Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
target/register: use an array of uint8_t for register's value
[openocd.git] / src / target / arm7_9_common.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2007-2010 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
10 * *
11 * Copyright (C) 2008 by Hongtao Zheng *
12 * hontor@126.com *
13 * *
14 * Copyright (C) 2009 by David Brownell *
15 * *
16 * This program is free software; you can redistribute it and/or modify *
17 * it under the terms of the GNU General Public License as published by *
18 * the Free Software Foundation; either version 2 of the License, or *
19 * (at your option) any later version. *
20 * *
21 * This program is distributed in the hope that it will be useful, *
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
24 * GNU General Public License for more details. *
25 * *
26 * You should have received a copy of the GNU General Public License *
27 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
28 ***************************************************************************/
29
30 #ifdef HAVE_CONFIG_H
31 #include "config.h"
32 #endif
33
34 #include "breakpoints.h"
35 #include "embeddedice.h"
36 #include "target_request.h"
37 #include "etm.h"
38 #include <helper/time_support.h>
39 #include "arm_simulator.h"
40 #include "arm_semihosting.h"
41 #include "algorithm.h"
42 #include "register.h"
43 #include "armv4_5.h"
44
45 /**
46 * @file
47 * Hold common code supporting the ARM7 and ARM9 core generations.
48 *
49 * While the ARM core implementations evolved substantially during these
50 * two generations, they look quite similar from the JTAG perspective.
51 * Both have similar debug facilities, based on the same two scan chains
52 * providing access to the core and to an EmbeddedICE module. Both can
53 * support similar ETM and ETB modules, for tracing. And both expose
54 * what could be viewed as "ARM Classic", with multiple processor modes,
55 * shadowed registers, and support for the Thumb instruction set.
56 *
57 * Processor differences include things like presence or absence of MMU
58 * and cache, pipeline sizes, use of a modified Harvard Architecture
59 * (with separate instruction and data buses from the CPU), support
60 * for cpu clock gating during idle, and more.
61 */
62
63 static int arm7_9_debug_entry(struct target *target);
64
65 /**
66 * Clear watchpoints for an ARM7/9 target.
67 *
68 * @param arm7_9 Pointer to the common struct for an ARM7/9 target
69 * @return JTAG error status after executing queue
70 */
71 static int arm7_9_clear_watchpoints(struct arm7_9_common *arm7_9)
72 {
73 LOG_DEBUG("-");
74 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
75 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
76 arm7_9->sw_breakpoint_count = 0;
77 arm7_9->sw_breakpoints_added = 0;
78 arm7_9->wp0_used = 0;
79 arm7_9->wp1_used = arm7_9->wp1_used_default;
80 arm7_9->wp_available = arm7_9->wp_available_max;
81
82 return jtag_execute_queue();
83 }
84
85 /**
86 * Assign a watchpoint to one of the two available hardware comparators in an
87 * ARM7 or ARM9 target.
88 *
89 * @param arm7_9 Pointer to the common struct for an ARM7/9 target
90 * @param breakpoint Pointer to the breakpoint to be used as a watchpoint
91 */
92 static void arm7_9_assign_wp(struct arm7_9_common *arm7_9, struct breakpoint *breakpoint)
93 {
94 if (!arm7_9->wp0_used) {
95 arm7_9->wp0_used = 1;
96 breakpoint->set = 1;
97 arm7_9->wp_available--;
98 } else if (!arm7_9->wp1_used) {
99 arm7_9->wp1_used = 1;
100 breakpoint->set = 2;
101 arm7_9->wp_available--;
102 } else
103 LOG_ERROR("BUG: no hardware comparator available");
104
105 LOG_DEBUG("BPID: %" PRIu32 " (0x%08" TARGET_PRIxADDR ") using hw wp: %d",
106 breakpoint->unique_id,
107 breakpoint->address,
108 breakpoint->set);
109 }
110
111 /**
112 * Setup an ARM7/9 target's embedded ICE registers for software breakpoints.
113 *
114 * @param arm7_9 Pointer to common struct for ARM7/9 targets
115 * @return Error codes if there is a problem finding a watchpoint or the result
116 * of executing the JTAG queue
117 */
118 static int arm7_9_set_software_breakpoints(struct arm7_9_common *arm7_9)
119 {
120 if (arm7_9->sw_breakpoints_added)
121 return ERROR_OK;
122 if (arm7_9->wp_available < 1) {
123 LOG_WARNING("can't enable sw breakpoints with no watchpoint unit available");
124 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
125 }
126 arm7_9->wp_available--;
127
128 /* pick a breakpoint unit */
129 if (!arm7_9->wp0_used) {
130 arm7_9->sw_breakpoints_added = 1;
131 arm7_9->wp0_used = 3;
132 } else if (!arm7_9->wp1_used) {
133 arm7_9->sw_breakpoints_added = 2;
134 arm7_9->wp1_used = 3;
135 } else {
136 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
137 return ERROR_FAIL;
138 }
139
140 if (arm7_9->sw_breakpoints_added == 1) {
141 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], arm7_9->arm_bkpt);
142 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0x0);
143 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffffu);
144 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
145 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
146 } else if (arm7_9->sw_breakpoints_added == 2) {
147 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], arm7_9->arm_bkpt);
148 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0x0);
149 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0xffffffffu);
150 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
151 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
152 } else {
153 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
154 return ERROR_FAIL;
155 }
156 LOG_DEBUG("SW BP using hw wp: %d",
157 arm7_9->sw_breakpoints_added);
158
159 return jtag_execute_queue();
160 }
161
162 /**
163 * Setup the common pieces for an ARM7/9 target after reset or on startup.
164 *
165 * @param target Pointer to an ARM7/9 target to setup
166 * @return Result of clearing the watchpoints on the target
167 */
168 static int arm7_9_setup(struct target *target)
169 {
170 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
171
172 return arm7_9_clear_watchpoints(arm7_9);
173 }
174
175 /**
176 * Set either a hardware or software breakpoint on an ARM7/9 target. The
177 * breakpoint is set up even if it is already set. Some actions, e.g. reset,
178 * might have erased the values in Embedded ICE.
179 *
180 * @param target Pointer to the target device to set the breakpoints on
181 * @param breakpoint Pointer to the breakpoint to be set
182 * @return For hardware breakpoints, this is the result of executing the JTAG
183 * queue. For software breakpoints, this will be the status of the
184 * required memory reads and writes
185 */
186 static int arm7_9_set_breakpoint(struct target *target, struct breakpoint *breakpoint)
187 {
188 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
189 int retval = ERROR_OK;
190
191 LOG_DEBUG("BPID: %" PRIu32 ", Address: 0x%08" TARGET_PRIxADDR ", Type: %d",
192 breakpoint->unique_id,
193 breakpoint->address,
194 breakpoint->type);
195
196 if (target->state != TARGET_HALTED) {
197 LOG_WARNING("target not halted");
198 return ERROR_TARGET_NOT_HALTED;
199 }
200
201 if (breakpoint->type == BKPT_HARD) {
202 /* either an ARM (4 byte) or Thumb (2 byte) breakpoint */
203 uint32_t mask = (breakpoint->length == 4) ? 0x3u : 0x1u;
204
205 /* reassign a hw breakpoint */
206 if (breakpoint->set == 0)
207 arm7_9_assign_wp(arm7_9, breakpoint);
208
209 if (breakpoint->set == 1) {
210 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], breakpoint->address);
211 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
212 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffffu);
213 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
214 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
215 } else if (breakpoint->set == 2) {
216 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], breakpoint->address);
217 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
218 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffffu);
219 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
220 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
221 } else {
222 LOG_ERROR("BUG: no hardware comparator available");
223 return ERROR_OK;
224 }
225
226 retval = jtag_execute_queue();
227 } else if (breakpoint->type == BKPT_SOFT) {
228 /* did we already set this breakpoint? */
229 if (breakpoint->set)
230 return ERROR_OK;
231
232 if (breakpoint->length == 4) {
233 uint32_t verify = 0xffffffff;
234 /* keep the original instruction in target endianness */
235 retval = target_read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr);
236 if (retval != ERROR_OK)
237 return retval;
238 /* write the breakpoint instruction in target
239 * endianness (arm7_9->arm_bkpt is host endian) */
240 retval = target_write_u32(target, breakpoint->address, arm7_9->arm_bkpt);
241 if (retval != ERROR_OK)
242 return retval;
243
244 retval = target_read_u32(target, breakpoint->address, &verify);
245 if (retval != ERROR_OK)
246 return retval;
247 if (verify != arm7_9->arm_bkpt) {
248 LOG_ERROR("Unable to set 32 bit software breakpoint at address %08" TARGET_PRIxADDR
249 " - check that memory is read/writable", breakpoint->address);
250 return ERROR_OK;
251 }
252 } else {
253 uint16_t verify = 0xffff;
254 /* keep the original instruction in target endianness */
255 retval = target_read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr);
256 if (retval != ERROR_OK)
257 return retval;
258 /* write the breakpoint instruction in target
259 * endianness (arm7_9->thumb_bkpt is host endian) */
260 retval = target_write_u16(target, breakpoint->address, arm7_9->thumb_bkpt);
261 if (retval != ERROR_OK)
262 return retval;
263
264 retval = target_read_u16(target, breakpoint->address, &verify);
265 if (retval != ERROR_OK)
266 return retval;
267 if (verify != arm7_9->thumb_bkpt) {
268 LOG_ERROR("Unable to set thumb software breakpoint at address %08" TARGET_PRIxADDR
269 " - check that memory is read/writable", breakpoint->address);
270 return ERROR_OK;
271 }
272 }
273
274 retval = arm7_9_set_software_breakpoints(arm7_9);
275 if (retval != ERROR_OK)
276 return retval;
277
278 arm7_9->sw_breakpoint_count++;
279
280 breakpoint->set = 1;
281 }
282
283 return retval;
284 }
285
286 /**
287 * Unsets an existing breakpoint on an ARM7/9 target. If it is a hardware
288 * breakpoint, the watchpoint used will be freed and the Embedded ICE registers
289 * will be updated. Otherwise, the software breakpoint will be restored to its
290 * original instruction if it hasn't already been modified.
291 *
292 * @param target Pointer to ARM7/9 target to unset the breakpoint from
293 * @param breakpoint Pointer to breakpoint to be unset
294 * @return For hardware breakpoints, this is the result of executing the JTAG
295 * queue. For software breakpoints, this will be the status of the
296 * required memory reads and writes
297 */
298 static int arm7_9_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
299 {
300 int retval = ERROR_OK;
301 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
302
303 LOG_DEBUG("BPID: %" PRIu32 ", Address: 0x%08" TARGET_PRIxADDR,
304 breakpoint->unique_id,
305 breakpoint->address);
306
307 if (!breakpoint->set) {
308 LOG_WARNING("breakpoint not set");
309 return ERROR_OK;
310 }
311
312 if (breakpoint->type == BKPT_HARD) {
313 LOG_DEBUG("BPID: %" PRIu32 " Releasing hw wp: %d",
314 breakpoint->unique_id,
315 breakpoint->set);
316 if (breakpoint->set == 1) {
317 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
318 arm7_9->wp0_used = 0;
319 arm7_9->wp_available++;
320 } else if (breakpoint->set == 2) {
321 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
322 arm7_9->wp1_used = 0;
323 arm7_9->wp_available++;
324 }
325 retval = jtag_execute_queue();
326 breakpoint->set = 0;
327 } else {
328 /* restore original instruction (kept in target endianness) */
329 if (breakpoint->length == 4) {
330 uint32_t current_instr;
331 /* check that user program as not modified breakpoint instruction */
332 retval = target_read_memory(target,
333 breakpoint->address, 4, 1, (uint8_t *)&current_instr);
334 if (retval != ERROR_OK)
335 return retval;
336 current_instr = target_buffer_get_u32(target, (uint8_t *)&current_instr);
337 if (current_instr == arm7_9->arm_bkpt) {
338 retval = target_write_memory(target,
339 breakpoint->address, 4, 1, breakpoint->orig_instr);
340 if (retval != ERROR_OK)
341 return retval;
342 }
343
344 } else {
345 uint16_t current_instr;
346 /* check that user program as not modified breakpoint instruction */
347 retval = target_read_memory(target,
348 breakpoint->address, 2, 1, (uint8_t *)&current_instr);
349 if (retval != ERROR_OK)
350 return retval;
351 current_instr = target_buffer_get_u16(target, (uint8_t *)&current_instr);
352 if (current_instr == arm7_9->thumb_bkpt) {
353 retval = target_write_memory(target,
354 breakpoint->address, 2, 1, breakpoint->orig_instr);
355 if (retval != ERROR_OK)
356 return retval;
357 }
358 }
359
360 if (--arm7_9->sw_breakpoint_count == 0) {
361 /* We have removed the last sw breakpoint, clear the hw breakpoint we used
362 *to implement it */
363 if (arm7_9->sw_breakpoints_added == 1)
364 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[
365 EICE_W0_CONTROL_VALUE], 0);
366 else if (arm7_9->sw_breakpoints_added == 2)
367 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[
368 EICE_W1_CONTROL_VALUE], 0);
369 }
370
371 breakpoint->set = 0;
372 }
373
374 return retval;
375 }
376
377 /**
378 * Add a breakpoint to an ARM7/9 target. This makes sure that there are no
379 * dangling breakpoints and that the desired breakpoint can be added.
