERROR_JTAG_QUEUE_FAILED
:
612 ERROR("JTAG queue failed while reading EmbeddedICE status register");
620 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1))
622 DEBUG("DBGACK set, dbg_state->value: 0x%x", buf_get_u32(dbg_stat
->value
, 0, 32));
623 if ((target
->state
== TARGET_UNKNOWN
))
625 WARNING("DBGACK set while target was in unknown state. Reset or initialize target before resuming");
626 target
->state
= TARGET_RUNNING
;
628 if ((target
->state
== TARGET_RUNNING
) || (target
->state
== TARGET_RESET
))
630 target
->state
= TARGET_HALTED
;
631 if ((retval
= arm7_9_debug_entry(target
)) != ERROR_OK
)
634 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
636 if (target
->state
== TARGET_DEBUG_RUNNING
)
638 target
->state
= TARGET_HALTED
;
639 if ((retval
= arm7_9_debug_entry(target
)) != ERROR_OK
)
642 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_HALTED
);
647 if (target
->state
!= TARGET_DEBUG_RUNNING
)
648 target
->state
= TARGET_RUNNING
;
651 return target
->state
;
654 int arm7_9_assert_reset(target_t
*target
)
658 DEBUG("target->state: %s", target_state_strings
[target
->state
]);
660 if (target
->state
== TARGET_HALTED
|| target
->state
== TARGET_UNKNOWN
)
662 /* if the target wasn't running, there might be working areas allocated */
663 target_free_all_working_areas(target
);
665 /* assert SRST and TRST */
666 /* system would get ouf sync if we didn't reset test-logic, too */
667 if ((retval
= jtag_add_reset(1, 1)) != ERROR_OK
)
669 if (retval
== ERROR_JTAG_RESET_CANT_SRST
)
671 WARNING("can't assert srst");
676 ERROR("unknown error");
680 jtag_add_sleep(5000);
681 if ((retval
= jtag_add_reset(0, 1)) != ERROR_OK
)
683 if (retval
== ERROR_JTAG_RESET_WOULD_ASSERT_TRST
)
685 WARNING("srst resets test logic, too");
686 retval
= jtag_add_reset(1, 1);
692 if ((retval
= jtag_add_reset(0, 1)) != ERROR_OK
)
694 if (retval
== ERROR_JTAG_RESET_WOULD_ASSERT_TRST
)
696 WARNING("srst resets test logic, too");
697 retval
= jtag_add_reset(1, 1);
700 if (retval
== ERROR_JTAG_RESET_CANT_SRST
)
702 WARNING("can't assert srst");
705 else if (retval
!= ERROR_OK
)
707 ERROR("unknown error");
713 target
->state
= TARGET_RESET
;
714 jtag_add_sleep(50000);
716 armv4_5_invalidate_core_regs(target
);
722 int arm7_9_deassert_reset(target_t
*target
)
724 DEBUG("target->state: %s", target_state_strings
[target
->state
]);
726 /* deassert reset lines */
727 jtag_add_reset(0, 0);
732 int arm7_9_clear_halt(target_t
*target
)
734 armv4_5_common_t
*armv4_5
= target
->arch_info
;
735 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
736 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
738 /* we used DBGRQ only if we didn't come out of reset */
739 if (!arm7_9
->debug_entry_from_reset
&& arm7_9
->use_dbgrq
)
741 /* program EmbeddedICE Debug Control Register to deassert DBGRQ
743 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGRQ
, 1, 0);
744 embeddedice_store_reg(dbg_ctrl
);
748 if (arm7_9
->debug_entry_from_reset
&& arm7_9
->has_vector_catch
)
750 /* if we came out of reset, and vector catch is supported, we used
751 * vector catch to enter debug state
752 * restore the register in that case
754 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_VEC_CATCH
]);
758 /* restore registers if watchpoint unit 0 was in use
760 if (arm7_9
->wp0_used
)
762 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
]);
763 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
]);
764 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
]);
766 /* control value always has to be restored, as it was either disabled,
767 * or enabled with possibly different bits
769 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
]);
776 int arm7_9_soft_reset_halt(struct target_s
*target
)
778 armv4_5_common_t
*armv4_5
= target
->arch_info
;
779 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
780 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
781 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
784 if (target
->state
== TARGET_RUNNING
)
786 target
->type
->halt(target
);
789 while (buf_get_u32(dbg_stat
->value
, EICE_DBG_CONTROL_DBGACK
, 1) == 0)
791 embeddedice_read_reg(dbg_stat
);
792 jtag_execute_queue();
794 target
->state
= TARGET_HALTED
;
796 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
797 * ensure that DBGRQ is cleared
799 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 1);
800 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGRQ
, 1, 0);
801 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_INTDIS
, 1, 1);
802 embeddedice_store_reg(dbg_ctrl
);
804 arm7_9_clear_halt(target
);
806 /* if the target is in Thumb state, change to ARM state */
807 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_ITBIT
, 1))
809 u32 r0_thumb
, pc_thumb
;
810 DEBUG("target entered debug from Thumb state, changing to ARM");
811 /* Entered debug from Thumb mode */
812 armv4_5
->core_state
= ARMV4_5_STATE_THUMB
;
813 arm7_9
->change_to_arm(target
, &r0_thumb
, &pc_thumb
);
816 /* all register content is now invalid */
817 armv4_5_invalidate_core_regs(target
);
819 /* SVC, ARM state, IRQ and FIQ disabled */
820 buf_set_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8, 0xd3);
821 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 1;
822 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
824 /* start fetching from 0x0 */
825 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, 0x0);
826 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
827 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
829 armv4_5
->core_mode
= ARMV4_5_MODE_SVC
;
830 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
832 /* reset registers */
833 for (i
= 0; i
<= 14; i
++)
835 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).value
, 0, 32, 0xffffffff);
836 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 1;
837 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).valid
= 1;
840 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
845 int arm7_9_prepare_reset_halt(target_t
*target
)
847 armv4_5_common_t
*armv4_5
= target
->arch_info
;
848 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
850 if (arm7_9
->has_vector_catch
)
852 /* program vector catch register to catch reset vector */
853 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_VEC_CATCH
], 0x1);
