1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
43 static bool arm11_config_memwrite_burst = true;
44 static bool arm11_config_memwrite_error_fatal = true;
45 static uint32_t arm11_vcr = 0;
46 static bool arm11_config_step_irq_enable = false;
47 static bool arm11_config_hardware_step = false;
64 ARM11_REGISTER_SPSR_FIQ,
65 ARM11_REGISTER_SPSR_SVC,
66 ARM11_REGISTER_SPSR_ABT,
67 ARM11_REGISTER_SPSR_IRQ,
68 ARM11_REGISTER_SPSR_UND,
69 ARM11_REGISTER_SPSR_MON,
83 enum arm11_regtype type;
86 /* update arm11_regcache_ids when changing this */
87 static const struct arm11_reg_defs arm11_reg_defs[] =
89 {"r0", 0, 0, ARM11_REGISTER_CORE},
90 {"r1", 1, 1, ARM11_REGISTER_CORE},
91 {"r2", 2, 2, ARM11_REGISTER_CORE},
92 {"r3", 3, 3, ARM11_REGISTER_CORE},
93 {"r4", 4, 4, ARM11_REGISTER_CORE},
94 {"r5", 5, 5, ARM11_REGISTER_CORE},
95 {"r6", 6, 6, ARM11_REGISTER_CORE},
96 {"r7", 7, 7, ARM11_REGISTER_CORE},
97 {"r8", 8, 8, ARM11_REGISTER_CORE},
98 {"r9", 9, 9, ARM11_REGISTER_CORE},
99 {"r10", 10, 10, ARM11_REGISTER_CORE},
100 {"r11", 11, 11, ARM11_REGISTER_CORE},
101 {"r12", 12, 12, ARM11_REGISTER_CORE},
102 {"sp", 13, 13, ARM11_REGISTER_CORE},
103 {"lr", 14, 14, ARM11_REGISTER_CORE},
104 {"pc", 15, 15, ARM11_REGISTER_CORE},
106 {"cpsr", 0, 25, ARM11_REGISTER_CPSR},
108 /* Debug Registers */
109 {"dscr", 0, -1, ARM11_REGISTER_DSCR},
110 {"wdtr", 0, -1, ARM11_REGISTER_WDTR},
111 {"rdtr", 0, -1, ARM11_REGISTER_RDTR},
114 enum arm11_regcache_ids
117 ARM11_RC_RX = ARM11_RC_R0,
132 ARM11_RC_SP = ARM11_RC_R13,
134 ARM11_RC_LR = ARM11_RC_R14,
136 ARM11_RC_PC = ARM11_RC_R15,
147 /* GDB expects ARMs to give R0..R15, CPSR, and 7 FPA dummies */
148 #define ARM11_GDB_REGISTER_COUNT 26
150 static int arm11_on_enter_debug_state(struct arm11_common *arm11);
151 static int arm11_step(struct target *target, int current,
152 uint32_t address, int handle_breakpoints);
154 static int arm11_build_reg_cache(struct target *target);
155 static int arm11_set_reg(struct reg *reg, uint8_t *buf);
156 static int arm11_get_reg(struct reg *reg);
159 /** Check and if necessary take control of the system
161 * \param arm11 Target state variable.
162 * \param dscr If the current DSCR content is
163 * available a pointer to a word holding the
164 * DSCR can be passed. Otherwise use NULL.
166 static int arm11_check_init(struct arm11_common *arm11, uint32_t *dscr)
168 uint32_t dscr_local_tmp_copy;
172 dscr = &dscr_local_tmp_copy;
174 CHECK_RETVAL(arm11_read_DSCR(arm11, dscr));
177 if (!(*dscr & ARM11_DSCR_MODE_SELECT))
179 LOG_DEBUG("Bringing target into debug mode");
181 *dscr |= ARM11_DSCR_MODE_SELECT; /* Halt debug-mode */
182 arm11_write_DSCR(arm11, *dscr);
184 /* add further reset initialization here */
186 arm11->simulate_reset_on_next_halt = true;
188 if (*dscr & ARM11_DSCR_CORE_HALTED)
190 /** \todo TODO: this needs further scrutiny because
191 * arm11_on_enter_debug_state() never gets properly called.
192 * As a result we don't read the actual register states from
196 arm11->target->state = TARGET_HALTED;
197 arm11->target->debug_reason = arm11_get_DSCR_debug_reason(*dscr);
201 arm11->target->state = TARGET_RUNNING;
202 arm11->target->debug_reason = DBG_REASON_NOTHALTED;
205 arm11_sc7_clear_vbw(arm11);
214 (arm11->reg_values[ARM11_RC_##x])
216 /** Save processor state.
218 * This is called when the HALT instruction has succeeded
219 * or on other occasions that stop the processor.
222 static int arm11_on_enter_debug_state(struct arm11_common *arm11)
226 for (size_t i = 0; i < ARRAY_SIZE(arm11->reg_values); i++)
228 arm11->reg_list[i].valid = 1;
229 arm11->reg_list[i].dirty = 0;
233 CHECK_RETVAL(arm11_read_DSCR(arm11, &R(DSCR)));
237 if (R(DSCR) & ARM11_DSCR_WDTR_FULL)
239 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
241 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
243 struct scan_field chain5_fields[3];
245 arm11_setup_field(arm11, 32, NULL, &R(WDTR), chain5_fields + 0);
246 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 1);
247 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
249 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
253 arm11->reg_list[ARM11_RC_WDTR].valid = 0;
257 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
258 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
259 ARM1136 seems to require this to issue ITR's as well */
261 uint32_t new_dscr = R(DSCR) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE;
263 /* this executes JTAG queue: */
265 arm11_write_DSCR(arm11, new_dscr);
