1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2007,2008 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
11 * Copyright (C) 2008 by Hongtao Zheng *
14 * This program is free software; you can redistribute it and/or modify *
15 * it under the terms of the GNU General Public License as published by *
16 * the Free Software Foundation; either version 2 of the License, or *
17 * (at your option) any later version. *
19 * This program is distributed in the hope that it will be useful, *
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
22 * GNU General Public License for more details. *
24 * You should have received a copy of the GNU General Public License *
25 * along with this program; if not, write to the *
26 * Free Software Foundation, Inc., *
27 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
28 ***************************************************************************/
33 #include "breakpoints.h"
34 #include "embeddedice.h"
35 #include "target_request.h"
37 #include <helper/time_support.h>
38 #include "arm_simulator.h"
39 #include "arm_semihosting.h"
40 #include "algorithm.h"
46 * Hold common code supporting the ARM7 and ARM9 core generations.
48 * While the ARM core implementations evolved substantially during these
49 * two generations, they look quite similar from the JTAG perspective.
50 * Both have similar debug facilities, based on the same two scan chains
51 * providing access to the core and to an EmbeddedICE module. Both can
52 * support similar ETM and ETB modules, for tracing. And both expose
53 * what could be viewed as "ARM Classic", with multiple processor modes,
54 * shadowed registers, and support for the Thumb instruction set.
56 * Processor differences include things like presence or absence of MMU
57 * and cache, pipeline sizes, use of a modified Harvard Architecure
58 * (with separate instruction and data busses from the CPU), support
59 * for cpu clock gating during idle, and more.
62 static int arm7_9_debug_entry(struct target *target);
65 * Clear watchpoints for an ARM7/9 target.
67 * @param arm7_9 Pointer to the common struct for an ARM7/9 target
68 * @return JTAG error status after executing queue
70 static int arm7_9_clear_watchpoints(struct arm7_9_common *arm7_9)
73 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
74 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
75 arm7_9->sw_breakpoint_count = 0;
76 arm7_9->sw_breakpoints_added = 0;
78 arm7_9->wp1_used = arm7_9->wp1_used_default;
79 arm7_9->wp_available = arm7_9->wp_available_max;
81 return jtag_execute_queue();
85 * Assign a watchpoint to one of the two available hardware comparators in an
86 * ARM7 or ARM9 target.
88 * @param arm7_9 Pointer to the common struct for an ARM7/9 target
89 * @param breakpoint Pointer to the breakpoint to be used as a watchpoint
91 static void arm7_9_assign_wp(struct arm7_9_common *arm7_9, struct breakpoint *breakpoint)
93 if (!arm7_9->wp0_used)
97 arm7_9->wp_available--;
99 else if (!arm7_9->wp1_used)
101 arm7_9->wp1_used = 1;
103 arm7_9->wp_available--;
107 LOG_ERROR("BUG: no hardware comparator available");
109 LOG_DEBUG("BPID: %d (0x%08" PRIx32 ") using hw wp: %d",
110 breakpoint->unique_id,
116 * Setup an ARM7/9 target's embedded ICE registers for software breakpoints.
118 * @param arm7_9 Pointer to common struct for ARM7/9 targets
119 * @return Error codes if there is a problem finding a watchpoint or the result
120 * of executing the JTAG queue
122 static int arm7_9_set_software_breakpoints(struct arm7_9_common *arm7_9)
124 if (arm7_9->sw_breakpoints_added)
128 if (arm7_9->wp_available < 1)
130 LOG_WARNING("can't enable sw breakpoints with no watchpoint unit available");
131 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
133 arm7_9->wp_available--;
135 /* pick a breakpoint unit */
136 if (!arm7_9->wp0_used)
138 arm7_9->sw_breakpoints_added = 1;
139 arm7_9->wp0_used = 3;
140 } else if (!arm7_9->wp1_used)
142 arm7_9->sw_breakpoints_added = 2;
143 arm7_9->wp1_used = 3;
147 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
151 if (arm7_9->sw_breakpoints_added == 1)
153 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], arm7_9->arm_bkpt);
154 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0x0);
155 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffffu);
156 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
157 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
159 else if (arm7_9->sw_breakpoints_added == 2)
161 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], arm7_9->arm_bkpt);
162 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0x0);
163 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0xffffffffu);
164 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
165 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
169 LOG_ERROR("BUG: both watchpoints used, but wp_available >= 1");
172 LOG_DEBUG("SW BP using hw wp: %d",
173 arm7_9->sw_breakpoints_added );
175 return jtag_execute_queue();
179 * Setup the common pieces for an ARM7/9 target after reset or on startup.
181 * @param target Pointer to an ARM7/9 target to setup
182 * @return Result of clearing the watchpoints on the target
184 int arm7_9_setup(struct target *target)
186 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
188 return arm7_9_clear_watchpoints(arm7_9);
192 * Set either a hardware or software breakpoint on an ARM7/9 target. The
193 * breakpoint is set up even if it is already set. Some actions, e.g. reset,
194 * might have erased the values in Embedded ICE.
196 * @param target Pointer to the target device to set the breakpoints on
197 * @param breakpoint Pointer to the breakpoint to be set
198 * @return For hardware breakpoints, this is the result of executing the JTAG
199 * queue. For software breakpoints, this will be the status of the
200 * required memory reads and writes
202 int arm7_9_set_breakpoint(struct target *target, struct breakpoint *breakpoint)
204 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
205 int retval = ERROR_OK;
207 LOG_DEBUG("BPID: %d, Address: 0x%08" PRIx32 ", Type: %d" ,
208 breakpoint->unique_id,
212 if (target->state != TARGET_HALTED)
214 LOG_WARNING("target not halted");
215 return ERROR_TARGET_NOT_HALTED;
218 if (breakpoint->type == BKPT_HARD)
220 /* either an ARM (4 byte) or Thumb (2 byte) breakpoint */
221 uint32_t mask = (breakpoint->length == 4) ? 0x3u : 0x1u;
223 /* reassign a hw breakpoint */
224 if (breakpoint->set == 0)
226 arm7_9_assign_wp(arm7_9, breakpoint);
229 if (breakpoint->set == 1)
231 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], breakpoint->address);
232 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
233 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffffu);
234 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
235 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
237 else if (breakpoint->set == 2)
239 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], breakpoint->address);
240 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
241 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffffu);
242 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
243 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
247 LOG_ERROR("BUG: no hardware comparator available");
251 retval = jtag_execute_queue();
253 else if (breakpoint->type == BKPT_SOFT)
255 /* did we already set this breakpoint? */
259 if (breakpoint->length == 4)
261 uint32_t verify = 0xffffffff;
262 /* keep the original instruction in target endianness */
263 if ((retval = target_read_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
267 /* write the breakpoint instruction in target endianness (arm7_9->arm_bkpt is host endian) */
268 if ((retval = target_write_u32(target, breakpoint->address, arm7_9->arm_bkpt)) != ERROR_OK)
273 if ((retval = target_read_u32(target, breakpoint->address, &verify)) != ERROR_OK)
277 if (verify != arm7_9->arm_bkpt)
279 LOG_ERROR("Unable to set 32 bit software breakpoint at address %08" PRIx32 " - check that memory is read/writable", breakpoint->address);
285 uint16_t verify = 0xffff;
286 /* keep the original instruction in target endianness */
287 if ((retval = target_read_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
291 /* write the breakpoint instruction in target endianness (arm7_9->thumb_bkpt is host endian) */
292 if ((retval = target_write_u16(target, breakpoint->address, arm7_9->thumb_bkpt)) != ERROR_OK)
297 if ((retval = target_read_u16(target, breakpoint->address, &verify)) != ERROR_OK)
301 if (verify != arm7_9->thumb_bkpt)
303 LOG_ERROR("Unable to set thumb software breakpoint at address %08" PRIx32 " - check that memory is read/writable", breakpoint->address);
308 if ((retval = arm7_9_set_software_breakpoints(arm7_9)) != ERROR_OK)
311 arm7_9->sw_breakpoint_count++;
320 * Unsets an existing breakpoint on an ARM7/9 target. If it is a hardware
321 * breakpoint, the watchpoint used will be freed and the Embedded ICE registers
322 * will be updated. Otherwise, the software breakpoint will be restored to its
323 * original instruction if it hasn't already been modified.
325 * @param target Pointer to ARM7/9 target to unset the breakpoint from
326 * @param breakpoint Pointer to breakpoint to be unset
327 * @return For hardware breakpoints, this is the result of executing the JTAG
328 * queue. For software breakpoints, this will be the status of the
329 * required memory reads and writes
331 int arm7_9_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
333 int retval = ERROR_OK;
334 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
336 LOG_DEBUG("BPID: %d, Address: 0x%08" PRIx32,
337 breakpoint->unique_id,
338 breakpoint->address );
340 if (!breakpoint->set)
342 LOG_WARNING("breakpoint not set");
346 if (breakpoint->type == BKPT_HARD)
348 LOG_DEBUG("BPID: %d Releasing hw wp: %d",
349 breakpoint->unique_id,
351 if (breakpoint->set == 1)
353 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
354 arm7_9->wp0_used = 0;
355 arm7_9->wp_available++;
357 else if (breakpoint->set == 2)
359 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
360 arm7_9->wp1_used = 0;
361 arm7_9->wp_available++;
363 retval = jtag_execute_queue();
368 /* restore original instruction (kept in target endianness) */
369 if (breakpoint->length == 4)
371 uint32_t current_instr;
372 /* check that user program as not modified breakpoint instruction */
373 if ((retval = target_read_memory(target, breakpoint->address, 4, 1, (uint8_t*)¤t_instr)) != ERROR_OK)
377 if (current_instr == arm7_9->arm_bkpt)
378 if ((retval = target_write_memory(target, breakpoint->address, 4, 1, breakpoint->orig_instr)) != ERROR_OK)
385 uint16_t current_instr;
386 /* check that user program as not modified breakpoint instruction */
387 if ((retval = target_read_memory(target, breakpoint->address, 2, 1, (uint8_t*)¤t_instr)) != ERROR_OK)
391 if (current_instr == arm7_9->thumb_bkpt)
392 if ((retval = target_write_memory(target, breakpoint->address, 2, 1, breakpoint->orig_instr)) != ERROR_OK)
398 if (--arm7_9->sw_breakpoint_count==0)
400 /* We have removed the last sw breakpoint, clear the hw breakpoint we used to implement it */
401 if (arm7_9->sw_breakpoints_added == 1)
403 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0);
405 else if (arm7_9->sw_breakpoints_added == 2)
407 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0);
418 * Add a breakpoint to an ARM7/9 target. This makes sure that there are no
419 * dangling breakpoints and that the desired breakpoint can be added.