857 /* program watchpoint unit to match on reset vector address */
858 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], 0x3);
859 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0x0);
860 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x100);
861 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], 0xf7);
867 int arm7_9_halt(target_t
*target
)
869 armv4_5_common_t
*armv4_5
= target
->arch_info
;
870 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
871 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
873 DEBUG("target->state: %s", target_state_strings
[target
->state
]);
875 if (target
->state
== TARGET_HALTED
)
877 WARNING("target was already halted");
878 return ERROR_TARGET_ALREADY_HALTED
;
881 if (target
->state
== TARGET_UNKNOWN
)
883 WARNING("target was in unknown state when halt was requested");
886 if (target
->state
== TARGET_RESET
)
888 if ((jtag_reset_config
& RESET_SRST_PULLS_TRST
) && jtag_srst
)
890 ERROR("can't request a halt while in reset if nSRST pulls nTRST");
891 return ERROR_TARGET_FAILURE
;
895 /* we came here in a reset_halt or reset_init sequence
896 * debug entry was already prepared in arm7_9_prepare_reset_halt()
898 target
->debug_reason
= DBG_REASON_DBGRQ
;
904 if (arm7_9
->use_dbgrq
)
906 /* program EmbeddedICE Debug Control Register to assert DBGRQ
908 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGRQ
, 1, 1);
909 embeddedice_store_reg(dbg_ctrl
);
913 /* program watchpoint unit to match on any address
915 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], 0xffffffff);
916 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0xffffffff);
917 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x100);
918 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], 0xf7);
921 target
->debug_reason
= DBG_REASON_DBGRQ
;
926 int arm7_9_debug_entry(target_t
*target
)
931 u32 r0_thumb
, pc_thumb
;
934 /* get pointers to arch-specific information */
935 armv4_5_common_t
*armv4_5
= target
->arch_info
;
936 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
937 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
938 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
940 #ifdef _DEBUG_ARM7_9_
944 if (arm7_9
->pre_debug_entry
)
945 arm7_9
->pre_debug_entry(target
);
947 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
948 * ensure that DBGRQ is cleared
950 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 1);
951 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGRQ
, 1, 0);
952 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_INTDIS
, 1, 1);
953 embeddedice_store_reg(dbg_ctrl
);
955 arm7_9_clear_halt(target
);
957 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
961 case ERROR_JTAG_QUEUE_FAILED
:
962 ERROR("JTAG queue failed while writing EmbeddedICE control register");
970 if ((retval
= arm7_9
->examine_debug_reason(target
)) != ERROR_OK
)
974 if (target
->state
!= TARGET_HALTED
)
976 WARNING("target not halted");
977 return ERROR_TARGET_NOT_HALTED
;
980 /* if the target is in Thumb state, change to ARM state */
981 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_ITBIT
, 1))
983 DEBUG("target entered debug from Thumb state");
984 /* Entered debug from Thumb mode */
985 armv4_5
->core_state
= ARMV4_5_STATE_THUMB
;
986 arm7_9
->change_to_arm(target
, &r0_thumb
, &pc_thumb
);
987 DEBUG("r0_thumb: 0x%8.8x, pc_thumb: 0x%8.8x", r0_thumb
, pc_thumb
);
991 DEBUG("target entered debug from ARM state");
992 /* Entered debug from ARM mode */
993 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
996 for (i
= 0; i
< 16; i
++)
997 context_p
[i
] = &context
[i
];
998 /* save core registers (r0 - r15 of current core mode) */
999 arm7_9
->read_core_regs(target
, 0xffff, context_p
);
1001 arm7_9
->read_xpsr(target
, &cpsr
, 0);
1003 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1006 /* if the core has been executing in Thumb state, set the T bit */
1007 if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1010 buf_set_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32, cpsr
);
1011 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 0;
1012 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
1014 armv4_5
->core_mode
= cpsr
& 0x1f;
1016 if (armv4_5_mode_to_number(armv4_5
->core_mode
) == -1)
1018 target
->state
= TARGET_UNKNOWN
;
1019 ERROR("cpsr contains invalid mode value - communication failure");
1020 return ERROR_TARGET_FAILURE
;
1023 DEBUG("target entered debug state in %s mode", armv4_5_mode_strings
[armv4_5_mode_to_number(armv4_5
->core_mode
)]);
1025 if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1027 DEBUG("thumb state, applying fixups");
1028 context
[0] = r0_thumb
;
1029 context
[15] = pc_thumb
;
1030 } else if (armv4_5
->core_state
== ARMV4_5_STATE_ARM
)
1032 /* adjust value stored by STM */
1033 context
[15] -= 3 * 4;
1036 if ((target
->debug_reason
== DBG_REASON_BREAKPOINT
)
1037 || (target
->debug_reason
== DBG_REASON_SINGLESTEP
)
1038 || (target
->debug_reason
== DBG_REASON_WATCHPOINT
)
1039 || (target
->debug_reason
== DBG_REASON_WPTANDBKPT
)
1040 || ((target
->debug_reason
== DBG_REASON_DBGRQ
) && (arm7_9
->use_dbgrq
== 0)))
1041 context
[15] -= 3 * ((armv4_5
->core_state
== ARMV4_5_STATE_ARM
) ? 4 : 2);
1042 else if (target
->debug_reason
== DBG_REASON_DBGRQ
)
1043 context
[15] -= arm7_9
->dbgreq_adjust_pc
* ((armv4_5
->core_state
== ARMV4_5_STATE_ARM
) ? 4 : 2);
1046 ERROR("unknown debug reason: %i", target
->debug_reason
);
1050 for (i
=0; i
<=15; i
++)
1052 DEBUG("r%i: 0x%8.8x", i
, context
[i
]);
1053 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).value
, 0, 32, context
[i
]);
1054 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 0;
1055 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).valid
= 1;
1058 DEBUG("entered debug state at PC 0x%x", context
[15]);
1060 /* exceptions other than USR & SYS have a saved program status register */
1061 if ((armv4_5_mode_to_number(armv4_5
->core_mode
) != ARMV4_5_MODE_USR
) && (armv4_5_mode_to_number(armv4_5
->core_mode
) != ARMV4_5_MODE_SYS
))
1064 arm7_9
->read_xpsr(target
, &spsr
, 1);
1065 jtag_execute_queue();
1066 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).value
, 0, 32, spsr
);
1067 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).dirty
= 0;
1068 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 16).valid
= 1;