269 Before executing any instruction in debug state you have to drain the write buffer.
270 This ensures that no imprecise Data Aborts can return at a later point:*/
272 /** \todo TODO: Test drain write buffer. */
277 /* MRC p14,0,R0,c5,c10,0 */
278 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
280 /* mcr 15, 0, r0, cr7, cr10, {4} */
281 arm11_run_instr_no_data1(arm11, 0xee070f9a);
283 uint32_t dscr = arm11_read_DSCR(arm11);
285 LOG_DEBUG("DRAIN, DSCR %08x", dscr);
287 if (dscr & ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT)
289 arm11_run_instr_no_data1(arm11, 0xe320f000);
291 dscr = arm11_read_DSCR(arm11);
293 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr);
300 retval = arm11_run_instr_data_prepare(arm11);
301 if (retval != ERROR_OK)
306 /** \todo TODO: handle other mode registers */
308 for (size_t i = 0; i < 15; i++)
310 /* MCR p14,0,R?,c0,c5,0 */
311 retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15 | (i << 12), &R(RX + i), 1);
312 if (retval != ERROR_OK)
318 /* check rDTRfull in DSCR */
320 if (R(DSCR) & ARM11_DSCR_RDTR_FULL)
322 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
323 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xEE100E15, &R(RDTR));
324 if (retval != ERROR_OK)
329 arm11->reg_list[ARM11_RC_RDTR].valid = 0;
334 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
335 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xE10F0000, &R(CPSR));
336 if (retval != ERROR_OK)
341 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
342 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xE1A0000F, &R(PC));
343 if (retval != ERROR_OK)
346 /* adjust PC depending on ARM state */
348 if (R(CPSR) & ARM11_CPSR_J) /* Java state */
350 arm11->reg_values[ARM11_RC_PC] -= 0;
352 else if (R(CPSR) & ARM11_CPSR_T) /* Thumb state */
354 arm11->reg_values[ARM11_RC_PC] -= 4;
358 arm11->reg_values[ARM11_RC_PC] -= 8;
361 if (arm11->simulate_reset_on_next_halt)
363 arm11->simulate_reset_on_next_halt = false;
365 LOG_DEBUG("Reset c1 Control Register");
367 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
369 /* MCR p15,0,R0,c1,c0,0 */
370 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee010f10, 0);
371 if (retval != ERROR_OK)
376 retval = arm11_run_instr_data_finish(arm11);
377 if (retval != ERROR_OK)
383 /** Restore processor state
385 * This is called in preparation for the RESTART function.
388 static int arm11_leave_debug_state(struct arm11_common *arm11)
392 retval = arm11_run_instr_data_prepare(arm11);
393 if (retval != ERROR_OK)
396 /** \todo TODO: handle other mode registers */
398 /* restore R1 - R14 */
400 for (unsigned i = 1; i < 15; i++)
402 if (!arm11->reg_list[ARM11_RC_RX + i].dirty)
405 /* MRC p14,0,r?,c0,c5,0 */
406 arm11_run_instr_data_to_core1(arm11,
407 0xee100e15 | (i << 12), R(RX + i));
409 // LOG_DEBUG("RESTORE R%u %08x", i, R(RX + i));
412 retval = arm11_run_instr_data_finish(arm11);
413 if (retval != ERROR_OK)
416 /* spec says clear wDTR and rDTR; we assume they are clear as
417 otherwise our programming would be sloppy */
421 CHECK_RETVAL(arm11_read_DSCR(arm11, &DSCR));
423 if (DSCR & (ARM11_DSCR_RDTR_FULL | ARM11_DSCR_WDTR_FULL))
426 The wDTR/rDTR two registers that are used to send/receive data to/from
427 the core in tandem with corresponding instruction codes that are
428 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
429 registers hold data that was written by one side (CPU or JTAG) and not
430 read out by the other side.
432 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32 ")", DSCR);
437 retval = arm11_run_instr_data_prepare(arm11);
438 if (retval != ERROR_OK)
441 /* restore original wDTR */
443 if ((R(DSCR) & ARM11_DSCR_WDTR_FULL) || arm11->reg_list[ARM11_RC_WDTR].dirty)
445 /* MCR p14,0,R0,c0,c5,0 */
446 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee000e15, R(WDTR));
447 if (retval != ERROR_OK)
454 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xe129f000, R(CPSR));
455 if (retval != ERROR_OK)
462 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xe1a0f000, R(PC));
463 if (retval != ERROR_OK)
469 /* MRC p14,0,r0,c0,c5,0 */
470 arm11_run_instr_data_to_core1(arm11, 0xee100e15, R(R0));
472 retval = arm11_run_instr_data_finish(arm11);
473 if (retval != ERROR_OK)
478 arm11_write_DSCR(arm11, R(DSCR));
482 if (R(DSCR) & ARM11_DSCR_RDTR_FULL || arm11->reg_list[ARM11_RC_RDTR].dirty)
484 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
486 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
488 struct scan_field chain5_fields[3];
490 uint8_t Ready = 0; /* ignored */
491 uint8_t Valid = 0; /* ignored */
493 arm11_setup_field(arm11, 32, &R(RDTR), NULL, chain5_fields + 0);
494 arm11_setup_field(arm11, 1, &Ready, NULL, chain5_fields + 1);
495 arm11_setup_field(arm11, 1, &Valid, NULL, chain5_fields + 2);
497 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
503 /* poll current target status */
504 static int arm11_poll(struct target *target)
507 struct arm11_common *arm11 = target_to_arm11(target);
510 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
512 LOG_DEBUG("DSCR %08" PRIx32 "", dscr);
514 CHECK_RETVAL(arm11_check_init(arm11, &dscr));
516 if (dscr & ARM11_DSCR_CORE_HALTED)
518 if (target->state != TARGET_HALTED)
520 enum target_state old_state = target->state;
522 LOG_DEBUG("enter TARGET_HALTED");
523 target->state = TARGET_HALTED;
524 target->debug_reason = arm11_get_DSCR_debug_reason(dscr);
525 retval = arm11_on_enter_debug_state(arm11);
526 if (retval != ERROR_OK)
529 target_call_event_callbacks(target,
530 old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED);
535 if (target->state != TARGET_RUNNING && target->state != TARGET_DEBUG_RUNNING)
