Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
moves handling of problems with resetting into the halted state
[openocd.git] / src / target / arm7_9_common.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
12 * *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
17 * *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
23 #ifdef HAVE_CONFIG_H
24 #include "config.h"
25 #endif
26
27 #include "replacements.h"
28
29 #include "embeddedice.h"
30 #include "target.h"
31 #include "target_request.h"
32 #include "armv4_5.h"
33 #include "arm_jtag.h"
34 #include "jtag.h"
35 #include "log.h"
36 #include "arm7_9_common.h"
37 #include "breakpoints.h"
38
39 #include <stdlib.h>
40 #include <string.h>
41 #include <unistd.h>
42
43 #include <sys/types.h>
44 #include <sys/stat.h>
45 #include <sys/time.h>
46 #include <errno.h>
47
48 int arm7_9_debug_entry(target_t *target);
49 int arm7_9_enable_sw_bkpts(struct target_s *target);
50
51 /* command handler forward declarations */
52 int handle_arm7_9_write_xpsr_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
53 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
54 int handle_arm7_9_read_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
55 int handle_arm7_9_write_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
56 int handle_arm7_9_sw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
57 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
58 int handle_arm7_9_dbgrq_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
59 int handle_arm7_9_fast_memory_access_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
60 int handle_arm7_9_dcc_downloads_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
61 int handle_arm7_9_etm_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
62
63 int arm7_9_reinit_embeddedice(target_t *target)
64 {
65 armv4_5_common_t *armv4_5 = target->arch_info;
66 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
67
68 breakpoint_t *breakpoint = target->breakpoints;
69
70 arm7_9->wp_available = 2;
71 arm7_9->wp0_used = 0;
72 arm7_9->wp1_used = 0;
73
74 /* mark all hardware breakpoints as unset */
75 while (breakpoint)
76 {
77 if (breakpoint->type == BKPT_HARD)
78 {
79 breakpoint->set = 0;
80 }
81 breakpoint = breakpoint->next;
82 }
83
84 if (arm7_9->sw_bkpts_enabled && arm7_9->sw_bkpts_use_wp)
85 {
86 arm7_9->sw_bkpts_enabled = 0;
87 arm7_9_enable_sw_bkpts(target);
88 }
89
90 return ERROR_OK;
91 }
92
93 /* set things up after a reset / on startup */
94 int arm7_9_setup(target_t *target)
95 {
96 /* a test-logic reset have occured
97 * the EmbeddedICE registers have been reset
98 * hardware breakpoints have been cleared
99 */
100 return arm7_9_reinit_embeddedice(target);
101 }
102
103 int arm7_9_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p)
104 {
105 armv4_5_common_t *armv4_5 = target->arch_info;
106 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
107
108 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
109 {
110 return -1;
111 }
112
113 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
114 {
115 return -1;
116 }
117
118 *armv4_5_p = armv4_5;
119 *arm7_9_p = arm7_9;
120
121 return ERROR_OK;
122 }
123
124 int arm7_9_set_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
125 {
126 armv4_5_common_t *armv4_5 = target->arch_info;
127 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
128
129 if (target->state != TARGET_HALTED)
130 {
131 LOG_WARNING("target not halted");
132 return ERROR_TARGET_NOT_HALTED;
133 }
134
135 if (arm7_9->force_hw_bkpts)
136 breakpoint->type = BKPT_HARD;
137
138 if (breakpoint->set)
139 {
140 LOG_WARNING("breakpoint already set");
141 return ERROR_OK;
142 }
143
144 if (breakpoint->type == BKPT_HARD)
145 {
146 /* either an ARM (4 byte) or Thumb (2 byte) breakpoint */
147 u32 mask = (breakpoint->length == 4) ? 0x3u : 0x1u;
148 if (!arm7_9->wp0_used)
149 {
150 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], breakpoint->address);
151 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
152 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffffu);
153 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
154 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
155
156 jtag_execute_queue();
157 arm7_9->wp0_used = 1;
158 breakpoint->set = 1;
159 }
160 else if (!arm7_9->wp1_used)
161 {
162 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], breakpoint->address);
163 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
164 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffffu);
165 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
166 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
167
168 jtag_execute_queue();
169 arm7_9->wp1_used = 1;
170 breakpoint->set = 2;
171 }
172 else
173 {
174 LOG_ERROR("BUG: no hardware comparator available");
175 return ERROR_OK;
176 }
177 }
178 else if (breakpoint->type == BKPT_SOFT)
179 {
180 if (breakpoint->length == 4)
181 {
182 u32 verify = 0xffffffff;
183 /* keep the original instruction in target endianness */
184 target->type->read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr);
185 /* write the breakpoint instruction in target endianness (arm7_9->arm_bkpt is host endian) */
186 target_write_u32(target, breakpoint->address, arm7_9->arm_bkpt);
187
188 target->type->read_memory(target, breakpoint->address, 4, 1, (u8 *)&verify);
189 if (verify != arm7_9->arm_bkpt)
190 {
191 LOG_ERROR("Unable to set 32 bit software breakpoint at address %08x - check that memory is read/writable", breakpoint->address);
192 return ERROR_OK;
193 }
194 }
195 else
196 {
197 u16 verify = 0xffff;
198 /* keep the original instruction in target endianness */
199 target->type->read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr);
200 /* write the breakpoint instruction in target endianness (arm7_9->thumb_bkpt is host endian) */
201 target_write_u16(target, breakpoint->address, arm7_9->thumb_bkpt);
202
203 target->type->read_memory(target, breakpoint->address, 2, 1, (u8 *)&verify);
204 if (verify != arm7_9->thumb_bkpt)
205 {
206 LOG_ERROR("Unable to set thumb software breakpoint at address %08x - check that memory is read/writable", breakpoint->address);
207 return ERROR_OK;
208 }
209 }
210 breakpoint->set = 1;
211 }
212
213 return ERROR_OK;
214
215 }
216
217 int arm7_9_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
218 {
219 armv4_5_common_t *armv4_5 = target->arch_info;
220 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
221
222 if (target->state != TARGET_HALTED)
223 {
224 LOG_WARNING("target not halted");
225 return ERROR_TARGET_NOT_HALTED;
226 }
227
228 if (!breakpoint->set)
229 {
230 LOG_WARNING("breakpoint not set");
231 return ERROR_OK;
232 }
233
234 if (breakpoint->type == BKPT_HARD)
235 {
236 if (breakpoint->set == 1)
237 {
238 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
239 jtag_execute_queue();
240 arm7_9->wp0_used = 0;
241 }
242 else if (breakpoint->set == 2)
243 {
244 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
245 jtag_execute_queue();
246 arm7_9->wp1_used = 0;
247 }
248 breakpoint->set = 0;
249 }
250 else
251 {
252 /* restore original instruction (kept in target endianness) */
253 if (breakpoint->length == 4)
254 {
255 u32 current_instr;
256 /* check that user program as not modified breakpoint instruction */
257 target->type->read_memory(target, breakpoint->address, 4, 1, (u8*)&current_instr);
258 if (current_instr==arm7_9->arm_bkpt)
259 target->type->write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr);
260 }
261 else
262 {
263 u16 current_instr;
264 /* check that user program as not modified breakpoint instruction */
265 target->type->read_memory(target, breakpoint->address, 2, 1, (u8*)&current_instr);
266 if (current_instr==arm7_9->thumb_bkpt)
267 target->type->write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr);
268 }
269 breakpoint->set = 0;
270 }
271
272 return ERROR_OK;
273 }
274
275 int arm7_9_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
276 {
277 armv4_5_common_t *armv4_5 = target->arch_info;
278 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
279
280 if (target->state != TARGET_HALTED)
281 {
282 LOG_WARNING("target not halted");
283 return ERROR_TARGET_NOT_HALTED;
284 }
285
286 if (arm7_9->force_hw_bkpts)
287 {
288 LOG_DEBUG("forcing use of hardware breakpoint at address 0x%8.8x", breakpoint->address);
289 breakpoint->type = BKPT_HARD;
290 }
291
292 if ((breakpoint->type == BKPT_SOFT) && (arm7_9->sw_bkpts_enabled == 0))
293 {
294 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
295 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
296 }
297
298 if ((breakpoint->type == BKPT_HARD) && (arm7_9->wp_available < 1))
299 {
300 LOG_INFO("no watchpoint unit available for hardware breakpoint");
301 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
302 }
303
304 if ((breakpoint->length != 2) && (breakpoint->length != 4))
305 {
306 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
307 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
308 }
309
310 if (breakpoint->type == BKPT_HARD)
311 arm7_9->wp_available--;
312
313 return ERROR_OK;
314 }
315
316 int arm7_9_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
317 {
318 armv4_5_common_t *armv4_5 = target->arch_info;
319 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
320
321 if (target->state != TARGET_HALTED)
322 {
323 LOG_WARNING("target not halted");
324 return ERROR_TARGET_NOT_HALTED;
325 }
326
327 if (breakpoint->set)
328 {
329 arm7_9_unset_breakpoint(target, breakpoint);
330 }
331
332 if (breakpoint->type == BKPT_HARD)
333 arm7_9->wp_available++;
334
335 return ERROR_OK;
336 }
337
338 int arm7_9_set_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
339 {
340 armv4_5_common_t *armv4_5 = target->arch_info;
341 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
342 int rw_mask = 1;
343 u32 mask;
344
345 mask = watchpoint->length - 1;
346
347 if (target->state != TARGET_HALTED)
348 {
349 LOG_WARNING("target not halted");
350 return ERROR_TARGET_NOT_HALTED;
351 }
352
353 if (watchpoint->rw == WPT_ACCESS)
354 rw_mask = 0;
355 else
356 rw_mask = 1;
357
358 if (!arm7_9->wp0_used)
359 {
360 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], watchpoint->address);
361 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
362 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], watchpoint->mask);
363 if( watchpoint->mask != 0xffffffffu )
364 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], watchpoint->value);
365 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
366 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
367
368 jtag_execute_queue();
369 watchpoint->set = 1;
370 arm7_9->wp0_used = 2;
371 }
372 else if (!arm7_9->wp1_used)
373 {
374 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], watchpoint->address);
375 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
376 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], watchpoint->mask);
377 if( watchpoint->mask != 0xffffffffu )
378 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], watchpoint->value);
379 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
380 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