380 *
381 * @param target Pointer to the target ARM7/9 device to add a breakpoint to
382 * @param breakpoint Pointer to the breakpoint to be added
383 * @return An error status if there is a problem adding the breakpoint or the
384 * result of setting the breakpoint
385 */
386 int arm7_9_add_breakpoint(struct target *target, struct breakpoint *breakpoint)
387 {
388 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
389
390 if (arm7_9->breakpoint_count == 0) {
391 /* make sure we don't have any dangling breakpoints. This is vital upon
392 * GDB connect/disconnect
393 */
394 arm7_9_clear_watchpoints(arm7_9);
395 }
396
397 if ((breakpoint->type == BKPT_HARD) && (arm7_9->wp_available < 1)) {
398 LOG_INFO("no watchpoint unit available for hardware breakpoint");
399 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
400 }
401
402 if ((breakpoint->length != 2) && (breakpoint->length != 4)) {
403 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
404 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
405 }
406
407 if (breakpoint->type == BKPT_HARD)
408 arm7_9_assign_wp(arm7_9, breakpoint);
409
410 arm7_9->breakpoint_count++;
411
412 return arm7_9_set_breakpoint(target, breakpoint);
413 }
414
415 /**
416 * Removes a breakpoint from an ARM7/9 target. This will make sure there are no
417 * dangling breakpoints and updates available watchpoints if it is a hardware
418 * breakpoint.
419 *
420 * @param target Pointer to the target to have a breakpoint removed
421 * @param breakpoint Pointer to the breakpoint to be removed
422 * @return Error status if there was a problem unsetting the breakpoint or the
423 * watchpoints could not be cleared
424 */
425 int arm7_9_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
426 {
427 int retval = ERROR_OK;
428 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
429
430 retval = arm7_9_unset_breakpoint(target, breakpoint);
431 if (retval != ERROR_OK)
432 return retval;
433
434 if (breakpoint->type == BKPT_HARD)
435 arm7_9->wp_available++;
436
437 arm7_9->breakpoint_count--;
438 if (arm7_9->breakpoint_count == 0) {
439 /* make sure we don't have any dangling breakpoints */
440 retval = arm7_9_clear_watchpoints(arm7_9);
441 if (retval != ERROR_OK)
442 return retval;
443 }
444
445 return ERROR_OK;
446 }
447
448 /**
449 * Sets a watchpoint for an ARM7/9 target in one of the watchpoint units. It is
450 * considered a bug to call this function when there are no available watchpoint
451 * units.
452 *
453 * @param target Pointer to an ARM7/9 target to set a watchpoint on
454 * @param watchpoint Pointer to the watchpoint to be set
455 * @return Error status if watchpoint set fails or the result of executing the
456 * JTAG queue
457 */
458 static int arm7_9_set_watchpoint(struct target *target, struct watchpoint *watchpoint)
459 {
460 int retval = ERROR_OK;
461 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
462 int rw_mask = 1;
463 uint32_t mask;
464
465 mask = watchpoint->length - 1;
466
467 if (target->state != TARGET_HALTED) {
468 LOG_WARNING("target not halted");
469 return ERROR_TARGET_NOT_HALTED;
470 }
471
472 if (watchpoint->rw == WPT_ACCESS)
473 rw_mask = 0;
474 else
475 rw_mask = 1;
476
477 if (!arm7_9->wp0_used) {
478 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE],
479 watchpoint->address);
480 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
481 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK],
482 watchpoint->mask);
483 if (watchpoint->mask != 0xffffffffu)
484 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE],
485 watchpoint->value);
486 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK],
487 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
488 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE],
489 EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
490
491 retval = jtag_execute_queue();
492 if (retval != ERROR_OK)
493 return retval;
494 watchpoint->set = 1;
495 arm7_9->wp0_used = 2;
496 } else if (!arm7_9->wp1_used) {
497 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE],
498 watchpoint->address);
499 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
500 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK],
501 watchpoint->mask);
502 if (watchpoint->mask != 0xffffffffu)
503 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE],
504 watchpoint->value);
505 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK],
506 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
507 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE],
508 EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
509
510 retval = jtag_execute_queue();
511 if (retval != ERROR_OK)
512 return retval;
513 watchpoint->set = 2;
514 arm7_9->wp1_used = 2;
515 } else {
516 LOG_ERROR("BUG: no hardware comparator available");
517 return ERROR_OK;
518 }
519
520 return ERROR_OK;
521 }
522
523 /**
524 * Unset an existing watchpoint and clear the used watchpoint unit.
525 *
526 * @param target Pointer to the target to have the watchpoint removed
527 * @param watchpoint Pointer to the watchpoint to be removed
528 * @return Error status while trying to unset the watchpoint or the result of
529 * executing the JTAG queue
530 */
531 static int arm7_9_unset_watchpoint(struct target *target, struct watchpoint *watchpoint)
532 {
533 int retval = ERROR_OK;
534 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
535
536 if (target->state != TARGET_HALTED) {
537 LOG_WARNING("target not halted");
538 return ERROR_TARGET_NOT_HALTED;
539 }
540
541 if (!watchpoint->set) {
542 LOG_WARNING("breakpoint not set");
543 return ERROR_OK;
544 }
545
546 if (watchpoint->set == 1) {
547 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
548 retval = jtag_execute_queue();
549 if (retval != ERROR_OK)
550 return retval;
551 arm7_9->wp0_used = 0;
552 } else if (watchpoint->set == 2) {
553 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
554 retval = jtag_execute_queue();
555 if (retval != ERROR_OK)
556 return retval;
557 arm7_9->wp1_used = 0;
558 }
559 watchpoint->set = 0;
560
561 return ERROR_OK;
562 }
563
564 /**
565 * Add a watchpoint to an ARM7/9 target. If there are no watchpoint units
566 * available, an error response is returned.
567 *
568 * @param target Pointer to the ARM7/9 target to add a watchpoint to
569 * @param watchpoint Pointer to the watchpoint to be added
570 * @return Error status while trying to add the watchpoint
571 */
572 int arm7_9_add_watchpoint(struct target *target, struct watchpoint *watchpoint)
573 {
574 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
575
576 if (arm7_9->wp_available < 1)
577 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
578
579 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
580 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
581
582 arm7_9->wp_available--;
583
584 return ERROR_OK;
585 }
586
587 /**
588 * Remove a watchpoint from an ARM7/9 target. The watchpoint will be unset and
589 * the used watchpoint unit will be reopened.
590 *
591 * @param target Pointer to the target to remove a watchpoint from
592 * @param watchpoint Pointer to the watchpoint to be removed
593 * @return Result of trying to unset the watchpoint
594 */
595 int arm7_9_remove_watchpoint(struct target *target, struct watchpoint *watchpoint)
596 {
597 int retval = ERROR_OK;
598 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
599
600 if (watchpoint->set) {
601 retval = arm7_9_unset_watchpoint(target, watchpoint);
602 if (retval != ERROR_OK)
603 return retval;
604 }
605
606 arm7_9->wp_available++;
607
608 return ERROR_OK;
609 }
610
611 /**
612 * Restarts the target by sending a RESTART instruction and moving the JTAG
613 * state to IDLE. This includes a timeout waiting for DBGACK and SYSCOMP to be
614 * asserted by the processor.
615 *
616 * @param target Pointer to target to issue commands to
617 * @return Error status if there is a timeout or a problem while executing the
618 * JTAG queue
619 */
620 int arm7_9_execute_sys_speed(struct target *target)
621 {
622 int retval;
623 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
624 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
625 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
626
627 /* set RESTART instruction */
628 if (arm7_9->need_bypass_before_restart) {
629 arm7_9->need_bypass_before_restart = 0;
630 retval = arm_jtag_set_instr(jtag_info->tap, 0xf, NULL, TAP_IDLE);
631 if (retval != ERROR_OK)
632 return retval;
633 }
634 retval = arm_jtag_set_instr(jtag_info->tap, 0x4, NULL, TAP_IDLE);
635 if (retval != ERROR_OK)
636 return retval;
637
638 int64_t then = timeval_ms();
639 bool timeout;
640 while (!(timeout = ((timeval_ms()-then) > 1000))) {
641 /* read debug status register */
642 embeddedice_read_reg(dbg_stat);
643 retval = jtag_execute_queue();
644 if (retval != ERROR_OK)
645 return retval;
646 if ((buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
647 && (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_SYSCOMP, 1)))
648 break;
649 if (debug_level >= 3)
650 alive_sleep(100);
651 else
652 keep_alive();
653 }
654 if (timeout) {
655 LOG_ERROR("timeout waiting for SYSCOMP & DBGACK, last DBG_STATUS: %" PRIx32 "",
656 buf_get_u32(dbg_stat->value, 0, dbg_stat->size));
657 return ERROR_TARGET_TIMEOUT;
658 }
659
660 return ERROR_OK;
661 }
662
663 /**
664 * Restarts the target by sending a RESTART instruction and moving the JTAG
665 * state to IDLE. This validates that DBGACK and SYSCOMP are set without
666 * waiting until they are.
667 *
668 * @param target Pointer to the target to issue commands to
669 * @return Always ERROR_OK
670 */
671 static int arm7_9_execute_fast_sys_speed(struct target *target)
672 {
673 static int set;
674 static uint8_t check_value[4], check_mask[4];
675
676 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
677 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
678 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
679 int retval;
680
681 /* set RESTART instruction */
682 if (arm7_9->need_bypass_before_restart) {
683 arm7_9->need_bypass_before_restart = 0;
684 retval = arm_jtag_set_instr(jtag_info->tap, 0xf, NULL, TAP_IDLE);
685 if (retval != ERROR_OK)
686 return retval;
687 }
688 retval = arm_jtag_set_instr(jtag_info->tap, 0x4, NULL, TAP_IDLE);
689 if (retval != ERROR_OK)
690 return retval;
691
692 if (!set) {
693 /* check for DBGACK and SYSCOMP set (others don't care) */
694
695 /* NB! These are constants that must be available until after next jtag_execute() and
696 * we evaluate the values upon first execution in lieu of setting up these constants
697 * during early setup.
698 * */
699 buf_set_u32(check_value, 0, 32, 0x9);
700 buf_set_u32(check_mask, 0, 32, 0x9);
701 set = 1;
702 }
703
704 /* read debug status register */
705 embeddedice_read_reg_w_check(dbg_stat, check_value, check_mask);
706
707 return ERROR_OK;
708 }
709
710 /**
711 * Get some data from the ARM7/9 target.
712 *
713 * @param target Pointer to the ARM7/9 target to read data from
714 * @param size The number of 32bit words to be read
715 * @param buffer Pointer to the buffer that will hold the data
716 * @return The result of receiving data from the Embedded ICE unit
717 */
718 int arm7_9_target_request_data(struct target *target, uint32_t size, uint8_t *buffer)
719 {
720 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
721 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
722 uint32_t *data;
723 int retval = ERROR_OK;
724 uint32_t i;
725
726 data = malloc(size * (sizeof(uint32_t)));
727
728 retval = embeddedice_receive(jtag_info, data, size);
729
730 /* return the 32-bit ints in the 8-bit array */
731 for (i = 0; i < size; i++)
732 h_u32_to_le(buffer + (i * 4), data[i]);
733
734 free(data);
735
736 return retval;
737 }
738
739 /**
740 * Handles requests to an ARM7/9 target. If debug messaging is enabled, the
741 * target is running and the DCC control register has the W bit high, this will
742 * execute the request on the target.
