2 * Support for RISC-V, debug version 0.13, which is currently (2/4/17) the
14 #include "target/target.h"
15 #include "target/algorithm.h"
16 #include "target/target_type.h"
18 #include "jtag/jtag.h"
19 #include "target/register.h"
20 #include "target/breakpoints.h"
21 #include "helper/time_support.h"
22 #include "helper/list.h"
24 #include "debug_defines.h"
25 #include "rtos/rtos.h"
30 #define DMI_DATA1 (DMI_DATA0 + 1)
31 #define DMI_PROGBUF1 (DMI_PROGBUF0 + 1)
33 static int riscv013_on_step_or_resume(struct target *target, bool step);
34 static int riscv013_step_or_resume_current_hart(struct target *target, bool step);
35 static void riscv013_clear_abstract_error(struct target *target);
37 /* Implementations of the functions in riscv_info_t. */
38 static int riscv013_get_register(struct target *target,
39 riscv_reg_t *value, int hid, int rid);
40 static int riscv013_set_register(struct target *target, int hartid, int regid, uint64_t value);
41 static int riscv013_select_current_hart(struct target *target);
42 static int riscv013_halt_current_hart(struct target *target);
43 static int riscv013_resume_current_hart(struct target *target);
44 static int riscv013_step_current_hart(struct target *target);
45 static int riscv013_on_halt(struct target *target);
46 static int riscv013_on_step(struct target *target);
47 static int riscv013_on_resume(struct target *target);
48 static bool riscv013_is_halted(struct target *target);
49 static enum riscv_halt_reason riscv013_halt_reason(struct target *target);
50 static int riscv013_write_debug_buffer(struct target *target, unsigned index,
52 static riscv_insn_t riscv013_read_debug_buffer(struct target *target, unsigned
54 static int riscv013_execute_debug_buffer(struct target *target);
55 static void riscv013_fill_dmi_write_u64(struct target *target, char *buf, int a, uint64_t d);
56 static void riscv013_fill_dmi_read_u64(struct target *target, char *buf, int a);
57 static int riscv013_dmi_write_u64_bits(struct target *target);
58 static void riscv013_fill_dmi_nop_u64(struct target *target, char *buf);
59 static int register_read(struct target *target, uint64_t *value, uint32_t number);
60 static int register_read_direct(struct target *target, uint64_t *value, uint32_t number);
61 static int register_write_direct(struct target *target, unsigned number,
63 static int read_memory(struct target *target, target_addr_t address,
64 uint32_t size, uint32_t count, uint8_t *buffer);
65 static int write_memory(struct target *target, target_addr_t address,
66 uint32_t size, uint32_t count, const uint8_t *buffer);
67 static int riscv013_test_sba_config_reg(struct target *target, target_addr_t legal_address,
68 uint32_t num_words, target_addr_t illegal_address, bool run_sbbusyerror_test);
69 void write_memory_sba_simple(struct target *target, target_addr_t addr, uint32_t *write_data,
70 uint32_t write_size, uint32_t sbcs);
71 void read_memory_sba_simple(struct target *target, target_addr_t addr,
72 uint32_t *rd_buf, uint32_t read_size, uint32_t sbcs);
73 static int riscv013_test_compliance(struct target *target);
76 * Since almost everything can be accomplish by scanning the dbus register, all
77 * functions here assume dbus is already selected. The exception are functions
78 * called directly by OpenOCD, which can't assume anything about what's
79 * currently in IR. They should set IR to dbus explicitly.
82 #define get_field(reg, mask) (((reg) & (mask)) / ((mask) & ~((mask) << 1)))
83 #define set_field(reg, mask, val) (((reg) & ~(mask)) | (((val) * ((mask) & ~((mask) << 1))) & (mask)))
85 #define DIM(x) (sizeof(x)/sizeof(*x))
87 #define CSR_DCSR_CAUSE_SWBP 1
88 #define CSR_DCSR_CAUSE_TRIGGER 2
89 #define CSR_DCSR_CAUSE_DEBUGINT 3
90 #define CSR_DCSR_CAUSE_STEP 4
91 #define CSR_DCSR_CAUSE_HALT 5
93 #define RISCV013_INFO(r) riscv013_info_t *r = get_info(target)
95 /*** JTAG registers. ***/
103 DMI_STATUS_SUCCESS = 0,
104 DMI_STATUS_FAILED = 2,
120 /*** Debug Bus registers. ***/
122 #define CMDERR_NONE 0
123 #define CMDERR_BUSY 1
124 #define CMDERR_NOT_SUPPORTED 2
125 #define CMDERR_EXCEPTION 3
126 #define CMDERR_HALT_RESUME 4
127 #define CMDERR_OTHER 7
129 /*** Info about the core being debugged. ***/
136 bool read, write, execute;
147 struct list_head list;
148 int abs_chain_position;
149 /* Indicates we already reset this DM, so don't need to do it again. */
151 /* Targets that are connected to this DM. */
152 struct list_head target_list;
153 /* The currently selected hartid on this DM. */
158 struct list_head list;
159 struct target *target;
163 /* Number of address bits in the dbus register. */
165 /* Number of abstract command data registers. */
167 /* Number of words in the Program Buffer. */
168 unsigned progbufsize;
170 /* We cache the read-only bits of sbcs here. */
173 yes_no_maybe_t progbuf_writable;
174 /* We only need the address so that we know the alignment of the buffer. */
175 riscv_addr_t progbuf_address;
177 /* Number of run-test/idle cycles the target requests we do after each dbus
179 unsigned int dtmcs_idle;
181 /* This value is incremented every time a dbus access comes back as "busy".
182 * It's used to determine how many run-test/idle cycles to feed the target
183 * in between accesses. */
184 unsigned int dmi_busy_delay;
186 /* Number of run-test/idle cycles to add between consecutive bus master
187 * reads/writes respectively. */
188 unsigned int bus_master_write_delay, bus_master_read_delay;
190 /* This value is increased every time we tried to execute two commands
191 * consecutively, and the second one failed because the previous hadn't
192 * completed yet. It's used to add extra run-test/idle cycles after
193 * starting a command, so we don't have to waste time checking for busy to
195 unsigned int ac_busy_delay;
197 bool abstract_read_csr_supported;
198 bool abstract_write_csr_supported;
199 bool abstract_read_fpr_supported;
200 bool abstract_write_fpr_supported;
202 /* When a function returns some error due to a failure indicated by the
203 * target in cmderr, the caller can look here to see what that error was.
204 * (Compare with errno.) */
207 /* Some fields from hartinfo. */
212 /* The width of the hartsel field. */
215 /* DM that provides access to this target. */
221 static riscv013_info_t *get_info(const struct target *target)
223 riscv_info_t *info = (riscv_info_t *) target->arch_info;
224 return (riscv013_info_t *) info->version_specific;
228 * Return the DM structure for this target. If there isn't one, find it in the
229 * global list of DMs. If it's not in there, then create one and initialize it
232 static dm013_info_t *get_dm(struct target *target)
238 int abs_chain_position = target->tap->abs_chain_position;
241 dm013_info_t *dm = NULL;
242 list_for_each_entry(entry, &dm_list, list) {
243 if (entry->abs_chain_position == abs_chain_position) {
250 dm = calloc(1, sizeof(dm013_info_t));
251 dm->abs_chain_position = abs_chain_position;
252 dm->current_hartid = -1;
253 INIT_LIST_HEAD(&dm->target_list);
254 list_add(&dm->list, &dm_list);
258 target_list_t *target_entry;
259 list_for_each_entry(target_entry, &dm->target_list, list) {
260 if (target_entry->target == target)
263 target_entry = calloc(1, sizeof(*target_entry));
264 target_entry->target = target;
265 list_add(&target_entry->list, &dm->target_list);
270 static uint32_t set_hartsel(uint32_t initial, uint32_t index)
272 initial &= ~DMI_DMCONTROL_HARTSELLO;
273 initial &= ~DMI_DMCONTROL_HARTSELHI;
275 uint32_t index_lo = index & ((1 << DMI_DMCONTROL_HARTSELLO_LENGTH) - 1);
276 initial |= index_lo << DMI_DMCONTROL_HARTSELLO_OFFSET;
277 uint32_t index_hi = index >> DMI_DMCONTROL_HARTSELLO_LENGTH;
278 assert(index_hi < 1 << DMI_DMCONTROL_HARTSELHI_LENGTH);
279 initial |= index_hi << DMI_DMCONTROL_HARTSELHI_OFFSET;
284 static void decode_dmi(char *text, unsigned address, unsigned data)
286 static const struct {
291 { DMI_DMCONTROL, DMI_DMCONTROL_HALTREQ, "haltreq" },
292 { DMI_DMCONTROL, DMI_DMCONTROL_RESUMEREQ, "resumereq" },
293 { DMI_DMCONTROL, DMI_DMCONTROL_HARTRESET, "hartreset" },
294 { DMI_DMCONTROL, DMI_DMCONTROL_HASEL, "hasel" },
295 { DMI_DMCONTROL, DMI_DMCONTROL_HARTSELHI, "hartselhi" },
296 { DMI_DMCONTROL, DMI_DMCONTROL_HARTSELLO, "hartsello" },
297 { DMI_DMCONTROL, DMI_DMCONTROL_NDMRESET, "ndmreset" },
298 { DMI_DMCONTROL, DMI_DMCONTROL_DMACTIVE, "dmactive" },
299 { DMI_DMCONTROL, DMI_DMCONTROL_ACKHAVERESET, "ackhavereset" },
301 { DMI_DMSTATUS, DMI_DMSTATUS_IMPEBREAK, "impebreak" },
302 { DMI_DMSTATUS, DMI_DMSTATUS_ALLHAVERESET, "allhavereset" },
303 { DMI_DMSTATUS, DMI_DMSTATUS_ANYHAVERESET, "anyhavereset" },
304 { DMI_DMSTATUS, DMI_DMSTATUS_ALLRESUMEACK, "allresumeack" },
305 { DMI_DMSTATUS, DMI_DMSTATUS_ANYRESUMEACK, "anyresumeack" },
306 { DMI_DMSTATUS, DMI_DMSTATUS_ALLNONEXISTENT, "allnonexistent" },
307 { DMI_DMSTATUS, DMI_DMSTATUS_ANYNONEXISTENT, "anynonexistent" },
308 { DMI_DMSTATUS, DMI_DMSTATUS_ALLUNAVAIL, "allunavail" },
309 { DMI_DMSTATUS, DMI_DMSTATUS_ANYUNAVAIL, "anyunavail" },
310 { DMI_DMSTATUS, DMI_DMSTATUS_ALLRUNNING, "allrunning" },
311 { DMI_DMSTATUS, DMI_DMSTATUS_ANYRUNNING, "anyrunning" },
312 { DMI_DMSTATUS, DMI_DMSTATUS_ALLHALTED, "allhalted" },
313 { DMI_DMSTATUS, DMI_DMSTATUS_ANYHALTED, "anyhalted" },
314 { DMI_DMSTATUS, DMI_DMSTATUS_AUTHENTICATED, "authenticated" },
315 { DMI_DMSTATUS, DMI_DMSTATUS_AUTHBUSY, "authbusy" },
316 { DMI_DMSTATUS, DMI_DMSTATUS_DEVTREEVALID, "devtreevalid" },
317 { DMI_DMSTATUS, DMI_DMSTATUS_VERSION, "version" },
319 { DMI_ABSTRACTCS, DMI_ABSTRACTCS_PROGBUFSIZE, "progbufsize" },
320 { DMI_ABSTRACTCS, DMI_ABSTRACTCS_BUSY, "busy" },
321 { DMI_ABSTRACTCS, DMI_ABSTRACTCS_CMDERR, "cmderr" },
322 { DMI_ABSTRACTCS, DMI_ABSTRACTCS_DATACOUNT, "datacount" },
324 { DMI_COMMAND, DMI_COMMAND_CMDTYPE, "cmdtype" },
326 { DMI_SBCS, DMI_SBCS_SBREADONADDR, "sbreadonaddr" },
327 { DMI_SBCS, DMI_SBCS_SBACCESS, "sbaccess" },
328 { DMI_SBCS, DMI_SBCS_SBAUTOINCREMENT, "sbautoincrement" },
329 { DMI_SBCS, DMI_SBCS_SBREADONDATA, "sbreadondata" },
330 { DMI_SBCS, DMI_SBCS_SBERROR, "sberror" },
331 { DMI_SBCS, DMI_SBCS_SBASIZE, "sbasize" },
332 { DMI_SBCS, DMI_SBCS_SBACCESS128, "sbaccess128" },
333 { DMI_SBCS, DMI_SBCS_SBACCESS64, "sbaccess64" },
334 { DMI_SBCS, DMI_SBCS_SBACCESS32, "sbaccess32" },
335 { DMI_SBCS, DMI_SBCS_SBACCESS16, "sbaccess16" },
336 { DMI_SBCS, DMI_SBCS_SBACCESS8, "sbaccess8" },
340 for (unsigned i = 0; i < DIM(description); i++) {
341 if (description[i].address == address) {
342 uint64_t mask = description[i].mask;
343 unsigned value = get_field(data, mask);
347 if (mask & (mask >> 1)) {
348 /* If the field is more than 1 bit wide. */
349 sprintf(text, "%s=%d", description[i].name, value);
351 strcpy(text, description[i].name);
353 text += strlen(text);
359 static void dump_field(int idle, const struct scan_field *field)
361 static const char * const op_string[] = {"-", "r", "w", "?"};
362 static const char * const status_string[] = {"+", "?", "F", "b"};
364 if (debug_level < LOG_LVL_DEBUG)
367 uint64_t out = buf_get_u64(field->out_value, 0, field->num_bits);
368 unsigned int out_op = get_field(out, DTM_DMI_OP);
369 unsigned int out_data = get_field(out, DTM_DMI_DATA);
370 unsigned int out_address = out >> DTM_DMI_ADDRESS_OFFSET;
372 uint64_t in = buf_get_u64(field->in_value, 0, field->num_bits);
373 unsigned int in_op = get_field(in, DTM_DMI_OP);
374 unsigned int in_data = get_field(in, DTM_DMI_DATA);
375 unsigned int in_address = in >> DTM_DMI_ADDRESS_OFFSET;
377 log_printf_lf(LOG_LVL_DEBUG,
378 __FILE__, __LINE__, "scan",
379 "%db %di %s %08x @%02x -> %s %08x @%02x",
380 field->num_bits, idle,
381 op_string[out_op], out_data, out_address,
382 status_string[in_op], in_data, in_address);
386 decode_dmi(out_text, out_address, out_data);
387 decode_dmi(in_text, in_address, in_data);
388 if (in_text[0] || out_text[0]) {
389 log_printf_lf(LOG_LVL_DEBUG, __FILE__, __LINE__, "scan", "%s -> %s",
394 /*** Utility functions. ***/
396 static void select_dmi(struct target *target)
398 jtag_add_ir_scan(target->tap, &select_dbus, TAP_IDLE);
401 static uint32_t dtmcontrol_scan(struct target *target, uint32_t out)
403 struct scan_field field;
405 uint8_t out_value[4] = { 0 };
407 buf_set_u32(out_value, 0, 32, out);
409 jtag_add_ir_scan(target->tap, &select_dtmcontrol, TAP_IDLE);
412 field.out_value = out_value;
413 field.in_value = in_value;
414 jtag_add_dr_scan(target->tap, 1, &field, TAP_IDLE);
416 /* Always return to dmi. */
419 int retval = jtag_execute_queue();
420 if (retval != ERROR_OK) {
421 LOG_ERROR("failed jtag scan: %d", retval);
425 uint32_t in = buf_get_u32(field.in_value, 0, 32);
426 LOG_DEBUG("DTMCS: 0x%x -> 0x%x", out, in);
431 static void increase_dmi_busy_delay(struct target *target)
433 riscv013_info_t *info = get_info(target);
434 info->dmi_busy_delay += info->dmi_busy_delay / 10 + 1;
435 LOG_DEBUG("dtmcs_idle=%d, dmi_busy_delay=%d, ac_busy_delay=%d",
436 info->dtmcs_idle, info->dmi_busy_delay,
437 info->ac_busy_delay);
439 dtmcontrol_scan(target, DTM_DTMCS_DMIRESET);
443 * exec: If this is set, assume the scan results in an execution, so more
444 * run-test/idle cycles may be required.
446 static dmi_status_t dmi_scan(struct target *target, uint32_t *address_in,
447 uint32_t *data_in, dmi_op_t op, uint32_t address_out, uint32_t data_out,
450 riscv013_info_t *info = get_info(target);
452 unsigned num_bits = info->abits + DTM_DMI_OP_LENGTH + DTM_DMI_DATA_LENGTH;
453 size_t num_bytes = (num_bits + 7) / 8;
454 uint8_t in[num_bytes];
455 uint8_t out[num_bytes];
456 struct scan_field field = {
457 .num_bits = num_bits,
462 if (r->reset_delays_wait >= 0) {
463 r->reset_delays_wait--;
464 if (r->reset_delays_wait < 0) {
465 info->dmi_busy_delay = 0;
466 info->ac_busy_delay = 0;
470 memset(in, 0, num_bytes);
471 memset(out, 0, num_bytes);
473 assert(info->abits != 0);
475 buf_set_u32(out, DTM_DMI_OP_OFFSET, DTM_DMI_OP_LENGTH, op);
476 buf_set_u32(out, DTM_DMI_DATA_OFFSET, DTM_DMI_DATA_LENGTH, data_out);
477 buf_set_u32(out, DTM_DMI_ADDRESS_OFFSET, info->abits, address_out);
479 /* Assume dbus is already selected. */
480 jtag_add_dr_scan(target->tap, 1, &field, TAP_IDLE);
482 int idle_count = info->dmi_busy_delay;
484 idle_count += info->ac_busy_delay;
487 jtag_add_runtest(idle_count, TAP_IDLE);
489 int retval = jtag_execute_queue();
490 if (retval != ERROR_OK) {
491 LOG_ERROR("dmi_scan failed jtag scan");
492 return DMI_STATUS_FAILED;
496 *data_in = buf_get_u32(in, DTM_DMI_DATA_OFFSET, DTM_DMI_DATA_LENGTH);
499 *address_in = buf_get_u32(in, DTM_DMI_ADDRESS_OFFSET, info->abits);
501 dump_field(idle_count, &field);
503 return buf_get_u32(in, DTM_DMI_OP_OFFSET, DTM_DMI_OP_LENGTH);
506 /* If dmi_busy_encountered is non-NULL, this function will use it to tell the
507 * caller whether DMI was ever busy during this call. */
508 static int dmi_op_timeout(struct target *target, uint32_t *data_in,
509 bool *dmi_busy_encountered, int dmi_op, uint32_t address,
510 uint32_t data_out, int timeout_sec, bool exec)
517 if (dmi_busy_encountered)
518 *dmi_busy_encountered = false;
532 LOG_ERROR("Invalid DMI operation: %d", dmi_op);
536 time_t start = time(NULL);
537 /* This first loop performs the request. Note that if for some reason this
538 * stays busy, it is actually due to the previous access. */
540 status = dmi_scan(target, NULL, NULL, dmi_op, address, data_out,
542 if (status == DMI_STATUS_BUSY) {
543 increase_dmi_busy_delay(target);
544 if (dmi_busy_encountered)
545 *dmi_busy_encountered = true;
546 } else if (status == DMI_STATUS_SUCCESS) {
549 LOG_ERROR("failed %s at 0x%x, status=%d", op_name, address, status);
552 if (time(NULL) - start > timeout_sec)
553 return ERROR_TIMEOUT_REACHED;
556 if (status != DMI_STATUS_SUCCESS) {
557 LOG_ERROR("Failed %s at 0x%x; status=%d", op_name, address, status);
561 /* This second loop ensures the request succeeded, and gets back data.