381
382 jtag_execute_queue();
383 watchpoint->set = 2;
384 arm7_9->wp1_used = 2;
385 }
386 else
387 {
388 LOG_ERROR("BUG: no hardware comparator available");
389 return ERROR_OK;
390 }
391
392 return ERROR_OK;
393 }
394
395 int arm7_9_unset_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
396 {
397 armv4_5_common_t *armv4_5 = target->arch_info;
398 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
399
400 if (target->state != TARGET_HALTED)
401 {
402 LOG_WARNING("target not halted");
403 return ERROR_TARGET_NOT_HALTED;
404 }
405
406 if (!watchpoint->set)
407 {
408 LOG_WARNING("breakpoint not set");
409 return ERROR_OK;
410 }
411
412 if (watchpoint->set == 1)
413 {
414 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
415 jtag_execute_queue();
416 arm7_9->wp0_used = 0;
417 }
418 else if (watchpoint->set == 2)
419 {
420 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
421 jtag_execute_queue();
422 arm7_9->wp1_used = 0;
423 }
424 watchpoint->set = 0;
425
426 return ERROR_OK;
427 }
428
429 int arm7_9_add_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
430 {
431 armv4_5_common_t *armv4_5 = target->arch_info;
432 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
433
434 if (target->state != TARGET_HALTED)
435 {
436 LOG_WARNING("target not halted");
437 return ERROR_TARGET_NOT_HALTED;
438 }
439
440 if (arm7_9->wp_available < 1)
441 {
442 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
443 }
444
445 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
446 {
447 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
448 }
449
450 arm7_9->wp_available--;
451
452 return ERROR_OK;
453 }
454
455 int arm7_9_remove_watchpoint(struct target_s *target, watchpoint_t *watchpoint)
456 {
457 armv4_5_common_t *armv4_5 = target->arch_info;
458 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
459
460 if (target->state != TARGET_HALTED)
461 {
462 LOG_WARNING("target not halted");
463 return ERROR_TARGET_NOT_HALTED;
464 }
465
466 if (watchpoint->set)
467 {
468 arm7_9_unset_watchpoint(target, watchpoint);
469 }
470
471 arm7_9->wp_available++;
472
473 return ERROR_OK;
474 }
475
476 int arm7_9_enable_sw_bkpts(struct target_s *target)
477 {
478 armv4_5_common_t *armv4_5 = target->arch_info;
479 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
480 int retval;
481
482 if (arm7_9->sw_bkpts_enabled)
483 return ERROR_OK;
484
485 if (arm7_9->wp_available < 1)
486 {
487 LOG_WARNING("can't enable sw breakpoints with no watchpoint unit available");
488 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
489 }
490 arm7_9->wp_available--;
491
492 if (!arm7_9->wp0_used)
493 {
494 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], arm7_9->arm_bkpt);
495 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0x0);
496 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffffu);
497 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
498 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
499 arm7_9->sw_bkpts_enabled = 1;
500 arm7_9->wp0_used = 3;
501 }
502 else if (!arm7_9->wp1_used)
503 {
504 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], arm7_9->arm_bkpt);
505 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0x0);
506 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0xffffffffu);
507 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
508 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
509 arm7_9->sw_bkpts_enabled = 2;
510 arm7_9->wp1_used = 3;
511 }
512 else
513 {
514 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
515 return ERROR_FAIL;
516 }
517
518 if ((retval = jtag_execute_queue()) != ERROR_OK)
519 {
520 LOG_ERROR("error writing EmbeddedICE registers to enable sw breakpoints");
521 return ERROR_FAIL;
522 };
523
524 return ERROR_OK;
525 }
526
527 int arm7_9_disable_sw_bkpts(struct target_s *target)
528 {
529 armv4_5_common_t *armv4_5 = target->arch_info;
530 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
531
532 if (!arm7_9->sw_bkpts_enabled)
533 return ERROR_OK;
534
535 if (arm7_9->sw_bkpts_enabled == 1)
536 {
537 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
538 arm7_9->sw_bkpts_enabled = 0;
539 arm7_9->wp0_used = 0;
540 arm7_9->wp_available++;
541 }
542 else if (arm7_9->sw_bkpts_enabled == 2)
543 {
544 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
545 arm7_9->sw_bkpts_enabled = 0;
546 arm7_9->wp1_used = 0;
547 arm7_9->wp_available++;
548 }
549
550 return ERROR_OK;
551 }
552
553 int arm7_9_execute_sys_speed(struct target_s *target)
554 {
555 int timeout;
556 int retval;
557
558 armv4_5_common_t *armv4_5 = target->arch_info;
559 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
560 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
561 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
562
563 /* set RESTART instruction */
564 jtag_add_end_state(TAP_RTI);
565 if (arm7_9->need_bypass_before_restart) {
566 arm7_9->need_bypass_before_restart = 0;
567 arm_jtag_set_instr(jtag_info, 0xf, NULL);
568 }
569 arm_jtag_set_instr(jtag_info, 0x4, NULL);
570
571 for (timeout=0; timeout<50; timeout++)
572 {
573 /* read debug status register */
574 embeddedice_read_reg(dbg_stat);
575 if ((retval = jtag_execute_queue()) != ERROR_OK)
576 return retval;
577 if ((buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
578 && (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_SYSCOMP, 1)))
579 break;
580 usleep(100000);
581 }
582 if (timeout == 50)
583 {
584 LOG_ERROR("timeout waiting for SYSCOMP & DBGACK, last DBG_STATUS: %x", buf_get_u32(dbg_stat->value, 0, dbg_stat->size));
585 return ERROR_TARGET_TIMEOUT;
586 }
587
588 return ERROR_OK;
589 }
590
591 int arm7_9_execute_fast_sys_speed(struct target_s *target)
592 {
593 static int set=0;
594 static u8 check_value[4], check_mask[4];
595
596 armv4_5_common_t *armv4_5 = target->arch_info;
597 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
598 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
599 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
600
601 /* set RESTART instruction */
602 jtag_add_end_state(TAP_RTI);
603 if (arm7_9->need_bypass_before_restart) {
604 arm7_9->need_bypass_before_restart = 0;
605 arm_jtag_set_instr(jtag_info, 0xf, NULL);
606 }
607 arm_jtag_set_instr(jtag_info, 0x4, NULL);
608
609 if (!set)
610 {
611 /* check for DBGACK and SYSCOMP set (others don't care) */
612
613 /* NB! These are constants that must be available until after next jtag_execute() and
614 we evaluate the values upon first execution in lieu of setting up these constants
615 during early setup.
616 */
617 buf_set_u32(check_value, 0, 32, 0x9);
618 buf_set_u32(check_mask, 0, 32, 0x9);
619 set=1;
620 }
621
622 /* read debug status register */
623 embeddedice_read_reg_w_check(dbg_stat, check_value, check_value);
624
625 return ERROR_OK;
626 }
627
628 int arm7_9_target_request_data(target_t *target, u32 size, u8 *buffer)
629 {
630 armv4_5_common_t *armv4_5 = target->arch_info;
631 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
632 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
633 u32 *data;
634 int i;
635
636 data = malloc(size * (sizeof(u32)));
637
638 embeddedice_receive(jtag_info, data, size);
639
640 for (i = 0; i < size; i++)
641 {
642 h_u32_to_le(buffer + (i * 4), data[i]);
643 }
644
645 free(data);
646
647 return ERROR_OK;
648 }
649
650 int arm7_9_handle_target_request(void *priv)
651 {
652 target_t *target = priv;
653 if (!target->type->examined)
654 return ERROR_OK;
655 armv4_5_common_t *armv4_5 = target->arch_info;
656 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
657 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
658 reg_t *dcc_control = &arm7_9->eice_cache->reg_list[EICE_COMMS_CTRL];
659
660
661 if (!target->dbg_msg_enabled)
662 return ERROR_OK;
663
664 if (target->state == TARGET_RUNNING)
665 {
666 /* read DCC control register */
667 embeddedice_read_reg(dcc_control);
668 jtag_execute_queue();
669
670 /* check W bit */
671 if (buf_get_u32(dcc_control->value, 1, 1) == 1)
672 {
673 u32 request;
674
675 embeddedice_receive(jtag_info, &request, 1);
676 target_request(target, request);
677 }
678 }
679
680 return ERROR_OK;
681 }
682
683 int arm7_9_poll(target_t *target)
684 {
685 int retval;
686 armv4_5_common_t *armv4_5 = target->arch_info;
687 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
688 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
689
690 /* read debug status register */
691 embeddedice_read_reg(dbg_stat);
692 if ((retval = jtag_execute_queue()) != ERROR_OK)
693 {
694 return retval;
695 }
696
697 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
698 {
699 /* LOG_DEBUG("DBGACK set, dbg_state->value: 0x%x", buf_get_u32(dbg_stat->value, 0, 32));*/
700 if (target->state == TARGET_UNKNOWN)
701 {
702 target->state = TARGET_RUNNING;
703 LOG_WARNING("DBGACK set while target was in unknown state. Reset or initialize target.");
704 }
705 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_RESET))
706 {
707 int check_pc=0;
708 if (target->state == TARGET_RESET)
709 {
710 if (target->reset_halt)
711 {
712 if ((jtag_reset_config & RESET_SRST_PULLS_TRST)==0)
713 {
714 check_pc = 1;
715 }
716 }
717 }
718
719 target->state = TARGET_HALTED;
720
721 if ((retval = arm7_9_debug_entry(target)) != ERROR_OK)
722 return retval;
723
724 if (check_pc)
725 {
726 reg_t *reg = register_get_by_name(target->reg_cache, "pc", 1);
727 u32 t=*((u32 *)reg->value);
728 if (t!=0)
729 {
730 LOG_ERROR("PC was not 0. Does this target need srst_pulls_trst?");
731 }
732 }
733
734 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
735 }
736 if (target->state == TARGET_DEBUG_RUNNING)
737 {
738 target->state = TARGET_HALTED;
739 if ((retval = arm7_9_debug_entry(target)) != ERROR_OK)
740 return retval;
741
742 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
743 }
744 if (target->state != TARGET_HALTED)
745 {
746 LOG_WARNING("DBGACK set, but the target did not end up in the halted stated %d", target->state);
747 }
748 }
749 else
750 {
751 if (target->state != TARGET_DEBUG_RUNNING)
752 target->state = TARGET_RUNNING;
753 }
754
755 return ERROR_OK;
756 }
757
758 /*
759 Some -S targets (ARM966E-S in the STR912 isn't affected, ARM926EJ-S
760 in the LPC3180 and AT91SAM9260 is affected) completely stop the JTAG clock
761 while the core is held in reset(SRST). It isn't possible to program the halt
762 condition once reset was asserted, hence a hook that allows the target to set
763 up its reset-halt condition prior to asserting reset.
764 */
765
766 int arm7_9_assert_reset(target_t *target)
767 {
768 armv4_5_common_t *armv4_5 = target->arch_info;
769 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
770 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
771
772 if (!(jtag_reset_config & RESET_HAS_SRST))
773 {
774 LOG_ERROR("Can't assert SRST");
775 return ERROR_FAIL;
776 }
777
778 if (target->reset_halt)
779 {
780 /*
781 * Some targets do not support communication while SRST is asserted. We need to
782 * set up the reset vector catch here.
783 *
784 * If TRST is asserted, then these settings will be reset anyway, so setting them
785 * here is harmless.