743 *
744 * @param priv Void pointer expected to be a struct target pointer
745 * @return ERROR_OK unless there are issues with the JTAG queue or when reading
746 * from the Embedded ICE unit
747 */
748 static int arm7_9_handle_target_request(void *priv)
749 {
750 int retval = ERROR_OK;
751 struct target *target = priv;
752 if (!target_was_examined(target))
753 return ERROR_OK;
754 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
755 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
756 struct reg *dcc_control = &arm7_9->eice_cache->reg_list[EICE_COMMS_CTRL];
757
758 if (!target->dbg_msg_enabled)
759 return ERROR_OK;
760
761 if (target->state == TARGET_RUNNING) {
762 /* read DCC control register */
763 embeddedice_read_reg(dcc_control);
764 retval = jtag_execute_queue();
765 if (retval != ERROR_OK)
766 return retval;
767
768 /* check W bit */
769 if (buf_get_u32(dcc_control->value, 1, 1) == 1) {
770 uint32_t request;
771
772 retval = embeddedice_receive(jtag_info, &request, 1);
773 if (retval != ERROR_OK)
774 return retval;
775 retval = target_request(target, request);
776 if (retval != ERROR_OK)
777 return retval;
778 }
779 }
780
781 return ERROR_OK;
782 }
783
784 /**
785 * Polls an ARM7/9 target for its current status. If DBGACK is set, the target
786 * is manipulated to the right halted state based on its current state. This is
787 * what happens:
788 *
789 * <table>
790 * <tr><th > State</th><th > Action</th></tr>
791 * <tr><td > TARGET_RUNNING | TARGET_RESET</td>
792 * <td > Enters debug mode. If TARGET_RESET, pc may be checked</td></tr>
793 * <tr><td > TARGET_UNKNOWN</td><td > Warning is logged</td></tr>
794 * <tr><td > TARGET_DEBUG_RUNNING</td><td > Enters debug mode</td></tr>
795 * <tr><td > TARGET_HALTED</td><td > Nothing</td></tr>
796 * </table>
797 *
798 * If the target does not end up in the halted state, a warning is produced. If
799 * DBGACK is cleared, then the target is expected to either be running or
800 * running in debug.
801 *
802 * @param target Pointer to the ARM7/9 target to poll
803 * @return ERROR_OK or an error status if a command fails
804 */
805 int arm7_9_poll(struct target *target)
806 {
807 int retval;
808 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
809 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
810
811 /* read debug status register */
812 embeddedice_read_reg(dbg_stat);
813 retval = jtag_execute_queue();
814 if (retval != ERROR_OK)
815 return retval;
816
817 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1)) {
818 /* LOG_DEBUG("DBGACK set, dbg_state->value: 0x%x", buf_get_u32(dbg_stat->value, 0, *32));*/
819 if (target->state == TARGET_UNKNOWN) {
820 /* Starting OpenOCD with target in debug-halt */
821 target->state = TARGET_RUNNING;
822 LOG_DEBUG("DBGACK already set during server startup.");
823 }
824 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_RESET)) {
825 target->state = TARGET_HALTED;
826
827 retval = arm7_9_debug_entry(target);
828 if (retval != ERROR_OK)
829 return retval;
830
831 if (arm_semihosting(target, &retval) != 0)
832 return retval;
833
834 retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED);
835 if (retval != ERROR_OK)
836 return retval;
837 }
838 if (target->state == TARGET_DEBUG_RUNNING) {
839 target->state = TARGET_HALTED;
840 retval = arm7_9_debug_entry(target);
841 if (retval != ERROR_OK)
842 return retval;
843
844 retval = target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
845 if (retval != ERROR_OK)
846 return retval;
847 }
848 if (target->state != TARGET_HALTED)
849 LOG_WARNING(
850 "DBGACK set, but the target did not end up in the halted state %d",
851 target->state);
852 } else {
853 if (target->state != TARGET_DEBUG_RUNNING)
854 target->state = TARGET_RUNNING;
855 }
856
857 return ERROR_OK;
858 }
859
860 /**
861 * Asserts the reset (SRST) on an ARM7/9 target. Some -S targets (ARM966E-S in
862 * the STR912 isn't affected, ARM926EJ-S in the LPC3180 and AT91SAM9260 is
863 * affected) completely stop the JTAG clock while the core is held in reset
864 * (SRST). It isn't possible to program the halt condition once reset is
865 * asserted, hence a hook that allows the target to set up its reset-halt
866 * condition is setup prior to asserting reset.
867 *
868 * @param target Pointer to an ARM7/9 target to assert reset on
869 * @return ERROR_FAIL if the JTAG device does not have SRST, otherwise ERROR_OK
870 */
871 int arm7_9_assert_reset(struct target *target)
872 {
873 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
874 enum reset_types jtag_reset_config = jtag_get_reset_config();
875 bool use_event = false;
876
877 /* TODO: apply hw reset signal in not examined state */
878 if (!(target_was_examined(target))) {
879 LOG_WARNING("Reset is not asserted because the target is not examined.");
880 LOG_WARNING("Use a reset button or power cycle the target.");
881 return ERROR_TARGET_NOT_EXAMINED;
882 }
883
884 LOG_DEBUG("target->state: %s", target_state_name(target));
885
886 if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT))
887 use_event = true;
888 else if (!(jtag_reset_config & RESET_HAS_SRST)) {
889 LOG_ERROR("%s: how to reset?", target_name(target));
890 return ERROR_FAIL;
891 }
892
893 /* At this point trst has been asserted/deasserted once. We would
894 * like to program EmbeddedICE while SRST is asserted, instead of
895 * depending on SRST to leave that module alone. However, many CPUs
896 * gate the JTAG clock while SRST is asserted; or JTAG may need
897 * clock stability guarantees (adaptive clocking might help).
898 *
899 * So we assume JTAG access during SRST is off the menu unless it's
900 * been specifically enabled.
901 */
902 bool srst_asserted = false;
903
904 if (!use_event && !(jtag_reset_config & RESET_SRST_PULLS_TRST)
905 && (jtag_reset_config & RESET_SRST_NO_GATING)) {
906 jtag_add_reset(0, 1);
907 srst_asserted = true;
908 }
909
910 if (target->reset_halt) {
911 /*
912 * For targets that don't support communication while SRST is
913 * asserted, we need to set up the reset vector catch first.
914 *
915 * When we use TRST+SRST and that's equivalent to a power-up
916 * reset, these settings may well be reset anyway; so setting
917 * them here won't matter.
918 */
919 if (arm7_9->has_vector_catch) {
920 /* program vector catch register to catch reset */
921 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH], 0x1);
922
923 /* extra runtest added as issues were found with
924 * certain ARM9 cores (maybe more) - AT91SAM9260
925 * and STR9
926 */
927 jtag_add_runtest(1, TAP_IDLE);
928 } else {
929 /* program watchpoint unit to match on reset vector
930 * address
931 */
932 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], 0x0);
933 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0x3);
934 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
935 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
936 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
937 }
938 }
939
940 if (use_event)
941 target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
942 else {
943 /* If we use SRST ... we'd like to issue just SRST, but the
944 * board or chip may be set up so we have to assert TRST as
945 * well. On some chips that combination is equivalent to a
946 * power-up reset, and generally clobbers EICE state.
947 */
948 if (jtag_reset_config & RESET_SRST_PULLS_TRST)
949 jtag_add_reset(1, 1);
950 else if (!srst_asserted)
951 jtag_add_reset(0, 1);
952 jtag_add_sleep(50000);
953 }
954
955 target->state = TARGET_RESET;
956 register_cache_invalidate(arm7_9->arm.core_cache);
957
958 /* REVISIT why isn't standard debug entry logic sufficient?? */
959 if (target->reset_halt && (!(jtag_reset_config & RESET_SRST_PULLS_TRST) || use_event)) {
960 /* debug entry was prepared above */
961 target->debug_reason = DBG_REASON_DBGRQ;
962 }
963
964 return ERROR_OK;
965 }
966
967 /**
968 * Deassert the reset (SRST) signal on an ARM7/9 target. If SRST pulls TRST
969 * and the target is being reset into a halt, a warning will be triggered
970 * because it is not possible to reset into a halted mode in this case. The
971 * target is halted using the target's functions.
972 *
973 * @param target Pointer to the target to have the reset deasserted
974 * @return ERROR_OK or an error from polling or halting the target
975 */
976 int arm7_9_deassert_reset(struct target *target)
977 {
978 int retval = ERROR_OK;
979 LOG_DEBUG("target->state: %s", target_state_name(target));
980
981 /* deassert reset lines */
982 jtag_add_reset(0, 0);
983
984 /* In case polling is disabled, we need to examine the
985 * target and poll here for this target to work correctly.
986 *
987 * Otherwise, e.g. halt will fail afterwards with bogus
988 * error messages as halt will believe that reset is
989 * still in effect.
990 */
991 retval = target_examine_one(target);
992 if (retval != ERROR_OK)
993 return retval;
994
995 retval = target_poll(target);
996 if (retval != ERROR_OK)
997 return retval;
998
999 enum reset_types jtag_reset_config = jtag_get_reset_config();
1000 if (target->reset_halt && (jtag_reset_config & RESET_SRST_PULLS_TRST) != 0) {
1001 LOG_WARNING(
1002 "srst pulls trst - can not reset into halted mode. Issuing halt after reset.");
1003 retval = target_halt(target);
1004 if (retval != ERROR_OK)
1005 return retval;
1006 }
1007 return retval;
1008 }
1009
1010 /**
1011 * Clears the halt condition for an ARM7/9 target. If it isn't coming out of
1012 * reset and if DBGRQ is used, it is programmed to be deasserted. If the reset
1013 * vector catch was used, it is restored. Otherwise, the control value is
1014 * restored and the watchpoint unit is restored if it was in use.
1015 *
1016 * @param target Pointer to the ARM7/9 target to have halt cleared
1017 * @return Always ERROR_OK
1018 */
1019 static int arm7_9_clear_halt(struct target *target)
1020 {
1021 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1022 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1023
1024 /* we used DBGRQ only if we didn't come out of reset */
1025 if (!arm7_9->debug_entry_from_reset && arm7_9->use_dbgrq) {
1026 /* program EmbeddedICE Debug Control Register to deassert DBGRQ
1027 */
1028 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1029 embeddedice_store_reg(dbg_ctrl);
1030 } else {
1031 if (arm7_9->debug_entry_from_reset && arm7_9->has_vector_catch) {
1032 /* if we came out of reset, and vector catch is supported, we used
1033 * vector catch to enter debug state
1034 * restore the register in that case
1035 */
1036 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH]);
1037 } else {
1038 /* restore registers if watchpoint unit 0 was in use
1039 */
1040 if (arm7_9->wp0_used) {
1041 if (arm7_9->debug_entry_from_reset)
1042 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[
1043 EICE_W0_ADDR_VALUE]);
1044 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[
1045 EICE_W0_ADDR_MASK]);
1046 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[
1047 EICE_W0_DATA_MASK]);
1048 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[
1049 EICE_W0_CONTROL_MASK]);
1050 }
1051 /* control value always has to be restored, as it was either disabled,
1052 * or enabled with possibly different bits
1053 */
1054 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1055 }
1056 }
1057
1058 return ERROR_OK;
1059 }
1060
1061 /**
1062 * Issue a software reset and halt to an ARM7/9 target. The target is halted
1063 * and then there is a wait until the processor shows the halt. This wait can
1064 * timeout and results in an error being returned. The software reset involves
1065 * clearing the halt, updating the debug control register, changing to ARM mode,
1066 * reset of the program counter, and reset of all of the registers.
1067 *
1068 * @param target Pointer to the ARM7/9 target to be reset and halted by software
1069 * @return Error status if any of the commands fail, otherwise ERROR_OK
1070 */
1071 int arm7_9_soft_reset_halt(struct target *target)
1072 {
1073 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1074 struct arm *arm = &arm7_9->arm;
1075 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1076 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1077 int i;
1078 int retval;
1079
1080 /* FIX!!! replace some of this code with tcl commands
1081 *
1082 * halt # the halt command is synchronous
1083 * armv4_5 core_state arm
1084 *
1085 */
1086
1087 retval = target_halt(target);
1088 if (retval != ERROR_OK)
1089 return retval;
1090
1091 long long then = timeval_ms();
1092 int timeout;
1093 while (!(timeout = ((timeval_ms()-then) > 1000))) {
1094 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) != 0)
1095 break;
1096 embeddedice_read_reg(dbg_stat);
1097 retval = jtag_execute_queue();
1098 if (retval != ERROR_OK)
1099 return retval;
1100 if (debug_level >= 3)
1101 alive_sleep(100);
1102 else
1103 keep_alive();
1104 }
1105 if (timeout) {
1106 LOG_ERROR("Failed to halt CPU after 1 sec");
1107 return ERROR_TARGET_TIMEOUT;
1108 }
1109 target->state = TARGET_HALTED;
1110
1111 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1112 * ensure that DBGRQ is cleared
1113 */
1114 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1115 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1116 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1117 embeddedice_store_reg(dbg_ctrl);
1118
1119 retval = arm7_9_clear_halt(target);
1120 if (retval != ERROR_OK)
1121 return retval;
1122
1123 /* if the target is in Thumb state, change to ARM state */
1124 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1)) {
1125 uint32_t r0_thumb, pc_thumb;
1126 LOG_DEBUG("target entered debug from Thumb state, changing to ARM");
1127 /* Entered debug from Thumb mode */
1128 arm->core_state = ARM_STATE_THUMB;
1129 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1130 }
1131
1132 /* REVISIT likewise for bit 5 -- switch Jazelle-to-ARM */
1133
1134 /* all register content is now invalid */
1135 register_cache_invalidate(arm->core_cache);
1136
1137 /* SVC, ARM state, IRQ and FIQ disabled */
1138 uint32_t cpsr;
1139
1140 cpsr = buf_get_u32(arm->cpsr->value, 0, 32);
1141 cpsr &= ~0xff;
1142 cpsr |= 0xd3;
1143 arm_set_cpsr(arm, cpsr);
1144 arm->cpsr->dirty = true;
1145
1146 /* start fetching from 0x0 */
1147 buf_set_u32(arm->pc->value, 0, 32, 0x0);
1148 arm->pc->dirty = true;
1149 arm->pc->valid = true;
1150
1151 /* reset registers */
1152 for (i = 0; i <= 14; i++) {
1153 struct reg *r = arm_reg_current(arm, i);
1154
1155 buf_set_u32(r->value, 0, 32, 0xffffffff);
1156 r->dirty = true;
1157 r->valid = true;
1158 }
1159
1160 retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1161 if (retval != ERROR_OK)
1162 return retval;
1163
1164 return ERROR_OK;
1165 }
1166
1167 /**
1168 * Halt an ARM7/9 target. This is accomplished by either asserting the DBGRQ
1169 * line or by programming a watchpoint to trigger on any address. It is
1170 * considered a bug to call this function while the target is in the
1171 * TARGET_RESET state.