562 * Note that NOP can result in a 'busy' result as well, but that would be
563 * noticed on the next DMI access we do. */
565 status = dmi_scan(target, &address_in, data_in, DMI_OP_NOP, address, 0,
567 if (status == DMI_STATUS_BUSY) {
568 increase_dmi_busy_delay(target);
569 } else if (status == DMI_STATUS_SUCCESS) {
572 LOG_ERROR("failed %s (NOP) at 0x%x, status=%d", op_name, address,
576 if (time(NULL) - start > timeout_sec)
577 return ERROR_TIMEOUT_REACHED;
580 if (status != DMI_STATUS_SUCCESS) {
581 if (status == DMI_STATUS_FAILED || !data_in) {
582 LOG_ERROR("Failed %s (NOP) at 0x%x; status=%d", op_name, address,
585 LOG_ERROR("Failed %s (NOP) at 0x%x; value=0x%x, status=%d",
586 op_name, address, *data_in, status);
594 static int dmi_op(struct target *target, uint32_t *data_in,
595 bool *dmi_busy_encountered, int dmi_op, uint32_t address,
596 uint32_t data_out, bool exec)
598 int result = dmi_op_timeout(target, data_in, dmi_busy_encountered, dmi_op,
599 address, data_out, riscv_command_timeout_sec, exec);
600 if (result == ERROR_TIMEOUT_REACHED) {
601 LOG_ERROR("DMI operation didn't complete in %d seconds. The target is "
602 "either really slow or broken. You could increase the "
603 "timeout with riscv set_command_timeout_sec.",
604 riscv_command_timeout_sec);
610 static int dmi_read(struct target *target, uint32_t *value, uint32_t address)
612 return dmi_op(target, value, NULL, DMI_OP_READ, address, 0, false);
615 static int dmi_read_exec(struct target *target, uint32_t *value, uint32_t address)
617 return dmi_op(target, value, NULL, DMI_OP_READ, address, 0, true);
620 static int dmi_write(struct target *target, uint32_t address, uint32_t value)
622 return dmi_op(target, NULL, NULL, DMI_OP_WRITE, address, value, false);
625 static int dmi_write_exec(struct target *target, uint32_t address, uint32_t value)
627 return dmi_op(target, NULL, NULL, DMI_OP_WRITE, address, value, true);
630 int dmstatus_read_timeout(struct target *target, uint32_t *dmstatus,
631 bool authenticated, unsigned timeout_sec)
633 int result = dmi_op_timeout(target, dmstatus, NULL, DMI_OP_READ,
634 DMI_DMSTATUS, 0, timeout_sec, false);
635 if (result != ERROR_OK)
637 if (authenticated && !get_field(*dmstatus, DMI_DMSTATUS_AUTHENTICATED)) {
638 LOG_ERROR("Debugger is not authenticated to target Debug Module. "
639 "(dmstatus=0x%x). Use `riscv authdata_read` and "
640 "`riscv authdata_write` commands to authenticate.", *dmstatus);
646 int dmstatus_read(struct target *target, uint32_t *dmstatus,
649 return dmstatus_read_timeout(target, dmstatus, authenticated,
650 riscv_command_timeout_sec);
653 static void increase_ac_busy_delay(struct target *target)
655 riscv013_info_t *info = get_info(target);
656 info->ac_busy_delay += info->ac_busy_delay / 10 + 1;
657 LOG_DEBUG("dtmcs_idle=%d, dmi_busy_delay=%d, ac_busy_delay=%d",
658 info->dtmcs_idle, info->dmi_busy_delay,
659 info->ac_busy_delay);
662 uint32_t abstract_register_size(unsigned width)
666 return set_field(0, AC_ACCESS_REGISTER_SIZE, 2);
668 return set_field(0, AC_ACCESS_REGISTER_SIZE, 3);
671 return set_field(0, AC_ACCESS_REGISTER_SIZE, 4);
674 LOG_ERROR("Unsupported register width: %d", width);
679 static int wait_for_idle(struct target *target, uint32_t *abstractcs)
682 time_t start = time(NULL);
684 if (dmi_read(target, abstractcs, DMI_ABSTRACTCS) != ERROR_OK)
687 if (get_field(*abstractcs, DMI_ABSTRACTCS_BUSY) == 0)
690 if (time(NULL) - start > riscv_command_timeout_sec) {
691 info->cmderr = get_field(*abstractcs, DMI_ABSTRACTCS_CMDERR);
692 if (info->cmderr != CMDERR_NONE) {
693 const char *errors[8] = {
703 LOG_ERROR("Abstract command ended in error '%s' (abstractcs=0x%x)",
704 errors[info->cmderr], *abstractcs);
707 LOG_ERROR("Timed out after %ds waiting for busy to go low (abstractcs=0x%x). "
708 "Increase the timeout with riscv set_command_timeout_sec.",
709 riscv_command_timeout_sec,
716 static int execute_abstract_command(struct target *target, uint32_t command)
719 if (debug_level >= LOG_LVL_DEBUG) {
720 switch (get_field(command, DMI_COMMAND_CMDTYPE)) {
722 LOG_DEBUG("command=0x%x; access register, size=%d, postexec=%d, "
723 "transfer=%d, write=%d, regno=0x%x",
725 8 << get_field(command, AC_ACCESS_REGISTER_SIZE),
726 get_field(command, AC_ACCESS_REGISTER_POSTEXEC),
727 get_field(command, AC_ACCESS_REGISTER_TRANSFER),
728 get_field(command, AC_ACCESS_REGISTER_WRITE),
729 get_field(command, AC_ACCESS_REGISTER_REGNO));
732 LOG_DEBUG("command=0x%x", command);
737 dmi_write_exec(target, DMI_COMMAND, command);
739 uint32_t abstractcs = 0;
740 wait_for_idle(target, &abstractcs);
742 info->cmderr = get_field(abstractcs, DMI_ABSTRACTCS_CMDERR);
743 if (info->cmderr != 0) {
744 LOG_DEBUG("command 0x%x failed; abstractcs=0x%x", command, abstractcs);
745 /* Clear the error. */
746 dmi_write(target, DMI_ABSTRACTCS, set_field(0, DMI_ABSTRACTCS_CMDERR,
754 static riscv_reg_t read_abstract_arg(struct target *target, unsigned index,
757 riscv_reg_t value = 0;
759 unsigned offset = index * size_bits / 32;
762 LOG_ERROR("Unsupported size: %d", size_bits);
765 dmi_read(target, &v, DMI_DATA0 + offset + 1);
766 value |= ((uint64_t) v) << 32;
769 dmi_read(target, &v, DMI_DATA0 + offset);
775 static int write_abstract_arg(struct target *target, unsigned index,
776 riscv_reg_t value, unsigned size_bits)
778 unsigned offset = index * size_bits / 32;
781 LOG_ERROR("Unsupported size: %d", size_bits);
784 dmi_write(target, DMI_DATA0 + offset + 1, value >> 32);
787 dmi_write(target, DMI_DATA0 + offset, value);
795 static uint32_t access_register_command(struct target *target, uint32_t number,
796 unsigned size, uint32_t flags)
798 uint32_t command = set_field(0, DMI_COMMAND_CMDTYPE, 0);
801 command = set_field(command, AC_ACCESS_REGISTER_SIZE, 2);
804 command = set_field(command, AC_ACCESS_REGISTER_SIZE, 3);
810 if (number <= GDB_REGNO_XPR31) {
811 command = set_field(command, AC_ACCESS_REGISTER_REGNO,
812 0x1000 + number - GDB_REGNO_ZERO);
813 } else if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31) {
814 command = set_field(command, AC_ACCESS_REGISTER_REGNO,
815 0x1020 + number - GDB_REGNO_FPR0);
816 } else if (number >= GDB_REGNO_CSR0 && number <= GDB_REGNO_CSR4095) {
817 command = set_field(command, AC_ACCESS_REGISTER_REGNO,
818 number - GDB_REGNO_CSR0);
819 } else if (number >= GDB_REGNO_COUNT) {
820 /* Custom register. */
821 assert(target->reg_cache->reg_list[number].arch_info);
822 riscv_reg_info_t *reg_info = target->reg_cache->reg_list[number].arch_info;
824 command = set_field(command, AC_ACCESS_REGISTER_REGNO,
825 0xc000 + reg_info->custom_number);
833 static int register_read_abstract(struct target *target, uint64_t *value,
834 uint32_t number, unsigned size)
838 if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31 &&
839 !info->abstract_read_fpr_supported)
841 if (number >= GDB_REGNO_CSR0 && number <= GDB_REGNO_CSR4095 &&
842 !info->abstract_read_csr_supported)
845 uint32_t command = access_register_command(target, number, size,
846 AC_ACCESS_REGISTER_TRANSFER);
848 int result = execute_abstract_command(target, command);
849 if (result != ERROR_OK) {
850 if (info->cmderr == CMDERR_NOT_SUPPORTED) {
851 if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31) {
852 info->abstract_read_fpr_supported = false;
853 LOG_INFO("Disabling abstract command reads from FPRs.");
854 } else if (number >= GDB_REGNO_CSR0 && number <= GDB_REGNO_CSR4095) {
855 info->abstract_read_csr_supported = false;
856 LOG_INFO("Disabling abstract command reads from CSRs.");
863 *value = read_abstract_arg(target, 0, size);
868 static int register_write_abstract(struct target *target, uint32_t number,
869 uint64_t value, unsigned size)
873 if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31 &&
874 !info->abstract_write_fpr_supported)
876 if (number >= GDB_REGNO_CSR0 && number <= GDB_REGNO_CSR4095 &&
877 !info->abstract_write_csr_supported)
880 uint32_t command = access_register_command(target, number, size,
881 AC_ACCESS_REGISTER_TRANSFER |
882 AC_ACCESS_REGISTER_WRITE);
884 if (write_abstract_arg(target, 0, value, size) != ERROR_OK)
887 int result = execute_abstract_command(target, command);
888 if (result != ERROR_OK) {
889 if (info->cmderr == CMDERR_NOT_SUPPORTED) {
890 if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31) {
891 info->abstract_write_fpr_supported = false;
892 LOG_INFO("Disabling abstract command writes to FPRs.");
893 } else if (number >= GDB_REGNO_CSR0 && number <= GDB_REGNO_CSR4095) {
894 info->abstract_write_csr_supported = false;
895 LOG_INFO("Disabling abstract command writes to CSRs.");
904 static int examine_progbuf(struct target *target)
906 riscv013_info_t *info = get_info(target);
908 if (info->progbuf_writable != YNM_MAYBE)
911 /* Figure out if progbuf is writable. */
913 if (info->progbufsize < 1) {
914 info->progbuf_writable = YNM_NO;
915 LOG_INFO("No program buffer present.");
920 if (register_read(target, &s0, GDB_REGNO_S0) != ERROR_OK)
923 struct riscv_program program;
924 riscv_program_init(&program, target);
925 riscv_program_insert(&program, auipc(S0));
926 if (riscv_program_exec(&program, target) != ERROR_OK)
929 if (register_read_direct(target, &info->progbuf_address, GDB_REGNO_S0) != ERROR_OK)
932 riscv_program_init(&program, target);
933 riscv_program_insert(&program, sw(S0, S0, 0));
934 int result = riscv_program_exec(&program, target);
936 if (register_write_direct(target, GDB_REGNO_S0, s0) != ERROR_OK)
939 if (result != ERROR_OK) {
940 /* This program might have failed if the program buffer is not
942 info->progbuf_writable = YNM_NO;
947 if (dmi_read(target, &written, DMI_PROGBUF0) != ERROR_OK)
949 if (written == (uint32_t) info->progbuf_address) {
950 LOG_INFO("progbuf is writable at 0x%" PRIx64,
951 info->progbuf_address);
952 info->progbuf_writable = YNM_YES;
955 LOG_INFO("progbuf is not writeable at 0x%" PRIx64,
956 info->progbuf_address);
957 info->progbuf_writable = YNM_NO;
970 /* How can the debugger access this memory? */
971 memory_space_t memory_space;
972 /* Memory address to access the scratch memory from the hart. */
973 riscv_addr_t hart_address;
974 /* Memory address to access the scratch memory from the debugger. */
975 riscv_addr_t debug_address;
976 struct working_area *area;
980 * Find some scratch memory to be used with the given program.
982 static int scratch_reserve(struct target *target,
983 scratch_mem_t *scratch,
984 struct riscv_program *program,
987 riscv_addr_t alignment = 1;
988 while (alignment < size_bytes)
991 scratch->area = NULL;
993 riscv013_info_t *info = get_info(target);
995 if (info->dataaccess == 1) {
996 /* Sign extend dataaddr. */
997 scratch->hart_address = info->dataaddr;
998 if (info->dataaddr & (1<<11))
999 scratch->hart_address |= 0xfffffffffffff000ULL;
1001 scratch->hart_address = (scratch->hart_address + alignment - 1) & ~(alignment - 1);
1003 if ((size_bytes + scratch->hart_address - info->dataaddr + 3) / 4 >=
1005 scratch->memory_space = SPACE_DMI_DATA;
1006 scratch->debug_address = (scratch->hart_address - info->dataaddr) / 4;
1011 if (examine_progbuf(target) != ERROR_OK)
1014 /* Allow for ebreak at the end of the program. */
1015 unsigned program_size = (program->instruction_count + 1) * 4;
1016 scratch->hart_address = (info->progbuf_address + program_size + alignment - 1) &
1018 if ((size_bytes + scratch->hart_address - info->progbuf_address + 3) / 4 >=
1019 info->progbufsize) {
1020 scratch->memory_space = SPACE_DMI_PROGBUF;
1021 scratch->debug_address = (scratch->hart_address - info->progbuf_address) / 4;
1025 if (target_alloc_working_area(target, size_bytes + alignment - 1,
1026 &scratch->area) == ERROR_OK) {
1027 scratch->hart_address = (scratch->area->address + alignment - 1) &
1029 scratch->memory_space = SPACE_DMI_RAM;
1030 scratch->debug_address = scratch->hart_address;
1034 LOG_ERROR("Couldn't find %d bytes of scratch RAM to use. Please configure "
1035 "a work area with 'configure -work-area-phys'.", size_bytes);
1039 static int scratch_release(struct target *target,
1040 scratch_mem_t *scratch)
1043 return target_free_working_area(target, scratch->area);
1048 static int scratch_read64(struct target *target, scratch_mem_t *scratch,
1052 switch (scratch->memory_space) {
1053 case SPACE_DMI_DATA:
1054 if (dmi_read(target, &v, DMI_DATA0 + scratch->debug_address) != ERROR_OK)
1057 if (dmi_read(target, &v, DMI_DATA1 + scratch->debug_address) != ERROR_OK)
1059 *value |= ((uint64_t) v) << 32;
1061 case SPACE_DMI_PROGBUF:
1062 if (dmi_read(target, &v, DMI_PROGBUF0 + scratch->debug_address) != ERROR_OK)
1065 if (dmi_read(target, &v, DMI_PROGBUF1 + scratch->debug_address) != ERROR_OK)
1067 *value |= ((uint64_t) v) << 32;
1072 if (read_memory(target, scratch->debug_address, 4, 2, buffer) != ERROR_OK)
1074 *value = buffer[0] |
1075 (((uint64_t) buffer[1]) << 8) |
1076 (((uint64_t) buffer[2]) << 16) |
1077 (((uint64_t) buffer[3]) << 24) |
1078 (((uint64_t) buffer[4]) << 32) |
1079 (((uint64_t) buffer[5]) << 40) |
1080 (((uint64_t) buffer[6]) << 48) |
1081 (((uint64_t) buffer[7]) << 56);
1088 static int scratch_write64(struct target *target, scratch_mem_t *scratch,
1091 switch (scratch->memory_space) {
1092 case SPACE_DMI_DATA:
1093 dmi_write(target, DMI_DATA0 + scratch->debug_address, value);
1094 dmi_write(target, DMI_DATA1 + scratch->debug_address, value >> 32);
1096 case SPACE_DMI_PROGBUF:
1097 dmi_write(target, DMI_PROGBUF0 + scratch->debug_address, value);
1098 dmi_write(target, DMI_PROGBUF1 + scratch->debug_address, value >> 32);
1102 uint8_t buffer[8] = {
1112 if (write_memory(target, scratch->debug_address, 4, 2, buffer) != ERROR_OK)
1120 /** Return register size in bits. */
1121 static unsigned register_size(struct target *target, unsigned number)
1123 /* If reg_cache hasn't been initialized yet, make a guess. We need this for
1124 * when this function is called during examine(). */
1125 if (target->reg_cache)
1126 return target->reg_cache->reg_list[number].size;
1128 return riscv_xlen(target);
1132 * Immediately write the new value to the requested register. This mechanism
1133 * bypasses any caches.
