1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
9 * This program is free software; you can redistribute it and/or modify *
10 * it under the terms of the GNU General Public License as published by *
11 * the Free Software Foundation; either version 2 of the License, or *
12 * (at your option) any later version. *
14 * This program is distributed in the hope that it will be useful, *
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
17 * GNU General Public License for more details. *
19 * You should have received a copy of the GNU General Public License *
20 * along with this program; if not, write to the *
21 * Free Software Foundation, Inc., *
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
23 ***************************************************************************/
30 #include "breakpoints.h"
31 #include "arm11_dbgtap.h"
32 #include "arm_simulator.h"
33 #include "time_support.h"
34 #include "target_type.h"
35 #include "algorithm.h"
40 #define _DEBUG_INSTRUCTION_EXECUTION_
44 #define FNC_INFO LOG_DEBUG("-")
50 #define FNC_INFO_NOTIMPLEMENTED do { LOG_DEBUG("NOT IMPLEMENTED"); /*exit(-1);*/ } while (0)
52 #define FNC_INFO_NOTIMPLEMENTED
55 static bool arm11_config_memwrite_burst = true;
56 static bool arm11_config_memwrite_error_fatal = true;
57 static uint32_t arm11_vcr = 0;
58 static bool arm11_config_step_irq_enable = false;
59 static bool arm11_config_hardware_step = false;
76 ARM11_REGISTER_SPSR_FIQ,
77 ARM11_REGISTER_SPSR_SVC,
78 ARM11_REGISTER_SPSR_ABT,
79 ARM11_REGISTER_SPSR_IRQ,
80 ARM11_REGISTER_SPSR_UND,
81 ARM11_REGISTER_SPSR_MON,
95 enum arm11_regtype type;
98 /* update arm11_regcache_ids when changing this */
99 static const struct arm11_reg_defs arm11_reg_defs[] =
101 {"r0", 0, 0, ARM11_REGISTER_CORE},
102 {"r1", 1, 1, ARM11_REGISTER_CORE},
103 {"r2", 2, 2, ARM11_REGISTER_CORE},
104 {"r3", 3, 3, ARM11_REGISTER_CORE},
105 {"r4", 4, 4, ARM11_REGISTER_CORE},
106 {"r5", 5, 5, ARM11_REGISTER_CORE},
107 {"r6", 6, 6, ARM11_REGISTER_CORE},
108 {"r7", 7, 7, ARM11_REGISTER_CORE},
109 {"r8", 8, 8, ARM11_REGISTER_CORE},
110 {"r9", 9, 9, ARM11_REGISTER_CORE},
111 {"r10", 10, 10, ARM11_REGISTER_CORE},
112 {"r11", 11, 11, ARM11_REGISTER_CORE},
113 {"r12", 12, 12, ARM11_REGISTER_CORE},
114 {"sp", 13, 13, ARM11_REGISTER_CORE},
115 {"lr", 14, 14, ARM11_REGISTER_CORE},
116 {"pc", 15, 15, ARM11_REGISTER_CORE},
118 {"cpsr", 0, 25, ARM11_REGISTER_CPSR},
120 /* Debug Registers */
121 {"dscr", 0, -1, ARM11_REGISTER_DSCR},
122 {"wdtr", 0, -1, ARM11_REGISTER_WDTR},
123 {"rdtr", 0, -1, ARM11_REGISTER_RDTR},
126 enum arm11_regcache_ids
129 ARM11_RC_RX = ARM11_RC_R0,
144 ARM11_RC_SP = ARM11_RC_R13,
146 ARM11_RC_LR = ARM11_RC_R14,
148 ARM11_RC_PC = ARM11_RC_R15,
159 /* GDB expects ARMs to give R0..R15, CPSR, and 7 FPA dummies */
160 #define ARM11_GDB_REGISTER_COUNT 26
162 static int arm11_on_enter_debug_state(struct arm11_common *arm11);
163 static int arm11_step(struct target *target, int current,
164 uint32_t address, int handle_breakpoints);
166 static int arm11_build_reg_cache(struct target *target);
167 static int arm11_set_reg(struct reg *reg, uint8_t *buf);
168 static int arm11_get_reg(struct reg *reg);
170 static void arm11_record_register_history(struct arm11_common * arm11);
171 static void arm11_dump_reg_changes(struct arm11_common * arm11);
174 /** Check and if necessary take control of the system
176 * \param arm11 Target state variable.
177 * \param dscr If the current DSCR content is
178 * available a pointer to a word holding the
179 * DSCR can be passed. Otherwise use NULL.
181 static int arm11_check_init(struct arm11_common *arm11, uint32_t *dscr)
185 uint32_t dscr_local_tmp_copy;
189 dscr = &dscr_local_tmp_copy;
191 CHECK_RETVAL(arm11_read_DSCR(arm11, dscr));
194 if (!(*dscr & ARM11_DSCR_MODE_SELECT))
196 LOG_DEBUG("Bringing target into debug mode");
198 *dscr |= ARM11_DSCR_MODE_SELECT; /* Halt debug-mode */
199 arm11_write_DSCR(arm11, *dscr);
201 /* add further reset initialization here */
203 arm11->simulate_reset_on_next_halt = true;
205 if (*dscr & ARM11_DSCR_CORE_HALTED)
207 /** \todo TODO: this needs further scrutiny because
208 * arm11_on_enter_debug_state() never gets properly called.
209 * As a result we don't read the actual register states from
213 arm11->target->state = TARGET_HALTED;
214 arm11->target->debug_reason = arm11_get_DSCR_debug_reason(*dscr);
218 arm11->target->state = TARGET_RUNNING;
219 arm11->target->debug_reason = DBG_REASON_NOTHALTED;
222 arm11_sc7_clear_vbw(arm11);
231 (arm11->reg_values[ARM11_RC_##x])
233 /** Save processor state.
235 * This is called when the HALT instruction has succeeded
236 * or on other occasions that stop the processor.
