Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
jtag: linuxgpiod: drop extra parenthesis
[openocd.git] / src / target / arm7_9_common.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2
3 /***************************************************************************
4 * Copyright (C) 2005 by Dominic Rath *
5 * Dominic.Rath@gmx.de *
6 * *
7 * Copyright (C) 2007-2010 Øyvind Harboe *
8 * oyvind.harboe@zylin.com *
9 * *
10 * Copyright (C) 2008 by Spencer Oliver *
11 * spen@spen-soft.co.uk *
12 * *
13 * Copyright (C) 2008 by Hongtao Zheng *
14 * hontor@126.com *
15 * *
16 * Copyright (C) 2009 by David Brownell *
17 ***************************************************************************/
18
19 #ifdef HAVE_CONFIG_H
20 #include "config.h"
21 #endif
22
23 #include "breakpoints.h"
24 #include "embeddedice.h"
25 #include "target_request.h"
26 #include "etm.h"
27 #include <helper/time_support.h>
28 #include "arm_simulator.h"
29 #include "arm_semihosting.h"
30 #include "algorithm.h"
31 #include "register.h"
32 #include "armv4_5.h"
33
34 /**
35 * @file
36 * Hold common code supporting the ARM7 and ARM9 core generations.
37 *
38 * While the ARM core implementations evolved substantially during these
39 * two generations, they look quite similar from the JTAG perspective.
40 * Both have similar debug facilities, based on the same two scan chains
41 * providing access to the core and to an EmbeddedICE module. Both can
42 * support similar ETM and ETB modules, for tracing. And both expose
43 * what could be viewed as "ARM Classic", with multiple processor modes,
44 * shadowed registers, and support for the Thumb instruction set.
45 *
46 * Processor differences include things like presence or absence of MMU
47 * and cache, pipeline sizes, use of a modified Harvard Architecture
48 * (with separate instruction and data buses from the CPU), support
49 * for cpu clock gating during idle, and more.
50 */
51
52 static int arm7_9_debug_entry(struct target *target);
53
54 /**
55 * Clear watchpoints for an ARM7/9 target.
56 *
57 * @param arm7_9 Pointer to the common struct for an ARM7/9 target
58 * @return JTAG error status after executing queue
59 */
60 static int arm7_9_clear_watchpoints(struct arm7_9_common *arm7_9)
61 {
62 LOG_DEBUG("-");
63 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
64 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
65 arm7_9->sw_breakpoint_count = 0;
66 arm7_9->sw_breakpoints_added = 0;
67 arm7_9->wp0_used = 0;
68 arm7_9->wp1_used = arm7_9->wp1_used_default;
69 arm7_9->wp_available = arm7_9->wp_available_max;
70
71 return jtag_execute_queue();
72 }
73
74 /**
75 * Assign a watchpoint to one of the two available hardware comparators in an
76 * ARM7 or ARM9 target.
77 *
78 * @param arm7_9 Pointer to the common struct for an ARM7/9 target
79 * @param breakpoint Pointer to the breakpoint to be used as a watchpoint
80 */
81 static void arm7_9_assign_wp(struct arm7_9_common *arm7_9, struct breakpoint *breakpoint)
82 {
83 if (!arm7_9->wp0_used) {
84 arm7_9->wp0_used = 1;
85 breakpoint_hw_set(breakpoint, 0);
86 arm7_9->wp_available--;
87 } else if (!arm7_9->wp1_used) {
88 arm7_9->wp1_used = 1;
89 breakpoint_hw_set(breakpoint, 1);
90 arm7_9->wp_available--;
91 } else {
92 LOG_ERROR("BUG: no hardware comparator available");
93 }
94
95 LOG_DEBUG("BPID: %" PRIu32 " (0x%08" TARGET_PRIxADDR ") using hw wp: %u",
96 breakpoint->unique_id,
97 breakpoint->address,
98 breakpoint->number);
99 }
100
101 /**
102 * Setup an ARM7/9 target's embedded ICE registers for software breakpoints.
103 *
104 * @param arm7_9 Pointer to common struct for ARM7/9 targets
105 * @return Error codes if there is a problem finding a watchpoint or the result
106 * of executing the JTAG queue
107 */
108 static int arm7_9_set_software_breakpoints(struct arm7_9_common *arm7_9)
109 {
110 if (arm7_9->sw_breakpoints_added)
111 return ERROR_OK;
112 if (arm7_9->wp_available < 1) {
113 LOG_WARNING("can't enable sw breakpoints with no watchpoint unit available");
114 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
115 }
116 arm7_9->wp_available--;
117
118 /* pick a breakpoint unit */
119 if (!arm7_9->wp0_used) {
120 arm7_9->sw_breakpoints_added = 1;
121 arm7_9->wp0_used = 3;
122 } else if (!arm7_9->wp1_used) {
123 arm7_9->sw_breakpoints_added = 2;
124 arm7_9->wp1_used = 3;
125 } else {
126 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
127 return ERROR_FAIL;
128 }
129
130 if (arm7_9->sw_breakpoints_added == 1) {
131 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], arm7_9->arm_bkpt);
132 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0x0);
133 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffffu);
134 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_NOPC & 0xff);
135 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
136 } else if (arm7_9->sw_breakpoints_added == 2) {
137 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], arm7_9->arm_bkpt);
138 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0x0);
139 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0xffffffffu);
140 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_NOPC & 0xff);
141 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
142 } else {
143 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
144 return ERROR_FAIL;
145 }
146 LOG_DEBUG("SW BP using hw wp: %d",
147 arm7_9->sw_breakpoints_added);
148
149 return jtag_execute_queue();
150 }
151
152 /**
153 * Setup the common pieces for an ARM7/9 target after reset or on startup.
154 *
155 * @param target Pointer to an ARM7/9 target to setup
156 * @return Result of clearing the watchpoints on the target
157 */
158 static int arm7_9_setup(struct target *target)
159 {
160 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
161
162 return arm7_9_clear_watchpoints(arm7_9);
163 }
164
165 /**
166 * Set either a hardware or software breakpoint on an ARM7/9 target. The
167 * breakpoint is set up even if it is already set. Some actions, e.g. reset,
168 * might have erased the values in Embedded ICE.
169 *
170 * @param target Pointer to the target device to set the breakpoints on
171 * @param breakpoint Pointer to the breakpoint to be set
172 * @return For hardware breakpoints, this is the result of executing the JTAG
173 * queue. For software breakpoints, this will be the status of the
174 * required memory reads and writes
175 */
176 static int arm7_9_set_breakpoint(struct target *target, struct breakpoint *breakpoint)
177 {
178 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
179 int retval = ERROR_OK;
180
181 LOG_DEBUG("BPID: %" PRIu32 ", Address: 0x%08" TARGET_PRIxADDR ", Type: %d",
182 breakpoint->unique_id,
183 breakpoint->address,
184 breakpoint->type);
185
186 if (target->state != TARGET_HALTED) {
187 LOG_TARGET_ERROR(target, "not halted");
188 return ERROR_TARGET_NOT_HALTED;
189 }
190
191 if (breakpoint->type == BKPT_HARD) {
192 /* either an ARM (4 byte) or Thumb (2 byte) breakpoint */
193 uint32_t mask = (breakpoint->length == 4) ? 0x3u : 0x1u;
194
195 /* reassign a hw breakpoint */
196 if (!breakpoint->is_set)
197 arm7_9_assign_wp(arm7_9, breakpoint);
198
199 if (breakpoint->number == 0) {
200 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], breakpoint->address);
201 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
202 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffffu);
203 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_NOPC & 0xff);
204 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
205 } else if (breakpoint->number == 1) {
206 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], breakpoint->address);
207 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
208 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffffu);
209 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_NOPC & 0xff);
210 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
211 } else {
212 LOG_ERROR("BUG: no hardware comparator available");
213 return ERROR_OK;
214 }
215
216 retval = jtag_execute_queue();
217 } else if (breakpoint->type == BKPT_SOFT) {
218 /* did we already set this breakpoint? */
219 if (breakpoint->is_set)
220 return ERROR_OK;
221
222 if (breakpoint->length == 4) {
223 uint32_t verify = 0xffffffff;
224 /* keep the original instruction in target endianness */
225 retval = target_read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr);
226 if (retval != ERROR_OK)
227 return retval;
228 /* write the breakpoint instruction in target
229 * endianness (arm7_9->arm_bkpt is host endian) */
230 retval = target_write_u32(target, breakpoint->address, arm7_9->arm_bkpt);
231 if (retval != ERROR_OK)
232 return retval;
233
234 retval = target_read_u32(target, breakpoint->address, &verify);
235 if (retval != ERROR_OK)
236 return retval;
237 if (verify != arm7_9->arm_bkpt) {
238 LOG_ERROR("Unable to set 32 bit software breakpoint at address %08" TARGET_PRIxADDR
239 " - check that memory is read/writable", breakpoint->address);
240 return ERROR_OK;
241 }
242 } else {
243 uint16_t verify = 0xffff;
244 /* keep the original instruction in target endianness */
245 retval = target_read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr);
246 if (retval != ERROR_OK)
247 return retval;
248 /* write the breakpoint instruction in target
249 * endianness (arm7_9->thumb_bkpt is host endian) */
250 retval = target_write_u16(target, breakpoint->address, arm7_9->thumb_bkpt);
251 if (retval != ERROR_OK)
252 return retval;
253
254 retval = target_read_u16(target, breakpoint->address, &verify);
255 if (retval != ERROR_OK)
256 return retval;
257 if (verify != arm7_9->thumb_bkpt) {
258 LOG_ERROR("Unable to set thumb software breakpoint at address %08" TARGET_PRIxADDR
259 " - check that memory is read/writable", breakpoint->address);
260 return ERROR_OK;
261 }
262 }
263
264 retval = arm7_9_set_software_breakpoints(arm7_9);
265 if (retval != ERROR_OK)
266 return retval;
267
268 arm7_9->sw_breakpoint_count++;
269
270 breakpoint->is_set = true;
271 }
272
273 return retval;
274 }
275
276 /**
277 * Unsets an existing breakpoint on an ARM7/9 target. If it is a hardware
278 * breakpoint, the watchpoint used will be freed and the Embedded ICE registers
279 * will be updated. Otherwise, the software breakpoint will be restored to its
280 * original instruction if it hasn't already been modified.
281 *
282 * @param target Pointer to ARM7/9 target to unset the breakpoint from
283 * @param breakpoint Pointer to breakpoint to be unset
284 * @return For hardware breakpoints, this is the result of executing the JTAG
285 * queue. For software breakpoints, this will be the status of the
286 * required memory reads and writes
287 */
288 static int arm7_9_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
289 {
290 int retval = ERROR_OK;
291 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
292
293 LOG_DEBUG("BPID: %" PRIu32 ", Address: 0x%08" TARGET_PRIxADDR,
294 breakpoint->unique_id,
295 breakpoint->address);
296
297 if (!breakpoint->is_set) {
298 LOG_WARNING("breakpoint not set");
299 return ERROR_OK;
300 }
301
302 if (breakpoint->type == BKPT_HARD) {
303 LOG_DEBUG("BPID: %" PRIu32 " Releasing hw wp: %d",
304 breakpoint->unique_id,
305 breakpoint->is_set);
306 if (breakpoint->number == 0) {
307 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
308 arm7_9->wp0_used = 0;
309 arm7_9->wp_available++;
310 } else if (breakpoint->number == 1) {
311 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
312 arm7_9->wp1_used = 0;
313 arm7_9->wp_available++;
314 }
315 retval = jtag_execute_queue();
316 breakpoint->is_set = false;
317 } else {
318 /* restore original instruction (kept in target endianness) */
319 if (breakpoint->length == 4) {
320 uint32_t current_instr;
321 /* check that user program as not modified breakpoint instruction */
322 retval = target_read_memory(target,
323 breakpoint->address, 4, 1, (uint8_t *)&current_instr);
324 if (retval != ERROR_OK)
325 return retval;
326 current_instr = target_buffer_get_u32(target, (uint8_t *)&current_instr);
327 if (current_instr == arm7_9->arm_bkpt) {
328 retval = target_write_memory(target,
329 breakpoint->address, 4, 1, breakpoint->orig_instr);
330 if (retval != ERROR_OK)
331 return retval;
332 }
333
334 } else {
335 uint16_t current_instr;
336 /* check that user program as not modified breakpoint instruction */
337 retval = target_read_memory(target,
338 breakpoint->address, 2, 1, (uint8_t *)&current_instr);
339 if (retval != ERROR_OK)
340 return retval;
341 current_instr = target_buffer_get_u16(target, (uint8_t *)&current_instr);
342 if (current_instr == arm7_9->thumb_bkpt) {
343 retval = target_write_memory(target,
344 breakpoint->address, 2, 1, breakpoint->orig_instr);
345 if (retval != ERROR_OK)
346 return retval;
347 }
348 }
349
350 if (--arm7_9->sw_breakpoint_count == 0) {
351 /* We have removed the last sw breakpoint, clear the hw breakpoint we used
352 *to implement it */
353 if (arm7_9->sw_breakpoints_added == 1)
354 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[
355 EICE_W0_CONTROL_VALUE], 0);
356 else if (arm7_9->sw_breakpoints_added == 2)
357 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[
358 EICE_W1_CONTROL_VALUE], 0);
359 }
360
361 breakpoint->is_set = false;
362 }
363
364 return retval;
365 }
366
367 /**
368 * Add a breakpoint to an ARM7/9 target. This makes sure that there are no
369 * dangling breakpoints and that the desired breakpoint can be added.
