1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2008 by Spencer Oliver *
6 * spen@spen-soft.co.uk *
8 * Copyright (C) 2008 by Oyvind Harboe *
9 * oyvind.harboe@zylin.com *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
23 ***************************************************************************/
32 #include "breakpoints.h"
33 #include "arm_disassembler.h"
34 #include <helper/binarybuffer.h>
35 #include "algorithm.h"
38 /* offsets into armv4_5 core register cache */
40 /* ARMV4_5_CPSR = 31, */
41 ARMV4_5_SPSR_FIQ = 32,
42 ARMV4_5_SPSR_IRQ = 33,
43 ARMV4_5_SPSR_SVC = 34,
44 ARMV4_5_SPSR_ABT = 35,
45 ARMV4_5_SPSR_UND = 36,
49 static const uint8_t arm_usr_indices[17] = {
50 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, ARMV4_5_CPSR,
53 static const uint8_t arm_fiq_indices[8] = {
54 16, 17, 18, 19, 20, 21, 22, ARMV4_5_SPSR_FIQ,
57 static const uint8_t arm_irq_indices[3] = {
58 23, 24, ARMV4_5_SPSR_IRQ,
61 static const uint8_t arm_svc_indices[3] = {
62 25, 26, ARMV4_5_SPSR_SVC,
65 static const uint8_t arm_abt_indices[3] = {
66 27, 28, ARMV4_5_SPSR_ABT,
69 static const uint8_t arm_und_indices[3] = {
70 29, 30, ARMV4_5_SPSR_UND,
73 static const uint8_t arm_mon_indices[3] = {
80 /* For user and system modes, these list indices for all registers.
81 * otherwise they're just indices for the shadow registers and SPSR.
83 unsigned short n_indices;
84 const uint8_t *indices;
86 /* Seven modes are standard from ARM7 on. "System" and "User" share
87 * the same registers; other modes shadow from 3 to 8 registers.
92 .n_indices = ARRAY_SIZE(arm_usr_indices),
93 .indices = arm_usr_indices,
98 .n_indices = ARRAY_SIZE(arm_fiq_indices),
99 .indices = arm_fiq_indices,
102 .name = "Supervisor",
104 .n_indices = ARRAY_SIZE(arm_svc_indices),
105 .indices = arm_svc_indices,
110 .n_indices = ARRAY_SIZE(arm_abt_indices),
111 .indices = arm_abt_indices,
116 .n_indices = ARRAY_SIZE(arm_irq_indices),
117 .indices = arm_irq_indices,
120 .name = "Undefined instruction",
122 .n_indices = ARRAY_SIZE(arm_und_indices),
123 .indices = arm_und_indices,
128 .n_indices = ARRAY_SIZE(arm_usr_indices),
129 .indices = arm_usr_indices,
131 /* TrustZone "Security Extensions" add a secure monitor mode.
132 * This is distinct from a "debug monitor" which can support
133 * non-halting debug, in conjunction with some debuggers.
136 .name = "Secure Monitor",
138 .n_indices = ARRAY_SIZE(arm_mon_indices),
139 .indices = arm_mon_indices,
142 .name = "Secure Monitor ARM1176JZF-S",
143 .psr = ARM_MODE_1176_MON,
144 .n_indices = ARRAY_SIZE(arm_mon_indices),
145 .indices = arm_mon_indices,
148 /* These special modes are currently only supported
149 * by ARMv6M and ARMv7M profiles */
152 .psr = ARM_MODE_THREAD,
155 .name = "Thread (User)",
156 .psr = ARM_MODE_USER_THREAD,
160 .psr = ARM_MODE_HANDLER,
164 /** Map PSR mode bits to the name of an ARM processor operating mode. */
165 const char *arm_mode_name(unsigned psr_mode)
167 for (unsigned i = 0; i < ARRAY_SIZE(arm_mode_data); i++) {
168 if (arm_mode_data[i].psr == psr_mode)
169 return arm_mode_data[i].name;
171 LOG_ERROR("unrecognized psr mode: %#02x", psr_mode);
172 return "UNRECOGNIZED";
175 /** Return true iff the parameter denotes a valid ARM processor mode. */
176 bool is_arm_mode(unsigned psr_mode)
178 for (unsigned i = 0; i < ARRAY_SIZE(arm_mode_data); i++) {
179 if (arm_mode_data[i].psr == psr_mode)
185 /** Map PSR mode bits to linear number indexing armv4_5_core_reg_map */
186 int arm_mode_to_number(enum arm_mode mode)
190 /* map MODE_ANY to user mode */
206 case ARM_MODE_1176_MON:
209 LOG_ERROR("invalid mode value encountered %d", mode);
214 /** Map linear number indexing armv4_5_core_reg_map to PSR mode bits. */
215 enum arm_mode armv4_5_number_to_mode(int number)
235 LOG_ERROR("mode index out of bounds %d", number);
240 static const char *arm_state_strings[] = {
241 "ARM", "Thumb", "Jazelle", "ThumbEE",
244 /* Templates for ARM core registers.
246 * NOTE: offsets in this table are coupled to the arm_mode_data
247 * table above, the armv4_5_core_reg_map array below, and also to
248 * the ARMV4_5_CPSR symbol (which should vanish after ARM11 updates).
250 static const struct {
251 /* The name is used for e.g. the "regs" command. */
254 /* The {cookie, mode} tuple uniquely identifies one register.
255 * In a given mode, cookies 0..15 map to registers R0..R15,
256 * with R13..R15 usually called SP, LR, PC.
258 * MODE_ANY is used as *input* to the mapping, and indicates
259 * various special cases (sigh) and errors.
261 * Cookie 16 is (currently) confusing, since it indicates
262 * CPSR -or- SPSR depending on whether 'mode' is MODE_ANY.
263 * (Exception modes have both CPSR and SPSR registers ...)
268 } arm_core_regs[] = {
269 /* IMPORTANT: we guarantee that the first eight cached registers
270 * correspond to r0..r7, and the fifteenth to PC, so that callers
271 * don't need to map them.
273 { .name = "r0", .cookie = 0, .mode = ARM_MODE_ANY, .gdb_index = 0, },
274 { .name = "r1", .cookie = 1, .mode = ARM_MODE_ANY, .gdb_index = 1, },
275 { .name = "r2", .cookie = 2, .mode = ARM_MODE_ANY, .gdb_index = 2, },
276 { .name = "r3", .cookie = 3, .mode = ARM_MODE_ANY, .gdb_index = 3, },
277 { .name = "r4", .cookie = 4, .mode = ARM_MODE_ANY, .gdb_index = 4, },
278 { .name = "r5", .cookie = 5, .mode = ARM_MODE_ANY, .gdb_index = 5, },
279 { .name = "r6", .cookie = 6, .mode = ARM_MODE_ANY, .gdb_index = 6, },
280 { .name = "r7", .cookie = 7, .mode = ARM_MODE_ANY, .gdb_index = 7, },
282 /* NOTE: regs 8..12 might be shadowed by FIQ ... flagging
283 * them as MODE_ANY creates special cases. (ANY means
284 * "not mapped" elsewhere; here it's "everything but FIQ".)