239 static int arm11_on_enter_debug_state(struct arm11_common *arm11)
244 for (size_t i = 0; i < ARRAY_SIZE(arm11->reg_values); i++)
246 arm11->reg_list[i].valid = 1;
247 arm11->reg_list[i].dirty = 0;
251 CHECK_RETVAL(arm11_read_DSCR(arm11, &R(DSCR)));
255 if (R(DSCR) & ARM11_DSCR_WDTR_FULL)
257 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
259 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
261 struct scan_field chain5_fields[3];
263 arm11_setup_field(arm11, 32, NULL, &R(WDTR), chain5_fields + 0);
264 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 1);
265 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
267 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
271 arm11->reg_list[ARM11_RC_WDTR].valid = 0;
275 /* DSCR: set ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE */
276 /* ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode", but not to issue ITRs
277 ARM1136 seems to require this to issue ITR's as well */
279 uint32_t new_dscr = R(DSCR) | ARM11_DSCR_EXECUTE_ARM_INSTRUCTION_ENABLE;
281 /* this executes JTAG queue: */
283 arm11_write_DSCR(arm11, new_dscr);
287 Before executing any instruction in debug state you have to drain the write buffer.
288 This ensures that no imprecise Data Aborts can return at a later point:*/
290 /** \todo TODO: Test drain write buffer. */
295 /* MRC p14,0,R0,c5,c10,0 */
296 // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
298 /* mcr 15, 0, r0, cr7, cr10, {4} */
299 arm11_run_instr_no_data1(arm11, 0xee070f9a);
301 uint32_t dscr = arm11_read_DSCR(arm11);
303 LOG_DEBUG("DRAIN, DSCR %08x", dscr);
305 if (dscr & ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT)
307 arm11_run_instr_no_data1(arm11, 0xe320f000);
309 dscr = arm11_read_DSCR(arm11);
311 LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr);
318 retval = arm11_run_instr_data_prepare(arm11);
319 if (retval != ERROR_OK)
324 /** \todo TODO: handle other mode registers */
326 for (size_t i = 0; i < 15; i++)
328 /* MCR p14,0,R?,c0,c5,0 */
329 retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15 | (i << 12), &R(RX + i), 1);
330 if (retval != ERROR_OK)
336 /* check rDTRfull in DSCR */
338 if (R(DSCR) & ARM11_DSCR_RDTR_FULL)
340 /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
341 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xEE100E15, &R(RDTR));
342 if (retval != ERROR_OK)
347 arm11->reg_list[ARM11_RC_RDTR].valid = 0;
352 /* MRS r0,CPSR (move CPSR -> r0 (-> wDTR -> local var)) */
353 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xE10F0000, &R(CPSR));
354 if (retval != ERROR_OK)
359 /* MOV R0,PC (move PC -> r0 (-> wDTR -> local var)) */
360 retval = arm11_run_instr_data_from_core_via_r0(arm11, 0xE1A0000F, &R(PC));
361 if (retval != ERROR_OK)
364 /* adjust PC depending on ARM state */
366 if (R(CPSR) & ARM11_CPSR_J) /* Java state */
368 arm11->reg_values[ARM11_RC_PC] -= 0;
370 else if (R(CPSR) & ARM11_CPSR_T) /* Thumb state */
372 arm11->reg_values[ARM11_RC_PC] -= 4;
376 arm11->reg_values[ARM11_RC_PC] -= 8;
379 if (arm11->simulate_reset_on_next_halt)
381 arm11->simulate_reset_on_next_halt = false;
383 LOG_DEBUG("Reset c1 Control Register");
385 /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
387 /* MCR p15,0,R0,c1,c0,0 */
388 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee010f10, 0);
389 if (retval != ERROR_OK)
394 retval = arm11_run_instr_data_finish(arm11);
395 if (retval != ERROR_OK)
398 arm11_dump_reg_changes(arm11);
403 void arm11_dump_reg_changes(struct arm11_common * arm11)
406 if (!(debug_level >= LOG_LVL_DEBUG))
411 for (size_t i = 0; i < ARM11_REGCACHE_COUNT; i++)
413 if (!arm11->reg_list[i].valid)
415 if (arm11->reg_history[i].valid)
416 LOG_DEBUG("%8s INVALID (%08" PRIx32 ")", arm11_reg_defs[i].name, arm11->reg_history[i].value);
420 if (arm11->reg_history[i].valid)
422 if (arm11->reg_history[i].value != arm11->reg_values[i])
423 LOG_DEBUG("%8s %08" PRIx32 " (%08" PRIx32 ")", arm11_reg_defs[i].name, arm11->reg_values[i], arm11->reg_history[i].value);
427 LOG_DEBUG("%8s %08" PRIx32 " (INVALID)", arm11_reg_defs[i].name, arm11->reg_values[i]);
433 /** Restore processor state
435 * This is called in preparation for the RESTART function.
438 static int arm11_leave_debug_state(struct arm11_common *arm11)
443 retval = arm11_run_instr_data_prepare(arm11);
444 if (retval != ERROR_OK)
447 /** \todo TODO: handle other mode registers */
449 /* restore R1 - R14 */
451 for (unsigned i = 1; i < 15; i++)
453 if (!arm11->reg_list[ARM11_RC_RX + i].dirty)
456 /* MRC p14,0,r?,c0,c5,0 */
457 arm11_run_instr_data_to_core1(arm11,
458 0xee100e15 | (i << 12), R(RX + i));
460 // LOG_DEBUG("RESTORE R%u %08x", i, R(RX + i));
463 retval = arm11_run_instr_data_finish(arm11);
464 if (retval != ERROR_OK)
467 /* spec says clear wDTR and rDTR; we assume they are clear as
468 otherwise our programming would be sloppy */
472 CHECK_RETVAL(arm11_read_DSCR(arm11, &DSCR));
474 if (DSCR & (ARM11_DSCR_RDTR_FULL | ARM11_DSCR_WDTR_FULL))
477 The wDTR/rDTR two registers that are used to send/receive data to/from
478 the core in tandem with corresponding instruction codes that are
479 written into the core. The RDTR FULL/WDTR FULL flag indicates that the
480 registers hold data that was written by one side (CPU or JTAG) and not
481 read out by the other side.