370 *
371 * @param target Pointer to the target ARM7/9 device to add a breakpoint to
372 * @param breakpoint Pointer to the breakpoint to be added
373 * @return An error status if there is a problem adding the breakpoint or the
374 * result of setting the breakpoint
375 */
376 int arm7_9_add_breakpoint(struct target *target, struct breakpoint *breakpoint)
377 {
378 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
379
380 if (arm7_9->breakpoint_count == 0) {
381 /* make sure we don't have any dangling breakpoints. This is vital upon
382 * GDB connect/disconnect
383 */
384 arm7_9_clear_watchpoints(arm7_9);
385 }
386
387 if ((breakpoint->type == BKPT_HARD) && (arm7_9->wp_available < 1)) {
388 LOG_INFO("no watchpoint unit available for hardware breakpoint");
389 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
390 }
391
392 if ((breakpoint->length != 2) && (breakpoint->length != 4)) {
393 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
394 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
395 }
396
397 if (breakpoint->type == BKPT_HARD)
398 arm7_9_assign_wp(arm7_9, breakpoint);
399
400 arm7_9->breakpoint_count++;
401
402 return arm7_9_set_breakpoint(target, breakpoint);
403 }
404
405 /**
406 * Removes a breakpoint from an ARM7/9 target. This will make sure there are no
407 * dangling breakpoints and updates available watchpoints if it is a hardware
408 * breakpoint.
409 *
410 * @param target Pointer to the target to have a breakpoint removed
411 * @param breakpoint Pointer to the breakpoint to be removed
412 * @return Error status if there was a problem unsetting the breakpoint or the
413 * watchpoints could not be cleared
414 */
415 int arm7_9_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
416 {
417 int retval = ERROR_OK;
418 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
419
420 retval = arm7_9_unset_breakpoint(target, breakpoint);
421 if (retval != ERROR_OK)
422 return retval;
423
424 if (breakpoint->type == BKPT_HARD)
425 arm7_9->wp_available++;
426
427 arm7_9->breakpoint_count--;
428 if (arm7_9->breakpoint_count == 0) {
429 /* make sure we don't have any dangling breakpoints */
430 retval = arm7_9_clear_watchpoints(arm7_9);
431 if (retval != ERROR_OK)
432 return retval;
433 }
434
435 return ERROR_OK;
436 }
437
438 /**
439 * Sets a watchpoint for an ARM7/9 target in one of the watchpoint units. It is
440 * considered a bug to call this function when there are no available watchpoint
441 * units.
442 *
443 * @param target Pointer to an ARM7/9 target to set a watchpoint on
444 * @param watchpoint Pointer to the watchpoint to be set
445 * @return Error status if watchpoint set fails or the result of executing the
446 * JTAG queue
447 */
448 static int arm7_9_set_watchpoint(struct target *target, struct watchpoint *watchpoint)
449 {
450 int retval = ERROR_OK;
451 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
452 int rw_mask = 1;
453 uint32_t mask;
454 const uint32_t wp_data_mask = watchpoint->mask;
455
456 mask = watchpoint->length - 1;
457
458 if (target->state != TARGET_HALTED) {
459 LOG_TARGET_ERROR(target, "not halted");
460 return ERROR_TARGET_NOT_HALTED;
461 }
462
463 if (watchpoint->rw == WPT_ACCESS)
464 rw_mask = 0;
465 else
466 rw_mask = 1;
467
468 if (!arm7_9->wp0_used) {
469 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE],
470 watchpoint->address);
471 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
472 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK],
473 wp_data_mask);
474 if (wp_data_mask != (uint32_t)WATCHPOINT_IGNORE_DATA_VALUE_MASK)
475 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE],
476 watchpoint->value);
477 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK],
478 0xff & ~EICE_W_CTRL_NOPC & ~rw_mask);
479 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE],
480 EICE_W_CTRL_ENABLE | EICE_W_CTRL_NOPC | (watchpoint->rw & 1));
481
482 retval = jtag_execute_queue();
483 if (retval != ERROR_OK)
484 return retval;
485 watchpoint_set(watchpoint, 1);
486 arm7_9->wp0_used = 2;
487 } else if (!arm7_9->wp1_used) {
488 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE],
489 watchpoint->address);
490 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
491 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK],
492 wp_data_mask);
493 if (wp_data_mask != (uint32_t)WATCHPOINT_IGNORE_DATA_VALUE_MASK)
494 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE],
495 watchpoint->value);
496 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK],
497 0xff & ~EICE_W_CTRL_NOPC & ~rw_mask);
498 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE],
499 EICE_W_CTRL_ENABLE | EICE_W_CTRL_NOPC | (watchpoint->rw & 1));
500
501 retval = jtag_execute_queue();
502 if (retval != ERROR_OK)
503 return retval;
504 watchpoint_set(watchpoint, 2);
505 arm7_9->wp1_used = 2;
506 } else {
507 LOG_ERROR("BUG: no hardware comparator available");
508 return ERROR_OK;
509 }
510
511 return ERROR_OK;
512 }
513
514 /**
515 * Unset an existing watchpoint and clear the used watchpoint unit.
516 *
517 * @param target Pointer to the target to have the watchpoint removed
518 * @param watchpoint Pointer to the watchpoint to be removed
519 * @return Error status while trying to unset the watchpoint or the result of
520 * executing the JTAG queue
521 */
522 static int arm7_9_unset_watchpoint(struct target *target, struct watchpoint *watchpoint)
523 {
524 int retval = ERROR_OK;
525 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
526
527 if (target->state != TARGET_HALTED) {
528 LOG_TARGET_ERROR(target, "not halted");
529 return ERROR_TARGET_NOT_HALTED;
530 }
531
532 if (!watchpoint->is_set) {
533 LOG_WARNING("breakpoint not set");
534 return ERROR_OK;
535 }
536
537 if (watchpoint->number == 1) {
538 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
539 retval = jtag_execute_queue();
540 if (retval != ERROR_OK)
541 return retval;
542 arm7_9->wp0_used = 0;
543 } else if (watchpoint->number == 2) {
544 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
545 retval = jtag_execute_queue();
546 if (retval != ERROR_OK)
547 return retval;
548 arm7_9->wp1_used = 0;
549 }
550 watchpoint->is_set = false;
551
552 return ERROR_OK;
553 }
554
555 /**
556 * Add a watchpoint to an ARM7/9 target. If there are no watchpoint units
557 * available, an error response is returned.
558 *
559 * @param target Pointer to the ARM7/9 target to add a watchpoint to
560 * @param watchpoint Pointer to the watchpoint to be added
561 * @return Error status while trying to add the watchpoint
562 */
563 int arm7_9_add_watchpoint(struct target *target, struct watchpoint *watchpoint)
564 {
565 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
566
567 if (arm7_9->wp_available < 1)
568 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
569
570 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
571 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
572
573 arm7_9->wp_available--;
574
575 return ERROR_OK;
576 }
577
578 /**
579 * Remove a watchpoint from an ARM7/9 target. The watchpoint will be unset and
580 * the used watchpoint unit will be reopened.
581 *
582 * @param target Pointer to the target to remove a watchpoint from
583 * @param watchpoint Pointer to the watchpoint to be removed
584 * @return Result of trying to unset the watchpoint
585 */
586 int arm7_9_remove_watchpoint(struct target *target, struct watchpoint *watchpoint)
587 {
588 int retval = ERROR_OK;
589 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
590
591 if (watchpoint->is_set) {
592 retval = arm7_9_unset_watchpoint(target, watchpoint);
593 if (retval != ERROR_OK)
594 return retval;
595 }
596
597 arm7_9->wp_available++;
598
599 return ERROR_OK;
600 }
601
602 /**
603 * Restarts the target by sending a RESTART instruction and moving the JTAG
604 * state to IDLE. This includes a timeout waiting for DBGACK and SYSCOMP to be
605 * asserted by the processor.
606 *
607 * @param target Pointer to target to issue commands to
608 * @return Error status if there is a timeout or a problem while executing the
609 * JTAG queue
610 */
611 int arm7_9_execute_sys_speed(struct target *target)
612 {
613 int retval;
614 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
615 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
616 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
617
618 /* set RESTART instruction */
619 if (arm7_9->need_bypass_before_restart) {
620 arm7_9->need_bypass_before_restart = 0;
621 retval = arm_jtag_set_instr(jtag_info->tap, 0xf, NULL, TAP_IDLE);
622 if (retval != ERROR_OK)
623 return retval;
624 }
625 retval = arm_jtag_set_instr(jtag_info->tap, 0x4, NULL, TAP_IDLE);
626 if (retval != ERROR_OK)
627 return retval;
628
629 int64_t then = timeval_ms();
630 bool timeout;
631 while (!(timeout = ((timeval_ms()-then) > 1000))) {
632 /* read debug status register */
633 embeddedice_read_reg(dbg_stat);
634 retval = jtag_execute_queue();
635 if (retval != ERROR_OK)
636 return retval;
637 if ((buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
638 && (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_SYSCOMP, 1)))
639 break;
640 if (debug_level >= 3)
641 alive_sleep(100);
642 else
643 keep_alive();
644 }
645 if (timeout) {
646 LOG_ERROR("timeout waiting for SYSCOMP & DBGACK, last DBG_STATUS: %" PRIx32 "",
647 buf_get_u32(dbg_stat->value, 0, dbg_stat->size));
648 return ERROR_TARGET_TIMEOUT;
649 }
650
651 return ERROR_OK;
652 }
653
654 /**
655 * Restarts the target by sending a RESTART instruction and moving the JTAG
656 * state to IDLE. This validates that DBGACK and SYSCOMP are set without
657 * waiting until they are.
658 *
659 * @param target Pointer to the target to issue commands to
660 * @return Always ERROR_OK
661 */
662 static int arm7_9_execute_fast_sys_speed(struct target *target)
663 {
664 static int set;
665 static uint8_t check_value[4], check_mask[4];
666
667 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
668 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
669 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
670 int retval;
671
672 /* set RESTART instruction */
673 if (arm7_9->need_bypass_before_restart) {
674 arm7_9->need_bypass_before_restart = 0;
675 retval = arm_jtag_set_instr(jtag_info->tap, 0xf, NULL, TAP_IDLE);
676 if (retval != ERROR_OK)
677 return retval;
678 }
679 retval = arm_jtag_set_instr(jtag_info->tap, 0x4, NULL, TAP_IDLE);
680 if (retval != ERROR_OK)
681 return retval;
682
683 if (!set) {
684 /* check for DBGACK and SYSCOMP set (others don't care) */
685
686 /* NB! These are constants that must be available until after next jtag_execute() and
687 * we evaluate the values upon first execution in lieu of setting up these constants
688 * during early setup.
689 * */
690 buf_set_u32(check_value, 0, 32, 0x9);
691 buf_set_u32(check_mask, 0, 32, 0x9);
692 set = 1;
693 }
694
695 /* read debug status register */
696 embeddedice_read_reg_w_check(dbg_stat, check_value, check_mask);
697
698 return ERROR_OK;
699 }
700
701 /**
702 * Get some data from the ARM7/9 target.
703 *
704 * @param target Pointer to the ARM7/9 target to read data from
705 * @param size The number of 32bit words to be read
706 * @param buffer Pointer to the buffer that will hold the data
707 * @return The result of receiving data from the Embedded ICE unit
708 */
709 int arm7_9_target_request_data(struct target *target, uint32_t size, uint8_t *buffer)
710 {
711 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
712 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
713 uint32_t *data;
714 int retval = ERROR_OK;
715 uint32_t i;
716
717 data = malloc(size * (sizeof(uint32_t)));
718
719 retval = embeddedice_receive(jtag_info, data, size);
720
721 /* return the 32-bit ints in the 8-bit array */
722 for (i = 0; i < size; i++)
723 h_u32_to_le(buffer + (i * 4), data[i]);
724
725 free(data);
726
727 return retval;
728 }
729
730 /**
731 * Handles requests to an ARM7/9 target. If debug messaging is enabled, the
732 * target is running and the DCC control register has the W bit high, this will
733 * execute the request on the target.