286 { .name = "r8", .cookie = 8, .mode = ARM_MODE_ANY, .gdb_index = 8, },
287 { .name = "r9", .cookie = 9, .mode = ARM_MODE_ANY, .gdb_index = 9, },
288 { .name = "r10", .cookie = 10, .mode = ARM_MODE_ANY, .gdb_index = 10, },
289 { .name = "r11", .cookie = 11, .mode = ARM_MODE_ANY, .gdb_index = 11, },
290 { .name = "r12", .cookie = 12, .mode = ARM_MODE_ANY, .gdb_index = 12, },
292 /* Historical GDB mapping of indices:
293 * - 13-14 are sp and lr, but banked counterparts are used
294 * - 16-24 are left for deprecated 8 FPA + 1 FPS
298 /* NOTE all MODE_USR registers are equivalent to MODE_SYS ones */
299 { .name = "sp_usr", .cookie = 13, .mode = ARM_MODE_USR, .gdb_index = 26, },
300 { .name = "lr_usr", .cookie = 14, .mode = ARM_MODE_USR, .gdb_index = 27, },
302 /* guaranteed to be at index 15 */
303 { .name = "pc", .cookie = 15, .mode = ARM_MODE_ANY, .gdb_index = 15, },
304 { .name = "r8_fiq", .cookie = 8, .mode = ARM_MODE_FIQ, .gdb_index = 28, },
305 { .name = "r9_fiq", .cookie = 9, .mode = ARM_MODE_FIQ, .gdb_index = 29, },
306 { .name = "r10_fiq", .cookie = 10, .mode = ARM_MODE_FIQ, .gdb_index = 30, },
307 { .name = "r11_fiq", .cookie = 11, .mode = ARM_MODE_FIQ, .gdb_index = 31, },
308 { .name = "r12_fiq", .cookie = 12, .mode = ARM_MODE_FIQ, .gdb_index = 32, },
310 { .name = "sp_fiq", .cookie = 13, .mode = ARM_MODE_FIQ, .gdb_index = 33, },
311 { .name = "lr_fiq", .cookie = 14, .mode = ARM_MODE_FIQ, .gdb_index = 34, },
313 { .name = "sp_irq", .cookie = 13, .mode = ARM_MODE_IRQ, .gdb_index = 35, },
314 { .name = "lr_irq", .cookie = 14, .mode = ARM_MODE_IRQ, .gdb_index = 36, },
316 { .name = "sp_svc", .cookie = 13, .mode = ARM_MODE_SVC, .gdb_index = 37, },
317 { .name = "lr_svc", .cookie = 14, .mode = ARM_MODE_SVC, .gdb_index = 38, },
319 { .name = "sp_abt", .cookie = 13, .mode = ARM_MODE_ABT, .gdb_index = 39, },
320 { .name = "lr_abt", .cookie = 14, .mode = ARM_MODE_ABT, .gdb_index = 40, },
322 { .name = "sp_und", .cookie = 13, .mode = ARM_MODE_UND, .gdb_index = 41, },
323 { .name = "lr_und", .cookie = 14, .mode = ARM_MODE_UND, .gdb_index = 42, },
325 { .name = "cpsr", .cookie = 16, .mode = ARM_MODE_ANY, .gdb_index = 25, },
326 { .name = "spsr_fiq", .cookie = 16, .mode = ARM_MODE_FIQ, .gdb_index = 43, },
327 { .name = "spsr_irq", .cookie = 16, .mode = ARM_MODE_IRQ, .gdb_index = 44, },
328 { .name = "spsr_svc", .cookie = 16, .mode = ARM_MODE_SVC, .gdb_index = 45, },
329 { .name = "spsr_abt", .cookie = 16, .mode = ARM_MODE_ABT, .gdb_index = 46, },
330 { .name = "spsr_und", .cookie = 16, .mode = ARM_MODE_UND, .gdb_index = 47, },
332 /* These are only used for GDB target description, banked registers are accessed instead */
333 { .name = "sp", .cookie = 13, .mode = ARM_MODE_ANY, .gdb_index = 13, },
334 { .name = "lr", .cookie = 14, .mode = ARM_MODE_ANY, .gdb_index = 14, },
336 /* These exist only when the Security Extension (TrustZone) is present */
337 { .name = "sp_mon", .cookie = 13, .mode = ARM_MODE_MON, .gdb_index = 48, },
338 { .name = "lr_mon", .cookie = 14, .mode = ARM_MODE_MON, .gdb_index = 49, },
339 { .name = "spsr_mon", .cookie = 16, .mode = ARM_MODE_MON, .gdb_index = 50, },
343 static const struct {
351 } arm_vfp_v3_regs[] = {
352 { ARM_VFP_V3_D0, "d0", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
353 { ARM_VFP_V3_D1, "d1", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
354 { ARM_VFP_V3_D2, "d2", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
355 { ARM_VFP_V3_D3, "d3", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
356 { ARM_VFP_V3_D4, "d4", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
357 { ARM_VFP_V3_D5, "d5", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
358 { ARM_VFP_V3_D6, "d6", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
359 { ARM_VFP_V3_D7, "d7", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
360 { ARM_VFP_V3_D8, "d8", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
361 { ARM_VFP_V3_D9, "d9", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
362 { ARM_VFP_V3_D10, "d10", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
363 { ARM_VFP_V3_D11, "d11", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
364 { ARM_VFP_V3_D12, "d12", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
365 { ARM_VFP_V3_D13, "d13", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
366 { ARM_VFP_V3_D14, "d14", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
367 { ARM_VFP_V3_D15, "d15", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
368 { ARM_VFP_V3_D16, "d16", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
369 { ARM_VFP_V3_D17, "d17", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
370 { ARM_VFP_V3_D18, "d18", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
371 { ARM_VFP_V3_D19, "d19", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
372 { ARM_VFP_V3_D20, "d20", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
373 { ARM_VFP_V3_D21, "d21", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
374 { ARM_VFP_V3_D22, "d22", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
375 { ARM_VFP_V3_D23, "d23", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
376 { ARM_VFP_V3_D24, "d24", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
377 { ARM_VFP_V3_D25, "d25", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
378 { ARM_VFP_V3_D26, "d26", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
379 { ARM_VFP_V3_D27, "d27", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
380 { ARM_VFP_V3_D28, "d28", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
381 { ARM_VFP_V3_D29, "d29", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
382 { ARM_VFP_V3_D30, "d30", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
383 { ARM_VFP_V3_D31, "d31", 64, ARM_MODE_ANY, REG_TYPE_IEEE_DOUBLE, NULL, "org.gnu.gdb.arm.vfp"},
384 { ARM_VFP_V3_FPSCR, "fpscr", 32, ARM_MODE_ANY, REG_TYPE_INT, "float", "org.gnu.gdb.arm.vfp"},
387 /* map core mode (USR, FIQ, ...) and register number to
388 * indices into the register cache
390 const int armv4_5_core_reg_map[8][17] = {
392 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 31
394 { /* FIQ (8 shadows of USR, vs normal 3) */
395 0, 1, 2, 3, 4, 5, 6, 7, 16, 17, 18, 19, 20, 21, 22, 15, 32
398 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 23, 24, 15, 33
401 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 25, 26, 15, 34
404 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 27, 28, 15, 35
407 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 29, 30, 15, 36
409 { /* SYS (same registers as USR) */
410 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 31
413 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 37, 38, 15, 39,
418 * Configures host-side ARM records to reflect the specified CPSR.
