1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
44 #define FNC_INFO LOG_DEBUG("-")
50 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
52 #define FNC_INFO_NOTIMPLEMENTED
55 static bool arm11_config_memwrite_burst = true;
56 static bool arm11_config_memwrite_error_fatal = true;
57 static uint32_t arm11_vcr = 0;
58 static bool arm11_config_step_irq_enable = false;
59 static bool arm11_config_hardware_step = false;
61 static int arm11_regs_arch_type = -1;
78 ARM11_REGISTER_SPSR_FIQ,
79 ARM11_REGISTER_SPSR_SVC,
80 ARM11_REGISTER_SPSR_ABT,
81 ARM11_REGISTER_SPSR_IRQ,
82 ARM11_REGISTER_SPSR_UND,
83 ARM11_REGISTER_SPSR_MON,
97 enum arm11_regtype type;
100 /* update arm11_regcache_ids when changing this */
101 static const struct arm11_reg_defs arm11_reg_defs[] =
103 {"r0", 0, 0, ARM11_REGISTER_CORE},
104 {"r1", 1, 1, ARM11_REGISTER_CORE},
105 {"r2", 2, 2, ARM11_REGISTER_CORE},
106 {"r3", 3, 3, ARM11_REGISTER_CORE},
107 {"r4", 4, 4, ARM11_REGISTER_CORE},
108 {"r5", 5, 5, ARM11_REGISTER_CORE},
109 {"r6", 6, 6, ARM11_REGISTER_CORE},
110 {"r7", 7, 7, ARM11_REGISTER_CORE},
111 {"r8", 8, 8, ARM11_REGISTER_CORE},
112 {"r9", 9, 9, ARM11_REGISTER_CORE},
113 {"r10", 10, 10, ARM11_REGISTER_CORE},
114 {"r11", 11, 11, ARM11_REGISTER_CORE},
115 {"r12", 12, 12, ARM11_REGISTER_CORE},
116 {"sp", 13, 13, ARM11_REGISTER_CORE},
117 {"lr", 14, 14, ARM11_REGISTER_CORE},
118 {"pc", 15, 15, ARM11_REGISTER_CORE},
120 #if ARM11_REGCACHE_FREGS
121 {"f0", 0, 16, ARM11_REGISTER_FX},
122 {"f1", 1, 17, ARM11_REGISTER_FX},
123 {"f2", 2, 18, ARM11_REGISTER_FX},
124 {"f3", 3, 19, ARM11_REGISTER_FX},
125 {"f4", 4, 20, ARM11_REGISTER_FX},
126 {"f5", 5, 21, ARM11_REGISTER_FX},
127 {"f6", 6, 22, ARM11_REGISTER_FX},
128 {"f7", 7, 23, ARM11_REGISTER_FX},
129 {"fps", 0, 24, ARM11_REGISTER_FPS},
132 {"cpsr", 0, 25, ARM11_REGISTER_CPSR},
134 #if ARM11_REGCACHE_MODEREGS
135 {"r8_fiq", 8, -1, ARM11_REGISTER_FIQ},
136 {"r9_fiq", 9, -1, ARM11_REGISTER_FIQ},
137 {"r10_fiq", 10, -1, ARM11_REGISTER_FIQ},
138 {"r11_fiq", 11, -1, ARM11_REGISTER_FIQ},
139 {"r12_fiq", 12, -1, ARM11_REGISTER_FIQ},
140 {"r13_fiq", 13, -1, ARM11_REGISTER_FIQ},
141 {"r14_fiq", 14, -1, ARM11_REGISTER_FIQ},
142 {"spsr_fiq", 0, -1, ARM11_REGISTER_SPSR_FIQ},
144 {"r13_svc", 13, -1, ARM11_REGISTER_SVC},
145 {"r14_svc", 14, -1, ARM11_REGISTER_SVC},
146 {"spsr_svc", 0, -1, ARM11_REGISTER_SPSR_SVC},
148 {"r13_abt", 13, -1, ARM11_REGISTER_ABT},
149 {"r14_abt", 14, -1, ARM11_REGISTER_ABT},
150 {"spsr_abt", 0, -1, ARM11_REGISTER_SPSR_ABT},
152 {"r13_irq", 13, -1, ARM11_REGISTER_IRQ},
153 {"r14_irq", 14, -1, ARM11_REGISTER_IRQ},
154 {"spsr_irq", 0, -1, ARM11_REGISTER_SPSR_IRQ},
156 {"r13_und", 13, -1, ARM11_REGISTER_UND},
157 {"r14_und", 14, -1, ARM11_REGISTER_UND},
158 {"spsr_und", 0, -1, ARM11_REGISTER_SPSR_UND},
161 {"r13_mon", 13, -1, ARM11_REGISTER_MON},
162 {"r14_mon", 14, -1, ARM11_REGISTER_MON},
163 {"spsr_mon", 0, -1, ARM11_REGISTER_SPSR_MON},
166 /* Debug Registers */
167 {"dscr", 0, -1, ARM11_REGISTER_DSCR},
168 {"wdtr", 0, -1, ARM11_REGISTER_WDTR},
169 {"rdtr", 0, -1, ARM11_REGISTER_RDTR},
172 enum arm11_regcache_ids
175 ARM11_RC_RX = ARM11_RC_R0,
190 ARM11_RC_SP = ARM11_RC_R13,
192 ARM11_RC_LR = ARM11_RC_R14,
194 ARM11_RC_PC = ARM11_RC_R15,
196 #if ARM11_REGCACHE_FREGS
198 ARM11_RC_FX = ARM11_RC_F0,
211 #if ARM11_REGCACHE_MODEREGS
249 #define ARM11_GDB_REGISTER_COUNT 26
251 /* FIXME these are *identical* to the ARMv4_5 dummies ... except
252 * for their names, and being static vs global, and having different
253 * addresses. Ditto ARMv7a and ARMv7m dummies.
256 static uint8_t arm11_gdb_dummy_fp_value[12];
258 static struct reg arm11_gdb_dummy_fp_reg =
260 .name = "GDB dummy floating-point register",
261 .value = arm11_gdb_dummy_fp_value,
269 static uint8_t arm11_gdb_dummy_fps_value[4];
271 static struct reg arm11_gdb_dummy_fps_reg =
273 .name = "GDB dummy floating-point status register",
274 .value = arm11_gdb_dummy_fps_value,
283 static int arm11_on_enter_debug_state(struct arm11_common *arm11);
284 static int arm11_step(struct target *target, int current,
285 uint32_t address, int handle_breakpoints);
287 static int arm11_build_reg_cache(struct target *target);
288 static int arm11_set_reg(struct reg *reg, uint8_t *buf);
289 static int arm11_get_reg(struct reg *reg);
291 static void arm11_record_register_history(struct arm11_common * arm11);
292 static void arm11_dump_reg_changes(struct arm11_common * arm11);
295 /** Check and if necessary take control of the system
297 * \param arm11 Target state variable.