537 LOG_DEBUG("enter TARGET_RUNNING");
538 target->state = TARGET_RUNNING;
539 target->debug_reason = DBG_REASON_NOTHALTED;
545 /* architecture specific status reply */
546 static int arm11_arch_state(struct target *target)
548 struct arm11_common *arm11 = target_to_arm11(target);
550 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "",
551 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
558 /* target request support */
559 static int arm11_target_request_data(struct target *target,
560 uint32_t size, uint8_t *buffer)
562 LOG_WARNING("Not implemented: %s", __func__);
567 /* target execution control */
568 static int arm11_halt(struct target *target)
570 struct arm11_common *arm11 = target_to_arm11(target);
572 LOG_DEBUG("target->state: %s",
573 target_state_name(target));
575 if (target->state == TARGET_UNKNOWN)
577 arm11->simulate_reset_on_next_halt = true;
580 if (target->state == TARGET_HALTED)
582 LOG_DEBUG("target was already halted");
586 arm11_add_IR(arm11, ARM11_HALT, TAP_IDLE);
588 CHECK_RETVAL(jtag_execute_queue());
595 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
597 if (dscr & ARM11_DSCR_CORE_HALTED)
608 if ((timeval_ms()-then) > 1000)
610 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
617 arm11_on_enter_debug_state(arm11);
619 enum target_state old_state = target->state;
621 target->state = TARGET_HALTED;
622 target->debug_reason = arm11_get_DSCR_debug_reason(dscr);
625 target_call_event_callbacks(target,
626 old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED));
631 static int arm11_resume(struct target *target, int current,
632 uint32_t address, int handle_breakpoints, int debug_execution)
634 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
635 // current, address, handle_breakpoints, debug_execution);
637 struct arm11_common *arm11 = target_to_arm11(target);
639 LOG_DEBUG("target->state: %s",
640 target_state_name(target));
643 if (target->state != TARGET_HALTED)
645 LOG_ERROR("Target not halted");
646 return ERROR_TARGET_NOT_HALTED;
652 LOG_DEBUG("RESUME PC %08" PRIx32 "%s", R(PC), !current ? "!" : "");
654 /* clear breakpoints/watchpoints and VCR*/
655 arm11_sc7_clear_vbw(arm11);
657 /* Set up breakpoints */
658 if (!debug_execution)
660 /* check if one matches PC and step over it if necessary */
662 struct breakpoint * bp;
664 for (bp = target->breakpoints; bp; bp = bp->next)
666 if (bp->address == R(PC))
668 LOG_DEBUG("must step over %08" PRIx32 "", bp->address);
669 arm11_step(target, 1, 0, 0);
674 /* set all breakpoints */
676 unsigned brp_num = 0;
678 for (bp = target->breakpoints; bp; bp = bp->next)
680 struct arm11_sc7_action brp[2];
683 brp[0].address = ARM11_SC7_BVR0 + brp_num;
684 brp[0].value = bp->address;
686 brp[1].address = ARM11_SC7_BCR0 + brp_num;
687 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
689 arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp));
691 LOG_DEBUG("Add BP %d at %08" PRIx32, brp_num,
697 arm11_sc7_set_vcr(arm11, arm11_vcr);
700 arm11_leave_debug_state(arm11);
702 arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
704 CHECK_RETVAL(jtag_execute_queue());
711 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
713 LOG_DEBUG("DSCR %08" PRIx32 "", dscr);
715 if (dscr & ARM11_DSCR_CORE_RESTARTED)
726 if ((timeval_ms()-then) > 1000)
728 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
735 if (!debug_execution)
737 target->state = TARGET_RUNNING;
738 target->debug_reason = DBG_REASON_NOTHALTED;
740 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
744 target->state = TARGET_DEBUG_RUNNING;
745 target->debug_reason = DBG_REASON_NOTHALTED;
747 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
754 static int armv4_5_to_arm11(int reg)
761 return ARM11_RC_CPSR;
763 /* FIX!!! handle thumb better! */
764 return ARM11_RC_CPSR;
766 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg);
772 static uint32_t arm11_sim_get_reg(struct arm_sim_interface *sim, int reg)
774 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
776 reg=armv4_5_to_arm11(reg);
778 return buf_get_u32(arm11->reg_list[reg].value, 0, 32);
781 static void arm11_sim_set_reg(struct arm_sim_interface *sim,
782 int reg, uint32_t value)
784 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
786 reg=armv4_5_to_arm11(reg);
788 buf_set_u32(arm11->reg_list[reg].value, 0, 32, value);
791 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface *sim,
794 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
796 return buf_get_u32(arm11->reg_list[ARM11_RC_CPSR].value, pos, bits);
799 static enum armv4_5_state arm11_sim_get_state(struct arm_sim_interface *sim)
801 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
803 /* FIX!!!! we should implement thumb for arm11 */
804 return ARMV4_5_STATE_ARM;
807 static void arm11_sim_set_state(struct arm_sim_interface *sim,
808 enum armv4_5_state mode)
810 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
812 /* FIX!!!! we should implement thumb for arm11 */
813 LOG_ERROR("Not implemented: %s", __func__);
817 static enum armv4_5_mode arm11_sim_get_mode(struct arm_sim_interface *sim)
819 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
821 /* FIX!!!! we should implement something that returns the current mode here!!! */
822 return ARMV4_5_MODE_USR;
825 static int arm11_simulate_step(struct target *target, uint32_t *dry_run_pc)
827 struct arm_sim_interface sim;
829 sim.user_data=target->arch_info;
830 sim.get_reg=&arm11_sim_get_reg;
831 sim.set_reg=&arm11_sim_set_reg;
832 sim.get_reg_mode=&arm11_sim_get_reg;
833 sim.set_reg_mode=&arm11_sim_set_reg;
834 sim.get_cpsr=&arm11_sim_get_cpsr;
835 sim.get_mode=&arm11_sim_get_mode;
836 sim.get_state=&arm11_sim_get_state;
837 sim.set_state=&arm11_sim_set_state;