419 * Later, code can use arm_reg_current() to map register numbers
420 * according to how they are exposed by this mode.
422 void arm_set_cpsr(struct arm *arm, uint32_t cpsr)
424 enum arm_mode mode = cpsr & 0x1f;
427 /* NOTE: this may be called very early, before the register
428 * cache is set up. We can't defend against many errors, in
429 * particular against CPSRs that aren't valid *here* ...
432 buf_set_u32(arm->cpsr->value, 0, 32, cpsr);
433 arm->cpsr->valid = 1;
434 arm->cpsr->dirty = 0;
437 arm->core_mode = mode;
439 /* mode_to_number() warned; set up a somewhat-sane mapping */
440 num = arm_mode_to_number(mode);
446 arm->map = &armv4_5_core_reg_map[num][0];
447 arm->spsr = (mode == ARM_MODE_USR || mode == ARM_MODE_SYS)
449 : arm->core_cache->reg_list + arm->map[16];
451 /* Older ARMs won't have the J bit */
452 enum arm_state state;
454 if (cpsr & (1 << 5)) { /* T */
455 if (cpsr & (1 << 24)) { /* J */
456 LOG_WARNING("ThumbEE -- incomplete support");
457 state = ARM_STATE_THUMB_EE;
459 state = ARM_STATE_THUMB;
461 if (cpsr & (1 << 24)) { /* J */
462 LOG_ERROR("Jazelle state handling is BROKEN!");
463 state = ARM_STATE_JAZELLE;
465 state = ARM_STATE_ARM;
467 arm->core_state = state;
469 LOG_DEBUG("set CPSR %#8.8x: %s mode, %s state", (unsigned) cpsr,
471 arm_state_strings[arm->core_state]);
475 * Returns handle to the register currently mapped to a given number.
476 * Someone must have called arm_set_cpsr() before.
478 * \param arm This core's state and registers are used.
479 * \param regnum From 0..15 corresponding to R0..R14 and PC.
480 * Note that R0..R7 don't require mapping; you may access those
481 * as the first eight entries in the register cache. Likewise
482 * R15 (PC) doesn't need mapping; you may also access it directly.
483 * However, R8..R14, and SPSR (arm->spsr) *must* be mapped.
484 * CPSR (arm->cpsr) is also not mapped.
486 struct reg *arm_reg_current(struct arm *arm, unsigned regnum)
494 LOG_ERROR("Register map is not available yet, the target is not fully initialised");
495 r = arm->core_cache->reg_list + regnum;
497 r = arm->core_cache->reg_list + arm->map[regnum];
499 /* e.g. invalid CPSR said "secure monitor" mode on a core
500 * that doesn't support it...
503 LOG_ERROR("Invalid CPSR mode");
504 r = arm->core_cache->reg_list + regnum;
510 static const uint8_t arm_gdb_dummy_fp_value[12];
512 static struct reg_feature arm_gdb_dummy_fp_features = {
513 .name = "net.sourceforge.openocd.fake_fpa"
517 * Dummy FPA registers are required to support GDB on ARM.
518 * Register packets require eight obsolete FPA register values.
519 * Modern ARM cores use Vector Floating Point (VFP), if they
520 * have any floating point support. VFP is not FPA-compatible.
522 struct reg arm_gdb_dummy_fp_reg = {
523 .name = "GDB dummy FPA register",
524 .value = (uint8_t *) arm_gdb_dummy_fp_value,
529 .feature = &arm_gdb_dummy_fp_features,
533 static const uint8_t arm_gdb_dummy_fps_value[4];
536 * Dummy FPA status registers are required to support GDB on ARM.
537 * Register packets require an obsolete FPA status register.
539 struct reg arm_gdb_dummy_fps_reg = {
540 .name = "GDB dummy FPA status register",
541 .value = (uint8_t *) arm_gdb_dummy_fps_value,
546 .feature = &arm_gdb_dummy_fp_features,
550 static void arm_gdb_dummy_init(void) __attribute__ ((constructor));
552 static void arm_gdb_dummy_init(void)
554 register_init_dummy(&arm_gdb_dummy_fp_reg);
555 register_init_dummy(&arm_gdb_dummy_fps_reg);
558 static int armv4_5_get_core_reg(struct reg *reg)
561 struct arm_reg *reg_arch_info = reg->arch_info;
562 struct target *target = reg_arch_info->target;
564 if (target->state != TARGET_HALTED) {
565 LOG_ERROR("Target not halted");
566 return ERROR_TARGET_NOT_HALTED;
569 retval = reg_arch_info->arm->read_core_reg(target, reg,
570 reg_arch_info->num, reg_arch_info->mode);
571 if (retval == ERROR_OK) {
579 static int armv4_5_set_core_reg(struct reg *reg, uint8_t *buf)
581 struct arm_reg *reg_arch_info = reg->arch_info;
582 struct target *target = reg_arch_info->target;
583 struct arm *armv4_5_target = target_to_arm(target);
584 uint32_t value = buf_get_u32(buf, 0, 32);
586 if (target->state != TARGET_HALTED) {
587 LOG_ERROR("Target not halted");
588 return ERROR_TARGET_NOT_HALTED;
591 /* Except for CPSR, the "reg" command exposes a writeback model
592 * for the register cache.
594 if (reg == armv4_5_target->cpsr) {
595 arm_set_cpsr(armv4_5_target, value);
597 /* Older cores need help to be in ARM mode during halt
598 * mode debug, so we clear the J and T bits if we flush.
599 * For newer cores (v6/v7a/v7r) we don't need that, but
600 * it won't hurt since CPSR is always flushed anyway.