1071 /* r0 and r15 (pc) have to be restored later */
1072 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 0).dirty
= 1;
1073 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, 15).dirty
= 1;
1075 if ((retval
= jtag
->execute_queue()) != ERROR_OK
)
1078 if (arm7_9
->post_debug_entry
)
1079 arm7_9
->post_debug_entry(target
);
1084 int arm7_9_full_context(target_t
*target
)
1088 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1089 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1093 if (target
->state
!= TARGET_HALTED
)
1095 WARNING("target not halted");
1096 return ERROR_TARGET_NOT_HALTED
;
1099 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1100 * SYS shares registers with User, so we don't touch SYS
1102 for(i
= 0; i
< 6; i
++)
1109 /* check if there are invalid registers in the current mode
1111 for (j
= 0; j
<= 16; j
++)
1113 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
== 0)
1121 /* change processor mode (and mask T bit) */
1122 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1123 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1125 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1127 for (j
= 0; j
< 15; j
++)
1129 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
== 0)
1131 reg_p
[j
] = (u32
*)ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).value
;
1133 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).valid
= 1;
1134 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
).dirty
= 0;
1138 /* if only the PSR is invalid, mask is all zeroes */
1140 arm7_9
->read_core_regs(target
, mask
, reg_p
);
1142 /* check if the PSR has to be read */
1143 if (ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).valid
== 0)
1145 arm7_9
->read_xpsr(target
, (u32
*)ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).value
, 1);
1146 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).valid
= 1;
1147 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16).dirty
= 0;
1152 /* restore processor mode (mask T bit) */
1153 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
1155 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1157 ERROR("JTAG failure");
1163 int arm7_9_restore_context(target_t
*target
)
1165 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1166 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1168 armv4_5_core_reg_t
*reg_arch_info
;
1169 enum armv4_5_mode current_mode
= armv4_5
->core_mode
;
1176 if (target
->state
!= TARGET_HALTED
)
1178 WARNING("target not halted");
1179 return ERROR_TARGET_NOT_HALTED
;
1182 if (arm7_9
->pre_restore_context
)
1183 arm7_9
->pre_restore_context(target
);
1185 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1186 * SYS shares registers with User, so we don't touch SYS
1188 for (i
= 0; i
< 6; i
++)
1190 DEBUG("examining %s mode", armv4_5_mode_strings
[i
]);
1193 /* check if there are dirty registers in the current mode
1195 for (j
= 0; j
<= 16; j
++)
1197 reg
= &ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
);
1198 reg_arch_info
= reg
->arch_info
;
1199 if (reg
->dirty
== 1)
1201 if (reg
->valid
== 1)
1204 DEBUG("examining dirty reg: %s", reg
->name
);
1205 if ((reg_arch_info
->mode
!= ARMV4_5_MODE_ANY
)
1206 && (reg_arch_info
->mode
!= current_mode
)
1207 && !((reg_arch_info
->mode
== ARMV4_5_MODE_USR
) && (armv4_5
->core_mode
== ARMV4_5_MODE_SYS
))
1208 && !((reg_arch_info
->mode
== ARMV4_5_MODE_SYS
) && (armv4_5
->core_mode
== ARMV4_5_MODE_USR
)))
1211 DEBUG("require mode change");
1216 ERROR("BUG: dirty register '%s', but no valid data", reg
->name
);
1232 /* change processor mode (mask T bit) */
1233 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1234 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1236 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1237 current_mode
= armv4_5_number_to_mode(i
);
1240 for (j
= 0; j
<= 14; j
++)
1242 reg
= &ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), j
);
1243 reg_arch_info
= reg
->arch_info
;
1246 if (reg
->dirty
== 1)
1248 regs
[j
] = buf_get_u32(reg
->value
, 0, 32);
1253 DEBUG("writing register %i of mode %s with value 0x%8.8x", j
, armv4_5_mode_strings
[i
], regs
[j
]);
1259 arm7_9
->write_core_regs(target
, mask
, regs
);
1262 reg
= &ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5_number_to_mode(i
), 16);
1263 reg_arch_info
= reg
->arch_info
;
1264 if ((reg
->dirty
) && (reg_arch_info
->mode
!= ARMV4_5_MODE_ANY
))
1266 DEBUG("writing SPSR of mode %i with value 0x%8.8x", i
, buf_get_u32(reg
->value
, 0, 32));
1267 arm7_9
->write_xpsr(target
, buf_get_u32(reg
->value
, 0, 32), 1);
1272 if ((armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
== 0) && (armv4_5
->core_mode
!= current_mode
))
1274 /* restore processor mode (mask T bit) */
1277 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1278 tmp_cpsr
|= armv4_5_number_to_mode(i
);
1280 DEBUG("writing lower 8 bit of cpsr with value 0x%2.2x", tmp_cpsr
);
1281 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1283 else if (armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
== 1)
1285 /* CPSR has been changed, full restore necessary (mask T bit) */
1286 DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32));
1287 arm7_9
->write_xpsr(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32) & ~0x20, 0);
1288 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 0;
1289 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
1293 DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1294 arm7_9
->write_pc(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1295 armv4_5
->core_cache
->reg_list
[15].dirty
= 0;
1297 if (arm7_9
->post_restore_context
)
1298 arm7_9
->post_restore_context(target
);
1303 int arm7_9_restart_core(struct target_s
*target
)
1305 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1306 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1307 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
1309 /* set RESTART instruction */
1310 jtag_add_end_state(TAP_RTI
);
1311 arm_jtag_set_instr(jtag_info
, 0x4);
1313 jtag_add_runtest(1, TAP_RTI
);
1314 if ((jtag_execute_queue()) != ERROR_OK
)
1322 void arm7_9_enable_watchpoints(struct target_s
*target
)
1324 watchpoint_t
*watchpoint
= target
->watchpoints
;
1328 if (watchpoint
->set
== 0)
1329 arm7_9_set_watchpoint(target
, watchpoint
);
1330 watchpoint
= watchpoint
->next