1135 static int register_write_direct(struct target *target, unsigned number,
1138 RISCV013_INFO(info);
1141 LOG_DEBUG("{%d} reg[0x%x] <- 0x%" PRIx64, riscv_current_hartid(target),
1144 int result = register_write_abstract(target, number, value,
1145 register_size(target, number));
1146 if (result == ERROR_OK && target->reg_cache) {
1147 struct reg *reg = &target->reg_cache->reg_list[number];
1148 buf_set_u64(reg->value, 0, reg->size, value);
1150 if (result == ERROR_OK || info->progbufsize + r->impebreak < 2 ||
1151 !riscv_is_halted(target))
1154 struct riscv_program program;
1155 riscv_program_init(&program, target);
1158 if (register_read(target, &s0, GDB_REGNO_S0) != ERROR_OK)
1161 scratch_mem_t scratch;
1162 bool use_scratch = false;
1163 if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31 &&
1164 riscv_supports_extension(target, riscv_current_hartid(target), 'D') &&
1165 riscv_xlen(target) < 64) {
1166 /* There are no instructions to move all the bits from a register, so
1167 * we need to use some scratch RAM. */
1169 riscv_program_insert(&program, fld(number - GDB_REGNO_FPR0, S0, 0));
1171 if (scratch_reserve(target, &scratch, &program, 8) != ERROR_OK)
1174 if (register_write_direct(target, GDB_REGNO_S0, scratch.hart_address)
1176 scratch_release(target, &scratch);
1180 if (scratch_write64(target, &scratch, value) != ERROR_OK) {
1181 scratch_release(target, &scratch);
1186 if (register_write_direct(target, GDB_REGNO_S0, value) != ERROR_OK)
1189 if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31) {
1190 if (riscv_supports_extension(target, riscv_current_hartid(target), 'D'))
1191 riscv_program_insert(&program, fmv_d_x(number - GDB_REGNO_FPR0, S0));
1193 riscv_program_insert(&program, fmv_w_x(number - GDB_REGNO_FPR0, S0));
1194 } else if (number >= GDB_REGNO_CSR0 && number <= GDB_REGNO_CSR4095) {
1195 riscv_program_csrw(&program, S0, number);
1197 LOG_ERROR("Unsupported register (enum gdb_regno)(%d)", number);
1202 int exec_out = riscv_program_exec(&program, target);
1203 /* Don't message on error. Probably the register doesn't exist. */
1204 if (exec_out == ERROR_OK && target->reg_cache) {
1205 struct reg *reg = &target->reg_cache->reg_list[number];
1206 buf_set_u64(reg->value, 0, reg->size, value);
1210 scratch_release(target, &scratch);
1213 if (register_write_direct(target, GDB_REGNO_S0, s0) != ERROR_OK)
1219 /** Return the cached value, or read from the target if necessary. */
1220 static int register_read(struct target *target, uint64_t *value, uint32_t number)
1222 if (number == GDB_REGNO_ZERO) {
1226 int result = register_read_direct(target, value, number);
1227 if (result != ERROR_OK)
1229 if (target->reg_cache) {
1230 struct reg *reg = &target->reg_cache->reg_list[number];
1231 buf_set_u64(reg->value, 0, reg->size, *value);
1236 /** Actually read registers from the target right now. */
1237 static int register_read_direct(struct target *target, uint64_t *value, uint32_t number)
1239 RISCV013_INFO(info);
1242 int result = register_read_abstract(target, value, number,
1243 register_size(target, number));
1245 if (result != ERROR_OK &&
1246 info->progbufsize + r->impebreak >= 2 &&
1247 number > GDB_REGNO_XPR31) {
1248 struct riscv_program program;
1249 riscv_program_init(&program, target);
1251 scratch_mem_t scratch;
1252 bool use_scratch = false;
1255 if (register_read(target, &s0, GDB_REGNO_S0) != ERROR_OK)
1258 /* Write program to move data into s0. */
1261 if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31) {
1262 if (register_read(target, &mstatus, GDB_REGNO_MSTATUS) != ERROR_OK)
1264 if ((mstatus & MSTATUS_FS) == 0)
1265 if (register_write_direct(target, GDB_REGNO_MSTATUS,
1266 set_field(mstatus, MSTATUS_FS, 1)) != ERROR_OK)
1269 if (riscv_supports_extension(target, riscv_current_hartid(target), 'D')
1270 && riscv_xlen(target) < 64) {
1271 /* There are no instructions to move all the bits from a
1272 * register, so we need to use some scratch RAM. */
1273 riscv_program_insert(&program, fsd(number - GDB_REGNO_FPR0, S0,
1276 if (scratch_reserve(target, &scratch, &program, 8) != ERROR_OK)
1280 if (register_write_direct(target, GDB_REGNO_S0,
1281 scratch.hart_address) != ERROR_OK) {
1282 scratch_release(target, &scratch);
1285 } else if (riscv_supports_extension(target,
1286 riscv_current_hartid(target), 'D')) {
1287 riscv_program_insert(&program, fmv_x_d(S0, number - GDB_REGNO_FPR0));
1289 riscv_program_insert(&program, fmv_x_w(S0, number - GDB_REGNO_FPR0));
1291 } else if (number >= GDB_REGNO_CSR0 && number <= GDB_REGNO_CSR4095) {
1292 riscv_program_csrr(&program, S0, number);
1294 LOG_ERROR("Unsupported register (enum gdb_regno)(%d)", number);
1298 /* Execute program. */
1299 result = riscv_program_exec(&program, target);
1300 /* Don't message on error. Probably the register doesn't exist. */
1303 result = scratch_read64(target, &scratch, value);
1304 scratch_release(target, &scratch);
1305 if (result != ERROR_OK)
1309 if (register_read_direct(target, value, GDB_REGNO_S0) != ERROR_OK)
1313 if (number >= GDB_REGNO_FPR0 && number <= GDB_REGNO_FPR31 &&
1314 (mstatus & MSTATUS_FS) == 0)
1315 if (register_write_direct(target, GDB_REGNO_MSTATUS, mstatus) != ERROR_OK)
1319 if (register_write_direct(target, GDB_REGNO_S0, s0) != ERROR_OK)
1323 if (result == ERROR_OK) {
1324 LOG_DEBUG("{%d} reg[0x%x] = 0x%" PRIx64, riscv_current_hartid(target),
1331 int wait_for_authbusy(struct target *target, uint32_t *dmstatus)
1333 time_t start = time(NULL);
1336 if (dmstatus_read(target, &value, false) != ERROR_OK)
1340 if (!get_field(value, DMI_DMSTATUS_AUTHBUSY))
1342 if (time(NULL) - start > riscv_command_timeout_sec) {
1343 LOG_ERROR("Timed out after %ds waiting for authbusy to go low (dmstatus=0x%x). "
1344 "Increase the timeout with riscv set_command_timeout_sec.",
1345 riscv_command_timeout_sec,
1354 /*** OpenOCD target functions. ***/
1356 static void deinit_target(struct target *target)
1358 LOG_DEBUG("riscv_deinit_target()");
1359 riscv_info_t *info = (riscv_info_t *) target->arch_info;
1360 free(info->version_specific);
1361 /* TODO: free register arch_info */
1362 info->version_specific = NULL;
1365 static int examine(struct target *target)
1367 /* Don't need to select dbus, since the first thing we do is read dtmcontrol. */
1369 uint32_t dtmcontrol = dtmcontrol_scan(target, 0);
1370 LOG_DEBUG("dtmcontrol=0x%x", dtmcontrol);
1371 LOG_DEBUG(" dmireset=%d", get_field(dtmcontrol, DTM_DTMCS_DMIRESET));
1372 LOG_DEBUG(" idle=%d", get_field(dtmcontrol, DTM_DTMCS_IDLE));
1373 LOG_DEBUG(" dmistat=%d", get_field(dtmcontrol, DTM_DTMCS_DMISTAT));
1374 LOG_DEBUG(" abits=%d", get_field(dtmcontrol, DTM_DTMCS_ABITS));
1375 LOG_DEBUG(" version=%d", get_field(dtmcontrol, DTM_DTMCS_VERSION));
1376 if (dtmcontrol == 0) {
1377 LOG_ERROR("dtmcontrol is 0. Check JTAG connectivity/board power.");
1380 if (get_field(dtmcontrol, DTM_DTMCS_VERSION) != 1) {
1381 LOG_ERROR("Unsupported DTM version %d. (dtmcontrol=0x%x)",
1382 get_field(dtmcontrol, DTM_DTMCS_VERSION), dtmcontrol);
1386 riscv013_info_t *info = get_info(target);
1387 info->abits = get_field(dtmcontrol, DTM_DTMCS_ABITS);
1388 info->dtmcs_idle = get_field(dtmcontrol, DTM_DTMCS_IDLE);
1390 /* Reset the Debug Module. */
1391 dm013_info_t *dm = get_dm(target);
1392 if (!dm->was_reset) {
1393 dmi_write(target, DMI_DMCONTROL, 0);
1394 dmi_write(target, DMI_DMCONTROL, DMI_DMCONTROL_DMACTIVE);
1395 dm->was_reset = true;
1398 dmi_write(target, DMI_DMCONTROL, DMI_DMCONTROL_HARTSELLO |
1399 DMI_DMCONTROL_HARTSELHI | DMI_DMCONTROL_DMACTIVE);
1401 if (dmi_read(target, &dmcontrol, DMI_DMCONTROL) != ERROR_OK)
1404 if (!get_field(dmcontrol, DMI_DMCONTROL_DMACTIVE)) {
1405 LOG_ERROR("Debug Module did not become active. dmcontrol=0x%x",
1411 if (dmstatus_read(target, &dmstatus, false) != ERROR_OK)
1413 LOG_DEBUG("dmstatus: 0x%08x", dmstatus);
1414 if (get_field(dmstatus, DMI_DMSTATUS_VERSION) != 2) {
1415 LOG_ERROR("OpenOCD only supports Debug Module version 2, not %d "
1416 "(dmstatus=0x%x)", get_field(dmstatus, DMI_DMSTATUS_VERSION), dmstatus);
1421 (get_field(dmcontrol, DMI_DMCONTROL_HARTSELHI) <<
1422 DMI_DMCONTROL_HARTSELLO_LENGTH) |
1423 get_field(dmcontrol, DMI_DMCONTROL_HARTSELLO);
1424 info->hartsellen = 0;
1425 while (hartsel & 1) {
1429 LOG_DEBUG("hartsellen=%d", info->hartsellen);
1432 if (dmi_read(target, &hartinfo, DMI_HARTINFO) != ERROR_OK)
1435 info->datasize = get_field(hartinfo, DMI_HARTINFO_DATASIZE);
1436 info->dataaccess = get_field(hartinfo, DMI_HARTINFO_DATAACCESS);
1437 info->dataaddr = get_field(hartinfo, DMI_HARTINFO_DATAADDR);
1439 if (!get_field(dmstatus, DMI_DMSTATUS_AUTHENTICATED)) {
1440 LOG_ERROR("Debugger is not authenticated to target Debug Module. "
1441 "(dmstatus=0x%x). Use `riscv authdata_read` and "
1442 "`riscv authdata_write` commands to authenticate.", dmstatus);
1443 /* If we return ERROR_FAIL here, then in a multicore setup the next
1444 * core won't be examined, which means we won't set up the
1445 * authentication commands for them, which means the config script
1446 * needs to be a lot more complex. */
1450 if (dmi_read(target, &info->sbcs, DMI_SBCS) != ERROR_OK)
1453 /* Check that abstract data registers are accessible. */
1454 uint32_t abstractcs;
1455 if (dmi_read(target, &abstractcs, DMI_ABSTRACTCS) != ERROR_OK)
1457 info->datacount = get_field(abstractcs, DMI_ABSTRACTCS_DATACOUNT);
1458 info->progbufsize = get_field(abstractcs, DMI_ABSTRACTCS_PROGBUFSIZE);
1460 LOG_INFO("datacount=%d progbufsize=%d", info->datacount, info->progbufsize);
1463 r->impebreak = get_field(dmstatus, DMI_DMSTATUS_IMPEBREAK);
1465 if (info->progbufsize + r->impebreak < 2) {
1466 LOG_WARNING("We won't be able to execute fence instructions on this "
1467 "target. Memory may not always appear consistent. "
1468 "(progbufsize=%d, impebreak=%d)", info->progbufsize,
1472 /* Before doing anything else we must first enumerate the harts. */
1474 /* Don't call any riscv_* functions until after we've counted the number of
1475 * cores and initialized registers. */
1476 for (int i = 0; i < MIN(RISCV_MAX_HARTS, 1 << info->hartsellen); ++i) {
1477 if (!riscv_rtos_enabled(target) && i != target->coreid)
1480 r->current_hartid = i;
1481 if (riscv013_select_current_hart(target) != ERROR_OK)
1485 if (dmstatus_read(target, &s, true) != ERROR_OK)
1487 if (get_field(s, DMI_DMSTATUS_ANYNONEXISTENT))
1489 r->hart_count = i + 1;
1491 if (get_field(s, DMI_DMSTATUS_ANYHAVERESET))
1492 dmi_write(target, DMI_DMCONTROL,
1493 set_hartsel(DMI_DMCONTROL_DMACTIVE | DMI_DMCONTROL_ACKHAVERESET, i));
1495 bool halted = riscv_is_halted(target);
1497 if (riscv013_halt_current_hart(target) != ERROR_OK) {
1498 LOG_ERROR("Fatal: Hart %d failed to halt during examine()", i);
1503 /* Without knowing anything else we can at least mess with the
1504 * program buffer. */
1505 r->debug_buffer_size[i] = info->progbufsize;
1507 int result = register_read_abstract(target, NULL, GDB_REGNO_S0, 64);
1508 if (result == ERROR_OK)
1513 if (register_read(target, &r->misa[i], GDB_REGNO_MISA)) {
1514 LOG_ERROR("Fatal: Failed to read MISA from hart %d.", i);
1518 /* Now init registers based on what we discovered. */
1519 if (riscv_init_registers(target) != ERROR_OK)
1522 /* Display this as early as possible to help people who are using
1523 * really slow simulators. */
1524 LOG_DEBUG(" hart %d: XLEN=%d, misa=0x%" PRIx64, i, r->xlen[i],
1528 riscv013_resume_current_hart(target);
1531 LOG_DEBUG("Enumerated %d harts", r->hart_count);
1533 if (r->hart_count == 0) {
1534 LOG_ERROR("No harts found!");
1538 target_set_examined(target);
1540 /* Some regression suites rely on seeing 'Examined RISC-V core' to know
1541 * when they can connect with gdb/telnet.
1542 * We will need to update those suites if we want to change that text. */
1543 LOG_INFO("Examined RISC-V core; found %d harts",
1544 riscv_count_harts(target));
1545 for (int i = 0; i < riscv_count_harts(target); ++i) {
1546 if (riscv_hart_enabled(target, i)) {
1547 LOG_INFO(" hart %d: XLEN=%d, misa=0x%" PRIx64, i, r->xlen[i],
1550 LOG_INFO(" hart %d: currently disabled", i);
1556 int riscv013_authdata_read(struct target *target, uint32_t *value)
1558 if (wait_for_authbusy(target, NULL) != ERROR_OK)
1561 return dmi_read(target, value, DMI_AUTHDATA);
1564 int riscv013_authdata_write(struct target *target, uint32_t value)
1566 uint32_t before, after;
1567 if (wait_for_authbusy(target, &before) != ERROR_OK)
1570 dmi_write(target, DMI_AUTHDATA, value);
1572 if (wait_for_authbusy(target, &after) != ERROR_OK)
1575 if (!get_field(before, DMI_DMSTATUS_AUTHENTICATED) &&
1576 get_field(after, DMI_DMSTATUS_AUTHENTICATED)) {
1577 LOG_INFO("authdata_write resulted in successful authentication");
1578 int result = ERROR_OK;
1579 dm013_info_t *dm = get_dm(target);
1580 target_list_t *entry;
1581 list_for_each_entry(entry, &dm->target_list, list) {
1582 if (examine(entry->target) != ERROR_OK)
1583 result = ERROR_FAIL;
1591 static int init_target(struct command_context *cmd_ctx,
1592 struct target *target)
1595 riscv_info_t *generic_info = (riscv_info_t *) target->arch_info;
1597 generic_info->get_register = &riscv013_get_register;
1598 generic_info->set_register = &riscv013_set_register;
1599 generic_info->select_current_hart = &riscv013_select_current_hart;
1600 generic_info->is_halted = &riscv013_is_halted;
1601 generic_info->halt_current_hart = &riscv013_halt_current_hart;
1602 generic_info->resume_current_hart = &riscv013_resume_current_hart;
1603 generic_info->step_current_hart = &riscv013_step_current_hart;
1604 generic_info->on_halt = &riscv013_on_halt;
1605 generic_info->on_resume = &riscv013_on_resume;
1606 generic_info->on_step = &riscv013_on_step;
1607 generic_info->halt_reason = &riscv013_halt_reason;
1608 generic_info->read_debug_buffer = &riscv013_read_debug_buffer;
1609 generic_info->write_debug_buffer = &riscv013_write_debug_buffer;
1610 generic_info->execute_debug_buffer = &riscv013_execute_debug_buffer;
1611 generic_info->fill_dmi_write_u64 = &riscv013_fill_dmi_write_u64;
1612 generic_info->fill_dmi_read_u64 = &riscv013_fill_dmi_read_u64;
1613 generic_info->fill_dmi_nop_u64 = &riscv013_fill_dmi_nop_u64;
1614 generic_info->dmi_write_u64_bits = &riscv013_dmi_write_u64_bits;
1615 generic_info->authdata_read = &riscv013_authdata_read;
1616 generic_info->authdata_write = &riscv013_authdata_write;
1617 generic_info->dmi_read = &dmi_read;
1618 generic_info->dmi_write = &dmi_write;
1619 generic_info->test_sba_config_reg = &riscv013_test_sba_config_reg;
1620 generic_info->test_compliance = &riscv013_test_compliance;
1621 generic_info->version_specific = calloc(1, sizeof(riscv013_info_t));
1622 if (!generic_info->version_specific)
1624 riscv013_info_t *info = get_info(target);
1626 info->progbufsize = -1;
1628 info->dmi_busy_delay = 0;
1629 info->bus_master_read_delay = 0;
1630 info->bus_master_write_delay = 0;
1631 info->ac_busy_delay = 0;
1633 /* Assume all these abstract commands are supported until we learn
1635 * TODO: The spec allows eg. one CSR to be able to be accessed abstractly
1636 * while another one isn't. We don't track that this closely here, but in
1637 * the future we probably should. */
1638 info->abstract_read_csr_supported = true;
1639 info->abstract_write_csr_supported = true;
1640 info->abstract_read_fpr_supported = true;
1641 info->abstract_write_fpr_supported = true;
1646 static int assert_reset(struct target *target)
1652 uint32_t control_base = set_field(0, DMI_DMCONTROL_DMACTIVE, 1);
1655 /* There's only one target, and OpenOCD thinks each hart is a thread.