298 * \param dscr If the current DSCR content is
299 * available a pointer to a word holding the
300 * DSCR can be passed. Otherwise use NULL.
302 static int arm11_check_init(struct arm11_common *arm11, uint32_t *dscr)
306 uint32_t dscr_local_tmp_copy;
310 dscr = &dscr_local_tmp_copy;
312 CHECK_RETVAL(arm11_read_DSCR(arm11, dscr));
315 if (!(*dscr & ARM11_DSCR_MODE_SELECT))
317 LOG_DEBUG("Bringing target into debug mode");
319 *dscr |= ARM11_DSCR_MODE_SELECT; /* Halt debug-mode */
320 arm11_write_DSCR(arm11, *dscr);
322 /* add further reset initialization here */
324 arm11->simulate_reset_on_next_halt = true;
326 if (*dscr & ARM11_DSCR_CORE_HALTED)
328 /** \todo TODO: this needs further scrutiny because
329 * arm11_on_enter_debug_state() never gets properly called.
330 * As a result we don't read the actual register states from
334 arm11->target->state = TARGET_HALTED;
335 arm11->target->debug_reason = arm11_get_DSCR_debug_reason(*dscr);
339 arm11->target->state = TARGET_RUNNING;
340 arm11->target->debug_reason = DBG_REASON_NOTHALTED;
343 arm11_sc7_clear_vbw(arm11);
352 (arm11->reg_values[ARM11_RC_##x])
354 /** Save processor state.
356 * This is called when the HALT instruction has succeeded
357 * or on other occasions that stop the processor.
360 static int arm11_on_enter_debug_state(struct arm11_common *arm11)
365 for (size_t i = 0; i < ARRAY_SIZE(arm11->reg_values); i++)
367 arm11->reg_list[i].valid = 1;
368 arm11->reg_list[i].dirty = 0;
372 CHECK_RETVAL(arm11_read_DSCR(arm11, &R(DSCR)));
376 if (R(DSCR) & ARM11_DSCR_WDTR_FULL)
378 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
380 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
382 struct scan_field chain5_fields[3];
384 arm11_setup_field(arm11, 32, NULL, &R(WDTR), chain5_fields + 0);
385 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 1);
386 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
388 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
392 arm11->reg_list[ARM11_RC_WDTR].valid = 0;
396 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
397 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
398 ARM1136 seems to require this to issue ITR's as well */
400 uint32_t new_dscr = R(DSCR) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE;
402 /* this executes JTAG queue: */
404 arm11_write_DSCR(arm11, new_dscr);
408 Before executing any instruction in debug state you have to drain the write buffer.
409 This ensures that no imprecise Data Aborts can return at a later point:*/
411 /** \todo TODO: Test drain write buffer. */
416 /* MRC p14,0,R0,c5,c10,0 */
417 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
419 /* mcr 15, 0, r0, cr7, cr10, {4} */
420 arm11_run_instr_no_data1(arm11, 0xee070f9a);
422 uint32_t dscr = arm11_read_DSCR(arm11);
424 LOG_DEBUG("DRAIN, DSCR %08x", dscr);
426 if (dscr & ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT)
428 arm11_run_instr_no_data1(arm11, 0xe320f000);
430 dscr = arm11_read_DSCR(arm11);
432 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr);
439 retval = arm11_run_instr_data_prepare(arm11);
440 if (retval != ERROR_OK)
445 /** \todo TODO: handle other mode registers */
447 for (size_t i = 0; i < 15; i++)
449 /* MCR p14,0,R?,c0,c5,0 */
450 retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15 | (i << 12), &R(RX + i), 1);
451 if (retval != ERROR_OK)
457 /* check rDTRfull in DSCR */
459 if (R(DSCR) & ARM11_DSCR_RDTR_FULL)
461 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
462 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xEE100E15, &R(RDTR));
463 if (retval != ERROR_OK)
468 arm11->reg_list[ARM11_RC_RDTR].valid = 0;
473 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
474 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xE10F0000, &R(CPSR));
475 if (retval != ERROR_OK)
480 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
481 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xE1A0000F, &R(PC));
482 if (retval != ERROR_OK)
485 /* adjust PC depending on ARM state */
487 if (R(CPSR) & ARM11_CPSR_J) /* Java state */
489 arm11->reg_values[ARM11_RC_PC] -= 0;
491 else if (R(CPSR) & ARM11_CPSR_T) /* Thumb state */
493 arm11->reg_values[ARM11_RC_PC] -= 4;
497 arm11->reg_values[ARM11_RC_PC] -= 8;
500 if (arm11->simulate_reset_on_next_halt)
502 arm11->simulate_reset_on_next_halt = false;
504 LOG_DEBUG("Reset c1 Control Register");
506 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
508 /* MCR p15,0,R0,c1,c0,0 */
509 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee010f10, 0);
510 if (retval != ERROR_OK)
515 retval = arm11_run_instr_data_finish(arm11);
516 if (retval != ERROR_OK)
519 arm11_dump_reg_changes(arm11);
524 void arm11_dump_reg_changes(struct arm11_common * arm11)
527 if (!(debug_level >= LOG_LVL_DEBUG))
532 for (size_t i = 0; i < ARM11_REGCACHE_COUNT; i++)
534 if (!arm11->reg_list[i].valid)
536 if (arm11->reg_history[i].valid)
537 LOG_DEBUG("%8s INVALID (%08" PRIx32 ")", arm11_reg_defs[i].name, arm11->reg_history[i].value);
541 if (arm11->reg_history[i].valid)
543 if (arm11->reg_history[i].value != arm11->reg_values[i])
544 LOG_DEBUG("%8s %08" PRIx32 " (%08" PRIx32 ")", arm11_reg_defs[i].name, arm11->reg_values[i], arm11->reg_history[i].value);
548 LOG_DEBUG("%8s %08" PRIx32 " (INVALID)", arm11_reg_defs[i].name, arm11->reg_values[i]);
554 /** Restore processor state
556 * This is called in preparation for the RESTART function.
