1 /***************************************************************************
2 * Copyright (C) 2011 by Mathias Kuester *
3 * Mathias Kuester <kesmtp@freenet.de> *
5 * Copyright (C) 2011 by Spencer Oliver *
6 * spen@spen-soft.co.uk *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
28 #include "jtag/jtag.h"
29 #include "jtag/stlink/stlink_transport.h"
30 #include "jtag/stlink/stlink_interface.h"
31 #include "jtag/stlink/stlink_layout.h"
33 #include "algorithm.h"
35 #include "breakpoints.h"
36 #include "target_type.h"
39 #include "arm_semihosting.h"
41 #define ARMV7M_SCS_DCRSR 0xe000edf4
42 #define ARMV7M_SCS_DCRDR 0xe000edf8
44 static inline struct stlink_interface_s *target_to_stlink(struct target *target)
46 return target->tap->priv;
49 static int stm32_stlink_load_core_reg_u32(struct target *target,
50 enum armv7m_regtype type,
51 uint32_t num, uint32_t *value)
54 struct stlink_interface_s *stlink_if = target_to_stlink(target);
56 LOG_DEBUG("%s", __func__);
58 /* NOTE: we "know" here that the register identifiers used
59 * in the v7m header match the Cortex-M3 Debug Core Register
60 * Selector values for R0..R15, xPSR, MSP, and PSP.
64 /* read a normal core register */
65 retval = stlink_if->layout->api->read_reg(stlink_if->fd, num, value);
67 if (retval != ERROR_OK) {
68 LOG_ERROR("JTAG failure %i", retval);
69 return ERROR_JTAG_DEVICE_ERROR;
71 LOG_DEBUG("load from core reg %i value 0x%" PRIx32 "", (int)num, *value);
80 /* Floating-point Status and Registers */
81 retval = target_write_u32(target, ARMV7M_SCS_DCRSR, 33);
82 if (retval != ERROR_OK)
84 retval = target_read_u32(target, ARMV7M_SCS_DCRDR, value);
85 if (retval != ERROR_OK)
87 LOG_DEBUG("load from core reg %i value 0x%" PRIx32 "", (int)num, *value);
90 case ARMV7M_S0 ... ARMV7M_S31:
91 /* Floating-point Status and Registers */
92 retval = target_write_u32(target, ARMV7M_SCS_DCRSR, num-ARMV7M_S0+64);
93 if (retval != ERROR_OK)
95 retval = target_read_u32(target, ARMV7M_SCS_DCRDR, value);
96 if (retval != ERROR_OK)
98 LOG_DEBUG("load from core reg %i value 0x%" PRIx32 "", (int)num, *value);
101 case ARMV7M_D0 ... ARMV7M_D15:
107 case ARMV7M_FAULTMASK:
109 /* Cortex-M3 packages these four registers as bitfields
110 * in one Debug Core register. So say r0 and r2 docs;
111 * it was removed from r1 docs, but still works.
113 retval = stlink_if->layout->api->read_reg(stlink_if->fd, 20, value);
114 if (retval != ERROR_OK)
119 *value = buf_get_u32((uint8_t *) value, 0, 1);
123 *value = buf_get_u32((uint8_t *) value, 8, 8);
126 case ARMV7M_FAULTMASK:
127 *value = buf_get_u32((uint8_t *) value, 16, 1);
131 *value = buf_get_u32((uint8_t *) value, 24, 2);
135 LOG_DEBUG("load from special reg %i value 0x%" PRIx32 "",
140 return ERROR_COMMAND_SYNTAX_ERROR;
146 static int stm32_stlink_store_core_reg_u32(struct target *target,
147 enum armv7m_regtype type,
148 uint32_t num, uint32_t value)
152 struct armv7m_common *armv7m = target_to_armv7m(target);
153 struct stlink_interface_s *stlink_if = target_to_stlink(target);
155 LOG_DEBUG("%s", __func__);
157 #ifdef ARMV7_GDB_HACKS
158 /* If the LR register is being modified, make sure it will put us
159 * in "thumb" mode, or an INVSTATE exception will occur. This is a
160 * hack to deal with the fact that gdb will sometimes "forge"
161 * return addresses, and doesn't set the LSB correctly (i.e., when
162 * printing expressions containing function calls, it sets LR = 0.)
163 * Valid exception return codes have bit 0 set too.
165 if (num == ARMV7M_R14)
169 /* NOTE: we "know" here that the register identifiers used
170 * in the v7m header match the Cortex-M3 Debug Core Register
171 * Selector values for R0..R15, xPSR, MSP, and PSP.