734 *
735 * @param priv Void pointer expected to be a struct target pointer
736 * @return ERROR_OK unless there are issues with the JTAG queue or when reading
737 * from the Embedded ICE unit
738 */
739 static int arm7_9_handle_target_request(void *priv)
740 {
741 int retval = ERROR_OK;
742 struct target *target = priv;
743 if (!target_was_examined(target))
744 return ERROR_OK;
745 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
746 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
747 struct reg *dcc_control = &arm7_9->eice_cache->reg_list[EICE_COMMS_CTRL];
748
749 if (!target->dbg_msg_enabled)
750 return ERROR_OK;
751
752 if (target->state == TARGET_RUNNING) {
753 /* read DCC control register */
754 embeddedice_read_reg(dcc_control);
755 retval = jtag_execute_queue();
756 if (retval != ERROR_OK)
757 return retval;
758
759 /* check W bit */
760 if (buf_get_u32(dcc_control->value, 1, 1) == 1) {
761 uint32_t request;
762
763 retval = embeddedice_receive(jtag_info, &request, 1);
764 if (retval != ERROR_OK)
765 return retval;
766 retval = target_request(target, request);
767 if (retval != ERROR_OK)
768 return retval;
769 }
770 }
771
772 return ERROR_OK;
773 }
774
775 /**
776 * Polls an ARM7/9 target for its current status. If DBGACK is set, the target
777 * is manipulated to the right halted state based on its current state. This is
778 * what happens:
779 *
780 * <table>
781 * <tr><th > State</th><th > Action</th></tr>
782 * <tr><td > TARGET_RUNNING | TARGET_RESET</td>
783 * <td > Enters debug mode. If TARGET_RESET, pc may be checked</td></tr>
784 * <tr><td > TARGET_UNKNOWN</td><td > Warning is logged</td></tr>
785 * <tr><td > TARGET_DEBUG_RUNNING</td><td > Enters debug mode</td></tr>
786 * <tr><td > TARGET_HALTED</td><td > Nothing</td></tr>
787 * </table>
788 *
789 * If the target does not end up in the halted state, a warning is produced. If
790 * DBGACK is cleared, then the target is expected to either be running or
791 * running in debug.
792 *
793 * @param target Pointer to the ARM7/9 target to poll
794 * @return ERROR_OK or an error status if a command fails
795 */
796 int arm7_9_poll(struct target *target)
797 {
798 int retval;
799 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
800 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
801
802 /* read debug status register */
803 embeddedice_read_reg(dbg_stat);
804 retval = jtag_execute_queue();
805 if (retval != ERROR_OK)
806 return retval;
807
808 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1)) {
809 /* LOG_DEBUG("DBGACK set, dbg_state->value: 0x%x", buf_get_u32(dbg_stat->value, 0, *32));*/
810 if (target->state == TARGET_UNKNOWN) {
811 /* Starting OpenOCD with target in debug-halt */
812 target->state = TARGET_RUNNING;
813 LOG_DEBUG("DBGACK already set during server startup.");
814 }
815 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_RESET)) {
816 target->state = TARGET_HALTED;
817
818 retval = arm7_9_debug_entry(target);
819 if (retval != ERROR_OK)
820 return retval;
821
822 if (arm_semihosting(target, &retval) != 0)
823 return retval;
824
825 retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED);
826 if (retval != ERROR_OK)
827 return retval;
828 }
829 if (target->state == TARGET_DEBUG_RUNNING) {
830 target->state = TARGET_HALTED;
831 retval = arm7_9_debug_entry(target);
832 if (retval != ERROR_OK)
833 return retval;
834
835 retval = target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
836 if (retval != ERROR_OK)
837 return retval;
838 }
839 if (target->state != TARGET_HALTED)
840 LOG_WARNING(
841 "DBGACK set, but the target did not end up in the halted state %d",
842 target->state);
843 } else {
844 if (target->state != TARGET_DEBUG_RUNNING)
845 target->state = TARGET_RUNNING;
846 }
847
848 return ERROR_OK;
849 }
850
851 /**
852 * Asserts the reset (SRST) on an ARM7/9 target. Some -S targets (ARM966E-S in
853 * the STR912 isn't affected, ARM926EJ-S in the LPC3180 and AT91SAM9260 is
854 * affected) completely stop the JTAG clock while the core is held in reset
855 * (SRST). It isn't possible to program the halt condition once reset is
856 * asserted, hence a hook that allows the target to set up its reset-halt
857 * condition is setup prior to asserting reset.
858 *
859 * @param target Pointer to an ARM7/9 target to assert reset on
860 * @return ERROR_FAIL if the JTAG device does not have SRST, otherwise ERROR_OK
861 */
862 int arm7_9_assert_reset(struct target *target)
863 {
864 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
865 enum reset_types jtag_reset_config = jtag_get_reset_config();
866 bool use_event = false;
867
868 /* TODO: apply hw reset signal in not examined state */
869 if (!(target_was_examined(target))) {
870 LOG_WARNING("Reset is not asserted because the target is not examined.");
871 LOG_WARNING("Use a reset button or power cycle the target.");
872 return ERROR_TARGET_NOT_EXAMINED;
873 }
874
875 LOG_DEBUG("target->state: %s", target_state_name(target));
876
877 if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT))
878 use_event = true;
879 else if (!(jtag_reset_config & RESET_HAS_SRST)) {
880 LOG_ERROR("%s: how to reset?", target_name(target));
881 return ERROR_FAIL;
882 }
883
884 /* At this point trst has been asserted/deasserted once. We would
885 * like to program EmbeddedICE while SRST is asserted, instead of
886 * depending on SRST to leave that module alone. However, many CPUs
887 * gate the JTAG clock while SRST is asserted; or JTAG may need
888 * clock stability guarantees (adaptive clocking might help).
889 *
890 * So we assume JTAG access during SRST is off the menu unless it's
891 * been specifically enabled.
892 */
893 bool srst_asserted = false;
894
895 if (!use_event && !(jtag_reset_config & RESET_SRST_PULLS_TRST)
896 && (jtag_reset_config & RESET_SRST_NO_GATING)) {
897 jtag_add_reset(0, 1);
898 srst_asserted = true;
899 }
900
901 if (target->reset_halt) {
902 /*
903 * For targets that don't support communication while SRST is
904 * asserted, we need to set up the reset vector catch first.
905 *
906 * When we use TRST+SRST and that's equivalent to a power-up
907 * reset, these settings may well be reset anyway; so setting
908 * them here won't matter.
909 */
910 if (arm7_9->has_vector_catch) {
911 /* program vector catch register to catch reset */
912 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH], 0x1);
913
914 /* extra runtest added as issues were found with
915 * certain ARM9 cores (maybe more) - AT91SAM9260
916 * and STR9
917 */
918 jtag_add_runtest(1, TAP_IDLE);
919 } else {
920 /* program watchpoint unit to match on reset vector
921 * address
922 */
923 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], 0x0);
924 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0x3);
925 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
926 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
927 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_NOPC & 0xff);
928 }
929 }
930
931 if (use_event)
932 target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
933 else {
934 /* If we use SRST ... we'd like to issue just SRST, but the
935 * board or chip may be set up so we have to assert TRST as
936 * well. On some chips that combination is equivalent to a
937 * power-up reset, and generally clobbers EICE state.
938 */
939 if (jtag_reset_config & RESET_SRST_PULLS_TRST)
940 jtag_add_reset(1, 1);
941 else if (!srst_asserted)
942 jtag_add_reset(0, 1);
943 jtag_add_sleep(50000);
944 }
945
946 target->state = TARGET_RESET;
947 register_cache_invalidate(arm7_9->arm.core_cache);
948
949 /* REVISIT why isn't standard debug entry logic sufficient?? */
950 if (target->reset_halt && (!(jtag_reset_config & RESET_SRST_PULLS_TRST) || use_event)) {
951 /* debug entry was prepared above */
952 target->debug_reason = DBG_REASON_DBGRQ;
953 }
954
955 return ERROR_OK;
956 }
957
958 /**
959 * Deassert the reset (SRST) signal on an ARM7/9 target. If SRST pulls TRST
960 * and the target is being reset into a halt, a warning will be triggered
961 * because it is not possible to reset into a halted mode in this case. The
962 * target is halted using the target's functions.
963 *
964 * @param target Pointer to the target to have the reset deasserted
965 * @return ERROR_OK or an error from polling or halting the target
966 */
967 int arm7_9_deassert_reset(struct target *target)
968 {
969 int retval = ERROR_OK;
970 LOG_DEBUG("target->state: %s", target_state_name(target));
971
972 /* deassert reset lines */
973 jtag_add_reset(0, 0);
974
975 /* In case polling is disabled, we need to examine the
976 * target and poll here for this target to work correctly.
977 *
978 * Otherwise, e.g. halt will fail afterwards with bogus
979 * error messages as halt will believe that reset is
980 * still in effect.
981 */
982 retval = target_examine_one(target);
983 if (retval != ERROR_OK)
984 return retval;
985
986 retval = target_poll(target);
987 if (retval != ERROR_OK)
988 return retval;
989
990 enum reset_types jtag_reset_config = jtag_get_reset_config();
991 if (target->reset_halt && (jtag_reset_config & RESET_SRST_PULLS_TRST) != 0) {
992 LOG_WARNING(
993 "srst pulls trst - can not reset into halted mode. Issuing halt after reset.");
994 retval = target_halt(target);
995 if (retval != ERROR_OK)
996 return retval;
997 }
998 return retval;
999 }
1000
1001 /**
1002 * Clears the halt condition for an ARM7/9 target. If it isn't coming out of
1003 * reset and if DBGRQ is used, it is programmed to be deasserted. If the reset
1004 * vector catch was used, it is restored. Otherwise, the control value is
1005 * restored and the watchpoint unit is restored if it was in use.
1006 *
1007 * @param target Pointer to the ARM7/9 target to have halt cleared
1008 * @return Always ERROR_OK
1009 */
1010 static int arm7_9_clear_halt(struct target *target)
1011 {
1012 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1013 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1014
1015 /* we used DBGRQ only if we didn't come out of reset */
1016 if (!arm7_9->debug_entry_from_reset && arm7_9->use_dbgrq) {
1017 /* program EmbeddedICE Debug Control Register to deassert DBGRQ
1018 */
1019 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1020 embeddedice_store_reg(dbg_ctrl);
1021 } else {
1022 if (arm7_9->debug_entry_from_reset && arm7_9->has_vector_catch) {
1023 /* if we came out of reset, and vector catch is supported, we used
1024 * vector catch to enter debug state
1025 * restore the register in that case
1026 */
1027 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH]);
1028 } else {
1029 /* restore registers if watchpoint unit 0 was in use
1030 */
1031 if (arm7_9->wp0_used) {
1032 if (arm7_9->debug_entry_from_reset)
1033 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[
1034 EICE_W0_ADDR_VALUE]);
1035 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[
1036 EICE_W0_ADDR_MASK]);
1037 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[
1038 EICE_W0_DATA_MASK]);
1039 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[
1040 EICE_W0_CONTROL_MASK]);
1041 }
1042 /* control value always has to be restored, as it was either disabled,
1043 * or enabled with possibly different bits
1044 */
1045 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1046 }
1047 }
1048
1049 return ERROR_OK;
1050 }
1051
1052 /**
1053 * Issue a software reset and halt to an ARM7/9 target. The target is halted
1054 * and then there is a wait until the processor shows the halt. This wait can
1055 * timeout and results in an error being returned. The software reset involves
1056 * clearing the halt, updating the debug control register, changing to ARM mode,
1057 * reset of the program counter, and reset of all of the registers.