421 * @param target Pointer to the target ARM7/9 device to add a breakpoint to
422 * @param breakpoint Pointer to the breakpoint to be added
423 * @return An error status if there is a problem adding the breakpoint or the
424 * result of setting the breakpoint
426 int arm7_9_add_breakpoint(struct target *target, struct breakpoint *breakpoint)
428 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
430 if (arm7_9->breakpoint_count == 0)
432 /* make sure we don't have any dangling breakpoints. This is vital upon
433 * GDB connect/disconnect
435 arm7_9_clear_watchpoints(arm7_9);
438 if ((breakpoint->type == BKPT_HARD) && (arm7_9->wp_available < 1))
440 LOG_INFO("no watchpoint unit available for hardware breakpoint");
441 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
444 if ((breakpoint->length != 2) && (breakpoint->length != 4))
446 LOG_INFO("only breakpoints of two (Thumb) or four (ARM) bytes length supported");
447 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
450 if (breakpoint->type == BKPT_HARD)
452 arm7_9_assign_wp(arm7_9, breakpoint);
455 arm7_9->breakpoint_count++;
457 return arm7_9_set_breakpoint(target, breakpoint);
461 * Removes a breakpoint from an ARM7/9 target. This will make sure there are no
462 * dangling breakpoints and updates available watchpoints if it is a hardware
465 * @param target Pointer to the target to have a breakpoint removed
466 * @param breakpoint Pointer to the breakpoint to be removed
467 * @return Error status if there was a problem unsetting the breakpoint or the
468 * watchpoints could not be cleared
470 int arm7_9_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
472 int retval = ERROR_OK;
473 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
475 if ((retval = arm7_9_unset_breakpoint(target, breakpoint)) != ERROR_OK)
480 if (breakpoint->type == BKPT_HARD)
481 arm7_9->wp_available++;
483 arm7_9->breakpoint_count--;
484 if (arm7_9->breakpoint_count == 0)
486 /* make sure we don't have any dangling breakpoints */
487 if ((retval = arm7_9_clear_watchpoints(arm7_9)) != ERROR_OK)
497 * Sets a watchpoint for an ARM7/9 target in one of the watchpoint units. It is
498 * considered a bug to call this function when there are no available watchpoint
501 * @param target Pointer to an ARM7/9 target to set a watchpoint on
502 * @param watchpoint Pointer to the watchpoint to be set
503 * @return Error status if watchpoint set fails or the result of executing the
506 int arm7_9_set_watchpoint(struct target *target, struct watchpoint *watchpoint)
508 int retval = ERROR_OK;
509 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
513 mask = watchpoint->length - 1;
515 if (target->state != TARGET_HALTED)
517 LOG_WARNING("target not halted");
518 return ERROR_TARGET_NOT_HALTED;
521 if (watchpoint->rw == WPT_ACCESS)
526 if (!arm7_9->wp0_used)
528 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], watchpoint->address);
529 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], mask);
530 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], watchpoint->mask);
531 if (watchpoint->mask != 0xffffffffu)
532 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_VALUE], watchpoint->value);
533 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
534 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
536 if ((retval = jtag_execute_queue()) != ERROR_OK)
541 arm7_9->wp0_used = 2;
543 else if (!arm7_9->wp1_used)
545 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], watchpoint->address);
546 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], mask);
547 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], watchpoint->mask);
548 if (watchpoint->mask != 0xffffffffu)
549 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_VALUE], watchpoint->value);
550 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], 0xff & ~EICE_W_CTRL_nOPC & ~rw_mask);
551 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE | EICE_W_CTRL_nOPC | (watchpoint->rw & 1));
553 if ((retval = jtag_execute_queue()) != ERROR_OK)
558 arm7_9->wp1_used = 2;
562 LOG_ERROR("BUG: no hardware comparator available");
570 * Unset an existing watchpoint and clear the used watchpoint unit.
572 * @param target Pointer to the target to have the watchpoint removed
573 * @param watchpoint Pointer to the watchpoint to be removed
574 * @return Error status while trying to unset the watchpoint or the result of
575 * executing the JTAG queue
577 int arm7_9_unset_watchpoint(struct target *target, struct watchpoint *watchpoint)
579 int retval = ERROR_OK;
580 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
582 if (target->state != TARGET_HALTED)
584 LOG_WARNING("target not halted");
585 return ERROR_TARGET_NOT_HALTED;
588 if (!watchpoint->set)
590 LOG_WARNING("breakpoint not set");
594 if (watchpoint->set == 1)
596 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
597 if ((retval = jtag_execute_queue()) != ERROR_OK)
601 arm7_9->wp0_used = 0;
603 else if (watchpoint->set == 2)
605 embeddedice_set_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
606 if ((retval = jtag_execute_queue()) != ERROR_OK)
610 arm7_9->wp1_used = 0;
618 * Add a watchpoint to an ARM7/9 target. If there are no watchpoint units
619 * available, an error response is returned.
621 * @param target Pointer to the ARM7/9 target to add a watchpoint to
622 * @param watchpoint Pointer to the watchpoint to be added
623 * @return Error status while trying to add the watchpoint
625 int arm7_9_add_watchpoint(struct target *target, struct watchpoint *watchpoint)
627 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
629 if (arm7_9->wp_available < 1)
631 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
634 if ((watchpoint->length != 1) && (watchpoint->length != 2) && (watchpoint->length != 4))
636 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
639 arm7_9->wp_available--;
645 * Remove a watchpoint from an ARM7/9 target. The watchpoint will be unset and
646 * the used watchpoint unit will be reopened.
648 * @param target Pointer to the target to remove a watchpoint from
649 * @param watchpoint Pointer to the watchpoint to be removed
650 * @return Result of trying to unset the watchpoint
652 int arm7_9_remove_watchpoint(struct target *target, struct watchpoint *watchpoint)
654 int retval = ERROR_OK;
655 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
659 if ((retval = arm7_9_unset_watchpoint(target, watchpoint)) != ERROR_OK)
665 arm7_9->wp_available++;
671 * Restarts the target by sending a RESTART instruction and moving the JTAG
672 * state to IDLE. This includes a timeout waiting for DBGACK and SYSCOMP to be
673 * asserted by the processor.
675 * @param target Pointer to target to issue commands to
676 * @return Error status if there is a timeout or a problem while executing the
679 int arm7_9_execute_sys_speed(struct target *target)
682 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
683 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
684 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
686 /* set RESTART instruction */
687 jtag_set_end_state(TAP_IDLE);
688 if (arm7_9->need_bypass_before_restart) {
689 arm7_9->need_bypass_before_restart = 0;
690 arm_jtag_set_instr(jtag_info, 0xf, NULL);
692 arm_jtag_set_instr(jtag_info, 0x4, NULL);
694 long long then = timeval_ms();
696 while (!(timeout = ((timeval_ms()-then) > 1000)))
698 /* read debug status register */
699 embeddedice_read_reg(dbg_stat);
700 if ((retval = jtag_execute_queue()) != ERROR_OK)
702 if ((buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
703 && (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_SYSCOMP, 1)))
705 if (debug_level >= 3)
715 LOG_ERROR("timeout waiting for SYSCOMP & DBGACK, last DBG_STATUS: %" PRIx32 "", buf_get_u32(dbg_stat->value, 0, dbg_stat->size));
716 return ERROR_TARGET_TIMEOUT;
723 * Restarts the target by sending a RESTART instruction and moving the JTAG
724 * state to IDLE. This validates that DBGACK and SYSCOMP are set without
725 * waiting until they are.
727 * @param target Pointer to the target to issue commands to
728 * @return Always ERROR_OK
730 int arm7_9_execute_fast_sys_speed(struct target *target)
733 static uint8_t check_value[4], check_mask[4];
735 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
736 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
737 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
739 /* set RESTART instruction */
740 jtag_set_end_state(TAP_IDLE);
741 if (arm7_9->need_bypass_before_restart) {
742 arm7_9->need_bypass_before_restart = 0;
743 arm_jtag_set_instr(jtag_info, 0xf, NULL);
745 arm_jtag_set_instr(jtag_info, 0x4, NULL);
749 /* check for DBGACK and SYSCOMP set (others don't care) */
751 /* NB! These are constants that must be available until after next jtag_execute() and
752 * we evaluate the values upon first execution in lieu of setting up these constants
753 * during early setup.
755 buf_set_u32(check_value, 0, 32, 0x9);
756 buf_set_u32(check_mask, 0, 32, 0x9);
760 /* read debug status register */
761 embeddedice_read_reg_w_check(dbg_stat, check_value, check_mask);
767 * Get some data from the ARM7/9 target.