175 retval = stlink_if->layout->api->write_reg(stlink_if->fd, num, value);
177 if (retval != ERROR_OK) {
180 LOG_ERROR("JTAG failure");
181 r = armv7m->core_cache->reg_list + num;
183 return ERROR_JTAG_DEVICE_ERROR;
185 LOG_DEBUG("write core reg %i value 0x%" PRIx32 "", (int)num, value);
193 /* Floating-point Status and Registers */
194 retval = target_write_u32(target, ARMV7M_SCS_DCRDR, value);
195 if (retval != ERROR_OK)
197 retval = target_write_u32(target, ARMV7M_SCS_DCRSR, 33 | (1<<16));
198 if (retval != ERROR_OK)
200 LOG_DEBUG("write core reg %i value 0x%" PRIx32 "", (int)num, value);
203 case ARMV7M_S0 ... ARMV7M_S31:
204 /* Floating-point Status and Registers */
205 retval = target_write_u32(target, ARMV7M_SCS_DCRDR, value);
206 if (retval != ERROR_OK)
208 retval = target_write_u32(target, ARMV7M_SCS_DCRSR, (num-ARMV7M_S0+64) | (1<<16));
209 if (retval != ERROR_OK)
211 LOG_DEBUG("write core reg %i value 0x%" PRIx32 "", (int)num, value);
214 case ARMV7M_D0 ... ARMV7M_D15:
219 case ARMV7M_FAULTMASK:
221 /* Cortex-M3 packages these four registers as bitfields
222 * in one Debug Core register. So say r0 and r2 docs;
223 * it was removed from r1 docs, but still works.
226 stlink_if->layout->api->read_reg(stlink_if->fd, 20, ®);
230 buf_set_u32((uint8_t *) ®, 0, 1, value);
234 buf_set_u32((uint8_t *) ®, 8, 8, value);
237 case ARMV7M_FAULTMASK:
238 buf_set_u32((uint8_t *) ®, 16, 1, value);
242 buf_set_u32((uint8_t *) ®, 24, 2, value);
246 stlink_if->layout->api->write_reg(stlink_if->fd, 20, reg);
248 LOG_DEBUG("write special reg %i value 0x%" PRIx32 " ", (int)num, value);
252 return ERROR_COMMAND_SYNTAX_ERROR;
258 static int stm32_stlink_examine_debug_reason(struct target *target)
260 if ((target->debug_reason != DBG_REASON_DBGRQ)
261 && (target->debug_reason != DBG_REASON_SINGLESTEP)) {
262 target->debug_reason = DBG_REASON_BREAKPOINT;
268 static int stm32_stlink_init_arch_info(struct target *target,
269 struct cortex_m3_common *cortex_m3,
270 struct jtag_tap *tap)
272 struct armv7m_common *armv7m;
274 LOG_DEBUG("%s", __func__);
276 armv7m = &cortex_m3->armv7m;
277 armv7m_init_arch_info(target, armv7m);
279 armv7m->load_core_reg_u32 = stm32_stlink_load_core_reg_u32;
280 armv7m->store_core_reg_u32 = stm32_stlink_store_core_reg_u32;
282 armv7m->examine_debug_reason = stm32_stlink_examine_debug_reason;
283 armv7m->stlink = true;
288 static int stm32_stlink_init_target(struct command_context *cmd_ctx,
289 struct target *target)
291 LOG_DEBUG("%s", __func__);
293 armv7m_build_reg_cache(target);
298 static int stm32_stlink_target_create(struct target *target,
301 LOG_DEBUG("%s", __func__);
303 struct cortex_m3_common *cortex_m3 = calloc(1, sizeof(struct cortex_m3_common));
306 return ERROR_COMMAND_SYNTAX_ERROR;
308 stm32_stlink_init_arch_info(target, cortex_m3, target->tap);
313 static int stm32_stlink_load_context(struct target *target)
315 struct armv7m_common *armv7m = target_to_armv7m(target);
316 int num_regs = armv7m->core_cache->num_regs;
318 for (int i = 0; i < num_regs; i++) {
319 if (!armv7m->core_cache->reg_list[i].valid)
320 armv7m->read_core_reg(target, i);
326 static int stlink_debug_entry(struct target *target)
328 struct armv7m_common *armv7m = target_to_armv7m(target);
329 struct arm *arm = &armv7m->arm;
334 retval = armv7m->examine_debug_reason(target);
335 if (retval != ERROR_OK)
338 stm32_stlink_load_context(target);
340 r = armv7m->core_cache->reg_list + ARMV7M_xPSR;
341 xPSR = buf_get_u32(r->value, 0, 32);
343 /* Are we in an exception handler */
345 armv7m->core_mode = ARMV7M_MODE_HANDLER;
346 armv7m->exception_number = (xPSR & 0x1FF);
348 arm->core_mode = ARM_MODE_HANDLER;
349 arm->map = armv7m_msp_reg_map;
351 unsigned control = buf_get_u32(armv7m->core_cache
352 ->reg_list[ARMV7M_CONTROL].value, 0, 2);
354 /* is this thread privileged? */
355 armv7m->core_mode = control & 1;
356 arm->core_mode = armv7m->core_mode
357 ? ARM_MODE_USER_THREAD
360 /* which stack is it using? */
362 arm->map = armv7m_psp_reg_map;