1656 * We must reset them all. */
1658 /* TODO: Try to use hasel in dmcontrol */
1660 /* Set haltreq for each hart. */
1661 uint32_t control = control_base;
1662 for (int i = 0; i < riscv_count_harts(target); ++i) {
1663 if (!riscv_hart_enabled(target, i))
1666 control = set_hartsel(control_base, i);
1667 control = set_field(control, DMI_DMCONTROL_HALTREQ,
1668 target->reset_halt ? 1 : 0);
1669 dmi_write(target, DMI_DMCONTROL, control);
1671 /* Assert ndmreset */
1672 control = set_field(control, DMI_DMCONTROL_NDMRESET, 1);
1673 dmi_write(target, DMI_DMCONTROL, control);
1676 /* Reset just this hart. */
1677 uint32_t control = set_hartsel(control_base, r->current_hartid);
1678 control = set_field(control, DMI_DMCONTROL_HALTREQ,
1679 target->reset_halt ? 1 : 0);
1680 control = set_field(control, DMI_DMCONTROL_NDMRESET, 1);
1681 dmi_write(target, DMI_DMCONTROL, control);
1684 target->state = TARGET_RESET;
1689 static int deassert_reset(struct target *target)
1692 RISCV013_INFO(info);
1695 /* Clear the reset, but make sure haltreq is still set */
1696 uint32_t control = 0;
1697 control = set_field(control, DMI_DMCONTROL_HALTREQ, target->reset_halt ? 1 : 0);
1698 control = set_field(control, DMI_DMCONTROL_DMACTIVE, 1);
1699 dmi_write(target, DMI_DMCONTROL,
1700 set_hartsel(control, r->current_hartid));
1703 int dmi_busy_delay = info->dmi_busy_delay;
1704 time_t start = time(NULL);
1706 for (int i = 0; i < riscv_count_harts(target); ++i) {
1709 if (!riscv_hart_enabled(target, index))
1711 dmi_write(target, DMI_DMCONTROL,
1712 set_hartsel(control, index));
1714 index = r->current_hartid;
1718 uint32_t expected_field;
1719 if (target->reset_halt) {
1721 expected_field = DMI_DMSTATUS_ALLHALTED;
1724 expected_field = DMI_DMSTATUS_ALLRUNNING;
1726 LOG_DEBUG("Waiting for hart %d to %s out of reset.", index, operation);
1728 int result = dmstatus_read_timeout(target, &dmstatus, true,
1729 riscv_reset_timeout_sec);
1730 if (result == ERROR_TIMEOUT_REACHED)
1731 LOG_ERROR("Hart %d didn't complete a DMI read coming out of "
1732 "reset in %ds; Increase the timeout with riscv "
1733 "set_reset_timeout_sec.",
1734 index, riscv_reset_timeout_sec);
1735 if (result != ERROR_OK)
1737 if (get_field(dmstatus, expected_field))
1739 if (time(NULL) - start > riscv_reset_timeout_sec) {
1740 LOG_ERROR("Hart %d didn't %s coming out of reset in %ds; "
1742 "Increase the timeout with riscv set_reset_timeout_sec.",
1743 index, operation, riscv_reset_timeout_sec, dmstatus);
1747 target->state = TARGET_HALTED;
1749 if (get_field(dmstatus, DMI_DMSTATUS_ALLHAVERESET)) {
1751 dmi_write(target, DMI_DMCONTROL,
1752 set_hartsel(control, index) |
1753 DMI_DMCONTROL_ACKHAVERESET);
1759 info->dmi_busy_delay = dmi_busy_delay;
1764 * @par size in bytes
1766 static void write_to_buf(uint8_t *buffer, uint64_t value, unsigned size)
1770 buffer[7] = value >> 56;
1771 buffer[6] = value >> 48;
1772 buffer[5] = value >> 40;
1773 buffer[4] = value >> 32;
1776 buffer[3] = value >> 24;
1777 buffer[2] = value >> 16;
1780 buffer[1] = value >> 8;
1790 static int execute_fence(struct target *target)
1792 int old_hartid = riscv_current_hartid(target);
1794 /* FIXME: For non-coherent systems we need to flush the caches right
1795 * here, but there's no ISA-defined way of doing that. */
1797 struct riscv_program program;
1798 riscv_program_init(&program, target);
1799 riscv_program_fence_i(&program);
1800 riscv_program_fence(&program);
1801 int result = riscv_program_exec(&program, target);
1802 if (result != ERROR_OK)
1803 LOG_DEBUG("Unable to execute pre-fence");
1806 for (int i = 0; i < riscv_count_harts(target); ++i) {
1807 if (!riscv_hart_enabled(target, i))
1810 riscv_set_current_hartid(target, i);
1812 struct riscv_program program;
1813 riscv_program_init(&program, target);
1814 riscv_program_fence_i(&program);
1815 riscv_program_fence(&program);
1816 int result = riscv_program_exec(&program, target);
1817 if (result != ERROR_OK)
1818 LOG_DEBUG("Unable to execute fence on hart %d", i);
1821 riscv_set_current_hartid(target, old_hartid);
1826 static void log_memory_access(target_addr_t address, uint64_t value,
1827 unsigned size_bytes, bool read)
1829 if (debug_level < LOG_LVL_DEBUG)
1833 sprintf(fmt, "M[0x%" TARGET_PRIxADDR "] %ss 0x%%0%d" PRIx64,
1834 address, read ? "read" : "write", size_bytes * 2);
1835 value &= (((uint64_t) 0x1) << (size_bytes * 8)) - 1;
1836 LOG_DEBUG(fmt, value);
1839 /* Read the relevant sbdata regs depending on size, and put the results into
1841 static int read_memory_bus_word(struct target *target, target_addr_t address,
1842 uint32_t size, uint8_t *buffer)
1846 if (dmi_read(target, &value, DMI_SBDATA3) != ERROR_OK)
1848 write_to_buf(buffer + 12, value, 4);
1849 log_memory_access(address + 12, value, 4, true);
1852 if (dmi_read(target, &value, DMI_SBDATA2) != ERROR_OK)
1854 write_to_buf(buffer + 8, value, 4);
1855 log_memory_access(address + 8, value, 4, true);
1858 if (dmi_read(target, &value, DMI_SBDATA1) != ERROR_OK)
1860 write_to_buf(buffer + 4, value, 4);
1861 log_memory_access(address + 4, value, 4, true);
1863 if (dmi_read(target, &value, DMI_SBDATA0) != ERROR_OK)
1865 write_to_buf(buffer, value, MIN(size, 4));
1866 log_memory_access(address, value, MIN(size, 4), true);
1870 static uint32_t sb_sbaccess(unsigned size_bytes)
1872 switch (size_bytes) {
1874 return set_field(0, DMI_SBCS_SBACCESS, 0);
1876 return set_field(0, DMI_SBCS_SBACCESS, 1);
1878 return set_field(0, DMI_SBCS_SBACCESS, 2);
1880 return set_field(0, DMI_SBCS_SBACCESS, 3);
1882 return set_field(0, DMI_SBCS_SBACCESS, 4);
1885 return 0; /* Make mingw happy. */
1888 static target_addr_t sb_read_address(struct target *target)
1890 RISCV013_INFO(info);
1891 unsigned sbasize = get_field(info->sbcs, DMI_SBCS_SBASIZE);
1892 target_addr_t address = 0;
1896 dmi_read(target, &v, DMI_SBADDRESS1);
1901 dmi_read(target, &v, DMI_SBADDRESS0);
1906 static int sb_write_address(struct target *target, target_addr_t address)
1908 RISCV013_INFO(info);
1909 unsigned sbasize = get_field(info->sbcs, DMI_SBCS_SBASIZE);
1910 /* There currently is no support for >64-bit addresses in OpenOCD. */
1912 dmi_write(target, DMI_SBADDRESS3, 0);
1914 dmi_write(target, DMI_SBADDRESS2, 0);
1917 dmi_write(target, DMI_SBADDRESS1, address >> 32);
1919 dmi_write(target, DMI_SBADDRESS1, 0);
1921 return dmi_write(target, DMI_SBADDRESS0, address);
1924 static int read_sbcs_nonbusy(struct target *target, uint32_t *sbcs)
1926 time_t start = time(NULL);
1928 if (dmi_read(target, sbcs, DMI_SBCS) != ERROR_OK)
1930 if (!get_field(*sbcs, DMI_SBCS_SBBUSY))
1932 if (time(NULL) - start > riscv_command_timeout_sec) {
1933 LOG_ERROR("Timed out after %ds waiting for sbbusy to go low (sbcs=0x%x). "
1934 "Increase the timeout with riscv set_command_timeout_sec.",
1935 riscv_command_timeout_sec, *sbcs);
1941 static int read_memory_bus_v0(struct target *target, target_addr_t address,
1942 uint32_t size, uint32_t count, uint8_t *buffer)
1944 LOG_DEBUG("System Bus Access: size: %d\tcount:%d\tstart address: 0x%08"
1945 TARGET_PRIxADDR, size, count, address);
1946 uint8_t *t_buffer = buffer;
1947 riscv_addr_t cur_addr = address;
1948 riscv_addr_t fin_addr = address + (count * size);
1949 uint32_t access = 0;
1951 const int DMI_SBCS_SBSINGLEREAD_OFFSET = 20;
1952 const uint32_t DMI_SBCS_SBSINGLEREAD = (0x1U << DMI_SBCS_SBSINGLEREAD_OFFSET);
1954 const int DMI_SBCS_SBAUTOREAD_OFFSET = 15;
1955 const uint32_t DMI_SBCS_SBAUTOREAD = (0x1U << DMI_SBCS_SBAUTOREAD_OFFSET);
1957 /* ww favorise one off reading if there is an issue */
1959 for (uint32_t i = 0; i < count; i++) {
1960 if (dmi_read(target, &access, DMI_SBCS) != ERROR_OK)
1962 dmi_write(target, DMI_SBADDRESS0, cur_addr);
1963 /* size/2 matching the bit access of the spec 0.13 */
1964 access = set_field(access, DMI_SBCS_SBACCESS, size/2);
1965 access = set_field(access, DMI_SBCS_SBSINGLEREAD, 1);
1966 LOG_DEBUG("\r\nread_memory: sab: access: 0x%08x", access);
1967 dmi_write(target, DMI_SBCS, access);
1970 if (dmi_read(target, &value, DMI_SBDATA0) != ERROR_OK)
1972 LOG_DEBUG("\r\nread_memory: sab: value: 0x%08x", value);
1973 write_to_buf(t_buffer, value, size);
1980 /* has to be the same size if we want to read a block */
1981 LOG_DEBUG("reading block until final address 0x%" PRIx64, fin_addr);
1982 if (dmi_read(target, &access, DMI_SBCS) != ERROR_OK)
1984 /* set current address */
1985 dmi_write(target, DMI_SBADDRESS0, cur_addr);
1986 /* 2) write sbaccess=2, sbsingleread,sbautoread,sbautoincrement
1987 * size/2 matching the bit access of the spec 0.13 */
1988 access = set_field(access, DMI_SBCS_SBACCESS, size/2);
1989 access = set_field(access, DMI_SBCS_SBAUTOREAD, 1);
1990 access = set_field(access, DMI_SBCS_SBSINGLEREAD, 1);
1991 access = set_field(access, DMI_SBCS_SBAUTOINCREMENT, 1);
1992 LOG_DEBUG("\r\naccess: 0x%08x", access);
1993 dmi_write(target, DMI_SBCS, access);
1995 while (cur_addr < fin_addr) {
1996 LOG_DEBUG("\r\nsab:autoincrement: \r\n size: %d\tcount:%d\taddress: 0x%08"
1997 PRIx64, size, count, cur_addr);
2000 if (dmi_read(target, &value, DMI_SBDATA0) != ERROR_OK)
2002 write_to_buf(t_buffer, value, size);
2006 /* if we are reaching last address, we must clear autoread */
2007 if (cur_addr == fin_addr && count != 1) {
2008 dmi_write(target, DMI_SBCS, 0);
2009 if (dmi_read(target, &value, DMI_SBDATA0) != ERROR_OK)
2011 write_to_buf(t_buffer, value, size);
2019 * Read the requested memory using the system bus interface.
2021 static int read_memory_bus_v1(struct target *target, target_addr_t address,
2022 uint32_t size, uint32_t count, uint8_t *buffer)
2024 RISCV013_INFO(info);
2025 target_addr_t next_address = address;
2026 target_addr_t end_address = address + count * size;
2028 while (next_address < end_address) {
2029 uint32_t sbcs = set_field(0, DMI_SBCS_SBREADONADDR, 1);
2030 sbcs |= sb_sbaccess(size);
2031 sbcs = set_field(sbcs, DMI_SBCS_SBAUTOINCREMENT, 1);
2032 sbcs = set_field(sbcs, DMI_SBCS_SBREADONDATA, count > 1);
2033 dmi_write(target, DMI_SBCS, sbcs);
2035 /* This address write will trigger the first read. */
2036 sb_write_address(target, next_address);
2038 if (info->bus_master_read_delay) {
2039 jtag_add_runtest(info->bus_master_read_delay, TAP_IDLE);
2040 if (jtag_execute_queue() != ERROR_OK) {
2041 LOG_ERROR("Failed to scan idle sequence");
2046 for (uint32_t i = (next_address - address) / size; i < count - 1; i++) {
2047 read_memory_bus_word(target, address + i * size, size,
2051 sbcs = set_field(sbcs, DMI_SBCS_SBREADONDATA, 0);
2052 dmi_write(target, DMI_SBCS, sbcs);
2054 read_memory_bus_word(target, address + (count - 1) * size, size,
2055 buffer + (count - 1) * size);
2057 if (read_sbcs_nonbusy(target, &sbcs) != ERROR_OK)
2060 if (get_field(sbcs, DMI_SBCS_SBBUSYERROR)) {
2061 /* We read while the target was busy. Slow down and try again. */
2062 dmi_write(target, DMI_SBCS, DMI_SBCS_SBBUSYERROR);
2063 next_address = sb_read_address(target);
2064 info->bus_master_read_delay += info->bus_master_read_delay / 10 + 1;
2068 unsigned error = get_field(sbcs, DMI_SBCS_SBERROR);
2070 next_address = end_address;
2072 /* Some error indicating the bus access failed, but not because of
2073 * something we did wrong. */
2074 dmi_write(target, DMI_SBCS, DMI_SBCS_SBERROR);
2082 static int batch_run(const struct target *target, struct riscv_batch *batch)
2084 RISCV013_INFO(info);
2086 if (r->reset_delays_wait >= 0) {
2087 r->reset_delays_wait -= batch->used_scans;
2088 if (r->reset_delays_wait <= 0) {
2089 batch->idle_count = 0;
2090 info->dmi_busy_delay = 0;
2091 info->ac_busy_delay = 0;
2094 return riscv_batch_run(batch);
2098 * Read the requested memory, taking care to execute every read exactly once,
2099 * even if cmderr=busy is encountered.
2101 static int read_memory_progbuf_inner(struct target *target, target_addr_t address,
2102 uint32_t size, uint32_t count, uint8_t *buffer)
2104 RISCV013_INFO(info);
2106 int result = ERROR_OK;
2108 /* Write address to S0, and execute buffer. */
2109 result = register_write_direct(target, GDB_REGNO_S0, address);
2110 if (result != ERROR_OK)
2112 uint32_t command = access_register_command(target, GDB_REGNO_S1,
2114 AC_ACCESS_REGISTER_TRANSFER | AC_ACCESS_REGISTER_POSTEXEC);
2115 if (execute_abstract_command(target, command) != ERROR_OK)
2118 /* First read has just triggered. Result is in s1. */
2122 if (register_read_direct(target, &value, GDB_REGNO_S1) != ERROR_OK)
2124 write_to_buf(buffer, value, size);
2125 log_memory_access(address, value, size, true);
2129 if (dmi_write(target, DMI_ABSTRACTAUTO,
2130 1 << DMI_ABSTRACTAUTO_AUTOEXECDATA_OFFSET) != ERROR_OK)
2132 /* Read garbage from dmi_data0, which triggers another execution of the
2133 * program. Now dmi_data0 contains the first good result, and s1 the next
2135 if (dmi_read_exec(target, NULL, DMI_DATA0) != ERROR_OK)
2138 /* read_addr is the next address that the hart will read from, which is the
2140 riscv_addr_t read_addr = address + 2 * size;
2141 riscv_addr_t fin_addr = address + (count * size);
2142 while (read_addr < fin_addr) {
2143 LOG_DEBUG("read_addr=0x%" PRIx64 ", fin_addr=0x%" PRIx64, read_addr,
2145 /* The pipeline looks like this:
2146 * memory -> s1 -> dm_data0 -> debugger
2148 * s0 contains read_addr
2149 * s1 contains mem[read_addr-size]
2150 * dm_data0 contains[read_addr-size*2]
2153 LOG_DEBUG("creating burst to read from 0x%" PRIx64
2154 " up to 0x%" PRIx64, read_addr, fin_addr);
2155 assert(read_addr >= address && read_addr < fin_addr);
2156 struct riscv_batch *batch = riscv_batch_alloc(target, 32,
2157 info->dmi_busy_delay + info->ac_busy_delay);
2160 for (riscv_addr_t addr = read_addr; addr < fin_addr; addr += size) {
2161 riscv_batch_add_dmi_read(batch, DMI_DATA0);
2164 if (riscv_batch_full(batch))
2168 batch_run(target, batch);
2170 /* Wait for the target to finish performing the last abstract command,
2171 * and update our copy of cmderr. If we see that DMI is busy here,
2172 * dmi_busy_delay will be incremented. */
2173 uint32_t abstractcs;
2174 if (dmi_read(target, &abstractcs, DMI_ABSTRACTCS) != ERROR_OK)
2176 while (get_field(abstractcs, DMI_ABSTRACTCS_BUSY))
2177 if (dmi_read(target, &abstractcs, DMI_ABSTRACTCS) != ERROR_OK)
2179 info->cmderr = get_field(abstractcs, DMI_ABSTRACTCS_CMDERR);
2181 riscv_addr_t next_read_addr;
2182 unsigned ignore_last = 0;
2183 switch (info->cmderr) {
2185 LOG_DEBUG("successful (partial?) memory read");
2186 next_read_addr = read_addr + reads * size;
2189 LOG_DEBUG("memory read resulted in busy response");
2191 increase_ac_busy_delay(target);
2192 riscv013_clear_abstract_error(target);
2194 dmi_write(target, DMI_ABSTRACTAUTO, 0);
2197 /* This is definitely a good version of the value that we
2198 * attempted to read when we discovered that the target was
2200 if (dmi_read(target, &dmi_data0, DMI_DATA0) != ERROR_OK) {
2201 riscv_batch_free(batch);
2205 /* See how far we got, clobbering dmi_data0. */
2206 result = register_read_direct(target, &next_read_addr,
2208 if (result != ERROR_OK) {
2209 riscv_batch_free(batch);
2212 write_to_buf(buffer + next_read_addr - 2 * size - address, dmi_data0, size);
2213 log_memory_access(next_read_addr - 2 * size, dmi_data0, size, true);
2215 /* Restore the command, and execute it.