602 if (armv4_5_target->core_mode !=
603 (enum arm_mode)(value & 0x1f)) {
604 LOG_DEBUG("changing ARM core mode to '%s'",
605 arm_mode_name(value & 0x1f));
606 value &= ~((1 << 24) | (1 << 5));
608 buf_set_u32(t, 0, 32, value);
609 armv4_5_target->write_core_reg(target, reg,
610 16, ARM_MODE_ANY, t);
613 buf_set_u32(reg->value, 0, 32, value);
614 if (reg->size == 64) {
615 value = buf_get_u32(buf + 4, 0, 32);
616 buf_set_u32(reg->value + 4, 0, 32, value);
625 static const struct reg_arch_type arm_reg_type = {
626 .get = armv4_5_get_core_reg,
627 .set = armv4_5_set_core_reg,
630 struct reg_cache *arm_build_reg_cache(struct target *target, struct arm *arm)
632 int num_regs = ARRAY_SIZE(arm_core_regs);
633 int num_core_regs = num_regs;
634 if (arm->arm_vfp_version == ARM_VFP_V3)
635 num_regs += ARRAY_SIZE(arm_vfp_v3_regs);
637 struct reg_cache *cache = malloc(sizeof(struct reg_cache));
638 struct reg *reg_list = calloc(num_regs, sizeof(struct reg));
639 struct arm_reg *reg_arch_info = calloc(num_regs, sizeof(struct arm_reg));
642 if (!cache || !reg_list || !reg_arch_info) {
649 cache->name = "ARM registers";
651 cache->reg_list = reg_list;
654 for (i = 0; i < num_core_regs; i++) {
655 /* Skip registers this core doesn't expose */
656 if (arm_core_regs[i].mode == ARM_MODE_MON
657 && arm->core_type != ARM_MODE_MON)
660 /* REVISIT handle Cortex-M, which only shadows R13/SP */
662 reg_arch_info[i].num = arm_core_regs[i].cookie;
663 reg_arch_info[i].mode = arm_core_regs[i].mode;
664 reg_arch_info[i].target = target;
665 reg_arch_info[i].arm = arm;
667 reg_list[i].name = arm_core_regs[i].name;
668 reg_list[i].number = arm_core_regs[i].gdb_index;
669 reg_list[i].size = 32;
670 reg_list[i].value = reg_arch_info[i].value;
671 reg_list[i].type = &arm_reg_type;
672 reg_list[i].arch_info = ®_arch_info[i];
673 reg_list[i].exist = true;
675 /* This really depends on the calling convention in use */
676 reg_list[i].caller_save = false;
678 /* Registers data type, as used by GDB target description */
679 reg_list[i].reg_data_type = malloc(sizeof(struct reg_data_type));
680 switch (arm_core_regs[i].cookie) {
682 reg_list[i].reg_data_type->type = REG_TYPE_DATA_PTR;
686 reg_list[i].reg_data_type->type = REG_TYPE_CODE_PTR;
689 reg_list[i].reg_data_type->type = REG_TYPE_UINT32;
693 /* let GDB shows banked registers only in "info all-reg" */
694 reg_list[i].feature = malloc(sizeof(struct reg_feature));
695 if (reg_list[i].number <= 15 || reg_list[i].number == 25) {
696 reg_list[i].feature->name = "org.gnu.gdb.arm.core";
697 reg_list[i].group = "general";
699 reg_list[i].feature->name = "net.sourceforge.openocd.banked";
700 reg_list[i].group = "banked";
707 for (i = num_core_regs, j = 0; i < num_regs; i++, j++) {
708 reg_arch_info[i].num = arm_vfp_v3_regs[j].id;
709 reg_arch_info[i].mode = arm_vfp_v3_regs[j].mode;
710 reg_arch_info[i].target = target;
711 reg_arch_info[i].arm = arm;
713 reg_list[i].name = arm_vfp_v3_regs[j].name;
714 reg_list[i].number = arm_vfp_v3_regs[j].id;
715 reg_list[i].size = arm_vfp_v3_regs[j].bits;
716 reg_list[i].value = reg_arch_info[i].value;
717 reg_list[i].type = &arm_reg_type;
718 reg_list[i].arch_info = ®_arch_info[i];
719 reg_list[i].exist = true;
721 reg_list[i].caller_save = false;
723 reg_list[i].reg_data_type = malloc(sizeof(struct reg_data_type));
724 reg_list[i].reg_data_type->type = arm_vfp_v3_regs[j].type;
726 reg_list[i].feature = malloc(sizeof(struct reg_feature));
727 reg_list[i].feature->name = arm_vfp_v3_regs[j].feature;
729 reg_list[i].group = arm_vfp_v3_regs[j].group;
734 arm->pc = reg_list + 15;
735 arm->cpsr = reg_list + ARMV4_5_CPSR;
736 arm->core_cache = cache;
741 int arm_arch_state(struct target *target)
743 struct arm *arm = target_to_arm(target);
745 if (arm->common_magic != ARM_COMMON_MAGIC) {
746 LOG_ERROR("BUG: called for a non-ARM target");
750 /* avoid filling log waiting for fileio reply */
751 if (arm->semihosting_hit_fileio)
754 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
755 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "%s%s",
756 arm_state_strings[arm->core_state],
757 debug_reason_name(target),
758 arm_mode_name(arm->core_mode),
759 buf_get_u32(arm->cpsr->value, 0, 32),
760 buf_get_u32(arm->pc->value, 0, 32),
761 arm->is_semihosting ? ", semihosting" : "",
762 arm->is_semihosting_fileio ? " fileio" : "");
767 #define ARMV4_5_CORE_REG_MODENUM(cache, mode, num) \
768 (cache->reg_list[armv4_5_core_reg_map[mode][num]])
770 COMMAND_HANDLER(handle_armv4_5_reg_command)
772 struct target *target = get_current_target(CMD_CTX);
773 struct arm *arm = target_to_arm(target);
777 command_print(CMD_CTX, "current target isn't an ARM");
781 if (target->state != TARGET_HALTED) {
782 command_print(CMD_CTX, "error: target must be halted for register accesses");
786 if (arm->core_type != ARM_MODE_ANY) {
787 command_print(CMD_CTX,
788 "Microcontroller Profile not supported - use standard reg cmd");