559 static int arm11_leave_debug_state(struct arm11_common *arm11)
564 retval = arm11_run_instr_data_prepare(arm11);
565 if (retval != ERROR_OK)
568 /** \todo TODO: handle other mode registers */
570 /* restore R1 - R14 */
572 for (size_t i = 1; i < 15; i++)
574 if (!arm11->reg_list[ARM11_RC_RX + i].dirty)
577 /* MRC p14,0,r?,c0,c5,0 */
578 arm11_run_instr_data_to_core1(arm11, 0xee100e15 | (i << 12), R(RX + i));
580 // LOG_DEBUG("RESTORE R" ZU " %08x", i, R(RX + i));
583 retval = arm11_run_instr_data_finish(arm11);
584 if (retval != ERROR_OK)
587 /* spec says clear wDTR and rDTR; we assume they are clear as
588 otherwise our programming would be sloppy */
592 CHECK_RETVAL(arm11_read_DSCR(arm11, &DSCR));
594 if (DSCR & (ARM11_DSCR_RDTR_FULL | ARM11_DSCR_WDTR_FULL))
597 The wDTR/rDTR two registers that are used to send/receive data to/from
598 the core in tandem with corresponding instruction codes that are
599 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
600 registers hold data that was written by one side (CPU or JTAG) and not
601 read out by the other side.
603 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32 ")", DSCR);
608 retval = arm11_run_instr_data_prepare(arm11);
609 if (retval != ERROR_OK)
612 /* restore original wDTR */
614 if ((R(DSCR) & ARM11_DSCR_WDTR_FULL) || arm11->reg_list[ARM11_RC_WDTR].dirty)
616 /* MCR p14,0,R0,c0,c5,0 */
617 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee000e15, R(WDTR));
618 if (retval != ERROR_OK)
625 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xe129f000, R(CPSR));
626 if (retval != ERROR_OK)
633 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xe1a0f000, R(PC));
634 if (retval != ERROR_OK)
640 /* MRC p14,0,r0,c0,c5,0 */
641 arm11_run_instr_data_to_core1(arm11, 0xee100e15, R(R0));
643 retval = arm11_run_instr_data_finish(arm11);
644 if (retval != ERROR_OK)
649 arm11_write_DSCR(arm11, R(DSCR));
653 if (R(DSCR) & ARM11_DSCR_RDTR_FULL || arm11->reg_list[ARM11_RC_RDTR].dirty)
655 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
657 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
659 struct scan_field chain5_fields[3];
661 uint8_t Ready = 0; /* ignored */
662 uint8_t Valid = 0; /* ignored */
664 arm11_setup_field(arm11, 32, &R(RDTR), NULL, chain5_fields + 0);
665 arm11_setup_field(arm11, 1, &Ready, NULL, chain5_fields + 1);
666 arm11_setup_field(arm11, 1, &Valid, NULL, chain5_fields + 2);
668 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
671 arm11_record_register_history(arm11);
676 static void arm11_record_register_history(struct arm11_common *arm11)
678 for (size_t i = 0; i < ARM11_REGCACHE_COUNT; i++)
680 arm11->reg_history[i].value = arm11->reg_values[i];
681 arm11->reg_history[i].valid = arm11->reg_list[i].valid;
683 arm11->reg_list[i].valid = 0;
684 arm11->reg_list[i].dirty = 0;
689 /* poll current target status */
690 static int arm11_poll(struct target *target)
694 struct arm11_common *arm11 = target_to_arm11(target);
697 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
699 LOG_DEBUG("DSCR %08" PRIx32 "", dscr);
701 CHECK_RETVAL(arm11_check_init(arm11, &dscr));
703 if (dscr & ARM11_DSCR_CORE_HALTED)
705 if (target->state != TARGET_HALTED)
707 enum target_state old_state = target->state;
709 LOG_DEBUG("enter TARGET_HALTED");
710 target->state = TARGET_HALTED;
711 target->debug_reason = arm11_get_DSCR_debug_reason(dscr);
712 retval = arm11_on_enter_debug_state(arm11);
713 if (retval != ERROR_OK)
716 target_call_event_callbacks(target,
717 old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED);
722 if (target->state != TARGET_RUNNING && target->state != TARGET_DEBUG_RUNNING)
724 LOG_DEBUG("enter TARGET_RUNNING");
725 target->state = TARGET_RUNNING;
726 target->debug_reason = DBG_REASON_NOTHALTED;
732 /* architecture specific status reply */
733 static int arm11_arch_state(struct target *target)
735 struct arm11_common *arm11 = target_to_arm11(target);
737 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "",
738 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
745 /* target request support */
746 static int arm11_target_request_data(struct target *target,
747 uint32_t size, uint8_t *buffer)
749 FNC_INFO_NOTIMPLEMENTED;
754 /* target execution control */
755 static int arm11_halt(struct target *target)
758 struct arm11_common *arm11 = target_to_arm11(target);
760 LOG_DEBUG("target->state: %s",
761 target_state_name(target));
763 if (target->state == TARGET_UNKNOWN)
765 arm11->simulate_reset_on_next_halt = true;
768 if (target->state == TARGET_HALTED)
770 LOG_DEBUG("target was already halted");
774 arm11_add_IR(arm11, ARM11_HALT, TAP_IDLE);
776 CHECK_RETVAL(jtag_execute_queue());
783 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
785 if (dscr & ARM11_DSCR_CORE_HALTED)
796 if ((timeval_ms()-then) > 1000)
798 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
805 arm11_on_enter_debug_state(arm11);
807 enum target_state old_state = target->state;
809 target->state = TARGET_HALTED;
810 target->debug_reason = arm11_get_DSCR_debug_reason(dscr);
813 target_call_event_callbacks(target,
814 old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED));
819 static int arm11_resume(struct target *target, int current,
820 uint32_t address, int handle_breakpoints, int debug_execution)
824 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
825 // current, address, handle_breakpoints, debug_execution);
827 struct arm11_common *arm11 = target_to_arm11(target);
829 LOG_DEBUG("target->state: %s",
830 target_state_name(target));
833 if (target->state != TARGET_HALTED)
835 LOG_ERROR("Target not halted");
836 return ERROR_TARGET_NOT_HALTED;
842 LOG_DEBUG("RESUME PC %08" PRIx32 "%s", R(PC), !current ? "!" : "");
844 /* clear breakpoints/watchpoints and VCR*/
845 arm11_sc7_clear_vbw(arm11);
847 /* Set up breakpoints */
848 if (!debug_execution)
850 /* check if one matches PC and step over it if necessary */
852 struct breakpoint * bp;
854 for (bp = target->breakpoints; bp; bp = bp->next)
856 if (bp->address == R(PC))
858 LOG_DEBUG("must step over %08" PRIx32 "", bp->address);
859 arm11_step(target, 1, 0, 0);
864 /* set all breakpoints */
868 for (bp = target->breakpoints; bp; bp = bp->next)
870 struct arm11_sc7_action brp[2];
873 brp[0].address = ARM11_SC7_BVR0 + brp_num;
874 brp[0].value = bp->address;
876 brp[1].address = ARM11_SC7_BCR0 + brp_num;
877 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
879 arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp));
881 LOG_DEBUG("Add BP " ZU " at %08" PRIx32 "", brp_num, bp->address);
886 arm11_sc7_set_vcr(arm11, arm11_vcr);
889 arm11_leave_debug_state(arm11);