786 */
787 if (arm7_9->has_vector_catch)
788 {
789 /* program vector catch register to catch reset vector */
790 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH], 0x1);
791 }
792 else
793 {
794 /* program watchpoint unit to match on reset vector address */
795 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], 0x0);
796 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0x3);
797 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
798 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
799 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
800 }
801 }
802
803 /* here we should issue a srst only, but we may have to assert trst as well */
804 if (jtag_reset_config & RESET_SRST_PULLS_TRST)
805 {
806 jtag_add_reset(1, 1);
807 } else
808 {
809 jtag_add_reset(0, 1);
810 }
811
812
813 target->state = TARGET_RESET;
814 jtag_add_sleep(50000);
815
816 armv4_5_invalidate_core_regs(target);
817
818 return ERROR_OK;
819
820 }
821
822 int arm7_9_deassert_reset(target_t *target)
823 {
824 int retval=ERROR_OK;
825 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
826
827 /* deassert reset lines */
828 jtag_add_reset(0, 0);
829
830 if ((jtag_reset_config & RESET_SRST_PULLS_TRST)!=0)
831 {
832 /* set up embedded ice registers again */
833 if ((retval=target->type->examine(target))!=ERROR_OK)
834 return retval;
835
836 if (target->reset_halt)
837 {
838 /* halt the CPU as embedded ice was not set up in reset */
839 if ((retval=target->type->halt(target))!=ERROR_OK)
840 return retval;
841 }
842 }
843 return retval;
844 }
845
846 int arm7_9_clear_halt(target_t *target)
847 {
848 armv4_5_common_t *armv4_5 = target->arch_info;
849 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
850 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
851
852 /* we used DBGRQ only if we didn't come out of reset */
853 if (!arm7_9->debug_entry_from_reset && arm7_9->use_dbgrq)
854 {
855 /* program EmbeddedICE Debug Control Register to deassert DBGRQ
856 */
857 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
858 embeddedice_store_reg(dbg_ctrl);
859 }
860 else
861 {
862 if (arm7_9->debug_entry_from_reset && arm7_9->has_vector_catch)
863 {
864 /* if we came out of reset, and vector catch is supported, we used
865 * vector catch to enter debug state
866 * restore the register in that case
867 */
868 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH]);
869 }
870 else
871 {
872 /* restore registers if watchpoint unit 0 was in use
873 */
874 if (arm7_9->wp0_used)
875 {
876 if (arm7_9->debug_entry_from_reset)
877 {
878 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE]);
879 }
880 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
881 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
882 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
883 }
884 /* control value always has to be restored, as it was either disabled,
885 * or enabled with possibly different bits
886 */
887 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
888 }
889 }
890
891 return ERROR_OK;
892 }
893
894 int arm7_9_soft_reset_halt(struct target_s *target)
895 {
896 armv4_5_common_t *armv4_5 = target->arch_info;
897 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
898 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
899 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
900 int i;
901 int retval;
902
903 if ((retval=target_halt(target))!=ERROR_OK)
904 return retval;
905
906 for (i=0; i<10; i++)
907 {
908 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) != 0)
909 break;
910 embeddedice_read_reg(dbg_stat);
911 if ((retval=jtag_execute_queue())!=ERROR_OK)
912 return retval;
913 /* do not eat all CPU, time out after 1 se*/
914 usleep(100*1000);
915
916 }
917 if (i==10)
918 {
919 LOG_ERROR("Failed to halt CPU after 1 sec");
920 return ERROR_TARGET_TIMEOUT;
921 }
922 target->state = TARGET_HALTED;
923
924 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
925 * ensure that DBGRQ is cleared
926 */
927 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
928 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
929 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
930 embeddedice_store_reg(dbg_ctrl);
931
932 arm7_9_clear_halt(target);
933
934 /* if the target is in Thumb state, change to ARM state */
935 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1))
936 {
937 u32 r0_thumb, pc_thumb;
938 LOG_DEBUG("target entered debug from Thumb state, changing to ARM");
939 /* Entered debug from Thumb mode */
940 armv4_5->core_state = ARMV4_5_STATE_THUMB;
941 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
942 }
943
944 /* all register content is now invalid */
945 armv4_5_invalidate_core_regs(target);
946
947 /* SVC, ARM state, IRQ and FIQ disabled */
948 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
949 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
950 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
951
952 /* start fetching from 0x0 */
953 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
954 armv4_5->core_cache->reg_list[15].dirty = 1;
955 armv4_5->core_cache->reg_list[15].valid = 1;
956
957 armv4_5->core_mode = ARMV4_5_MODE_SVC;
958 armv4_5->core_state = ARMV4_5_STATE_ARM;
959
960 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
961 return ERROR_FAIL;
962
963 /* reset registers */
964 for (i = 0; i <= 14; i++)
965 {
966 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, 0xffffffff);
967 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 1;
968 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
969 }
970
971 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
972
973 return ERROR_OK;
974 }
975
976 int arm7_9_halt(target_t *target)
977 {
978 if ((target->state==TARGET_RESET)&&((jtag_reset_config & RESET_SRST_PULLS_TRST)!=0))
979 {
980 LOG_WARNING("arm7/9 can't halt a target in reset if srst pulls trst - halting after reset");
981 return ERROR_OK;
982 }
983
984 armv4_5_common_t *armv4_5 = target->arch_info;
985 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
986 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
987
988 LOG_DEBUG("target->state: %s", target_state_strings[target->state]);
989
990 if (target->state == TARGET_HALTED)
991 {
992 LOG_DEBUG("target was already halted");
993 return ERROR_OK;
994 }
995
996 if (target->state == TARGET_UNKNOWN)
997 {
998 LOG_WARNING("target was in unknown state when halt was requested");
999 }
1000
1001 if (target->state == TARGET_RESET)
1002 {
1003 if ((jtag_reset_config & RESET_SRST_PULLS_TRST) && jtag_srst)
1004 {
1005 LOG_ERROR("can't request a halt while in reset if nSRST pulls nTRST");
1006 return ERROR_TARGET_FAILURE;
1007 }
1008 else
1009 {
1010 /* we came here in a reset_halt or reset_init sequence
1011 * debug entry was already prepared in arm7_9_assert_reset()
1012 */
1013 target->debug_reason = DBG_REASON_DBGRQ;
1014
1015 return ERROR_OK;
1016 }
1017 }
1018
1019 if (arm7_9->use_dbgrq)
1020 {
1021 /* program EmbeddedICE Debug Control Register to assert DBGRQ
1022 */
1023 if (arm7_9->set_special_dbgrq) {
1024 arm7_9->set_special_dbgrq(target);
1025 } else {
1026 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 1);
1027 embeddedice_store_reg(dbg_ctrl);
1028 }
1029 }
1030 else
1031 {
1032 /* program watchpoint unit to match on any address
1033 */
1034 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1035 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1036 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1037 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1038 }
1039
1040 target->debug_reason = DBG_REASON_DBGRQ;
1041
1042 return ERROR_OK;
1043 }
1044
1045 int arm7_9_debug_entry(target_t *target)
1046 {
1047 int i;
1048 u32 context[16];
1049 u32* context_p[16];
1050 u32 r0_thumb, pc_thumb;
1051 u32 cpsr;
1052 int retval;
1053 /* get pointers to arch-specific information */
1054 armv4_5_common_t *armv4_5 = target->arch_info;
1055 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1056 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1057 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1058
1059 #ifdef _DEBUG_ARM7_9_
1060 LOG_DEBUG("-");
1061 #endif
1062
1063 if (arm7_9->pre_debug_entry)
1064 arm7_9->pre_debug_entry(target);
1065
1066 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1067 * ensure that DBGRQ is cleared
1068 */
1069 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1070 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1071 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1072 embeddedice_store_reg(dbg_ctrl);
1073
1074 arm7_9_clear_halt(target);
1075
1076 if ((retval = jtag_execute_queue()) != ERROR_OK)
1077 {
1078 return retval;
1079 }
1080
1081 if ((retval = arm7_9->examine_debug_reason(target)) != ERROR_OK)
1082 return retval;
1083
1084
1085 if (target->state != TARGET_HALTED)
1086 {
1087 LOG_WARNING("target not halted");
1088 return ERROR_TARGET_NOT_HALTED;
1089 }
1090
1091 /* if the target is in Thumb state, change to ARM state */
1092 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1))
1093 {
1094 LOG_DEBUG("target entered debug from Thumb state");
1095 /* Entered debug from Thumb mode */
1096 armv4_5->core_state = ARMV4_5_STATE_THUMB;
1097 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1098 LOG_DEBUG("r0_thumb: 0x%8.8x, pc_thumb: 0x%8.8x", r0_thumb, pc_thumb);
1099 }
1100 else
1101 {
1102 LOG_DEBUG("target entered debug from ARM state");
1103 /* Entered debug from ARM mode */
1104 armv4_5->core_state = ARMV4_5_STATE_ARM;
1105 }
1106
1107 for (i = 0; i < 16; i++)
1108 context_p[i] = &context[i];
1109 /* save core registers (r0 - r15 of current core mode) */
1110 arm7_9->read_core_regs(target, 0xffff, context_p);
1111
1112 arm7_9->read_xpsr(target, &cpsr, 0);
1113
1114 if ((retval = jtag_execute_queue()) != ERROR_OK)
1115 return retval;
1116
1117 /* if the core has been executing in Thumb state, set the T bit */
1118 if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1119 cpsr |= 0x20;
1120
1121 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32, cpsr);
1122 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 0;
1123 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
1124
1125 armv4_5->core_mode = cpsr & 0x1f;
1126
1127 if (armv4_5_mode_to_number(armv4_5->core_mode) == -1)
1128 {
1129 target->state = TARGET_UNKNOWN;
1130 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1131 return ERROR_TARGET_FAILURE;
1132 }
1133
1134 LOG_DEBUG("target entered debug state in %s mode", armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)]);
1135
1136 if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1137 {
1138 LOG_DEBUG("thumb state, applying fixups");
1139 context[0] = r0_thumb;
1140 context[15] = pc_thumb;
1141 } else if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1142 {
1143 /* adjust value stored by STM */
1144 context[15] -= 3 * 4;
1145 }
1146