;
1334 void arm7_9_enable_breakpoints(struct target_s
*target
)
1336 breakpoint_t
*breakpoint
= target
->breakpoints
;
1338 /* set any pending breakpoints */
1341 if (breakpoint
->set
== 0)
1342 arm7_9_set_breakpoint(target
, breakpoint
);
1343 breakpoint
= breakpoint
->next
;
1347 void arm7_9_disable_bkpts_and_wpts(struct target_s
*target
)
1349 breakpoint_t
*breakpoint
= target
->breakpoints
;
1350 watchpoint_t
*watchpoint
= target
->watchpoints
;
1352 /* set any pending breakpoints */
1355 if (breakpoint
->set
!= 0)
1356 arm7_9_unset_breakpoint(target
, breakpoint
);
1357 breakpoint
= breakpoint
->next
;
1362 if (watchpoint
->set
!= 0)
1363 arm7_9_unset_watchpoint(target
, watchpoint
);
1364 watchpoint
= watchpoint
->next
;
1368 int arm7_9_resume(struct target_s
*target
, int current
, u32 address
, int handle_breakpoints
, int debug_execution
)
1370 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1371 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1372 breakpoint_t
*breakpoint
= target
->breakpoints
;
1373 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
1377 if (target
->state
!= TARGET_HALTED
)
1379 WARNING("target not halted");
1380 return ERROR_TARGET_NOT_HALTED
;
1383 if (!debug_execution
)
1385 target_free_all_working_areas(target
);
1388 /* current = 1: continue on current pc, otherwise continue at <address> */
1390 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, address
);
1392 /* the front-end may request us not to handle breakpoints */
1393 if (handle_breakpoints
)
1395 if ((breakpoint
= breakpoint_find(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))))
1397 DEBUG("unset breakpoint at 0x%8.8x", breakpoint
->address
);
1398 arm7_9_unset_breakpoint(target
, breakpoint
);
1400 DEBUG("enable single-step");
1401 arm7_9
->enable_single_step(target
);
1403 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1405 arm7_9_restore_context(target
);
1407 if (armv4_5
->core_state
== ARMV4_5_STATE_ARM
)
1408 arm7_9
->branch_resume(target
);
1409 else if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1411 arm7_9
->branch_resume_thumb(target
);
1415 ERROR("unhandled core state");
1419 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 0);
1420 embeddedice_write_reg(dbg_ctrl
, buf_get_u32(dbg_ctrl
->value
, 0, dbg_ctrl
->size
));
1421 arm7_9_execute_sys_speed(target
);
1423 DEBUG("disable single-step");
1424 arm7_9
->disable_single_step(target
);
1426 arm7_9_debug_entry(target
);
1427 DEBUG("new PC after step: 0x%8.8x", buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1429 DEBUG("set breakpoint at 0x%8.8x", breakpoint
->address
);
1430 arm7_9_set_breakpoint(target
, breakpoint
);
1434 /* enable any pending breakpoints and watchpoints */
1435 arm7_9_enable_breakpoints(target
);
1436 arm7_9_enable_watchpoints(target
);
1438 arm7_9_restore_context(target
);
1440 if (armv4_5
->core_state
== ARMV4_5_STATE_ARM
)
1442 arm7_9
->branch_resume(target
);
1444 else if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1446 arm7_9
->branch_resume_thumb(target
);
1450 ERROR("unhandled core state");
1454 /* deassert DBGACK and INTDIS */
1455 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 0);
1456 /* INTDIS only when we really resume, not during debug execution */
1457 if (!debug_execution
)
1458 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_INTDIS
, 1, 0);
1459 embeddedice_write_reg(dbg_ctrl
, buf_get_u32(dbg_ctrl
->value
, 0, dbg_ctrl
->size
));
1461 arm7_9_restart_core(target
);
1463 target
->debug_reason
= DBG_REASON_NOTHALTED
;
1465 if (!debug_execution
)
1467 /* registers are now invalid */
1468 armv4_5_invalidate_core_regs(target
);
1469 target
->state
= TARGET_RUNNING
;
1470 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1474 target
->state
= TARGET_DEBUG_RUNNING
;
1475 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_RESUMED
);
1478 DEBUG("target resumed");
1483 void arm7_9_enable_eice_step(target_t
*target
)
1485 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1486 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1488 /* setup an inverse breakpoint on the current PC
1489 * - comparator 1 matches the current address
1490 * - rangeout from comparator 1 is connected to comparator 0 rangein
1491 * - comparator 0 matches any address, as long as rangein is low */
1492 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
], 0xffffffff);
1493 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
], 0xffffffff);
1494 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
], 0x100);
1495 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
], 0x77);
1496 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_VALUE
], buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32));
1497 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
], 0);
1498 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
], 0xffffffff);
1499 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
], 0x0);
1500 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
], 0xf7);
1503 void arm7_9_disable_eice_step(target_t
*target
)
1505 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1506 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1508 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_ADDR_MASK
]);
1509 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_DATA_MASK
]);
1510 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_VALUE
]);
1511 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W0_CONTROL_MASK
]);
1512 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_VALUE
]);
1513 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_ADDR_MASK
]);
1514 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_DATA_MASK
]);
1515 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_MASK
]);
1516 embeddedice_store_reg(&arm7_9
->eice_cache
->reg_list
[EICE_W1_CONTROL_VALUE
]);
1519 int arm7_9_step(struct target_s
*target
, int current
, u32 address
, int handle_breakpoints
)
1521 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1522 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1523 breakpoint_t
*breakpoint
= NULL
;
1525 if (target
->state
!= TARGET_HALTED
)
1527 WARNING("target not halted");
1528 return ERROR_TARGET_NOT_HALTED
;
1531 /* current = 1: continue on current pc, otherwise continue at <address> */