2216 * Now DMI_DATA0 contains the next value just as it would if no
2217 * error had occurred. */
2218 dmi_write_exec(target, DMI_COMMAND, command);
2219 next_read_addr += size;
2221 dmi_write(target, DMI_ABSTRACTAUTO,
2222 1 << DMI_ABSTRACTAUTO_AUTOEXECDATA_OFFSET);
2228 LOG_DEBUG("error when reading memory, abstractcs=0x%08lx", (long)abstractcs);
2229 riscv013_clear_abstract_error(target);
2230 riscv_batch_free(batch);
2231 result = ERROR_FAIL;
2235 /* Now read whatever we got out of the batch. */
2236 dmi_status_t status = DMI_STATUS_SUCCESS;
2237 for (size_t i = 0; i < reads; i++) {
2238 riscv_addr_t receive_addr = read_addr + (i-2) * size;
2239 assert(receive_addr < address + size * count);
2240 if (receive_addr < address)
2242 if (receive_addr > next_read_addr - (3 + ignore_last) * size)
2245 uint64_t dmi_out = riscv_batch_get_dmi_read(batch, i);
2246 status = get_field(dmi_out, DTM_DMI_OP);
2247 if (status != DMI_STATUS_SUCCESS) {
2248 /* If we're here because of busy count, dmi_busy_delay will
2249 * already have been increased and busy state will have been
2250 * cleared in dmi_read(). */
2251 /* In at least some implementations, we issue a read, and then
2252 * can get busy back when we try to scan out the read result,
2253 * and the actual read value is lost forever. Since this is
2254 * rare in any case, we return error here and rely on our
2255 * caller to reread the entire block. */
2256 LOG_WARNING("Batch memory read encountered DMI error %d. "
2257 "Falling back on slower reads.", status);
2258 riscv_batch_free(batch);
2259 result = ERROR_FAIL;
2262 uint32_t value = get_field(dmi_out, DTM_DMI_DATA);
2263 riscv_addr_t offset = receive_addr - address;
2264 write_to_buf(buffer + offset, value, size);
2265 log_memory_access(receive_addr, value, size, true);
2267 receive_addr += size;
2270 read_addr = next_read_addr;
2272 riscv_batch_free(batch);
2275 dmi_write(target, DMI_ABSTRACTAUTO, 0);
2278 /* Read the penultimate word. */
2280 if (dmi_read(target, &value, DMI_DATA0) != ERROR_OK)
2282 write_to_buf(buffer + size * (count-2), value, size);
2283 log_memory_access(address + size * (count-2), value, size, true);
2286 /* Read the last word. */
2288 result = register_read_direct(target, &value, GDB_REGNO_S1);
2289 if (result != ERROR_OK)
2291 write_to_buf(buffer + size * (count-1), value, size);
2292 log_memory_access(address + size * (count-1), value, size, true);
2297 dmi_write(target, DMI_ABSTRACTAUTO, 0);
2303 * Read the requested memory, silently handling memory access errors.
2305 static int read_memory_progbuf(struct target *target, target_addr_t address,
2306 uint32_t size, uint32_t count, uint8_t *buffer)
2308 int result = ERROR_OK;
2310 LOG_DEBUG("reading %d words of %d bytes from 0x%" TARGET_PRIxADDR, count,
2315 memset(buffer, 0, count*size);
2317 /* s0 holds the next address to write to
2318 * s1 holds the next data value to write
2321 if (register_read(target, &s0, GDB_REGNO_S0) != ERROR_OK)
2323 if (register_read(target, &s1, GDB_REGNO_S1) != ERROR_OK)
2326 if (execute_fence(target) != ERROR_OK)
2329 /* Write the program (load, increment) */
2330 struct riscv_program program;
2331 riscv_program_init(&program, target);
2334 riscv_program_lbr(&program, GDB_REGNO_S1, GDB_REGNO_S0, 0);
2337 riscv_program_lhr(&program, GDB_REGNO_S1, GDB_REGNO_S0, 0);
2340 riscv_program_lwr(&program, GDB_REGNO_S1, GDB_REGNO_S0, 0);
2343 LOG_ERROR("Unsupported size: %d", size);
2346 riscv_program_addi(&program, GDB_REGNO_S0, GDB_REGNO_S0, size);
2348 if (riscv_program_ebreak(&program) != ERROR_OK)
2350 riscv_program_write(&program);
2352 result = read_memory_progbuf_inner(target, address, size, count, buffer);
2354 if (result != ERROR_OK) {
2355 /* The full read did not succeed, so we will try to read each word individually. */
2356 /* This will not be fast, but reading outside actual memory is a special case anyway. */
2357 /* It will make the toolchain happier, especially Eclipse Memory View as it reads ahead. */
2358 target_addr_t address_i = address;
2359 uint32_t size_i = size;
2360 uint32_t count_i = 1;
2361 uint8_t *buffer_i = buffer;
2363 for (uint32_t i = 0; i < count; i++, address_i += size_i, buffer_i += size_i) {
2364 /* TODO: This is much slower than it needs to be because we end up
2365 * writing the address to read for every word we read. */
2366 result = read_memory_progbuf_inner(target, address_i, size_i, count_i, buffer_i);
2368 /* The read of a single word failed, so we will just return 0 for that instead */
2369 if (result != ERROR_OK) {
2370 LOG_DEBUG("error reading single word of %d bytes from 0x%" TARGET_PRIxADDR,
2373 uint64_t value_i = 0;
2374 write_to_buf(buffer_i, value_i, size_i);
2380 riscv_set_register(target, GDB_REGNO_S0, s0);
2381 riscv_set_register(target, GDB_REGNO_S1, s1);
2385 static int read_memory(struct target *target, target_addr_t address,
2386 uint32_t size, uint32_t count, uint8_t *buffer)
2388 RISCV013_INFO(info);
2389 if (info->progbufsize >= 2 && !riscv_prefer_sba)
2390 return read_memory_progbuf(target, address, size, count, buffer);
2392 if ((get_field(info->sbcs, DMI_SBCS_SBACCESS8) && size == 1) ||
2393 (get_field(info->sbcs, DMI_SBCS_SBACCESS16) && size == 2) ||
2394 (get_field(info->sbcs, DMI_SBCS_SBACCESS32) && size == 4) ||
2395 (get_field(info->sbcs, DMI_SBCS_SBACCESS64) && size == 8) ||
2396 (get_field(info->sbcs, DMI_SBCS_SBACCESS128) && size == 16)) {
2397 if (get_field(info->sbcs, DMI_SBCS_SBVERSION) == 0)
2398 return read_memory_bus_v0(target, address, size, count, buffer);
2399 else if (get_field(info->sbcs, DMI_SBCS_SBVERSION) == 1)
2400 return read_memory_bus_v1(target, address, size, count, buffer);
2403 if (info->progbufsize >= 2)
2404 return read_memory_progbuf(target, address, size, count, buffer);
2406 LOG_ERROR("Don't know how to read memory on this target.");
2410 static int write_memory_bus_v0(struct target *target, target_addr_t address,
2411 uint32_t size, uint32_t count, const uint8_t *buffer)
2413 /*1) write sbaddress: for singlewrite and autoincrement, we need to write the address once*/
2414 LOG_DEBUG("System Bus Access: size: %d\tcount:%d\tstart address: 0x%08"
2415 TARGET_PRIxADDR, size, count, address);
2416 dmi_write(target, DMI_SBADDRESS0, address);
2419 riscv_addr_t offset = 0;
2420 riscv_addr_t t_addr = 0;
2421 const uint8_t *t_buffer = buffer + offset;
2423 /* B.8 Writing Memory, single write check if we write in one go */
2424 if (count == 1) { /* count is in bytes here */
2425 /* check the size */
2428 value = t_buffer[0];
2432 | ((uint32_t) t_buffer[1] << 8);
2436 | ((uint32_t) t_buffer[1] << 8)
2437 | ((uint32_t) t_buffer[2] << 16)
2438 | ((uint32_t) t_buffer[3] << 24);
2441 LOG_ERROR("unsupported access size: %d", size);
2446 access = set_field(access, DMI_SBCS_SBACCESS, size/2);
2447 dmi_write(target, DMI_SBCS, access);
2448 LOG_DEBUG("\r\naccess: 0x%08" PRIx64, access);
2449 LOG_DEBUG("\r\nwrite_memory:SAB: ONE OFF: value 0x%08" PRIx64, value);
2450 dmi_write(target, DMI_SBDATA0, value);
2454 /*B.8 Writing Memory, using autoincrement*/
2457 access = set_field(access, DMI_SBCS_SBACCESS, size/2);
2458 access = set_field(access, DMI_SBCS_SBAUTOINCREMENT, 1);
2459 LOG_DEBUG("\r\naccess: 0x%08" PRIx64, access);
2460 dmi_write(target, DMI_SBCS, access);
2462 /*2)set the value according to the size required and write*/
2463 for (riscv_addr_t i = 0; i < count; ++i) {
2465 /* for monitoring only */
2466 t_addr = address + offset;
2467 t_buffer = buffer + offset;
2471 value = t_buffer[0];
2475 | ((uint32_t) t_buffer[1] << 8);
2479 | ((uint32_t) t_buffer[1] << 8)
2480 | ((uint32_t) t_buffer[2] << 16)
2481 | ((uint32_t) t_buffer[3] << 24);
2484 LOG_ERROR("unsupported access size: %d", size);
2487 LOG_DEBUG("SAB:autoincrement: expected address: 0x%08x value: 0x%08x"
2488 PRIx64, (uint32_t)t_addr, (uint32_t)value);
2489 dmi_write(target, DMI_SBDATA0, value);
2491 /*reset the autoincrement when finished (something weird is happening if this is not done at the end*/
2492 access = set_field(access, DMI_SBCS_SBAUTOINCREMENT, 0);
2493 dmi_write(target, DMI_SBCS, access);
2498 static int write_memory_bus_v1(struct target *target, target_addr_t address,
2499 uint32_t size, uint32_t count, const uint8_t *buffer)
2501 RISCV013_INFO(info);
2502 uint32_t sbcs = sb_sbaccess(size);
2503 sbcs = set_field(sbcs, DMI_SBCS_SBAUTOINCREMENT, 1);
2504 dmi_write(target, DMI_SBCS, sbcs);
2506 target_addr_t next_address = address;
2507 target_addr_t end_address = address + count * size;
2509 sb_write_address(target, next_address);
2510 while (next_address < end_address) {
2511 for (uint32_t i = (next_address - address) / size; i < count; i++) {
2512 const uint8_t *p = buffer + i * size;
2514 dmi_write(target, DMI_SBDATA3,
2515 ((uint32_t) p[12]) |
2516 (((uint32_t) p[13]) << 8) |
2517 (((uint32_t) p[14]) << 16) |
2518 (((uint32_t) p[15]) << 24));
2520 dmi_write(target, DMI_SBDATA2,
2522 (((uint32_t) p[9]) << 8) |
2523 (((uint32_t) p[10]) << 16) |
2524 (((uint32_t) p[11]) << 24));
2526 dmi_write(target, DMI_SBDATA1,
2528 (((uint32_t) p[5]) << 8) |
2529 (((uint32_t) p[6]) << 16) |
2530 (((uint32_t) p[7]) << 24));
2531 uint32_t value = p[0];
2533 value |= ((uint32_t) p[2]) << 16;
2534 value |= ((uint32_t) p[3]) << 24;
2537 value |= ((uint32_t) p[1]) << 8;
2538 dmi_write(target, DMI_SBDATA0, value);
2540 log_memory_access(address + i * size, value, size, false);
2542 if (info->bus_master_write_delay) {
2543 jtag_add_runtest(info->bus_master_write_delay, TAP_IDLE);
2544 if (jtag_execute_queue() != ERROR_OK) {
2545 LOG_ERROR("Failed to scan idle sequence");
2551 if (read_sbcs_nonbusy(target, &sbcs) != ERROR_OK)
2554 if (get_field(sbcs, DMI_SBCS_SBBUSYERROR)) {
2555 /* We wrote while the target was busy. Slow down and try again. */
2556 dmi_write(target, DMI_SBCS, DMI_SBCS_SBBUSYERROR);
2557 next_address = sb_read_address(target);
2558 info->bus_master_write_delay += info->bus_master_write_delay / 10 + 1;
2562 unsigned error = get_field(sbcs, DMI_SBCS_SBERROR);
2564 next_address = end_address;
2566 /* Some error indicating the bus access failed, but not because of
2567 * something we did wrong. */
2568 dmi_write(target, DMI_SBCS, DMI_SBCS_SBERROR);
2576 static int write_memory_progbuf(struct target *target, target_addr_t address,
2577 uint32_t size, uint32_t count, const uint8_t *buffer)
2579 RISCV013_INFO(info);
2581 LOG_DEBUG("writing %d words of %d bytes to 0x%08lx", count, size, (long)address);
2585 /* s0 holds the next address to write to
2586 * s1 holds the next data value to write
2589 int result = ERROR_OK;
2591 if (register_read(target, &s0, GDB_REGNO_S0) != ERROR_OK)
2593 if (register_read(target, &s1, GDB_REGNO_S1) != ERROR_OK)
2596 /* Write the program (store, increment) */
2597 struct riscv_program program;
2598 riscv_program_init(&program, target);
2602 riscv_program_sbr(&program, GDB_REGNO_S1, GDB_REGNO_S0, 0);
2605 riscv_program_shr(&program, GDB_REGNO_S1, GDB_REGNO_S0, 0);
2608 riscv_program_swr(&program, GDB_REGNO_S1, GDB_REGNO_S0, 0);
2611 LOG_ERROR("Unsupported size: %d", size);
2612 result = ERROR_FAIL;
2616 riscv_program_addi(&program, GDB_REGNO_S0, GDB_REGNO_S0, size);
2618 result = riscv_program_ebreak(&program);
2619 if (result != ERROR_OK)
2621 riscv_program_write(&program);
2623 riscv_addr_t cur_addr = address;
2624 riscv_addr_t fin_addr = address + (count * size);
2625 bool setup_needed = true;
2626 LOG_DEBUG("writing until final address 0x%016" PRIx64, fin_addr);
2627 while (cur_addr < fin_addr) {
2628 LOG_DEBUG("transferring burst starting at address 0x%016" PRIx64,
2631 struct riscv_batch *batch = riscv_batch_alloc(
2634 info->dmi_busy_delay + info->ac_busy_delay);
2636 /* To write another word, we put it in S1 and execute the program. */
2637 unsigned start = (cur_addr - address) / size;
2638 for (unsigned i = start; i < count; ++i) {
2639 unsigned offset = size*i;
2640 const uint8_t *t_buffer = buffer + offset;
2645 value = t_buffer[0];
2649 | ((uint32_t) t_buffer[1] << 8);
2653 | ((uint32_t) t_buffer[1] << 8)
2654 | ((uint32_t) t_buffer[2] << 16)
2655 | ((uint32_t) t_buffer[3] << 24);
2658 LOG_ERROR("unsupported access size: %d", size);
2659 riscv_batch_free(batch);
2660 result = ERROR_FAIL;
2664 log_memory_access(address + offset, value, size, false);
2668 result = register_write_direct(target, GDB_REGNO_S0,
2670 if (result != ERROR_OK) {
2671 riscv_batch_free(batch);
2676 dmi_write(target, DMI_DATA0, value);
2678 /* Write and execute command that moves value into S1 and
2679 * executes program buffer. */
2680 uint32_t command = access_register_command(target,
2682 AC_ACCESS_REGISTER_POSTEXEC |
2683 AC_ACCESS_REGISTER_TRANSFER |
2684 AC_ACCESS_REGISTER_WRITE);
2685 result = execute_abstract_command(target, command);
2686 if (result != ERROR_OK) {
2687 riscv_batch_free(batch);
2691 /* Turn on autoexec */
2692 dmi_write(target, DMI_ABSTRACTAUTO,
2693 1 << DMI_ABSTRACTAUTO_AUTOEXECDATA_OFFSET);
2695 setup_needed = false;
2697 riscv_batch_add_dmi_write(batch, DMI_DATA0, value);
2698 if (riscv_batch_full(batch))
2703 result = batch_run(target, batch);
2704 riscv_batch_free(batch);
2705 if (result != ERROR_OK)
2708 /* Note that if the scan resulted in a Busy DMI response, it
2709 * is this read to abstractcs that will cause the dmi_busy_delay
2710 * to be incremented if necessary. */
2712 uint32_t abstractcs;
2713 bool dmi_busy_encountered;
2714 if (dmi_op(target, &abstractcs, &dmi_busy_encountered, DMI_OP_READ,
2715 DMI_ABSTRACTCS, 0, false) != ERROR_OK)
2717 while (get_field(abstractcs, DMI_ABSTRACTCS_BUSY))
2718 if (dmi_read(target, &abstractcs, DMI_ABSTRACTCS) != ERROR_OK)
2720 info->cmderr = get_field(abstractcs, DMI_ABSTRACTCS_CMDERR);
2721 if (info->cmderr == CMDERR_NONE && !dmi_busy_encountered) {
2722 LOG_DEBUG("successful (partial?) memory write");
2723 } else if (info->cmderr == CMDERR_BUSY || dmi_busy_encountered) {
2724 if (info->cmderr == CMDERR_BUSY)
2725 LOG_DEBUG("Memory write resulted in abstract command busy response.");
2726 else if (dmi_busy_encountered)
2727 LOG_DEBUG("Memory write resulted in DMI busy response.");
2728 riscv013_clear_abstract_error(target);
2729 increase_ac_busy_delay(target);
2731 dmi_write(target, DMI_ABSTRACTAUTO, 0);
2732 result = register_read_direct(target, &cur_addr, GDB_REGNO_S0);
2733 if (result != ERROR_OK)
2735 setup_needed = true;
2737 LOG_ERROR("error when writing memory, abstractcs=0x%08lx", (long)abstractcs);
2738 riscv013_clear_abstract_error(target);
2739 result = ERROR_FAIL;
2745 dmi_write(target, DMI_ABSTRACTAUTO, 0);
2747 if (register_write_direct(target, GDB_REGNO_S1, s1) != ERROR_OK)
2749 if (register_write_direct(target, GDB_REGNO_S0, s0) != ERROR_OK)
2752 if (execute_fence(target) != ERROR_OK)
2758 static int write_memory(struct target *target, target_addr_t address,
2759 uint32_t size, uint32_t count, const uint8_t *buffer)
2761 RISCV013_INFO(info);
2762 if (info->progbufsize >= 2 && !riscv_prefer_sba)
2763 return write_memory_progbuf(target, address, size, count, buffer);
2765 if ((get_field(info->sbcs, DMI_SBCS_SBACCESS8) && size == 1) ||
2766 (get_field(info->sbcs, DMI_SBCS_SBACCESS16) && size == 2) ||