891 arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
893 CHECK_RETVAL(jtag_execute_queue());
900 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
902 LOG_DEBUG("DSCR %08" PRIx32 "", dscr);
904 if (dscr & ARM11_DSCR_CORE_RESTARTED)
915 if ((timeval_ms()-then) > 1000)
917 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
924 if (!debug_execution)
926 target->state = TARGET_RUNNING;
927 target->debug_reason = DBG_REASON_NOTHALTED;
929 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
933 target->state = TARGET_DEBUG_RUNNING;
934 target->debug_reason = DBG_REASON_NOTHALTED;
936 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
943 static int armv4_5_to_arm11(int reg)
950 return ARM11_RC_CPSR;
952 /* FIX!!! handle thumb better! */
953 return ARM11_RC_CPSR;
955 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg);
961 static uint32_t arm11_sim_get_reg(struct arm_sim_interface *sim, int reg)
963 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
965 reg=armv4_5_to_arm11(reg);
967 return buf_get_u32(arm11->reg_list[reg].value, 0, 32);
970 static void arm11_sim_set_reg(struct arm_sim_interface *sim,
971 int reg, uint32_t value)
973 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
975 reg=armv4_5_to_arm11(reg);
977 buf_set_u32(arm11->reg_list[reg].value, 0, 32, value);
980 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface *sim,
983 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
985 return buf_get_u32(arm11->reg_list[ARM11_RC_CPSR].value, pos, bits);
988 static enum armv4_5_state arm11_sim_get_state(struct arm_sim_interface *sim)
990 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
992 /* FIX!!!! we should implement thumb for arm11 */
993 return ARMV4_5_STATE_ARM;
996 static void arm11_sim_set_state(struct arm_sim_interface *sim,
997 enum armv4_5_state mode)
999 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
1001 /* FIX!!!! we should implement thumb for arm11 */
1002 LOG_ERROR("Not implemetned!");
1006 static enum armv4_5_mode arm11_sim_get_mode(struct arm_sim_interface *sim)
1008 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
1010 /* FIX!!!! we should implement something that returns the current mode here!!! */
1011 return ARMV4_5_MODE_USR;
1014 static int arm11_simulate_step(struct target *target, uint32_t *dry_run_pc)
1016 struct arm_sim_interface sim;
1018 sim.user_data=target->arch_info;
1019 sim.get_reg=&arm11_sim_get_reg;
1020 sim.set_reg=&arm11_sim_set_reg;
1021 sim.get_reg_mode=&arm11_sim_get_reg;
1022 sim.set_reg_mode=&arm11_sim_set_reg;
1023 sim.get_cpsr=&arm11_sim_get_cpsr;
1024 sim.get_mode=&arm11_sim_get_mode;
1025 sim.get_state=&arm11_sim_get_state;
1026 sim.set_state=&arm11_sim_set_state;
1028 return arm_simulate_step_core(target, dry_run_pc, &sim);
1032 static int arm11_step(struct target *target, int current,
1033 uint32_t address, int handle_breakpoints)
1037 LOG_DEBUG("target->state: %s",
1038 target_state_name(target));
1040 if (target->state != TARGET_HALTED)
1042 LOG_WARNING("target was not halted");
1043 return ERROR_TARGET_NOT_HALTED;
1046 struct arm11_common *arm11 = target_to_arm11(target);
1051 LOG_DEBUG("STEP PC %08" PRIx32 "%s", R(PC), !current ? "!" : "");
1054 /** \todo TODO: Thumb not supported here */
1056 uint32_t next_instruction;
1058 CHECK_RETVAL(arm11_read_memory_word(arm11, R(PC), &next_instruction));
1060 /* skip over BKPT */
1061 if ((next_instruction & 0xFFF00070) == 0xe1200070)
1064 arm11->reg_list[ARM11_RC_PC].valid = 1;
1065 arm11->reg_list[ARM11_RC_PC].dirty = 0;
1066 LOG_DEBUG("Skipping BKPT");
1068 /* skip over Wait for interrupt / Standby */
1069 /* mcr 15, 0, r?, cr7, cr0, {4} */
1070 else if ((next_instruction & 0xFFFF0FFF) == 0xee070f90)
1073 arm11->reg_list[ARM11_RC_PC].valid = 1;
1074 arm11->reg_list[ARM11_RC_PC].dirty = 0;
1075 LOG_DEBUG("Skipping WFI");
1077 /* ignore B to self */
1078 else if ((next_instruction & 0xFEFFFFFF) == 0xeafffffe)
1080 LOG_DEBUG("Not stepping jump to self");
1084 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
1087 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
1088 * the VCR might be something worth looking into. */
1091 /* Set up breakpoint for stepping */
1093 struct arm11_sc7_action brp[2];
1096 brp[0].address = ARM11_SC7_BVR0;
1098 brp[1].address = ARM11_SC7_BCR0;
1100 if (arm11_config_hardware_step)
1102 /* hardware single stepping be used if possible or is it better to
1103 * always use the same code path? Hardware single stepping is not supported
1106 brp[0].value = R(PC);
1107 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
1110 /* sets a breakpoint on the next PC(calculated by simulation),
1114 retval = arm11_simulate_step(target, &next_pc);
1115 if (retval != ERROR_OK)
1118 brp[0].value = next_pc;
1119 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1122 CHECK_RETVAL(arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp)));
1127 if (arm11_config_step_irq_enable)
1128 R(DSCR) &= ~ARM11_DSCR_INTERRUPTS_DISABLE; /* should be redundant */
1130 R(DSCR) |= ARM11_DSCR_INTERRUPTS_DISABLE;
1133 CHECK_RETVAL(arm11_leave_debug_state(arm11));
1135 arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
1137 CHECK_RETVAL(jtag_execute_queue());
1145 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
1147 LOG_DEBUG("DSCR %08" PRIx32 "e", dscr);
1149 if ((dscr & (ARM11_DSCR_CORE_RESTARTED | ARM11_DSCR_CORE_HALTED)) ==
1150 (ARM11_DSCR_CORE_RESTARTED | ARM11_DSCR_CORE_HALTED))
1156 then = timeval_ms();
1160 if ((timeval_ms()-then) > 1000)
1162 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1169 /* clear breakpoint */
1170 arm11_sc7_clear_vbw(arm11);
1173 CHECK_RETVAL(arm11_on_enter_debug_state(arm11));
1175 /* restore default state */
1176 R(DSCR) &= ~ARM11_DSCR_INTERRUPTS_DISABLE;
1180 // target->state = TARGET_HALTED;
1181 target->debug_reason = DBG_REASON_SINGLESTEP;
1183 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_HALTED));
1188 static int arm11_assert_reset(struct target *target)
1192 struct arm11_common *arm11 = target_to_arm11(target);
1194 retval = arm11_check_init(arm11, NULL);
1195 if (retval != ERROR_OK)
1198 target->state = TARGET_UNKNOWN;
1200 /* we would very much like to reset into the halted, state,
1201 * but resetting and halting is second best... */
1202 if (target->reset_halt)
1204 CHECK_RETVAL(target_halt(target));
1208 /* srst is funny. We can not do *anything* else while it's asserted
1209 * and it has unkonwn side effects. Make sure no other code runs
1212 * Code below assumes srst:
1214 * - Causes power-on-reset (but of what parts of the system?). Bug
1217 * - Messes us TAP state without asserting trst.