792 if (!is_arm_mode(arm->core_mode)) {
793 LOG_ERROR("not a valid arm core mode - communication failure?");
797 if (!arm->full_context) {
798 command_print(CMD_CTX, "error: target doesn't support %s",
803 regs = arm->core_cache->reg_list;
805 for (unsigned mode = 0; mode < ARRAY_SIZE(arm_mode_data); mode++) {
810 /* label this bank of registers (or shadows) */
811 switch (arm_mode_data[mode].psr) {
815 name = "System and User";
819 if (arm->core_type != ARM_MODE_MON)
823 name = arm_mode_data[mode].name;
827 command_print(CMD_CTX, "%s%s mode %sregisters",
830 /* display N rows of up to 4 registers each */
831 for (unsigned i = 0; i < arm_mode_data[mode].n_indices; ) {
835 for (unsigned j = 0; j < 4; j++, i++) {
837 struct reg *reg = regs;
839 if (i >= arm_mode_data[mode].n_indices)
842 reg += arm_mode_data[mode].indices[i];
844 /* REVISIT be smarter about faults... */
846 arm->full_context(target);
848 value = buf_get_u32(reg->value, 0, 32);
849 output_len += snprintf(output + output_len,
850 sizeof(output) - output_len,
851 "%8s: %8.8" PRIx32 " ",
854 command_print(CMD_CTX, "%s", output);
861 COMMAND_HANDLER(handle_armv4_5_core_state_command)
863 struct target *target = get_current_target(CMD_CTX);
864 struct arm *arm = target_to_arm(target);
867 command_print(CMD_CTX, "current target isn't an ARM");
871 if (arm->core_type == ARM_MODE_THREAD) {
872 /* armv7m not supported */
873 command_print(CMD_CTX, "Unsupported Command");
878 if (strcmp(CMD_ARGV[0], "arm") == 0)
879 arm->core_state = ARM_STATE_ARM;
880 if (strcmp(CMD_ARGV[0], "thumb") == 0)
881 arm->core_state = ARM_STATE_THUMB;
884 command_print(CMD_CTX, "core state: %s", arm_state_strings[arm->core_state]);
889 COMMAND_HANDLER(handle_arm_disassemble_command)
891 int retval = ERROR_OK;
892 struct target *target = get_current_target(CMD_CTX);
894 if (target == NULL) {
895 LOG_ERROR("No target selected");
899 struct arm *arm = target_to_arm(target);
900 target_addr_t address;
905 command_print(CMD_CTX, "current target isn't an ARM");
909 if (arm->core_type == ARM_MODE_THREAD) {
910 /* armv7m is always thumb mode */
916 if (strcmp(CMD_ARGV[2], "thumb") != 0)
921 COMMAND_PARSE_NUMBER(int, CMD_ARGV[1], count);
924 COMMAND_PARSE_ADDRESS(CMD_ARGV[0], address);
925 if (address & 0x01) {
927 command_print(CMD_CTX, "Disassemble as Thumb");
936 retval = ERROR_COMMAND_SYNTAX_ERROR;
939 while (count-- > 0) {
940 struct arm_instruction cur_instruction;
943 /* Always use Thumb2 disassembly for best handling
944 * of 32-bit BL/BLX, and to work with newer cores
945 * (some ARMv6, all ARMv7) that use Thumb2.
947 retval = thumb2_opcode(target, address,
949 if (retval != ERROR_OK)
954 retval = target_read_u32(target, address, &opcode);
955 if (retval != ERROR_OK)
957 retval = arm_evaluate_opcode(opcode, address,
958 &cur_instruction) != ERROR_OK;
959 if (retval != ERROR_OK)
962 command_print(CMD_CTX, "%s", cur_instruction.text);
963 address += cur_instruction.instruction_size;
969 static int jim_mcrmrc(Jim_Interp *interp, int argc, Jim_Obj * const *argv)
971 struct command_context *context;
972 struct target *target;
976 context = current_command_context(interp);
977 assert(context != NULL);
979 target = get_current_target(context);
980 if (target == NULL) {
981 LOG_ERROR("%s: no current target", __func__);
984 if (!target_was_examined(target)) {
985 LOG_ERROR("%s: not yet examined", target_name(target));
988 arm = target_to_arm(target);
990 LOG_ERROR("%s: not an ARM", target_name(target));
994 if ((argc < 6) || (argc > 7)) {
995 /* FIXME use the command name to verify # params... */
996 LOG_ERROR("%s: wrong number of arguments", __func__);
1008 /* NOTE: parameter sequence matches ARM instruction set usage:
1009 * MCR pNUM, op1, rX, CRn, CRm, op2 ; write CP from rX
1010 * MRC pNUM, op1, rX, CRn, CRm, op2 ; read CP into rX
1011 * The "rX" is necessarily omitted; it uses Tcl mechanisms.
1013 retval = Jim_GetLong(interp, argv[1], &l);
1014 if (retval != JIM_OK)
1017 LOG_ERROR("%s: %s %d out of range", __func__,
1018 "coprocessor", (int) l);
1023 retval = Jim_GetLong(interp, argv[2], &l);
1024 if (retval != JIM_OK)
1027 LOG_ERROR("%s: %s %d out of range", __func__,
1033 retval = Jim_GetLong(interp, argv[3], &l);
1034 if (retval != JIM_OK)
1037 LOG_ERROR("%s: %s %d out of range", __func__,
1043 retval = Jim_GetLong(interp, argv[4], &l);
1044 if (retval != JIM_OK)
1047 LOG_ERROR("%s: %s %d out of range", __func__,
1053 retval = Jim_GetLong(interp, argv[5], &l);
1054 if (retval != JIM_OK)
1057 LOG_ERROR("%s: %s %d out of range", __func__,
1065 /* FIXME don't assume "mrc" vs "mcr" from the number of params;
1066 * that could easily be a typo! Check both...
1068 * FIXME change the call syntax here ... simplest to just pass
1069 * the MRC() or MCR() instruction to be executed. That will also
1070 * let us support the "mrc2" and "mcr2" opcodes (toggling one bit)
1071 * if that's ever needed.