483 LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08" PRIx32 ")", DSCR);
488 retval = arm11_run_instr_data_prepare(arm11);
489 if (retval != ERROR_OK)
492 /* restore original wDTR */
494 if ((R(DSCR) & ARM11_DSCR_WDTR_FULL) || arm11->reg_list[ARM11_RC_WDTR].dirty)
496 /* MCR p14,0,R0,c0,c5,0 */
497 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee000e15, R(WDTR));
498 if (retval != ERROR_OK)
505 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xe129f000, R(CPSR));
506 if (retval != ERROR_OK)
513 retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xe1a0f000, R(PC));
514 if (retval != ERROR_OK)
520 /* MRC p14,0,r0,c0,c5,0 */
521 arm11_run_instr_data_to_core1(arm11, 0xee100e15, R(R0));
523 retval = arm11_run_instr_data_finish(arm11);
524 if (retval != ERROR_OK)
529 arm11_write_DSCR(arm11, R(DSCR));
533 if (R(DSCR) & ARM11_DSCR_RDTR_FULL || arm11->reg_list[ARM11_RC_RDTR].dirty)
535 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
537 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
539 struct scan_field chain5_fields[3];
541 uint8_t Ready = 0; /* ignored */
542 uint8_t Valid = 0; /* ignored */
544 arm11_setup_field(arm11, 32, &R(RDTR), NULL, chain5_fields + 0);
545 arm11_setup_field(arm11, 1, &Ready, NULL, chain5_fields + 1);
546 arm11_setup_field(arm11, 1, &Valid, NULL, chain5_fields + 2);
548 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
551 arm11_record_register_history(arm11);
556 static void arm11_record_register_history(struct arm11_common *arm11)
558 for (size_t i = 0; i < ARM11_REGCACHE_COUNT; i++)
560 arm11->reg_history[i].value = arm11->reg_values[i];
561 arm11->reg_history[i].valid = arm11->reg_list[i].valid;
563 arm11->reg_list[i].valid = 0;
564 arm11->reg_list[i].dirty = 0;
569 /* poll current target status */
570 static int arm11_poll(struct target *target)
574 struct arm11_common *arm11 = target_to_arm11(target);
577 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
579 LOG_DEBUG("DSCR %08" PRIx32 "", dscr);
581 CHECK_RETVAL(arm11_check_init(arm11, &dscr));
583 if (dscr & ARM11_DSCR_CORE_HALTED)
585 if (target->state != TARGET_HALTED)
587 enum target_state old_state = target->state;
589 LOG_DEBUG("enter TARGET_HALTED");
590 target->state = TARGET_HALTED;
591 target->debug_reason = arm11_get_DSCR_debug_reason(dscr);
592 retval = arm11_on_enter_debug_state(arm11);
593 if (retval != ERROR_OK)
596 target_call_event_callbacks(target,
597 old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED);
602 if (target->state != TARGET_RUNNING && target->state != TARGET_DEBUG_RUNNING)
604 LOG_DEBUG("enter TARGET_RUNNING");
605 target->state = TARGET_RUNNING;
606 target->debug_reason = DBG_REASON_NOTHALTED;
612 /* architecture specific status reply */
613 static int arm11_arch_state(struct target *target)
615 struct arm11_common *arm11 = target_to_arm11(target);
617 LOG_USER("target halted due to %s\ncpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "",
618 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
625 /* target request support */
626 static int arm11_target_request_data(struct target *target,
627 uint32_t size, uint8_t *buffer)
629 FNC_INFO_NOTIMPLEMENTED;
634 /* target execution control */
635 static int arm11_halt(struct target *target)
638 struct arm11_common *arm11 = target_to_arm11(target);
640 LOG_DEBUG("target->state: %s",
641 target_state_name(target));
643 if (target->state == TARGET_UNKNOWN)
645 arm11->simulate_reset_on_next_halt = true;
648 if (target->state == TARGET_HALTED)
650 LOG_DEBUG("target was already halted");
654 arm11_add_IR(arm11, ARM11_HALT, TAP_IDLE);
656 CHECK_RETVAL(jtag_execute_queue());
663 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
665 if (dscr & ARM11_DSCR_CORE_HALTED)
676 if ((timeval_ms()-then) > 1000)
678 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
685 arm11_on_enter_debug_state(arm11);
687 enum target_state old_state = target->state;
689 target->state = TARGET_HALTED;
690 target->debug_reason = arm11_get_DSCR_debug_reason(dscr);
693 target_call_event_callbacks(target,
694 old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED));
699 static int arm11_resume(struct target *target, int current,
700 uint32_t address, int handle_breakpoints, int debug_execution)
704 // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
705 // current, address, handle_breakpoints, debug_execution);
707 struct arm11_common *arm11 = target_to_arm11(target);
709 LOG_DEBUG("target->state: %s",
710 target_state_name(target));
713 if (target->state != TARGET_HALTED)
715 LOG_ERROR("Target not halted");
716 return ERROR_TARGET_NOT_HALTED;
722 LOG_DEBUG("RESUME PC %08" PRIx32 "%s", R(PC), !current ? "!" : "");
724 /* clear breakpoints/watchpoints and VCR*/
725 arm11_sc7_clear_vbw(arm11);
727 /* Set up breakpoints */
728 if (!debug_execution)
730 /* check if one matches PC and step over it if necessary */
732 struct breakpoint * bp;
734 for (bp = target->breakpoints; bp; bp = bp->next)
736 if (bp->address == R(PC))
738 LOG_DEBUG("must step over %08" PRIx32 "", bp->address);
739 arm11_step(target, 1, 0, 0);
744 /* set all breakpoints */
746 unsigned brp_num = 0;
748 for (bp = target->breakpoints; bp; bp = bp->next)
750 struct arm11_sc7_action brp[2];
753 brp[0].address = ARM11_SC7_BVR0 + brp_num;
754 brp[0].value = bp->address;
756 brp[1].address = ARM11_SC7_BCR0 + brp_num;
757 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
759 arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp));
761 LOG_DEBUG("Add BP %d at %08" PRIx32, brp_num,
767 arm11_sc7_set_vcr(arm11, arm11_vcr);
770 arm11_leave_debug_state(arm11);
772 arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
774 CHECK_RETVAL(jtag_execute_queue());
781 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
783 LOG_DEBUG("DSCR %08" PRIx32 "", dscr);
785 if (dscr & ARM11_DSCR_CORE_RESTARTED)
796 if ((timeval_ms()-then) > 1000)
798 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
805 if (!debug_execution)
807 target->state = TARGET_RUNNING;
808 target->debug_reason = DBG_REASON_NOTHALTED;
810 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