769 * @param target Pointer to the ARM7/9 target to read data from
770 * @param size The number of 32bit words to be read
771 * @param buffer Pointer to the buffer that will hold the data
772 * @return The result of receiving data from the Embedded ICE unit
774 int arm7_9_target_request_data(struct target *target, uint32_t size, uint8_t *buffer)
776 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
777 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
779 int retval = ERROR_OK;
782 data = malloc(size * (sizeof(uint32_t)));
784 retval = embeddedice_receive(jtag_info, data, size);
786 /* return the 32-bit ints in the 8-bit array */
787 for (i = 0; i < size; i++)
789 h_u32_to_le(buffer + (i * 4), data[i]);
798 * Handles requests to an ARM7/9 target. If debug messaging is enabled, the
799 * target is running and the DCC control register has the W bit high, this will
800 * execute the request on the target.
802 * @param priv Void pointer expected to be a struct target pointer
803 * @return ERROR_OK unless there are issues with the JTAG queue or when reading
804 * from the Embedded ICE unit
806 int arm7_9_handle_target_request(void *priv)
808 int retval = ERROR_OK;
809 struct target *target = priv;
810 if (!target_was_examined(target))
812 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
813 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
814 struct reg *dcc_control = &arm7_9->eice_cache->reg_list[EICE_COMMS_CTRL];
816 if (!target->dbg_msg_enabled)
819 if (target->state == TARGET_RUNNING)
821 /* read DCC control register */
822 embeddedice_read_reg(dcc_control);
823 if ((retval = jtag_execute_queue()) != ERROR_OK)
829 if (buf_get_u32(dcc_control->value, 1, 1) == 1)
833 if ((retval = embeddedice_receive(jtag_info, &request, 1)) != ERROR_OK)
837 if ((retval = target_request(target, request)) != ERROR_OK)
848 * Polls an ARM7/9 target for its current status. If DBGACK is set, the target
849 * is manipulated to the right halted state based on its current state. This is
853 * <tr><th > State</th><th > Action</th></tr>
854 * <tr><td > TARGET_RUNNING | TARGET_RESET</td><td > Enters debug mode. If TARGET_RESET, pc may be checked</td></tr>
855 * <tr><td > TARGET_UNKNOWN</td><td > Warning is logged</td></tr>
856 * <tr><td > TARGET_DEBUG_RUNNING</td><td > Enters debug mode</td></tr>
857 * <tr><td > TARGET_HALTED</td><td > Nothing</td></tr>
860 * If the target does not end up in the halted state, a warning is produced. If
861 * DBGACK is cleared, then the target is expected to either be running or
864 * @param target Pointer to the ARM7/9 target to poll
865 * @return ERROR_OK or an error status if a command fails
867 int arm7_9_poll(struct target *target)
870 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
871 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
873 /* read debug status register */
874 embeddedice_read_reg(dbg_stat);
875 if ((retval = jtag_execute_queue()) != ERROR_OK)
880 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1))
882 /* LOG_DEBUG("DBGACK set, dbg_state->value: 0x%x", buf_get_u32(dbg_stat->value, 0, 32));*/
883 if (target->state == TARGET_UNKNOWN)
885 /* Starting OpenOCD with target in debug-halt */
886 target->state = TARGET_RUNNING;
887 LOG_DEBUG("DBGACK already set during server startup.");
889 if ((target->state == TARGET_RUNNING) || (target->state == TARGET_RESET))
892 if (target->state == TARGET_RESET)
894 if (target->reset_halt)
896 enum reset_types jtag_reset_config = jtag_get_reset_config();
897 if ((jtag_reset_config & RESET_SRST_PULLS_TRST) == 0)
904 target->state = TARGET_HALTED;
906 if ((retval = arm7_9_debug_entry(target)) != ERROR_OK)
911 struct reg *reg = register_get_by_name(target->reg_cache, "pc", 1);
912 uint32_t t=*((uint32_t *)reg->value);
915 LOG_ERROR("PC was not 0. Does this target need srst_pulls_trst?");
919 if (arm_semihosting(target, &retval) != 0)
922 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
927 if (target->state == TARGET_DEBUG_RUNNING)
929 target->state = TARGET_HALTED;
930 if ((retval = arm7_9_debug_entry(target)) != ERROR_OK)
933 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED)) != ERROR_OK)
938 if (target->state != TARGET_HALTED)
940 LOG_WARNING("DBGACK set, but the target did not end up in the halted state %d", target->state);
945 if (target->state != TARGET_DEBUG_RUNNING)
946 target->state = TARGET_RUNNING;
953 * Asserts the reset (SRST) on an ARM7/9 target. Some -S targets (ARM966E-S in
954 * the STR912 isn't affected, ARM926EJ-S in the LPC3180 and AT91SAM9260 is
955 * affected) completely stop the JTAG clock while the core is held in reset
956 * (SRST). It isn't possible to program the halt condition once reset is
957 * asserted, hence a hook that allows the target to set up its reset-halt
958 * condition is setup prior to asserting reset.
960 * @param target Pointer to an ARM7/9 target to assert reset on
961 * @return ERROR_FAIL if the JTAG device does not have SRST, otherwise ERROR_OK
963 int arm7_9_assert_reset(struct target *target)
965 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
967 LOG_DEBUG("target->state: %s",
968 target_state_name(target));
970 enum reset_types jtag_reset_config = jtag_get_reset_config();
971 if (!(jtag_reset_config & RESET_HAS_SRST))
973 LOG_ERROR("Can't assert SRST");
977 /* At this point trst has been asserted/deasserted once. We would
978 * like to program EmbeddedICE while SRST is asserted, instead of
979 * depending on SRST to leave that module alone. However, many CPUs
980 * gate the JTAG clock while SRST is asserted; or JTAG may need
981 * clock stability guarantees (adaptive clocking might help).
983 * So we assume JTAG access during SRST is off the menu unless it's
984 * been specifically enabled.
986 bool srst_asserted = false;
988 if (((jtag_reset_config & RESET_SRST_PULLS_TRST) == 0)
989 && (jtag_reset_config & RESET_SRST_NO_GATING))
991 jtag_add_reset(0, 1);
992 srst_asserted = true;
995 if (target->reset_halt)
998 * Some targets do not support communication while SRST is asserted. We need to
999 * set up the reset vector catch here.
1001 * If TRST is asserted, then these settings will be reset anyway, so setting them
1004 if (arm7_9->has_vector_catch)
1006 /* program vector catch register to catch reset vector */
1007 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH], 0x1);
1009 /* extra runtest added as issues were found with certain ARM9 cores (maybe more) - AT91SAM9260 and STR9 */
1010 jtag_add_runtest(1, jtag_get_end_state());
1014 /* program watchpoint unit to match on reset vector address */
1015 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE], 0x0);
1016 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0x3);
1017 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1018 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1019 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1023 /* here we should issue an SRST only, but we may have to assert TRST as well */
1024 if (jtag_reset_config & RESET_SRST_PULLS_TRST)
1026 jtag_add_reset(1, 1);
1027 } else if (!srst_asserted)
1029 jtag_add_reset(0, 1);
1032 target->state = TARGET_RESET;
1033 jtag_add_sleep(50000);
1035 register_cache_invalidate(arm7_9->armv4_5_common.core_cache);
1037 if ((target->reset_halt) && ((jtag_reset_config & RESET_SRST_PULLS_TRST) == 0))
1039 /* debug entry was already prepared in arm7_9_assert_reset() */
1040 target->debug_reason = DBG_REASON_DBGRQ;
1047 * Deassert the reset (SRST) signal on an ARM7/9 target. If SRST pulls TRST
1048 * and the target is being reset into a halt, a warning will be triggered
1049 * because it is not possible to reset into a halted mode in this case. The
1050 * target is halted using the target's functions.
1052 * @param target Pointer to the target to have the reset deasserted
1053 * @return ERROR_OK or an error from polling or halting the target
1055 int arm7_9_deassert_reset(struct target *target)
1057 int retval = ERROR_OK;
1058 LOG_DEBUG("target->state: %s",
1059 target_state_name(target));
1061 /* deassert reset lines */
1062 jtag_add_reset(0, 0);
1064 enum reset_types jtag_reset_config = jtag_get_reset_config();
1065 if (target->reset_halt && (jtag_reset_config & RESET_SRST_PULLS_TRST) != 0)
1067 LOG_WARNING("srst pulls trst - can not reset into halted mode. Issuing halt after reset.");
1068 /* set up embedded ice registers again */
1069 if ((retval = target_examine_one(target)) != ERROR_OK)
1072 if ((retval = target_poll(target)) != ERROR_OK)
1077 if ((retval = target_halt(target)) != ERROR_OK)
1087 * Clears the halt condition for an ARM7/9 target. If it isn't coming out of
1088 * reset and if DBGRQ is used, it is progammed to be deasserted. If the reset
1089 * vector catch was used, it is restored. Otherwise, the control value is
1090 * restored and the watchpoint unit is restored if it was in use.
1092 * @param target Pointer to the ARM7/9 target to have halt cleared
1093 * @return Always ERROR_OK
1095 int arm7_9_clear_halt(struct target *target)
1097 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1098 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1100 /* we used DBGRQ only if we didn't come out of reset */
1101 if (!arm7_9->debug_entry_from_reset && arm7_9->use_dbgrq)
1103 /* program EmbeddedICE Debug Control Register to deassert DBGRQ
1105 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1106 embeddedice_store_reg(dbg_ctrl);
1110 if (arm7_9->debug_entry_from_reset && arm7_9->has_vector_catch)
1112 /* if we came out of reset, and vector catch is supported, we used
1113 * vector catch to enter debug state
1114 * restore the register in that case
1116 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_VEC_CATCH]);
1120 /* restore registers if watchpoint unit 0 was in use
1122 if (arm7_9->wp0_used)
1124 if (arm7_9->debug_entry_from_reset)
1126 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_VALUE]);
1128 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
1129 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
1130 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
1132 /* control value always has to be restored, as it was either disabled,
1133 * or enabled with possibly different bits
1135 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1143 * Issue a software reset and halt to an ARM7/9 target. The target is halted
1144 * and then there is a wait until the processor shows the halt. This wait can
1145 * timeout and results in an error being returned. The software reset involves
1146 * clearing the halt, updating the debug control register, changing to ARM mode,
1147 * reset of the program counter, and reset of all of the registers.