1533 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, address
);
1535 /* the front-end may request us not to handle breakpoints */
1536 if (handle_breakpoints
)
1537 if ((breakpoint
= breakpoint_find(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32))))
1538 arm7_9_unset_breakpoint(target
, breakpoint
);
1540 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1542 arm7_9_restore_context(target
);
1544 arm7_9
->enable_single_step(target
);
1546 if (armv4_5
->core_state
== ARMV4_5_STATE_ARM
)
1548 arm7_9
->branch_resume(target
);
1550 else if (armv4_5
->core_state
== ARMV4_5_STATE_THUMB
)
1552 arm7_9
->branch_resume_thumb(target
);
1556 ERROR("unhandled core state");
1560 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1562 arm7_9_execute_sys_speed(target
);
1563 arm7_9
->disable_single_step(target
);
1565 /* registers are now invalid */
1566 armv4_5_invalidate_core_regs(target
);
1568 arm7_9_debug_entry(target
);
1570 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
1573 arm7_9_set_breakpoint(target
, breakpoint
);
1575 DEBUG("target stepped");
1581 int arm7_9_read_core_reg(struct target_s
*target
, int num
, enum armv4_5_mode mode
)
1586 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1587 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1588 enum armv4_5_mode reg_mode
= ((armv4_5_core_reg_t
*)ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).arch_info
)->mode
;
1590 if ((num
< 0) || (num
> 16))
1591 return ERROR_INVALID_ARGUMENTS
;
1593 if ((mode
!= ARMV4_5_MODE_ANY
)
1594 && (mode
!= armv4_5
->core_mode
)
1595 && (reg_mode
!= ARMV4_5_MODE_ANY
))
1599 /* change processor mode (mask T bit) */
1600 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1603 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1606 if ((num
>= 0) && (num
<= 15))
1608 /* read a normal core register */
1609 reg_p
[num
] = &value
;
1611 arm7_9
->read_core_regs(target
, 1 << num
, reg_p
);
1615 /* read a program status register
1616 * if the register mode is MODE_ANY, we read the cpsr, otherwise a spsr
1618 armv4_5_core_reg_t
*arch_info
= ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).arch_info
;
1619 int spsr
= (arch_info
->mode
== ARMV4_5_MODE_ANY
) ? 0 : 1;
1621 arm7_9
->read_xpsr(target
, &value
, spsr
);
1624 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1626 ERROR("JTAG failure");
1630 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).valid
= 1;
1631 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).dirty
= 0;
1632 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).value
, 0, 32, value
);
1634 if ((mode
!= ARMV4_5_MODE_ANY
)
1635 && (mode
!= armv4_5
->core_mode
)
1636 && (reg_mode
!= ARMV4_5_MODE_ANY
)) {
1637 /* restore processor mode (mask T bit) */
1638 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
1645 int arm7_9_write_core_reg(struct target_s
*target
, int num
, enum armv4_5_mode mode
, u32 value
)
1649 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1650 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1651 enum armv4_5_mode reg_mode
= ((armv4_5_core_reg_t
*)ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).arch_info
)->mode
;
1653 if ((num
< 0) || (num
> 16))
1654 return ERROR_INVALID_ARGUMENTS
;
1656 if ((mode
!= ARMV4_5_MODE_ANY
)
1657 && (mode
!= armv4_5
->core_mode
)
1658 && (reg_mode
!= ARMV4_5_MODE_ANY
)) {
1661 /* change processor mode (mask T bit) */
1662 tmp_cpsr
= buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & 0xE0;
1665 arm7_9
->write_xpsr_im8(target
, tmp_cpsr
& 0xff, 0, 0);
1668 if ((num
>= 0) && (num
<= 15))
1670 /* write a normal core register */
1673 arm7_9
->write_core_regs(target
, 1 << num
, reg
);
1677 /* write a program status register
1678 * if the register mode is MODE_ANY, we write the cpsr, otherwise a spsr
1680 armv4_5_core_reg_t
*arch_info
= ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).arch_info
;
1681 int spsr
= (arch_info
->mode
== ARMV4_5_MODE_ANY
) ? 0 : 1;
1683 /* if we're writing the CPSR, mask the T bit */
1687 arm7_9
->write_xpsr(target
, value
, spsr
);
1690 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).valid
= 1;
1691 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, mode
, num
).dirty
= 0;
1693 if ((mode
!= ARMV4_5_MODE_ANY
)
1694 && (mode
!= armv4_5
->core_mode
)
1695 && (reg_mode
!= ARMV4_5_MODE_ANY
)) {
1696 /* restore processor mode (mask T bit) */
1697 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
1700 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1702 ERROR("JTAG failure");
1710 int arm7_9_read_memory(struct target_s
*target
, u32 address
, u32 size
, u32 count
, u8
*buffer
)
1712 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1713 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1716 int num_accesses
= 0;
1717 int thisrun_accesses
;
1723 DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address
, size
, count
);
1725 if (target
->state
!= TARGET_HALTED
)
1727 WARNING("target not halted");
1728 return ERROR_TARGET_NOT_HALTED
;
1731 /* sanitize arguments */
1732 if (((size
!= 4) && (size
!= 2) && (size
!= 1)) || (count
== 0) || !(buffer
))
1733 return ERROR_INVALID_ARGUMENTS
;
1735 if (((size
== 4) && (address
& 0x3u
)) || ((size
== 2) && (address
& 0x1u
)))
1736 return ERROR_TARGET_UNALIGNED_ACCESS
;
1738 /* load the base register with the address of the first word */
1740 arm7_9
->write_core_regs(target
, 0x1, reg
);
1745 while (num_accesses
< count
)
1748 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1749 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1751 if (last_reg
<= thisrun_accesses
)
1752 last_reg
= thisrun_accesses
;
1754 arm7_9
->load_word_regs(target
, reg_list
);
1756 /* fast memory reads are only safe when the target is running
1757 * from a sufficiently high clock (32 kHz is usually too slow)
1759 if (arm7_9
->fast_memory_access
)
1760 arm7_9_execute_fast_sys_speed(target
);
1762 arm7_9_execute_sys_speed(target
);
1764 arm7_9
->read_core_regs_target_buffer(target
, reg_list
, buffer
, 4);
1766 /* advance buffer, count number of accesses */
1767 buffer
+= thisrun_accesses
* 4;
1768 num_accesses
+= thisrun_accesses
;
1772 while (num_accesses
< count
)
1775 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1776 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1778 for (i
= 1; i
<= thisrun_accesses
; i
++)
1782 arm7_9