814 target->state = TARGET_DEBUG_RUNNING;
815 target->debug_reason = DBG_REASON_NOTHALTED;
817 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
824 static int armv4_5_to_arm11(int reg)
831 return ARM11_RC_CPSR;
833 /* FIX!!! handle thumb better! */
834 return ARM11_RC_CPSR;
836 LOG_ERROR("BUG: register translation from armv4_5 to arm11 not supported %d", reg);
842 static uint32_t arm11_sim_get_reg(struct arm_sim_interface *sim, int reg)
844 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
846 reg=armv4_5_to_arm11(reg);
848 return buf_get_u32(arm11->reg_list[reg].value, 0, 32);
851 static void arm11_sim_set_reg(struct arm_sim_interface *sim,
852 int reg, uint32_t value)
854 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
856 reg=armv4_5_to_arm11(reg);
858 buf_set_u32(arm11->reg_list[reg].value, 0, 32, value);
861 static uint32_t arm11_sim_get_cpsr(struct arm_sim_interface *sim,
864 struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
866 return buf_get_u32(arm11->reg_list[ARM11_RC_CPSR].value, pos, bits);
869 static enum armv4_5_state arm11_sim_get_state(struct arm_sim_interface *sim)
871 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
873 /* FIX!!!! we should implement thumb for arm11 */
874 return ARMV4_5_STATE_ARM;
877 static void arm11_sim_set_state(struct arm_sim_interface *sim,
878 enum armv4_5_state mode)
880 // struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
882 /* FIX!!!! we should implement thumb for arm11 */
883 LOG_ERROR("Not implemetned!");
887 static enum armv4_5_mode arm11_sim_get_mode(struct arm_sim_interface *sim)
889 //struct arm11_common * arm11 = (struct arm11_common *)sim->user_data;
891 /* FIX!!!! we should implement something that returns the current mode here!!! */
892 return ARMV4_5_MODE_USR;
895 static int arm11_simulate_step(struct target *target, uint32_t *dry_run_pc)
897 struct arm_sim_interface sim;
899 sim.user_data=target->arch_info;
900 sim.get_reg=&arm11_sim_get_reg;
901 sim.set_reg=&arm11_sim_set_reg;
902 sim.get_reg_mode=&arm11_sim_get_reg;
903 sim.set_reg_mode=&arm11_sim_set_reg;
904 sim.get_cpsr=&arm11_sim_get_cpsr;
905 sim.get_mode=&arm11_sim_get_mode;
906 sim.get_state=&arm11_sim_get_state;
907 sim.set_state=&arm11_sim_set_state;
909 return arm_simulate_step_core(target, dry_run_pc, &sim);
913 static int arm11_step(struct target *target, int current,
914 uint32_t address, int handle_breakpoints)
918 LOG_DEBUG("target->state: %s",
919 target_state_name(target));
921 if (target->state != TARGET_HALTED)
923 LOG_WARNING("target was not halted");
924 return ERROR_TARGET_NOT_HALTED;
927 struct arm11_common *arm11 = target_to_arm11(target);
932 LOG_DEBUG("STEP PC %08" PRIx32 "%s", R(PC), !current ? "!" : "");
935 /** \todo TODO: Thumb not supported here */
937 uint32_t next_instruction;
939 CHECK_RETVAL(arm11_read_memory_word(arm11, R(PC), &next_instruction));
942 if ((next_instruction & 0xFFF00070) == 0xe1200070)
945 arm11->reg_list[ARM11_RC_PC].valid = 1;
946 arm11->reg_list[ARM11_RC_PC].dirty = 0;
947 LOG_DEBUG("Skipping BKPT");
949 /* skip over Wait for interrupt / Standby */
950 /* mcr 15, 0, r?, cr7, cr0, {4} */
951 else if ((next_instruction & 0xFFFF0FFF) == 0xee070f90)
954 arm11->reg_list[ARM11_RC_PC].valid = 1;
955 arm11->reg_list[ARM11_RC_PC].dirty = 0;
956 LOG_DEBUG("Skipping WFI");
958 /* ignore B to self */
959 else if ((next_instruction & 0xFEFFFFFF) == 0xeafffffe)
961 LOG_DEBUG("Not stepping jump to self");
965 /** \todo TODO: check if break-/watchpoints make any sense at all in combination
968 /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
969 * the VCR might be something worth looking into. */
972 /* Set up breakpoint for stepping */
974 struct arm11_sc7_action brp[2];
977 brp[0].address = ARM11_SC7_BVR0;
979 brp[1].address = ARM11_SC7_BCR0;
981 if (arm11_config_hardware_step)
983 /* hardware single stepping be used if possible or is it better to
984 * always use the same code path? Hardware single stepping is not supported
987 brp[0].value = R(PC);
988 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (2 << 21);
991 /* sets a breakpoint on the next PC(calculated by simulation),
995 retval = arm11_simulate_step(target, &next_pc);
996 if (retval != ERROR_OK)
999 brp[0].value = next_pc;
1000 brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
1003 CHECK_RETVAL(arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp)));
1008 if (arm11_config_step_irq_enable)
1009 R(DSCR) &= ~ARM11_DSCR_INTERRUPTS_DISABLE; /* should be redundant */
1011 R(DSCR) |= ARM11_DSCR_INTERRUPTS_DISABLE;
1014 CHECK_RETVAL(arm11_leave_debug_state(arm11));
1016 arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
1018 CHECK_RETVAL(jtag_execute_queue());
1026 CHECK_RETVAL(arm11_read_DSCR(arm11, &dscr));
1028 LOG_DEBUG("DSCR %08" PRIx32 "e", dscr);
1030 if ((dscr & (ARM11_DSCR_CORE_RESTARTED | ARM11_DSCR_CORE_HALTED)) ==
1031 (ARM11_DSCR_CORE_RESTARTED | ARM11_DSCR_CORE_HALTED))
1037 then = timeval_ms();
1041 if ((timeval_ms()-then) > 1000)
1043 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
1050 /* clear breakpoint */
1051 arm11_sc7_clear_vbw(arm11);
1054 CHECK_RETVAL(arm11_on_enter_debug_state(arm11));
1056 /* restore default state */
1057 R(DSCR) &= ~ARM11_DSCR_INTERRUPTS_DISABLE;
1061 // target->state = TARGET_HALTED;
1062 target->debug_reason = DBG_REASON_SINGLESTEP;
1064 CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_HALTED));
1069 static int arm11_assert_reset(struct target *target)
1073 struct arm11_common *arm11 = target_to_arm11(target);
1075 retval = arm11_check_init(arm11, NULL);
1076 if (retval != ERROR_OK)
1079 target->state = TARGET_UNKNOWN;
1081 /* we would very much like to reset into the halted, state,
1082 * but resetting and halting is second best... */
1083 if (target->reset_halt)
1085 CHECK_RETVAL(target_halt(target));
1089 /* srst is funny. We can not do *anything* else while it's asserted
1090 * and it has unkonwn side effects. Make sure no other code runs
1093 * Code below assumes srst:
1095 * - Causes power-on-reset (but of what parts of the system?). Bug
1098 * - Messes us TAP state without asserting trst.