1172 *
1173 * @param target Pointer to the ARM7/9 target to be halted
1174 * @return Always ERROR_OK
1175 */
1176 int arm7_9_halt(struct target *target)
1177 {
1178 if (target->state == TARGET_RESET) {
1179 LOG_ERROR(
1180 "BUG: arm7/9 does not support halt during reset. This is handled in arm7_9_assert_reset()");
1181 return ERROR_OK;
1182 }
1183
1184 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1185 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1186
1187 LOG_DEBUG("target->state: %s",
1188 target_state_name(target));
1189
1190 if (target->state == TARGET_HALTED) {
1191 LOG_DEBUG("target was already halted");
1192 return ERROR_OK;
1193 }
1194
1195 if (target->state == TARGET_UNKNOWN)
1196 LOG_WARNING("target was in unknown state when halt was requested");
1197
1198 if (arm7_9->use_dbgrq) {
1199 /* program EmbeddedICE Debug Control Register to assert DBGRQ
1200 */
1201 if (arm7_9->set_special_dbgrq)
1202 arm7_9->set_special_dbgrq(target);
1203 else {
1204 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 1);
1205 embeddedice_store_reg(dbg_ctrl);
1206 }
1207 } else {
1208 /* program watchpoint unit to match on any address
1209 */
1210 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1211 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1212 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE],
1213 EICE_W_CTRL_ENABLE);
1214 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK],
1215 ~EICE_W_CTRL_nOPC & 0xff);
1216 }
1217
1218 target->debug_reason = DBG_REASON_DBGRQ;
1219
1220 return ERROR_OK;
1221 }
1222
1223 /**
1224 * Handle an ARM7/9 target's entry into debug mode. The halt is cleared on the
1225 * ARM. The JTAG queue is then executed and the reason for debug entry is
1226 * examined. Once done, the target is verified to be halted and the processor
1227 * is forced into ARM mode. The core registers are saved for the current core
1228 * mode and the program counter (register 15) is updated as needed. The core
1229 * registers and CPSR and SPSR are saved for restoration later.
1230 *
1231 * @param target Pointer to target that is entering debug mode
1232 * @return Error code if anything fails, otherwise ERROR_OK
1233 */
1234 static int arm7_9_debug_entry(struct target *target)
1235 {
1236 int i;
1237 uint32_t context[16];
1238 uint32_t *context_p[16];
1239 uint32_t r0_thumb, pc_thumb;
1240 uint32_t cpsr, cpsr_mask = 0;
1241 int retval;
1242 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1243 struct arm *arm = &arm7_9->arm;
1244 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1245 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1246
1247 #ifdef _DEBUG_ARM7_9_
1248 LOG_DEBUG("-");
1249 #endif
1250
1251 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1252 * ensure that DBGRQ is cleared
1253 */
1254 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1255 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1256 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1257 embeddedice_store_reg(dbg_ctrl);
1258
1259 retval = arm7_9_clear_halt(target);
1260 if (retval != ERROR_OK)
1261 return retval;
1262
1263 retval = jtag_execute_queue();
1264 if (retval != ERROR_OK)
1265 return retval;
1266
1267 retval = arm7_9->examine_debug_reason(target);
1268 if (retval != ERROR_OK)
1269 return retval;
1270
1271 if (target->state != TARGET_HALTED) {
1272 LOG_WARNING("target not halted");
1273 return ERROR_TARGET_NOT_HALTED;
1274 }
1275
1276 /* if the target is in Thumb state, change to ARM state */
1277 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1)) {
1278 LOG_DEBUG("target entered debug from Thumb state");
1279 /* Entered debug from Thumb mode */
1280 arm->core_state = ARM_STATE_THUMB;
1281 cpsr_mask = 1 << 5;
1282 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1283 LOG_DEBUG("r0_thumb: 0x%8.8" PRIx32
1284 ", pc_thumb: 0x%8.8" PRIx32, r0_thumb, pc_thumb);
1285 } else if (buf_get_u32(dbg_stat->value, 5, 1)) {
1286 /* \todo Get some vaguely correct handling of Jazelle, if
1287 * anyone ever uses it and full info becomes available.
1288 * See ARM9EJS TRM B.7.1 for how to switch J->ARM; and
1289 * B.7.3 for the reverse. That'd be the bare minimum...
1290 */
1291 LOG_DEBUG("target entered debug from Jazelle state");
1292 arm->core_state = ARM_STATE_JAZELLE;
1293 cpsr_mask = 1 << 24;
1294 LOG_ERROR("Jazelle debug entry -- BROKEN!");
1295 } else {
1296 LOG_DEBUG("target entered debug from ARM state");
1297 /* Entered debug from ARM mode */
1298 arm->core_state = ARM_STATE_ARM;
1299 }
1300
1301 for (i = 0; i < 16; i++)
1302 context_p[i] = &context[i];
1303 /* save core registers (r0 - r15 of current core mode) */
1304 arm7_9->read_core_regs(target, 0xffff, context_p);
1305
1306 arm7_9->read_xpsr(target, &cpsr, 0);
1307
1308 retval = jtag_execute_queue();
1309 if (retval != ERROR_OK)
1310 return retval;
1311
1312 /* Sync our CPSR copy with J or T bits EICE reported, but
1313 * which we then erased by putting the core into ARM mode.
1314 */
1315 arm_set_cpsr(arm, cpsr | cpsr_mask);
1316
1317 if (!is_arm_mode(arm->core_mode)) {
1318 target->state = TARGET_UNKNOWN;
1319 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1320 return ERROR_TARGET_FAILURE;
1321 }
1322
1323 LOG_DEBUG("target entered debug state in %s mode",
1324 arm_mode_name(arm->core_mode));
1325
1326 if (arm->core_state == ARM_STATE_THUMB) {
1327 LOG_DEBUG("thumb state, applying fixups");
1328 context[0] = r0_thumb;
1329 context[15] = pc_thumb;
1330 } else if (arm->core_state == ARM_STATE_ARM) {
1331 /* adjust value stored by STM */
1332 context[15] -= 3 * 4;
1333 }
1334
1335 if ((target->debug_reason != DBG_REASON_DBGRQ) || (!arm7_9->use_dbgrq))
1336 context[15] -= 3 * ((arm->core_state == ARM_STATE_ARM) ? 4 : 2);
1337 else
1338 context[15] -= arm7_9->dbgreq_adjust_pc *
1339 ((arm->core_state == ARM_STATE_ARM) ? 4 : 2);
1340
1341 for (i = 0; i <= 15; i++) {
1342 struct reg *r = arm_reg_current(arm, i);
1343
1344 LOG_DEBUG("r%i: 0x%8.8" PRIx32 "", i, context[i]);
1345
1346 buf_set_u32(r->value, 0, 32, context[i]);
1347 /* r0 and r15 (pc) have to be restored later */
1348 r->dirty = (i == 0) || (i == 15);
1349 r->valid = true;
1350 }
1351
1352 LOG_DEBUG("entered debug state at PC 0x%" PRIx32 "", context[15]);
1353
1354 /* exceptions other than USR & SYS have a saved program status register */
1355 if (arm->spsr) {
1356 uint32_t spsr;
1357 arm7_9->read_xpsr(target, &spsr, 1);
1358 retval = jtag_execute_queue();
1359 if (retval != ERROR_OK)
1360 return retval;
1361 buf_set_u32(arm->spsr->value, 0, 32, spsr);
1362 arm->spsr->dirty = false;
1363 arm->spsr->valid = true;
1364 }
1365
1366 retval = jtag_execute_queue();
1367 if (retval != ERROR_OK)
1368 return retval;
1369
1370 if (arm7_9->post_debug_entry) {
1371 retval = arm7_9->post_debug_entry(target);
1372 if (retval != ERROR_OK)
1373 return retval;
1374 }
1375
1376 return ERROR_OK;
1377 }
1378
1379 /**
1380 * Validate the full context for an ARM7/9 target in all processor modes. If
1381 * there are any invalid registers for the target, they will all be read. This
1382 * includes the PSR.
1383 *
1384 * @param target Pointer to the ARM7/9 target to capture the full context from
1385 * @return Error if the target is not halted, has an invalid core mode, or if
1386 * the JTAG queue fails to execute
1387 */
1388 static int arm7_9_full_context(struct target *target)
1389 {
1390 int i;
1391 int retval;
1392 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1393 struct arm *arm = &arm7_9->arm;
1394 struct {
1395 uint32_t value;
1396 uint8_t *reg_p;
1397 } read_cache[6 * (16 + 1)];
1398 int read_cache_idx = 0;
1399
1400 LOG_DEBUG("-");
1401
1402 if (target->state != TARGET_HALTED) {
1403 LOG_WARNING("target not halted");
1404 return ERROR_TARGET_NOT_HALTED;
1405 }
1406
1407 if (!is_arm_mode(arm->core_mode)) {
1408 LOG_ERROR("not a valid arm core mode - communication failure?");
1409 return ERROR_FAIL;
1410 }
1411
1412 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1413 * SYS shares registers with User, so we don't touch SYS
1414 */
1415 for (i = 0; i < 6; i++) {
1416 uint32_t mask = 0;
1417 uint32_t *reg_p[16];
1418 int j;
1419 bool valid = true;
1420
1421 /* check if there are invalid registers in the current mode
1422 */
1423 for (j = 0; j <= 16; j++) {
1424 if (!ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i), j).valid)
1425 valid = false;
1426 }
1427
1428 if (!valid) {
1429 uint32_t tmp_cpsr;
1430
1431 /* change processor mode (and mask T bit) */
1432 tmp_cpsr = buf_get_u32(arm->cpsr->value, 0, 8)
1433 & 0xe0;
1434 tmp_cpsr |= armv4_5_number_to_mode(i);
1435 tmp_cpsr &= ~0x20;
1436 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1437
1438 for (j = 0; j < 15; j++) {
1439 if (!ARMV4_5_CORE_REG_MODE(arm->core_cache,
1440 armv4_5_number_to_mode(i), j).valid) {
1441 read_cache[read_cache_idx].reg_p = ARMV4_5_CORE_REG_MODE(
1442 arm->core_cache,
1443 armv4_5_number_to_mode(i),
1444 j).value;
1445 reg_p[j] = &read_cache[read_cache_idx].value;
1446 read_cache_idx++;
1447 mask |= 1 << j;
1448 ARMV4_5_CORE_REG_MODE(arm->core_cache,
1449 armv4_5_number_to_mode(i),
1450 j).valid = true;
1451 ARMV4_5_CORE_REG_MODE(arm->core_cache,
1452 armv4_5_number_to_mode(i),
1453 j).dirty = false;
1454 }
1455 }
1456
1457 /* if only the PSR is invalid, mask is all zeroes */
1458 if (mask)
1459 arm7_9->read_core_regs(target, mask, reg_p);
1460
1461 /* check if the PSR has to be read */
1462 if (!ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i),
1463 16).valid) {
1464 read_cache[read_cache_idx].reg_p = ARMV4_5_CORE_REG_MODE(arm->core_cache,
1465 armv4_5_number_to_mode(i), 16).value;
1466 arm7_9->read_xpsr(target, &read_cache[read_cache_idx].value, 1);
1467 read_cache_idx++;
1468 ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i),
1469 16).valid = true;
1470 ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i),
1471 16).dirty = false;
1472 }
1473 }
1474 }
1475
1476 /* restore processor mode (mask T bit) */
1477 arm7_9->write_xpsr_im8(target,
1478 buf_get_u32(arm->cpsr->value, 0, 8) & ~0x20, 0, 0);
1479
1480 retval = jtag_execute_queue();
1481 if (retval != ERROR_OK)
1482 return retval;
1483 /*
1484 * FIXME: regs in cache should be tagged as 'valid' only now,
1485 * not before the jtag_execute_queue()
1486 */
1487 while (read_cache_idx) {
1488 read_cache_idx--;
1489 buf_set_u32(read_cache[read_cache_idx].reg_p, 0, 32, read_cache[read_cache_idx].value);
1490 }
1491 return ERROR_OK;
1492 }
1493
1494 /**
1495 * Restore the processor context on an ARM7/9 target. The full processor
1496 * context is analyzed to see if any of the registers are dirty on this end, but
1497 * have a valid new value. If this is the case, the processor is changed to the
1498 * appropriate mode and the new register values are written out to the
1499 * processor. If there happens to be a dirty register with an invalid value, an
1500 * error will be logged.