1219 * - There is another bug in the arm11 core. When you generate an access to
1220 * external logic (for example ddr controller via AHB bus) and that block
1221 * is not configured (perhaps it is still held in reset), that transaction
1222 * will never complete. This will hang arm11 core but it will also hang
1223 * JTAG controller. Nothing, short of srst assertion will bring it out of
1228 * - What should the PC be after an srst reset when starting in the halted
1232 jtag_add_reset(0, 1);
1233 jtag_add_reset(0, 0);
1235 /* How long do we have to wait? */
1236 jtag_add_sleep(5000);
1238 /* un-mess up TAP state */
1241 retval = jtag_execute_queue();
1242 if (retval != ERROR_OK)
1250 static int arm11_deassert_reset(struct target *target)
1255 static int arm11_soft_reset_halt(struct target *target)
1257 FNC_INFO_NOTIMPLEMENTED;
1262 /* target register access for gdb */
1263 static int arm11_get_gdb_reg_list(struct target *target,
1264 struct reg **reg_list[], int *reg_list_size)
1267 struct arm11_common *arm11 = target_to_arm11(target);
1269 *reg_list_size = ARM11_GDB_REGISTER_COUNT;
1270 *reg_list = malloc(sizeof(struct reg*) * ARM11_GDB_REGISTER_COUNT);
1272 for (size_t i = 16; i < 24; i++)
1274 (*reg_list)[i] = &arm11_gdb_dummy_fp_reg;
1277 (*reg_list)[24] = &arm11_gdb_dummy_fps_reg;
1279 for (size_t i = 0; i < ARM11_REGCACHE_COUNT; i++)
1281 if (arm11_reg_defs[i].gdb_num == -1)
1284 (*reg_list)[arm11_reg_defs[i].gdb_num] = arm11->reg_list + i;
1290 /* target memory access
1291 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1292 * count: number of items of <size>
1294 * arm11_config_memrw_no_increment - in the future we may want to be able
1295 * to read/write a range of data to a "port". a "port" is an action on
1296 * read memory address for some peripheral.
1298 static int arm11_read_memory_inner(struct target *target,
1299 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
1300 bool arm11_config_memrw_no_increment)
1302 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1307 if (target->state != TARGET_HALTED)
1309 LOG_WARNING("target was not halted");
1310 return ERROR_TARGET_NOT_HALTED;
1313 LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
1315 struct arm11_common *arm11 = target_to_arm11(target);
1317 retval = arm11_run_instr_data_prepare(arm11);
1318 if (retval != ERROR_OK)
1321 /* MRC p14,0,r0,c0,c5,0 */
1322 retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
1323 if (retval != ERROR_OK)
1329 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1330 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1332 for (size_t i = 0; i < count; i++)
1334 /* ldrb r1, [r0], #1 */
1336 arm11_run_instr_no_data1(arm11,
1337 !arm11_config_memrw_no_increment ? 0xe4d01001 : 0xe5d01000);
1340 /* MCR p14,0,R1,c0,c5,0 */
1341 arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
1350 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1352 for (size_t i = 0; i < count; i++)
1354 /* ldrh r1, [r0], #2 */
1355 arm11_run_instr_no_data1(arm11,
1356 !arm11_config_memrw_no_increment ? 0xe0d010b2 : 0xe1d010b0);
1360 /* MCR p14,0,R1,c0,c5,0 */
1361 arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
1363 uint16_t svalue = res;
1364 memcpy(buffer + i * sizeof(uint16_t), &svalue, sizeof(uint16_t));
1372 uint32_t instr = !arm11_config_memrw_no_increment ? 0xecb05e01 : 0xed905e00;
1373 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1374 uint32_t *words = (uint32_t *)buffer;
1376 /* LDC p14,c5,[R0],#4 */
1377 /* LDC p14,c5,[R0] */
1378 arm11_run_instr_data_from_core(arm11, instr, words, count);
1383 return arm11_run_instr_data_finish(arm11);
1386 static int arm11_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
1388 return arm11_read_memory_inner(target, address, size, count, buffer, false);
1392 * arm11_config_memrw_no_increment - in the future we may want to be able
1393 * to read/write a range of data to a "port". a "port" is an action on
1394 * read memory address for some peripheral.
1396 static int arm11_write_memory_inner(struct target *target,
1397 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
1398 bool arm11_config_memrw_no_increment)
1403 if (target->state != TARGET_HALTED)
1405 LOG_WARNING("target was not halted");
1406 return ERROR_TARGET_NOT_HALTED;
1409 LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
1411 struct arm11_common *arm11 = target_to_arm11(target);
1413 retval = arm11_run_instr_data_prepare(arm11);
1414 if (retval != ERROR_OK)
1417 /* MRC p14,0,r0,c0,c5,0 */
1418 retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
1419 if (retval != ERROR_OK)
1422 /* burst writes are not used for single words as those may well be
1423 * reset init script writes.
1425 * The other advantage is that as burst writes are default, we'll
1426 * now exercise both burst and non-burst code paths with the
1427 * default settings, increasing code coverage.