1100 * - There is another bug in the arm11 core. When you generate an access to
1101 * external logic (for example ddr controller via AHB bus) and that block
1102 * is not configured (perhaps it is still held in reset), that transaction
1103 * will never complete. This will hang arm11 core but it will also hang
1104 * JTAG controller. Nothing, short of srst assertion will bring it out of
1109 * - What should the PC be after an srst reset when starting in the halted
1113 jtag_add_reset(0, 1);
1114 jtag_add_reset(0, 0);
1116 /* How long do we have to wait? */
1117 jtag_add_sleep(5000);
1119 /* un-mess up TAP state */
1122 retval = jtag_execute_queue();
1123 if (retval != ERROR_OK)
1131 static int arm11_deassert_reset(struct target *target)
1136 static int arm11_soft_reset_halt(struct target *target)
1138 FNC_INFO_NOTIMPLEMENTED;
1143 /* target register access for gdb */
1144 static int arm11_get_gdb_reg_list(struct target *target,
1145 struct reg **reg_list[], int *reg_list_size)
1148 struct arm11_common *arm11 = target_to_arm11(target);
1150 *reg_list_size = ARM11_GDB_REGISTER_COUNT;
1151 *reg_list = malloc(sizeof(struct reg*) * ARM11_GDB_REGISTER_COUNT);
1153 /* nine unused legacy FPA registers are expected by GDB */
1154 for (size_t i = 16; i < 24; i++)
1155 (*reg_list)[i] = &arm_gdb_dummy_fp_reg;
1156 (*reg_list)[24] = &arm_gdb_dummy_fps_reg;
1158 for (size_t i = 0; i < ARM11_REGCACHE_COUNT; i++)
1160 if (arm11_reg_defs[i].gdb_num == -1)
1163 (*reg_list)[arm11_reg_defs[i].gdb_num] = arm11->reg_list + i;
1169 /* target memory access
1170 * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
1171 * count: number of items of <size>
1173 * arm11_config_memrw_no_increment - in the future we may want to be able
1174 * to read/write a range of data to a "port". a "port" is an action on
1175 * read memory address for some peripheral.
1177 static int arm11_read_memory_inner(struct target *target,
1178 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
1179 bool arm11_config_memrw_no_increment)
1181 /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
1186 if (target->state != TARGET_HALTED)
1188 LOG_WARNING("target was not halted");
1189 return ERROR_TARGET_NOT_HALTED;
1192 LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
1194 struct arm11_common *arm11 = target_to_arm11(target);
1196 retval = arm11_run_instr_data_prepare(arm11);
1197 if (retval != ERROR_OK)
1200 /* MRC p14,0,r0,c0,c5,0 */
1201 retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
1202 if (retval != ERROR_OK)
1208 /** \todo TODO: check if dirty is the right choice to force a rewrite on arm11_resume() */
1209 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1211 for (size_t i = 0; i < count; i++)
1213 /* ldrb r1, [r0], #1 */
1215 arm11_run_instr_no_data1(arm11,
1216 !arm11_config_memrw_no_increment ? 0xe4d01001 : 0xe5d01000);
1219 /* MCR p14,0,R1,c0,c5,0 */
1220 arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
1229 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1231 for (size_t i = 0; i < count; i++)
1233 /* ldrh r1, [r0], #2 */
1234 arm11_run_instr_no_data1(arm11,
1235 !arm11_config_memrw_no_increment ? 0xe0d010b2 : 0xe1d010b0);
1239 /* MCR p14,0,R1,c0,c5,0 */
1240 arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
1242 uint16_t svalue = res;
1243 memcpy(buffer + i * sizeof(uint16_t), &svalue, sizeof(uint16_t));
1251 uint32_t instr = !arm11_config_memrw_no_increment ? 0xecb05e01 : 0xed905e00;
1252 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1253 uint32_t *words = (uint32_t *)buffer;
1255 /* LDC p14,c5,[R0],#4 */
1256 /* LDC p14,c5,[R0] */
1257 arm11_run_instr_data_from_core(arm11, instr, words, count);
1262 return arm11_run_instr_data_finish(arm11);
1265 static int arm11_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
1267 return arm11_read_memory_inner(target, address, size, count, buffer, false);
1271 * arm11_config_memrw_no_increment - in the future we may want to be able
1272 * to read/write a range of data to a "port". a "port" is an action on
1273 * read memory address for some peripheral.
1275 static int arm11_write_memory_inner(struct target *target,
1276 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
1277 bool arm11_config_memrw_no_increment)
1282 if (target->state != TARGET_HALTED)
1284 LOG_WARNING("target was not halted");
1285 return ERROR_TARGET_NOT_HALTED;
1288 LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
1290 struct arm11_common *arm11 = target_to_arm11(target);
1292 retval = arm11_run_instr_data_prepare(arm11);
1293 if (retval != ERROR_OK)
1296 /* MRC p14,0,r0,c0,c5,0 */
1297 retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
1298 if (retval != ERROR_OK)
1301 /* burst writes are not used for single words as those may well be
1302 * reset init script writes.
1304 * The other advantage is that as burst writes are default, we'll
1305 * now exercise both burst and non-burst code paths with the
1306 * default settings, increasing code coverage.
1308 bool burst = arm11_config_memwrite_burst && (count > 1);
1314 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1316 for (size_t i = 0; i < count; i++)
1318 /* MRC p14,0,r1,c0,c5,0 */
1319 retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, *buffer++);
1320 if (retval != ERROR_OK)
1323 /* strb r1, [r0], #1 */
1325 retval = arm11_run_instr_no_data1(arm11,
1326 !arm11_config_memrw_no_increment ? 0xe4c01001 : 0xe5c01000);
1327 if (retval != ERROR_OK)
1336 arm11->reg_list[ARM11_RC_R1].dirty = 1;
1338 for (size_t i = 0; i < count; i++)
1341 memcpy(&value, buffer + i * sizeof(uint16_t), sizeof(uint16_t));
1343 /* MRC p14,0,r1,c0,c5,0 */
1344 retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, value);
1345 if (retval != ERROR_OK)
1348 /* strh r1, [r0], #2 */
1350 retval = arm11_run_instr_no_data1(arm11,
1351 !arm11_config_memrw_no_increment ? 0xe0c010b2 : 0xe1c010b0);
1352 if (retval != ERROR_OK)
1360 uint32_t instr = !arm11_config_memrw_no_increment ? 0xeca05e01 : 0xed805e00;
1362 /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
1363 uint32_t *words = (uint32_t*)buffer;
1367 /* STC p14,c5,[R0],#4 */
1368 /* STC p14,c5,[R0]*/
1369 retval = arm11_run_instr_data_to_core(arm11, instr, words, count);