1149 * @param target Pointer to the ARM7/9 target to be reset and halted by software
1150 * @return Error status if any of the commands fail, otherwise ERROR_OK
1152 int arm7_9_soft_reset_halt(struct target *target)
1154 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1155 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1156 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1157 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1161 /* FIX!!! replace some of this code with tcl commands
1163 * halt # the halt command is synchronous
1164 * armv4_5 core_state arm
1168 if ((retval = target_halt(target)) != ERROR_OK)
1171 long long then = timeval_ms();
1173 while (!(timeout = ((timeval_ms()-then) > 1000)))
1175 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) != 0)
1177 embeddedice_read_reg(dbg_stat);
1178 if ((retval = jtag_execute_queue()) != ERROR_OK)
1180 if (debug_level >= 3)
1190 LOG_ERROR("Failed to halt CPU after 1 sec");
1191 return ERROR_TARGET_TIMEOUT;
1193 target->state = TARGET_HALTED;
1195 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1196 * ensure that DBGRQ is cleared
1198 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1199 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1200 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1201 embeddedice_store_reg(dbg_ctrl);
1203 if ((retval = arm7_9_clear_halt(target)) != ERROR_OK)
1208 /* if the target is in Thumb state, change to ARM state */
1209 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1))
1211 uint32_t r0_thumb, pc_thumb;
1212 LOG_DEBUG("target entered debug from Thumb state, changing to ARM");
1213 /* Entered debug from Thumb mode */
1214 armv4_5->core_state = ARM_STATE_THUMB;
1215 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1218 /* REVISIT likewise for bit 5 -- switch Jazelle-to-ARM */
1220 /* all register content is now invalid */
1221 register_cache_invalidate(armv4_5->core_cache);
1223 /* SVC, ARM state, IRQ and FIQ disabled */
1226 cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 32);
1229 arm_set_cpsr(armv4_5, cpsr);
1230 armv4_5->cpsr->dirty = 1;
1232 /* start fetching from 0x0 */
1233 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
1234 armv4_5->core_cache->reg_list[15].dirty = 1;
1235 armv4_5->core_cache->reg_list[15].valid = 1;
1237 /* reset registers */
1238 for (i = 0; i <= 14; i++)
1240 struct reg *r = arm_reg_current(armv4_5, i);
1242 buf_set_u32(r->value, 0, 32, 0xffffffff);
1247 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
1256 * Halt an ARM7/9 target. This is accomplished by either asserting the DBGRQ
1257 * line or by programming a watchpoint to trigger on any address. It is
1258 * considered a bug to call this function while the target is in the
1259 * TARGET_RESET state.
1261 * @param target Pointer to the ARM7/9 target to be halted
1262 * @return Always ERROR_OK
1264 int arm7_9_halt(struct target *target)
1266 if (target->state == TARGET_RESET)
1268 LOG_ERROR("BUG: arm7/9 does not support halt during reset. This is handled in arm7_9_assert_reset()");
1272 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1273 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1275 LOG_DEBUG("target->state: %s",
1276 target_state_name(target));
1278 if (target->state == TARGET_HALTED)
1280 LOG_DEBUG("target was already halted");
1284 if (target->state == TARGET_UNKNOWN)
1286 LOG_WARNING("target was in unknown state when halt was requested");
1289 if (arm7_9->use_dbgrq)
1291 /* program EmbeddedICE Debug Control Register to assert DBGRQ
1293 if (arm7_9->set_special_dbgrq) {
1294 arm7_9->set_special_dbgrq(target);
1296 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 1);
1297 embeddedice_store_reg(dbg_ctrl);
1302 /* program watchpoint unit to match on any address
1304 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1305 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1306 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1307 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1310 target->debug_reason = DBG_REASON_DBGRQ;
1316 * Handle an ARM7/9 target's entry into debug mode. The halt is cleared on the
1317 * ARM. The JTAG queue is then executed and the reason for debug entry is
1318 * examined. Once done, the target is verified to be halted and the processor
1319 * is forced into ARM mode. The core registers are saved for the current core
1320 * mode and the program counter (register 15) is updated as needed. The core
1321 * registers and CPSR and SPSR are saved for restoration later.
1323 * @param target Pointer to target that is entering debug mode
1324 * @return Error code if anything fails, otherwise ERROR_OK
1326 static int arm7_9_debug_entry(struct target *target)
1329 uint32_t context[16];
1330 uint32_t* context_p[16];
1331 uint32_t r0_thumb, pc_thumb;
1332 uint32_t cpsr, cpsr_mask = 0;
1334 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1335 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1336 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
1337 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1339 #ifdef _DEBUG_ARM7_9_
1343 /* program EmbeddedICE Debug Control Register to assert DBGACK and INTDIS
1344 * ensure that DBGRQ is cleared
1346 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
1347 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGRQ, 1, 0);
1348 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 1);
1349 embeddedice_store_reg(dbg_ctrl);
1351 if ((retval = arm7_9_clear_halt(target)) != ERROR_OK)
1356 if ((retval = jtag_execute_queue()) != ERROR_OK)
1361 if ((retval = arm7_9->examine_debug_reason(target)) != ERROR_OK)
1365 if (target->state != TARGET_HALTED)
1367 LOG_WARNING("target not halted");
1368 return ERROR_TARGET_NOT_HALTED;
1371 /* if the target is in Thumb state, change to ARM state */
1372 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_ITBIT, 1))
1374 LOG_DEBUG("target entered debug from Thumb state");
1375 /* Entered debug from Thumb mode */
1376 armv4_5->core_state = ARM_STATE_THUMB;
1378 arm7_9->change_to_arm(target, &r0_thumb, &pc_thumb);
1379 LOG_DEBUG("r0_thumb: 0x%8.8" PRIx32
1380 ", pc_thumb: 0x%8.8" PRIx32, r0_thumb, pc_thumb);
1381 } else if (buf_get_u32(dbg_stat->value, 5, 1)) {
1382 /* \todo Get some vaguely correct handling of Jazelle, if
1383 * anyone ever uses it and full info becomes available.
1384 * See ARM9EJS TRM B.7.1 for how to switch J->ARM; and
1385 * B.7.3 for the reverse. That'd be the bare minimum...
1387 LOG_DEBUG("target entered debug from Jazelle state");
1388 armv4_5->core_state = ARM_STATE_JAZELLE;
1389 cpsr_mask = 1 << 24;
1390 LOG_ERROR("Jazelle debug entry -- BROKEN!");
1392 LOG_DEBUG("target entered debug from ARM state");
1393 /* Entered debug from ARM mode */
1394 armv4_5->core_state = ARM_STATE_ARM;
1397 for (i = 0; i < 16; i++)
1398 context_p[i] = &context[i];
1399 /* save core registers (r0 - r15 of current core mode) */
1400 arm7_9->read_core_regs(target, 0xffff, context_p);
1402 arm7_9->read_xpsr(target, &cpsr, 0);
1404 if ((retval = jtag_execute_queue()) != ERROR_OK)
1407 /* Sync our CPSR copy with J or T bits EICE reported, but
1408 * which we then erased by putting the core into ARM mode.
1410 arm_set_cpsr(armv4_5, cpsr | cpsr_mask);
1412 if (!is_arm_mode(armv4_5->core_mode))
1414 target->state = TARGET_UNKNOWN;
1415 LOG_ERROR("cpsr contains invalid mode value - communication failure");
1416 return ERROR_TARGET_FAILURE;
1419 LOG_DEBUG("target entered debug state in %s mode",
1420 arm_mode_name(armv4_5->core_mode));
1422 if (armv4_5->core_state == ARM_STATE_THUMB)
1424 LOG_DEBUG("thumb state, applying fixups");
1425 context[0] = r0_thumb;
1426 context[15] = pc_thumb;
1427 } else if (armv4_5->core_state == ARM_STATE_ARM)
1429 /* adjust value stored by STM */
1430 context[15] -= 3 * 4;
1433 if ((target->debug_reason != DBG_REASON_DBGRQ) || (!arm7_9->use_dbgrq))
1434 context[15] -= 3 * ((armv4_5->core_state == ARM_STATE_ARM) ? 4 : 2);
1436 context[15] -= arm7_9->dbgreq_adjust_pc * ((armv4_5->core_state == ARM_STATE_ARM) ? 4 : 2);
1438 for (i = 0; i <= 15; i++)
1440 struct reg *r = arm_reg_current(armv4_5, i);
1442 LOG_DEBUG("r%i: 0x%8.8" PRIx32 "", i, context[i]);
1444 buf_set_u32(r->value, 0, 32, context[i]);
1445 /* r0 and r15 (pc) have to be restored later */
1446 r->dirty = (i == 0) || (i == 15);
1450 LOG_DEBUG("entered debug state at PC 0x%" PRIx32 "", context[15]);
1452 /* exceptions other than USR & SYS have a saved program status register */
1453 if (armv4_5->spsr) {
1455 arm7_9->read_xpsr(target, &spsr, 1);
1456 if ((retval = jtag_execute_queue()) != ERROR_OK)
1460 buf_set_u32(armv4_5->spsr->value, 0, 32, spsr);
1461 armv4_5->spsr->dirty = 0;
1462 armv4_5->spsr->valid = 1;
1465 if ((retval = jtag_execute_queue()) != ERROR_OK)
1468 if (arm7_9->post_debug_entry)
1469 arm7_9->post_debug_entry(target);
1475 * Validate the full context for an ARM7/9 target in all processor modes. If
1476 * there are any invalid registers for the target, they will all be read. This
1479 * @param target Pointer to the ARM7/9 target to capture the full context from
1480 * @return Error if the target is not halted, has an invalid core mode, or if
1481 * the JTAG queue fails to execute
1483 int arm7_9_full_context(struct target *target)
1487 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1488 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1492 if (target->state != TARGET_HALTED)
1494 LOG_WARNING("target not halted");
1495 return ERROR_TARGET_NOT_HALTED;
1498 if (!is_arm_mode(armv4_5->core_mode))
1501 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1502 * SYS shares registers with User, so we don't touch SYS
1504 for (i = 0; i < 6; i++)
1507 uint32_t* reg_p[16];
1511 /* check if there are invalid registers in the current mode
1513 for (j = 0; j <= 16; j++)
1515 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1523 /* change processor mode (and mask T bit) */
1524 tmp_cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 8)
1526 tmp_cpsr |= armv4_5_number_to_mode(i);
1528 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1530 for (j = 0; j < 15; j++)
1532 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid == 0)
1534 reg_p[j] = (uint32_t*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).value;
1536 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).valid = 1;
1537 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j).dirty = 0;
1541 /* if only the PSR is invalid, mask is all zeroes */
1543 arm7_9->read_core_regs(target, mask, reg_p);
1545 /* check if the PSR has to be read */
1546 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid == 0)
1548 arm7_9->read_xpsr(target, (uint32_t*)ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).value, 1);
1549 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).valid = 1;
1550 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16).dirty = 0;
1555 /* restore processor mode (mask T bit) */
1556 arm7_9->write_xpsr_im8(target,
1557 buf_get_u32(armv4_5->cpsr->value, 0, 8) & ~0x20,
1560 if ((retval = jtag_execute_queue()) != ERROR_OK)
1568 * Restore the processor context on an ARM7/9 target. The full processor
1569 * context is analyzed to see if any of the registers are dirty on this end, but
1570 * have a valid new value. If this is the case, the processor is changed to the
1571 * appropriate mode and the new register values are written out to the
1572 * processor. If there happens to be a dirty register with an invalid value, an
1573 * error will be logged.