1429 bool burst = arm11_config_memwrite_burst && (count > 1);
1435 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1437 for (size_t i = 0; i < count; i++)
1439 /* MRC p14,0,r1,c0,c5,0 */
1440 retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, *buffer++);
1441 if (retval != ERROR_OK)
1444 /* strb r1, [r0], #1 */
1446 retval = arm11_run_instr_no_data1(arm11,
1447 !arm11_config_memrw_no_increment ? 0xe4c01001 : 0xe5c01000);
1448 if (retval != ERROR_OK)
1457 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1459 for (size_t i = 0; i < count; i++)
1462 memcpy(&value, buffer + i * sizeof(uint16_t), sizeof(uint16_t));
1464 /* MRC p14,0,r1,c0,c5,0 */
1465 retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, value);
1466 if (retval != ERROR_OK)
1469 /* strh r1, [r0], #2 */
1471 retval = arm11_run_instr_no_data1(arm11,
1472 !arm11_config_memrw_no_increment ? 0xe0c010b2 : 0xe1c010b0);
1473 if (retval != ERROR_OK)
1481 uint32_t instr = !arm11_config_memrw_no_increment ? 0xeca05e01 : 0xed805e00;
1483 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1484 uint32_t *words = (uint32_t*)buffer;
1488 /* STC p14,c5,[R0],#4 */
1489 /* STC p14,c5,[R0]*/
1490 retval = arm11_run_instr_data_to_core(arm11, instr, words, count);
1491 if (retval != ERROR_OK)
1496 /* STC p14,c5,[R0],#4 */
1497 /* STC p14,c5,[R0]*/
1498 retval = arm11_run_instr_data_to_core_noack(arm11, instr, words, count);
1499 if (retval != ERROR_OK)
1507 /* r0 verification */
1508 if (!arm11_config_memrw_no_increment)
1512 /* MCR p14,0,R0,c0,c5,0 */
1513 retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15, &r0, 1);
1514 if (retval != ERROR_OK)
1517 if (address + size * count != r0)
1519 LOG_ERROR("Data transfer failed. Expected end "
1520 "address 0x%08x, got 0x%08x",
1521 (unsigned) (address + size * count),
1525 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1527 if (arm11_config_memwrite_error_fatal)
1532 return arm11_run_instr_data_finish(arm11);
1535 static int arm11_write_memory(struct target *target,
1536 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
1538 return arm11_write_memory_inner(target, address, size, count, buffer, false);
1541 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1542 static int arm11_bulk_write_memory(struct target *target,
1543 uint32_t address, uint32_t count, uint8_t *buffer)
1547 if (target->state != TARGET_HALTED)
1549 LOG_WARNING("target was not halted");
1550 return ERROR_TARGET_NOT_HALTED;
1553 return arm11_write_memory(target, address, 4, count, buffer);
1556 /* target break-/watchpoint control
1557 * rw: 0 = write, 1 = read, 2 = access
1559 static int arm11_add_breakpoint(struct target *target,
1560 struct breakpoint *breakpoint)
1563 struct arm11_common *arm11 = target_to_arm11(target);
1566 if (breakpoint->type == BKPT_SOFT)
1568 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1569 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1573 if (!arm11->free_brps)
1575 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1576 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1579 if (breakpoint->length != 4)
1581 LOG_DEBUG("only breakpoints of four bytes length supported");
1582 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1590 static int arm11_remove_breakpoint(struct target *target,
1591 struct breakpoint *breakpoint)
1594 struct arm11_common *arm11 = target_to_arm11(target);
1601 static int arm11_add_watchpoint(struct target *target,
1602 struct watchpoint *watchpoint)
1604 FNC_INFO_NOTIMPLEMENTED;
1609 static int arm11_remove_watchpoint(struct target *target,
1610 struct watchpoint *watchpoint)
1612 FNC_INFO_NOTIMPLEMENTED;
1617 // HACKHACKHACK - FIXME mode/state
1618 /* target algorithm support */
1619 static int arm11_run_algorithm(struct target *target,
1620 int num_mem_params, struct mem_param *mem_params,
1621 int num_reg_params, struct reg_param *reg_params,
1622 uint32_t entry_point, uint32_t exit_point,
1623 int timeout_ms, void *arch_info)
1625 struct arm11_common *arm11 = target_to_arm11(target);
1626 // enum armv4_5_state core_state = arm11->core_state;
1627 // enum armv4_5_mode core_mode = arm11->core_mode;
1628 uint32_t context[16];
1630 int exit_breakpoint_size = 0;
1631 int retval = ERROR_OK;
1632 LOG_DEBUG("Running algorithm");
1635 if (target->state != TARGET_HALTED)
1637 LOG_WARNING("target not halted");
1638 return ERROR_TARGET_NOT_HALTED;
1642 // if (armv4_5_mode_to_number(arm11->core_mode)==-1)
1643 // return ERROR_FAIL;
1646 for (unsigned i = 0; i < 16; i++)
1648 context[i] = buf_get_u32((uint8_t*)(&arm11->reg_values[i]),0,32);
1649 LOG_DEBUG("Save %u: 0x%" PRIx32 "", i, context[i]);
1652 cpsr = buf_get_u32((uint8_t*)(arm11->reg_values + ARM11_RC_CPSR),0,32);
1653 LOG_DEBUG("Save CPSR: 0x%" PRIx32 "", cpsr);
1655 for (int i = 0; i < num_mem_params; i++)
1657 target_write_buffer(target, mem_params[i].address, mem_params[i].size, mem_params[i].value);
1660 // Set register parameters
1661 for (int i = 0; i < num_reg_params; i++)
1663 struct reg *reg = register_get_by_name(arm11->core_cache, reg_params[i].reg_name, 0);
1666 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1667 return ERROR_INVALID_ARGUMENTS;
1670 if (reg->size != reg_params[i].size)
1672 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params[i].reg_name);
1673 return ERROR_INVALID_ARGUMENTS;
1675 arm11_set_reg(reg,reg_params[i].value);
1676 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1679 exit_breakpoint_size = 4;
1681 /* arm11->core_state = arm11_algorithm_info->core_state;
1682 if (arm11->core_state == ARMV4_5_STATE_ARM)
1683 exit_breakpoint_size = 4;
1684 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1685 exit_breakpoint_size = 2;
1688 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1694 /* arm11 at this point only supports ARM not THUMB mode
1695 however if this test needs to be reactivated the current state can be read back
1698 if (arm11_algorithm_info->core_mode != ARMV4_5_MODE_ANY)
1700 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info->core_mode);
1701 buf_set_u32(arm11->reg_list[ARM11_RC_CPSR].value, 0, 5, arm11_algorithm_info->core_mode);