1058 *
1059 * @param target Pointer to the ARM7/9 target to be reset and halted by software
1060 * @return Error status if any of the commands fail, otherwise ERROR_OK
1061 */
1062 int arm7_9_soft_reset_halt(struct target *target)
1063 {
1064 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1065 struct arm *arm = &arm7_9->arm;
1066 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1067 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1068 int i;
1069 int retval;
1070
1071 /* FIX!!! replace some of this code with tcl commands
1072 *
1073 * halt # the halt command is synchronous
1074 * armv4_5 core_state arm
1075 *
1076 */
1077
1078 retval = target_halt(target);
1079 if (retval != ERROR_OK)
1080 return retval;
1081
1082 long long then = timeval_ms();
1083 int timeout;
1084 while (!(timeout = ((timeval_ms()-then) > 1000))) {
1085 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) != 0)
1086 break;
1087 embeddedice_read_reg(dbg_stat);
1088 retval = jtag_execute_queue();
1089 if (retval != ERROR_OK)
1090 return retval;
1091 if (debug_level >= 3)
1092 alive_sleep(100);
1093 else
1094 keep_alive();
1095 }
1096 if (timeout) {
1097 LOG_ERROR("Failed to halt CPU after 1 sec");
1098 return ERROR_TARGET_TIMEOUT;
1099 }
1100 target->state = TARGET_HALTED;
1101
1102 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1103 * ensure that DBGRQ is cleared
1104 */
1105 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1106 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1107 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1108 embeddedice_store_reg(dbg_ctrl);
1109
1110 retval = arm7_9_clear_halt(target);
1111 if (retval != ERROR_OK)
1112 return retval;
1113
1114 /* if the target is in Thumb state, change to ARM state */
1115 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1)) {
1116 uint32_t r0_thumb, pc_thumb;
1117 LOG_DEBUG("target entered debug from Thumb state, changing to ARM");
1118 /* Entered debug from Thumb mode */
1119 arm->core_state = ARM_STATE_THUMB;
1120 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1121 }
1122
1123 /* REVISIT likewise for bit 5 -- switch Jazelle-to-ARM */
1124
1125 /* all register content is now invalid */
1126 register_cache_invalidate(arm->core_cache);
1127
1128 /* SVC, ARM state, IRQ and FIQ disabled */
1129 uint32_t cpsr;
1130
1131 cpsr = buf_get_u32(arm->cpsr->value, 0, 32);
1132 cpsr &= ~0xff;
1133 cpsr |= 0xd3;
1134 arm_set_cpsr(arm, cpsr);
1135 arm->cpsr->dirty = true;
1136
1137 /* start fetching from 0x0 */
1138 buf_set_u32(arm->pc->value, 0, 32, 0x0);
1139 arm->pc->dirty = true;
1140 arm->pc->valid = true;
1141
1142 /* reset registers */
1143 for (i = 0; i <= 14; i++) {
1144 struct reg *r = arm_reg_current(arm, i);
1145
1146 buf_set_u32(r->value, 0, 32, 0xffffffff);
1147 r->dirty = true;
1148 r->valid = true;
1149 }
1150
1151 retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1152 if (retval != ERROR_OK)
1153 return retval;
1154
1155 return ERROR_OK;
1156 }
1157
1158 /**
1159 * Halt an ARM7/9 target. This is accomplished by either asserting the DBGRQ
1160 * line or by programming a watchpoint to trigger on any address. It is
1161 * considered a bug to call this function while the target is in the
1162 * TARGET_RESET state.
1163 *
1164 * @param target Pointer to the ARM7/9 target to be halted
1165 * @return Always ERROR_OK
1166 */
1167 int arm7_9_halt(struct target *target)
1168 {
1169 if (target->state == TARGET_RESET) {
1170 LOG_ERROR(
1171 "BUG: arm7/9 does not support halt during reset. This is handled in arm7_9_assert_reset()");
1172 return ERROR_OK;
1173 }
1174
1175 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1176 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1177
1178 LOG_DEBUG("target->state: %s",
1179 target_state_name(target));
1180
1181 if (target->state == TARGET_HALTED) {
1182 LOG_DEBUG("target was already halted");
1183 return ERROR_OK;
1184 }
1185
1186 if (target->state == TARGET_UNKNOWN)
1187 LOG_WARNING("target was in unknown state when halt was requested");
1188
1189 if (arm7_9->use_dbgrq) {
1190 /* program EmbeddedICE Debug Control Register to assert DBGRQ
1191 */
1192 if (arm7_9->set_special_dbgrq)
1193 arm7_9->set_special_dbgrq(target);
1194 else {
1195 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 1);
1196 embeddedice_store_reg(dbg_ctrl);
1197 }
1198 } else {
1199 /* program watchpoint unit to match on any address
1200 */
1201 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1202 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1203 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE],
1204 EICE_W_CTRL_ENABLE);
1205 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK],
1206 ~EICE_W_CTRL_NOPC & 0xff);
1207 }
1208
1209 target->debug_reason = DBG_REASON_DBGRQ;
1210
1211 return ERROR_OK;
1212 }
1213
1214 /**
1215 * Handle an ARM7/9 target's entry into debug mode. The halt is cleared on the
1216 * ARM. The JTAG queue is then executed and the reason for debug entry is
1217 * examined. Once done, the target is verified to be halted and the processor
1218 * is forced into ARM mode. The core registers are saved for the current core
1219 * mode and the program counter (register 15) is updated as needed. The core
1220 * registers and CPSR and SPSR are saved for restoration later.
1221 *
1222 * @param target Pointer to target that is entering debug mode
1223 * @return Error code if anything fails, otherwise ERROR_OK
1224 */
1225 static int arm7_9_debug_entry(struct target *target)
1226 {
1227 int i;
1228 uint32_t context[16];
1229 uint32_t *context_p[16];
1230 uint32_t r0_thumb, pc_thumb;
1231 uint32_t cpsr, cpsr_mask = 0;
1232 int retval;
1233 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1234 struct arm *arm = &arm7_9->arm;
1235 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1236 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1237
1238 #ifdef _DEBUG_ARM7_9_
1239 LOG_DEBUG("-");
1240 #endif
1241
1242 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1243 * ensure that DBGRQ is cleared
1244 */
1245 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1246 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1247 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1248 embeddedice_store_reg(dbg_ctrl);
1249
1250 retval = arm7_9_clear_halt(target);
1251 if (retval != ERROR_OK)
1252 return retval;
1253
1254 retval = jtag_execute_queue();
1255 if (retval != ERROR_OK)
1256 return retval;
1257
1258 retval = arm7_9->examine_debug_reason(target);
1259 if (retval != ERROR_OK)
1260 return retval;
1261
1262 if (target->state != TARGET_HALTED) {
1263 LOG_TARGET_ERROR(target, "not halted");
1264 return ERROR_TARGET_NOT_HALTED;
1265 }
1266
1267 /* if the target is in Thumb state, change to ARM state */
1268 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1)) {
1269 LOG_DEBUG("target entered debug from Thumb state");
1270 /* Entered debug from Thumb mode */
1271 arm->core_state = ARM_STATE_THUMB;
1272 cpsr_mask = 1 << 5;
1273 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1274 LOG_DEBUG("r0_thumb: 0x%8.8" PRIx32
1275 ", pc_thumb: 0x%8.8" PRIx32, r0_thumb, pc_thumb);
1276 } else if (buf_get_u32(dbg_stat->value, 5, 1)) {
1277 /* \todo Get some vaguely correct handling of Jazelle, if
1278 * anyone ever uses it and full info becomes available.
1279 * See ARM9EJS TRM B.7.1 for how to switch J->ARM; and
1280 * B.7.3 for the reverse. That'd be the bare minimum...
1281 */
1282 LOG_DEBUG("target entered debug from Jazelle state");
1283 arm->core_state = ARM_STATE_JAZELLE;
1284 cpsr_mask = 1 << 24;
1285 LOG_ERROR("Jazelle debug entry -- BROKEN!");
1286 } else {
1287 LOG_DEBUG("target entered debug from ARM state");
1288 /* Entered debug from ARM mode */
1289 arm->core_state = ARM_STATE_ARM;
1290 }
1291
1292 for (i = 0; i < 16; i++)
1293 context_p[i] = &context[i];
1294 /* save core registers (r0 - r15 of current core mode) */
1295 arm7_9->read_core_regs(target, 0xffff, context_p);
1296
1297 arm7_9->read_xpsr(target, &cpsr, 0);
1298
1299 retval = jtag_execute_queue();
1300 if (retval != ERROR_OK)
1301 return retval;
1302
1303 /* Sync our CPSR copy with J or T bits EICE reported, but
1304 * which we then erased by putting the core into ARM mode.
1305 */
1306 arm_set_cpsr(arm, cpsr | cpsr_mask);
1307
1308 if (!is_arm_mode(arm->core_mode)) {
1309 target->state = TARGET_UNKNOWN;
1310 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1311 return ERROR_TARGET_FAILURE;
1312 }
1313
1314 LOG_DEBUG("target entered debug state in %s mode",
1315 arm_mode_name(arm->core_mode));
1316
1317 if (arm->core_state == ARM_STATE_THUMB) {
1318 LOG_DEBUG("thumb state, applying fixups");
1319 context[0] = r0_thumb;
1320 context[15] = pc_thumb;
1321 } else if (arm->core_state == ARM_STATE_ARM) {
1322 /* adjust value stored by STM */
1323 context[15] -= 3 * 4;
1324 }
1325
1326 if ((target->debug_reason != DBG_REASON_DBGRQ) || (!arm7_9->use_dbgrq))
1327 context[15] -= 3 * ((arm->core_state == ARM_STATE_ARM) ? 4 : 2);
1328 else
1329 context[15] -= arm7_9->dbgreq_adjust_pc *
1330 ((arm->core_state == ARM_STATE_ARM) ? 4 : 2);
1331
1332 for (i = 0; i <= 15; i++) {
1333 struct reg *r = arm_reg_current(arm, i);
1334
1335 LOG_DEBUG("r%i: 0x%8.8" PRIx32 "", i, context[i]);
1336
1337 buf_set_u32(r->value, 0, 32, context[i]);
1338 /* r0 and r15 (pc) have to be restored later */
1339 r->dirty = (i == 0) || (i == 15);
1340 r->valid = true;
1341 }
1342
1343 LOG_DEBUG("entered debug state at PC 0x%" PRIx32 "", context[15]);
1344
1345 /* exceptions other than USR & SYS have a saved program status register */
1346 if (arm->spsr) {
1347 uint32_t spsr;
1348 arm7_9->read_xpsr(target, &spsr, 1);
1349 retval = jtag_execute_queue();
1350 if (retval != ERROR_OK)
1351 return retval;
1352 buf_set_u32(arm->spsr->value, 0, 32, spsr);
1353 arm->spsr->dirty = false;
1354 arm->spsr->valid = true;
1355 }
1356
1357 retval = jtag_execute_queue();
1358 if (retval != ERROR_OK)
1359 return retval;
1360
1361 if (arm7_9->post_debug_entry) {
1362 retval = arm7_9->post_debug_entry(target);
1363 if (retval != ERROR_OK)
1364 return retval;
1365 }
1366
1367 return ERROR_OK;
1368 }
1369
1370 /**
1371 * Validate the full context for an ARM7/9 target in all processor modes. If
1372 * there are any invalid registers for the target, they will all be read. This
1373 * includes the PSR.
1374 *
1375 * @param target Pointer to the ARM7/9 target to capture the full context from
1376 * @return Error if the target is not halted, has an invalid core mode, or if
1377 * the JTAG queue fails to execute
1378 */
1379 static int arm7_9_full_context(struct target *target)
1380 {
1381 int i;
1382 int retval;
1383 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1384 struct arm *arm = &arm7_9->arm;
1385 struct {
1386 uint32_t value;
1387 uint8_t *reg_p;
1388 } read_cache[6 * (16 + 1)];
1389 int read_cache_idx = 0;
1390
1391 LOG_DEBUG("-");
1392
1393 if (target->state != TARGET_HALTED) {
1394 LOG_TARGET_ERROR(target, "not halted");
1395 return ERROR_TARGET_NOT_HALTED;
1396 }
1397
1398 if (!is_arm_mode(arm->core_mode)) {
1399 LOG_ERROR("not a valid arm core mode - communication failure?");
1400 return ERROR_FAIL;
1401 }
1402
1403 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1404 * SYS shares registers with User, so we don't touch SYS
1405 */
1406 for (i = 0; i < 6; i++) {
1407 uint32_t mask = 0;
1408 uint32_t *reg_p[16];
1409 int j;
1410 bool valid = true;
1411
1412 /* check if there are invalid registers in the current mode
1413 */
1414 for (j = 0; j <= 16; j++) {
1415 if (!ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i), j).valid)
1416 valid = false;
1417 }
1418
1419 if (!valid) {
1420 uint32_t tmp_cpsr;
1421
1422 /* change processor mode (and mask T bit) */
1423 tmp_cpsr = buf_get_u32(arm->cpsr->value, 0, 8)
1424 & 0xe0;
1425 tmp_cpsr |= armv4_5_number_to_mode(i);
1426 tmp_cpsr &= ~0x20;
1427 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1428
1429 for (j = 0; j < 15; j++) {
1430 if (!ARMV4_5_CORE_REG_MODE(arm->core_cache,
1431 armv4_5_number_to_mode(i), j).valid) {
1432 read_cache[read_cache_idx].reg_p = ARMV4_5_CORE_REG_MODE(
1433 arm->core_cache,
1434 armv4_5_number_to_mode(i),
1435 j).value;
1436 reg_p[j] = &read_cache[read_cache_idx].value;
1437 read_cache_idx++;
1438 mask |= 1 << j;
1439 ARMV4_5_CORE_REG_MODE(arm->core_cache,
1440 armv4_5_number_to_mode(i),
1441 j).valid = true;
1442 ARMV4_5_CORE_REG_MODE(arm->core_cache,
1443 armv4_5_number_to_mode(i),
1444 j).dirty = false;
1445 }
1446 }
1447
1448 /* if only the PSR is invalid, mask is all zeroes */
1449 if (mask)
1450 arm7_9->read_core_regs(target, mask, reg_p);
1451
1452 /* check if the PSR has to be read */
1453 if (!ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i),
1454 16).valid) {
1455 read_cache[read_cache_idx].reg_p = ARMV4_5_CORE_REG_MODE(arm->core_cache,
1456 armv4_5_number_to_mode(i), 16).value;
1457 arm7_9->read_xpsr(target, &read_cache[read_cache_idx].value, 1);
1458 read_cache_idx++;
1459 ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i),
1460 16).valid = true;
1461 ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i),
1462 16).dirty = false;
1463 }
1464 }
1465 }
1466
1467 /* restore processor mode (mask T bit) */
1468 arm7_9->write_xpsr_im8(target,
1469 buf_get_u32(arm->cpsr->value, 0, 8) & ~0x20, 0, 0);
1470
1471 retval = jtag_execute_queue();
1472 if (retval != ERROR_OK)
1473 return retval;
1474 /*
1475 * FIXME: regs in cache should be tagged as 'valid' only now,
1476 * not before the jtag_execute_queue()
1477 */
1478 while (read_cache_idx) {
1479 read_cache_idx--;
1480 buf_set_u32(read_cache[read_cache_idx].reg_p, 0, 32, read_cache[read_cache_idx].value);
1481 }
1482 return ERROR_OK;
1483 }
1484
1485 /**
1486 * Restore the processor context on an ARM7/9 target. The full processor
1487 * context is analyzed to see if any of the registers are dirty on this end, but
1488 * have a valid new value. If this is the case, the processor is changed to the
1489 * appropriate mode and the new register values are written out to the
1490 * processor. If there happens to be a dirty register with an invalid value, an
1491 * error will be logged.