1501 *
1502 * @param target Pointer to the ARM7/9 target to have its context restored
1503 * @return Error status if the target is not halted or the core mode in the
1504 * armv4_5 struct is invalid.
1505 */
1506 static int arm7_9_restore_context(struct target *target)
1507 {
1508 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1509 struct arm *arm = &arm7_9->arm;
1510 struct reg *reg;
1511 enum arm_mode current_mode = arm->core_mode;
1512 int i, j;
1513 bool dirty;
1514 int mode_change;
1515
1516 LOG_DEBUG("-");
1517
1518 if (target->state != TARGET_HALTED) {
1519 LOG_WARNING("target not halted");
1520 return ERROR_TARGET_NOT_HALTED;
1521 }
1522
1523 if (arm7_9->pre_restore_context)
1524 arm7_9->pre_restore_context(target);
1525
1526 if (!is_arm_mode(arm->core_mode)) {
1527 LOG_ERROR("not a valid arm core mode - communication failure?");
1528 return ERROR_FAIL;
1529 }
1530
1531 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1532 * SYS shares registers with User, so we don't touch SYS
1533 */
1534 for (i = 0; i < 6; i++) {
1535 LOG_DEBUG("examining %s mode",
1536 arm_mode_name(arm->core_mode));
1537 dirty = false;
1538 mode_change = 0;
1539 /* check if there are dirty registers in the current mode
1540 */
1541 for (j = 0; j <= 16; j++) {
1542 reg = &ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i), j);
1543 if (reg->dirty) {
1544 if (reg->valid) {
1545 dirty = true;
1546 LOG_DEBUG("examining dirty reg: %s", reg->name);
1547 struct arm_reg *reg_arch_info;
1548 reg_arch_info = reg->arch_info;
1549 if ((reg_arch_info->mode != ARM_MODE_ANY)
1550 && (reg_arch_info->mode != current_mode)
1551 && !((reg_arch_info->mode == ARM_MODE_USR)
1552 && (arm->core_mode == ARM_MODE_SYS))
1553 && !((reg_arch_info->mode == ARM_MODE_SYS)
1554 && (arm->core_mode == ARM_MODE_USR))) {
1555 mode_change = 1;
1556 LOG_DEBUG("require mode change");
1557 }
1558 } else
1559 LOG_ERROR("BUG: dirty register '%s', but no valid data",
1560 reg->name);
1561 }
1562 }
1563
1564 if (dirty) {
1565 uint32_t mask = 0x0;
1566 int num_regs = 0;
1567 uint32_t regs[16];
1568
1569 if (mode_change) {
1570 uint32_t tmp_cpsr;
1571
1572 /* change processor mode (mask T bit) */
1573 tmp_cpsr = buf_get_u32(arm->cpsr->value,
1574 0, 8) & 0xe0;
1575 tmp_cpsr |= armv4_5_number_to_mode(i);
1576 tmp_cpsr &= ~0x20;
1577 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1578 current_mode = armv4_5_number_to_mode(i);
1579 }
1580
1581 for (j = 0; j <= 14; j++) {
1582 reg = &ARMV4_5_CORE_REG_MODE(arm->core_cache,
1583 armv4_5_number_to_mode(i),
1584 j);
1585
1586 if (reg->dirty) {
1587 regs[j] = buf_get_u32(reg->value, 0, 32);
1588 mask |= 1 << j;
1589 num_regs++;
1590 reg->dirty = false;
1591 reg->valid = true;
1592 LOG_DEBUG("writing register %i mode %s "
1593 "with value 0x%8.8" PRIx32, j,
1594 arm_mode_name(arm->core_mode),
1595 regs[j]);
1596 }
1597 }
1598
1599 if (mask)
1600 arm7_9->write_core_regs(target, mask, regs);
1601
1602 reg =
1603 &ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(
1604 i), 16);
1605 struct arm_reg *reg_arch_info;
1606 reg_arch_info = reg->arch_info;
1607 if ((reg->dirty) && (reg_arch_info->mode != ARM_MODE_ANY)) {
1608 LOG_DEBUG("writing SPSR of mode %i with value 0x%8.8" PRIx32 "",
1609 i,
1610 buf_get_u32(reg->value, 0, 32));
1611 arm7_9->write_xpsr(target, buf_get_u32(reg->value, 0, 32), 1);
1612 }
1613 }
1614 }
1615
1616 if (!arm->cpsr->dirty && (arm->core_mode != current_mode)) {
1617 /* restore processor mode (mask T bit) */
1618 uint32_t tmp_cpsr;
1619
1620 tmp_cpsr = buf_get_u32(arm->cpsr->value, 0, 8) & 0xE0;
1621 tmp_cpsr |= armv4_5_number_to_mode(i);
1622 tmp_cpsr &= ~0x20;
1623 LOG_DEBUG("writing lower 8 bit of cpsr with value 0x%2.2x", (unsigned)(tmp_cpsr));
1624 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1625
1626 } else if (arm->cpsr->dirty) {
1627 /* CPSR has been changed, full restore necessary (mask T bit) */
1628 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32,
1629 buf_get_u32(arm->cpsr->value, 0, 32));
1630 arm7_9->write_xpsr(target,
1631 buf_get_u32(arm->cpsr->value, 0, 32)
1632 & ~0x20, 0);
1633 arm->cpsr->dirty = false;
1634 arm->cpsr->valid = true;
1635 }
1636
1637 /* restore PC */
1638 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32,
1639 buf_get_u32(arm->pc->value, 0, 32));
1640 arm7_9->write_pc(target, buf_get_u32(arm->pc->value, 0, 32));
1641 arm->pc->dirty = false;
1642
1643 return ERROR_OK;
1644 }
1645
1646 /**
1647 * Restart the core of an ARM7/9 target. A RESTART command is sent to the
1648 * instruction register and the JTAG state is set to TAP_IDLE causing a core
1649 * restart.
1650 *
1651 * @param target Pointer to the ARM7/9 target to be restarted
1652 * @return Result of executing the JTAG queue
1653 */
1654 static int arm7_9_restart_core(struct target *target)
1655 {
1656 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1657 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
1658 int retval;
1659
1660 /* set RESTART instruction */
1661 if (arm7_9->need_bypass_before_restart) {
1662 arm7_9->need_bypass_before_restart = 0;
1663
1664 retval = arm_jtag_set_instr(jtag_info->tap, 0xf, NULL, TAP_IDLE);
1665 if (retval != ERROR_OK)
1666 return retval;
1667 }
1668 retval = arm_jtag_set_instr(jtag_info->tap, 0x4, NULL, TAP_IDLE);
1669 if (retval != ERROR_OK)
1670 return retval;
1671
1672 jtag_add_runtest(1, TAP_IDLE);
1673 return jtag_execute_queue();
1674 }
1675
1676 /**
1677 * Enable the watchpoints on an ARM7/9 target. The target's watchpoints are
1678 * iterated through and are set on the target if they aren't already set.
1679 *
1680 * @param target Pointer to the ARM7/9 target to enable watchpoints on
1681 */
1682 static void arm7_9_enable_watchpoints(struct target *target)
1683 {
1684 struct watchpoint *watchpoint = target->watchpoints;
1685
1686 while (watchpoint) {
1687 if (watchpoint->set == 0)
1688 arm7_9_set_watchpoint(target, watchpoint);
1689 watchpoint = watchpoint->next;
1690 }
1691 }
1692
1693 /**
1694 * Enable the breakpoints on an ARM7/9 target. The target's breakpoints are
1695 * iterated through and are set on the target.
1696 *
1697 * @param target Pointer to the ARM7/9 target to enable breakpoints on
1698 */
1699 static void arm7_9_enable_breakpoints(struct target *target)
1700 {
1701 struct breakpoint *breakpoint = target->breakpoints;
1702
1703 /* set any pending breakpoints */
1704 while (breakpoint) {
1705 arm7_9_set_breakpoint(target, breakpoint);
1706 breakpoint = breakpoint->next;
1707 }
1708 }
1709
1710 int arm7_9_resume(struct target *target,
1711 int current,
1712 target_addr_t address,
1713 int handle_breakpoints,
1714 int debug_execution)
1715 {
1716 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1717 struct arm *arm = &arm7_9->arm;
1718 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1719 int err, retval = ERROR_OK;
1720
1721 LOG_DEBUG("-");
1722
1723 if (target->state != TARGET_HALTED) {
1724 LOG_WARNING("target not halted");
1725 return ERROR_TARGET_NOT_HALTED;
1726 }
1727
1728 if (!debug_execution)
1729 target_free_all_working_areas(target);
1730
1731 /* current = 1: continue on current pc, otherwise continue at <address> */
1732 if (!current)
1733 buf_set_u32(arm->pc->value, 0, 32, address);
1734
1735 uint32_t current_pc;
1736 current_pc = buf_get_u32(arm->pc->value, 0, 32);
1737
1738 /* the front-end may request us not to handle breakpoints */
1739 if (handle_breakpoints) {
1740 struct breakpoint *breakpoint;
1741 breakpoint = breakpoint_find(target,
1742 buf_get_u32(arm->pc->value, 0, 32));
1743 if (breakpoint != NULL) {
1744 LOG_DEBUG("unset breakpoint at 0x%8.8" TARGET_PRIxADDR " (id: %" PRIu32,
1745 breakpoint->address,
1746 breakpoint->unique_id);
1747 retval = arm7_9_unset_breakpoint(target, breakpoint);
1748 if (retval != ERROR_OK)
1749 return retval;
1750
1751 /* calculate PC of next instruction */
1752 uint32_t next_pc;
1753 retval = arm_simulate_step(target, &next_pc);
1754 if (retval != ERROR_OK) {
1755 uint32_t current_opcode;
1756 target_read_u32(target, current_pc, &current_opcode);
1757 LOG_ERROR(
1758 "Couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "",
1759 current_opcode);
1760 return retval;
1761 }
1762
1763 LOG_DEBUG("enable single-step");
1764 arm7_9->enable_single_step(target, next_pc);
1765
1766 target->debug_reason = DBG_REASON_SINGLESTEP;
1767
1768 retval = arm7_9_restore_context(target);
1769 if (retval != ERROR_OK)
1770 return retval;
1771
1772 if (arm->core_state == ARM_STATE_ARM)
1773 arm7_9->branch_resume(target);
1774 else if (arm->core_state == ARM_STATE_THUMB)
1775 arm7_9->branch_resume_thumb(target);
1776 else {
1777 LOG_ERROR("unhandled core state");
1778 return ERROR_FAIL;
1779 }
1780
1781 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1782 embeddedice_write_reg(dbg_ctrl,
1783 buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1784 err = arm7_9_execute_sys_speed(target);
1785
1786 LOG_DEBUG("disable single-step");
1787 arm7_9->disable_single_step(target);
1788
1789 if (err != ERROR_OK) {
1790 retval = arm7_9_set_breakpoint(target, breakpoint);
1791 if (retval != ERROR_OK)
1792 return retval;
1793 target->state = TARGET_UNKNOWN;
1794 return err;
1795 }
1796
1797 retval = arm7_9_debug_entry(target);
1798 if (retval != ERROR_OK)
1799 return retval;
1800 LOG_DEBUG("new PC after step: 0x%8.8" PRIx32,
1801 buf_get_u32(arm->pc->value, 0, 32));
1802
1803 LOG_DEBUG("set breakpoint at 0x%8.8" TARGET_PRIxADDR "", breakpoint->address);
1804 retval = arm7_9_set_breakpoint(target, breakpoint);
1805 if (retval != ERROR_OK)
1806 return retval;
1807 }
1808 }
1809
1810 /* enable any pending breakpoints and watchpoints */
1811 arm7_9_enable_breakpoints(target);
1812 arm7_9_enable_watchpoints(target);
1813
1814 retval = arm7_9_restore_context(target);
1815 if (retval != ERROR_OK)
1816 return retval;
1817
1818 if (arm->core_state == ARM_STATE_ARM)
1819 arm7_9->branch_resume(target);
1820 else if (arm->core_state == ARM_STATE_THUMB)
1821 arm7_9->branch_resume_thumb(target);
1822 else {
1823 LOG_ERROR("unhandled core state");
1824 return ERROR_FAIL;
1825 }
1826
1827 /* deassert DBGACK and INTDIS */
1828 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1829 /* INTDIS only when we really resume, not during debug execution */
1830 if (!debug_execution)
1831 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 0);
1832 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1833
1834 retval = arm7_9_restart_core(target);
1835 if (retval != ERROR_OK)
1836 return retval;
1837
1838 target->debug_reason = DBG_REASON_NOTHALTED;
1839
1840 if (!debug_execution) {
1841 /* registers are now invalid */
1842 register_cache_invalidate(arm->core_cache);
1843 target->state = TARGET_RUNNING;
1844 retval = target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1845 if (retval != ERROR_OK)
1846 return retval;
1847 } else {
1848 target->state = TARGET_DEBUG_RUNNING;
1849 retval = target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1850 if (retval != ERROR_OK)
1851 return retval;
1852 }
1853
1854 LOG_DEBUG("target resumed");
1855
1856 return ERROR_OK;
1857 }
1858
1859 void arm7_9_enable_eice_step(struct target *target, uint32_t next_pc)
1860 {
1861 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1862 struct arm *arm = &arm7_9->arm;
1863 uint32_t current_pc;
1864 current_pc = buf_get_u32(arm->pc->value, 0, 32);
1865
1866 if (next_pc != current_pc) {
1867 /* setup an inverse breakpoint on the current PC
1868 * - comparator 1 matches the current address
1869 * - rangeout from comparator 1 is connected to comparator 0 rangein
1870 * - comparator 0 matches any address, as long as rangein is low */
1871 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1872 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1873 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE],
1874 EICE_W_CTRL_ENABLE);
1875 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK],
1876 ~(EICE_W_CTRL_RANGE | EICE_W_CTRL_nOPC) & 0xff);
1877 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE],