2767 (get_field(info->sbcs, DMI_SBCS_SBACCESS32) && size == 4) ||
2768 (get_field(info->sbcs, DMI_SBCS_SBACCESS64) && size == 8) ||
2769 (get_field(info->sbcs, DMI_SBCS_SBACCESS128) && size == 16)) {
2770 if (get_field(info->sbcs, DMI_SBCS_SBVERSION) == 0)
2771 return write_memory_bus_v0(target, address, size, count, buffer);
2772 else if (get_field(info->sbcs, DMI_SBCS_SBVERSION) == 1)
2773 return write_memory_bus_v1(target, address, size, count, buffer);
2776 if (info->progbufsize >= 2)
2777 return write_memory_progbuf(target, address, size, count, buffer);
2779 LOG_ERROR("Don't know how to write memory on this target.");
2783 static int arch_state(struct target *target)
2788 struct target_type riscv013_target = {
2791 .init_target = init_target,
2792 .deinit_target = deinit_target,
2795 .poll = &riscv_openocd_poll,
2796 .halt = &riscv_openocd_halt,
2797 .resume = &riscv_openocd_resume,
2798 .step = &riscv_openocd_step,
2800 .assert_reset = assert_reset,
2801 .deassert_reset = deassert_reset,
2803 .read_memory = read_memory,
2804 .write_memory = write_memory,
2806 .arch_state = arch_state,
2809 /*** 0.13-specific implementations of various RISC-V helper functions. ***/
2810 static int riscv013_get_register(struct target *target,
2811 riscv_reg_t *value, int hid, int rid)
2813 LOG_DEBUG("reading register %s on hart %d", gdb_regno_name(rid), hid);
2815 riscv_set_current_hartid(target, hid);
2817 int result = ERROR_OK;
2818 if (rid == GDB_REGNO_PC) {
2819 result = register_read(target, value, GDB_REGNO_DPC);
2820 LOG_DEBUG("read PC from DPC: 0x%" PRIx64, *value);
2821 } else if (rid == GDB_REGNO_PRIV) {
2823 result = register_read(target, &dcsr, GDB_REGNO_DCSR);
2824 *value = get_field(dcsr, CSR_DCSR_PRV);
2826 result = register_read(target, value, rid);
2827 if (result != ERROR_OK)
2834 static int riscv013_set_register(struct target *target, int hid, int rid, uint64_t value)
2836 LOG_DEBUG("writing 0x%" PRIx64 " to register %s on hart %d", value,
2837 gdb_regno_name(rid), hid);
2839 riscv_set_current_hartid(target, hid);
2841 if (rid <= GDB_REGNO_XPR31) {
2842 return register_write_direct(target, rid, value);
2843 } else if (rid == GDB_REGNO_PC) {
2844 LOG_DEBUG("writing PC to DPC: 0x%" PRIx64, value);
2845 register_write_direct(target, GDB_REGNO_DPC, value);
2846 uint64_t actual_value;
2847 register_read_direct(target, &actual_value, GDB_REGNO_DPC);
2848 LOG_DEBUG(" actual DPC written: 0x%016" PRIx64, actual_value);
2849 if (value != actual_value) {
2850 LOG_ERROR("Written PC (0x%" PRIx64 ") does not match read back "
2851 "value (0x%" PRIx64 ")", value, actual_value);
2854 } else if (rid == GDB_REGNO_PRIV) {
2856 register_read(target, &dcsr, GDB_REGNO_DCSR);
2857 dcsr = set_field(dcsr, CSR_DCSR_PRV, value);
2858 return register_write_direct(target, GDB_REGNO_DCSR, dcsr);
2860 return register_write_direct(target, rid, value);
2866 static int riscv013_select_current_hart(struct target *target)
2870 dm013_info_t *dm = get_dm(target);
2871 if (r->current_hartid == dm->current_hartid)
2875 /* TODO: can't we just "dmcontrol = DMI_DMACTIVE"? */
2876 if (dmi_read(target, &dmcontrol, DMI_DMCONTROL) != ERROR_OK)
2878 dmcontrol = set_hartsel(dmcontrol, r->current_hartid);
2879 int result = dmi_write(target, DMI_DMCONTROL, dmcontrol);
2880 dm->current_hartid = r->current_hartid;
2884 static int riscv013_halt_current_hart(struct target *target)
2887 LOG_DEBUG("halting hart %d", r->current_hartid);
2888 if (riscv_is_halted(target))
2889 LOG_ERROR("Hart %d is already halted!", r->current_hartid);
2891 /* Issue the halt command, and then wait for the current hart to halt. */
2893 if (dmi_read(target, &dmcontrol, DMI_DMCONTROL) != ERROR_OK)
2895 dmcontrol = set_field(dmcontrol, DMI_DMCONTROL_HALTREQ, 1);
2896 dmi_write(target, DMI_DMCONTROL, dmcontrol);
2897 for (size_t i = 0; i < 256; ++i)
2898 if (riscv_is_halted(target))
2901 if (!riscv_is_halted(target)) {
2903 if (dmstatus_read(target, &dmstatus, true) != ERROR_OK)
2905 if (dmi_read(target, &dmcontrol, DMI_DMCONTROL) != ERROR_OK)
2908 LOG_ERROR("unable to halt hart %d", r->current_hartid);
2909 LOG_ERROR(" dmcontrol=0x%08x", dmcontrol);
2910 LOG_ERROR(" dmstatus =0x%08x", dmstatus);
2914 dmcontrol = set_field(dmcontrol, DMI_DMCONTROL_HALTREQ, 0);
2915 dmi_write(target, DMI_DMCONTROL, dmcontrol);
2920 static int riscv013_resume_current_hart(struct target *target)
2922 return riscv013_step_or_resume_current_hart(target, false);
2925 static int riscv013_step_current_hart(struct target *target)
2927 return riscv013_step_or_resume_current_hart(target, true);
2930 static int riscv013_on_resume(struct target *target)
2932 return riscv013_on_step_or_resume(target, false);
2935 static int riscv013_on_step(struct target *target)
2937 return riscv013_on_step_or_resume(target, true);
2940 static int riscv013_on_halt(struct target *target)
2945 static bool riscv013_is_halted(struct target *target)
2948 if (dmstatus_read(target, &dmstatus, true) != ERROR_OK)
2950 if (get_field(dmstatus, DMI_DMSTATUS_ANYUNAVAIL))
2951 LOG_ERROR("Hart %d is unavailable.", riscv_current_hartid(target));
2952 if (get_field(dmstatus, DMI_DMSTATUS_ANYNONEXISTENT))
2953 LOG_ERROR("Hart %d doesn't exist.", riscv_current_hartid(target));
2954 if (get_field(dmstatus, DMI_DMSTATUS_ANYHAVERESET)) {
2955 int hartid = riscv_current_hartid(target);
2956 LOG_INFO("Hart %d unexpectedly reset!", hartid);
2957 /* TODO: Can we make this more obvious to eg. a gdb user? */
2958 uint32_t dmcontrol = DMI_DMCONTROL_DMACTIVE |
2959 DMI_DMCONTROL_ACKHAVERESET;
2960 dmcontrol = set_hartsel(dmcontrol, hartid);
2961 /* If we had been halted when we reset, request another halt. If we
2962 * ended up running out of reset, then the user will (hopefully) get a
2963 * message that a reset happened, that the target is running, and then
2964 * that it is halted again once the request goes through.
2966 if (target->state == TARGET_HALTED)
2967 dmcontrol |= DMI_DMCONTROL_HALTREQ;
2968 dmi_write(target, DMI_DMCONTROL, dmcontrol);
2970 return get_field(dmstatus, DMI_DMSTATUS_ALLHALTED);
2973 static enum riscv_halt_reason riscv013_halt_reason(struct target *target)
2976 int result = register_read(target, &dcsr, GDB_REGNO_DCSR);
2977 if (result != ERROR_OK)
2978 return RISCV_HALT_UNKNOWN;
2980 switch (get_field(dcsr, CSR_DCSR_CAUSE)) {
2981 case CSR_DCSR_CAUSE_SWBP:
2982 return RISCV_HALT_BREAKPOINT;
2983 case CSR_DCSR_CAUSE_TRIGGER:
2984 /* We could get here before triggers are enumerated if a trigger was
2985 * already set when we connected. Force enumeration now, which has the
2986 * side effect of clearing any triggers we did not set. */
2987 riscv_enumerate_triggers(target);
2988 LOG_DEBUG("{%d} halted because of trigger", target->coreid);
2989 return RISCV_HALT_TRIGGER;
2990 case CSR_DCSR_CAUSE_STEP:
2991 return RISCV_HALT_SINGLESTEP;
2992 case CSR_DCSR_CAUSE_DEBUGINT:
2993 case CSR_DCSR_CAUSE_HALT:
2994 return RISCV_HALT_INTERRUPT;
2997 LOG_ERROR("Unknown DCSR cause field: %x", (int)get_field(dcsr, CSR_DCSR_CAUSE));
2998 LOG_ERROR(" dcsr=0x%016lx", (long)dcsr);
2999 return RISCV_HALT_UNKNOWN;
3002 int riscv013_write_debug_buffer(struct target *target, unsigned index, riscv_insn_t data)
3004 return dmi_write(target, DMI_PROGBUF0 + index, data);
3007 riscv_insn_t riscv013_read_debug_buffer(struct target *target, unsigned index)
3010 dmi_read(target, &value, DMI_PROGBUF0 + index);
3014 int riscv013_execute_debug_buffer(struct target *target)
3016 uint32_t run_program = 0;
3017 run_program = set_field(run_program, AC_ACCESS_REGISTER_SIZE, 2);
3018 run_program = set_field(run_program, AC_ACCESS_REGISTER_POSTEXEC, 1);
3019 run_program = set_field(run_program, AC_ACCESS_REGISTER_TRANSFER, 0);
3020 run_program = set_field(run_program, AC_ACCESS_REGISTER_REGNO, 0x1000);
3022 return execute_abstract_command(target, run_program);
3025 void riscv013_fill_dmi_write_u64(struct target *target, char *buf, int a, uint64_t d)
3027 RISCV013_INFO(info);
3028 buf_set_u64((unsigned char *)buf, DTM_DMI_OP_OFFSET, DTM_DMI_OP_LENGTH, DMI_OP_WRITE);
3029 buf_set_u64((unsigned char *)buf, DTM_DMI_DATA_OFFSET, DTM_DMI_DATA_LENGTH, d);
3030 buf_set_u64((unsigned char *)buf, DTM_DMI_ADDRESS_OFFSET, info->abits, a);
3033 void riscv013_fill_dmi_read_u64(struct target *target, char *buf, int a)
3035 RISCV013_INFO(info);
3036 buf_set_u64((unsigned char *)buf, DTM_DMI_OP_OFFSET, DTM_DMI_OP_LENGTH, DMI_OP_READ);
3037 buf_set_u64((unsigned char *)buf, DTM_DMI_DATA_OFFSET, DTM_DMI_DATA_LENGTH, 0);
3038 buf_set_u64((unsigned char *)buf, DTM_DMI_ADDRESS_OFFSET, info->abits, a);
3041 void riscv013_fill_dmi_nop_u64(struct target *target, char *buf)
3043 RISCV013_INFO(info);
3044 buf_set_u64((unsigned char *)buf, DTM_DMI_OP_OFFSET, DTM_DMI_OP_LENGTH, DMI_OP_NOP);
3045 buf_set_u64((unsigned char *)buf, DTM_DMI_DATA_OFFSET, DTM_DMI_DATA_LENGTH, 0);
3046 buf_set_u64((unsigned char *)buf, DTM_DMI_ADDRESS_OFFSET, info->abits, 0);
3049 /* Helper function for riscv013_test_sba_config_reg */
3050 static int get_max_sbaccess(struct target *target)
3052 RISCV013_INFO(info);
3054 uint32_t sbaccess128 = get_field(info->sbcs, DMI_SBCS_SBACCESS128);
3055 uint32_t sbaccess64 = get_field(info->sbcs, DMI_SBCS_SBACCESS64);
3056 uint32_t sbaccess32 = get_field(info->sbcs, DMI_SBCS_SBACCESS32);
3057 uint32_t sbaccess16 = get_field(info->sbcs, DMI_SBCS_SBACCESS16);
3058 uint32_t sbaccess8 = get_field(info->sbcs, DMI_SBCS_SBACCESS8);
3062 else if (sbaccess64)
3064 else if (sbaccess32)
3066 else if (sbaccess16)
3074 static uint32_t get_num_sbdata_regs(struct target *target)
3076 RISCV013_INFO(info);
3078 uint32_t sbaccess128 = get_field(info->sbcs, DMI_SBCS_SBACCESS128);
3079 uint32_t sbaccess64 = get_field(info->sbcs, DMI_SBCS_SBACCESS64);
3080 uint32_t sbaccess32 = get_field(info->sbcs, DMI_SBCS_SBACCESS32);
3084 else if (sbaccess64)
3086 else if (sbaccess32)
3092 static int riscv013_test_sba_config_reg(struct target *target,
3093 target_addr_t legal_address, uint32_t num_words,
3094 target_addr_t illegal_address, bool run_sbbusyerror_test)
3096 LOG_INFO("Testing System Bus Access as defined by RISC-V Debug Spec v0.13");
3098 uint32_t tests_failed = 0;
3102 dmi_read(target, &sbcs_orig, DMI_SBCS);
3104 uint32_t sbcs = sbcs_orig;
3107 int max_sbaccess = get_max_sbaccess(target);
3109 if (max_sbaccess == -1) {
3110 LOG_ERROR("System Bus Access not supported in this config.");
3114 if (get_field(sbcs, DMI_SBCS_SBVERSION) != 1) {
3115 LOG_ERROR("System Bus Access unsupported SBVERSION (%d). Only version 1 is supported.",
3116 get_field(sbcs, DMI_SBCS_SBVERSION));
3120 uint32_t num_sbdata_regs = get_num_sbdata_regs(target);
3122 uint32_t rd_buf[num_sbdata_regs];
3124 /* Test 1: Simple write/read test */
3126 sbcs = set_field(sbcs_orig, DMI_SBCS_SBAUTOINCREMENT, 0);
3127 dmi_write(target, DMI_SBCS, sbcs);
3129 uint32_t test_patterns[4] = {0xdeadbeef, 0xfeedbabe, 0x12345678, 0x08675309};
3130 for (uint32_t sbaccess = 0; sbaccess <= (uint32_t)max_sbaccess; sbaccess++) {
3131 sbcs = set_field(sbcs, DMI_SBCS_SBACCESS, sbaccess);
3132 dmi_write(target, DMI_SBCS, sbcs);
3134 uint32_t compare_mask = (sbaccess == 0) ? 0xff : (sbaccess == 1) ? 0xffff : 0xffffffff;
3136 for (uint32_t i = 0; i < num_words; i++) {
3137 uint32_t addr = legal_address + (i << sbaccess);
3138 uint32_t wr_data[num_sbdata_regs];
3139 for (uint32_t j = 0; j < num_sbdata_regs; j++)
3140 wr_data[j] = test_patterns[j] + i;
3141 write_memory_sba_simple(target, addr, wr_data, num_sbdata_regs, sbcs);
3144 for (uint32_t i = 0; i < num_words; i++) {
3145 uint32_t addr = legal_address + (i << sbaccess);
3146 read_memory_sba_simple(target, addr, rd_buf, num_sbdata_regs, sbcs);
3147 for (uint32_t j = 0; j < num_sbdata_regs; j++) {
3148 if (((test_patterns[j]+i)&compare_mask) != (rd_buf[j]&compare_mask)) {
3149 LOG_ERROR("System Bus Access Test 1: Error reading non-autoincremented address %x,"
3150 "expected val = %x, read val = %x", addr, test_patterns[j]+i, rd_buf[j]);
3151 test_passed = false;
3158 LOG_INFO("System Bus Access Test 1: Simple write/read test PASSED.");
3160 /* Test 2: Address autoincrement test */
3161 target_addr_t curr_addr;
3162 target_addr_t prev_addr;
3164 sbcs = set_field(sbcs_orig, DMI_SBCS_SBAUTOINCREMENT, 1);
3165 dmi_write(target, DMI_SBCS, sbcs);
3167 for (uint32_t sbaccess = 0; sbaccess <= (uint32_t)max_sbaccess; sbaccess++) {
3168 sbcs = set_field(sbcs, DMI_SBCS_SBACCESS, sbaccess);
3169 dmi_write(target, DMI_SBCS, sbcs);
3171 dmi_write(target, DMI_SBADDRESS0, legal_address);
3172 read_sbcs_nonbusy(target, &sbcs);
3173 curr_addr = legal_address;
3174 for (uint32_t i = 0; i < num_words; i++) {
3175 prev_addr = curr_addr;
3176 read_sbcs_nonbusy(target, &sbcs);
3177 curr_addr = sb_read_address(target);
3178 if ((curr_addr - prev_addr != (uint32_t)(1 << sbaccess)) && (i != 0)) {
3179 LOG_ERROR("System Bus Access Test 2: Error with address auto-increment, sbaccess = %x.", sbaccess);
3180 test_passed = false;
3183 dmi_write(target, DMI_SBDATA0, i);
3186 read_sbcs_nonbusy(target, &sbcs);
3188 dmi_write(target, DMI_SBADDRESS0, legal_address);
3191 sbcs = set_field(sbcs, DMI_SBCS_SBREADONDATA, 1);
3192 dmi_write(target, DMI_SBCS, sbcs);
3193 dmi_read(target, &val, DMI_SBDATA0); /* Dummy read to trigger first system bus read */
3194 curr_addr = legal_address;
3195 for (uint32_t i = 0; i < num_words; i++) {
3196 prev_addr = curr_addr;
3197 read_sbcs_nonbusy(target, &sbcs);
3198 curr_addr = sb_read_address(target);
3199 if ((curr_addr - prev_addr != (uint32_t)(1 << sbaccess)) && (i != 0)) {
3200 LOG_ERROR("System Bus Access Test 2: Error with address auto-increment, sbaccess = %x", sbaccess);
3201 test_passed = false;
3204 dmi_read(target, &val, DMI_SBDATA0);
3205 read_sbcs_nonbusy(target, &sbcs);
3207 LOG_ERROR("System Bus Access Test 2: Error reading auto-incremented address,"
3208 "expected val = %x, read val = %x.", i, val);
3209 test_passed = false;
3215 LOG_INFO("System Bus Access Test 2: Address auto-increment test PASSED.");
3217 /* Test 3: Read from illegal address */
3218 read_memory_sba_simple(target, illegal_address, rd_buf, 1, sbcs_orig);
3220 dmi_read(target, &rd_val, DMI_SBCS);
3221 if (get_field(rd_val, DMI_SBCS_SBERROR) == 2) {
3222 sbcs = set_field(sbcs_orig, DMI_SBCS_SBERROR, 2);
3223 dmi_write(target, DMI_SBCS, sbcs);
3224 dmi_read(target, &rd_val, DMI_SBCS);
3225 if (get_field(rd_val, DMI_SBCS_SBERROR) == 0)
3226 LOG_INFO("System Bus Access Test 3: Illegal address read test PASSED.");
3228 LOG_ERROR("System Bus Access Test 3: Illegal address read test FAILED, unable to clear to 0.");
3230 LOG_ERROR("System Bus Access Test 3: Illegal address read test FAILED, unable to set error code.");
3233 /* Test 4: Write to illegal address */
3234 write_memory_sba_simple(target, illegal_address, test_patterns, 1, sbcs_orig);
3236 dmi_read(target, &rd_val, DMI_SBCS);
3237 if (get_field(rd_val, DMI_SBCS_SBERROR) == 2) {
3238 sbcs = set_field(sbcs_orig, DMI_SBCS_SBERROR, 2);
3239 dmi_write(target, DMI_SBCS, sbcs);
3240 dmi_read(target, &rd_val, DMI_SBCS);
3241 if (get_field(rd_val, DMI_SBCS_SBERROR) == 0)