1575 * @param target Pointer to the ARM7/9 target to have its context restored
1576 * @return Error status if the target is not halted or the core mode in the
1577 * armv4_5 struct is invalid.
1579 int arm7_9_restore_context(struct target *target)
1581 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1582 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1584 struct arm_reg *reg_arch_info;
1585 enum arm_mode current_mode = armv4_5->core_mode;
1592 if (target->state != TARGET_HALTED)
1594 LOG_WARNING("target not halted");
1595 return ERROR_TARGET_NOT_HALTED;
1598 if (arm7_9->pre_restore_context)
1599 arm7_9->pre_restore_context(target);
1601 if (!is_arm_mode(armv4_5->core_mode))
1604 /* iterate through processor modes (User, FIQ, IRQ, SVC, ABT, UND)
1605 * SYS shares registers with User, so we don't touch SYS
1607 for (i = 0; i < 6; i++)
1609 LOG_DEBUG("examining %s mode",
1610 arm_mode_name(armv4_5->core_mode));
1613 /* check if there are dirty registers in the current mode
1615 for (j = 0; j <= 16; j++)
1617 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j);
1618 reg_arch_info = reg->arch_info;
1619 if (reg->dirty == 1)
1621 if (reg->valid == 1)
1624 LOG_DEBUG("examining dirty reg: %s", reg->name);
1625 if ((reg_arch_info->mode != ARM_MODE_ANY)
1626 && (reg_arch_info->mode != current_mode)
1627 && !((reg_arch_info->mode == ARM_MODE_USR) && (armv4_5->core_mode == ARM_MODE_SYS))
1628 && !((reg_arch_info->mode == ARM_MODE_SYS) && (armv4_5->core_mode == ARM_MODE_USR)))
1631 LOG_DEBUG("require mode change");
1636 LOG_ERROR("BUG: dirty register '%s', but no valid data", reg->name);
1643 uint32_t mask = 0x0;
1651 /* change processor mode (mask T bit) */
1652 tmp_cpsr = buf_get_u32(armv4_5->cpsr->value,
1654 tmp_cpsr |= armv4_5_number_to_mode(i);
1656 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1657 current_mode = armv4_5_number_to_mode(i);
1660 for (j = 0; j <= 14; j++)
1662 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), j);
1663 reg_arch_info = reg->arch_info;
1666 if (reg->dirty == 1)
1668 regs[j] = buf_get_u32(reg->value, 0, 32);
1673 LOG_DEBUG("writing register %i mode %s "
1674 "with value 0x%8.8" PRIx32, j,
1675 arm_mode_name(armv4_5->core_mode),
1682 arm7_9->write_core_regs(target, mask, regs);
1685 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5_number_to_mode(i), 16);
1686 reg_arch_info = reg->arch_info;
1687 if ((reg->dirty) && (reg_arch_info->mode != ARM_MODE_ANY))
1689 LOG_DEBUG("writing SPSR of mode %i with value 0x%8.8" PRIx32 "", i, buf_get_u32(reg->value, 0, 32));
1690 arm7_9->write_xpsr(target, buf_get_u32(reg->value, 0, 32), 1);
1695 if (!armv4_5->cpsr->dirty && (armv4_5->core_mode != current_mode))
1697 /* restore processor mode (mask T bit) */
1700 tmp_cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 8) & 0xE0;
1701 tmp_cpsr |= armv4_5_number_to_mode(i);
1703 LOG_DEBUG("writing lower 8 bit of cpsr with value 0x%2.2x", (unsigned)(tmp_cpsr));
1704 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
1706 else if (armv4_5->cpsr->dirty)
1708 /* CPSR has been changed, full restore necessary (mask T bit) */
1709 LOG_DEBUG("writing cpsr with value 0x%8.8" PRIx32,
1710 buf_get_u32(armv4_5->cpsr->value, 0, 32));
1711 arm7_9->write_xpsr(target,
1712 buf_get_u32(armv4_5->cpsr->value, 0, 32)
1714 armv4_5->cpsr->dirty = 0;
1715 armv4_5->cpsr->valid = 1;
1719 LOG_DEBUG("writing PC with value 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1720 arm7_9->write_pc(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1721 armv4_5->core_cache->reg_list[15].dirty = 0;
1723 if (arm7_9->post_restore_context)
1724 arm7_9->post_restore_context(target);
1730 * Restart the core of an ARM7/9 target. A RESTART command is sent to the
1731 * instruction register and the JTAG state is set to TAP_IDLE causing a core
1734 * @param target Pointer to the ARM7/9 target to be restarted
1735 * @return Result of executing the JTAG queue
1737 int arm7_9_restart_core(struct target *target)
1739 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1740 struct arm_jtag *jtag_info = &arm7_9->jtag_info;
1742 /* set RESTART instruction */
1743 jtag_set_end_state(TAP_IDLE);
1744 if (arm7_9->need_bypass_before_restart) {
1745 arm7_9->need_bypass_before_restart = 0;
1746 arm_jtag_set_instr(jtag_info, 0xf, NULL);
1748 arm_jtag_set_instr(jtag_info, 0x4, NULL);
1750 jtag_add_runtest(1, jtag_set_end_state(TAP_IDLE));
1751 return jtag_execute_queue();
1755 * Enable the watchpoints on an ARM7/9 target. The target's watchpoints are
1756 * iterated through and are set on the target if they aren't already set.
1758 * @param target Pointer to the ARM7/9 target to enable watchpoints on
1760 void arm7_9_enable_watchpoints(struct target *target)
1762 struct watchpoint *watchpoint = target->watchpoints;
1766 if (watchpoint->set == 0)
1767 arm7_9_set_watchpoint(target, watchpoint);
1768 watchpoint = watchpoint->next;
1773 * Enable the breakpoints on an ARM7/9 target. The target's breakpoints are
1774 * iterated through and are set on the target.