1074 retval = Jim_GetLong(interp, argv[6], &l);
1075 if (retval != JIM_OK)
1079 /* NOTE: parameters reordered! */
1080 /* ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2) */
1081 retval = arm->mcr(target, cpnum, op1, op2, CRn, CRm, value);
1082 if (retval != ERROR_OK)
1085 /* NOTE: parameters reordered! */
1086 /* ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2) */
1087 retval = arm->mrc(target, cpnum, op1, op2, CRn, CRm, &value);
1088 if (retval != ERROR_OK)
1091 Jim_SetResult(interp, Jim_NewIntObj(interp, value));
1097 COMMAND_HANDLER(handle_arm_semihosting_command)
1099 struct target *target = get_current_target(CMD_CTX);
1101 if (target == NULL) {
1102 LOG_ERROR("No target selected");
1106 struct arm *arm = target_to_arm(target);
1109 command_print(CMD_CTX, "current target isn't an ARM");
1113 if (!arm->setup_semihosting) {
1114 command_print(CMD_CTX, "semihosting not supported for current target");
1121 COMMAND_PARSE_ENABLE(CMD_ARGV[0], semihosting);
1123 if (!target_was_examined(target)) {
1124 LOG_ERROR("Target not examined yet");
1128 if (arm->setup_semihosting(target, semihosting) != ERROR_OK) {
1129 LOG_ERROR("Failed to Configure semihosting");
1133 /* FIXME never let that "catch" be dropped! */
1134 arm->is_semihosting = semihosting;
1137 command_print(CMD_CTX, "semihosting is %s",
1139 ? "enabled" : "disabled");
1144 COMMAND_HANDLER(handle_arm_semihosting_fileio_command)
1146 struct target *target = get_current_target(CMD_CTX);
1148 if (target == NULL) {
1149 LOG_ERROR("No target selected");
1153 struct arm *arm = target_to_arm(target);
1156 command_print(CMD_CTX, "current target isn't an ARM");
1160 if (!arm->is_semihosting) {
1161 command_print(CMD_CTX, "semihosting is not enabled");
1166 COMMAND_PARSE_ENABLE(CMD_ARGV[0], arm->is_semihosting_fileio);
1168 command_print(CMD_CTX, "semihosting fileio is %s",
1169 arm->is_semihosting_fileio
1170 ? "enabled" : "disabled");
1175 COMMAND_HANDLER(handle_arm_semihosting_cmdline)
1177 struct target *target = get_current_target(CMD_CTX);
1180 if (target == NULL) {
1181 LOG_ERROR("No target selected");
1185 struct arm *arm = target_to_arm(target);
1188 command_print(CMD_CTX, "current target isn't an ARM");
1192 if (!arm->setup_semihosting) {
1193 command_print(CMD_CTX, "semihosting not supported for current target");
1197 free(arm->semihosting_cmdline);
1198 arm->semihosting_cmdline = CMD_ARGC > 0 ? strdup(CMD_ARGV[0]) : NULL;
1200 for (i = 1; i < CMD_ARGC; i++) {
1201 char *cmdline = alloc_printf("%s %s", arm->semihosting_cmdline, CMD_ARGV[i]);
1202 if (cmdline == NULL)
1204 free(arm->semihosting_cmdline);
1205 arm->semihosting_cmdline = cmdline;
1211 static const struct command_registration arm_exec_command_handlers[] = {
1214 .handler = handle_armv4_5_reg_command,
1215 .mode = COMMAND_EXEC,
1216 .help = "display ARM core registers",
1220 .name = "core_state",
1221 .handler = handle_armv4_5_core_state_command,
1222 .mode = COMMAND_EXEC,
1223 .usage = "['arm'|'thumb']",
1224 .help = "display/change ARM core state",
1227 .name = "disassemble",
1228 .handler = handle_arm_disassemble_command,
1229 .mode = COMMAND_EXEC,
1230 .usage = "address [count ['thumb']]",
1231 .help = "disassemble instructions ",
1235 .mode = COMMAND_EXEC,
1236 .jim_handler = &jim_mcrmrc,
1237 .help = "write coprocessor register",
1238 .usage = "cpnum op1 CRn CRm op2 value",
1242 .jim_handler = &jim_mcrmrc,
1243 .help = "read coprocessor register",
1244 .usage = "cpnum op1 CRn CRm op2",
1248 .handler = handle_arm_semihosting_command,
1249 .mode = COMMAND_EXEC,
1250 .usage = "['enable'|'disable']",
1251 .help = "activate support for semihosting operations",
1254 "semihosting_cmdline",
1255 .handler = handle_arm_semihosting_cmdline,
1256 .mode = COMMAND_EXEC,
1257 .usage = "arguments",
1258 .help = "command line arguments to be passed to program",
1261 "semihosting_fileio",
1262 .handler = handle_arm_semihosting_fileio_command,
1263 .mode = COMMAND_EXEC,
1264 .usage = "['enable'|'disable']",
1265 .help = "activate support for semihosting fileio operations",
1268 COMMAND_REGISTRATION_DONE
1270 const struct command_registration arm_command_handlers[] = {
1273 .mode = COMMAND_ANY,
1274 .help = "ARM command group",
1276 .chain = arm_exec_command_handlers,
1278 COMMAND_REGISTRATION_DONE
1281 int arm_get_gdb_reg_list(struct target *target,
1282 struct reg **reg_list[], int *reg_list_size,
1283 enum target_register_class reg_class)
1285 struct arm *arm = target_to_arm(target);
1288 if (!is_arm_mode(arm->core_mode)) {
1289 LOG_ERROR("not a valid arm core mode - communication failure?");
1293 switch (reg_class) {
1294 case REG_CLASS_GENERAL:
1295 *reg_list_size = 26;
1296 *reg_list = malloc(sizeof(struct reg *) * (*reg_list_size));
1298 for (i = 0; i < 16; i++)
1299 (*reg_list)[i] = arm_reg_current(arm, i);
1301 /* For GDB compatibility, take FPA registers size into account and zero-fill it*/
1302 for (i = 16; i < 24; i++)
1303 (*reg_list)[i] = &arm_gdb_dummy_fp_reg;
1304 (*reg_list)[24] = &arm_gdb_dummy_fps_reg;
1306 (*reg_list)[25] = arm->cpsr;
1312 *reg_list_size = (arm->core_type != ARM_MODE_MON ? 48 : 51);
1313 unsigned int list_size_core = *reg_list_size;
1314 if (arm->arm_vfp_version == ARM_VFP_V3)
1315 *reg_list_size += 33;
1317 *reg_list = malloc(sizeof(struct reg *) * (*reg_list_size));
1319 for (i = 0; i < 16; i++)
1320 (*reg_list)[i] = arm_reg_current(arm, i);
1322 for (i = 13; i < ARRAY_SIZE(arm_core_regs); i++) {
1323 int reg_index = arm->core_cache->reg_list[i].number;
1324 if (!(arm_core_regs[i].mode == ARM_MODE_MON
1325 && arm->core_type != ARM_MODE_MON))
1326 (*reg_list)[reg_index] = &(arm->core_cache->reg_list[i]);
1329 /* When we supply the target description, there is no need for fake FPA */
1330 for (i = 16; i < 24; i++) {
1331 (*reg_list)[i] = &arm_gdb_dummy_fp_reg;
1332 (*reg_list)[i]->size = 0;
1334 (*reg_list)[24] = &arm_gdb_dummy_fps_reg;
1335 (*reg_list)[24]->size = 0;
1337 if (arm->arm_vfp_version == ARM_VFP_V3) {
1338 unsigned int num_core_regs = ARRAY_SIZE(arm_core_regs);
1339 for (i = 0; i < 33; i++)
1340 (*reg_list)[list_size_core + i] = &(arm->core_cache->reg_list[num_core_regs + i]);
1347 LOG_ERROR("not a valid register class type in query.");
1353 /* wait for execution to complete and check exit point */
1354 static int armv4_5_run_algorithm_completion(struct target *target,
1355 uint32_t exit_point,
1360 struct arm *arm = target_to_arm(target);
1362 retval = target_wait_state(target, TARGET_HALTED, timeout_ms);
1363 if (retval != ERROR_OK)
1365 if (target->state != TARGET_HALTED) {
1366 retval = target_halt(target);
1367 if (retval != ERROR_OK)
1369 retval = target_wait_state(target, TARGET_HALTED, 500);
1370 if (retval != ERROR_OK)
1372 return ERROR_TARGET_TIMEOUT;
1375 /* fast exit: ARMv5+ code can use BKPT */
1376 if (exit_point && buf_get_u32(arm->pc->value, 0, 32) != exit_point) {
1378 "target reentered debug state, but not at the desired exit point: 0x%4.4" PRIx32 "",
1379 buf_get_u32(arm->pc->value, 0, 32));
1380 return ERROR_TARGET_TIMEOUT;
1386 int armv4_5_run_algorithm_inner(struct target *target,
1387 int num_mem_params, struct mem_param *mem_params,
1388 int num_reg_params, struct reg_param *reg_params,
1389 uint32_t entry_point, uint32_t exit_point,
1390 int timeout_ms, void *arch_info,
1391 int (*run_it)(struct target *target, uint32_t exit_point,
1392 int timeout_ms, void *arch_info))
1394 struct arm *arm = target_to_arm(target);
1395 struct arm_algorithm *arm_algorithm_info = arch_info;
1396 enum arm_state core_state = arm->core_state;
1397 uint32_t context[17];
1399 int exit_breakpoint_size = 0;
1401 int retval = ERROR_OK;
1403 LOG_DEBUG("Running algorithm");
1405 if (arm_algorithm_info->common_magic != ARM_COMMON_MAGIC) {
1406 LOG_ERROR("current target isn't an ARMV4/5 target");
1407 return ERROR_TARGET_INVALID;
1410 if (target->state != TARGET_HALTED) {
1411 LOG_WARNING("target not halted");
1412 return ERROR_TARGET_NOT_HALTED;
1415 if (!is_arm_mode(arm->core_mode)) {
1416 LOG_ERROR("not a valid arm core mode - communication failure?");
1420 /* armv5 and later can terminate with BKPT instruction; less overhead */
1421 if (!exit_point && arm->is_armv4) {
1422 LOG_ERROR("ARMv4 target needs HW breakpoint location");
1426 /* save r0..pc, cpsr-or-spsr, and then cpsr-for-sure;
1427 * they'll be restored later.