3242 LOG_INFO("System Bus Access Test 4: Illegal address write test PASSED.");
3244 LOG_ERROR("System Bus Access Test 4: Illegal address write test FAILED, unable to clear to 0.");
3248 LOG_ERROR("System Bus Access Test 4: Illegal address write test FAILED, unable to set error code.");
3252 /* Test 5: Write with unsupported sbaccess size */
3253 uint32_t sbaccess128 = get_field(sbcs_orig, DMI_SBCS_SBACCESS128);
3256 LOG_INFO("System Bus Access Test 5: SBCS sbaccess error test PASSED, all sbaccess sizes supported.");
3258 sbcs = set_field(sbcs_orig, DMI_SBCS_SBACCESS, 4);
3260 write_memory_sba_simple(target, legal_address, test_patterns, 1, sbcs);
3262 dmi_read(target, &rd_val, DMI_SBCS);
3263 if (get_field(rd_val, DMI_SBCS_SBERROR) == 4) {
3264 sbcs = set_field(sbcs_orig, DMI_SBCS_SBERROR, 4);
3265 dmi_write(target, DMI_SBCS, sbcs);
3266 dmi_read(target, &rd_val, DMI_SBCS);
3267 if (get_field(rd_val, DMI_SBCS_SBERROR) == 0)
3268 LOG_INFO("System Bus Access Test 5: SBCS sbaccess error test PASSED.");
3270 LOG_ERROR("System Bus Access Test 5: SBCS sbaccess error test FAILED, unable to clear to 0.");
3274 LOG_ERROR("System Bus Access Test 5: SBCS sbaccess error test FAILED, unable to set error code.");
3279 /* Test 6: Write to misaligned address */
3280 sbcs = set_field(sbcs_orig, DMI_SBCS_SBACCESS, 1);
3282 write_memory_sba_simple(target, legal_address+1, test_patterns, 1, sbcs);
3284 dmi_read(target, &rd_val, DMI_SBCS);
3285 if (get_field(rd_val, DMI_SBCS_SBERROR) == 3) {
3286 sbcs = set_field(sbcs_orig, DMI_SBCS_SBERROR, 3);
3287 dmi_write(target, DMI_SBCS, sbcs);
3288 dmi_read(target, &rd_val, DMI_SBCS);
3289 if (get_field(rd_val, DMI_SBCS_SBERROR) == 0)
3290 LOG_INFO("System Bus Access Test 6: SBCS address alignment error test PASSED");
3292 LOG_ERROR("System Bus Access Test 6: SBCS address alignment error test FAILED, unable to clear to 0.");
3296 LOG_ERROR("System Bus Access Test 6: SBCS address alignment error test FAILED, unable to set error code.");
3300 /* Test 7: Set sbbusyerror, only run this case in simulation as it is likely
3301 * impossible to hit otherwise */
3302 if (run_sbbusyerror_test) {
3303 sbcs = set_field(sbcs_orig, DMI_SBCS_SBREADONADDR, 1);
3304 dmi_write(target, DMI_SBCS, sbcs);
3306 for (int i = 0; i < 16; i++)
3307 dmi_write(target, DMI_SBDATA0, 0xdeadbeef);
3309 for (int i = 0; i < 16; i++)
3310 dmi_write(target, DMI_SBADDRESS0, legal_address);
3312 dmi_read(target, &rd_val, DMI_SBCS);
3313 if (get_field(rd_val, DMI_SBCS_SBBUSYERROR)) {
3314 sbcs = set_field(sbcs_orig, DMI_SBCS_SBBUSYERROR, 1);
3315 dmi_write(target, DMI_SBCS, sbcs);
3316 dmi_read(target, &rd_val, DMI_SBCS);
3317 if (get_field(rd_val, DMI_SBCS_SBBUSYERROR) == 0)
3318 LOG_INFO("System Bus Access Test 7: SBCS sbbusyerror test PASSED.");
3320 LOG_ERROR("System Bus Access Test 7: SBCS sbbusyerror test FAILED, unable to clear to 0.");
3324 LOG_ERROR("System Bus Access Test 7: SBCS sbbusyerror test FAILED, unable to set error code.");
3329 if (tests_failed == 0) {
3330 LOG_INFO("ALL TESTS PASSED");
3333 LOG_ERROR("%d TESTS FAILED", tests_failed);
3339 void write_memory_sba_simple(struct target *target, target_addr_t addr,
3340 uint32_t *write_data, uint32_t write_size, uint32_t sbcs)
3342 RISCV013_INFO(info);
3345 uint32_t masked_addr;
3347 uint32_t sba_size = get_field(info->sbcs, DMI_SBCS_SBASIZE);
3349 read_sbcs_nonbusy(target, &rd_sbcs);
3351 uint32_t sbcs_no_readonaddr = set_field(sbcs, DMI_SBCS_SBREADONADDR, 0);
3352 dmi_write(target, DMI_SBCS, sbcs_no_readonaddr);
3354 for (uint32_t i = 0; i < sba_size/32; i++) {
3355 masked_addr = (addr >> 32*i) & 0xffffffff;
3358 dmi_write(target, DMI_SBADDRESS0+i, masked_addr);
3360 dmi_write(target, DMI_SBADDRESS3, masked_addr);
3363 /* Write SBDATA registers starting with highest address, since write to
3364 * SBDATA0 triggers write */
3365 for (int i = write_size-1; i >= 0; i--)
3366 dmi_write(target, DMI_SBDATA0+i, write_data[i]);
3369 void read_memory_sba_simple(struct target *target, target_addr_t addr,
3370 uint32_t *rd_buf, uint32_t read_size, uint32_t sbcs)
3372 RISCV013_INFO(info);
3375 uint32_t masked_addr;
3377 uint32_t sba_size = get_field(info->sbcs, DMI_SBCS_SBASIZE);
3379 read_sbcs_nonbusy(target, &rd_sbcs);
3381 uint32_t sbcs_readonaddr = set_field(sbcs, DMI_SBCS_SBREADONADDR, 1);
3382 dmi_write(target, DMI_SBCS, sbcs_readonaddr);
3384 /* Write addresses starting with highest address register */
3385 for (int i = sba_size/32-1; i >= 0; i--) {
3386 masked_addr = (addr >> 32*i) & 0xffffffff;
3389 dmi_write(target, DMI_SBADDRESS0+i, masked_addr);
3391 dmi_write(target, DMI_SBADDRESS3, masked_addr);
3394 read_sbcs_nonbusy(target, &rd_sbcs);
3396 for (uint32_t i = 0; i < read_size; i++)
3397 dmi_read(target, &(rd_buf[i]), DMI_SBDATA0+i);
3400 int riscv013_dmi_write_u64_bits(struct target *target)
3402 RISCV013_INFO(info);
3403 return info->abits + DTM_DMI_DATA_LENGTH + DTM_DMI_OP_LENGTH;
3406 static int maybe_execute_fence_i(struct target *target)
3408 RISCV013_INFO(info);
3410 if (info->progbufsize + r->impebreak >= 3)
3411 return execute_fence(target);
3415 /* Helper Functions. */
3416 static int riscv013_on_step_or_resume(struct target *target, bool step)
3418 if (maybe_execute_fence_i(target) != ERROR_OK)
3421 /* We want to twiddle some bits in the debug CSR so debugging works. */
3423 int result = register_read(target, &dcsr, GDB_REGNO_DCSR);
3424 if (result != ERROR_OK)
3426 dcsr = set_field(dcsr, CSR_DCSR_STEP, step);
3427 dcsr = set_field(dcsr, CSR_DCSR_EBREAKM, 1);
3428 dcsr = set_field(dcsr, CSR_DCSR_EBREAKS, 1);
3429 dcsr = set_field(dcsr, CSR_DCSR_EBREAKU, 1);
3430 return riscv_set_register(target, GDB_REGNO_DCSR, dcsr);
3433 static int riscv013_step_or_resume_current_hart(struct target *target, bool step)
3436 LOG_DEBUG("resuming hart %d (for step?=%d)", r->current_hartid, step);
3437 if (!riscv_is_halted(target)) {
3438 LOG_ERROR("Hart %d is not halted!", r->current_hartid);
3442 if (maybe_execute_fence_i(target) != ERROR_OK)
3445 /* Issue the resume command, and then wait for the current hart to resume. */
3446 uint32_t dmcontrol = DMI_DMCONTROL_DMACTIVE;
3447 dmcontrol = set_hartsel(dmcontrol, r->current_hartid);
3448 dmi_write(target, DMI_DMCONTROL, dmcontrol | DMI_DMCONTROL_RESUMEREQ);
3451 for (size_t i = 0; i < 256; ++i) {
3453 if (dmstatus_read(target, &dmstatus, true) != ERROR_OK)
3455 if (get_field(dmstatus, DMI_DMSTATUS_ALLRESUMEACK) == 0)
3457 if (step && get_field(dmstatus, DMI_DMSTATUS_ALLHALTED) == 0)
3460 dmi_write(target, DMI_DMCONTROL, dmcontrol);
3464 LOG_ERROR("unable to resume hart %d", r->current_hartid);
3465 if (dmi_read(target, &dmcontrol, DMI_DMCONTROL) != ERROR_OK)
3467 LOG_ERROR(" dmcontrol=0x%08x", dmcontrol);
3468 if (dmstatus_read(target, &dmstatus, true) != ERROR_OK)
3470 LOG_ERROR(" dmstatus =0x%08x", dmstatus);
3473 LOG_ERROR(" was stepping, halting");
3474 riscv013_halt_current_hart(target);
3481 void riscv013_clear_abstract_error(struct target *target)
3483 /* Wait for busy to go away. */
3484 time_t start = time(NULL);
3485 uint32_t abstractcs;
3486 dmi_read(target, &abstractcs, DMI_ABSTRACTCS);
3487 while (get_field(abstractcs, DMI_ABSTRACTCS_BUSY)) {
3488 dmi_read(target, &abstractcs, DMI_ABSTRACTCS);
3490 if (time(NULL) - start > riscv_command_timeout_sec) {
3491 LOG_ERROR("abstractcs.busy is not going low after %d seconds "
3492 "(abstractcs=0x%x). The target is either really slow or "
3493 "broken. You could increase the timeout with riscv "
3494 "set_command_timeout_sec.",
3495 riscv_command_timeout_sec, abstractcs);
3499 /* Clear the error status. */
3500 dmi_write(target, DMI_ABSTRACTCS, abstractcs & DMI_ABSTRACTCS_CMDERR);
3503 #define COMPLIANCE_TEST(b, message) \
3510 LOG_INFO("%s test %d (%s)\n", (pass) ? "PASSED" : "FAILED", total_tests, message); \
3515 #define COMPLIANCE_MUST_PASS(b) COMPLIANCE_TEST(ERROR_OK == (b), "Regular calls must return ERROR_OK")
3517 #define COMPLIANCE_READ(target, addr, value) COMPLIANCE_MUST_PASS(dmi_read(target, addr, value))
3518 #define COMPLIANCE_WRITE(target, addr, value) COMPLIANCE_MUST_PASS(dmi_write(target, addr, value))
3520 #define COMPLIANCE_CHECK_RO(target, addr) \
3524 COMPLIANCE_READ(target, &orig, addr); \
3525 COMPLIANCE_WRITE(target, addr, ~orig); \
3526 COMPLIANCE_READ(target, &inverse, addr); \
3527 COMPLIANCE_TEST(orig == inverse, "Register must be read-only"); \
3530 int riscv013_test_compliance(struct target *target)
3532 LOG_INFO("Testing Compliance against RISC-V Debug Spec v0.13");
3534 if (!riscv_rtos_enabled(target)) {
3535 LOG_ERROR("Please run with -rtos riscv to run compliance test.");
3539 int total_tests = 0;
3540 int passed_tests = 0;
3542 uint32_t dmcontrol_orig = DMI_DMCONTROL_DMACTIVE;
3545 uint32_t testvar_read;
3547 RISCV013_INFO(info);
3549 /* All the bits of HARTSEL are covered by the examine sequence. */
3552 /* This field is optional. Either we can read and write it to 1/0,
3553 or it is tied to 0. This check doesn't really do anything, but
3554 it does attempt to set the bit to 1 and then back to 0, which needs to
3555 work if its implemented. */
3556 COMPLIANCE_WRITE(target, DMI_DMCONTROL, set_field(dmcontrol_orig, DMI_DMCONTROL_HARTRESET, 1));
3557 COMPLIANCE_WRITE(target, DMI_DMCONTROL, set_field(dmcontrol_orig, DMI_DMCONTROL_HARTRESET, 0));
3558 COMPLIANCE_READ(target, &dmcontrol, DMI_DMCONTROL);
3559 COMPLIANCE_TEST((get_field(dmcontrol, DMI_DMCONTROL_HARTRESET) == 0),
3560 "DMCONTROL.hartreset can be 0 or RW.");
3563 COMPLIANCE_WRITE(target, DMI_DMCONTROL, set_field(dmcontrol_orig, DMI_DMCONTROL_HASEL, 1));
3564 COMPLIANCE_WRITE(target, DMI_DMCONTROL, set_field(dmcontrol_orig, DMI_DMCONTROL_HASEL, 0));
3565 COMPLIANCE_READ(target, &dmcontrol, DMI_DMCONTROL);
3566 COMPLIANCE_TEST((get_field(dmcontrol, DMI_DMCONTROL_HASEL) == 0),
3567 "DMCONTROL.hasel can be 0 or RW.");
3568 /* TODO: test that hamask registers exist if hasel does. */
3571 COMPLIANCE_MUST_PASS(riscv_halt_all_harts(target));
3572 /* This bit is not actually readable according to the spec, so nothing to check.*/
3575 COMPLIANCE_CHECK_RO(target, DMI_DMSTATUS);
3578 /* This bit is not actually readable according to the spec, so nothing to check.*/
3579 COMPLIANCE_MUST_PASS(riscv_resume_all_harts(target));
3581 /* Halt all harts again so the test can continue.*/
3582 COMPLIANCE_MUST_PASS(riscv_halt_all_harts(target));
3584 /* HARTINFO: Read-Only. This is per-hart, so need to adjust hartsel. */
3586 COMPLIANCE_READ(target, &hartinfo, DMI_HARTINFO);
3587 for (int hartsel = 0; hartsel < riscv_count_harts(target); hartsel++) {
3588 COMPLIANCE_MUST_PASS(riscv_set_current_hartid(target, hartsel));
3590 COMPLIANCE_CHECK_RO(target, DMI_HARTINFO);
3592 /* $dscratch CSRs */
3593 uint32_t nscratch = get_field(hartinfo, DMI_HARTINFO_NSCRATCH);
3594 for (unsigned int d = 0; d < nscratch; d++) {
3595 riscv_reg_t testval, testval_read;
3596 /* Because DSCRATCH is not guaranteed to last across PB executions, need to put
3597 this all into one PB execution. Which may not be possible on all implementations.*/
3598 if (info->progbufsize >= 5) {
3599 for (testval = 0x0011223300112233;
3601 testval = testval == 0x0011223300112233 ? ~testval : 0xDEAD) {
3602 COMPLIANCE_TEST(register_write_direct(target, GDB_REGNO_S0, testval) == ERROR_OK,
3603 "Need to be able to write S0 in order to test DSCRATCH.");
3604 struct riscv_program program32;
3605 riscv_program_init(&program32, target);
3606 riscv_program_csrw(&program32, GDB_REGNO_S0, GDB_REGNO_DSCRATCH + d);
3607 riscv_program_csrr(&program32, GDB_REGNO_S1, GDB_REGNO_DSCRATCH + d);
3608 riscv_program_fence(&program32);
3609 riscv_program_ebreak(&program32);
3610 COMPLIANCE_TEST(riscv_program_exec(&program32, target) == ERROR_OK,
3611 "Accessing DSCRATCH with program buffer should succeed.");
3612 COMPLIANCE_TEST(register_read_direct(target, &testval_read, GDB_REGNO_S1) == ERROR_OK,
3613 "Need to be able to read S1 in order to test DSCRATCH.");
3614 if (riscv_xlen(target) > 32) {
3615 COMPLIANCE_TEST(testval == testval_read,
3616 "All DSCRATCH registers in HARTINFO must be R/W.");
3618 COMPLIANCE_TEST(testval_read == (testval & 0xFFFFFFFF),
3619 "All DSCRATCH registers in HARTINFO must be R/W.");
3624 /* TODO: dataaccess */
3625 if (get_field(hartinfo, DMI_HARTINFO_DATAACCESS)) {
3626 /* TODO: Shadowed in memory map. */
3627 /* TODO: datasize */
3628 /* TODO: dataaddr */
3630 /* TODO: Shadowed in CSRs. */
3631 /* TODO: datasize */
3632 /* TODO: dataaddr */
3637 /* HALTSUM -- TODO: More than 32 harts. Would need to loop over this to set hartsel */
3638 /* TODO: HALTSUM2, HALTSUM3 */
3640 uint32_t expected_haltsum0 = 0;
3641 for (int i = 0; i < MIN(riscv_count_harts(target), 32); i++)
3642 expected_haltsum0 |= (1 << i);
3644 COMPLIANCE_READ(target, &testvar_read, DMI_HALTSUM0);
3645 COMPLIANCE_TEST(testvar_read == expected_haltsum0,
3646 "HALTSUM0 should report summary of up to 32 halted harts");
3648 COMPLIANCE_WRITE(target, DMI_HALTSUM0, 0xffffffff);
3649 COMPLIANCE_READ(target, &testvar_read, DMI_HALTSUM0);
3650 COMPLIANCE_TEST(testvar_read == expected_haltsum0, "HALTSUM0 should be R/O");
3652 COMPLIANCE_WRITE(target, DMI_HALTSUM0, 0x0);
3653 COMPLIANCE_READ(target, &testvar_read, DMI_HALTSUM0);
3654 COMPLIANCE_TEST(testvar_read == expected_haltsum0, "HALTSUM0 should be R/O");
3657 uint32_t expected_haltsum1 = 0;
3658 for (int i = 0; i < MIN(riscv_count_harts(target), 1024); i += 32)
3659 expected_haltsum1 |= (1 << (i/32));
3661 COMPLIANCE_READ(target, &testvar_read, DMI_HALTSUM1);
3662 COMPLIANCE_TEST(testvar_read == expected_haltsum1,
3663 "HALTSUM1 should report summary of up to 1024 halted harts");
3665 COMPLIANCE_WRITE(target, DMI_HALTSUM1, 0xffffffff);
3666 COMPLIANCE_READ(target, &testvar_read, DMI_HALTSUM1);
3667 COMPLIANCE_TEST(testvar_read == expected_haltsum1, "HALTSUM1 should be R/O");
3669 COMPLIANCE_WRITE(target, DMI_HALTSUM1, 0x0);
3670 COMPLIANCE_READ(target, &testvar_read, DMI_HALTSUM1);
3671 COMPLIANCE_TEST(testvar_read == expected_haltsum1, "HALTSUM1 should be R/O");
3673 /* TODO: HAWINDOWSEL */
3675 /* TODO: HAWINDOW */
3679 uint32_t abstractcs;
3680 COMPLIANCE_READ(target, &abstractcs, DMI_ABSTRACTCS);
3682 /* Check that all reported Data Words are really R/W */
3683 for (int invert = 0; invert < 2; invert++) {
3684 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_DATACOUNT); i++) {
3685 testvar = (i + 1) * 0x11111111;
3688 COMPLIANCE_WRITE(target, DMI_DATA0 + i, testvar);
3690 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_DATACOUNT); i++) {
3691 testvar = (i + 1) * 0x11111111;
3694 COMPLIANCE_READ(target, &testvar_read, DMI_DATA0 + i);
3695 COMPLIANCE_TEST(testvar_read == testvar, "All reported DATA words must be R/W");
3699 /* Check that all reported ProgBuf words are really R/W */
3700 for (int invert = 0; invert < 2; invert++) {
3701 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_PROGBUFSIZE); i++) {
3702 testvar = (i + 1) * 0x11111111;
3705 COMPLIANCE_WRITE(target, DMI_PROGBUF0 + i, testvar);
3707 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_PROGBUFSIZE); i++) {
3708 testvar = (i + 1) * 0x11111111;