839 return arm_simulate_step_core(target, dry_run_pc, &sim);
843 static int arm11_step(struct target *target, int current,
844 uint32_t address, int handle_breakpoints)
846 LOG_DEBUG("target->state: %s",
847 target_state_name(target));
849 if (target->state != TARGET_HALTED)
851 LOG_WARNING("target was not halted");
852 return ERROR_TARGET_NOT_HALTED;
855 struct arm11_common *arm11 = target_to_arm11(target);
860 LOG_DEBUG("STEP PC %08" PRIx32 "%s", R(PC), !current ? "!" : "");
863 /** \todo TODO: Thumb not supported here */
865 uint32_t next_instruction;
867 CHECK_RETVAL(arm11_read_memory_word(arm11, R(PC), &next_instruction));
870 if ((next_instruction & 0xFFF00070) == 0xe1200070)
873 arm11->reg_list[ARM11_RC_PC].valid = 1;
874 arm11->reg_list[ARM11_RC_PC].dirty = 0;
875 LOG_DEBUG("Skipping BKPT");
877 /* skip over Wait for interrupt / Standby */
878 /* mcr 15, 0, r?, cr7, cr0, {4} */
879 else if ((next_instruction & 0xFFFF0FFF) == 0xee070f90)
882 arm11->reg_list[ARM11_RC_PC].valid = 1;
883 arm11->reg_list[ARM11_RC_PC].dirty = 0;
884 LOG_DEBUG("Skipping WFI");
886 /* ignore B to self */
887 else if ((next_instruction & 0xFEFFFFFF) == 0xeafffffe)
889 LOG_DEBUG("Not stepping jump to self");
893 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
896 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
897 * the VCR might be something worth looking into. */
900 /* Set up breakpoint for stepping */
902 struct arm11_sc7_action brp[2];
905 brp[0].address = ARM11_SC7_BVR0;
907 brp[1].address = ARM11_SC7_BCR0;
909 if (arm11_config_hardware_step)
911 /* hardware single stepping be used if possible or is it better to
912 * always use the same code path? Hardware single stepping is not supported
915 brp[0].value = R(PC);
916 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
919 /* sets a breakpoint on the next PC(calculated by simulation),
923 retval = arm11_simulate_step(target, &next_pc);
924 if (retval != ERROR_OK)
927 brp[0].value = next_pc;
928 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
931 CHECK_RETVAL(arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp)));
936 if (arm11_config_step_irq_enable)
937 R(DSCR) &= ~ARM11_DSCR_INTERRUPTS_DISABLE; /* should be redundant */
939 R(DSCR) |= ARM11_DSCR_INTERRUPTS_DISABLE;
942 CHECK_RETVAL(arm11_leave_debug_state(arm11));
944 arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
946 CHECK_RETVAL(jtag_execute_queue());
954 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
956 LOG_DEBUG("DSCR %08" PRIx32 "e", dscr);
958 if ((dscr & (ARM11_DSCR_CORE_RESTARTED | ARM11_DSCR_CORE_HALTED)) ==
959 (ARM11_DSCR_CORE_RESTARTED | ARM11_DSCR_CORE_HALTED))
969 if ((timeval_ms()-then) > 1000)
971 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
978 /* clear breakpoint */
979 arm11_sc7_clear_vbw(arm11);
982 CHECK_RETVAL(arm11_on_enter_debug_state(arm11));
984 /* restore default state */
985 R(DSCR) &= ~ARM11_DSCR_INTERRUPTS_DISABLE;
989 // target->state = TARGET_HALTED;
990 target->debug_reason = DBG_REASON_SINGLESTEP;
992 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_HALTED));
997 static int arm11_assert_reset(struct target *target)
1000 struct arm11_common *arm11 = target_to_arm11(target);
1002 retval = arm11_check_init(arm11, NULL);
1003 if (retval != ERROR_OK)
1006 target->state = TARGET_UNKNOWN;
1008 /* we would very much like to reset into the halted, state,
1009 * but resetting and halting is second best... */
1010 if (target->reset_halt)
1012 CHECK_RETVAL(target_halt(target));
1016 /* srst is funny. We can not do *anything* else while it's asserted
1017 * and it has unkonwn side effects. Make sure no other code runs
1020 * Code below assumes srst:
1022 * - Causes power-on-reset (but of what parts of the system?). Bug
1025 * - Messes us TAP state without asserting trst.
1027 * - There is another bug in the arm11 core. When you generate an access to
1028 * external logic (for example ddr controller via AHB bus) and that block
1029 * is not configured (perhaps it is still held in reset), that transaction
1030 * will never complete. This will hang arm11 core but it will also hang
1031 * JTAG controller. Nothing, short of srst assertion will bring it out of
1036 * - What should the PC be after an srst reset when starting in the halted
1040 jtag_add_reset(0, 1);
1041 jtag_add_reset(0, 0);
1043 /* How long do we have to wait? */
1044 jtag_add_sleep(5000);
1046 /* un-mess up TAP state */
1049 retval = jtag_execute_queue();
1050 if (retval != ERROR_OK)
1058 static int arm11_deassert_reset(struct target *target)
1063 static int arm11_soft_reset_halt(struct target *target)
1065 LOG_WARNING("Not implemented: %s", __func__);
1070 /* target register access for gdb */
1071 static int arm11_get_gdb_reg_list(struct target *target,
1072 struct reg **reg_list[], int *reg_list_size)
1074 struct arm11_common *arm11 = target_to_arm11(target);
1076 *reg_list_size = ARM11_GDB_REGISTER_COUNT;
1077 *reg_list = malloc(sizeof(struct reg*) * ARM11_GDB_REGISTER_COUNT);
1079 /* nine unused legacy FPA registers are expected by GDB */
1080 for (size_t i = 16; i < 24; i++)
1081 (*reg_list)[i] = &arm_gdb_dummy_fp_reg;
1082 (*reg_list)[24] = &arm_gdb_dummy_fps_reg;
1084 for (size_t i = 0; i < ARM11_REGCACHE_COUNT; i++)
1086 if (arm11_reg_defs[i].gdb_num == -1)
1089 (*reg_list)[arm11_reg_defs[i].gdb_num] = arm11->reg_list + i;
1095 /* target memory access
1096 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1097 * count: number of items of <size>
1099 * arm11_config_memrw_no_increment - in the future we may want to be able
1100 * to read/write a range of data to a "port". a "port" is an action on
1101 * read memory address for some peripheral.