1776 * @param target Pointer to the ARM7/9 target to enable breakpoints on
1778 void arm7_9_enable_breakpoints(struct target *target)
1780 struct breakpoint *breakpoint = target->breakpoints;
1782 /* set any pending breakpoints */
1785 arm7_9_set_breakpoint(target, breakpoint);
1786 breakpoint = breakpoint->next;
1790 int arm7_9_resume(struct target *target, int current, uint32_t address, int handle_breakpoints, int debug_execution)
1792 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1793 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1794 struct breakpoint *breakpoint = target->breakpoints;
1795 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
1796 int err, retval = ERROR_OK;
1800 if (target->state != TARGET_HALTED)
1802 LOG_WARNING("target not halted");
1803 return ERROR_TARGET_NOT_HALTED;
1806 if (!debug_execution)
1808 target_free_all_working_areas(target);
1811 /* current = 1: continue on current pc, otherwise continue at <address> */
1813 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
1815 uint32_t current_pc;
1816 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1818 /* the front-end may request us not to handle breakpoints */
1819 if (handle_breakpoints)
1821 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
1823 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32 " (id: %d)", breakpoint->address, breakpoint->unique_id );
1824 if ((retval = arm7_9_unset_breakpoint(target, breakpoint)) != ERROR_OK)
1829 /* calculate PC of next instruction */
1831 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
1833 uint32_t current_opcode;
1834 target_read_u32(target, current_pc, ¤t_opcode);
1835 LOG_ERROR("Couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
1839 LOG_DEBUG("enable single-step");
1840 arm7_9->enable_single_step(target, next_pc);
1842 target->debug_reason = DBG_REASON_SINGLESTEP;
1844 if ((retval = arm7_9_restore_context(target)) != ERROR_OK)
1849 if (armv4_5->core_state == ARM_STATE_ARM)
1850 arm7_9->branch_resume(target);
1851 else if (armv4_5->core_state == ARM_STATE_THUMB)
1853 arm7_9->branch_resume_thumb(target);
1857 LOG_ERROR("unhandled core state");
1861 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1862 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1863 err = arm7_9_execute_sys_speed(target);
1865 LOG_DEBUG("disable single-step");
1866 arm7_9->disable_single_step(target);
1868 if (err != ERROR_OK)
1870 if ((retval = arm7_9_set_breakpoint(target, breakpoint)) != ERROR_OK)
1874 target->state = TARGET_UNKNOWN;
1878 arm7_9_debug_entry(target);
1879 LOG_DEBUG("new PC after step: 0x%8.8" PRIx32 "", buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32));
1881 LOG_DEBUG("set breakpoint at 0x%8.8" PRIx32 "", breakpoint->address);
1882 if ((retval = arm7_9_set_breakpoint(target, breakpoint)) != ERROR_OK)
1889 /* enable any pending breakpoints and watchpoints */
1890 arm7_9_enable_breakpoints(target);
1891 arm7_9_enable_watchpoints(target);
1893 if ((retval = arm7_9_restore_context(target)) != ERROR_OK)
1898 if (armv4_5->core_state == ARM_STATE_ARM)
1900 arm7_9->branch_resume(target);
1902 else if (armv4_5->core_state == ARM_STATE_THUMB)
1904 arm7_9->branch_resume_thumb(target);
1908 LOG_ERROR("unhandled core state");
1912 /* deassert DBGACK and INTDIS */
1913 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
1914 /* INTDIS only when we really resume, not during debug execution */
1915 if (!debug_execution)
1916 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_INTDIS, 1, 0);
1917 embeddedice_write_reg(dbg_ctrl, buf_get_u32(dbg_ctrl->value, 0, dbg_ctrl->size));
1919 if ((retval = arm7_9_restart_core(target)) != ERROR_OK)
1924 target->debug_reason = DBG_REASON_NOTHALTED;
1926 if (!debug_execution)
1928 /* registers are now invalid */
1929 register_cache_invalidate(armv4_5->core_cache);
1930 target->state = TARGET_RUNNING;
1931 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_RESUMED)) != ERROR_OK)
1938 target->state = TARGET_DEBUG_RUNNING;
1939 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED)) != ERROR_OK)
1945 LOG_DEBUG("target resumed");
1950 void arm7_9_enable_eice_step(struct target *target, uint32_t next_pc)
1952 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1953 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1954 uint32_t current_pc;
1955 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
1957 if (next_pc != current_pc)
1959 /* setup an inverse breakpoint on the current PC
1960 * - comparator 1 matches the current address
1961 * - rangeout from comparator 1 is connected to comparator 0 rangein
1962 * - comparator 0 matches any address, as long as rangein is low */
1963 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1964 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1965 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1966 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], ~(EICE_W_CTRL_RANGE | EICE_W_CTRL_nOPC) & 0xff);
1967 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], current_pc);
1968 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1969 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1970 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], 0x0);
1971 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1975 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK], 0xffffffff);
1976 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK], 0xffffffff);
1977 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE], 0x0);
1978 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK], 0xff);
1979 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE], next_pc);
1980 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK], 0);
1981 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK], 0xffffffff);
1982 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE], EICE_W_CTRL_ENABLE);
1983 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK], ~EICE_W_CTRL_nOPC & 0xff);
1987 void arm7_9_disable_eice_step(struct target *target)
1989 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1991 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_ADDR_MASK]);
1992 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_DATA_MASK]);
1993 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_VALUE]);
1994 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W0_CONTROL_MASK]);
1995 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_VALUE]);
1996 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_ADDR_MASK]);
1997 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_DATA_MASK]);
1998 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_MASK]);
1999 embeddedice_store_reg(&arm7_9->eice_cache->reg_list[EICE_W1_CONTROL_VALUE]);
2002 int arm7_9_step(struct target *target, int current, uint32_t address, int handle_breakpoints)
2004 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2005 struct arm *armv4_5 = &arm7_9->armv4_5_common;
2006 struct breakpoint *breakpoint = NULL;
2009 if (target->state != TARGET_HALTED)
2011 LOG_WARNING("target not halted");
2012 return ERROR_TARGET_NOT_HALTED;
2015 /* current = 1: continue on current pc, otherwise continue at <address> */
2017 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, address);
2019 uint32_t current_pc;
2020 current_pc = buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32);
2022 /* the front-end may request us not to handle breakpoints */
2023 if (handle_breakpoints)
2024 if ((breakpoint = breakpoint_find(target, buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32))))
2025 if ((retval = arm7_9_unset_breakpoint(target, breakpoint)) != ERROR_OK)
2030 target->debug_reason = DBG_REASON_SINGLESTEP;
2032 /* calculate PC of next instruction */
2034 if ((retval = arm_simulate_step(target, &next_pc)) != ERROR_OK)
2036 uint32_t current_opcode;
2037 target_read_u32(target, current_pc, ¤t_opcode);
2038 LOG_ERROR("Couldn't calculate PC of next instruction, current opcode was 0x%8.8" PRIx32 "", current_opcode);
2042 if ((retval = arm7_9_restore_context(target)) != ERROR_OK)
2047 arm7_9->enable_single_step(target, next_pc);
2049 if (armv4_5->core_state == ARM_STATE_ARM)
2051 arm7_9->branch_resume(target);
2053 else if (armv4_5->core_state == ARM_STATE_THUMB)
2055 arm7_9->branch_resume_thumb(target);
2059 LOG_ERROR("unhandled core state");
2063 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_RESUMED)) != ERROR_OK)
2068 err = arm7_9_execute_sys_speed(target);
2069 arm7_9->disable_single_step(target);
2071 /* registers are now invalid */
2072 register_cache_invalidate(armv4_5->core_cache);
2074 if (err != ERROR_OK)
2076 target->state = TARGET_UNKNOWN;
2078 arm7_9_debug_entry(target);
2079 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
2083 LOG_DEBUG("target stepped");
2087 if ((retval = arm7_9_set_breakpoint(target, breakpoint)) != ERROR_OK)
2095 static int arm7_9_read_core_reg(struct target *target, struct reg *r,
2096 int num, enum arm_mode mode)
2098 uint32_t* reg_p[16];
2101 struct arm_reg *areg = r->arch_info;
2102 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2103 struct arm *armv4_5 = &arm7_9->armv4_5_common;
2105 if (!is_arm_mode(armv4_5->core_mode))
2107 if ((num < 0) || (num > 16))
2108 return ERROR_INVALID_ARGUMENTS;
2110 if ((mode != ARM_MODE_ANY)
2111 && (mode != armv4_5->core_mode)
2112 && (areg->mode != ARM_MODE_ANY))
2116 /* change processor mode (mask T bit) */
2117 tmp_cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 8) & 0xE0;
2120 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
2123 if ((num >= 0) && (num <= 15))
2125 /* read a normal core register */