1370 if (retval != ERROR_OK)
1375 /* STC p14,c5,[R0],#4 */
1376 /* STC p14,c5,[R0]*/
1377 retval = arm11_run_instr_data_to_core_noack(arm11, instr, words, count);
1378 if (retval != ERROR_OK)
1386 /* r0 verification */
1387 if (!arm11_config_memrw_no_increment)
1391 /* MCR p14,0,R0,c0,c5,0 */
1392 retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15, &r0, 1);
1393 if (retval != ERROR_OK)
1396 if (address + size * count != r0)
1398 LOG_ERROR("Data transfer failed. Expected end "
1399 "address 0x%08x, got 0x%08x",
1400 (unsigned) (address + size * count),
1404 LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
1406 if (arm11_config_memwrite_error_fatal)
1411 return arm11_run_instr_data_finish(arm11);
1414 static int arm11_write_memory(struct target *target,
1415 uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
1417 return arm11_write_memory_inner(target, address, size, count, buffer, false);
1420 /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
1421 static int arm11_bulk_write_memory(struct target *target,
1422 uint32_t address, uint32_t count, uint8_t *buffer)
1426 if (target->state != TARGET_HALTED)
1428 LOG_WARNING("target was not halted");
1429 return ERROR_TARGET_NOT_HALTED;
1432 return arm11_write_memory(target, address, 4, count, buffer);
1435 /* target break-/watchpoint control
1436 * rw: 0 = write, 1 = read, 2 = access
1438 static int arm11_add_breakpoint(struct target *target,
1439 struct breakpoint *breakpoint)
1442 struct arm11_common *arm11 = target_to_arm11(target);
1445 if (breakpoint->type == BKPT_SOFT)
1447 LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
1448 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1452 if (!arm11->free_brps)
1454 LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
1455 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1458 if (breakpoint->length != 4)
1460 LOG_DEBUG("only breakpoints of four bytes length supported");
1461 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1469 static int arm11_remove_breakpoint(struct target *target,
1470 struct breakpoint *breakpoint)
1473 struct arm11_common *arm11 = target_to_arm11(target);
1480 static int arm11_add_watchpoint(struct target *target,
1481 struct watchpoint *watchpoint)
1483 FNC_INFO_NOTIMPLEMENTED;
1488 static int arm11_remove_watchpoint(struct target *target,
1489 struct watchpoint *watchpoint)
1491 FNC_INFO_NOTIMPLEMENTED;
1496 // HACKHACKHACK - FIXME mode/state
1497 /* target algorithm support */
1498 static int arm11_run_algorithm(struct target *target,
1499 int num_mem_params, struct mem_param *mem_params,
1500 int num_reg_params, struct reg_param *reg_params,
1501 uint32_t entry_point, uint32_t exit_point,
1502 int timeout_ms, void *arch_info)
1504 struct arm11_common *arm11 = target_to_arm11(target);
1505 // enum armv4_5_state core_state = arm11->core_state;
1506 // enum armv4_5_mode core_mode = arm11->core_mode;
1507 uint32_t context[16];
1509 int exit_breakpoint_size = 0;
1510 int retval = ERROR_OK;
1511 LOG_DEBUG("Running algorithm");
1514 if (target->state != TARGET_HALTED)
1516 LOG_WARNING("target not halted");
1517 return ERROR_TARGET_NOT_HALTED;
1521 // if (!is_arm_mode(arm11->core_mode))
1522 // return ERROR_FAIL;
1525 for (unsigned i = 0; i < 16; i++)
1527 context[i] = buf_get_u32((uint8_t*)(&arm11->reg_values[i]),0,32);
1528 LOG_DEBUG("Save %u: 0x%" PRIx32 "", i, context[i]);
1531 cpsr = buf_get_u32((uint8_t*)(arm11->reg_values + ARM11_RC_CPSR),0,32);
1532 LOG_DEBUG("Save CPSR: 0x%" PRIx32 "", cpsr);
1534 for (int i = 0; i < num_mem_params; i++)
1536 target_write_buffer(target, mem_params[i].address, mem_params[i].size, mem_params[i].value);
1539 // Set register parameters
1540 for (int i = 0; i < num_reg_params; i++)
1542 struct reg *reg = register_get_by_name(arm11->core_cache, reg_params[i].reg_name, 0);
1545 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1546 return ERROR_INVALID_ARGUMENTS;
1549 if (reg->size != reg_params[i].size)
1551 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params[i].reg_name);
1552 return ERROR_INVALID_ARGUMENTS;
1554 arm11_set_reg(reg,reg_params[i].value);
1555 // printf("%i: Set %s =%08x\n", i, reg_params[i].reg_name,val);
1558 exit_breakpoint_size = 4;
1560 /* arm11->core_state = arm11_algorithm_info->core_state;
1561 if (arm11->core_state == ARMV4_5_STATE_ARM)
1562 exit_breakpoint_size = 4;
1563 else if (arm11->core_state == ARMV4_5_STATE_THUMB)
1564 exit_breakpoint_size = 2;
1567 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1573 /* arm11 at this point only supports ARM not THUMB mode
1574 however if this test needs to be reactivated the current state can be read back
1577 if (arm11_algorithm_info->core_mode != ARMV4_5_MODE_ANY)
1579 LOG_DEBUG("setting core_mode: 0x%2.2x", arm11_algorithm_info->core_mode);
1580 buf_set_u32(arm11->reg_list[ARM11_RC_CPSR].value, 0, 5, arm11_algorithm_info->core_mode);
1581 arm11->reg_list[ARM11_RC_CPSR].dirty = 1;
1582 arm11->reg_list[ARM11_RC_CPSR].valid = 1;
1586 if ((retval = breakpoint_add(target, exit_point, exit_breakpoint_size, BKPT_HARD)) != ERROR_OK)
1588 LOG_ERROR("can't add breakpoint to finish algorithm execution");
1589 retval = ERROR_TARGET_FAILURE;
1593 // no debug, otherwise breakpoint is not set
1594 CHECK_RETVAL(target_resume(target, 0, entry_point, 1, 0));
1596 CHECK_RETVAL(target_wait_state(target, TARGET_HALTED, timeout_ms));
1598 if (target->state != TARGET_HALTED)
1600 CHECK_RETVAL(target_halt(target));
1602 CHECK_RETVAL(target_wait_state(target, TARGET_HALTED, 500));
1604 retval = ERROR_TARGET_TIMEOUT;
1606 goto del_breakpoint;
1609 if (buf_get_u32(arm11->reg_list[15].value, 0, 32) != exit_point)
1611 LOG_WARNING("target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32 "",
1612 buf_get_u32(arm11->reg_list[15].value, 0, 32));
1613 retval = ERROR_TARGET_TIMEOUT;
1614 goto del_breakpoint;
1617 for (int i = 0; i < num_mem_params; i++)
1619 if (mem_params[i].direction != PARAM_OUT)
1620 target_read_buffer(target, mem_params[i].address, mem_params[i].size, mem_params[i].value);
1623 for (int i = 0; i < num_reg_params; i++)
1625 if (reg_params[i].direction != PARAM_OUT)
1627 struct reg *reg = register_get_by_name(arm11->core_cache, reg_params[i].reg_name, 0);