1103 static int arm11_read_memory_inner(struct target *target,
1104 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
1105 bool arm11_config_memrw_no_increment)
1107 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1110 if (target->state != TARGET_HALTED)
1112 LOG_WARNING("target was not halted");
1113 return ERROR_TARGET_NOT_HALTED;
1116 LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
1118 struct arm11_common *arm11 = target_to_arm11(target);
1120 retval = arm11_run_instr_data_prepare(arm11);
1121 if (retval != ERROR_OK)
1124 /* MRC p14,0,r0,c0,c5,0 */
1125 retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
1126 if (retval != ERROR_OK)
1132 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1133 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1135 for (size_t i = 0; i < count; i++)
1137 /* ldrb r1, [r0], #1 */
1139 arm11_run_instr_no_data1(arm11,
1140 !arm11_config_memrw_no_increment ? 0xe4d01001 : 0xe5d01000);
1143 /* MCR p14,0,R1,c0,c5,0 */
1144 arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
1153 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1155 for (size_t i = 0; i < count; i++)
1157 /* ldrh r1, [r0], #2 */
1158 arm11_run_instr_no_data1(arm11,
1159 !arm11_config_memrw_no_increment ? 0xe0d010b2 : 0xe1d010b0);
1163 /* MCR p14,0,R1,c0,c5,0 */
1164 arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
1166 uint16_t svalue = res;
1167 memcpy(buffer + i * sizeof(uint16_t), &svalue, sizeof(uint16_t));
1175 uint32_t instr = !arm11_config_memrw_no_increment ? 0xecb05e01 : 0xed905e00;
1176 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1177 uint32_t *words = (uint32_t *)buffer;
1179 /* LDC p14,c5,[R0],#4 */
1180 /* LDC p14,c5,[R0] */
1181 arm11_run_instr_data_from_core(arm11, instr, words, count);
1186 return arm11_run_instr_data_finish(arm11);
1189 static int arm11_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
1191 return arm11_read_memory_inner(target, address, size, count, buffer, false);
1195 * arm11_config_memrw_no_increment - in the future we may want to be able
1196 * to read/write a range of data to a "port". a "port" is an action on
1197 * read memory address for some peripheral.
1199 static int arm11_write_memory_inner(struct target *target,
1200 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
1201 bool arm11_config_memrw_no_increment)
1205 if (target->state != TARGET_HALTED)
1207 LOG_WARNING("target was not halted");
1208 return ERROR_TARGET_NOT_HALTED;
1211 LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
1213 struct arm11_common *arm11 = target_to_arm11(target);
1215 retval = arm11_run_instr_data_prepare(arm11);
1216 if (retval != ERROR_OK)
1219 /* MRC p14,0,r0,c0,c5,0 */
1220 retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
1221 if (retval != ERROR_OK)
1224 /* burst writes are not used for single words as those may well be
1225 * reset init script writes.
1227 * The other advantage is that as burst writes are default, we'll
1228 * now exercise both burst and non-burst code paths with the
1229 * default settings, increasing code coverage.
1231 bool burst = arm11_config_memwrite_burst && (count > 1);
1237 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1239 for (size_t i = 0; i < count; i++)
1241 /* MRC p14,0,r1,c0,c5,0 */
1242 retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, *buffer++);
1243 if (retval != ERROR_OK)
1246 /* strb r1, [r0], #1 */
1248 retval = arm11_run_instr_no_data1(arm11,
1249 !arm11_config_memrw_no_increment ? 0xe4c01001 : 0xe5c01000);
1250 if (retval != ERROR_OK)
1259 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1261 for (size_t i = 0; i < count; i++)
1264 memcpy(&value, buffer + i * sizeof(uint16_t), sizeof(uint16_t));
1266 /* MRC p14,0,r1,c0,c5,0 */
1267 retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, value);
1268 if (retval != ERROR_OK)
1271 /* strh r1, [r0], #2 */
1273 retval = arm11_run_instr_no_data1(arm11,
1274 !arm11_config_memrw_no_increment ? 0xe0c010b2 : 0xe1c010b0);
1275 if (retval != ERROR_OK)
1283 uint32_t instr = !arm11_config_memrw_no_increment ? 0xeca05e01 : 0xed805e00;
1285 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1286 uint32_t *words = (uint32_t*)buffer;
1290 /* STC p14,c5,[R0],#4 */
1291 /* STC p14,c5,[R0]*/
1292 retval = arm11_run_instr_data_to_core(arm11, instr, words, count);
1293 if (retval != ERROR_OK)
1298 /* STC p14,c5,[R0],#4 */
1299 /* STC p14,c5,[R0]*/
1300 retval = arm11_run_instr_data_to_core_noack(arm11, instr, words, count);
1301 if (retval != ERROR_OK)
1309 /* r0 verification */
1310 if (!arm11_config_memrw_no_increment)
1314 /* MCR p14,0,R0,c0,c5,0 */
1315 retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15, &r0, 1);
1316 if (retval != ERROR_OK)
1319 if (address + size * count != r0)
1321 LOG_ERROR("Data transfer failed. Expected end "
1322 "address 0x%08x, got 0x%08x",
1323 (unsigned) (address + size * count),
1327 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1329 if (arm11_config_memwrite_error_fatal)
1334 return arm11_run_instr_data_finish(arm11);
1337 static int arm11_write_memory(struct target *target,
1338 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
1340 return arm11_write_memory_inner(target, address, size, count, buffer, false);
1343 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1344 static int arm11_bulk_write_memory(struct target *target,
1345 uint32_t address, uint32_t count, uint8_t *buffer)
1347 if (target->state != TARGET_HALTED)
1349 LOG_WARNING("target was not halted");
1350 return ERROR_TARGET_NOT_HALTED;
1353 return arm11_write_memory(target, address, 4, count, buffer);
1356 /* target break-/watchpoint control
1357 * rw: 0 = write, 1 = read, 2 = access
1359 static int arm11_add_breakpoint(struct target *target,
1360 struct breakpoint *breakpoint)
1362 struct arm11_common *arm11 = target_to_arm11(target);
1365 if (breakpoint->type == BKPT_SOFT)
1367 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1368 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1372 if (!arm11->free_brps)
1374 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1375 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1378 if (breakpoint->length != 4)