2126 reg_p[num] = &value;
2128 arm7_9->read_core_regs(target, 1 << num, reg_p);
2132 /* read a program status register
2133 * if the register mode is MODE_ANY, we read the cpsr, otherwise a spsr
2135 arm7_9->read_xpsr(target, &value, areg->mode != ARM_MODE_ANY);
2138 if ((retval = jtag_execute_queue()) != ERROR_OK)
2145 buf_set_u32(r->value, 0, 32, value);
2147 if ((mode != ARM_MODE_ANY)
2148 && (mode != armv4_5->core_mode)
2149 && (areg->mode != ARM_MODE_ANY)) {
2150 /* restore processor mode (mask T bit) */
2151 arm7_9->write_xpsr_im8(target,
2152 buf_get_u32(armv4_5->cpsr->value, 0, 8)
2159 static int arm7_9_write_core_reg(struct target *target, struct reg *r,
2160 int num, enum arm_mode mode, uint32_t value)
2163 struct arm_reg *areg = r->arch_info;
2164 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2165 struct arm *armv4_5 = &arm7_9->armv4_5_common;
2167 if (!is_arm_mode(armv4_5->core_mode))
2169 if ((num < 0) || (num > 16))
2170 return ERROR_INVALID_ARGUMENTS;
2172 if ((mode != ARM_MODE_ANY)
2173 && (mode != armv4_5->core_mode)
2174 && (areg->mode != ARM_MODE_ANY)) {
2177 /* change processor mode (mask T bit) */
2178 tmp_cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 8) & 0xE0;
2181 arm7_9->write_xpsr_im8(target, tmp_cpsr & 0xff, 0, 0);
2184 if ((num >= 0) && (num <= 15))
2186 /* write a normal core register */
2189 arm7_9->write_core_regs(target, 1 << num, reg);
2193 /* write a program status register
2194 * if the register mode is MODE_ANY, we write the cpsr, otherwise a spsr
2196 int spsr = (areg->mode != ARM_MODE_ANY);
2198 /* if we're writing the CPSR, mask the T bit */
2202 arm7_9->write_xpsr(target, value, spsr);
2208 if ((mode != ARM_MODE_ANY)
2209 && (mode != armv4_5->core_mode)
2210 && (areg->mode != ARM_MODE_ANY)) {
2211 /* restore processor mode (mask T bit) */
2212 arm7_9->write_xpsr_im8(target,
2213 buf_get_u32(armv4_5->cpsr->value, 0, 8)
2217 return jtag_execute_queue();
2220 int arm7_9_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
2222 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2223 struct arm *armv4_5 = &arm7_9->armv4_5_common;
2225 uint32_t num_accesses = 0;
2226 int thisrun_accesses;
2232 LOG_DEBUG("address: 0x%8.8" PRIx32 ", size: 0x%8.8" PRIx32 ", count: 0x%8.8" PRIx32 "", address, size, count);
2234 if (target->state != TARGET_HALTED)
2236 LOG_WARNING("target not halted");
2237 return ERROR_TARGET_NOT_HALTED;
2240 /* sanitize arguments */
2241 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2242 return ERROR_INVALID_ARGUMENTS;
2244 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2245 return ERROR_TARGET_UNALIGNED_ACCESS;
2247 /* load the base register with the address of the first word */
2249 arm7_9->write_core_regs(target, 0x1, reg);
2256 while (num_accesses < count)
2259 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2260 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2262 if (last_reg <= thisrun_accesses)
2263 last_reg = thisrun_accesses;
2265 arm7_9->load_word_regs(target, reg_list);
2267 /* fast memory reads are only safe when the target is running
2268 * from a sufficiently high clock (32 kHz is usually too slow)
2270 if (arm7_9->fast_memory_access)
2271 retval = arm7_9_execute_fast_sys_speed(target);
2273 retval = arm7_9_execute_sys_speed(target);
2274 if (retval != ERROR_OK)
2277 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 4);
2279 /* advance buffer, count number of accesses */
2280 buffer += thisrun_accesses * 4;
2281 num_accesses += thisrun_accesses;
2283 if ((j++%1024) == 0)
2290 while (num_accesses < count)
2293 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2294 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2296 for (i = 1; i <= thisrun_accesses; i++)
2300 arm7_9->load_hword_reg(target, i);
2301 /* fast memory reads are only safe when the target is running
2302 * from a sufficiently high clock (32 kHz is usually too slow)
2304 if (arm7_9->fast_memory_access)
2305 retval = arm7_9_execute_fast_sys_speed(target);
2307 retval = arm7_9_execute_sys_speed(target);
2308 if (retval != ERROR_OK)
2315 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 2);
2317 /* advance buffer, count number of accesses */
2318 buffer += thisrun_accesses * 2;
2319 num_accesses += thisrun_accesses;
2321 if ((j++%1024) == 0)
2328 while (num_accesses < count)
2331 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2332 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2334 for (i = 1; i <= thisrun_accesses; i++)
2338 arm7_9->load_byte_reg(target, i);
2339 /* fast memory reads are only safe when the target is running
2340 * from a sufficiently high clock (32 kHz is usually too slow)
2342 if (arm7_9->fast_memory_access)
2343 retval = arm7_9_execute_fast_sys_speed(target);
2345 retval = arm7_9_execute_sys_speed(target);
2346 if (retval != ERROR_OK)
2352 arm7_9->read_core_regs_target_buffer(target, reg_list, buffer, 1);
2354 /* advance buffer, count number of accesses */
2355 buffer += thisrun_accesses * 1;
2356 num_accesses += thisrun_accesses;
2358 if ((j++%1024) == 0)
2365 LOG_ERROR("BUG: we shouldn't get here");
2370 if (!is_arm_mode(armv4_5->core_mode))
2373 for (i = 0; i <= last_reg; i++) {
2374 struct reg *r = arm_reg_current(armv4_5, i);
2376 r->dirty = r->valid;
2379 arm7_9->read_xpsr(target, &cpsr, 0);
2380 if ((retval = jtag_execute_queue()) != ERROR_OK)
2382 LOG_ERROR("JTAG error while reading cpsr");
2383 return ERROR_TARGET_DATA_ABORT;
2386 if (((cpsr & 0x1f) == ARM_MODE_ABT) && (armv4_5->core_mode != ARM_MODE_ABT))
2388 LOG_WARNING("memory read caused data abort (address: 0x%8.8" PRIx32 ", size: 0x%" PRIx32 ", count: 0x%" PRIx32 ")", address, size, count);
2390 arm7_9->write_xpsr_im8(target,
2391 buf_get_u32(armv4_5->cpsr->value, 0, 8)
2394 return ERROR_TARGET_DATA_ABORT;
2400 int arm7_9_write_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
2402 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2403 struct arm *armv4_5 = &arm7_9->armv4_5_common;
2404 struct reg *dbg_ctrl = &arm7_9->eice_cache->reg_list[EICE_DBG_CTRL];
2407 uint32_t num_accesses = 0;
2408 int thisrun_accesses;
2414 #ifdef _DEBUG_ARM7_9_
2415 LOG_DEBUG("address: 0x%8.8x, size: 0x%8.8x, count: 0x%8.8x", address, size, count);
2418 if (target->state != TARGET_HALTED)
2420 LOG_WARNING("target not halted");
2421 return ERROR_TARGET_NOT_HALTED;
2424 /* sanitize arguments */
2425 if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
2426 return ERROR_INVALID_ARGUMENTS;
2428 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
2429 return ERROR_TARGET_UNALIGNED_ACCESS;
2431 /* load the base register with the address of the first word */
2433 arm7_9->write_core_regs(target, 0x1, reg);
2435 /* Clear DBGACK, to make sure memory fetches work as expected */
2436 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 0);
2437 embeddedice_store_reg(dbg_ctrl);
2442 while (num_accesses < count)
2445 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2446 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2448 for (i = 1; i <= thisrun_accesses; i++)
2452 reg[i] = target_buffer_get_u32(target, buffer);
2456 arm7_9->write_core_regs(target, reg_list, reg);
2458 arm7_9->store_word_regs(target, reg_list);
2460 /* fast memory writes are only safe when the target is running
2461 * from a sufficiently high clock (32 kHz is usually too slow)
2463 if (arm7_9->fast_memory_access)
2464 retval = arm7_9_execute_fast_sys_speed(target);
2466 retval = arm7_9_execute_sys_speed(target);
2467 if (retval != ERROR_OK)
2472 num_accesses += thisrun_accesses;
2476 while (num_accesses < count)
2479 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2480 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2482 for (i = 1; i <= thisrun_accesses; i++)
2486 reg[i] = target_buffer_get_u16(target, buffer) & 0xffff;
2490 arm7_9->write_core_regs(target, reg_list, reg);
2492 for (i = 1; i <= thisrun_accesses; i++)
2494 arm7_9->store_hword_reg(target, i);
2496 /* fast memory writes are only safe when the target is running
2497 * from a sufficiently high clock (32 kHz is usually too slow)
2499 if (arm7_9->fast_memory_access)
2500 retval = arm7_9_execute_fast_sys_speed(target);
2502 retval = arm7_9_execute_sys_speed(target);
2503 if (retval != ERROR_OK)
2509 num_accesses += thisrun_accesses;
2513 while (num_accesses < count)
2516 thisrun_accesses = ((count - num_accesses) >= 14) ? 14 : (count - num_accesses);
2517 reg_list = (0xffff >> (15 - thisrun_accesses)) & 0xfffe;
2519 for (i = 1; i <= thisrun_accesses; i++)
2523 reg[i] = *buffer++ & 0xff;
2526 arm7_9->write_core_regs(target, reg_list, reg);
2528 for (i = 1; i <= thisrun_accesses; i++)
2530 arm7_9->store_byte_reg(target, i);
2531 /* fast memory writes are only safe when the target is running
2532 * from a sufficiently high clock (32 kHz is usually too slow)
2534 if (arm7_9->fast_memory_access)
2535 retval = arm7_9_execute_fast_sys_speed(target);
2537 retval = arm7_9_execute_sys_speed(target);
2538 if (retval != ERROR_OK)
2545 num_accesses += thisrun_accesses;
2549 LOG_ERROR("BUG: we shouldn't get here");
2555 buf_set_u32(dbg_ctrl->value, EICE_DBG_CONTROL_DBGACK, 1, 1);
2556 embeddedice_store_reg(dbg_ctrl);
2558 if (!is_arm_mode(armv4_5->core_mode))
2561 for (i = 0; i <= last_reg; i++) {
2562 struct reg *r = arm_reg_current(armv4_5, i);
2564 r->dirty = r->valid;
2567 arm7_9->read_xpsr(target, &cpsr, 0);
2568 if ((retval = jtag_execute_queue()) != ERROR_OK)
2570 LOG_ERROR("JTAG error while reading cpsr");
2571 return ERROR_TARGET_DATA_ABORT;
2574 if (((cpsr & 0x1f) == ARM_MODE_ABT) && (armv4_5->core_mode != ARM_MODE_ABT))