->load_hword_reg(target
, i
);
1783 /* fast memory reads are only safe when the target is running
1784 * from a sufficiently high clock (32 kHz is usually too slow)
1786 if (arm7_9
->fast_memory_access
)
1787 arm7_9_execute_fast_sys_speed(target
);
1789 arm7_9_execute_sys_speed(target
);
1792 arm7_9
->read_core_regs_target_buffer(target
, reg_list
, buffer
, 2);
1794 /* advance buffer, count number of accesses */
1795 buffer
+= thisrun_accesses
* 2;
1796 num_accesses
+= thisrun_accesses
;
1800 while (num_accesses
< count
)
1803 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1804 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1806 for (i
= 1; i
<= thisrun_accesses
; i
++)
1810 arm7_9
->load_byte_reg(target
, i
);
1811 /* fast memory reads are only safe when the target is running
1812 * from a sufficiently high clock (32 kHz is usually too slow)
1814 if (arm7_9
->fast_memory_access
)
1815 arm7_9_execute_fast_sys_speed(target
);
1817 arm7_9_execute_sys_speed(target
);
1820 arm7_9
->read_core_regs_target_buffer(target
, reg_list
, buffer
, 1);
1822 /* advance buffer, count number of accesses */
1823 buffer
+= thisrun_accesses
* 1;
1824 num_accesses
+= thisrun_accesses
;
1828 ERROR("BUG: we shouldn't get here");
1833 for (i
=0; i
<=last_reg
; i
++)
1834 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 1;
1836 arm7_9
->read_xpsr(target
, &cpsr
, 0);
1837 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1839 ERROR("JTAG error while reading cpsr");
1843 if (((cpsr
& 0x1f) == ARMV4_5_MODE_ABT
) && (armv4_5
->core_mode
!= ARMV4_5_MODE_ABT
))
1845 WARNING("memory read caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address
, size
, count
);
1847 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
1849 return ERROR_TARGET_DATA_ABORT
;
1855 int arm7_9_write_memory(struct target_s
*target
, u32 address
, u32 size
, u32 count
, u8
*buffer
)
1857 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1858 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
1859 reg_t
*dbg_ctrl
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_CTRL
];
1862 int num_accesses
= 0;
1863 int thisrun_accesses
;
1869 DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address
, size
, count
);
1871 if (target
->state
!= TARGET_HALTED
)
1873 WARNING("target not halted");
1874 return ERROR_TARGET_NOT_HALTED
;
1877 /* sanitize arguments */
1878 if (((size
!= 4) && (size
!= 2) && (size
!= 1)) || (count
== 0) || !(buffer
))
1879 return ERROR_INVALID_ARGUMENTS
;
1881 if (((size
== 4) && (address
& 0x3u
)) || ((size
== 2) && (address
& 0x1u
)))
1882 return ERROR_TARGET_UNALIGNED_ACCESS
;
1884 /* load the base register with the address of the first word */
1886 arm7_9
->write_core_regs(target
, 0x1, reg
);
1888 /* Clear DBGACK, to make sure memory fetches work as expected */
1889 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 0);
1890 embeddedice_store_reg(dbg_ctrl
);
1895 while (num_accesses
< count
)
1898 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1899 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1901 for (i
= 1; i
<= thisrun_accesses
; i
++)
1905 reg
[i
] = target_buffer_get_u32(target
, buffer
);
1909 arm7_9
->write_core_regs(target
, reg_list
, reg
);
1911 arm7_9
->store_word_regs(target
, reg_list
);
1913 /* fast memory writes are only safe when the target is running
1914 * from a sufficiently high clock (32 kHz is usually too slow)
1916 if (arm7_9
->fast_memory_access
)
1917 arm7_9_execute_fast_sys_speed(target
);
1919 arm7_9_execute_sys_speed(target
);
1921 num_accesses
+= thisrun_accesses
;
1925 while (num_accesses
< count
)
1928 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1929 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1931 for (i
= 1; i
<= thisrun_accesses
; i
++)
1935 reg
[i
] = target_buffer_get_u16(target
, buffer
) & 0xffff;
1939 arm7_9
->write_core_regs(target
, reg_list
, reg
);
1941 for (i
= 1; i
<= thisrun_accesses
; i
++)
1943 arm7_9
->store_hword_reg(target
, i
);
1945 /* fast memory writes are only safe when the target is running
1946 * from a sufficiently high clock (32 kHz is usually too slow)
1948 if (arm7_9
->fast_memory_access
)
1949 arm7_9_execute_fast_sys_speed(target
);
1951 arm7_9_execute_sys_speed(target
);
1954 num_accesses
+= thisrun_accesses
;
1958 while (num_accesses
< count
)
1961 thisrun_accesses
= ((count
- num_accesses
) >= 14) ? 14 : (count
- num_accesses
);
1962 reg_list
= (0xffff >> (15 - thisrun_accesses
)) & 0xfffe;
1964 for (i
= 1; i
<= thisrun_accesses
; i
++)
1968 reg
[i
] = *buffer
++ & 0xff;
1971 arm7_9
->write_core_regs(target
, reg_list
, reg
);
1973 for (i
= 1; i
<= thisrun_accesses
; i
++)
1975 arm7_9
->store_byte_reg(target
, i
);
1976 /* fast memory writes are only safe when the target is running
1977 * from a sufficiently high clock (32 kHz is usually too slow)
1979 if (arm7_9
->fast_memory_access
)
1980 arm7_9_execute_fast_sys_speed(target
);
1982 arm7_9_execute_sys_speed(target
);
1985 num_accesses
+= thisrun_accesses
;
1989 ERROR("BUG: we shouldn't get here");
1995 buf_set_u32(dbg_ctrl
->value
, EICE_DBG_CONTROL_DBGACK
, 1, 1);
1996 embeddedice_store_reg(dbg_ctrl
);
1998 for (i
=0; i
<=last_reg
; i
++)
1999 ARMV4_5_CORE_REG_MODE(armv4_5
->core_cache
, armv4_5
->core_mode
, i
).dirty
= 1;
2001 arm7_9
->read_xpsr(target
, &cpsr
, 0);
2002 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
2004 ERROR("JTAG error while reading cpsr");
2008 if (((cpsr
& 0x1f) == ARMV4_5_MODE_ABT
) && (armv4_5
->core_mode
!= ARMV4_5_MODE_ABT
))
2010 WARNING("memory write caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address
, size
, count
);
2012 arm7_9
->write_xpsr_im8(target
, buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8) & ~0x20, 0, 0);
2014 return ERROR_TARGET_DATA_ABORT
;
2020 int arm7_9_bulk_write_memory(target_t
*target
, u32 address
, u32 count
, u8
*buffer
)
2022 armv4_5_common_t
*armv4_5
= target
->arch_info
;
2023 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
2024 enum armv4_5_state core_state
= armv4_5
->core_state
;
2025 u32 r0
= buf_get_u32(armv4_5
->core_cache
->reg_list
[0].value
, 0, 32);
2026 u32 r1
= buf_get_u32(armv4_5
->core_cache
->reg_list
[1].value
, 0, 32);
2027 u32 pc
= buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32);
2032 /* MRC TST BNE MRC STR B */