1630 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1631 retval = ERROR_INVALID_ARGUMENTS;
1632 goto del_breakpoint;
1635 if (reg->size != reg_params[i].size)
1637 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size", reg_params[i].reg_name);
1638 retval = ERROR_INVALID_ARGUMENTS;
1639 goto del_breakpoint;
1642 buf_set_u32(reg_params[i].value, 0, 32, buf_get_u32(reg->value, 0, 32));
1647 breakpoint_remove(target, exit_point);
1651 for (size_t i = 0; i < 16; i++)
1653 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32 "",
1654 arm11->reg_list[i].name, context[i]);
1655 arm11_set_reg(&arm11->reg_list[i], (uint8_t*)&context[i]);
1657 LOG_DEBUG("restoring CPSR with value 0x%8.8" PRIx32 "", cpsr);
1658 arm11_set_reg(&arm11->reg_list[ARM11_RC_CPSR], (uint8_t*)&cpsr);
1660 // arm11->core_state = core_state;
1661 // arm11->core_mode = core_mode;
1666 static int arm11_target_create(struct target *target, Jim_Interp *interp)
1670 NEW(struct arm11_common, arm11, 1);
1672 arm11->target = target;
1674 if (target->tap == NULL)
1677 if (target->tap->ir_length != 5)
1679 LOG_ERROR("'target arm11' expects IR LENGTH = 5");
1680 return ERROR_COMMAND_SYNTAX_ERROR;
1683 armv4_5_init_arch_info(target, &arm11->arm);
1685 arm11->jtag_info.tap = target->tap;
1686 arm11->jtag_info.scann_size = 5;
1687 arm11->jtag_info.scann_instr = ARM11_SCAN_N;
1688 /* cur_scan_chain == 0 */
1689 arm11->jtag_info.intest_instr = ARM11_INTEST;
1694 static int arm11_init_target(struct command_context *cmd_ctx,
1695 struct target *target)
1697 /* Initialize anything we can set up without talking to the target */
1699 /* FIXME Switch to use the standard build_reg_cache() not custom
1700 * code. Do it from examine(), after we check whether we're
1701 * an arm1176 and thus support the Secure Monitor mode.
1703 return arm11_build_reg_cache(target);
1706 /* talk to the target and set things up */
1707 static int arm11_examine(struct target *target)
1712 struct arm11_common *arm11 = target_to_arm11(target);
1716 arm11_add_IR(arm11, ARM11_IDCODE, ARM11_TAP_DEFAULT);
1718 struct scan_field idcode_field;
1720 arm11_setup_field(arm11, 32, NULL, &arm11->device_id, &idcode_field);
1722 arm11_add_dr_scan_vc(1, &idcode_field, TAP_DRPAUSE);
1726 arm11_add_debug_SCAN_N(arm11, 0x00, ARM11_TAP_DEFAULT);
1728 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
1730 struct scan_field chain0_fields[2];
1732 arm11_setup_field(arm11, 32, NULL, &arm11->didr, chain0_fields + 0);
1733 arm11_setup_field(arm11, 8, NULL, &arm11->implementor, chain0_fields + 1);
1735 arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields), chain0_fields, TAP_IDLE);
1737 CHECK_RETVAL(jtag_execute_queue());
1739 switch (arm11->device_id & 0x0FFFF000)
1748 arm11->arm.core_type = ARM_MODE_MON;
1752 LOG_ERROR("'target arm11' expects IDCODE 0x*7B*7****");
1755 LOG_INFO("found %s", type);
1757 arm11->debug_version = (arm11->didr >> 16) & 0x0F;
1759 if (arm11->debug_version != ARM11_DEBUG_V6 &&
1760 arm11->debug_version != ARM11_DEBUG_V61)
1762 LOG_ERROR("Only ARMv6 v6 and v6.1 architectures supported.");
1766 arm11->brp = ((arm11->didr >> 24) & 0x0F) + 1;
1767 arm11->wrp = ((arm11->didr >> 28) & 0x0F) + 1;
1769 /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
1770 arm11->free_brps = arm11->brp;
1771 arm11->free_wrps = arm11->wrp;
1773 LOG_DEBUG("IDCODE %08" PRIx32 " IMPLEMENTOR %02x DIDR %08" PRIx32 "",
1775 (int)(arm11->implementor),
1778 /* as a side-effect this reads DSCR and thus
1779 * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
1780 * as suggested by the spec.
1783 retval = arm11_check_init(arm11, NULL);
1784 if (retval != ERROR_OK)
1787 /* ETM on ARM11 still uses original scanchain 6 access mode */
1788 if (arm11->arm.etm && !target_was_examined(target)) {
1789 *register_get_last_cache_p(&target->reg_cache) =
1790 etm_build_reg_cache(target, &arm11->jtag_info,
1792 retval = etm_setup(target);
1795 target_set_examined(target);
1801 /** Load a register that is marked !valid in the register cache */
1802 static int arm11_get_reg(struct reg *reg)
1806 struct target * target = ((struct arm11_reg_state *)reg->arch_info)->target;
1808 if (target->state != TARGET_HALTED)
1810 LOG_WARNING("target was not halted");
1811 return ERROR_TARGET_NOT_HALTED;
1814 /** \todo TODO: Check this. We assume that all registers are fetched at debug entry. */
1817 struct arm11_common *arm11 = target_to_arm11(target);
1818 const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1824 /** Change a value in the register cache */
1825 static int arm11_set_reg(struct reg *reg, uint8_t *buf)
1829 struct target *target = ((struct arm11_reg_state *)reg->arch_info)->target;
1830 struct arm11_common *arm11 = target_to_arm11(target);
1831 // const struct arm11_reg_defs *arm11_reg_info = arm11_reg_defs + ((struct arm11_reg_state *)reg->arch_info)->def_index;
1833 arm11->reg_values[((struct arm11_reg_state *)reg->arch_info)->def_index] = buf_get_u32(buf, 0, 32);
1840 static const struct reg_arch_type arm11_reg_type = {
1841 .get = arm11_get_reg,
1842 .set = arm11_set_reg,
1845 static int arm11_build_reg_cache(struct target *target)
1847 struct arm11_common *arm11 = target_to_arm11(target);
1849 NEW(struct reg_cache, cache, 1);
1850 NEW(struct reg, reg_list, ARM11_REGCACHE_COUNT);
1851 NEW(struct arm11_reg_state, arm11_reg_states, ARM11_REGCACHE_COUNT);
1853 arm11->reg_list = reg_list;
1855 /* Build the process context cache */
1856 cache->name = "arm11 registers";
1858 cache->reg_list = reg_list;
1859 cache->num_regs = ARM11_REGCACHE_COUNT;
1861 struct reg_cache **cache_p = register_get_last_cache_p(&target->reg_cache);
1864 arm11->core_cache = cache;
1865 // armv7m->process_context = cache;
1869 /* Not very elegant assertion */
1870 if (ARM11_REGCACHE_COUNT != ARRAY_SIZE(arm11->reg_values) ||
1871 ARM11_REGCACHE_COUNT != ARRAY_SIZE(arm11_reg_defs) ||
1872 ARM11_REGCACHE_COUNT != ARM11_RC_MAX)
1874 LOG_ERROR("BUG: arm11->reg_values inconsistent (%d %u %u %d)",
1875 ARM11_REGCACHE_COUNT,
1876 (unsigned) ARRAY_SIZE(arm11->reg_values),
1877 (unsigned) ARRAY_SIZE(arm11_reg_defs),
1879 /* FIXME minimally, use a build_bug_on(X) mechanism;
1880 * runtime exit() here is bad!