2576 LOG_WARNING("memory write caused data abort (address: 0x%8.8" PRIx32 ", size: 0x%" PRIx32 ", count: 0x%" PRIx32 ")", address, size, count);
2578 arm7_9->write_xpsr_im8(target,
2579 buf_get_u32(armv4_5->cpsr->value, 0, 8)
2582 return ERROR_TARGET_DATA_ABORT;
2588 static int dcc_count;
2589 static uint8_t *dcc_buffer;
2591 static int arm7_9_dcc_completion(struct target *target, uint32_t exit_point, int timeout_ms, void *arch_info)
2593 int retval = ERROR_OK;
2594 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2596 if ((retval = target_wait_state(target, TARGET_DEBUG_RUNNING, 500)) != ERROR_OK)
2599 int little = target->endianness == TARGET_LITTLE_ENDIAN;
2600 int count = dcc_count;
2601 uint8_t *buffer = dcc_buffer;
2604 /* Handle first & last using standard embeddedice_write_reg and the middle ones w/the
2605 * core function repeated. */
2606 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2609 struct embeddedice_reg *ice_reg = arm7_9->eice_cache->reg_list[EICE_COMMS_DATA].arch_info;
2610 uint8_t reg_addr = ice_reg->addr & 0x1f;
2611 struct jtag_tap *tap;
2612 tap = ice_reg->jtag_info->tap;
2614 embeddedice_write_dcc(tap, reg_addr, buffer, little, count-2);
2615 buffer += (count-2)*4;
2617 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2621 for (i = 0; i < count; i++)
2623 embeddedice_write_reg(&arm7_9->eice_cache->reg_list[EICE_COMMS_DATA], fast_target_buffer_get_u32(buffer, little));
2628 if ((retval = target_halt(target))!= ERROR_OK)
2632 return target_wait_state(target, TARGET_HALTED, 500);
2635 static const uint32_t dcc_code[] =
2637 /* r0 == input, points to memory buffer
2641 /* spin until DCC control (c0) reports data arrived */
2642 0xee101e10, /* w: mrc p14, #0, r1, c0, c0 */
2643 0xe3110001, /* tst r1, #1 */
2644 0x0afffffc, /* bne w */
2646 /* read word from DCC (c1), write to memory */
2647 0xee111e10, /* mrc p14, #0, r1, c1, c0 */
2648 0xe4801004, /* str r1, [r0], #4 */
2651 0xeafffff9 /* b w */
2654 extern int armv4_5_run_algorithm_inner(struct target *target,
2655 int num_mem_params, struct mem_param *mem_params,
2656 int num_reg_params, struct reg_param *reg_params,
2657 uint32_t entry_point, uint32_t exit_point,
2658 int timeout_ms, void *arch_info,
2659 int (*run_it)(struct target *target, uint32_t exit_point,
2660 int timeout_ms, void *arch_info));
2662 int arm7_9_bulk_write_memory(struct target *target, uint32_t address, uint32_t count, uint8_t *buffer)
2665 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2668 if (!arm7_9->dcc_downloads)
2669 return target_write_memory(target, address, 4, count, buffer);
2671 /* regrab previously allocated working_area, or allocate a new one */
2672 if (!arm7_9->dcc_working_area)
2674 uint8_t dcc_code_buf[6 * 4];
2676 /* make sure we have a working area */
2677 if (target_alloc_working_area(target, 24, &arm7_9->dcc_working_area) != ERROR_OK)
2679 LOG_INFO("no working area available, falling back to memory writes");
2680 return target_write_memory(target, address, 4, count, buffer);
2683 /* copy target instructions to target endianness */
2684 for (i = 0; i < 6; i++)
2686 target_buffer_set_u32(target, dcc_code_buf + i*4, dcc_code[i]);
2689 /* write DCC code to working area */
2690 if ((retval = target_write_memory(target, arm7_9->dcc_working_area->address, 4, 6, dcc_code_buf)) != ERROR_OK)
2696 struct armv4_5_algorithm armv4_5_info;
2697 struct reg_param reg_params[1];
2699 armv4_5_info.common_magic = ARM_COMMON_MAGIC;
2700 armv4_5_info.core_mode = ARM_MODE_SVC;
2701 armv4_5_info.core_state = ARM_STATE_ARM;
2703 init_reg_param(®_params[0], "r0", 32, PARAM_IN_OUT);
2705 buf_set_u32(reg_params[0].value, 0, 32, address);
2708 dcc_buffer = buffer;
2709 retval = armv4_5_run_algorithm_inner(target, 0, NULL, 1, reg_params,
2710 arm7_9->dcc_working_area->address,
2711 arm7_9->dcc_working_area->address + 6*4,
2712 20*1000, &armv4_5_info, arm7_9_dcc_completion);
2714 if (retval == ERROR_OK)
2716 uint32_t endaddress = buf_get_u32(reg_params[0].value, 0, 32);
2717 if (endaddress != (address + count*4))
2719 LOG_ERROR("DCC write failed, expected end address 0x%08" PRIx32 " got 0x%0" PRIx32 "", (address + count*4), endaddress);
2720 retval = ERROR_FAIL;
2724 destroy_reg_param(®_params[0]);
2730 * Perform per-target setup that requires JTAG access.
2732 int arm7_9_examine(struct target *target)
2734 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2737 if (!target_was_examined(target)) {
2738 struct reg_cache *t, **cache_p;
2740 t = embeddedice_build_reg_cache(target, arm7_9);
2744 cache_p = register_get_last_cache_p(&target->reg_cache);
2746 arm7_9->eice_cache = (*cache_p);
2748 if (arm7_9->armv4_5_common.etm)
2749 (*cache_p)->next = etm_build_reg_cache(target,
2751 arm7_9->armv4_5_common.etm);
2753 target_set_examined(target);
2756 retval = embeddedice_setup(target);
2757 if (retval == ERROR_OK)
2758 retval = arm7_9_setup(target);
2759 if (retval == ERROR_OK && arm7_9->armv4_5_common.etm)
2760 retval = etm_setup(target);
2764 COMMAND_HANDLER(handle_arm7_9_dbgrq_command)
2766 struct target *target = get_current_target(CMD_CTX);
2767 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2769 if (!is_arm7_9(arm7_9))
2771 command_print(CMD_CTX, "current target isn't an ARM7/ARM9 target");
2772 return ERROR_TARGET_INVALID;
2776 COMMAND_PARSE_ENABLE(CMD_ARGV[0],arm7_9->use_dbgrq);
2778 command_print(CMD_CTX, "use of EmbeddedICE dbgrq instead of breakpoint for target halt %s", (arm7_9->use_dbgrq) ? "enabled" : "disabled");
2783 COMMAND_HANDLER(handle_arm7_9_fast_memory_access_command)
2785 struct target *target = get_current_target(CMD_CTX);
2786 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2788 if (!is_arm7_9(arm7_9))
2790 command_print(CMD_CTX, "current target isn't an ARM7/ARM9 target");
2791 return ERROR_TARGET_INVALID;
2795 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm7_9->fast_memory_access);
2797 command_print(CMD_CTX, "fast memory access is %s", (arm7_9->fast_memory_access) ? "enabled" : "disabled");
2802 COMMAND_HANDLER(handle_arm7_9_dcc_downloads_command)
2804 struct target *target = get_current_target(CMD_CTX);
2805 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2807 if (!is_arm7_9(arm7_9))
2809 command_print(CMD_CTX, "current target isn't an ARM7/ARM9 target");
2810 return ERROR_TARGET_INVALID;
2814 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm7_9->dcc_downloads);
2816 command_print(CMD_CTX, "dcc downloads are %s", (arm7_9->dcc_downloads) ? "enabled" : "disabled");
2821 COMMAND_HANDLER(handle_arm7_9_semihosting_command)
2823 struct target *target = get_current_target(CMD_CTX);
2824 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
2826 if (!is_arm7_9(arm7_9))
2828 command_print(CMD_CTX, "current target isn't an ARM7/ARM9 target");
2829 return ERROR_TARGET_INVALID;
2836 COMMAND_PARSE_ENABLE(CMD_ARGV[0], semihosting);
2838 /* TODO: support other methods if vector catch is unavailable */
2839 if (arm7_9->has_vector_catch) {
2840 struct reg *vector_catch = &arm7_9->eice_cache
2841 ->reg_list[EICE_VEC_CATCH];
2843 if (!vector_catch->valid)
2844 embeddedice_read_reg(vector_catch);
2845 buf_set_u32(vector_catch->value, 2, 1, semihosting);
2846 embeddedice_store_reg(vector_catch);
2848 /* FIXME never let that "catch" be dropped! */
2850 arm7_9->armv4_5_common.is_semihosting = semihosting;
2852 } else if (semihosting) {
2853 command_print(CMD_CTX, "vector catch unavailable");
2857 command_print(CMD_CTX, "semihosting is %s",
2858 arm7_9->armv4_5_common.is_semihosting
2859 ? "enabled" : "disabled");
2864 int arm7_9_init_arch_info(struct target *target, struct arm7_9_common *arm7_9)
2866 int retval = ERROR_OK;
2867 struct arm *armv4_5 = &arm7_9->armv4_5_common;
2869 arm7_9->common_magic = ARM7_9_COMMON_MAGIC;
2871 if ((retval = arm_jtag_setup_connection(&arm7_9->jtag_info)) != ERROR_OK)
2874 /* caller must have allocated via calloc(), so everything's zeroed */
2876 arm7_9->wp_available_max = 2;
2878 arm7_9->fast_memory_access = false;
2879 arm7_9->dcc_downloads = false;
2881 armv4_5->arch_info = arm7_9;
2882 armv4_5->read_core_reg = arm7_9_read_core_reg;
2883 armv4_5->write_core_reg = arm7_9_write_core_reg;
2884 armv4_5->full_context = arm7_9_full_context;
2886 if ((retval = armv4_5_init_arch_info(target, armv4_5)) != ERROR_OK)
2889 return target_register_timer_callback(arm7_9_handle_target_request,
2893 static const struct command_registration arm7_9_any_command_handlers[] = {
2896 .handler = &handle_arm7_9_dbgrq_command,
2897 .mode = COMMAND_ANY,
2898 .usage = "<enable|disable>",
2899 .help = "use EmbeddedICE dbgrq instead of breakpoint "
2900 "for target halt requests",
2903 "fast_memory_access",
2904 .handler = &handle_arm7_9_fast_memory_access_command,
2905 .mode = COMMAND_ANY,
2906 .usage = "<enable|disable>",
2907 .help = "use fast memory accesses instead of slower "
2908 "but potentially safer accesses",
2912 .handler = &handle_arm7_9_dcc_downloads_command,
2913 .mode = COMMAND_ANY,
2914 .usage = "<enable | disable>",
2915 .help = "use DCC downloads for larger memory writes",
2919 .handler = &handle_arm7_9_semihosting_command,
2920 .mode = COMMAND_EXEC,
2921 .usage = "<enable | disable>",
2922 .help = "activate support for semihosting operations",
2924 COMMAND_REGISTRATION_DONE
2926 const struct command_registration arm7_9_command_handlers[] = {
2928 .chain = arm_command_handlers,
2931 .chain = etm_command_handlers,
2935 .mode = COMMAND_ANY,
2936 .help = "arm7/9 specific commands",
2937 .chain = arm7_9_any_command_handlers,
2939 COMMAND_REGISTRATION_DONE
projects / fw / openocd / blob