2033 0xee101e10, 0xe3110001, 0x0afffffc, 0xee111e10, 0xe4801004, 0xeafffff9
2036 if (!arm7_9
->dcc_downloads
)
2037 return target
->type
->write_memory(target
, address
, 4, count
, buffer
);
2039 /* regrab previously allocated working_area, or allocate a new one */
2040 if (!arm7_9
->dcc_working_area
)
2042 u8 dcc_code_buf
[6 * 4];
2044 /* make sure we have a working area */
2045 if (target_alloc_working_area(target
, 24, &arm7_9
->dcc_working_area
) != ERROR_OK
)
2047 INFO("no working area available, falling back to memory writes");
2048 return target
->type
->write_memory(target
, address
, 4, count
, buffer
);
2051 /* copy target instructions to target endianness */
2052 for (i
= 0; i
< 6; i
++)
2054 target_buffer_set_u32(target
, dcc_code_buf
+ i
*4, dcc_code
[i
]);
2057 /* write DCC code to working area */
2058 target
->type
->write_memory(target
, arm7_9
->dcc_working_area
->address
, 4, 6, dcc_code_buf
);
2061 buf_set_u32(armv4_5
->core_cache
->reg_list
[0].value
, 0, 32, address
);
2062 armv4_5
->core_cache
->reg_list
[0].valid
= 1;
2063 armv4_5
->core_cache
->reg_list
[0].dirty
= 1;
2064 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
2066 arm7_9_resume(target
, 0, arm7_9
->dcc_working_area
->address
, 1, 1);
2068 for (i
= 0; i
< count
; i
++)
2070 embeddedice_write_reg(&arm7_9
->eice_cache
->reg_list
[EICE_COMMS_DATA
], target_buffer_get_u32(target
, buffer
));
2074 target
->type
->halt(target
);
2076 while (target
->state
!= TARGET_HALTED
)
2077 target
->type
->poll(target
);
2079 /* restore target state */
2080 buf_set_u32(armv4_5
->core_cache
->reg_list
[0].value
, 0, 32, r0
);
2081 armv4_5
->core_cache
->reg_list
[0].valid
= 1;
2082 armv4_5
->core_cache
->reg_list
[0].dirty
= 1;
2083 buf_set_u32(armv4_5
->core_cache
->reg_list
[1].value
, 0, 32, r1
);
2084 armv4_5
->core_cache
->reg_list
[1].valid
= 1;
2085 armv4_5
->core_cache
->reg_list
[1].dirty
= 1;
2086 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, pc
);
2087 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
2088 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
2089 armv4_5
->core_state
= core_state
;
2094 int arm7_9_register_commands(struct command_context_s
*cmd_ctx
)
2096 command_t
*arm7_9_cmd
;
2098 arm7_9_cmd
= register_command(cmd_ctx
, NULL
, "arm7_9", NULL
, COMMAND_ANY
, "arm7/9 specific commands");
2100 register_command(cmd_ctx
, arm7_9_cmd
, "etm", handle_arm7_9_etm_command
, COMMAND_CONFIG
, NULL
);
2101 register_command(cmd_ctx
, arm7_9_cmd
, "etb", handle_arm7_9_etb_command
, COMMAND_CONFIG
, NULL
);
2103 register_command(cmd_ctx
, arm7_9_cmd
, "write_xpsr", handle_arm7_9_write_xpsr_command
, COMMAND_EXEC
, "write program status register <value> <not cpsr|spsr>");
2104 register_command(cmd_ctx
, arm7_9_cmd
, "write_xpsr_im8", handle_arm7_9_write_xpsr_im8_command
, COMMAND_EXEC
, "write program status register <8bit immediate> <rotate> <not cpsr|spsr>");
2106 register_command(cmd_ctx
, arm7_9_cmd
, "write_core_reg", handle_arm7_9_write_core_reg_command
, COMMAND_EXEC
, "write core register <num> <mode> <value>");
2108 register_command(cmd_ctx
, arm7_9_cmd
, "sw_bkpts", handle_arm7_9_sw_bkpts_command
, COMMAND_EXEC
, "support for software breakpoints <enable|disable>");
2109 register_command(cmd_ctx
, arm7_9_cmd
, "force_hw_bkpts", handle_arm7_9_force_hw_bkpts_command
, COMMAND_EXEC
, "use hardware breakpoints for all breakpoints (disables sw breakpoint support) <enable|disable>");
2110 register_command(cmd_ctx
, arm7_9_cmd
, "dbgrq", handle_arm7_9_dbgrq_command
,
2111 COMMAND_ANY
, "use EmbeddedICE dbgrq instead of breakpoint for target halt requests <enable|disable>");
2112 register_command(cmd_ctx
, arm7_9_cmd
, "fast_writes", handle_arm7_9_fast_memory_access_command
,
2113 COMMAND_ANY
, "(deprecated, see: arm7_9 fast_memory_access)");
2114 register_command(cmd_ctx
, arm7_9_cmd
, "fast_memory_access", handle_arm7_9_fast_memory_access_command
,
2115 COMMAND_ANY
, "use fast memory accesses instead of slower but potentially unsafe slow accesses <enable|disable>");
2116 register_command(cmd_ctx
, arm7_9_cmd
, "dcc_downloads", handle_arm7_9_dcc_downloads_command
,
2117 COMMAND_ANY
, "use DCC downloads for larger memory writes <enable|disable>");
2119 armv4_5_register_commands(cmd_ctx
);
2124 int handle_arm7_9_write_xpsr_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2129 target_t
*target
= get_current_target(cmd_ctx
);
2130 armv4_5_common_t
*armv4_5
;
2131 arm7_9_common_t
*arm7_9
;
2133 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2135 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2139 if (target
->state
!= TARGET_HALTED
)
2141 command_print(cmd_ctx
, "can't write registers while running");
2147 command_print(cmd_ctx
, "usage: write_xpsr <value> <not cpsr|spsr>");
2151 value
= strtoul(args
[0], NULL
, 0);
2152 spsr
= strtol(args
[1], NULL
, 0);
2154 /* if we're writing the CPSR, mask the T bit */
2158 arm7_9
->write_xpsr(target
, value
, spsr
);
2159 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
2161 ERROR("JTAG error while writing to xpsr");
2168 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2174 target_t
*target
= get_current_target(cmd_ctx
);
2175 armv4_5_common_t
*armv4_5
;
2176 arm7_9_common_t
*arm7_9
;
2178 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2180 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2184 if (target
->state
!= TARGET_HALTED
)
2186 command_print(cmd_ctx
, "can't write registers while running");
2192 command_print(cmd_ctx
, "usage: write_xpsr_im8 <im8> <rotate> <not cpsr|spsr>");
2196 value
= strtoul(args
[0], NULL
, 0);
2197 rotate
= strtol(args
[1], NULL
, 0);
2198 spsr
= strtol(args
[2], NULL
, 0);
2200 arm7_9
->write_xpsr_im8(target
, value
, rotate
, spsr
);
2201 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
2203 ERROR("JTAG error while writing 8-bit immediate to xpsr");
2210 int handle_arm7_9_write_core_reg_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2215 target_t
*target
= get_current_target(cmd_ctx
);
2216 armv4_5_common_t
*armv4_5
;
2217 arm7_9_common_t
*arm7_9
;
2219 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2221 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2225 if (target
->state
!= TARGET_HALTED
)
2227 command_print(cmd_ctx
, "can't write registers while running");
2233 command_print(cmd_ctx