1429 for (i = 0; i <= 16; i++) {
1432 r = &ARMV4_5_CORE_REG_MODE(arm->core_cache,
1433 arm_algorithm_info->core_mode, i);
1435 arm->read_core_reg(target, r, i,
1436 arm_algorithm_info->core_mode);
1437 context[i] = buf_get_u32(r->value, 0, 32);
1439 cpsr = buf_get_u32(arm->cpsr->value, 0, 32);
1441 for (i = 0; i < num_mem_params; i++) {
1442 retval = target_write_buffer(target, mem_params[i].address, mem_params[i].size,
1443 mem_params[i].value);
1444 if (retval != ERROR_OK)
1448 for (i = 0; i < num_reg_params; i++) {
1449 struct reg *reg = register_get_by_name(arm->core_cache, reg_params[i].reg_name, 0);
1451 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1452 return ERROR_COMMAND_SYNTAX_ERROR;
1455 if (reg->size != reg_params[i].size) {
1456 LOG_ERROR("BUG: register '%s' size doesn't match reg_params[i].size",
1457 reg_params[i].reg_name);
1458 return ERROR_COMMAND_SYNTAX_ERROR;
1461 retval = armv4_5_set_core_reg(reg, reg_params[i].value);
1462 if (retval != ERROR_OK)
1466 arm->core_state = arm_algorithm_info->core_state;
1467 if (arm->core_state == ARM_STATE_ARM)
1468 exit_breakpoint_size = 4;
1469 else if (arm->core_state == ARM_STATE_THUMB)
1470 exit_breakpoint_size = 2;
1472 LOG_ERROR("BUG: can't execute algorithms when not in ARM or Thumb state");
1473 return ERROR_COMMAND_SYNTAX_ERROR;
1476 if (arm_algorithm_info->core_mode != ARM_MODE_ANY) {
1477 LOG_DEBUG("setting core_mode: 0x%2.2x",
1478 arm_algorithm_info->core_mode);
1479 buf_set_u32(arm->cpsr->value, 0, 5,
1480 arm_algorithm_info->core_mode);
1481 arm->cpsr->dirty = 1;
1482 arm->cpsr->valid = 1;
1485 /* terminate using a hardware or (ARMv5+) software breakpoint */
1487 retval = breakpoint_add(target, exit_point,
1488 exit_breakpoint_size, BKPT_HARD);
1489 if (retval != ERROR_OK) {
1490 LOG_ERROR("can't add HW breakpoint to terminate algorithm");
1491 return ERROR_TARGET_FAILURE;
1495 retval = target_resume(target, 0, entry_point, 1, 1);
1496 if (retval != ERROR_OK)
1498 retval = run_it(target, exit_point, timeout_ms, arch_info);
1501 breakpoint_remove(target, exit_point);
1503 if (retval != ERROR_OK)
1506 for (i = 0; i < num_mem_params; i++) {
1507 if (mem_params[i].direction != PARAM_OUT) {
1508 int retvaltemp = target_read_buffer(target, mem_params[i].address,
1510 mem_params[i].value);
1511 if (retvaltemp != ERROR_OK)
1512 retval = retvaltemp;
1516 for (i = 0; i < num_reg_params; i++) {
1517 if (reg_params[i].direction != PARAM_OUT) {
1519 struct reg *reg = register_get_by_name(arm->core_cache,
1520 reg_params[i].reg_name,
1523 LOG_ERROR("BUG: register '%s' not found", reg_params[i].reg_name);
1524 retval = ERROR_COMMAND_SYNTAX_ERROR;
1528 if (reg->size != reg_params[i].size) {
1530 "BUG: register '%s' size doesn't match reg_params[i].size",
1531 reg_params[i].reg_name);
1532 retval = ERROR_COMMAND_SYNTAX_ERROR;
1536 buf_set_u32(reg_params[i].value, 0, 32, buf_get_u32(reg->value, 0, 32));
1540 /* restore everything we saved before (17 or 18 registers) */
1541 for (i = 0; i <= 16; i++) {
1543 regvalue = buf_get_u32(ARMV4_5_CORE_REG_MODE(arm->core_cache,
1544 arm_algorithm_info->core_mode, i).value, 0, 32);
1545 if (regvalue != context[i]) {
1546 LOG_DEBUG("restoring register %s with value 0x%8.8" PRIx32 "",
1547 ARMV4_5_CORE_REG_MODE(arm->core_cache,
1548 arm_algorithm_info->core_mode, i).name, context[i]);
1549 buf_set_u32(ARMV4_5_CORE_REG_MODE(arm->core_cache,
1550 arm_algorithm_info->core_mode, i).value, 0, 32, context[i]);
1551 ARMV4_5_CORE_REG_MODE(arm->core_cache, arm_algorithm_info->core_mode,
1553 ARMV4_5_CORE_REG_MODE(arm->core_cache, arm_algorithm_info->core_mode,
1558 arm_set_cpsr(arm, cpsr);
1559 arm->cpsr->dirty = 1;
1561 arm->core_state = core_state;
1566 int armv4_5_run_algorithm(struct target *target,
1568 struct mem_param *mem_params,
1570 struct reg_param *reg_params,
1571 target_addr_t entry_point,
1572 target_addr_t exit_point,
1576 return armv4_5_run_algorithm_inner(target,
1581 (uint32_t)entry_point,
1582 (uint32_t)exit_point,
1585 armv4_5_run_algorithm_completion);
1589 * Runs ARM code in the target to calculate a CRC32 checksum.