1702 arm11->reg_list[ARM11_RC_CPSR].dirty = 1;
1703 arm11->reg_list[ARM11_RC_CPSR].valid = 1;
1707 if ((retval = breakpoint_add(target, exit_point, exit_breakpoint_size, BKPT_HARD)) != ERROR_OK)
1709 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1710 retval = ERROR_TARGET_FAILURE;
1714 // no debug, otherwise breakpoint is not set
1715 CHECK_RETVAL(target_resume(target, 0, entry_point, 1, 0));
1717 CHECK_RETVAL(target_wait_state(target, TARGET_HALTED, timeout_ms));
1719 if (target->state != TARGET_HALTED)
1721 CHECK_RETVAL(target_halt(target));
1723 CHECK_RETVAL(target_wait_state(target, TARGET_HALTED, 500));
1725 retval = ERROR_TARGET_TIMEOUT;
1727 goto del_breakpoint;
1730 if (buf_get_u32(arm11->reg_list[15].value, 0, 32) != exit_point)
1732 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32 "",
1733 buf_get_u32(arm11->reg_list[15].value, 0, 32));
1734 retval = ERROR_TARGET_TIMEOUT;
1735 goto del_breakpoint;
1738 for (int i = 0; i < num_mem_params; i++)
1740 if (mem_params[i].direction != PARAM_OUT)
1741 target_read_buffer(target, mem_params[i].address, mem_params[i].size, mem_params[i].value);
1744 for (int i = 0; i < num_reg_params; i++)
1746 if (reg_params[i].direction != PARAM_OUT)
1748 struct reg *reg = register_get_by_name(arm11->core_cache, reg_params[i].reg_name, 0);
1751 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1752 retval = ERROR_INVALID_ARGUMENTS;
1753 goto del_breakpoint;
1756 if (reg->size != reg_params[i].size)
1758 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params[i].reg_name);
1759 retval = ERROR_INVALID_ARGUMENTS;
1760 goto del_breakpoint;
1763 buf_set_u32(reg_params[i].value, 0, 32, buf_get_u32(reg->value, 0, 32));
1768 breakpoint_remove(target, exit_point);
1772 for (size_t i = 0; i < 16; i++)
1774 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32 "",
1775 arm11->reg_list[i].name, context[i]);
1776 arm11_set_reg(&arm11->reg_list[i], (uint8_t*)&context[i]);
1778 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32 "", cpsr);
1779 arm11_set_reg(&arm11->reg_list[ARM11_RC_CPSR], (uint8_t*)&cpsr);
1781 // arm11->core_state = core_state;
1782 // arm11->core_mode = core_mode;
1787 static int arm11_target_create(struct target *target, Jim_Interp *interp)
1791 NEW(struct arm11_common, arm11, 1);
1793 arm11->target = target;
1795 if (target->tap == NULL)
1798 if (target->tap->ir_length != 5)
1800 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1801 return ERROR_COMMAND_SYNTAX_ERROR;
1804 armv4_5_init_arch_info(target, &arm11->arm);
1806 arm11->jtag_info.tap = target->tap;
1807 arm11->jtag_info.scann_size = 5;
1808 arm11->jtag_info.scann_instr = ARM11_SCAN_N;
1809 /* cur_scan_chain == 0 */
1810 arm11->jtag_info.intest_instr = ARM11_INTEST;
1815 static int arm11_init_target(struct command_context *cmd_ctx,
1816 struct target *target)
1818 /* Initialize anything we can set up without talking to the target */
1819 return arm11_build_reg_cache(target);
1822 /* talk to the target and set things up */
1823 static int arm11_examine(struct target *target)
1828 struct arm11_common *arm11 = target_to_arm11(target);
1832 arm11_add_IR(arm11, ARM11_IDCODE, ARM11_TAP_DEFAULT);
1834 struct scan_field idcode_field;
1836 arm11_setup_field(arm11, 32, NULL, &arm11->device_id, &idcode_field);
1838 arm11_add_dr_scan_vc(1, &idcode_field, TAP_DRPAUSE);
1842 arm11_add_debug_SCAN_N(arm11, 0x00, ARM11_TAP_DEFAULT);
1844 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
1846 struct scan_field chain0_fields[2];
1848 arm11_setup_field(arm11, 32, NULL, &arm11->didr, chain0_fields + 0);
1849 arm11_setup_field(arm11, 8, NULL, &arm11->implementor, chain0_fields + 1);
1851 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields), chain0_fields, TAP_IDLE);
1853 CHECK_RETVAL(jtag_execute_queue());
1855 switch (arm11->device_id & 0x0FFFF000)
1857 case 0x07B36000: LOG_INFO("found ARM1136"); break;
1858 case 0x07B56000: LOG_INFO("found ARM1156"); break;
1859 case 0x07B76000: LOG_INFO("found ARM1176"); break;
1861 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1865 arm11->debug_version = (arm11->didr >> 16) & 0x0F;
1867 if (arm11->debug_version != ARM11_DEBUG_V6 &&
1868 arm11->debug_version != ARM11_DEBUG_V61)
1870 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1874 arm11->brp = ((arm11->didr >> 24) & 0x0F) + 1;
1875 arm11->wrp = ((arm11->didr >> 28) & 0x0F) + 1;
1877 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1878 arm11->free_brps = arm11->brp;
1879 arm11->free_wrps = arm11->wrp;
1881 LOG_DEBUG("IDCODE %08" PRIx32 " IMPLEMENTOR %02x DIDR %08" PRIx32 "",
1883 (int)(arm11->implementor),
1886 /* as a side-effect this reads DSCR and thus
1887 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1888 * as suggested by the spec.
1891 retval = arm11_check_init(arm11, NULL);
1892 if (retval != ERROR_OK)
1895 /* ETM on ARM11 still uses original scanchain 6 access mode */
1896 if (arm11->arm.etm && !target_was_examined(target)) {
1897 *register_get_last_cache_p(&target->reg_cache) =
1898 etm_build_reg_cache(target, &arm11->jtag_info,
1900 retval = etm_setup(target);
1903 target_set_examined(target);
1909 /** Load a register that is marked !valid in the register cache */
1910 static int arm11_get_reg(struct reg *reg)
1914 struct target * target = ((struct arm11_reg_state *)reg->arch_info)->target;
1916 if (target->state != TARGET_HALTED)
1918 LOG_WARNING("target was not halted");
1919 return ERROR_TARGET_NOT_HALTED;
1922 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1925 struct arm11_common *arm11 = target_to_arm11(target);
1926 const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1932 /** Change a value in the register cache */
1933 static int arm11_set_reg(struct reg *reg, uint8_t *buf)
1937 struct target *target = ((struct arm11_reg_state *)reg->arch_info)->target;
1938 struct arm11_common *arm11 = target_to_arm11(target);
1939 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1941 arm11->reg_values[((struct arm11_reg_state *)reg->arch_info)->def_index] = buf_get_u32(buf, 0, 32);
1948 static int arm11_build_reg_cache(struct target *target)