1147 if ((target->debug_reason == DBG_REASON_BREAKPOINT)
1148 || (target->debug_reason == DBG_REASON_SINGLESTEP)
1149 || (target->debug_reason == DBG_REASON_WATCHPOINT)
1150 || (target->debug_reason == DBG_REASON_WPTANDBKPT)
1151 || ((target->debug_reason == DBG_REASON_DBGRQ) && (arm7_9->use_dbgrq == 0)))
1152 context[15] -= 3 * ((armv4_5->core_state == ARMV4_5_STATE_ARM) ? 4 : 2);
1153 else if (target->debug_reason == DBG_REASON_DBGRQ)
1154 context[15] -= arm7_9->dbgreq_adjust_pc * ((armv4_5->core_state == ARMV4_5_STATE_ARM) ? 4 : 2);
1155 else
1156 {
1157 LOG_ERROR("unknown debug reason: %i", target->debug_reason);
1158 }
1159
1160 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1161 return ERROR_FAIL;
1162
1163 for (i=0; i<=15; i++)
1164 {
1165 LOG_DEBUG("r%i: 0x%8.8x", i, context[i]);
1166 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).value, 0, 32, context[i]);
1167 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = 0;
1168 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid = 1;
1169 }
1170
1171 LOG_DEBUG("entered debug state at PC 0x%x", context[15]);
1172
1173 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1174 return ERROR_FAIL;
1175
1176 /* exceptions other than USR & SYS have a saved program status register */
1177 if ((armv4_5->core_mode != ARMV4_5_MODE_USR) && (armv4_5->core_mode != ARMV4_5_MODE_SYS))
1178 {
1179 u32 spsr;
1180 arm7_9->read_xpsr(target, &spsr, 1);
1181 jtag_execute_queue();
1182 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).value, 0, 32, spsr);
1183 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
1184 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
1185 }
1186
1187 /* r0 and r15 (pc) have to be restored later */
1188 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1189 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 15).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 15).valid;
1190
1191 if ((retval = jtag_execute_queue()) != ERROR_OK)
1192 return retval;
1193
1194 if (arm7_9->post_debug_entry)
1195 arm7_9->post_debug_entry(target);
1196
1197 return ERROR_OK;
1198 }
1199
1200 int arm7_9_full_context(target_t *target)
1201 {
1202 int i;
1203 int retval;
1204 armv4_5_common_t *armv4_5 = target->arch_info;
1205 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1206
1207 LOG_DEBUG("-");
1208
1209 if (target->state != TARGET_HALTED)
1210 {
1211 LOG_WARNING("target not halted");
1212 return ERROR_TARGET_NOT_HALTED;
1213 }
1214
1215 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1216 return ERROR_FAIL;
1217
1218 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1219 * SYS shares registers with User, so we don't touch SYS
1220 */
1221 for(i = 0; i < 6; i++)
1222 {
1223 u32 mask = 0;
1224 u32* reg_p[16];
1225 int j;
1226 int valid = 1;
1227
1228 /* check if there are invalid registers in the current mode
1229 */
1230 for (j = 0; j <= 16; j++)
1231 {
1232 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1233 valid = 0;
1234 }
1235
1236 if (!valid)
1237 {
1238 u32 tmp_cpsr;
1239
1240 /* change processor mode (and mask T bit) */
1241 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1242 tmp_cpsr |= armv4_5_number_to_mode(i);
1243 tmp_cpsr &= ~0x20;
1244 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1245
1246 for (j = 0; j < 15; j++)
1247 {
1248 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1249 {
1250 reg_p[j] = (u32*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value;
1251 mask |= 1 << j;
1252 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1253 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1254 }
1255 }
1256
1257 /* if only the PSR is invalid, mask is all zeroes */
1258 if (mask)
1259 arm7_9->read_core_regs(target, mask, reg_p);
1260
1261 /* check if the PSR has to be read */
1262 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid == 0)
1263 {
1264 arm7_9->read_xpsr(target, (u32*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).value, 1);
1265 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1266 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1267 }
1268 }
1269 }
1270
1271 /* restore processor mode (mask T bit) */
1272 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1273
1274 if ((retval = jtag_execute_queue()) != ERROR_OK)
1275 {
1276 return retval;
1277 }
1278 return ERROR_OK;
1279 }
1280
1281 int arm7_9_restore_context(target_t *target)
1282 {
1283 armv4_5_common_t *armv4_5 = target->arch_info;
1284 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1285 reg_t *reg;
1286 armv4_5_core_reg_t *reg_arch_info;
1287 enum armv4_5_mode current_mode = armv4_5->core_mode;
1288 int i, j;
1289 int dirty;
1290 int mode_change;
1291
1292 LOG_DEBUG("-");
1293
1294 if (target->state != TARGET_HALTED)
1295 {
1296 LOG_WARNING("target not halted");
1297 return ERROR_TARGET_NOT_HALTED;
1298 }
1299
1300 if (arm7_9->pre_restore_context)
1301 arm7_9->pre_restore_context(target);
1302
1303 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1304 return ERROR_FAIL;
1305
1306 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1307 * SYS shares registers with User, so we don't touch SYS
1308 */
1309 for (i = 0; i < 6; i++)
1310 {
1311 LOG_DEBUG("examining %s mode", armv4_5_mode_strings[i]);
1312 dirty = 0;
1313 mode_change = 0;
1314 /* check if there are dirty registers in the current mode
1315 */
1316 for (j = 0; j <= 16; j++)
1317 {
1318 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j);
1319 reg_arch_info = reg->arch_info;
1320 if (reg->dirty == 1)
1321 {
1322 if (reg->valid == 1)
1323 {
1324 dirty = 1;
1325 LOG_DEBUG("examining dirty reg: %s", reg->name);
1326 if ((reg_arch_info->mode != ARMV4_5_MODE_ANY)
1327 && (reg_arch_info->mode != current_mode)
1328 && !((reg_arch_info->mode == ARMV4_5_MODE_USR) && (armv4_5->core_mode == ARMV4_5_MODE_SYS))
1329 && !((reg_arch_info->mode == ARMV4_5_MODE_SYS) && (armv4_5->core_mode == ARMV4_5_MODE_USR)))
1330 {
1331 mode_change = 1;
1332 LOG_DEBUG("require mode change");
1333 }
1334 }
1335 else
1336 {
1337 LOG_ERROR("BUG: dirty register '%s', but no valid data", reg->name);
1338 }
1339 }
1340 }
1341
1342 if (dirty)
1343 {
1344 u32 mask = 0x0;
1345 int num_regs = 0;
1346 u32 regs[16];
1347
1348 if (mode_change)
1349 {
1350 u32 tmp_cpsr;
1351
1352 /* change processor mode (mask T bit) */
1353 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1354 tmp_cpsr |= armv4_5_number_to_mode(i);
1355 tmp_cpsr &= ~0x20;
1356 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1357 current_mode = armv4_5_number_to_mode(i);
1358 }
1359
1360 for (j = 0; j <= 14; j++)
1361 {
1362 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j);
1363 reg_arch_info = reg->arch_info;
1364
1365
1366 if (reg->dirty == 1)
1367 {
1368 regs[j] = buf_get_u32(reg->value, 0, 32);
1369 mask |= 1 << j;
1370 num_regs++;
1371 reg->dirty = 0;
1372 reg->valid = 1;
1373 LOG_DEBUG("writing register %i of mode %s with value 0x%8.8x", j, armv4_5_mode_strings[i], regs[j]);
1374 }
1375 }
1376
1377 if (mask)
1378 {
1379 arm7_9->write_core_regs(target, mask, regs);
1380 }
1381
1382 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16);
1383 reg_arch_info = reg->arch_info;
1384 if ((reg->dirty) && (reg_arch_info->mode != ARMV4_5_MODE_ANY))
1385 {
1386 LOG_DEBUG("writing SPSR of mode %i with value 0x%8.8x", i, buf_get_u32(reg->value, 0, 32));
1387 arm7_9->write_xpsr(target, buf_get_u32(reg->value, 0, 32), 1);
1388 }
1389 }
1390 }
1391
1392 if ((armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty == 0) && (armv4_5->core_mode != current_mode))
1393 {
1394 /* restore processor mode (mask T bit) */
1395 u32 tmp_cpsr;
1396
1397 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1398 tmp_cpsr |= armv4_5_number_to_mode(i);
1399 tmp_cpsr &= ~0x20;
1400 LOG_DEBUG("writing lower 8 bit of cpsr with value 0x%2.2x", tmp_cpsr);
1401 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1402 }
1403 else if (armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty == 1)
1404 {
1405 /* CPSR has been changed, full restore necessary (mask T bit) */
1406 LOG_DEBUG("writing cpsr with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32));
1407 arm7_9->write_xpsr(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32) & ~0x20, 0);
1408 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 0;
1409 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
1410 }
1411
1412 /* restore PC */
1413 LOG_DEBUG("writing PC with value 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1414 arm7_9->write_pc(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1415 armv4_5->core_cache->reg_list[15].dirty = 0;
1416
1417 if (arm7_9->post_restore_context)
1418 arm7_9->post_restore_context(target);
1419
1420 return ERROR_OK;
1421 }
1422
1423 int arm7_9_restart_core(struct target_s *target)
1424 {
1425 armv4_5_common_t *armv4_5 = target->arch_info;
1426 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1427 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
1428
1429 /* set RESTART instruction */
1430 jtag_add_end_state(TAP_RTI);
1431 if (arm7_9->need_bypass_before_restart) {
1432 arm7_9->need_bypass_before_restart = 0;
1433 arm_jtag_set_instr(jtag_info, 0xf, NULL);
1434 }
1435 arm_jtag_set_instr(jtag_info, 0x4, NULL);
1436
1437 jtag_add_runtest(1, TAP_RTI);
1438 return jtag_execute_queue();
1439 }
1440
1441 void arm7_9_enable_watchpoints(struct target_s *target)
1442 {
1443 watchpoint_t *watchpoint = target->watchpoints;
1444
1445 while (watchpoint)
1446 {
1447 if (watchpoint->set == 0)
1448 arm7_9_set_watchpoint(target, watchpoint);
1449 watchpoint = watchpoint->next;
1450 }
1451 }
1452
1453 void arm7_9_enable_breakpoints(struct target_s *target)
1454 {
1455 breakpoint_t *breakpoint = target->breakpoints;
1456
1457 /* set any pending breakpoints */
1458 while (breakpoint)
1459 {
1460 if (breakpoint->set == 0)
1461 arm7_9_set_breakpoint(target, breakpoint);
1462 breakpoint = breakpoint->next;
1463 }
1464 }
1465
1466 void arm7_9_disable_bkpts_and_wpts(struct target_s *target)
1467 {
1468 breakpoint_t *breakpoint = target->breakpoints;
1469 watchpoint_t *watchpoint = target->watchpoints;
1470
1471 /* set any pending breakpoints */
1472 while (breakpoint)
1473 {
1474 if (breakpoint->set != 0)
1475 arm7_9_unset_breakpoint(target, breakpoint);
1476 breakpoint = breakpoint->next;
1477 }
1478
1479 while (watchpoint)
1480 {
1481 if (watchpoint->set != 0)
1482 arm7_9_unset_watchpoint(target, watchpoint);
1483 watchpoint = watchpoint->next;
1484 }
1485 }
1486
1487 int arm7_9_resume(struct target_s *target, int current, u32 address, int handle_breakpoints, int debug_execution)
1488 {
1489 armv4_5_common_t *armv4_5 = target->arch_info;
1490 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1491 breakpoint_t *breakpoint = target->breakpoints;
1492 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1493 int err;
1494
1495 LOG_DEBUG("-");
1496