1878 current_pc);
1879 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1880 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1881 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
1882 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK],
1883 ~EICE_W_CTRL_nOPC & 0xff);
1884 } else {
1885 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1886 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1887 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
1888 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], 0xff);
1889 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], next_pc);
1890 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1891 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1892 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE],
1893 EICE_W_CTRL_ENABLE);
1894 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK],
1895 ~EICE_W_CTRL_nOPC & 0xff);
1896 }
1897 }
1898
1899 void arm7_9_disable_eice_step(struct target *target)
1900 {
1901 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1902
1903 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
1904 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
1905 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1906 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
1907 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE]);
1908 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK]);
1909 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK]);
1910 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK]);
1911 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE]);
1912 }
1913
1914 int arm7_9_step(struct target *target, int current, target_addr_t address, int handle_breakpoints)
1915 {
1916 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1917 struct arm *arm = &arm7_9->arm;
1918 struct breakpoint *breakpoint = NULL;
1919 int err, retval;
1920
1921 if (target->state != TARGET_HALTED) {
1922 LOG_WARNING("target not halted");
1923 return ERROR_TARGET_NOT_HALTED;
1924 }
1925
1926 /* current = 1: continue on current pc, otherwise continue at <address> */
1927 if (!current)
1928 buf_set_u32(arm->pc->value, 0, 32, address);
1929
1930 uint32_t current_pc = buf_get_u32(arm->pc->value, 0, 32);
1931
1932 /* the front-end may request us not to handle breakpoints */
1933 if (handle_breakpoints)
1934 breakpoint = breakpoint_find(target, current_pc);
1935 if (breakpoint != NULL) {
1936 retval = arm7_9_unset_breakpoint(target, breakpoint);
1937 if (retval != ERROR_OK)
1938 return retval;
1939 }
1940
1941 target->debug_reason = DBG_REASON_SINGLESTEP;
1942
1943 /* calculate PC of next instruction */
1944 uint32_t next_pc;
1945 retval = arm_simulate_step(target, &next_pc);
1946 if (retval != ERROR_OK) {
1947 uint32_t current_opcode;
1948 target_read_u32(target, current_pc, &current_opcode);
1949 LOG_ERROR(
1950 "Couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "",
1951 current_opcode);
1952 return retval;
1953 }
1954
1955 retval = arm7_9_restore_context(target);
1956 if (retval != ERROR_OK)
1957 return retval;
1958
1959 arm7_9->enable_single_step(target, next_pc);
1960
1961 if (arm->core_state == ARM_STATE_ARM)
1962 arm7_9->branch_resume(target);
1963 else if (arm->core_state == ARM_STATE_THUMB)
1964 arm7_9->branch_resume_thumb(target);
1965 else {
1966 LOG_ERROR("unhandled core state");
1967 return ERROR_FAIL;
1968 }
1969
1970 retval = target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1971 if (retval != ERROR_OK)
1972 return retval;
1973
1974 err = arm7_9_execute_sys_speed(target);
1975 arm7_9->disable_single_step(target);
1976
1977 /* registers are now invalid */
1978 register_cache_invalidate(arm->core_cache);
1979
1980 if (err != ERROR_OK)
1981 target->state = TARGET_UNKNOWN;
1982 else {
1983 retval = arm7_9_debug_entry(target);
1984 if (retval != ERROR_OK)
1985 return retval;
1986 retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1987 if (retval != ERROR_OK)
1988 return retval;
1989 LOG_DEBUG("target stepped");
1990 }
1991
1992 if (breakpoint) {
1993 retval = arm7_9_set_breakpoint(target, breakpoint);
1994 if (retval != ERROR_OK)
1995 return retval;
1996 }
1997
1998 return err;
1999 }
2000
2001 static int arm7_9_read_core_reg(struct target *target, struct reg *r,
2002 int num, enum arm_mode mode)
2003 {
2004 uint32_t *reg_p[16];
2005 int retval;
2006 struct arm_reg *areg = r->arch_info;
2007 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2008 struct arm *arm = &arm7_9->arm;
2009
2010 if (!is_arm_mode(arm->core_mode))
2011 return ERROR_FAIL;
2012 if ((num < 0) || (num > 16))
2013 return ERROR_COMMAND_SYNTAX_ERROR;
2014
2015 if ((mode != ARM_MODE_ANY) && (mode != arm->core_mode)
2016 && (areg->mode != ARM_MODE_ANY)) {
2017 uint32_t tmp_cpsr;
2018
2019 /* change processor mode (mask T bit) */
2020 tmp_cpsr = buf_get_u32(arm->cpsr->value, 0, 8) & 0xE0;
2021 tmp_cpsr |= mode;
2022 tmp_cpsr &= ~0x20;
2023 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
2024 }
2025
2026 uint32_t value = 0;
2027 if ((num >= 0) && (num <= 15)) {
2028 /* read a normal core register */
2029 reg_p[num] = &value;
2030
2031 arm7_9->read_core_regs(target, 1 << num, reg_p);
2032 } else {
2033 /* read a program status register
2034 * if the register mode is MODE_ANY, we read the cpsr, otherwise a spsr
2035 */
2036 arm7_9->read_xpsr(target, &value, areg->mode != ARM_MODE_ANY);
2037 }
2038
2039 retval = jtag_execute_queue();
2040 if (retval != ERROR_OK)
2041 return retval;
2042
2043 r->valid = true;
2044 r->dirty = false;
2045 buf_set_u32(r->value, 0, 32, value);
2046
2047 if ((mode != ARM_MODE_ANY) && (mode != arm->core_mode)
2048 && (areg->mode != ARM_MODE_ANY)) {
2049 /* restore processor mode (mask T bit) */
2050 arm7_9->write_xpsr_im8(target,
2051 buf_get_u32(arm->cpsr->value, 0, 8) & ~0x20, 0, 0);
2052 }
2053
2054 return ERROR_OK;
2055 }
2056
2057 static int arm7_9_write_core_reg(struct target *target, struct reg *r,
2058 int num, enum arm_mode mode, uint8_t *value)
2059 {
2060 uint32_t reg[16];
2061 struct arm_reg *areg = r->arch_info;
2062 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2063 struct arm *arm = &arm7_9->arm;
2064
2065 if (!is_arm_mode(arm->core_mode))
2066 return ERROR_FAIL;
2067 if ((num < 0) || (num > 16))
2068 return ERROR_COMMAND_SYNTAX_ERROR;
2069
2070 if ((mode != ARM_MODE_ANY) && (mode != arm->core_mode)
2071 && (areg->mode != ARM_MODE_ANY)) {
2072 uint32_t tmp_cpsr;
2073
2074 /* change processor mode (mask T bit) */
2075 tmp_cpsr = buf_get_u32(arm->cpsr->value, 0, 8) & 0xE0;
2076 tmp_cpsr |= mode;
2077 tmp_cpsr &= ~0x20;
2078 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
2079 }
2080
2081 if ((num >= 0) && (num <= 15)) {
2082 /* write a normal core register */
2083 reg[num] = buf_get_u32(value, 0, 32);
2084
2085 arm7_9->write_core_regs(target, 1 << num, reg);
2086 } else {
2087 /* write a program status register
2088 * if the register mode is MODE_ANY, we write the cpsr, otherwise a spsr
2089 */
2090 int spsr = (areg->mode != ARM_MODE_ANY);
2091
2092 uint32_t t = buf_get_u32(value, 0, 32);
2093 /* if we're writing the CPSR, mask the T bit */
2094 if (!spsr)
2095 t &= ~0x20;
2096
2097 arm7_9->write_xpsr(target, t, spsr);
2098 }
2099
2100 r->valid = true;
2101 r->dirty = false;
2102
2103 if ((mode != ARM_MODE_ANY) && (mode != arm->core_mode)
2104 && (areg->mode != ARM_MODE_ANY)) {
2105 /* restore processor mode (mask T bit) */
2106 arm7_9->write_xpsr_im8(target,
2107 buf_get_u32(arm->cpsr->value, 0, 8) & ~0x20, 0, 0);
2108 }
2109
2110 return jtag_execute_queue();
2111 }
2112
2113 int arm7_9_read_memory(struct target *target,
2114 target_addr_t address,
2115 uint32_t size,
2116 uint32_t count,
2117 uint8_t *buffer)
2118 {
2119 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2120 struct arm *arm = &arm7_9->arm;
2121 uint32_t reg[16];
2122 uint32_t num_accesses = 0;
2123 int thisrun_accesses;
2124 int i;
2125 uint32_t cpsr;
2126 int retval;
2127 int last_reg = 0;
2128
2129 LOG_DEBUG("address: 0x%8.8" TARGET_PRIxADDR ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32 "",
2130 address, size, count);
2131
2132 if (target->state != TARGET_HALTED) {
2133 LOG_WARNING("target not halted");
2134 return ERROR_TARGET_NOT_HALTED;
2135 }
2136
2137 /* sanitize arguments */
2138 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2139 return ERROR_COMMAND_SYNTAX_ERROR;
2140
2141 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2142 return ERROR_TARGET_UNALIGNED_ACCESS;
2143
2144 /* load the base register with the address of the first word */
2145 reg[0] = address;
2146 arm7_9->write_core_regs(target, 0x1, reg);
2147
2148 int j = 0;
2149
2150 switch (size) {
2151 case 4:
2152 while (num_accesses < count) {
2153 uint32_t reg_list;
2154 thisrun_accesses =
2155 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2156 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2157
2158 if (last_reg <= thisrun_accesses)
2159 last_reg = thisrun_accesses;
2160
2161 arm7_9->load_word_regs(target, reg_list);
2162
2163 /* fast memory reads are only safe when the target is running
2164 * from a sufficiently high clock (32 kHz is usually too slow)
2165 */
2166 if (arm7_9->fast_memory_access)
2167 retval = arm7_9_execute_fast_sys_speed(target);
2168 else
2169 retval = arm7_9_execute_sys_speed(target);
2170 if (retval != ERROR_OK)
2171 return retval;
2172
2173 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 4);
2174
2175 /* advance buffer, count number of accesses */
2176 buffer += thisrun_accesses * 4;
2177 num_accesses += thisrun_accesses;
2178
2179 if ((j++%1024) == 0)
2180 keep_alive();
2181 }
2182 break;
2183 case 2:
2184 while (num_accesses < count) {
2185 uint32_t reg_list;
2186 thisrun_accesses =
2187 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2188 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2189
2190 for (i = 1; i <= thisrun_accesses; i++) {
2191 if (i > last_reg)
2192 last_reg = i;
2193 arm7_9->load_hword_reg(target, i);
2194 /* fast memory reads are only safe when the target is running
2195 * from a sufficiently high clock (32 kHz is usually too slow)
2196 */
2197 if (arm7_9->fast_memory_access)
2198 retval = arm7_9_execute_fast_sys_speed(target);
2199 else
2200 retval = arm7_9_execute_sys_speed(target);
2201 if (retval != ERROR_OK)
2202 return retval;
2203
2204 }
2205
2206 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 2);
2207
2208 /* advance buffer, count number of accesses */
2209 buffer += thisrun_accesses * 2;
2210 num_accesses += thisrun_accesses;
2211
2212 if ((j++%1024) == 0)
2213 keep_alive();
2214 }
2215 break;
2216 case 1:
2217 while (num_accesses < count) {
2218 uint32_t reg_list;
2219 thisrun_accesses =
2220 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2221 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2222
2223 for (i = 1; i <= thisrun_accesses; i++) {
2224 if (i > last_reg)
2225 last_reg = i;
2226 arm7_9->load_byte_reg(target, i);
2227 /* fast memory reads are only safe when the target is running
2228 * from a sufficiently high clock (32 kHz is usually too slow)
2229 */
2230 if (arm7_9->fast_memory_access)
2231 retval = arm7_9_execute_fast_sys_speed(target);
2232 else
2233 retval = arm7_9_execute_sys_speed(target);
2234 if (retval != ERROR_OK)
2235 return retval;
2236 }
2237
2238 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 1);
2239
2240 /* advance buffer, count number of accesses */
2241 buffer += thisrun_accesses * 1;
2242 num_accesses += thisrun_accesses;
2243
2244 if ((j++%1024) == 0)
2245 keep_alive();
2246 }
2247 break;
2248 }
2249
2250 if (!is_arm_mode(arm->core_mode))
2251 return ERROR_FAIL;
2252
2253 for (i = 0; i <= last_reg; i++) {
2254 struct reg *r = arm_reg_current(arm, i);
2255 r->dirty = r->valid;
2256 }
2257
2258 arm7_9->read_xpsr(target, &cpsr, 0);
2259 retval = jtag_execute_queue();
2260 if (retval != ERROR_OK) {
2261 LOG_ERROR("JTAG error while reading cpsr");
2262 return ERROR_TARGET_DATA_ABORT;
2263 }
2264