1492 *
1493 * @param target Pointer to the ARM7/9 target to have its context restored
1494 * @return Error status if the target is not halted or the core mode in the
1495 * armv4_5 struct is invalid.
1496 */
1497 static int arm7_9_restore_context(struct target *target)
1498 {
1499 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1500 struct arm *arm = &arm7_9->arm;
1501 struct reg *reg;
1502 enum arm_mode current_mode = arm->core_mode;
1503 int i, j;
1504 bool dirty;
1505 int mode_change;
1506
1507 LOG_DEBUG("-");
1508
1509 if (target->state != TARGET_HALTED) {
1510 LOG_TARGET_ERROR(target, "not halted");
1511 return ERROR_TARGET_NOT_HALTED;
1512 }
1513
1514 if (arm7_9->pre_restore_context)
1515 arm7_9->pre_restore_context(target);
1516
1517 if (!is_arm_mode(arm->core_mode)) {
1518 LOG_ERROR("not a valid arm core mode - communication failure?");
1519 return ERROR_FAIL;
1520 }
1521
1522 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1523 * SYS shares registers with User, so we don't touch SYS
1524 */
1525 for (i = 0; i < 6; i++) {
1526 LOG_DEBUG("examining %s mode",
1527 arm_mode_name(arm->core_mode));
1528 dirty = false;
1529 mode_change = 0;
1530 /* check if there are dirty registers in the current mode
1531 */
1532 for (j = 0; j <= 16; j++) {
1533 reg = &ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(i), j);
1534 if (reg->dirty) {
1535 if (reg->valid) {
1536 dirty = true;
1537 LOG_DEBUG("examining dirty reg: %s", reg->name);
1538 struct arm_reg *reg_arch_info;
1539 reg_arch_info = reg->arch_info;
1540 if ((reg_arch_info->mode != ARM_MODE_ANY)
1541 && (reg_arch_info->mode != current_mode)
1542 && !((reg_arch_info->mode == ARM_MODE_USR)
1543 && (arm->core_mode == ARM_MODE_SYS))
1544 && !((reg_arch_info->mode == ARM_MODE_SYS)
1545 && (arm->core_mode == ARM_MODE_USR))) {
1546 mode_change = 1;
1547 LOG_DEBUG("require mode change");
1548 }
1549 } else
1550 LOG_ERROR("BUG: dirty register '%s', but no valid data",
1551 reg->name);
1552 }
1553 }
1554
1555 if (dirty) {
1556 uint32_t mask = 0x0;
1557 uint32_t regs[16];
1558
1559 if (mode_change) {
1560 uint32_t tmp_cpsr;
1561
1562 /* change processor mode (mask T bit) */
1563 tmp_cpsr = buf_get_u32(arm->cpsr->value,
1564 0, 8) & 0xe0;
1565 tmp_cpsr |= armv4_5_number_to_mode(i);
1566 tmp_cpsr &= ~0x20;
1567 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1568 current_mode = armv4_5_number_to_mode(i);
1569 }
1570
1571 for (j = 0; j <= 14; j++) {
1572 reg = &ARMV4_5_CORE_REG_MODE(arm->core_cache,
1573 armv4_5_number_to_mode(i),
1574 j);
1575
1576 if (reg->dirty) {
1577 regs[j] = buf_get_u32(reg->value, 0, 32);
1578 mask |= 1 << j;
1579 reg->dirty = false;
1580 reg->valid = true;
1581 LOG_DEBUG("writing register %i mode %s "
1582 "with value 0x%8.8" PRIx32, j,
1583 arm_mode_name(arm->core_mode),
1584 regs[j]);
1585 }
1586 }
1587
1588 if (mask)
1589 arm7_9->write_core_regs(target, mask, regs);
1590
1591 reg =
1592 &ARMV4_5_CORE_REG_MODE(arm->core_cache, armv4_5_number_to_mode(
1593 i), 16);
1594 struct arm_reg *reg_arch_info;
1595 reg_arch_info = reg->arch_info;
1596 if ((reg->dirty) && (reg_arch_info->mode != ARM_MODE_ANY)) {
1597 LOG_DEBUG("writing SPSR of mode %i with value 0x%8.8" PRIx32 "",
1598 i,
1599 buf_get_u32(reg->value, 0, 32));
1600 arm7_9->write_xpsr(target, buf_get_u32(reg->value, 0, 32), 1);
1601 }
1602 }
1603 }
1604
1605 if (!arm->cpsr->dirty && (arm->core_mode != current_mode)) {
1606 /* restore processor mode (mask T bit) */
1607 uint32_t tmp_cpsr;
1608
1609 tmp_cpsr = buf_get_u32(arm->cpsr->value, 0, 8) & 0xE0;
1610 tmp_cpsr |= armv4_5_number_to_mode(i);
1611 tmp_cpsr &= ~0x20;
1612 LOG_DEBUG("writing lower 8 bit of cpsr with value 0x%2.2x", (unsigned)(tmp_cpsr));
1613 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1614
1615 } else if (arm->cpsr->dirty) {
1616 /* CPSR has been changed, full restore necessary (mask T bit) */
1617 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32,
1618 buf_get_u32(arm->cpsr->value, 0, 32));
1619 arm7_9->write_xpsr(target,
1620 buf_get_u32(arm->cpsr->value, 0, 32)
1621 & ~0x20, 0);
1622 arm->cpsr->dirty = false;
1623 arm->cpsr->valid = true;
1624 }
1625
1626 /* restore PC */
1627 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32,
1628 buf_get_u32(arm->pc->value, 0, 32));
1629 arm7_9->write_pc(target, buf_get_u32(arm->pc->value, 0, 32));
1630 arm->pc->dirty = false;
1631
1632 return ERROR_OK;
1633 }
1634
1635 /**
1636 * Restart the core of an ARM7/9 target. A RESTART command is sent to the
1637 * instruction register and the JTAG state is set to TAP_IDLE causing a core
1638 * restart.
1639 *
1640 * @param target Pointer to the ARM7/9 target to be restarted
1641 * @return Result of executing the JTAG queue
1642 */
1643 static int arm7_9_restart_core(struct target *target)
1644 {
1645 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1646 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
1647 int retval;
1648
1649 /* set RESTART instruction */
1650 if (arm7_9->need_bypass_before_restart) {
1651 arm7_9->need_bypass_before_restart = 0;
1652
1653 retval = arm_jtag_set_instr(jtag_info->tap, 0xf, NULL, TAP_IDLE);
1654 if (retval != ERROR_OK)
1655 return retval;
1656 }
1657 retval = arm_jtag_set_instr(jtag_info->tap, 0x4, NULL, TAP_IDLE);
1658 if (retval != ERROR_OK)
1659 return retval;
1660
1661 jtag_add_runtest(1, TAP_IDLE);
1662 return jtag_execute_queue();
1663 }
1664
1665 /**
1666 * Enable the watchpoints on an ARM7/9 target. The target's watchpoints are
1667 * iterated through and are set on the target if they aren't already set.
1668 *
1669 * @param target Pointer to the ARM7/9 target to enable watchpoints on
1670 */
1671 static void arm7_9_enable_watchpoints(struct target *target)
1672 {
1673 struct watchpoint *watchpoint = target->watchpoints;
1674
1675 while (watchpoint) {
1676 if (!watchpoint->is_set)
1677 arm7_9_set_watchpoint(target, watchpoint);
1678 watchpoint = watchpoint->next;
1679 }
1680 }
1681
1682 /**
1683 * Enable the breakpoints on an ARM7/9 target. The target's breakpoints are
1684 * iterated through and are set on the target.
1685 *
1686 * @param target Pointer to the ARM7/9 target to enable breakpoints on
1687 */
1688 static void arm7_9_enable_breakpoints(struct target *target)
1689 {
1690 struct breakpoint *breakpoint = target->breakpoints;
1691
1692 /* set any pending breakpoints */
1693 while (breakpoint) {
1694 arm7_9_set_breakpoint(target, breakpoint);
1695 breakpoint = breakpoint->next;
1696 }
1697 }
1698
1699 int arm7_9_resume(struct target *target,
1700 int current,
1701 target_addr_t address,
1702 int handle_breakpoints,
1703 int debug_execution)
1704 {
1705 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1706 struct arm *arm = &arm7_9->arm;
1707 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1708 int err, retval = ERROR_OK;
1709
1710 LOG_DEBUG("-");
1711
1712 if (target->state != TARGET_HALTED) {
1713 LOG_TARGET_ERROR(target, "not halted");
1714 return ERROR_TARGET_NOT_HALTED;
1715 }
1716
1717 if (!debug_execution)
1718 target_free_all_working_areas(target);
1719
1720 /* current = 1: continue on current pc, otherwise continue at <address> */
1721 if (!current)
1722 buf_set_u32(arm->pc->value, 0, 32, address);
1723
1724 uint32_t current_pc;
1725 current_pc = buf_get_u32(arm->pc->value, 0, 32);
1726
1727 /* the front-end may request us not to handle breakpoints */
1728 if (handle_breakpoints) {
1729 struct breakpoint *breakpoint;
1730 breakpoint = breakpoint_find(target,
1731 buf_get_u32(arm->pc->value, 0, 32));
1732 if (breakpoint) {
1733 LOG_DEBUG("unset breakpoint at 0x%8.8" TARGET_PRIxADDR " (id: %" PRIu32,
1734 breakpoint->address,
1735 breakpoint->unique_id);
1736 retval = arm7_9_unset_breakpoint(target, breakpoint);
1737 if (retval != ERROR_OK)
1738 return retval;
1739
1740 /* calculate PC of next instruction */
1741 uint32_t next_pc;
1742 retval = arm_simulate_step(target, &next_pc);
1743 if (retval != ERROR_OK) {
1744 uint32_t current_opcode;
1745 target_read_u32(target, current_pc, &current_opcode);
1746 LOG_ERROR(
1747 "Couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "",
1748 current_opcode);
1749 return retval;
1750 }
1751
1752 LOG_DEBUG("enable single-step");
1753 arm7_9->enable_single_step(target, next_pc);
1754
1755 target->debug_reason = DBG_REASON_SINGLESTEP;
1756
1757 retval = arm7_9_restore_context(target);
1758 if (retval != ERROR_OK)
1759 return retval;
1760
1761 if (arm->core_state == ARM_STATE_ARM)
1762 arm7_9->branch_resume(target);
1763 else if (arm->core_state == ARM_STATE_THUMB)
1764 arm7_9->branch_resume_thumb(target);
1765 else {
1766 LOG_ERROR("unhandled core state");
1767 return ERROR_FAIL;
1768 }
1769
1770 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1771 embeddedice_write_reg(dbg_ctrl,
1772 buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1773 err = arm7_9_execute_sys_speed(target);
1774
1775 LOG_DEBUG("disable single-step");
1776 arm7_9->disable_single_step(target);
1777
1778 if (err != ERROR_OK) {
1779 retval = arm7_9_set_breakpoint(target, breakpoint);
1780 if (retval != ERROR_OK)
1781 return retval;
1782 target->state = TARGET_UNKNOWN;
1783 return err;
1784 }
1785
1786 retval = arm7_9_debug_entry(target);
1787 if (retval != ERROR_OK)
1788 return retval;
1789 LOG_DEBUG("new PC after step: 0x%8.8" PRIx32,
1790 buf_get_u32(arm->pc->value, 0, 32));
1791
1792 LOG_DEBUG("set breakpoint at 0x%8.8" TARGET_PRIxADDR "", breakpoint->address);
1793 retval = arm7_9_set_breakpoint(target, breakpoint);
1794 if (retval != ERROR_OK)
1795 return retval;
1796 }
1797 }
1798
1799 /* enable any pending breakpoints and watchpoints */
1800 arm7_9_enable_breakpoints(target);
1801 arm7_9_enable_watchpoints(target);
1802
1803 retval = arm7_9_restore_context(target);
1804 if (retval != ERROR_OK)
1805 return retval;
1806
1807 if (arm->core_state == ARM_STATE_ARM)
1808 arm7_9->branch_resume(target);
1809 else if (arm->core_state == ARM_STATE_THUMB)
1810 arm7_9->branch_resume_thumb(target);
1811 else {
1812 LOG_ERROR("unhandled core state");
1813 return ERROR_FAIL;
1814 }
1815
1816 /* deassert DBGACK and INTDIS */
1817 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1818 /* INTDIS only when we really resume, not during debug execution */
1819 if (!debug_execution)
1820 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 0);
1821 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1822
1823 retval = arm7_9_restart_core(target);
1824 if (retval != ERROR_OK)
1825 return retval;
1826
1827 target->debug_reason = DBG_REASON_NOTHALTED;
1828
1829 if (!debug_execution) {
1830 /* registers are now invalid */
1831 register_cache_invalidate(arm->core_cache);
1832 target->state = TARGET_RUNNING;
1833 retval = target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1834 if (retval != ERROR_OK)
1835 return retval;
1836 } else {
1837 target->state = TARGET_DEBUG_RUNNING;
1838 retval = target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
1839 if (retval != ERROR_OK)
1840 return retval;
1841 }
1842
1843 LOG_DEBUG("target resumed");
1844
1845 return ERROR_OK;
1846 }
1847
1848 void arm7_9_enable_eice_step(struct target *target, uint32_t next_pc)
1849 {
1850 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1851 struct arm *arm = &arm7_9->arm;
1852 uint32_t current_pc;
1853 current_pc = buf_get_u32(arm->pc->value, 0, 32);
1854
1855 if (next_pc != current_pc) {
1856 /* setup an inverse breakpoint on the current PC
1857 * - comparator 1 matches the current address
1858 * - rangeout from comparator 1 is connected to comparator 0 rangein
1859 * - comparator 0 matches any address, as long as rangein is low */
1860 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1861 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1862 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE],
1863 EICE_W_CTRL_ENABLE);
1864 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK],
1865 ~(EICE_W_CTRL_RANGE | EICE_W_CTRL_NOPC) & 0xff);
1866 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE],