1497 if (target->state != TARGET_HALTED)
1498 {
1499 LOG_WARNING("target not halted");
1500 return ERROR_TARGET_NOT_HALTED;
1501 }
1502
1503 if (!debug_execution)
1504 {
1505 target_free_all_working_areas(target);
1506 }
1507
1508 /* current = 1: continue on current pc, otherwise continue at <address> */
1509 if (!current)
1510 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1511
1512 /* the front-end may request us not to handle breakpoints */
1513 if (handle_breakpoints)
1514 {
1515 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1516 {
1517 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
1518 arm7_9_unset_breakpoint(target, breakpoint);
1519
1520 LOG_DEBUG("enable single-step");
1521 arm7_9->enable_single_step(target);
1522
1523 target->debug_reason = DBG_REASON_SINGLESTEP;
1524
1525 arm7_9_restore_context(target);
1526
1527 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1528 arm7_9->branch_resume(target);
1529 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1530 {
1531 arm7_9->branch_resume_thumb(target);
1532 }
1533 else
1534 {
1535 LOG_ERROR("unhandled core state");
1536 return ERROR_FAIL;
1537 }
1538
1539 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1540 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1541 err = arm7_9_execute_sys_speed(target);
1542
1543 LOG_DEBUG("disable single-step");
1544 arm7_9->disable_single_step(target);
1545
1546 if (err != ERROR_OK)
1547 {
1548 arm7_9_set_breakpoint(target, breakpoint);
1549 target->state = TARGET_UNKNOWN;
1550 return err;
1551 }
1552
1553 arm7_9_debug_entry(target);
1554 LOG_DEBUG("new PC after step: 0x%8.8x", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1555
1556 LOG_DEBUG("set breakpoint at 0x%8.8x", breakpoint->address);
1557 arm7_9_set_breakpoint(target, breakpoint);
1558 }
1559 }
1560
1561 /* enable any pending breakpoints and watchpoints */
1562 arm7_9_enable_breakpoints(target);
1563 arm7_9_enable_watchpoints(target);
1564
1565 arm7_9_restore_context(target);
1566
1567 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1568 {
1569 arm7_9->branch_resume(target);
1570 }
1571 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1572 {
1573 arm7_9->branch_resume_thumb(target);
1574 }
1575 else
1576 {
1577 LOG_ERROR("unhandled core state");
1578 return ERROR_FAIL;
1579 }
1580
1581 /* deassert DBGACK and INTDIS */
1582 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1583 /* INTDIS only when we really resume, not during debug execution */
1584 if (!debug_execution)
1585 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 0);
1586 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1587
1588 arm7_9_restart_core(target);
1589
1590 target->debug_reason = DBG_REASON_NOTHALTED;
1591
1592 if (!debug_execution)
1593 {
1594 /* registers are now invalid */
1595 armv4_5_invalidate_core_regs(target);
1596 target->state = TARGET_RUNNING;
1597 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1598 }
1599 else
1600 {
1601 target->state = TARGET_DEBUG_RUNNING;
1602 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1603 }
1604
1605 LOG_DEBUG("target resumed");
1606
1607 return ERROR_OK;
1608 }
1609
1610 void arm7_9_enable_eice_step(target_t *target)
1611 {
1612 armv4_5_common_t *armv4_5 = target->arch_info;
1613 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1614
1615 /* setup an inverse breakpoint on the current PC
1616 * - comparator 1 matches the current address
1617 * - rangeout from comparator 1 is connected to comparator 0 rangein
1618 * - comparator 0 matches any address, as long as rangein is low */
1619 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1620 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1621 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1622 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~(EICE_W_CTRL_RANGE|EICE_W_CTRL_nOPC) & 0xff);
1623 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1624 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1625 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1626 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
1627 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1628 }
1629
1630 void arm7_9_disable_eice_step(target_t *target)
1631 {
1632 armv4_5_common_t *armv4_5 = target->arch_info;
1633 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1634
1635 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
1636 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
1637 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1638 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
1639 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE]);
1640 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK]);
1641 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK]);
1642 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK]);
1643 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE]);
1644 }
1645
1646 int arm7_9_step(struct target_s *target, int current, u32 address, int handle_breakpoints)
1647 {
1648 armv4_5_common_t *armv4_5 = target->arch_info;
1649 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1650 breakpoint_t *breakpoint = NULL;
1651 int err;
1652
1653 if (target->state != TARGET_HALTED)
1654 {
1655 LOG_WARNING("target not halted");
1656 return ERROR_TARGET_NOT_HALTED;
1657 }
1658
1659 /* current = 1: continue on current pc, otherwise continue at <address> */
1660 if (!current)
1661 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1662
1663 /* the front-end may request us not to handle breakpoints */
1664 if (handle_breakpoints)
1665 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1666 arm7_9_unset_breakpoint(target, breakpoint);
1667
1668 target->debug_reason = DBG_REASON_SINGLESTEP;
1669
1670 arm7_9_restore_context(target);
1671
1672 arm7_9->enable_single_step(target);
1673
1674 if (armv4_5->core_state == ARMV4_5_STATE_ARM)
1675 {
1676 arm7_9->branch_resume(target);
1677 }
1678 else if (armv4_5->core_state == ARMV4_5_STATE_THUMB)
1679 {
1680 arm7_9->branch_resume_thumb(target);
1681 }
1682 else
1683 {
1684 LOG_ERROR("unhandled core state");
1685 return ERROR_FAIL;
1686 }
1687
1688 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1689
1690 err = arm7_9_execute_sys_speed(target);
1691 arm7_9->disable_single_step(target);
1692
1693 /* registers are now invalid */
1694 armv4_5_invalidate_core_regs(target);
1695
1696 if (err != ERROR_OK)
1697 {
1698 target->state = TARGET_UNKNOWN;
1699 } else {
1700 arm7_9_debug_entry(target);
1701 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1702 LOG_DEBUG("target stepped");
1703 }
1704
1705 if (breakpoint)
1706 arm7_9_set_breakpoint(target, breakpoint);
1707
1708 return err;
1709
1710 }
1711
1712 int arm7_9_read_core_reg(struct target_s *target, int num, enum armv4_5_mode mode)
1713 {
1714 u32* reg_p[16];
1715 u32 value;
1716 int retval;
1717 armv4_5_common_t *armv4_5 = target->arch_info;
1718 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1719
1720 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1721 return ERROR_FAIL;
1722
1723 enum armv4_5_mode reg_mode = ((armv4_5_core_reg_t*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info)->mode;
1724
1725 if ((num < 0) || (num > 16))
1726 return ERROR_INVALID_ARGUMENTS;
1727
1728 if ((mode != ARMV4_5_MODE_ANY)
1729 && (mode != armv4_5->core_mode)
1730 && (reg_mode != ARMV4_5_MODE_ANY))
1731 {
1732 u32 tmp_cpsr;
1733
1734 /* change processor mode (mask T bit) */
1735 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1736 tmp_cpsr |= mode;
1737 tmp_cpsr &= ~0x20;
1738 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1739 }
1740
1741 if ((num >= 0) && (num <= 15))
1742 {
1743 /* read a normal core register */
1744 reg_p[num] = &value;
1745
1746 arm7_9->read_core_regs(target, 1 << num, reg_p);
1747 }
1748 else
1749 {
1750 /* read a program status register
1751 * if the register mode is MODE_ANY, we read the cpsr, otherwise a spsr
1752 */
1753 armv4_5_core_reg_t *arch_info = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info;
1754 int spsr = (arch_info->mode == ARMV4_5_MODE_ANY) ? 0 : 1;
1755
1756 arm7_9->read_xpsr(target, &value, spsr);
1757 }
1758
1759 if ((retval = jtag_execute_queue()) != ERROR_OK)
1760 {
1761 return retval;
1762 }
1763
1764 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
1765 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
1766 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).value, 0, 32, value);
1767
1768 if ((mode != ARMV4_5_MODE_ANY)
1769 && (mode != armv4_5->core_mode)
1770 && (reg_mode != ARMV4_5_MODE_ANY)) {
1771 /* restore processor mode (mask T bit) */
1772 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1773 }
1774
1775 return ERROR_OK;
1776
1777 }
1778
1779 int arm7_9_write_core_reg(struct target_s *target, int num, enum armv4_5_mode mode, u32 value)
1780 {
1781 u32 reg[16];
1782 armv4_5_common_t *armv4_5 = target->arch_info;
1783 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1784
1785 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1786 return ERROR_FAIL;
1787
1788 enum armv4_5_mode reg_mode = ((armv4_5_core_reg_t*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info)->mode;
1789
1790 if ((num < 0) || (num > 16))
1791 return ERROR_INVALID_ARGUMENTS;
1792
1793 if ((mode != ARMV4_5_MODE_ANY)
1794 && (mode != armv4_5->core_mode)
1795 && (reg_mode != ARMV4_5_MODE_ANY)) {
1796 u32 tmp_cpsr;
1797
1798 /* change processor mode (mask T bit) */
1799 tmp_cpsr = buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & 0xE0;
1800 tmp_cpsr |= mode;
1801 tmp_cpsr &= ~0x20;
1802 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1803 }
1804
1805 if ((num >= 0) && (num <= 15))
1806 {
1807 /* write a normal core register */
1808 reg[num] = value;
1809
1810 arm7_9->write_core_regs(target, 1 << num, reg);
1811 }
1812 else
1813 {
1814 /* write a program status register
1815 * if the register mode is MODE_ANY, we write the cpsr, otherwise a spsr
1816 */
1817 armv4_5_core_reg_t *arch_info = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).arch_info;
1818 int spsr = (arch_info->mode == ARMV4_5_MODE_ANY) ? 0 : 1;
1819
1820 /* if we're writing the CPSR, mask the T bit */
1821 if (!spsr)
1822 value &= ~0x20;
1823
1824 arm7_9->write_xpsr(target, value, spsr);
1825 }
1826
1827 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
1828 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
1829
1830 if ((mode != ARMV4_5_MODE_ANY)
1831 && (mode != armv4_5->core_mode)
1832 && (reg_mode != ARMV4_5_MODE_ANY)) {
1833 /* restore processor mode (mask T bit) */
1834 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1835 }
1836
1837 return jtag_execute_queue();
1838 }
1839
1840 int arm7_9_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1841 {
1842 armv4_5_common_t *armv4_5 = target->arch_info;
1843 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1844
1845 u32 reg[16];