2265 if (((cpsr & 0x1f) == ARM_MODE_ABT) && (arm->core_mode != ARM_MODE_ABT)) {
2266 LOG_WARNING(
2267 "memory read caused data abort "
2268 "(address: 0x%8.8" TARGET_PRIxADDR ", size: 0x%" PRIx32 ", count: 0x%" PRIx32 ")",
2269 address,
2270 size,
2271 count);
2272
2273 arm7_9->write_xpsr_im8(target,
2274 buf_get_u32(arm->cpsr->value, 0, 8)
2275 & ~0x20, 0, 0);
2276
2277 return ERROR_TARGET_DATA_ABORT;
2278 }
2279
2280 return ERROR_OK;
2281 }
2282
2283 int arm7_9_write_memory(struct target *target,
2284 target_addr_t address,
2285 uint32_t size,
2286 uint32_t count,
2287 const uint8_t *buffer)
2288 {
2289 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2290 struct arm *arm = &arm7_9->arm;
2291 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
2292
2293 uint32_t reg[16];
2294 uint32_t num_accesses = 0;
2295 int thisrun_accesses;
2296 int i;
2297 uint32_t cpsr;
2298 int retval;
2299 int last_reg = 0;
2300
2301 #ifdef _DEBUG_ARM7_9_
2302 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
2303 #endif
2304
2305 if (target->state != TARGET_HALTED) {
2306 LOG_WARNING("target not halted");
2307 return ERROR_TARGET_NOT_HALTED;
2308 }
2309
2310 /* sanitize arguments */
2311 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2312 return ERROR_COMMAND_SYNTAX_ERROR;
2313
2314 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2315 return ERROR_TARGET_UNALIGNED_ACCESS;
2316
2317 /* load the base register with the address of the first word */
2318 reg[0] = address;
2319 arm7_9->write_core_regs(target, 0x1, reg);
2320
2321 /* Clear DBGACK, to make sure memory fetches work as expected */
2322 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
2323 embeddedice_store_reg(dbg_ctrl);
2324
2325 switch (size) {
2326 case 4:
2327 while (num_accesses < count) {
2328 uint32_t reg_list;
2329 thisrun_accesses =
2330 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2331 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2332
2333 for (i = 1; i <= thisrun_accesses; i++) {
2334 if (i > last_reg)
2335 last_reg = i;
2336 reg[i] = target_buffer_get_u32(target, buffer);
2337 buffer += 4;
2338 }
2339
2340 arm7_9->write_core_regs(target, reg_list, reg);
2341
2342 arm7_9->store_word_regs(target, reg_list);
2343
2344 /* fast memory writes are only safe when the target is running
2345 * from a sufficiently high clock (32 kHz is usually too slow)
2346 */
2347 if (arm7_9->fast_memory_access)
2348 retval = arm7_9_execute_fast_sys_speed(target);
2349 else {
2350 retval = arm7_9_execute_sys_speed(target);
2351
2352 /*
2353 * if memory writes are made when the clock is running slow
2354 * (i.e. 32 kHz) which is necessary in some scripts to reconfigure
2355 * processor operations after a "reset halt" or "reset init",
2356 * need to immediately stroke the keep alive or will end up with
2357 * gdb "keep alive not sent error message" problem.
2358 */
2359
2360 keep_alive();
2361 }
2362
2363 if (retval != ERROR_OK)
2364 return retval;
2365
2366 num_accesses += thisrun_accesses;
2367 }
2368 break;
2369 case 2:
2370 while (num_accesses < count) {
2371 uint32_t reg_list;
2372 thisrun_accesses =
2373 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2374 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2375
2376 for (i = 1; i <= thisrun_accesses; i++) {
2377 if (i > last_reg)
2378 last_reg = i;
2379 reg[i] = target_buffer_get_u16(target, buffer) & 0xffff;
2380 buffer += 2;
2381 }
2382
2383 arm7_9->write_core_regs(target, reg_list, reg);
2384
2385 for (i = 1; i <= thisrun_accesses; i++) {
2386 arm7_9->store_hword_reg(target, i);
2387
2388 /* fast memory writes are only safe when the target is running
2389 * from a sufficiently high clock (32 kHz is usually too slow)
2390 */
2391 if (arm7_9->fast_memory_access)
2392 retval = arm7_9_execute_fast_sys_speed(target);
2393 else {
2394 retval = arm7_9_execute_sys_speed(target);
2395
2396 /*
2397 * if memory writes are made when the clock is running slow
2398 * (i.e. 32 kHz) which is necessary in some scripts to reconfigure
2399 * processor operations after a "reset halt" or "reset init",
2400 * need to immediately stroke the keep alive or will end up with
2401 * gdb "keep alive not sent error message" problem.
2402 */
2403
2404 keep_alive();
2405 }
2406
2407 if (retval != ERROR_OK)
2408 return retval;
2409 }
2410
2411 num_accesses += thisrun_accesses;
2412 }
2413 break;
2414 case 1:
2415 while (num_accesses < count) {
2416 uint32_t reg_list;
2417 thisrun_accesses =
2418 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2419 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2420
2421 for (i = 1; i <= thisrun_accesses; i++) {
2422 if (i > last_reg)
2423 last_reg = i;
2424 reg[i] = *buffer++ & 0xff;
2425 }
2426
2427 arm7_9->write_core_regs(target, reg_list, reg);
2428
2429 for (i = 1; i <= thisrun_accesses; i++) {
2430 arm7_9->store_byte_reg(target, i);
2431 /* fast memory writes are only safe when the target is running
2432 * from a sufficiently high clock (32 kHz is usually too slow)
2433 */
2434 if (arm7_9->fast_memory_access)
2435 retval = arm7_9_execute_fast_sys_speed(target);
2436 else {
2437 retval = arm7_9_execute_sys_speed(target);
2438
2439 /*
2440 * if memory writes are made when the clock is running slow
2441 * (i.e. 32 kHz) which is necessary in some scripts to reconfigure
2442 * processor operations after a "reset halt" or "reset init",
2443 * need to immediately stroke the keep alive or will end up with
2444 * gdb "keep alive not sent error message" problem.
2445 */
2446
2447 keep_alive();
2448 }
2449
2450 if (retval != ERROR_OK)
2451 return retval;
2452
2453 }
2454
2455 num_accesses += thisrun_accesses;
2456 }
2457 break;
2458 }
2459
2460 /* Re-Set DBGACK */
2461 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
2462 embeddedice_store_reg(dbg_ctrl);
2463
2464 if (!is_arm_mode(arm->core_mode))
2465 return ERROR_FAIL;
2466
2467 for (i = 0; i <= last_reg; i++) {
2468 struct reg *r = arm_reg_current(arm, i);
2469 r->dirty = r->valid;
2470 }
2471
2472 arm7_9->read_xpsr(target, &cpsr, 0);
2473 retval = jtag_execute_queue();
2474 if (retval != ERROR_OK) {
2475 LOG_ERROR("JTAG error while reading cpsr");
2476 return ERROR_TARGET_DATA_ABORT;
2477 }
2478
2479 if (((cpsr & 0x1f) == ARM_MODE_ABT) && (arm->core_mode != ARM_MODE_ABT)) {
2480 LOG_WARNING(
2481 "memory write caused data abort "
2482 "(address: 0x%8.8" TARGET_PRIxADDR ", size: 0x%" PRIx32 ", count: 0x%" PRIx32 ")",
2483 address,
2484 size,
2485 count);
2486
2487 arm7_9->write_xpsr_im8(target,
2488 buf_get_u32(arm->cpsr->value, 0, 8)
2489 & ~0x20, 0, 0);
2490
2491 return ERROR_TARGET_DATA_ABORT;
2492 }
2493
2494 return ERROR_OK;
2495 }
2496
2497 int arm7_9_write_memory_opt(struct target *target,
2498 target_addr_t address,
2499 uint32_t size,
2500 uint32_t count,
2501 const uint8_t *buffer)
2502 {
2503 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2504 int retval;
2505
2506 if (size == 4 && count > 32 && arm7_9->bulk_write_memory) {
2507 /* Attempt to do a bulk write */
2508 retval = arm7_9->bulk_write_memory(target, address, count, buffer);
2509
2510 if (retval == ERROR_OK)
2511 return ERROR_OK;
2512 }
2513
2514 return arm7_9->write_memory(target, address, size, count, buffer);
2515 }
2516
2517 int arm7_9_write_memory_no_opt(struct target *target,
2518 uint32_t address,
2519 uint32_t size,
2520 uint32_t count,
2521 const uint8_t *buffer)
2522 {
2523 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2524
2525 return arm7_9->write_memory(target, address, size, count, buffer);
2526 }
2527
2528 static int dcc_count;
2529 static const uint8_t *dcc_buffer;
2530
2531 static int arm7_9_dcc_completion(struct target *target,
2532 uint32_t exit_point,
2533 int timeout_ms,
2534 void *arch_info)
2535 {
2536 int retval = ERROR_OK;
2537 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2538
2539 retval = target_wait_state(target, TARGET_DEBUG_RUNNING, 500);
2540 if (retval != ERROR_OK)
2541 return retval;
2542
2543 int little = target->endianness == TARGET_LITTLE_ENDIAN;
2544 int count = dcc_count;
2545 const uint8_t *buffer = dcc_buffer;
2546 if (count > 2) {
2547 /* Handle first & last using standard embeddedice_write_reg and the middle ones w/the
2548 * core function repeated. */
2549 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA],
2550 fast_target_buffer_get_u32(buffer, little));
2551 buffer += 4;
2552
2553 struct embeddedice_reg *ice_reg =
2554 arm7_9->eice_cache->reg_list[EICE_COMMS_DATA].arch_info;
2555 uint8_t reg_addr = ice_reg->addr & 0x1f;
2556 struct jtag_tap *tap;
2557 tap = ice_reg->jtag_info->tap;
2558
2559 embeddedice_write_dcc(tap, reg_addr, buffer, little, count-2);
2560 buffer += (count-2)*4;
2561
2562 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA],
2563 fast_target_buffer_get_u32(buffer, little));
2564 } else {
2565 int i;
2566 for (i = 0; i < count; i++) {
2567 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA],
2568 fast_target_buffer_get_u32(buffer, little));
2569 buffer += 4;
2570 }
2571 }
2572
2573 retval = target_halt(target);
2574 if (retval != ERROR_OK)
2575 return retval;
2576 return target_wait_state(target, TARGET_HALTED, 500);
2577 }
2578
2579 static const uint32_t dcc_code[] = {
2580 /* r0 == input, points to memory buffer
2581 * r1 == scratch
2582 */
2583
2584 /* spin until DCC control (c0) reports data arrived */
2585 0xee101e10, /* w: mrc p14, #0, r1, c0, c0 */
2586 0xe3110001, /* tst r1, #1 */
2587 0x0afffffc, /* bne w */
2588
2589 /* read word from DCC (c1), write to memory */
2590 0xee111e10, /* mrc p14, #0, r1, c1, c0 */
2591 0xe4801004, /* str r1, [r0], #4 */
2592
2593 /* repeat */
2594 0xeafffff9 /* b w */
2595 };
2596
2597 int arm7_9_bulk_write_memory(struct target *target,
2598 target_addr_t address,
2599 uint32_t count,
2600 const uint8_t *buffer)
2601 {
2602 int retval;
2603 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2604
2605 if (address % 4 != 0)
2606 return ERROR_TARGET_UNALIGNED_ACCESS;
2607
2608 if (!arm7_9->dcc_downloads)
2609 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2610
2611 /* regrab previously allocated working_area, or allocate a new one */
2612 if (!arm7_9->dcc_working_area) {
2613 uint8_t dcc_code_buf[6 * 4];
2614
2615 /* make sure we have a working area */
2616 if (target_alloc_working_area(target, 24, &arm7_9->dcc_working_area) != ERROR_OK) {
2617 LOG_INFO("no working area available, falling back to memory writes");
2618 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2619 }
2620
2621 /* copy target instructions to target endianness */
2622 target_buffer_set_u32_array(target, dcc_code_buf, ARRAY_SIZE(dcc_code), dcc_code);
2623
2624 /* write DCC code to working area, using the non-optimized
2625 * memory write to avoid ending up here again */
2626 retval = arm7_9_write_memory_no_opt(target,
2627 arm7_9->dcc_working_area->address, 4, 6, dcc_code_buf);
2628 if (retval != ERROR_OK)
2629 return retval;
2630 }
2631
2632 struct arm_algorithm arm_algo;
2633 struct reg_param reg_params[1];
2634
2635 arm_algo.common_magic = ARM_COMMON_MAGIC;
2636 arm_algo.core_mode = ARM_MODE_SVC;
2637 arm_algo.core_state = ARM_STATE_ARM;
2638
2639 init_reg_param(&reg_params[0], "r0", 32, PARAM_IN_OUT);
2640
2641 buf_set_u32(reg_params[0].value, 0, 32, address);
2642
2643 dcc_count = count;
2644 dcc_buffer = buffer;
2645 retval = armv4_5_run_algorithm_inner(target, 0, NULL, 1, reg_params,
2646 arm7_9->dcc_working_area->address,
2647 arm7_9->dcc_working_area->address + 6*4,
2648 20*1000, &arm_algo, arm7_9_dcc_completion);
2649
2650 if (retval == ERROR_OK) {
2651 uint32_t endaddress = buf_get_u32(reg_params[0].value, 0, 32);
2652 if (endaddress != (address + count*4)) {
2653 LOG_ERROR(
2654 "DCC write failed, expected end address 0x%08" TARGET_PRIxADDR " got 0x%0" PRIx32 "",
2655 (address + count*4),
2656 endaddress);
2657 retval = ERROR_FAIL;
2658 }
2659 }
2660
2661 destroy_reg_param(&reg_params[0]);
2662
2663 return retval;
2664 }
2665
2666 /**
2667 * Perform per-target setup that requires JTAG access.