, "usage: write_core_reg <num> <mode> <value>");
2237 num
= strtol(args
[0], NULL
, 0);
2238 mode
= strtoul(args
[1], NULL
, 0);
2239 value
= strtoul(args
[2], NULL
, 0);
2241 arm7_9_write_core_reg(target
, num
, mode
, value
);
2246 int handle_arm7_9_sw_bkpts_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2248 target_t
*target
= get_current_target(cmd_ctx
);
2249 armv4_5_common_t
*armv4_5
;
2250 arm7_9_common_t
*arm7_9
;
2252 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2254 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2260 command_print(cmd_ctx
, "software breakpoints %s", (arm7_9
->sw_bkpts_enabled
) ? "enabled" : "disabled");
2264 if (strcmp("enable", args
[0]) == 0)
2266 if (arm7_9
->sw_bkpts_use_wp
)
2268 arm7_9_enable_sw_bkpts(target
);
2272 arm7_9
->sw_bkpts_enabled
= 1;
2275 else if (strcmp("disable", args
[0]) == 0)
2277 if (arm7_9
->sw_bkpts_use_wp
)
2279 arm7_9_disable_sw_bkpts(target
);
2283 arm7_9
->sw_bkpts_enabled
= 0;
2288 command_print(cmd_ctx
, "usage: arm7_9 sw_bkpts <enable|disable>");
2291 command_print(cmd_ctx
, "software breakpoints %s", (arm7_9
->sw_bkpts_enabled
) ? "enabled" : "disabled");
2296 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2298 target_t
*target
= get_current_target(cmd_ctx
);
2299 armv4_5_common_t
*armv4_5
;
2300 arm7_9_common_t
*arm7_9
;
2302 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2304 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2308 if ((argc
>= 1) && (strcmp("enable", args
[0]) == 0))
2310 arm7_9
->force_hw_bkpts
= 1;
2311 if (arm7_9
->sw_bkpts_use_wp
)
2313 arm7_9_disable_sw_bkpts(target
);
2316 else if ((argc
>= 1) && (strcmp("disable", args
[0]) == 0))
2318 arm7_9
->force_hw_bkpts
= 0;
2322 command_print(cmd_ctx
, "usage: arm7_9 force_hw_bkpts <enable|disable>");
2325 command_print(cmd_ctx
, "force hardware breakpoints %s", (arm7_9
->force_hw_bkpts
) ? "enabled" : "disabled");
2330 int handle_arm7_9_dbgrq_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2332 target_t
*target
= get_current_target(cmd_ctx
);
2333 armv4_5_common_t
*armv4_5
;
2334 arm7_9_common_t
*arm7_9
;
2336 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2338 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2344 if (strcmp("enable", args
[0]) == 0)
2346 arm7_9
->use_dbgrq
= 1;
2348 else if (strcmp("disable", args
[0]) == 0)
2350 arm7_9
->use_dbgrq
= 0;
2354 command_print(cmd_ctx
, "usage: arm7_9 dbgrq <enable|disable>");
2358 command_print(cmd_ctx
, "use of EmbeddedICE dbgrq instead of breakpoint for target halt %s", (arm7_9
->use_dbgrq
) ? "enabled" : "disabled");
2363 int handle_arm7_9_fast_memory_access_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2365 target_t
*target
= get_current_target(cmd_ctx
);
2366 armv4_5_common_t
*armv4_5
;
2367 arm7_9_common_t
*arm7_9
;
2369 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2371 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2377 if (strcmp("enable", args
[0]) == 0)
2379 arm7_9
->fast_memory_access
= 1;
2381 else if (strcmp("disable", args
[0]) == 0)
2383 arm7_9
->fast_memory_access
= 0;
2387 command_print(cmd_ctx
, "usage: arm7_9 fast_memory_access <enable|disable>");
2391 command_print(cmd_ctx
, "fast memory access is %s", (arm7_9
->fast_memory_access
) ? "enabled" : "disabled");
2396 int handle_arm7_9_dcc_downloads_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2398 target_t
*target
= get_current_target(cmd_ctx
);
2399 armv4_5_common_t
*armv4_5
;
2400 arm7_9_common_t
*arm7_9
;
2402 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2404 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2410 if (strcmp("enable", args
[0]) == 0)
2412 arm7_9
->dcc_downloads
= 1;
2414 else if (strcmp("disable", args
[0]) == 0)
2416 arm7_9
->dcc_downloads
= 0;
2420 command_print(cmd_ctx
, "usage: arm7_9 dcc_downloads <enable|disable>");
2424 command_print(cmd_ctx
, "dcc downloads are %s", (arm7_9
->dcc_downloads
) ? "enabled" : "disabled");
2429 int handle_arm7_9_etm_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2432 armv4_5_common_t
*armv4_5
;
2433 arm7_9_common_t
*arm7_9
;
2437 ERROR("incomplete 'arm7_9 etm <target>' command");
2441 target
= get_target_by_num(strtoul(args
[0], NULL
, 0));
2445 ERROR("target number '%s' not defined", args
[0]);
2449 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2451 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2455 arm7_9
->has_etm
= 1;
2460 int handle_arm7_9_etb_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
2463 jtag_device_t
*jtag_device
;
2464 armv4_5_common_t
*armv4_5
;
2465 arm7_9_common_t
*arm7_9
;
2469 ERROR("incomplete 'arm7_9 etb <target> <chain_pos>' command");
2473 target
= get_target_by_num(strtoul(args
[0], NULL
, 0));
2477 ERROR("target number '%s' not defined", args
[0]);
2481 if (arm7_9_get_arch_pointers(target
, &armv4_5
, &arm7_9
) != ERROR_OK
)
2483 command_print(cmd_ctx
, "current target isn't an ARM7/ARM9 target");
2487 jtag_device
= jtag_get_device(strtoul(args
[1], NULL
, 0));
2491 ERROR("jtag device number '%s' not defined", args
[1]);
2495 arm7_9
->etb
= malloc(sizeof(etb_t
));
2497 arm7_9
->etb
->chain_pos
= strtoul(args
[1], NULL
, 0);
2498 arm7_9
->etb
->cur_scan_chain
= -1;
2499 arm7_9
->etb
->reg_cache
= NULL
;
2504 int arm7_9_init_arch_info(target_t
*target
, arm7_9_common_t
*arm7_9
)
2506 armv4_5_common_t
*armv4_5
= &arm7_9
->armv4_5_common
;
2508 arm7_9
->common_magic
= ARM7_9_COMMON_MAGIC
;
2510 arm_jtag_setup_connection(&arm7_9
->jtag_info
);
2511 arm7_9
->wp_available
= 2;
2512 arm7_9
->wp0_used
= 0;
2513 arm7_9
->wp1_used
= 0;
2514 arm7_9
->force_hw_bkpts
= 0;
2515 arm7_9
->use_dbgrq
= 0;
2517 arm7_9
->has_etm
= 0;
2519 arm7_9
->has_single_step
= 0;
2520 arm7_9
->has_monitor_mode
= 0;
2521 arm7_9
->has_vector_catch
= 0;
2523 arm7_9
->reinit_embeddedice
= 0;
2525 arm7_9
->debug_entry_from_reset
= 0;
2527 arm7_9
->dcc_working_area
= NULL
;
2529 arm7_9
->fast_memory_access
= 0;
2530 arm7_9
->dcc_downloads
= 0;
2532 jtag_register_event_callback(arm7_9_jtag_callback
, target
);
2534 armv4_5
->arch_info
= arm7_9
;
2535 armv4_5
->read_core_reg
= arm7_9_read_core_reg
;
2536 armv4_5
->write_core_reg
= arm7_9_write_core_reg
;
2537 armv4_5
->full_context
= arm7_9_full_context
;
2539 armv4_5_init_arch_info(target
, armv4_5
);
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)