3711 COMPLIANCE_READ(target, &testvar_read, DMI_PROGBUF0 + i);
3712 COMPLIANCE_TEST(testvar_read == testvar, "All reported PROGBUF words must be R/W");
3716 /* TODO: Cause and clear all error types */
3719 According to the spec, this register is only W, so can't really check the read result.
3720 But at any rate, this is not legal and should cause an error. */
3721 COMPLIANCE_WRITE(target, DMI_COMMAND, 0xAAAAAAAA);
3722 COMPLIANCE_READ(target, &testvar_read, DMI_ABSTRACTCS);
3723 COMPLIANCE_TEST(get_field(testvar_read, DMI_ABSTRACTCS_CMDERR) == CMDERR_NOT_SUPPORTED, \
3724 "Illegal COMMAND should result in UNSUPPORTED");
3725 COMPLIANCE_WRITE(target, DMI_ABSTRACTCS, DMI_ABSTRACTCS_CMDERR);
3727 COMPLIANCE_WRITE(target, DMI_COMMAND, 0x55555555);
3728 COMPLIANCE_READ(target, &testvar_read, DMI_ABSTRACTCS);
3729 COMPLIANCE_TEST(get_field(testvar_read, DMI_ABSTRACTCS_CMDERR) == CMDERR_NOT_SUPPORTED, \
3730 "Illegal COMMAND should result in UNSUPPORTED");
3731 COMPLIANCE_WRITE(target, DMI_ABSTRACTCS, DMI_ABSTRACTCS_CMDERR);
3733 /* Basic Abstract Commands */
3734 for (unsigned int i = 1; i < 32; i = i << 1) {
3735 riscv_reg_t testval = i | ((i + 1ULL) << 32);
3736 riscv_reg_t testval_read;
3737 COMPLIANCE_TEST(ERROR_OK == register_write_direct(target, GDB_REGNO_ZERO + i, testval),
3738 "GPR Writes should be supported.");
3739 COMPLIANCE_MUST_PASS(write_abstract_arg(target, 0, 0xDEADBEEFDEADBEEF, 64));
3740 COMPLIANCE_TEST(ERROR_OK == register_read_direct(target, &testval_read, GDB_REGNO_ZERO + i),
3741 "GPR Reads should be supported.");
3742 if (riscv_xlen(target) > 32) {
3743 /* Dummy comment to satisfy linter, since removing the brances here doesn't actually compile. */
3744 COMPLIANCE_TEST(testval == testval_read, "GPR Reads and writes should be supported.");
3746 /* Dummy comment to satisfy linter, since removing the brances here doesn't actually compile. */
3747 COMPLIANCE_TEST((testval & 0xFFFFFFFF) == testval_read, "GPR Reads and writes should be supported.");
3752 See which bits are actually writable */
3753 COMPLIANCE_WRITE(target, DMI_ABSTRACTAUTO, 0xFFFFFFFF);
3754 uint32_t abstractauto;
3756 COMPLIANCE_READ(target, &abstractauto, DMI_ABSTRACTAUTO);
3757 COMPLIANCE_WRITE(target, DMI_ABSTRACTAUTO, 0x0);
3758 if (abstractauto > 0) {
3759 /* This mechanism only works when you have a reasonable sized progbuf, which is not
3760 a true compliance requirement. */
3761 if (info->progbufsize >= 3) {
3764 COMPLIANCE_TEST(ERROR_OK == register_write_direct(target, GDB_REGNO_S0, 0),
3765 "Need to be able to write S0 to test ABSTRACTAUTO");
3766 struct riscv_program program;
3767 COMPLIANCE_MUST_PASS(riscv_program_init(&program, target));
3768 /* This is also testing that WFI() is a NOP during debug mode. */
3769 COMPLIANCE_MUST_PASS(riscv_program_insert(&program, wfi()));
3770 COMPLIANCE_MUST_PASS(riscv_program_addi(&program, GDB_REGNO_S0, GDB_REGNO_S0, 1));
3771 COMPLIANCE_MUST_PASS(riscv_program_ebreak(&program));
3772 COMPLIANCE_WRITE(target, DMI_ABSTRACTAUTO, 0x0);
3773 COMPLIANCE_MUST_PASS(riscv_program_exec(&program, target));
3775 COMPLIANCE_WRITE(target, DMI_ABSTRACTAUTO, 0xFFFFFFFF);
3776 COMPLIANCE_READ(target, &abstractauto, DMI_ABSTRACTAUTO);
3777 uint32_t autoexec_data = get_field(abstractauto, DMI_ABSTRACTAUTO_AUTOEXECDATA);
3778 uint32_t autoexec_progbuf = get_field(abstractauto, DMI_ABSTRACTAUTO_AUTOEXECPROGBUF);
3779 for (unsigned int i = 0; i < 12; i++) {
3780 COMPLIANCE_READ(target, &testvar_read, DMI_DATA0 + i);
3782 COMPLIANCE_READ(target, &testvar_read, DMI_ABSTRACTCS);
3783 busy = get_field(testvar_read, DMI_ABSTRACTCS_BUSY);
3785 if (autoexec_data & (1 << i)) {
3786 COMPLIANCE_TEST(i < get_field(abstractcs, DMI_ABSTRACTCS_DATACOUNT),
3787 "AUTOEXEC may be writable up to DATACOUNT bits.");
3791 for (unsigned int i = 0; i < 16; i++) {
3792 COMPLIANCE_READ(target, &testvar_read, DMI_PROGBUF0 + i);
3794 COMPLIANCE_READ(target, &testvar_read, DMI_ABSTRACTCS);
3795 busy = get_field(testvar_read, DMI_ABSTRACTCS_BUSY);
3797 if (autoexec_progbuf & (1 << i)) {
3798 COMPLIANCE_TEST(i < get_field(abstractcs, DMI_ABSTRACTCS_PROGBUFSIZE),
3799 "AUTOEXEC may be writable up to PROGBUFSIZE bits.");
3804 COMPLIANCE_WRITE(target, DMI_ABSTRACTAUTO, 0);
3805 COMPLIANCE_TEST(ERROR_OK == register_read_direct(target, &value, GDB_REGNO_S0),
3806 "Need to be able to read S0 to test ABSTRACTAUTO");
3808 COMPLIANCE_TEST(testvar == value,
3809 "ABSTRACTAUTO should cause COMMAND to run the expected number of times.");
3813 /* Single-Step each hart. */
3814 for (int hartsel = 0; hartsel < riscv_count_harts(target); hartsel++) {
3815 COMPLIANCE_MUST_PASS(riscv_set_current_hartid(target, hartsel));
3816 COMPLIANCE_MUST_PASS(riscv013_on_step(target));
3817 COMPLIANCE_MUST_PASS(riscv013_step_current_hart(target));
3818 COMPLIANCE_TEST(riscv_halt_reason(target, hartsel) == RISCV_HALT_SINGLESTEP,
3819 "Single Step should result in SINGLESTEP");
3822 /* Core Register Tests */
3823 uint64_t bogus_dpc = 0xdeadbeef;
3824 for (int hartsel = 0; hartsel < riscv_count_harts(target); hartsel++) {
3825 COMPLIANCE_MUST_PASS(riscv_set_current_hartid(target, hartsel));
3828 COMPLIANCE_MUST_PASS(register_write_direct(target, GDB_REGNO_DCSR, 0x0));
3829 COMPLIANCE_MUST_PASS(register_read_direct(target, &value, GDB_REGNO_DCSR));
3830 COMPLIANCE_TEST(value != 0, "Not all bits in DCSR are writable by Debugger");
3831 COMPLIANCE_MUST_PASS(register_write_direct(target, GDB_REGNO_DCSR, 0xFFFFFFFF));
3832 COMPLIANCE_MUST_PASS(register_read_direct(target, &value, GDB_REGNO_DCSR));
3833 COMPLIANCE_TEST(value != 0, "At least some bits in DCSR must be 1");
3835 /* DPC. Note that DPC is sign-extended. */
3836 riscv_reg_t dpcmask = 0xFFFFFFFCUL;
3839 if (riscv_xlen(target) > 32)
3840 dpcmask |= (0xFFFFFFFFULL << 32);
3842 if (riscv_supports_extension(target, riscv_current_hartid(target), 'C'))
3845 COMPLIANCE_MUST_PASS(register_write_direct(target, GDB_REGNO_DPC, dpcmask));
3846 COMPLIANCE_MUST_PASS(register_read_direct(target, &dpc, GDB_REGNO_DPC));
3847 COMPLIANCE_TEST(dpcmask == dpc,
3848 "DPC must be sign-extended to XLEN and writable to all-1s (except the least significant bits)");
3849 COMPLIANCE_MUST_PASS(register_write_direct(target, GDB_REGNO_DPC, 0));
3850 COMPLIANCE_MUST_PASS(register_read_direct(target, &dpc, GDB_REGNO_DPC));
3851 COMPLIANCE_TEST(dpc == 0, "DPC must be writable to 0.");
3853 bogus_dpc = dpc; /* For a later test step */
3857 Asserting non-debug module reset should not reset Debug Module state.
3858 But it should reset Hart State, e.g. DPC should get a different value.
3859 Also make sure that DCSR reports cause of 'HALT' even though previously we single-stepped.
3862 /* Write some registers. They should not be impacted by ndmreset. */
3863 COMPLIANCE_WRITE(target, DMI_COMMAND, 0xFFFFFFFF);
3865 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_PROGBUFSIZE); i++) {
3866 testvar = (i + 1) * 0x11111111;
3867 COMPLIANCE_WRITE(target, DMI_PROGBUF0 + i, testvar);
3870 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_DATACOUNT); i++) {
3871 testvar = (i + 1) * 0x11111111;
3872 COMPLIANCE_WRITE(target, DMI_DATA0 + i, testvar);
3875 COMPLIANCE_WRITE(target, DMI_ABSTRACTAUTO, 0xFFFFFFFF);
3876 COMPLIANCE_READ(target, &abstractauto, DMI_ABSTRACTAUTO);
3879 target->reset_halt = true;
3880 COMPLIANCE_MUST_PASS(riscv_set_current_hartid(target, 0));
3881 COMPLIANCE_TEST(ERROR_OK == assert_reset(target), "Must be able to assert NDMRESET");
3882 COMPLIANCE_TEST(ERROR_OK == deassert_reset(target), "Must be able to deassert NDMRESET");
3884 /* Verify that most stuff is not affected by ndmreset. */
3885 COMPLIANCE_READ(target, &testvar_read, DMI_ABSTRACTCS);
3886 COMPLIANCE_TEST(get_field(testvar_read, DMI_ABSTRACTCS_CMDERR) == CMDERR_NOT_SUPPORTED,
3887 "NDMRESET should not affect DMI_ABSTRACTCS");
3888 COMPLIANCE_READ(target, &testvar_read, DMI_ABSTRACTAUTO);
3889 COMPLIANCE_TEST(testvar_read == abstractauto, "NDMRESET should not affect DMI_ABSTRACTAUTO");
3891 /* Clean up to avoid future test failures */
3892 COMPLIANCE_WRITE(target, DMI_ABSTRACTCS, DMI_ABSTRACTCS_CMDERR);
3893 COMPLIANCE_WRITE(target, DMI_ABSTRACTAUTO, 0);
3895 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_PROGBUFSIZE); i++) {
3896 testvar = (i + 1) * 0x11111111;
3897 COMPLIANCE_READ(target, &testvar_read, DMI_PROGBUF0 + i);
3898 COMPLIANCE_TEST(testvar_read == testvar, "PROGBUF words must not be affected by NDMRESET");
3901 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_DATACOUNT); i++) {
3902 testvar = (i + 1) * 0x11111111;
3903 COMPLIANCE_READ(target, &testvar_read, DMI_DATA0 + i);
3904 COMPLIANCE_TEST(testvar_read == testvar, "DATA words must not be affected by NDMRESET");
3907 /* Verify that DPC *is* affected by ndmreset. Since we don't know what it *should* be,
3908 just verify that at least it's not the bogus value anymore. */
3910 COMPLIANCE_TEST(bogus_dpc != 0xdeadbeef, "BOGUS DPC should have been set somehow (bug in compliance test)");
3911 COMPLIANCE_MUST_PASS(register_read_direct(target, &value, GDB_REGNO_DPC));
3912 COMPLIANCE_TEST(bogus_dpc != value, "NDMRESET should move DPC to reset value.");
3914 COMPLIANCE_TEST(riscv_halt_reason(target, 0) == RISCV_HALT_INTERRUPT,
3915 "After NDMRESET halt, DCSR should report cause of halt");
3917 /* DMACTIVE -- deasserting DMACTIVE should reset all the above values. */
3919 /* Toggle dmactive */
3920 COMPLIANCE_WRITE(target, DMI_DMCONTROL, 0);
3921 COMPLIANCE_WRITE(target, DMI_DMCONTROL, DMI_DMCONTROL_DMACTIVE);
3922 COMPLIANCE_READ(target, &testvar_read, DMI_ABSTRACTCS);
3923 COMPLIANCE_TEST(get_field(testvar_read, DMI_ABSTRACTCS_CMDERR) == 0, "ABSTRACTCS.cmderr should reset to 0");
3924 COMPLIANCE_READ(target, &testvar_read, DMI_ABSTRACTAUTO);
3925 COMPLIANCE_TEST(testvar_read == 0, "ABSTRACTAUTO should reset to 0");
3927 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_PROGBUFSIZE); i++) {
3928 COMPLIANCE_READ(target, &testvar_read, DMI_PROGBUF0 + i);
3929 COMPLIANCE_TEST(testvar_read == 0, "PROGBUF words should reset to 0");
3932 for (unsigned int i = 0; i < get_field(abstractcs, DMI_ABSTRACTCS_DATACOUNT); i++) {
3933 COMPLIANCE_READ(target, &testvar_read, DMI_DATA0 + i);
3934 COMPLIANCE_TEST(testvar_read == 0, "DATA words should reset to 0");
3939 * DCSR.cause priorities
3940 * DCSR.stoptime/stopcycle
3946 /* Halt every hart for any follow-up tests*/
3947 COMPLIANCE_MUST_PASS(riscv_halt_all_harts(target));
3949 uint32_t failed_tests = total_tests - passed_tests;
3950 if (total_tests == passed_tests) {
3951 LOG_INFO("ALL TESTS PASSED\n");
3954 LOG_INFO("%d TESTS FAILED\n", failed_tests);
projects / fw / openocd / blob