1846 int num_accesses = 0;
1847 int thisrun_accesses;
1848 int i;
1849 u32 cpsr;
1850 int retval;
1851 int last_reg = 0;
1852
1853 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
1854
1855 if (target->state != TARGET_HALTED)
1856 {
1857 LOG_WARNING("target not halted");
1858 return ERROR_TARGET_NOT_HALTED;
1859 }
1860
1861 /* sanitize arguments */
1862 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
1863 return ERROR_INVALID_ARGUMENTS;
1864
1865 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1866 return ERROR_TARGET_UNALIGNED_ACCESS;
1867
1868 /* load the base register with the address of the first word */
1869 reg[0] = address;
1870 arm7_9->write_core_regs(target, 0x1, reg);
1871
1872 switch (size)
1873 {
1874 case 4:
1875 while (num_accesses < count)
1876 {
1877 u32 reg_list;
1878 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1879 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1880
1881 if (last_reg <= thisrun_accesses)
1882 last_reg = thisrun_accesses;
1883
1884 arm7_9->load_word_regs(target, reg_list);
1885
1886 /* fast memory reads are only safe when the target is running
1887 * from a sufficiently high clock (32 kHz is usually too slow)
1888 */
1889 if (arm7_9->fast_memory_access)
1890 arm7_9_execute_fast_sys_speed(target);
1891 else
1892 arm7_9_execute_sys_speed(target);
1893
1894 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 4);
1895
1896 /* advance buffer, count number of accesses */
1897 buffer += thisrun_accesses * 4;
1898 num_accesses += thisrun_accesses;
1899 }
1900 break;
1901 case 2:
1902 while (num_accesses < count)
1903 {
1904 u32 reg_list;
1905 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1906 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1907
1908 for (i = 1; i <= thisrun_accesses; i++)
1909 {
1910 if (i > last_reg)
1911 last_reg = i;
1912 arm7_9->load_hword_reg(target, i);
1913 /* fast memory reads are only safe when the target is running
1914 * from a sufficiently high clock (32 kHz is usually too slow)
1915 */
1916 if (arm7_9->fast_memory_access)
1917 arm7_9_execute_fast_sys_speed(target);
1918 else
1919 arm7_9_execute_sys_speed(target);
1920 }
1921
1922 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 2);
1923
1924 /* advance buffer, count number of accesses */
1925 buffer += thisrun_accesses * 2;
1926 num_accesses += thisrun_accesses;
1927 }
1928 break;
1929 case 1:
1930 while (num_accesses < count)
1931 {
1932 u32 reg_list;
1933 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
1934 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
1935
1936 for (i = 1; i <= thisrun_accesses; i++)
1937 {
1938 if (i > last_reg)
1939 last_reg = i;
1940 arm7_9->load_byte_reg(target, i);
1941 /* fast memory reads are only safe when the target is running
1942 * from a sufficiently high clock (32 kHz is usually too slow)
1943 */
1944 if (arm7_9->fast_memory_access)
1945 arm7_9_execute_fast_sys_speed(target);
1946 else
1947 arm7_9_execute_sys_speed(target);
1948 }
1949
1950 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 1);
1951
1952 /* advance buffer, count number of accesses */
1953 buffer += thisrun_accesses * 1;
1954 num_accesses += thisrun_accesses;
1955 }
1956 break;
1957 default:
1958 LOG_ERROR("BUG: we shouldn't get here");
1959 exit(-1);
1960 break;
1961 }
1962
1963 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1964 return ERROR_FAIL;
1965
1966 for (i=0; i<=last_reg; i++)
1967 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid;
1968
1969 arm7_9->read_xpsr(target, &cpsr, 0);
1970 if ((retval = jtag_execute_queue()) != ERROR_OK)
1971 {
1972 LOG_ERROR("JTAG error while reading cpsr");
1973 return ERROR_TARGET_DATA_ABORT;
1974 }
1975
1976 if (((cpsr & 0x1f) == ARMV4_5_MODE_ABT) && (armv4_5->core_mode != ARMV4_5_MODE_ABT))
1977 {
1978 LOG_WARNING("memory read caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address, size, count);
1979
1980 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
1981
1982 return ERROR_TARGET_DATA_ABORT;
1983 }
1984
1985 return ERROR_OK;
1986 }
1987
1988 int arm7_9_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
1989 {
1990 armv4_5_common_t *armv4_5 = target->arch_info;
1991 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
1992 reg_t *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1993
1994 u32 reg[16];
1995 int num_accesses = 0;
1996 int thisrun_accesses;
1997 int i;
1998 u32 cpsr;
1999 int retval;
2000 int last_reg = 0;
2001
2002 #ifdef _DEBUG_ARM7_9_
2003 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
2004 #endif
2005
2006 if (target->state != TARGET_HALTED)
2007 {
2008 LOG_WARNING("target not halted");
2009 return ERROR_TARGET_NOT_HALTED;
2010 }
2011
2012 /* sanitize arguments */
2013 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2014 return ERROR_INVALID_ARGUMENTS;
2015
2016 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2017 return ERROR_TARGET_UNALIGNED_ACCESS;
2018
2019 /* load the base register with the address of the first word */
2020 reg[0] = address;
2021 arm7_9->write_core_regs(target, 0x1, reg);
2022
2023 /* Clear DBGACK, to make sure memory fetches work as expected */
2024 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
2025 embeddedice_store_reg(dbg_ctrl);
2026
2027 switch (size)
2028 {
2029 case 4:
2030 while (num_accesses < count)
2031 {
2032 u32 reg_list;
2033 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2034 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2035
2036 for (i = 1; i <= thisrun_accesses; i++)
2037 {
2038 if (i > last_reg)
2039 last_reg = i;
2040 reg[i] = target_buffer_get_u32(target, buffer);
2041 buffer += 4;
2042 }
2043
2044 arm7_9->write_core_regs(target, reg_list, reg);
2045
2046 arm7_9->store_word_regs(target, reg_list);
2047
2048 /* fast memory writes are only safe when the target is running
2049 * from a sufficiently high clock (32 kHz is usually too slow)
2050 */
2051 if (arm7_9->fast_memory_access)
2052 arm7_9_execute_fast_sys_speed(target);
2053 else
2054 arm7_9_execute_sys_speed(target);
2055
2056 num_accesses += thisrun_accesses;
2057 }
2058 break;
2059 case 2:
2060 while (num_accesses < count)
2061 {
2062 u32 reg_list;
2063 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2064 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2065
2066 for (i = 1; i <= thisrun_accesses; i++)
2067 {
2068 if (i > last_reg)
2069 last_reg = i;
2070 reg[i] = target_buffer_get_u16(target, buffer) & 0xffff;
2071 buffer += 2;
2072 }
2073
2074 arm7_9->write_core_regs(target, reg_list, reg);
2075
2076 for (i = 1; i <= thisrun_accesses; i++)
2077 {
2078 arm7_9->store_hword_reg(target, i);
2079
2080 /* fast memory writes are only safe when the target is running
2081 * from a sufficiently high clock (32 kHz is usually too slow)
2082 */
2083 if (arm7_9->fast_memory_access)
2084 arm7_9_execute_fast_sys_speed(target);
2085 else
2086 arm7_9_execute_sys_speed(target);
2087 }
2088
2089 num_accesses += thisrun_accesses;
2090 }
2091 break;
2092 case 1:
2093 while (num_accesses < count)
2094 {
2095 u32 reg_list;
2096 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2097 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2098
2099 for (i = 1; i <= thisrun_accesses; i++)
2100 {
2101 if (i > last_reg)
2102 last_reg = i;
2103 reg[i] = *buffer++ & 0xff;
2104 }
2105
2106 arm7_9->write_core_regs(target, reg_list, reg);
2107
2108 for (i = 1; i <= thisrun_accesses; i++)
2109 {
2110 arm7_9->store_byte_reg(target, i);
2111 /* fast memory writes are only safe when the target is running
2112 * from a sufficiently high clock (32 kHz is usually too slow)
2113 */
2114 if (arm7_9->fast_memory_access)
2115 arm7_9_execute_fast_sys_speed(target);
2116 else
2117 arm7_9_execute_sys_speed(target);
2118 }
2119
2120 num_accesses += thisrun_accesses;
2121 }
2122 break;
2123 default:
2124 LOG_ERROR("BUG: we shouldn't get here");
2125 exit(-1);
2126 break;
2127 }
2128
2129 /* Re-Set DBGACK */
2130 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
2131 embeddedice_store_reg(dbg_ctrl);
2132
2133 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
2134 return ERROR_FAIL;
2135
2136 for (i=0; i<=last_reg; i++)
2137 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, i).valid;
2138
2139 arm7_9->read_xpsr(target, &cpsr, 0);
2140 if ((retval = jtag_execute_queue()) != ERROR_OK)
2141 {
2142 LOG_ERROR("JTAG error while reading cpsr");
2143 return ERROR_TARGET_DATA_ABORT;
2144 }
2145
2146 if (((cpsr & 0x1f) == ARMV4_5_MODE_ABT) && (armv4_5->core_mode != ARMV4_5_MODE_ABT))
2147 {
2148 LOG_WARNING("memory write caused data abort (address: 0x%8.8x, size: 0x%x, count: 0x%x)", address, size, count);
2149
2150 arm7_9->write_xpsr_im8(target, buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8) & ~0x20, 0, 0);
2151
2152 return ERROR_TARGET_DATA_ABORT;
2153 }
2154
2155 return ERROR_OK;
2156 }
2157
2158 static const u32 dcc_code[] =
2159 {
2160 /* MRC TST BNE MRC STR B */
2161 0xee101e10, 0xe3110001, 0x0afffffc, 0xee111e10, 0xe4801004, 0xeafffff9
2162 };
2163
2164 int arm7_9_bulk_write_memory(target_t *target, u32 address, u32 count, u8 *buffer)
2165 {
2166 armv4_5_common_t *armv4_5 = target->arch_info;
2167 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
2168 enum armv4_5_state core_state = armv4_5->core_state;
2169 u32 r0 = buf_get_u32(armv4_5->core_cache->reg_list[0].value, 0, 32);
2170 u32 r1 = buf_get_u32(armv4_5->core_cache->reg_list[1].value, 0, 32);
2171 u32 pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2172 int i;
2173
2174 if (!arm7_9->dcc_downloads)
2175 return target->type->write_memory(target, address, 4, count, buffer);
2176
2177 /* regrab previously allocated working_area, or allocate a new one */
2178 if (!arm7_9->dcc_working_area)
2179 {
2180 u8 dcc_code_buf[6 * 4];
2181
2182 /* make sure we have a working area */
2183 if (target_alloc_working_area(target, 24, &arm7_9->dcc_working_area) != ERROR_OK)
2184 {
2185 LOG_INFO("no working area available, falling back to memory writes");
2186 return target->type->write_memory(target, address, 4, count, buffer);
2187 }
2188
2189 /* copy target instructions to target endianness */
2190 for (i = 0; i < 6; i++)
2191 {
2192 target_buffer_set_u32(target, dcc_code_buf + i*4, dcc_code[i]);
2193 }
2194
2195 /* write DCC code to working area */
2196 target->type->write_memory(target, arm7_9->dcc_working_area->address, 4, 6, dcc_code_buf);
2197 }
2198
2199 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, address);
2200 armv4_5->core_cache->reg_list[0].valid = 1;
2201 armv4_5->core_cache->reg_list[0].dirty = 1;
2202 armv4_5->core_state = ARMV4_5_STATE_ARM;
2203
2204 arm7_9_resume(target, 0, arm7_9->dcc_working_area->address, 1, 1);
2205
2206 int little=target->endianness==TARGET_LITTLE_ENDIAN;
2207 if (count>2)
2208 {
2209 /* Handle first & last using standard embeddedice_write_reg and the middle ones w/the
2210 core function repeated.