1867 current_pc);
1868 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1869 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1870 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
1871 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK],
1872 ~EICE_W_CTRL_NOPC & 0xff);
1873 } else {
1874 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1875 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1876 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
1877 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], 0xff);
1878 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], next_pc);
1879 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1880 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1881 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE],
1882 EICE_W_CTRL_ENABLE);
1883 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK],
1884 ~EICE_W_CTRL_NOPC & 0xff);
1885 }
1886 }
1887
1888 void arm7_9_disable_eice_step(struct target *target)
1889 {
1890 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1891
1892 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
1893 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
1894 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1895 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
1896 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE]);
1897 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK]);
1898 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK]);
1899 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK]);
1900 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE]);
1901 }
1902
1903 int arm7_9_step(struct target *target, int current, target_addr_t address, int handle_breakpoints)
1904 {
1905 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1906 struct arm *arm = &arm7_9->arm;
1907 struct breakpoint *breakpoint = NULL;
1908 int err, retval;
1909
1910 if (target->state != TARGET_HALTED) {
1911 LOG_TARGET_ERROR(target, "not halted");
1912 return ERROR_TARGET_NOT_HALTED;
1913 }
1914
1915 /* current = 1: continue on current pc, otherwise continue at <address> */
1916 if (!current)
1917 buf_set_u32(arm->pc->value, 0, 32, address);
1918
1919 uint32_t current_pc = buf_get_u32(arm->pc->value, 0, 32);
1920
1921 /* the front-end may request us not to handle breakpoints */
1922 if (handle_breakpoints)
1923 breakpoint = breakpoint_find(target, current_pc);
1924 if (breakpoint) {
1925 retval = arm7_9_unset_breakpoint(target, breakpoint);
1926 if (retval != ERROR_OK)
1927 return retval;
1928 }
1929
1930 target->debug_reason = DBG_REASON_SINGLESTEP;
1931
1932 /* calculate PC of next instruction */
1933 uint32_t next_pc;
1934 retval = arm_simulate_step(target, &next_pc);
1935 if (retval != ERROR_OK) {
1936 uint32_t current_opcode;
1937 target_read_u32(target, current_pc, &current_opcode);
1938 LOG_ERROR(
1939 "Couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "",
1940 current_opcode);
1941 return retval;
1942 }
1943
1944 retval = arm7_9_restore_context(target);
1945 if (retval != ERROR_OK)
1946 return retval;
1947
1948 arm7_9->enable_single_step(target, next_pc);
1949
1950 if (arm->core_state == ARM_STATE_ARM)
1951 arm7_9->branch_resume(target);
1952 else if (arm->core_state == ARM_STATE_THUMB)
1953 arm7_9->branch_resume_thumb(target);
1954 else {
1955 LOG_ERROR("unhandled core state");
1956 return ERROR_FAIL;
1957 }
1958
1959 retval = target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1960 if (retval != ERROR_OK)
1961 return retval;
1962
1963 err = arm7_9_execute_sys_speed(target);
1964 arm7_9->disable_single_step(target);
1965
1966 /* registers are now invalid */
1967 register_cache_invalidate(arm->core_cache);
1968
1969 if (err != ERROR_OK)
1970 target->state = TARGET_UNKNOWN;
1971 else {
1972 retval = arm7_9_debug_entry(target);
1973 if (retval != ERROR_OK)
1974 return retval;
1975 retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED);
1976 if (retval != ERROR_OK)
1977 return retval;
1978 LOG_DEBUG("target stepped");
1979 }
1980
1981 if (breakpoint) {
1982 retval = arm7_9_set_breakpoint(target, breakpoint);
1983 if (retval != ERROR_OK)
1984 return retval;
1985 }
1986
1987 return err;
1988 }
1989
1990 static int arm7_9_read_core_reg(struct target *target, struct reg *r,
1991 int num, enum arm_mode mode)
1992 {
1993 uint32_t *reg_p[16];
1994 int retval;
1995 struct arm_reg *areg = r->arch_info;
1996 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1997 struct arm *arm = &arm7_9->arm;
1998
1999 if (!is_arm_mode(arm->core_mode))
2000 return ERROR_FAIL;
2001 if ((num < 0) || (num > 16))
2002 return ERROR_COMMAND_SYNTAX_ERROR;
2003
2004 if ((mode != ARM_MODE_ANY) && (mode != arm->core_mode)
2005 && (areg->mode != ARM_MODE_ANY)) {
2006 uint32_t tmp_cpsr;
2007
2008 /* change processor mode (mask T bit) */
2009 tmp_cpsr = buf_get_u32(arm->cpsr->value, 0, 8) & 0xE0;
2010 tmp_cpsr |= mode;
2011 tmp_cpsr &= ~0x20;
2012 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
2013 }
2014
2015 uint32_t value = 0;
2016 if ((num >= 0) && (num <= 15)) {
2017 /* read a normal core register */
2018 reg_p[num] = &value;
2019
2020 arm7_9->read_core_regs(target, 1 << num, reg_p);
2021 } else {
2022 /* read a program status register
2023 * if the register mode is MODE_ANY, we read the cpsr, otherwise a spsr
2024 */
2025 arm7_9->read_xpsr(target, &value, areg->mode != ARM_MODE_ANY);
2026 }
2027
2028 retval = jtag_execute_queue();
2029 if (retval != ERROR_OK)
2030 return retval;
2031
2032 r->valid = true;
2033 r->dirty = false;
2034 buf_set_u32(r->value, 0, 32, value);
2035
2036 if ((mode != ARM_MODE_ANY) && (mode != arm->core_mode)
2037 && (areg->mode != ARM_MODE_ANY)) {
2038 /* restore processor mode (mask T bit) */
2039 arm7_9->write_xpsr_im8(target,
2040 buf_get_u32(arm->cpsr->value, 0, 8) & ~0x20, 0, 0);
2041 }
2042
2043 return ERROR_OK;
2044 }
2045
2046 static int arm7_9_write_core_reg(struct target *target, struct reg *r,
2047 int num, enum arm_mode mode, uint8_t *value)
2048 {
2049 uint32_t reg[16];
2050 struct arm_reg *areg = r->arch_info;
2051 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2052 struct arm *arm = &arm7_9->arm;
2053
2054 if (!is_arm_mode(arm->core_mode))
2055 return ERROR_FAIL;
2056 if ((num < 0) || (num > 16))
2057 return ERROR_COMMAND_SYNTAX_ERROR;
2058
2059 if ((mode != ARM_MODE_ANY) && (mode != arm->core_mode)
2060 && (areg->mode != ARM_MODE_ANY)) {
2061 uint32_t tmp_cpsr;
2062
2063 /* change processor mode (mask T bit) */
2064 tmp_cpsr = buf_get_u32(arm->cpsr->value, 0, 8) & 0xE0;
2065 tmp_cpsr |= mode;
2066 tmp_cpsr &= ~0x20;
2067 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
2068 }
2069
2070 if ((num >= 0) && (num <= 15)) {
2071 /* write a normal core register */
2072 reg[num] = buf_get_u32(value, 0, 32);
2073
2074 arm7_9->write_core_regs(target, 1 << num, reg);
2075 } else {
2076 /* write a program status register
2077 * if the register mode is MODE_ANY, we write the cpsr, otherwise a spsr
2078 */
2079 int spsr = (areg->mode != ARM_MODE_ANY);
2080
2081 uint32_t t = buf_get_u32(value, 0, 32);
2082 /* if we're writing the CPSR, mask the T bit */
2083 if (!spsr)
2084 t &= ~0x20;
2085
2086 arm7_9->write_xpsr(target, t, spsr);
2087 }
2088
2089 r->valid = true;
2090 r->dirty = false;
2091
2092 if ((mode != ARM_MODE_ANY) && (mode != arm->core_mode)
2093 && (areg->mode != ARM_MODE_ANY)) {
2094 /* restore processor mode (mask T bit) */
2095 arm7_9->write_xpsr_im8(target,
2096 buf_get_u32(arm->cpsr->value, 0, 8) & ~0x20, 0, 0);
2097 }
2098
2099 return jtag_execute_queue();
2100 }
2101
2102 int arm7_9_read_memory(struct target *target,
2103 target_addr_t address,
2104 uint32_t size,
2105 uint32_t count,
2106 uint8_t *buffer)
2107 {
2108 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2109 struct arm *arm = &arm7_9->arm;
2110 uint32_t reg[16];
2111 uint32_t num_accesses = 0;
2112 int thisrun_accesses;
2113 int i;
2114 uint32_t cpsr;
2115 int retval;
2116 int last_reg = 0;
2117
2118 LOG_DEBUG("address: 0x%8.8" TARGET_PRIxADDR ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32 "",
2119 address, size, count);
2120
2121 if (target->state != TARGET_HALTED) {
2122 LOG_TARGET_ERROR(target, "not halted");
2123 return ERROR_TARGET_NOT_HALTED;
2124 }
2125
2126 /* sanitize arguments */
2127 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2128 return ERROR_COMMAND_SYNTAX_ERROR;
2129
2130 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2131 return ERROR_TARGET_UNALIGNED_ACCESS;
2132
2133 /* load the base register with the address of the first word */
2134 reg[0] = address;
2135 arm7_9->write_core_regs(target, 0x1, reg);
2136
2137 int j = 0;
2138
2139 switch (size) {
2140 case 4:
2141 while (num_accesses < count) {
2142 uint32_t reg_list;
2143 thisrun_accesses =
2144 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2145 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2146
2147 if (last_reg <= thisrun_accesses)
2148 last_reg = thisrun_accesses;
2149
2150 arm7_9->load_word_regs(target, reg_list);
2151
2152 /* fast memory reads are only safe when the target is running
2153 * from a sufficiently high clock (32 kHz is usually too slow)
2154 */
2155 if (arm7_9->fast_memory_access)
2156 retval = arm7_9_execute_fast_sys_speed(target);
2157 else
2158 retval = arm7_9_execute_sys_speed(target);
2159 if (retval != ERROR_OK)
2160 return retval;
2161
2162 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 4);
2163
2164 /* advance buffer, count number of accesses */
2165 buffer += thisrun_accesses * 4;
2166 num_accesses += thisrun_accesses;
2167
2168 if ((j++%1024) == 0)
2169 keep_alive();
2170 }
2171 break;
2172 case 2:
2173 while (num_accesses < count) {
2174 uint32_t reg_list;
2175 thisrun_accesses =
2176 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2177 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2178
2179 for (i = 1; i <= thisrun_accesses; i++) {
2180 if (i > last_reg)
2181 last_reg = i;
2182 arm7_9->load_hword_reg(target, i);
2183 /* fast memory reads are only safe when the target is running
2184 * from a sufficiently high clock (32 kHz is usually too slow)
2185 */
2186 if (arm7_9->fast_memory_access)
2187 retval = arm7_9_execute_fast_sys_speed(target);
2188 else
2189 retval = arm7_9_execute_sys_speed(target);
2190 if (retval != ERROR_OK)
2191 return retval;
2192
2193 }
2194
2195 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 2);
2196
2197 /* advance buffer, count number of accesses */
2198 buffer += thisrun_accesses * 2;
2199 num_accesses += thisrun_accesses;
2200
2201 if ((j++%1024) == 0)
2202 keep_alive();
2203 }
2204 break;
2205 case 1:
2206 while (num_accesses < count) {
2207 uint32_t reg_list;
2208 thisrun_accesses =
2209 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2210 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2211
2212 for (i = 1; i <= thisrun_accesses; i++) {
2213 if (i > last_reg)
2214 last_reg = i;
2215 arm7_9->load_byte_reg(target, i);
2216 /* fast memory reads are only safe when the target is running
2217 * from a sufficiently high clock (32 kHz is usually too slow)
2218 */
2219 if (arm7_9->fast_memory_access)
2220 retval = arm7_9_execute_fast_sys_speed(target);
2221 else
2222 retval = arm7_9_execute_sys_speed(target);
2223 if (retval != ERROR_OK)
2224 return retval;
2225 }
2226
2227 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 1);
2228
2229 /* advance buffer, count number of accesses */
2230 buffer += thisrun_accesses * 1;
2231 num_accesses += thisrun_accesses;
2232
2233 if ((j++%1024) == 0)
2234 keep_alive();
2235 }
2236 break;
2237 }
2238
2239 if (!is_arm_mode(arm->core_mode))
2240 return ERROR_FAIL;
2241
2242 for (i = 0; i <= last_reg; i++) {
2243 struct reg *r = arm_reg_current(arm, i);
2244 r->dirty = r->valid;
2245 }
2246
2247 arm7_9->read_xpsr(target, &cpsr, 0);
2248 retval = jtag_execute_queue();
2249 if (retval != ERROR_OK) {
2250 LOG_ERROR("JTAG error while reading cpsr");
2251 return ERROR_TARGET_DATA_ABORT;
2252 }
2253