1592 int arm_checksum_memory(struct target *target,
1593 target_addr_t address, uint32_t count, uint32_t *checksum)
1595 struct working_area *crc_algorithm;
1596 struct arm_algorithm arm_algo;
1597 struct arm *arm = target_to_arm(target);
1598 struct reg_param reg_params[2];
1601 uint32_t exit_var = 0;
1603 static const uint8_t arm_crc_code_le[] = {
1604 #include "../../contrib/loaders/checksum/armv4_5_crc.inc"
1607 assert(sizeof(arm_crc_code_le) % 4 == 0);
1609 retval = target_alloc_working_area(target,
1610 sizeof(arm_crc_code_le), &crc_algorithm);
1611 if (retval != ERROR_OK)
1614 /* convert code into a buffer in target endianness */
1615 for (i = 0; i < ARRAY_SIZE(arm_crc_code_le) / 4; i++) {
1616 retval = target_write_u32(target,
1617 crc_algorithm->address + i * sizeof(uint32_t),
1618 le_to_h_u32(&arm_crc_code_le[i * 4]));
1619 if (retval != ERROR_OK)
1623 arm_algo.common_magic = ARM_COMMON_MAGIC;
1624 arm_algo.core_mode = ARM_MODE_SVC;
1625 arm_algo.core_state = ARM_STATE_ARM;
1627 init_reg_param(®_params[0], "r0", 32, PARAM_IN_OUT);
1628 init_reg_param(®_params[1], "r1", 32, PARAM_OUT);
1630 buf_set_u32(reg_params[0].value, 0, 32, address);
1631 buf_set_u32(reg_params[1].value, 0, 32, count);
1633 /* 20 second timeout/megabyte */
1634 int timeout = 20000 * (1 + (count / (1024 * 1024)));
1636 /* armv4 must exit using a hardware breakpoint */
1638 exit_var = crc_algorithm->address + sizeof(arm_crc_code_le) - 8;
1640 retval = target_run_algorithm(target, 0, NULL, 2, reg_params,
1641 crc_algorithm->address,
1643 timeout, &arm_algo);
1645 if (retval == ERROR_OK)
1646 *checksum = buf_get_u32(reg_params[0].value, 0, 32);
1648 LOG_ERROR("error executing ARM crc algorithm");
1650 destroy_reg_param(®_params[0]);
1651 destroy_reg_param(®_params[1]);
1654 target_free_working_area(target, crc_algorithm);
1660 * Runs ARM code in the target to check whether a memory block holds
1661 * all ones. NOR flash which has been erased, and thus may be written,
1665 int arm_blank_check_memory(struct target *target,
1666 target_addr_t address, uint32_t count, uint32_t *blank, uint8_t erased_value)
1668 struct working_area *check_algorithm;
1669 struct reg_param reg_params[3];
1670 struct arm_algorithm arm_algo;
1671 struct arm *arm = target_to_arm(target);
1674 uint32_t exit_var = 0;
1676 static const uint8_t check_code_le[] = {
1677 #include "../../contrib/loaders/erase_check/armv4_5_erase_check.inc"
1680 assert(sizeof(check_code_le) % 4 == 0);
1682 if (erased_value != 0xff) {
1683 LOG_ERROR("Erase value 0x%02" PRIx8 " not yet supported for ARMv4/v5 targets",
1688 /* make sure we have a working area */
1689 retval = target_alloc_working_area(target,
1690 sizeof(check_code_le), &check_algorithm);
1691 if (retval != ERROR_OK)
1694 /* convert code into a buffer in target endianness */
1695 for (i = 0; i < ARRAY_SIZE(check_code_le) / 4; i++) {
1696 retval = target_write_u32(target,
1697 check_algorithm->address
1698 + i * sizeof(uint32_t),
1699 le_to_h_u32(&check_code_le[i * 4]));
1700 if (retval != ERROR_OK)
1704 arm_algo.common_magic = ARM_COMMON_MAGIC;
1705 arm_algo.core_mode = ARM_MODE_SVC;
1706 arm_algo.core_state = ARM_STATE_ARM;
1708 init_reg_param(®_params[0], "r0", 32, PARAM_OUT);
1709 buf_set_u32(reg_params[0].value, 0, 32, address);
1711 init_reg_param(®_params[1], "r1", 32, PARAM_OUT);
1712 buf_set_u32(reg_params[1].value, 0, 32, count);
1714 init_reg_param(®_params[2], "r2", 32, PARAM_IN_OUT);
1715 buf_set_u32(reg_params[2].value, 0, 32, erased_value);
1717 /* armv4 must exit using a hardware breakpoint */
1719 exit_var = check_algorithm->address + sizeof(check_code_le) - 4;
1721 retval = target_run_algorithm(target, 0, NULL, 3, reg_params,
1722 check_algorithm->address,
1726 if (retval == ERROR_OK)
1727 *blank = buf_get_u32(reg_params[2].value, 0, 32);
1729 destroy_reg_param(®_params[0]);
1730 destroy_reg_param(®_params[1]);
1731 destroy_reg_param(®_params[2]);
1734 target_free_working_area(target, check_algorithm);
1739 static int arm_full_context(struct target *target)
1741 struct arm *arm = target_to_arm(target);
1742 unsigned num_regs = arm->core_cache->num_regs;
1743 struct reg *reg = arm->core_cache->reg_list;
1744 int retval = ERROR_OK;
1746 for (; num_regs && retval == ERROR_OK; num_regs--, reg++) {
1749 retval = armv4_5_get_core_reg(reg);
1754 static int arm_default_mrc(struct target *target, int cpnum,
1755 uint32_t op1, uint32_t op2,
1756 uint32_t CRn, uint32_t CRm,
1759 LOG_ERROR("%s doesn't implement MRC", target_type_name(target));
1763 static int arm_default_mcr(struct target *target, int cpnum,
1764 uint32_t op1, uint32_t op2,
1765 uint32_t CRn, uint32_t CRm,
1768 LOG_ERROR("%s doesn't implement MCR", target_type_name(target));
1772 int arm_init_arch_info(struct target *target, struct arm *arm)
1774 target->arch_info = arm;
1775 arm->target = target;
1777 arm->common_magic = ARM_COMMON_MAGIC;
1779 /* core_type may be overridden by subtype logic */
1780 if (arm->core_type != ARM_MODE_THREAD) {
1781 arm->core_type = ARM_MODE_ANY;
1782 arm_set_cpsr(arm, ARM_MODE_USR);
1785 /* default full_context() has no core-specific optimizations */
1786 if (!arm->full_context && arm->read_core_reg)
1787 arm->full_context = arm_full_context;
1790 arm->mrc = arm_default_mrc;
1792 arm->mcr = arm_default_mcr;