1380 LOG_DEBUG("only breakpoints of four bytes length supported");
1381 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1389 static int arm11_remove_breakpoint(struct target *target,
1390 struct breakpoint *breakpoint)
1392 struct arm11_common *arm11 = target_to_arm11(target);
1399 static int arm11_add_watchpoint(struct target *target,
1400 struct watchpoint *watchpoint)
1402 LOG_WARNING("Not implemented: %s", __func__);
1407 static int arm11_remove_watchpoint(struct target *target,
1408 struct watchpoint *watchpoint)
1410 LOG_WARNING("Not implemented: %s", __func__);
1415 // HACKHACKHACK - FIXME mode/state
1416 /* target algorithm support */
1417 static int arm11_run_algorithm(struct target *target,
1418 int num_mem_params, struct mem_param *mem_params,
1419 int num_reg_params, struct reg_param *reg_params,
1420 uint32_t entry_point, uint32_t exit_point,
1421 int timeout_ms, void *arch_info)
1423 struct arm11_common *arm11 = target_to_arm11(target);
1424 // enum armv4_5_state core_state = arm11->core_state;
1425 // enum armv4_5_mode core_mode = arm11->core_mode;
1426 uint32_t context[16];
1428 int exit_breakpoint_size = 0;
1429 int retval = ERROR_OK;
1430 LOG_DEBUG("Running algorithm");
1433 if (target->state != TARGET_HALTED)
1435 LOG_WARNING("target not halted");
1436 return ERROR_TARGET_NOT_HALTED;
1440 // if (!is_arm_mode(arm11->core_mode))
1441 // return ERROR_FAIL;
1444 for (unsigned i = 0; i < 16; i++)
1446 context[i] = buf_get_u32((uint8_t*)(&arm11->reg_values[i]),0,32);
1447 LOG_DEBUG("Save %u: 0x%" PRIx32 "", i, context[i]);
1450 cpsr = buf_get_u32((uint8_t*)(arm11->reg_values + ARM11_RC_CPSR),0,32);
1451 LOG_DEBUG("Save CPSR: 0x%" PRIx32 "", cpsr);
1453 for (int i = 0; i < num_mem_params; i++)
1455 target_write_buffer(target, mem_params[i].address, mem_params[i].size, mem_params[i].value);
1458 // Set register parameters
1459 for (int i = 0; i < num_reg_params; i++)
1461 struct reg *reg = register_get_by_name(arm11->core_cache, reg_params[i].reg_name, 0);
1464 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1465 return ERROR_INVALID_ARGUMENTS;
1468 if (reg->size != reg_params[i].size)
1470 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params[i].reg_name);
1471 return ERROR_INVALID_ARGUMENTS;
1473 arm11_set_reg(reg,reg_params[i].value);
1474 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1477 exit_breakpoint_size = 4;
1479 /* arm11->core_state = arm11_algorithm_info->core_state;
1480 if (arm11->core_state == ARMV4_5_STATE_ARM)
1481 exit_breakpoint_size = 4;
1482 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1483 exit_breakpoint_size = 2;
1486 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1492 /* arm11 at this point only supports ARM not THUMB mode
1493 however if this test needs to be reactivated the current state can be read back
1496 if (arm11_algorithm_info->core_mode != ARMV4_5_MODE_ANY)
1498 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info->core_mode);
1499 buf_set_u32(arm11->reg_list[ARM11_RC_CPSR].value, 0, 5, arm11_algorithm_info->core_mode);
1500 arm11->reg_list[ARM11_RC_CPSR].dirty = 1;
1501 arm11->reg_list[ARM11_RC_CPSR].valid = 1;
1505 if ((retval = breakpoint_add(target, exit_point, exit_breakpoint_size, BKPT_HARD)) != ERROR_OK)
1507 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1508 retval = ERROR_TARGET_FAILURE;
1512 // no debug, otherwise breakpoint is not set
1513 CHECK_RETVAL(target_resume(target, 0, entry_point, 1, 0));
1515 CHECK_RETVAL(target_wait_state(target, TARGET_HALTED, timeout_ms));
1517 if (target->state != TARGET_HALTED)
1519 CHECK_RETVAL(target_halt(target));
1521 CHECK_RETVAL(target_wait_state(target, TARGET_HALTED, 500));
1523 retval = ERROR_TARGET_TIMEOUT;
1525 goto del_breakpoint;
1528 if (buf_get_u32(arm11->reg_list[15].value, 0, 32) != exit_point)
1530 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32 "",
1531 buf_get_u32(arm11->reg_list[15].value, 0, 32));
1532 retval = ERROR_TARGET_TIMEOUT;
1533 goto del_breakpoint;
1536 for (int i = 0; i < num_mem_params; i++)
1538 if (mem_params[i].direction != PARAM_OUT)
1539 target_read_buffer(target, mem_params[i].address, mem_params[i].size, mem_params[i].value);
1542 for (int i = 0; i < num_reg_params; i++)
1544 if (reg_params[i].direction != PARAM_OUT)
1546 struct reg *reg = register_get_by_name(arm11->core_cache, reg_params[i].reg_name, 0);
1549 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1550 retval = ERROR_INVALID_ARGUMENTS;
1551 goto del_breakpoint;
1554 if (reg->size != reg_params[i].size)
1556 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params[i].reg_name);
1557 retval = ERROR_INVALID_ARGUMENTS;
1558 goto del_breakpoint;
1561 buf_set_u32(reg_params[i].value, 0, 32, buf_get_u32(reg->value, 0, 32));
1566 breakpoint_remove(target, exit_point);
1570 for (size_t i = 0; i < 16; i++)
1572 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32 "",
1573 arm11->reg_list[i].name, context[i]);
1574 arm11_set_reg(&arm11->reg_list[i], (uint8_t*)&context[i]);
1576 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32 "", cpsr);
1577 arm11_set_reg(&arm11->reg_list[ARM11_RC_CPSR], (uint8_t*)&cpsr);
1579 // arm11->core_state = core_state;
1580 // arm11->core_mode = core_mode;
1585 static int arm11_target_create(struct target *target, Jim_Interp *interp)
1587 struct arm11_common *arm11;
1589 if (target->tap == NULL)
1592 if (target->tap->ir_length != 5)
1594 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1595 return ERROR_COMMAND_SYNTAX_ERROR;
1598 arm11 = calloc(1, sizeof *arm11);
1602 armv4_5_init_arch_info(target, &arm11->arm);
1604 arm11->target = target;
1606 arm11->jtag_info.tap = target->tap;
1607 arm11->jtag_info.scann_size = 5;
1608 arm11->jtag_info.scann_instr = ARM11_SCAN_N;
1609 /* cur_scan_chain == 0 */
1610 arm11->jtag_info.intest_instr = ARM11_INTEST;
1615 static int arm11_init_target(struct command_context *cmd_ctx,
1616 struct target *target)
1618 /* Initialize anything we can set up without talking to the target */
1620 /* FIXME Switch to use the standard build_reg_cache() not custom
1621 * code. Do it from examine(), after we check whether we're
1622 * an arm1176 and thus support the Secure Monitor mode.