2254 if (((cpsr & 0x1f) == ARM_MODE_ABT) && (arm->core_mode != ARM_MODE_ABT)) {
2255 LOG_WARNING(
2256 "memory read caused data abort "
2257 "(address: 0x%8.8" TARGET_PRIxADDR ", size: 0x%" PRIx32 ", count: 0x%" PRIx32 ")",
2258 address,
2259 size,
2260 count);
2261
2262 arm7_9->write_xpsr_im8(target,
2263 buf_get_u32(arm->cpsr->value, 0, 8)
2264 & ~0x20, 0, 0);
2265
2266 return ERROR_TARGET_DATA_ABORT;
2267 }
2268
2269 return ERROR_OK;
2270 }
2271
2272 int arm7_9_write_memory(struct target *target,
2273 target_addr_t address,
2274 uint32_t size,
2275 uint32_t count,
2276 const uint8_t *buffer)
2277 {
2278 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2279 struct arm *arm = &arm7_9->arm;
2280 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
2281
2282 uint32_t reg[16];
2283 uint32_t num_accesses = 0;
2284 int thisrun_accesses;
2285 int i;
2286 uint32_t cpsr;
2287 int retval;
2288 int last_reg = 0;
2289
2290 #ifdef _DEBUG_ARM7_9_
2291 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
2292 #endif
2293
2294 if (target->state != TARGET_HALTED) {
2295 LOG_TARGET_ERROR(target, "not halted");
2296 return ERROR_TARGET_NOT_HALTED;
2297 }
2298
2299 /* sanitize arguments */
2300 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2301 return ERROR_COMMAND_SYNTAX_ERROR;
2302
2303 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2304 return ERROR_TARGET_UNALIGNED_ACCESS;
2305
2306 /* load the base register with the address of the first word */
2307 reg[0] = address;
2308 arm7_9->write_core_regs(target, 0x1, reg);
2309
2310 /* Clear DBGACK, to make sure memory fetches work as expected */
2311 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
2312 embeddedice_store_reg(dbg_ctrl);
2313
2314 switch (size) {
2315 case 4:
2316 while (num_accesses < count) {
2317 uint32_t reg_list;
2318 thisrun_accesses =
2319 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2320 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2321
2322 for (i = 1; i <= thisrun_accesses; i++) {
2323 if (i > last_reg)
2324 last_reg = i;
2325 reg[i] = target_buffer_get_u32(target, buffer);
2326 buffer += 4;
2327 }
2328
2329 arm7_9->write_core_regs(target, reg_list, reg);
2330
2331 arm7_9->store_word_regs(target, reg_list);
2332
2333 /* fast memory writes are only safe when the target is running
2334 * from a sufficiently high clock (32 kHz is usually too slow)
2335 */
2336 if (arm7_9->fast_memory_access)
2337 retval = arm7_9_execute_fast_sys_speed(target);
2338 else {
2339 retval = arm7_9_execute_sys_speed(target);
2340
2341 /*
2342 * if memory writes are made when the clock is running slow
2343 * (i.e. 32 kHz) which is necessary in some scripts to reconfigure
2344 * processor operations after a "reset halt" or "reset init",
2345 * need to immediately stroke the keep alive or will end up with
2346 * gdb "keep alive not sent error message" problem.
2347 */
2348
2349 keep_alive();
2350 }
2351
2352 if (retval != ERROR_OK)
2353 return retval;
2354
2355 num_accesses += thisrun_accesses;
2356 }
2357 break;
2358 case 2:
2359 while (num_accesses < count) {
2360 uint32_t reg_list;
2361 thisrun_accesses =
2362 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2363 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2364
2365 for (i = 1; i <= thisrun_accesses; i++) {
2366 if (i > last_reg)
2367 last_reg = i;
2368 reg[i] = target_buffer_get_u16(target, buffer) & 0xffff;
2369 buffer += 2;
2370 }
2371
2372 arm7_9->write_core_regs(target, reg_list, reg);
2373
2374 for (i = 1; i <= thisrun_accesses; i++) {
2375 arm7_9->store_hword_reg(target, i);
2376
2377 /* fast memory writes are only safe when the target is running
2378 * from a sufficiently high clock (32 kHz is usually too slow)
2379 */
2380 if (arm7_9->fast_memory_access)
2381 retval = arm7_9_execute_fast_sys_speed(target);
2382 else {
2383 retval = arm7_9_execute_sys_speed(target);
2384
2385 /*
2386 * if memory writes are made when the clock is running slow
2387 * (i.e. 32 kHz) which is necessary in some scripts to reconfigure
2388 * processor operations after a "reset halt" or "reset init",
2389 * need to immediately stroke the keep alive or will end up with
2390 * gdb "keep alive not sent error message" problem.
2391 */
2392
2393 keep_alive();
2394 }
2395
2396 if (retval != ERROR_OK)
2397 return retval;
2398 }
2399
2400 num_accesses += thisrun_accesses;
2401 }
2402 break;
2403 case 1:
2404 while (num_accesses < count) {
2405 uint32_t reg_list;
2406 thisrun_accesses =
2407 ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2408 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2409
2410 for (i = 1; i <= thisrun_accesses; i++) {
2411 if (i > last_reg)
2412 last_reg = i;
2413 reg[i] = *buffer++ & 0xff;
2414 }
2415
2416 arm7_9->write_core_regs(target, reg_list, reg);
2417
2418 for (i = 1; i <= thisrun_accesses; i++) {
2419 arm7_9->store_byte_reg(target, i);
2420 /* fast memory writes are only safe when the target is running
2421 * from a sufficiently high clock (32 kHz is usually too slow)
2422 */
2423 if (arm7_9->fast_memory_access)
2424 retval = arm7_9_execute_fast_sys_speed(target);
2425 else {
2426 retval = arm7_9_execute_sys_speed(target);
2427
2428 /*
2429 * if memory writes are made when the clock is running slow
2430 * (i.e. 32 kHz) which is necessary in some scripts to reconfigure
2431 * processor operations after a "reset halt" or "reset init",
2432 * need to immediately stroke the keep alive or will end up with
2433 * gdb "keep alive not sent error message" problem.
2434 */
2435
2436 keep_alive();
2437 }
2438
2439 if (retval != ERROR_OK)
2440 return retval;
2441
2442 }
2443
2444 num_accesses += thisrun_accesses;
2445 }
2446 break;
2447 }
2448
2449 /* Re-Set DBGACK */
2450 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
2451 embeddedice_store_reg(dbg_ctrl);
2452
2453 if (!is_arm_mode(arm->core_mode))
2454 return ERROR_FAIL;
2455
2456 for (i = 0; i <= last_reg; i++) {
2457 struct reg *r = arm_reg_current(arm, i);
2458 r->dirty = r->valid;
2459 }
2460
2461 arm7_9->read_xpsr(target, &cpsr, 0);
2462 retval = jtag_execute_queue();
2463 if (retval != ERROR_OK) {
2464 LOG_ERROR("JTAG error while reading cpsr");
2465 return ERROR_TARGET_DATA_ABORT;
2466 }
2467
2468 if (((cpsr & 0x1f) == ARM_MODE_ABT) && (arm->core_mode != ARM_MODE_ABT)) {
2469 LOG_WARNING(
2470 "memory write caused data abort "
2471 "(address: 0x%8.8" TARGET_PRIxADDR ", size: 0x%" PRIx32 ", count: 0x%" PRIx32 ")",
2472 address,
2473 size,
2474 count);
2475
2476 arm7_9->write_xpsr_im8(target,
2477 buf_get_u32(arm->cpsr->value, 0, 8)
2478 & ~0x20, 0, 0);
2479
2480 return ERROR_TARGET_DATA_ABORT;
2481 }
2482
2483 return ERROR_OK;
2484 }
2485
2486 int arm7_9_write_memory_opt(struct target *target,
2487 target_addr_t address,
2488 uint32_t size,
2489 uint32_t count,
2490 const uint8_t *buffer)
2491 {
2492 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2493 int retval;
2494
2495 if (size == 4 && count > 32 && arm7_9->bulk_write_memory) {
2496 /* Attempt to do a bulk write */
2497 retval = arm7_9->bulk_write_memory(target, address, count, buffer);
2498
2499 if (retval == ERROR_OK)
2500 return ERROR_OK;
2501 }
2502
2503 return arm7_9->write_memory(target, address, size, count, buffer);
2504 }
2505
2506 int arm7_9_write_memory_no_opt(struct target *target,
2507 uint32_t address,
2508 uint32_t size,
2509 uint32_t count,
2510 const uint8_t *buffer)
2511 {
2512 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2513
2514 return arm7_9->write_memory(target, address, size, count, buffer);
2515 }
2516
2517 static int dcc_count;
2518 static const uint8_t *dcc_buffer;
2519
2520 static int arm7_9_dcc_completion(struct target *target,
2521 uint32_t exit_point,
2522 unsigned int timeout_ms,
2523 void *arch_info)
2524 {
2525 int retval = ERROR_OK;
2526 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2527
2528 retval = target_wait_state(target, TARGET_DEBUG_RUNNING, 500);
2529 if (retval != ERROR_OK)
2530 return retval;
2531
2532 int little = target->endianness == TARGET_LITTLE_ENDIAN;
2533 int count = dcc_count;
2534 const uint8_t *buffer = dcc_buffer;
2535 if (count > 2) {
2536 /* Handle first & last using standard embeddedice_write_reg and the middle ones w/the
2537 * core function repeated. */
2538 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA],
2539 fast_target_buffer_get_u32(buffer, little));
2540 buffer += 4;
2541
2542 struct embeddedice_reg *ice_reg =
2543 arm7_9->eice_cache->reg_list[EICE_COMMS_DATA].arch_info;
2544 uint8_t reg_addr = ice_reg->addr & 0x1f;
2545 struct jtag_tap *tap;
2546 tap = ice_reg->jtag_info->tap;
2547
2548 embeddedice_write_dcc(tap, reg_addr, buffer, little, count-2);
2549 buffer += (count-2)*4;
2550
2551 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA],
2552 fast_target_buffer_get_u32(buffer, little));
2553 } else {
2554 int i;
2555 for (i = 0; i < count; i++) {
2556 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA],
2557 fast_target_buffer_get_u32(buffer, little));
2558 buffer += 4;
2559 }
2560 }
2561
2562 retval = target_halt(target);
2563 if (retval != ERROR_OK)
2564 return retval;
2565 return target_wait_state(target, TARGET_HALTED, 500);
2566 }
2567
2568 static const uint32_t dcc_code[] = {
2569 /* r0 == input, points to memory buffer
2570 * r1 == scratch
2571 */
2572
2573 /* spin until DCC control (c0) reports data arrived */
2574 0xee101e10, /* w: mrc p14, #0, r1, c0, c0 */
2575 0xe3110001, /* tst r1, #1 */
2576 0x0afffffc, /* bne w */
2577
2578 /* read word from DCC (c1), write to memory */
2579 0xee111e10, /* mrc p14, #0, r1, c1, c0 */
2580 0xe4801004, /* str r1, [r0], #4 */
2581
2582 /* repeat */
2583 0xeafffff9 /* b w */
2584 };
2585
2586 int arm7_9_bulk_write_memory(struct target *target,
2587 target_addr_t address,
2588 uint32_t count,
2589 const uint8_t *buffer)
2590 {
2591 int retval;
2592 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2593
2594 if (address % 4 != 0)
2595 return ERROR_TARGET_UNALIGNED_ACCESS;
2596
2597 if (!arm7_9->dcc_downloads)
2598 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2599
2600 /* regrab previously allocated working_area, or allocate a new one */
2601 if (!arm7_9->dcc_working_area) {
2602 uint8_t dcc_code_buf[6 * 4];
2603
2604 /* make sure we have a working area */
2605 if (target_alloc_working_area(target, 24, &arm7_9->dcc_working_area) != ERROR_OK) {
2606 LOG_INFO("no working area available, falling back to memory writes");
2607 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
2608 }
2609
2610 /* copy target instructions to target endianness */
2611 target_buffer_set_u32_array(target, dcc_code_buf, ARRAY_SIZE(dcc_code), dcc_code);
2612
2613 /* write DCC code to working area, using the non-optimized
2614 * memory write to avoid ending up here again */
2615 retval = arm7_9_write_memory_no_opt(target,
2616 arm7_9->dcc_working_area->address, 4, 6, dcc_code_buf);
2617 if (retval != ERROR_OK)
2618 return retval;
2619 }
2620
2621 struct arm_algorithm arm_algo;
2622 struct reg_param reg_params[1];
2623
2624 arm_algo.common_magic = ARM_COMMON_MAGIC;
2625 arm_algo.core_mode = ARM_MODE_SVC;
2626 arm_algo.core_state = ARM_STATE_ARM;
2627
2628 init_reg_param(&reg_params[0], "r0", 32, PARAM_IN_OUT);
2629
2630 buf_set_u32(reg_params[0].value, 0, 32, address);
2631
2632 dcc_count = count;
2633 dcc_buffer = buffer;
2634 retval = armv4_5_run_algorithm_inner(target, 0, NULL, 1, reg_params,
2635 arm7_9->dcc_working_area->address,
2636 arm7_9->dcc_working_area->address + 6*4,
2637 20*1000, &arm_algo, arm7_9_dcc_completion);
2638
2639 if (retval == ERROR_OK) {
2640 uint32_t endaddress = buf_get_u32(reg_params[0].value, 0, 32);
2641 if (endaddress != (address + count*4)) {
2642 LOG_ERROR(
2643 "DCC write failed, expected end address 0x%08" TARGET_PRIxADDR " got 0x%0" PRIx32 "",
2644 (address + count*4),
2645 endaddress);
2646 retval = ERROR_FAIL;
2647 }
2648 }
2649
2650 destroy_reg_param(&reg_params[0]);
2651
2652 return retval;
2653 }
2654
2655 /**
2656 * Perform per-target setup that requires JTAG access.