2211 */
2212 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2213 buffer+=4;
2214
2215 embeddedice_reg_t *ice_reg = arm7_9->eice_cache->reg_list[EICE_COMMS_DATA].arch_info;
2216 u8 reg_addr = ice_reg->addr & 0x1f;
2217 int chain_pos = ice_reg->jtag_info->chain_pos;
2218
2219 embeddedice_write_dcc(chain_pos, reg_addr, buffer, little, count-2);
2220 buffer += (count-2)*4;
2221
2222 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2223 } else
2224 {
2225 for (i = 0; i < count; i++)
2226 {
2227 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2228 buffer += 4;
2229 }
2230 }
2231
2232 target_halt(target);
2233
2234 for (i=0; i<100; i++)
2235 {
2236 target_poll(target);
2237 if (target->state == TARGET_HALTED)
2238 break;
2239 usleep(1000); /* sleep 1ms */
2240 }
2241 if (i == 100)
2242 {
2243 LOG_ERROR("bulk write timed out, target not halted");
2244 return ERROR_TARGET_TIMEOUT;
2245 }
2246
2247 /* restore target state */
2248 buf_set_u32(armv4_5->core_cache->reg_list[0].value, 0, 32, r0);
2249 armv4_5->core_cache->reg_list[0].valid = 1;
2250 armv4_5->core_cache->reg_list[0].dirty = 1;
2251 buf_set_u32(armv4_5->core_cache->reg_list[1].value, 0, 32, r1);
2252 armv4_5->core_cache->reg_list[1].valid = 1;
2253 armv4_5->core_cache->reg_list[1].dirty = 1;
2254 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, pc);
2255 armv4_5->core_cache->reg_list[15].valid = 1;
2256 armv4_5->core_cache->reg_list[15].dirty = 1;
2257 armv4_5->core_state = core_state;
2258
2259 return ERROR_OK;
2260 }
2261
2262 int arm7_9_checksum_memory(struct target_s *target, u32 address, u32 count, u32* checksum)
2263 {
2264 working_area_t *crc_algorithm;
2265 armv4_5_algorithm_t armv4_5_info;
2266 reg_param_t reg_params[2];
2267 int retval;
2268
2269 u32 arm7_9_crc_code[] = {
2270 0xE1A02000, /* mov r2, r0 */
2271 0xE3E00000, /* mov r0, #0xffffffff */
2272 0xE1A03001, /* mov r3, r1 */
2273 0xE3A04000, /* mov r4, #0 */
2274 0xEA00000B, /* b ncomp */
2275 /* nbyte: */
2276 0xE7D21004, /* ldrb r1, [r2, r4] */
2277 0xE59F7030, /* ldr r7, CRC32XOR */
2278 0xE0200C01, /* eor r0, r0, r1, asl 24 */
2279 0xE3A05000, /* mov r5, #0 */
2280 /* loop: */
2281 0xE3500000, /* cmp r0, #0 */
2282 0xE1A06080, /* mov r6, r0, asl #1 */
2283 0xE2855001, /* add r5, r5, #1 */
2284 0xE1A00006, /* mov r0, r6 */
2285 0xB0260007, /* eorlt r0, r6, r7 */
2286 0xE3550008, /* cmp r5, #8 */
2287 0x1AFFFFF8, /* bne loop */
2288 0xE2844001, /* add r4, r4, #1 */
2289 /* ncomp: */
2290 0xE1540003, /* cmp r4, r3 */
2291 0x1AFFFFF1, /* bne nbyte */
2292 /* end: */
2293 0xEAFFFFFE, /* b end */
2294 0x04C11DB7 /* CRC32XOR: .word 0x04C11DB7 */
2295 };
2296
2297 int i;
2298
2299 if (target_alloc_working_area(target, sizeof(arm7_9_crc_code), &crc_algorithm) != ERROR_OK)
2300 {
2301 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2302 }
2303
2304 /* convert flash writing code into a buffer in target endianness */
2305 for (i = 0; i < (sizeof(arm7_9_crc_code)/sizeof(u32)); i++)
2306 target_write_u32(target, crc_algorithm->address + i*sizeof(u32), arm7_9_crc_code[i]);
2307
2308 armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;
2309 armv4_5_info.core_mode = ARMV4_5_MODE_SVC;
2310 armv4_5_info.core_state = ARMV4_5_STATE_ARM;
2311
2312 init_reg_param(&reg_params[0], "r0", 32, PARAM_IN_OUT);
2313 init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);
2314
2315 buf_set_u32(reg_params[0].value, 0, 32, address);
2316 buf_set_u32(reg_params[1].value, 0, 32, count);
2317
2318 if ((retval = target->type->run_algorithm(target, 0, NULL, 2, reg_params,
2319 crc_algorithm->address, crc_algorithm->address + (sizeof(arm7_9_crc_code) - 8), 20000, &armv4_5_info)) != ERROR_OK)
2320 {
2321 LOG_ERROR("error executing arm7_9 crc algorithm");
2322 destroy_reg_param(&reg_params[0]);
2323 destroy_reg_param(&reg_params[1]);
2324 target_free_working_area(target, crc_algorithm);
2325 return retval;
2326 }
2327
2328 *checksum = buf_get_u32(reg_params[0].value, 0, 32);
2329
2330 destroy_reg_param(&reg_params[0]);
2331 destroy_reg_param(&reg_params[1]);
2332
2333 target_free_working_area(target, crc_algorithm);
2334
2335 return ERROR_OK;
2336 }
2337
2338 int arm7_9_blank_check_memory(struct target_s *target, u32 address, u32 count, u32* blank)
2339 {
2340 working_area_t *erase_check_algorithm;
2341 reg_param_t reg_params[3];
2342 armv4_5_algorithm_t armv4_5_info;
2343 int retval;
2344 int i;
2345
2346 u32 erase_check_code[] =
2347 {
2348 /* loop: */
2349 0xe4d03001, /* ldrb r3, [r0], #1 */
2350 0xe0022003, /* and r2, r2, r3 */
2351 0xe2511001, /* subs r1, r1, #1 */
2352 0x1afffffb, /* bne loop */
2353 /* end: */
2354 0xeafffffe /* b end */
2355 };
2356
2357 /* make sure we have a working area */
2358 if (target_alloc_working_area(target, sizeof(erase_check_code), &erase_check_algorithm) != ERROR_OK)
2359 {
2360 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2361 }
2362
2363 /* convert flash writing code into a buffer in target endianness */
2364 for (i = 0; i < (sizeof(erase_check_code)/sizeof(u32)); i++)
2365 target_write_u32(target, erase_check_algorithm->address + i*sizeof(u32), erase_check_code[i]);
2366
2367 armv4_5_info.common_magic = ARMV4_5_COMMON_MAGIC;
2368 armv4_5_info.core_mode = ARMV4_5_MODE_SVC;
2369 armv4_5_info.core_state = ARMV4_5_STATE_ARM;
2370
2371 init_reg_param(&reg_params[0], "r0", 32, PARAM_OUT);
2372 buf_set_u32(reg_params[0].value, 0, 32, address);
2373
2374 init_reg_param(&reg_params[1], "r1", 32, PARAM_OUT);
2375 buf_set_u32(reg_params[1].value, 0, 32, count);
2376
2377 init_reg_param(&reg_params[2], "r2", 32, PARAM_IN_OUT);
2378 buf_set_u32(reg_params[2].value, 0, 32, 0xff);
2379
2380 if ((retval = target->type->run_algorithm(target, 0, NULL, 3, reg_params,
2381 erase_check_algorithm->address, erase_check_algorithm->address + (sizeof(erase_check_code) - 4), 10000, &armv4_5_info)) != ERROR_OK)
2382 {
2383 destroy_reg_param(&reg_params[0]);
2384 destroy_reg_param(&reg_params[1]);
2385 destroy_reg_param(&reg_params[2]);
2386 target_free_working_area(target, erase_check_algorithm);
2387 return 0;
2388 }
2389
2390 *blank = buf_get_u32(reg_params[2].value, 0, 32);
2391
2392 destroy_reg_param(&reg_params[0]);
2393 destroy_reg_param(&reg_params[1]);
2394 destroy_reg_param(&reg_params[2]);
2395
2396 target_free_working_area(target, erase_check_algorithm);
2397
2398 return ERROR_OK;
2399 }
2400
2401 int arm7_9_register_commands(struct command_context_s *cmd_ctx)
2402 {
2403 command_t *arm7_9_cmd;
2404
2405 arm7_9_cmd = register_command(cmd_ctx, NULL, "arm7_9", NULL, COMMAND_ANY, "arm7/9 specific commands");
2406
2407 register_command(cmd_ctx, arm7_9_cmd, "write_xpsr", handle_arm7_9_write_xpsr_command, COMMAND_EXEC, "write program status register <value> <not cpsr|spsr>");
2408 register_command(cmd_ctx, arm7_9_cmd, "write_xpsr_im8", handle_arm7_9_write_xpsr_im8_command, COMMAND_EXEC, "write program status register <8bit immediate> <rotate> <not cpsr|spsr>");
2409
2410 register_command(cmd_ctx, arm7_9_cmd, "write_core_reg", handle_arm7_9_write_core_reg_command, COMMAND_EXEC, "write core register <num> <mode> <value>");
2411
2412 register_command(cmd_ctx, arm7_9_cmd, "sw_bkpts", handle_arm7_9_sw_bkpts_command, COMMAND_EXEC, "support for software breakpoints <enable|disable>");
2413 register_command(cmd_ctx, arm7_9_cmd, "force_hw_bkpts", handle_arm7_9_force_hw_bkpts_command, COMMAND_EXEC, "use hardware breakpoints for all breakpoints (disables sw breakpoint support) <enable|disable>");
2414 register_command(cmd_ctx, arm7_9_cmd, "dbgrq", handle_arm7_9_dbgrq_command,
2415 COMMAND_ANY, "use EmbeddedICE dbgrq instead of breakpoint for target halt requests <enable|disable>");
2416 register_command(cmd_ctx, arm7_9_cmd, "fast_writes", handle_arm7_9_fast_memory_access_command,
2417 COMMAND_ANY, "(deprecated, see: arm7_9 fast_memory_access)");
2418 register_command(cmd_ctx, arm7_9_cmd, "fast_memory_access", handle_arm7_9_fast_memory_access_command,
2419 COMMAND_ANY, "use fast memory accesses instead of slower but potentially unsafe slow accesses <enable|disable>");
2420 register_command(cmd_ctx, arm7_9_cmd, "dcc_downloads", handle_arm7_9_dcc_downloads_command,
2421 COMMAND_ANY, "use DCC downloads for larger memory writes <enable|disable>");
2422
2423 armv4_5_register_commands(cmd_ctx);
2424
2425 etm_register_commands(cmd_ctx);
2426
2427 return ERROR_OK;
2428 }
2429
2430 int handle_arm7_9_write_xpsr_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2431 {
2432 u32 value;
2433 int spsr;
2434 int retval;
2435 target_t *target = get_current_target(cmd_ctx);
2436 armv4_5_common_t *armv4_5;
2437 arm7_9_common_t *arm7_9;
2438
2439 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2440 {
2441 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2442 return ERROR_OK;