1624 return arm11_build_reg_cache(target);
1627 /* talk to the target and set things up */
1628 static int arm11_examine(struct target *target)
1632 struct arm11_common *arm11 = target_to_arm11(target);
1633 uint32_t didr, device_id;
1634 uint8_t implementor;
1638 arm11_add_IR(arm11, ARM11_IDCODE, ARM11_TAP_DEFAULT);
1640 struct scan_field idcode_field;
1642 arm11_setup_field(arm11, 32, NULL, &device_id, &idcode_field);
1644 arm11_add_dr_scan_vc(1, &idcode_field, TAP_DRPAUSE);
1648 arm11_add_debug_SCAN_N(arm11, 0x00, ARM11_TAP_DEFAULT);
1650 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
1652 struct scan_field chain0_fields[2];
1654 arm11_setup_field(arm11, 32, NULL, &didr, chain0_fields + 0);
1655 arm11_setup_field(arm11, 8, NULL, &implementor, chain0_fields + 1);
1657 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields), chain0_fields, TAP_IDLE);
1659 CHECK_RETVAL(jtag_execute_queue());
1661 switch (device_id & 0x0FFFF000)
1670 arm11->arm.core_type = ARM_MODE_MON;
1674 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1677 LOG_INFO("found %s", type);
1679 /* unlikely this could ever fail, but ... */
1680 switch ((didr >> 16) & 0x0F) {
1681 case ARM11_DEBUG_V6:
1682 case ARM11_DEBUG_V61: /* supports security extensions */
1685 LOG_ERROR("Only ARM v6 and v6.1 debug supported.");
1689 arm11->brp = ((didr >> 24) & 0x0F) + 1;
1690 arm11->wrp = ((didr >> 28) & 0x0F) + 1;
1692 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1693 arm11->free_brps = arm11->brp;
1694 arm11->free_wrps = arm11->wrp;
1696 LOG_DEBUG("IDCODE %08" PRIx32 " IMPLEMENTOR %02x DIDR %08" PRIx32,
1697 device_id, implementor, didr);
1699 /* as a side-effect this reads DSCR and thus
1700 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1701 * as suggested by the spec.
1704 retval = arm11_check_init(arm11, NULL);
1705 if (retval != ERROR_OK)
1708 /* ETM on ARM11 still uses original scanchain 6 access mode */
1709 if (arm11->arm.etm && !target_was_examined(target)) {
1710 *register_get_last_cache_p(&target->reg_cache) =
1711 etm_build_reg_cache(target, &arm11->jtag_info,
1713 retval = etm_setup(target);
1716 target_set_examined(target);
1722 /** Load a register that is marked !valid in the register cache */
1723 static int arm11_get_reg(struct reg *reg)
1725 struct target * target = ((struct arm11_reg_state *)reg->arch_info)->target;
1727 if (target->state != TARGET_HALTED)
1729 LOG_WARNING("target was not halted");
1730 return ERROR_TARGET_NOT_HALTED;
1733 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1736 struct arm11_common *arm11 = target_to_arm11(target);
1737 const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1743 /** Change a value in the register cache */
1744 static int arm11_set_reg(struct reg *reg, uint8_t *buf)
1746 struct target *target = ((struct arm11_reg_state *)reg->arch_info)->target;
1747 struct arm11_common *arm11 = target_to_arm11(target);
1748 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1750 arm11->reg_values[((struct arm11_reg_state *)reg->arch_info)->def_index] = buf_get_u32(buf, 0, 32);
1757 static const struct reg_arch_type arm11_reg_type = {
1758 .get = arm11_get_reg,
1759 .set = arm11_set_reg,
1762 static int arm11_build_reg_cache(struct target *target)
1764 struct arm11_common *arm11 = target_to_arm11(target);
1765 struct reg_cache *cache;
1766 struct reg *reg_list;
1767 struct arm11_reg_state *arm11_reg_states;
1769 cache = calloc(1, sizeof *cache);
1770 reg_list = calloc(ARM11_REGCACHE_COUNT, sizeof *reg_list);
1771 arm11_reg_states = calloc(ARM11_REGCACHE_COUNT,
1772 sizeof *arm11_reg_states);
1773 if (!cache || !reg_list || !arm11_reg_states) {
1776 free(arm11_reg_states);
1780 arm11->reg_list = reg_list;
1782 /* Build the process context cache */
1783 cache->name = "arm11 registers";
1785 cache->reg_list = reg_list;
1786 cache->num_regs = ARM11_REGCACHE_COUNT;
1788 struct reg_cache **cache_p = register_get_last_cache_p(&target->reg_cache);
1791 arm11->core_cache = cache;
1792 // armv7m->process_context = cache;
1796 /* Not very elegant assertion */
1797 if (ARM11_REGCACHE_COUNT != ARRAY_SIZE(arm11->reg_values) ||
1798 ARM11_REGCACHE_COUNT != ARRAY_SIZE(arm11_reg_defs) ||
1799 ARM11_REGCACHE_COUNT != ARM11_RC_MAX)
1801 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d %u %u %d)",
1802 ARM11_REGCACHE_COUNT,
1803 (unsigned) ARRAY_SIZE(arm11->reg_values),
1804 (unsigned) ARRAY_SIZE(arm11_reg_defs),
1806 /* FIXME minimally, use a build_bug_on(X) mechanism;
1807 * runtime exit() here is bad!