1950 struct arm11_common *arm11 = target_to_arm11(target);
1952 NEW(struct reg_cache, cache, 1);
1953 NEW(struct reg, reg_list, ARM11_REGCACHE_COUNT);
1954 NEW(struct arm11_reg_state, arm11_reg_states, ARM11_REGCACHE_COUNT);
1956 if (arm11_regs_arch_type == -1)
1957 arm11_regs_arch_type = register_reg_arch_type(arm11_get_reg, arm11_set_reg);
1959 register_init_dummy(&arm11_gdb_dummy_fp_reg);
1960 register_init_dummy(&arm11_gdb_dummy_fps_reg);
1962 arm11->reg_list = reg_list;
1964 /* Build the process context cache */
1965 cache->name = "arm11 registers";
1967 cache->reg_list = reg_list;
1968 cache->num_regs = ARM11_REGCACHE_COUNT;
1970 struct reg_cache **cache_p = register_get_last_cache_p(&target->reg_cache);
1973 arm11->core_cache = cache;
1974 // armv7m->process_context = cache;
1978 /* Not very elegant assertion */
1979 if (ARM11_REGCACHE_COUNT != ARRAY_SIZE(arm11->reg_values) ||
1980 ARM11_REGCACHE_COUNT != ARRAY_SIZE(arm11_reg_defs) ||
1981 ARM11_REGCACHE_COUNT != ARM11_RC_MAX)
1983 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d " ZU " " ZU " %d)", ARM11_REGCACHE_COUNT, ARRAY_SIZE(arm11->reg_values), ARRAY_SIZE(arm11_reg_defs), ARM11_RC_MAX);
1987 for (i = 0; i < ARM11_REGCACHE_COUNT; i++)
1989 struct reg * r = reg_list + i;
1990 const struct arm11_reg_defs * rd = arm11_reg_defs + i;
1991 struct arm11_reg_state * rs = arm11_reg_states + i;
1995 r->value = (uint8_t *)(arm11->reg_values + i);
1998 r->arch_type = arm11_regs_arch_type;
2002 rs->target = target;
2008 static COMMAND_HELPER(arm11_handle_bool, bool *var, char *name)
2012 LOG_INFO("%s is %s.", name, *var ? "enabled" : "disabled");
2017 return ERROR_COMMAND_SYNTAX_ERROR;
2022 case 'f': /* false */
2024 case 'd': /* disable */
2030 case 't': /* true */
2032 case 'e': /* enable */
2038 LOG_INFO("%s %s.", *var ? "Enabled" : "Disabled", name);
2043 #define BOOL_WRAPPER(name, print_name) \
2044 COMMAND_HANDLER(arm11_handle_bool_##name) \
2046 return CALL_COMMAND_HANDLER(arm11_handle_bool, \
2047 &arm11_config_##name, print_name); \
2050 BOOL_WRAPPER(memwrite_burst, "memory write burst mode")
2051 BOOL_WRAPPER(memwrite_error_fatal, "fatal error mode for memory writes")
2052 BOOL_WRAPPER(step_irq_enable, "IRQs while stepping")
2053 BOOL_WRAPPER(hardware_step, "hardware single step")
2055 COMMAND_HANDLER(arm11_handle_vcr)
2061 COMMAND_PARSE_NUMBER(u32, args[0], arm11_vcr);
2064 return ERROR_COMMAND_SYNTAX_ERROR;
2067 LOG_INFO("VCR 0x%08" PRIx32 "", arm11_vcr);
2071 static const uint32_t arm11_coproc_instruction_limits[] =
2073 15, /* coprocessor */
2078 0xFFFFFFFF, /* value */
2081 static int arm11_mrc_inner(struct target *target, int cpnum,
2082 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm,
2083 uint32_t *value, bool read)
2086 struct arm11_common *arm11 = target_to_arm11(target);
2088 if (target->state != TARGET_HALTED)
2090 LOG_ERROR("Target not halted");
2094 uint32_t instr = 0xEE000010 |
2102 instr |= 0x00100000;
2104 retval = arm11_run_instr_data_prepare(arm11);
2105 if (retval != ERROR_OK)
2110 retval = arm11_run_instr_data_from_core_via_r0(arm11, instr, value);
2111 if (retval != ERROR_OK)
2116 retval = arm11_run_instr_data_to_core_via_r0(arm11, instr, *value);
2117 if (retval != ERROR_OK)
2121 return arm11_run_instr_data_finish(arm11);
2124 static int arm11_mrc(struct target *target, int cpnum,
2125 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
2127 return arm11_mrc_inner(target, cpnum, op1, op2, CRn, CRm, value, true);
2130 static int arm11_mcr(struct target *target, int cpnum,
2131 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
2133 return arm11_mrc_inner(target, cpnum, op1, op2, CRn, CRm, &value, false);
2136 static int arm11_register_commands(struct command_context *cmd_ctx)
2140 struct command *top_cmd, *mw_cmd;
2142 armv4_5_register_commands(cmd_ctx);
2144 top_cmd = register_command(cmd_ctx, NULL, "arm11",
2145 NULL, COMMAND_ANY, NULL);
2147 /* "hardware_step" is only here to check if the default
2148 * simulate + breakpoint implementation is broken.
2149 * TEMPORARY! NOT DOCUMENTED!
2151 register_command(cmd_ctx, top_cmd, "hardware_step",
2152 arm11_handle_bool_hardware_step, COMMAND_ANY,
2153 "DEBUG ONLY - Hardware single stepping"
2154 " (default: disabled)");
2156 mw_cmd = register_command(cmd_ctx, top_cmd, "memwrite",
2157 NULL, COMMAND_ANY, NULL);
2158 register_command(cmd_ctx, mw_cmd, "burst",
2159 arm11_handle_bool_memwrite_burst, COMMAND_ANY,
2160 "Enable/Disable non-standard but fast burst mode"
2161 " (default: enabled)");
2162 register_command(cmd_ctx, mw_cmd, "error_fatal",
2163 arm11_handle_bool_memwrite_error_fatal, COMMAND_ANY,
2164 "Terminate program if transfer error was found"
2165 " (default: enabled)");
2167 register_command(cmd_ctx, top_cmd, "step_irq_enable",
2168 arm11_handle_bool_step_irq_enable, COMMAND_ANY,
2169 "Enable interrupts while stepping"
2170 " (default: disabled)");
2171 register_command(cmd_ctx, top_cmd, "vcr",
2172 arm11_handle_vcr, COMMAND_ANY,
2173 "Control (Interrupt) Vector Catch Register");
2175 return etm_register_commands(cmd_ctx);
2178 /** Holds methods for ARM11xx targets. */
2179 struct target_type arm11_target = {
2183 .arch_state = arm11_arch_state,
2185 .target_request_data = arm11_target_request_data,
2188 .resume = arm11_resume,
2191 .assert_reset = arm11_assert_reset,
2192 .deassert_reset = arm11_deassert_reset,
2193 .soft_reset_halt = arm11_soft_reset_halt,
2195 .get_gdb_reg_list = arm11_get_gdb_reg_list,
2197 .read_memory = arm11_read_memory,
2198 .write_memory = arm11_write_memory,
2200 .bulk_write_memory = arm11_bulk_write_memory,
2202 .checksum_memory = arm_checksum_memory,
2203 .blank_check_memory = arm_blank_check_memory,
2205 .add_breakpoint = arm11_add_breakpoint,
2206 .remove_breakpoint = arm11_remove_breakpoint,
2207 .add_watchpoint = arm11_add_watchpoint,
2208 .remove_watchpoint = arm11_remove_watchpoint,
2210 .run_algorithm = arm11_run_algorithm,
2212 .register_commands = arm11_register_commands,
2213 .target_create = arm11_target_create,
2214 .init_target = arm11_init_target,
2215 .examine = arm11_examine,
projects / fw / openocd / blob