2668 */
2669 int arm7_9_examine(struct target *target)
2670 {
2671 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2672 int retval;
2673
2674 if (!target_was_examined(target)) {
2675 struct reg_cache *t, **cache_p;
2676
2677 t = embeddedice_build_reg_cache(target, arm7_9);
2678 if (t == NULL)
2679 return ERROR_FAIL;
2680
2681 cache_p = register_get_last_cache_p(&target->reg_cache);
2682 (*cache_p) = t;
2683 arm7_9->eice_cache = (*cache_p);
2684
2685 if (arm7_9->arm.etm)
2686 (*cache_p)->next = etm_build_reg_cache(target,
2687 &arm7_9->jtag_info,
2688 arm7_9->arm.etm);
2689
2690 target_set_examined(target);
2691 }
2692
2693 retval = embeddedice_setup(target);
2694 if (retval == ERROR_OK)
2695 retval = arm7_9_setup(target);
2696 if (retval == ERROR_OK && arm7_9->arm.etm)
2697 retval = etm_setup(target);
2698 return retval;
2699 }
2700
2701 void arm7_9_deinit(struct target *target)
2702 {
2703 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2704
2705 if (target_was_examined(target))
2706 embeddedice_free_reg_cache(arm7_9->eice_cache);
2707
2708 arm_jtag_close_connection(&arm7_9->jtag_info);
2709 }
2710
2711 int arm7_9_check_reset(struct target *target)
2712 {
2713 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2714
2715 if (get_target_reset_nag() && !arm7_9->dcc_downloads)
2716 LOG_WARNING(
2717 "NOTE! DCC downloads have not been enabled, defaulting to slow memory writes. Type 'help dcc'.");
2718
2719 if (get_target_reset_nag() && (target->working_area_size == 0))
2720 LOG_WARNING("NOTE! Severe performance degradation without working memory enabled.");
2721
2722 if (get_target_reset_nag() && !arm7_9->fast_memory_access)
2723 LOG_WARNING(
2724 "NOTE! Severe performance degradation without fast memory access enabled. Type 'help fast'.");
2725
2726 return ERROR_OK;
2727 }
2728
2729 int arm7_9_endianness_callback(jtag_callback_data_t pu8_in,
2730 jtag_callback_data_t i_size, jtag_callback_data_t i_be,
2731 jtag_callback_data_t i_flip)
2732 {
2733 uint8_t *in = (uint8_t *)pu8_in;
2734 int size = (int)i_size;
2735 int be = (int)i_be;
2736 int flip = (int)i_flip;
2737 uint32_t readback;
2738
2739 switch (size) {
2740 case 4:
2741 readback = le_to_h_u32(in);
2742 if (flip)
2743 readback = flip_u32(readback, 32);
2744 if (be)
2745 h_u32_to_be(in, readback);
2746 else
2747 h_u32_to_le(in, readback);
2748 break;
2749 case 2:
2750 readback = le_to_h_u16(in);
2751 if (flip)
2752 readback = flip_u32(readback, 16);
2753 if (be)
2754 h_u16_to_be(in, readback & 0xffff);
2755 else
2756 h_u16_to_le(in, readback & 0xffff);
2757 break;
2758 case 1:
2759 readback = *in;
2760 if (flip)
2761 readback = flip_u32(readback, 8);
2762 *in = readback & 0xff;
2763 break;
2764 }
2765
2766 return ERROR_OK;
2767 }
2768
2769 COMMAND_HANDLER(handle_arm7_9_dbgrq_command)
2770 {
2771 struct target *target = get_current_target(CMD_CTX);
2772 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2773
2774 if (!is_arm7_9(arm7_9)) {
2775 command_print(CMD, "current target isn't an ARM7/ARM9 target");
2776 return ERROR_TARGET_INVALID;
2777 }
2778
2779 if (CMD_ARGC > 0)
2780 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm7_9->use_dbgrq);
2781
2782 command_print(CMD,
2783 "use of EmbeddedICE dbgrq instead of breakpoint for target halt %s",
2784 (arm7_9->use_dbgrq) ? "enabled" : "disabled");
2785
2786 return ERROR_OK;
2787 }
2788
2789 COMMAND_HANDLER(handle_arm7_9_fast_memory_access_command)
2790 {
2791 struct target *target = get_current_target(CMD_CTX);
2792 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2793
2794 if (!is_arm7_9(arm7_9)) {
2795 command_print(CMD, "current target isn't an ARM7/ARM9 target");
2796 return ERROR_TARGET_INVALID;
2797 }
2798
2799 if (CMD_ARGC > 0)
2800 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm7_9->fast_memory_access);
2801
2802 command_print(CMD,
2803 "fast memory access is %s",
2804 (arm7_9->fast_memory_access) ? "enabled" : "disabled");
2805
2806 return ERROR_OK;
2807 }
2808
2809 COMMAND_HANDLER(handle_arm7_9_dcc_downloads_command)
2810 {
2811 struct target *target = get_current_target(CMD_CTX);
2812 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2813
2814 if (!is_arm7_9(arm7_9)) {
2815 command_print(CMD, "current target isn't an ARM7/ARM9 target");
2816 return ERROR_TARGET_INVALID;
2817 }
2818
2819 if (CMD_ARGC > 0)
2820 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm7_9->dcc_downloads);
2821
2822 command_print(CMD,
2823 "dcc downloads are %s",
2824 (arm7_9->dcc_downloads) ? "enabled" : "disabled");
2825
2826 return ERROR_OK;
2827 }
2828
2829 static int arm7_9_setup_semihosting(struct target *target, int enable)
2830 {
2831 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2832
2833 if (!is_arm7_9(arm7_9)) {
2834 LOG_USER("current target isn't an ARM7/ARM9 target");
2835 return ERROR_TARGET_INVALID;
2836 }
2837
2838 if (arm7_9->has_vector_catch) {
2839 struct reg *vector_catch = &arm7_9->eice_cache
2840 ->reg_list[EICE_VEC_CATCH];
2841
2842 if (!vector_catch->valid)
2843 embeddedice_read_reg(vector_catch);
2844 buf_set_u32(vector_catch->value, 2, 1, enable);
2845 embeddedice_store_reg(vector_catch);
2846 } else {
2847 /* TODO: allow optional high vectors and/or BKPT_HARD */
2848 if (enable)
2849 breakpoint_add(target, 8, 4, BKPT_SOFT);
2850 else
2851 breakpoint_remove(target, 8);
2852 }
2853
2854 return ERROR_OK;
2855 }
2856
2857 int arm7_9_init_arch_info(struct target *target, struct arm7_9_common *arm7_9)
2858 {
2859 int retval = ERROR_OK;
2860 struct arm *arm = &arm7_9->arm;
2861
2862 arm7_9->common_magic = ARM7_9_COMMON_MAGIC;
2863
2864 retval = arm_jtag_setup_connection(&arm7_9->jtag_info);
2865 if (retval != ERROR_OK)
2866 return retval;
2867
2868 /* caller must have allocated via calloc(), so everything's zeroed */
2869
2870 arm7_9->wp_available_max = 2;
2871
2872 arm7_9->fast_memory_access = false;
2873 arm7_9->dcc_downloads = false;
2874
2875 arm->arch_info = arm7_9;
2876 arm->core_type = ARM_CORE_TYPE_STD;
2877 arm->read_core_reg = arm7_9_read_core_reg;
2878 arm->write_core_reg = arm7_9_write_core_reg;
2879 arm->full_context = arm7_9_full_context;
2880 arm->setup_semihosting = arm7_9_setup_semihosting;
2881
2882 retval = arm_init_arch_info(target, arm);
2883 if (retval != ERROR_OK)
2884 return retval;
2885
2886 return target_register_timer_callback(arm7_9_handle_target_request,
2887 1, TARGET_TIMER_TYPE_PERIODIC, target);
2888 }
2889
2890 static const struct command_registration arm7_9_any_command_handlers[] = {
2891 {
2892 .name = "dbgrq",
2893 .handler = handle_arm7_9_dbgrq_command,
2894 .mode = COMMAND_ANY,
2895 .usage = "['enable'|'disable']",
2896 .help = "use EmbeddedICE dbgrq instead of breakpoint "
2897 "for target halt requests",
2898 },
2899 {
2900 .name = "fast_memory_access",
2901 .handler = handle_arm7_9_fast_memory_access_command,
2902 .mode = COMMAND_ANY,
2903 .usage = "['enable'|'disable']",
2904 .help = "use fast memory accesses instead of slower "
2905 "but potentially safer accesses",
2906 },
2907 {
2908 .name = "dcc_downloads",
2909 .handler = handle_arm7_9_dcc_downloads_command,
2910 .mode = COMMAND_ANY,
2911 .usage = "['enable'|'disable']",
2912 .help = "use DCC downloads for larger memory writes",
2913 },
2914 COMMAND_REGISTRATION_DONE
2915 };
2916 const struct command_registration arm7_9_command_handlers[] = {
2917 {
2918 .chain = arm_command_handlers,
2919 },
2920 {
2921 .chain = etm_command_handlers,
2922 },
2923 {
2924 .name = "arm7_9",
2925 .mode = COMMAND_ANY,
2926 .help = "arm7/9 specific commands",
2927 .usage = "",
2928 .chain = arm7_9_any_command_handlers,
2929 },
2930 COMMAND_REGISTRATION_DONE
2931 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)