1885 for (i = 0; i < ARM11_REGCACHE_COUNT; i++)
1887 struct reg * r = reg_list + i;
1888 const struct arm11_reg_defs * rd = arm11_reg_defs + i;
1889 struct arm11_reg_state * rs = arm11_reg_states + i;
1893 r->value = (uint8_t *)(arm11->reg_values + i);
1896 r->type = &arm11_reg_type;
1900 rs->target = target;
1906 #define ARM11_BOOL_WRAPPER(name, print_name) \
1907 COMMAND_HANDLER(arm11_handle_bool_##name) \
1909 return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
1910 &arm11_config_##name, print_name); \
1913 ARM11_BOOL_WRAPPER(memwrite_burst, "memory write burst mode")
1914 ARM11_BOOL_WRAPPER(memwrite_error_fatal, "fatal error mode for memory writes")
1915 ARM11_BOOL_WRAPPER(step_irq_enable, "IRQs while stepping")
1916 ARM11_BOOL_WRAPPER(hardware_step, "hardware single step")
1918 COMMAND_HANDLER(arm11_handle_vcr)
1924 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], arm11_vcr);
1927 return ERROR_COMMAND_SYNTAX_ERROR;
1930 LOG_INFO("VCR 0x%08" PRIx32 "", arm11_vcr);
1934 static const uint32_t arm11_coproc_instruction_limits[] =
1936 15, /* coprocessor */
1941 0xFFFFFFFF, /* value */
1944 static int arm11_mrc_inner(struct target *target, int cpnum,
1945 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm,
1946 uint32_t *value, bool read)
1949 struct arm11_common *arm11 = target_to_arm11(target);
1951 if (target->state != TARGET_HALTED)
1953 LOG_ERROR("Target not halted");
1957 uint32_t instr = 0xEE000010 |
1965 instr |= 0x00100000;
1967 retval = arm11_run_instr_data_prepare(arm11);
1968 if (retval != ERROR_OK)
1973 retval = arm11_run_instr_data_from_core_via_r0(arm11, instr, value);
1974 if (retval != ERROR_OK)
1979 retval = arm11_run_instr_data_to_core_via_r0(arm11, instr, *value);
1980 if (retval != ERROR_OK)
1984 return arm11_run_instr_data_finish(arm11);
1987 static int arm11_mrc(struct target *target, int cpnum,
1988 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
1990 return arm11_mrc_inner(target, cpnum, op1, op2, CRn, CRm, value, true);
1993 static int arm11_mcr(struct target *target, int cpnum,
1994 uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
1996 return arm11_mrc_inner(target, cpnum, op1, op2, CRn, CRm, &value, false);
1999 static int arm11_register_commands(struct command_context *cmd_ctx)
2003 struct command *top_cmd, *mw_cmd;
2005 armv4_5_register_commands(cmd_ctx);
2007 top_cmd = register_command(cmd_ctx, NULL, "arm11",
2008 NULL, COMMAND_ANY, NULL);
2010 /* "hardware_step" is only here to check if the default
2011 * simulate + breakpoint implementation is broken.
2012 * TEMPORARY! NOT DOCUMENTED!
2014 register_command(cmd_ctx, top_cmd, "hardware_step",
2015 arm11_handle_bool_hardware_step, COMMAND_ANY,
2016 "DEBUG ONLY - Hardware single stepping"
2017 " (default: disabled)");
2019 mw_cmd = register_command(cmd_ctx, top_cmd, "memwrite",
2020 NULL, COMMAND_ANY, NULL);
2021 register_command(cmd_ctx, mw_cmd, "burst",
2022 arm11_handle_bool_memwrite_burst, COMMAND_ANY,
2023 "Enable/Disable non-standard but fast burst mode"
2024 " (default: enabled)");
2025 register_command(cmd_ctx, mw_cmd, "error_fatal",
2026 arm11_handle_bool_memwrite_error_fatal, COMMAND_ANY,
2027 "Terminate program if transfer error was found"
2028 " (default: enabled)");
2030 register_command(cmd_ctx, top_cmd, "step_irq_enable",
2031 arm11_handle_bool_step_irq_enable, COMMAND_ANY,
2032 "Enable interrupts while stepping"
2033 " (default: disabled)");
2034 register_command(cmd_ctx, top_cmd, "vcr",
2035 arm11_handle_vcr, COMMAND_ANY,
2036 "Control (Interrupt) Vector Catch Register");
2038 return etm_register_commands(cmd_ctx);
2041 /** Holds methods for ARM11xx targets. */
2042 struct target_type arm11_target = {
2046 .arch_state = arm11_arch_state,
2048 .target_request_data = arm11_target_request_data,
2051 .resume = arm11_resume,
2054 .assert_reset = arm11_assert_reset,
2055 .deassert_reset = arm11_deassert_reset,
2056 .soft_reset_halt = arm11_soft_reset_halt,
2058 .get_gdb_reg_list = arm11_get_gdb_reg_list,
2060 .read_memory = arm11_read_memory,
2061 .write_memory = arm11_write_memory,
2063 .bulk_write_memory = arm11_bulk_write_memory,
2065 .checksum_memory = arm_checksum_memory,
2066 .blank_check_memory = arm_blank_check_memory,
2068 .add_breakpoint = arm11_add_breakpoint,
2069 .remove_breakpoint = arm11_remove_breakpoint,
2070 .add_watchpoint = arm11_add_watchpoint,
2071 .remove_watchpoint = arm11_remove_watchpoint,
2073 .run_algorithm = arm11_run_algorithm,
2075 .register_commands = arm11_register_commands,
2076 .target_create = arm11_target_create,
2077 .init_target = arm11_init_target,
2078 .examine = arm11_examine,
projects / fw / openocd / blob