2443 }
2444
2445 if (target->state != TARGET_HALTED)
2446 {
2447 command_print(cmd_ctx, "can't write registers while running");
2448 return ERROR_OK;
2449 }
2450
2451 if (argc < 2)
2452 {
2453 command_print(cmd_ctx, "usage: write_xpsr <value> <not cpsr|spsr>");
2454 return ERROR_OK;
2455 }
2456
2457 value = strtoul(args[0], NULL, 0);
2458 spsr = strtol(args[1], NULL, 0);
2459
2460 /* if we're writing the CPSR, mask the T bit */
2461 if (!spsr)
2462 value &= ~0x20;
2463
2464 arm7_9->write_xpsr(target, value, spsr);
2465 if ((retval = jtag_execute_queue()) != ERROR_OK)
2466 {
2467 LOG_ERROR("JTAG error while writing to xpsr");
2468 return retval;
2469 }
2470
2471 return ERROR_OK;
2472 }
2473
2474 int handle_arm7_9_write_xpsr_im8_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2475 {
2476 u32 value;
2477 int rotate;
2478 int spsr;
2479 int retval;
2480 target_t *target = get_current_target(cmd_ctx);
2481 armv4_5_common_t *armv4_5;
2482 arm7_9_common_t *arm7_9;
2483
2484 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2485 {
2486 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2487 return ERROR_OK;
2488 }
2489
2490 if (target->state != TARGET_HALTED)
2491 {
2492 command_print(cmd_ctx, "can't write registers while running");
2493 return ERROR_OK;
2494 }
2495
2496 if (argc < 3)
2497 {
2498 command_print(cmd_ctx, "usage: write_xpsr_im8 <im8> <rotate> <not cpsr|spsr>");
2499 return ERROR_OK;
2500 }
2501
2502 value = strtoul(args[0], NULL, 0);
2503 rotate = strtol(args[1], NULL, 0);
2504 spsr = strtol(args[2], NULL, 0);
2505
2506 arm7_9->write_xpsr_im8(target, value, rotate, spsr);
2507 if ((retval = jtag_execute_queue()) != ERROR_OK)
2508 {
2509 LOG_ERROR("JTAG error while writing 8-bit immediate to xpsr");
2510 return retval;
2511 }
2512
2513 return ERROR_OK;
2514 }
2515
2516 int handle_arm7_9_write_core_reg_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2517 {
2518 u32 value;
2519 u32 mode;
2520 int num;
2521 target_t *target = get_current_target(cmd_ctx);
2522 armv4_5_common_t *armv4_5;
2523 arm7_9_common_t *arm7_9;
2524
2525 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2526 {
2527 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2528 return ERROR_OK;
2529 }
2530
2531 if (target->state != TARGET_HALTED)
2532 {
2533 command_print(cmd_ctx, "can't write registers while running");
2534 return ERROR_OK;
2535 }
2536
2537 if (argc < 3)
2538 {
2539 command_print(cmd_ctx, "usage: write_core_reg <num> <mode> <value>");
2540 return ERROR_OK;
2541 }
2542
2543 num = strtol(args[0], NULL, 0);
2544 mode = strtoul(args[1], NULL, 0);
2545 value = strtoul(args[2], NULL, 0);
2546
2547 arm7_9_write_core_reg(target, num, mode, value);
2548
2549 return ERROR_OK;
2550 }
2551
2552 int handle_arm7_9_sw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2553 {
2554 target_t *target = get_current_target(cmd_ctx);
2555 armv4_5_common_t *armv4_5;
2556 arm7_9_common_t *arm7_9;
2557
2558 if (target->state != TARGET_HALTED)
2559 {
2560 LOG_ERROR("target not halted");
2561 return ERROR_TARGET_NOT_HALTED;
2562 }
2563
2564 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2565 {
2566 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2567 return ERROR_OK;
2568 }
2569
2570 if (argc == 0)
2571 {
2572 command_print(cmd_ctx, "software breakpoints %s", (arm7_9->sw_bkpts_enabled) ? "enabled" : "disabled");
2573 return ERROR_OK;
2574 }
2575
2576 if (strcmp("enable", args[0]) == 0)
2577 {
2578 if (arm7_9->sw_bkpts_use_wp)
2579 {
2580 arm7_9_enable_sw_bkpts(target);
2581 }
2582 else
2583 {
2584 arm7_9->sw_bkpts_enabled = 1;
2585 }
2586 }
2587 else if (strcmp("disable", args[0]) == 0)
2588 {
2589 if (arm7_9->sw_bkpts_use_wp)
2590 {
2591 arm7_9_disable_sw_bkpts(target);
2592 }
2593 else
2594 {
2595 arm7_9->sw_bkpts_enabled = 0;
2596 }
2597 }
2598 else
2599 {
2600 command_print(cmd_ctx, "usage: arm7_9 sw_bkpts <enable|disable>");
2601 }
2602
2603 command_print(cmd_ctx, "software breakpoints %s", (arm7_9->sw_bkpts_enabled) ? "enabled" : "disabled");
2604
2605 return ERROR_OK;
2606 }
2607
2608 int handle_arm7_9_force_hw_bkpts_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2609 {
2610 target_t *target = get_current_target(cmd_ctx);
2611 armv4_5_common_t *armv4_5;
2612 arm7_9_common_t *arm7_9;
2613
2614 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2615 {
2616 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2617 return ERROR_OK;
2618 }
2619
2620 if ((argc >= 1) && (strcmp("enable", args[0]) == 0))
2621 {
2622 arm7_9->force_hw_bkpts = 1;
2623 if (arm7_9->sw_bkpts_use_wp)
2624 {
2625 arm7_9_disable_sw_bkpts(target);
2626 }
2627 }
2628 else if ((argc >= 1) && (strcmp("disable", args[0]) == 0))
2629 {
2630 arm7_9->force_hw_bkpts = 0;
2631 }
2632 else
2633 {
2634 command_print(cmd_ctx, "usage: arm7_9 force_hw_bkpts <enable|disable>");
2635 }
2636
2637 command_print(cmd_ctx, "force hardware breakpoints %s", (arm7_9->force_hw_bkpts) ? "enabled" : "disabled");
2638
2639 return ERROR_OK;
2640 }
2641
2642 int handle_arm7_9_dbgrq_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2643 {
2644 target_t *target = get_current_target(cmd_ctx);
2645 armv4_5_common_t *armv4_5;
2646 arm7_9_common_t *arm7_9;
2647
2648 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2649 {
2650 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2651 return ERROR_OK;
2652 }
2653
2654 if (argc > 0)
2655 {
2656 if (strcmp("enable", args[0]) == 0)
2657 {
2658 arm7_9->use_dbgrq = 1;
2659 }
2660 else if (strcmp("disable", args[0]) == 0)
2661 {
2662 arm7_9->use_dbgrq = 0;
2663 }
2664 else
2665 {
2666 command_print(cmd_ctx, "usage: arm7_9 dbgrq <enable|disable>");
2667 }
2668 }
2669
2670 command_print(cmd_ctx, "use of EmbeddedICE dbgrq instead of breakpoint for target halt %s", (arm7_9->use_dbgrq) ? "enabled" : "disabled");
2671
2672 return ERROR_OK;
2673 }
2674
2675 int handle_arm7_9_fast_memory_access_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2676 {
2677 target_t *target = get_current_target(cmd_ctx);
2678 armv4_5_common_t *armv4_5;
2679 arm7_9_common_t *arm7_9;
2680
2681 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2682 {
2683 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2684 return ERROR_OK;
2685 }
2686
2687 if (argc > 0)
2688 {
2689 if (strcmp("enable", args[0]) == 0)
2690 {
2691 arm7_9->fast_memory_access = 1;
2692 }
2693 else if (strcmp("disable", args[0]) == 0)
2694 {
2695 arm7_9->fast_memory_access = 0;
2696 }
2697 else
2698 {
2699 command_print(cmd_ctx, "usage: arm7_9 fast_memory_access <enable|disable>");
2700 }
2701 }
2702
2703 command_print(cmd_ctx, "fast memory access is %s", (arm7_9->fast_memory_access) ? "enabled" : "disabled");
2704
2705 return ERROR_OK;
2706 }
2707
2708 int handle_arm7_9_dcc_downloads_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
2709 {
2710 target_t *target = get_current_target(cmd_ctx);
2711 armv4_5_common_t *armv4_5;
2712 arm7_9_common_t *arm7_9;
2713
2714 if (arm7_9_get_arch_pointers(target, &armv4_5, &arm7_9) != ERROR_OK)
2715 {
2716 command_print(cmd_ctx, "current target isn't an ARM7/ARM9 target");
2717 return ERROR_OK;
2718 }
2719
2720 if (argc > 0)
2721 {
2722 if (strcmp("enable", args[0]) == 0)
2723 {
2724 arm7_9->dcc_downloads = 1;
2725 }
2726 else if (strcmp("disable", args[0]) == 0)
2727 {
2728 arm7_9->dcc_downloads = 0;
2729 }
2730 else
2731 {
2732 command_print(cmd_ctx, "usage: arm7_9 dcc_downloads <enable|disable>");
2733 }
2734 }
2735
2736 command_print(cmd_ctx, "dcc downloads are %s", (arm7_9->dcc_downloads) ? "enabled" : "disabled");
2737
2738 return ERROR_OK;
2739 }
2740
2741 int arm7_9_init_arch_info(target_t *target, arm7_9_common_t *arm7_9)
2742 {
2743 armv4_5_common_t *armv4_5 = &arm7_9->armv4_5_common;
2744
2745 arm7_9->common_magic = ARM7_9_COMMON_MAGIC;
2746
2747 arm_jtag_setup_connection(&arm7_9->jtag_info);
2748 arm7_9->wp_available = 2;
2749 arm7_9->wp0_used = 0;
2750 arm7_9->wp1_used = 0;
2751 arm7_9->force_hw_bkpts = 0;
2752 arm7_9->use_dbgrq = 0;
2753
2754 arm7_9->etm_ctx = NULL;
2755 arm7_9->has_single_step = 0;
2756 arm7_9->has_monitor_mode = 0;
2757 arm7_9->has_vector_catch = 0;
2758
2759 arm7_9->debug_entry_from_reset = 0;
2760
2761 arm7_9->dcc_working_area = NULL;
2762
2763 arm7_9->fast_memory_access = fast_and_dangerous;
2764 arm7_9->dcc_downloads = fast_and_dangerous;
2765
2766 arm7_9->need_bypass_before_restart = 0;
2767
2768 armv4_5->arch_info = arm7_9;
2769 armv4_5->read_core_reg = arm7_9_read_core_reg;
2770 armv4_5->write_core_reg = arm7_9_write_core_reg;
2771 armv4_5->full_context = arm7_9_full_context;
2772
2773 armv4_5_init_arch_info(target, armv4_5);
2774
2775 target_register_timer_callback(arm7_9_handle_target_request, 1, 1, target);
2776
2777 return ERROR_OK;
2778 }
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)