1812 for (i = 0; i < ARM11_REGCACHE_COUNT; i++)
1814 struct reg * r = reg_list + i;
1815 const struct arm11_reg_defs * rd = arm11_reg_defs + i;
1816 struct arm11_reg_state * rs = arm11_reg_states + i;
1820 r->value = (uint8_t *)(arm11->reg_values + i);
1823 r->type = &arm11_reg_type;
1827 rs->target = target;
1833 #define ARM11_BOOL_WRAPPER(name, print_name) \
1834 COMMAND_HANDLER(arm11_handle_bool_##name) \
1836 return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
1837 &arm11_config_##name, print_name); \
1840 ARM11_BOOL_WRAPPER(memwrite_burst, "memory write burst mode")
1841 ARM11_BOOL_WRAPPER(memwrite_error_fatal, "fatal error mode for memory writes")
1842 ARM11_BOOL_WRAPPER(step_irq_enable, "IRQs while stepping")
1843 ARM11_BOOL_WRAPPER(hardware_step, "hardware single step")
1845 COMMAND_HANDLER(arm11_handle_vcr)
1851 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], arm11_vcr);
1854 return ERROR_COMMAND_SYNTAX_ERROR;
1857 LOG_INFO("VCR 0x%08" PRIx32 "", arm11_vcr);
1861 static const uint32_t arm11_coproc_instruction_limits[] =
1863 15, /* coprocessor */
1868 0xFFFFFFFF, /* value */
1871 static int arm11_mrc_inner(struct target *target, int cpnum,
1872 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm,
1873 uint32_t *value, bool read)
1876 struct arm11_common *arm11 = target_to_arm11(target);
1878 if (target->state != TARGET_HALTED)
1880 LOG_ERROR("Target not halted");
1884 uint32_t instr = 0xEE000010 |
1892 instr |= 0x00100000;
1894 retval = arm11_run_instr_data_prepare(arm11);
1895 if (retval != ERROR_OK)
1900 retval = arm11_run_instr_data_from_core_via_r0(arm11, instr, value);
1901 if (retval != ERROR_OK)
1906 retval = arm11_run_instr_data_to_core_via_r0(arm11, instr, *value);
1907 if (retval != ERROR_OK)
1911 return arm11_run_instr_data_finish(arm11);
1914 static int arm11_mrc(struct target *target, int cpnum,
1915 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
1917 return arm11_mrc_inner(target, cpnum, op1, op2, CRn, CRm, value, true);
1920 static int arm11_mcr(struct target *target, int cpnum,
1921 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
1923 return arm11_mrc_inner(target, cpnum, op1, op2, CRn, CRm, &value, false);
1926 static int arm11_register_commands(struct command_context *cmd_ctx)
1928 struct command *top_cmd, *mw_cmd;
1930 armv4_5_register_commands(cmd_ctx);
1932 top_cmd = register_command(cmd_ctx, NULL, "arm11",
1933 NULL, COMMAND_ANY, NULL);
1935 /* "hardware_step" is only here to check if the default
1936 * simulate + breakpoint implementation is broken.
1937 * TEMPORARY! NOT DOCUMENTED!
1939 register_command(cmd_ctx, top_cmd, "hardware_step",
1940 arm11_handle_bool_hardware_step, COMMAND_ANY,
1941 "DEBUG ONLY - Hardware single stepping"
1942 " (default: disabled)");
1944 mw_cmd = register_command(cmd_ctx, top_cmd, "memwrite",
1945 NULL, COMMAND_ANY, NULL);
1946 register_command(cmd_ctx, mw_cmd, "burst",
1947 arm11_handle_bool_memwrite_burst, COMMAND_ANY,
1948 "Enable/Disable non-standard but fast burst mode"
1949 " (default: enabled)");
1950 register_command(cmd_ctx, mw_cmd, "error_fatal",
1951 arm11_handle_bool_memwrite_error_fatal, COMMAND_ANY,
1952 "Terminate program if transfer error was found"
1953 " (default: enabled)");
1955 register_command(cmd_ctx, top_cmd, "step_irq_enable",
1956 arm11_handle_bool_step_irq_enable, COMMAND_ANY,
1957 "Enable interrupts while stepping"
1958 " (default: disabled)");
1959 register_command(cmd_ctx, top_cmd, "vcr",
1960 arm11_handle_vcr, COMMAND_ANY,
1961 "Control (Interrupt) Vector Catch Register");
1963 return etm_register_commands(cmd_ctx);
1966 /** Holds methods for ARM11xx targets. */
1967 struct target_type arm11_target = {
1971 .arch_state = arm11_arch_state,
1973 .target_request_data = arm11_target_request_data,
1976 .resume = arm11_resume,
1979 .assert_reset = arm11_assert_reset,
1980 .deassert_reset = arm11_deassert_reset,
1981 .soft_reset_halt = arm11_soft_reset_halt,
1983 .get_gdb_reg_list = arm11_get_gdb_reg_list,
1985 .read_memory = arm11_read_memory,
1986 .write_memory = arm11_write_memory,
1988 .bulk_write_memory = arm11_bulk_write_memory,
1990 .checksum_memory = arm_checksum_memory,
1991 .blank_check_memory = arm_blank_check_memory,
1993 .add_breakpoint = arm11_add_breakpoint,
1994 .remove_breakpoint = arm11_remove_breakpoint,
1995 .add_watchpoint = arm11_add_watchpoint,
1996 .remove_watchpoint = arm11_remove_watchpoint,
1998 .run_algorithm = arm11_run_algorithm,
2000 .register_commands = arm11_register_commands,
2001 .target_create = arm11_target_create,
2002 .init_target = arm11_init_target,
2003 .examine = arm11_examine,
projects / fw / openocd / blob