2657 */
2658 int arm7_9_examine(struct target *target)
2659 {
2660 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2661 int retval;
2662
2663 if (!target_was_examined(target)) {
2664 struct reg_cache *t, **cache_p;
2665
2666 t = embeddedice_build_reg_cache(target, arm7_9);
2667 if (!t)
2668 return ERROR_FAIL;
2669
2670 cache_p = register_get_last_cache_p(&target->reg_cache);
2671 (*cache_p) = t;
2672 arm7_9->eice_cache = (*cache_p);
2673
2674 if (arm7_9->arm.etm)
2675 (*cache_p)->next = etm_build_reg_cache(target,
2676 &arm7_9->jtag_info,
2677 arm7_9->arm.etm);
2678
2679 target_set_examined(target);
2680 }
2681
2682 retval = embeddedice_setup(target);
2683 if (retval == ERROR_OK)
2684 retval = arm7_9_setup(target);
2685 if (retval == ERROR_OK && arm7_9->arm.etm)
2686 retval = etm_setup(target);
2687 return retval;
2688 }
2689
2690 void arm7_9_deinit(struct target *target)
2691 {
2692 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2693
2694 if (target_was_examined(target))
2695 embeddedice_free_reg_cache(arm7_9->eice_cache);
2696
2697 arm_jtag_close_connection(&arm7_9->jtag_info);
2698 }
2699
2700 int arm7_9_check_reset(struct target *target)
2701 {
2702 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2703
2704 if (get_target_reset_nag() && !arm7_9->dcc_downloads)
2705 LOG_WARNING(
2706 "NOTE! DCC downloads have not been enabled, defaulting to slow memory writes. Type 'help dcc'.");
2707
2708 if (get_target_reset_nag() && (target->working_area_size == 0))
2709 LOG_WARNING("NOTE! Severe performance degradation without working memory enabled.");
2710
2711 if (get_target_reset_nag() && !arm7_9->fast_memory_access)
2712 LOG_WARNING(
2713 "NOTE! Severe performance degradation without fast memory access enabled. Type 'help fast'.");
2714
2715 return ERROR_OK;
2716 }
2717
2718 int arm7_9_endianness_callback(jtag_callback_data_t pu8_in,
2719 jtag_callback_data_t i_size, jtag_callback_data_t i_be,
2720 jtag_callback_data_t i_flip)
2721 {
2722 uint8_t *in = (uint8_t *)pu8_in;
2723 int size = (int)i_size;
2724 int be = (int)i_be;
2725 int flip = (int)i_flip;
2726 uint32_t readback;
2727
2728 switch (size) {
2729 case 4:
2730 readback = le_to_h_u32(in);
2731 if (flip)
2732 readback = flip_u32(readback, 32);
2733 if (be)
2734 h_u32_to_be(in, readback);
2735 else
2736 h_u32_to_le(in, readback);
2737 break;
2738 case 2:
2739 readback = le_to_h_u16(in);
2740 if (flip)
2741 readback = flip_u32(readback, 16);
2742 if (be)
2743 h_u16_to_be(in, readback & 0xffff);
2744 else
2745 h_u16_to_le(in, readback & 0xffff);
2746 break;
2747 case 1:
2748 readback = *in;
2749 if (flip)
2750 readback = flip_u32(readback, 8);
2751 *in = readback & 0xff;
2752 break;
2753 }
2754
2755 return ERROR_OK;
2756 }
2757
2758 COMMAND_HANDLER(handle_arm7_9_dbgrq_command)
2759 {
2760 struct target *target = get_current_target(CMD_CTX);
2761 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2762
2763 if (!is_arm7_9(arm7_9)) {
2764 command_print(CMD, "current target isn't an ARM7/ARM9 target");
2765 return ERROR_TARGET_INVALID;
2766 }
2767
2768 if (CMD_ARGC > 0)
2769 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm7_9->use_dbgrq);
2770
2771 command_print(CMD,
2772 "use of EmbeddedICE dbgrq instead of breakpoint for target halt %s",
2773 (arm7_9->use_dbgrq) ? "enabled" : "disabled");
2774
2775 return ERROR_OK;
2776 }
2777
2778 COMMAND_HANDLER(handle_arm7_9_fast_memory_access_command)
2779 {
2780 struct target *target = get_current_target(CMD_CTX);
2781 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2782
2783 if (!is_arm7_9(arm7_9)) {
2784 command_print(CMD, "current target isn't an ARM7/ARM9 target");
2785 return ERROR_TARGET_INVALID;
2786 }
2787
2788 if (CMD_ARGC > 0)
2789 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm7_9->fast_memory_access);
2790
2791 command_print(CMD,
2792 "fast memory access is %s",
2793 (arm7_9->fast_memory_access) ? "enabled" : "disabled");
2794
2795 return ERROR_OK;
2796 }
2797
2798 COMMAND_HANDLER(handle_arm7_9_dcc_downloads_command)
2799 {
2800 struct target *target = get_current_target(CMD_CTX);
2801 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2802
2803 if (!is_arm7_9(arm7_9)) {
2804 command_print(CMD, "current target isn't an ARM7/ARM9 target");
2805 return ERROR_TARGET_INVALID;
2806 }
2807
2808 if (CMD_ARGC > 0)
2809 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm7_9->dcc_downloads);
2810
2811 command_print(CMD,
2812 "dcc downloads are %s",
2813 (arm7_9->dcc_downloads) ? "enabled" : "disabled");
2814
2815 return ERROR_OK;
2816 }
2817
2818 static int arm7_9_setup_semihosting(struct target *target, int enable)
2819 {
2820 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2821
2822 if (!is_arm7_9(arm7_9)) {
2823 LOG_USER("current target isn't an ARM7/ARM9 target");
2824 return ERROR_TARGET_INVALID;
2825 }
2826
2827 if (arm7_9->has_vector_catch) {
2828 struct reg *vector_catch = &arm7_9->eice_cache
2829 ->reg_list[EICE_VEC_CATCH];
2830
2831 if (!vector_catch->valid)
2832 embeddedice_read_reg(vector_catch);
2833 buf_set_u32(vector_catch->value, 2, 1, enable);
2834 embeddedice_store_reg(vector_catch);
2835 } else {
2836 /* TODO: allow optional high vectors and/or BKPT_HARD */
2837 if (enable)
2838 breakpoint_add(target, 8, 4, BKPT_SOFT);
2839 else
2840 breakpoint_remove(target, 8);
2841 }
2842
2843 return ERROR_OK;
2844 }
2845
2846 int arm7_9_init_arch_info(struct target *target, struct arm7_9_common *arm7_9)
2847 {
2848 int retval = ERROR_OK;
2849 struct arm *arm = &arm7_9->arm;
2850
2851 arm7_9->common_magic = ARM7_9_COMMON_MAGIC;
2852
2853 retval = arm_jtag_setup_connection(&arm7_9->jtag_info);
2854 if (retval != ERROR_OK)
2855 return retval;
2856
2857 /* caller must have allocated via calloc(), so everything's zeroed */
2858
2859 arm7_9->wp_available_max = 2;
2860
2861 arm7_9->fast_memory_access = false;
2862 arm7_9->dcc_downloads = false;
2863
2864 arm->arch_info = arm7_9;
2865 arm->core_type = ARM_CORE_TYPE_STD;
2866 arm->read_core_reg = arm7_9_read_core_reg;
2867 arm->write_core_reg = arm7_9_write_core_reg;
2868 arm->full_context = arm7_9_full_context;
2869 arm->setup_semihosting = arm7_9_setup_semihosting;
2870
2871 retval = arm_init_arch_info(target, arm);
2872 if (retval != ERROR_OK)
2873 return retval;
2874
2875 return target_register_timer_callback(arm7_9_handle_target_request,
2876 1, TARGET_TIMER_TYPE_PERIODIC, target);
2877 }
2878
2879 static const struct command_registration arm7_9_any_command_handlers[] = {
2880 {
2881 .name = "dbgrq",
2882 .handler = handle_arm7_9_dbgrq_command,
2883 .mode = COMMAND_ANY,
2884 .usage = "['enable'|'disable']",
2885 .help = "use EmbeddedICE dbgrq instead of breakpoint "
2886 "for target halt requests",
2887 },
2888 {
2889 .name = "fast_memory_access",
2890 .handler = handle_arm7_9_fast_memory_access_command,
2891 .mode = COMMAND_ANY,
2892 .usage = "['enable'|'disable']",
2893 .help = "use fast memory accesses instead of slower "
2894 "but potentially safer accesses",
2895 },
2896 {
2897 .name = "dcc_downloads",
2898 .handler = handle_arm7_9_dcc_downloads_command,
2899 .mode = COMMAND_ANY,
2900 .usage = "['enable'|'disable']",
2901 .help = "use DCC downloads for larger memory writes",
2902 },
2903 COMMAND_REGISTRATION_DONE
2904 };
2905 const struct command_registration arm7_9_command_handlers[] = {
2906 {
2907 .chain = arm_command_handlers,
2908 },
2909 {
2910 .chain = etm_command_handlers,
2911 },
2912 {
2913 .name = "arm7_9",
2914 .mode = COMMAND_ANY,
2915 .help = "arm7/9 specific commands",
2916 .usage = "",
2917 .chain = arm7_9_any_command_handlers,
2918 },
2919 COMMAND_REGISTRATION_DONE
2920 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)