364 arm->map = armv7m_msp_reg_map;
366 armv7m->exception_number = 0;
369 LOG_DEBUG("entered debug state in core mode: %s at PC 0x%08" PRIx32 ", target->state: %s",
370 armv7m_mode_strings[armv7m->core_mode],
371 *(uint32_t *)(arm->pc->value),
372 target_state_name(target));
377 static int stm32_stlink_poll(struct target *target)
379 enum target_state state;
380 struct stlink_interface_s *stlink_if = target_to_stlink(target);
381 struct armv7m_common *armv7m = target_to_armv7m(target);
383 state = stlink_if->layout->api->state(stlink_if->fd);
385 if (state == TARGET_UNKNOWN) {
386 LOG_ERROR("jtag status contains invalid mode value - communication failure");
387 return ERROR_TARGET_FAILURE;
390 if (target->state == state)
393 if (state == TARGET_HALTED) {
394 target->state = state;
396 int retval = stlink_debug_entry(target);
397 if (retval != ERROR_OK)
400 if (arm_semihosting(target, &retval) != 0)
403 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
404 LOG_DEBUG("halted: PC: 0x%08x", buf_get_u32(armv7m->arm.pc->value, 0, 32));
410 static int stm32_stlink_assert_reset(struct target *target)
413 struct stlink_interface_s *stlink_if = target_to_stlink(target);
414 struct armv7m_common *armv7m = target_to_armv7m(target);
415 bool use_srst_fallback = true;
417 LOG_DEBUG("%s", __func__);
419 enum reset_types jtag_reset_config = jtag_get_reset_config();
421 bool srst_asserted = false;
423 if (jtag_reset_config & RESET_SRST_NO_GATING) {
424 jtag_add_reset(0, 1);
425 res = stlink_if->layout->api->assert_srst(stlink_if->fd, 0);
426 srst_asserted = true;
429 stlink_if->layout->api->write_debug_reg(stlink_if->fd, DCB_DHCSR, DBGKEY|C_DEBUGEN);
430 stlink_if->layout->api->write_debug_reg(stlink_if->fd, DCB_DEMCR, VC_CORERESET);
432 if (jtag_reset_config & RESET_HAS_SRST) {
433 if (!srst_asserted) {
434 jtag_add_reset(0, 1);
435 res = stlink_if->layout->api->assert_srst(stlink_if->fd, 0);
437 if (res == ERROR_COMMAND_NOTFOUND)
438 LOG_ERROR("Hardware srst not supported, falling back to software reset");
439 else if (res == ERROR_OK) {
440 /* hardware srst supported */
441 use_srst_fallback = false;
445 if (use_srst_fallback) {
446 /* stlink v1 api does support hardware srst, so we use a software reset fallback */
447 stlink_if->layout->api->write_debug_reg(stlink_if->fd, NVIC_AIRCR, AIRCR_VECTKEY | AIRCR_SYSRESETREQ);
450 res = stlink_if->layout->api->reset(stlink_if->fd);
455 /* registers are now invalid */
456 register_cache_invalidate(armv7m->core_cache);
458 if (target->reset_halt) {
459 target->state = TARGET_RESET;
460 target->debug_reason = DBG_REASON_DBGRQ;
462 target->state = TARGET_HALTED;
468 static int stm32_stlink_deassert_reset(struct target *target)
471 struct stlink_interface_s *stlink_if = target_to_stlink(target);
473 enum reset_types jtag_reset_config = jtag_get_reset_config();
475 LOG_DEBUG("%s", __func__);
477 if (jtag_reset_config & RESET_HAS_SRST)
478 stlink_if->layout->api->assert_srst(stlink_if->fd, 1);
480 /* virtual deassert reset, we need it for the internal
483 jtag_add_reset(0, 0);
485 if (!target->reset_halt) {
486 res = target_resume(target, 1, 0, 0, 0);
495 static int stm32_stlink_soft_reset_halt(struct target *target)
497 LOG_DEBUG("%s", __func__);
501 static int stm32_stlink_halt(struct target *target)
504 struct stlink_interface_s *stlink_if = target_to_stlink(target);
506 LOG_DEBUG("%s", __func__);
508 if (target->state == TARGET_HALTED) {
509 LOG_DEBUG("target was already halted");
513 if (target->state == TARGET_UNKNOWN)
514 LOG_WARNING("target was in unknown state when halt was requested");
516 res = stlink_if->layout->api->halt(stlink_if->fd);
521 target->debug_reason = DBG_REASON_DBGRQ;
526 static int stm32_stlink_resume(struct target *target, int current,
527 uint32_t address, int handle_breakpoints,
531 struct stlink_interface_s *stlink_if = target_to_stlink(target);
532 struct armv7m_common *armv7m = target_to_armv7m(target);
534 struct breakpoint *breakpoint = NULL;
537 LOG_DEBUG("%s %d 0x%08x %d %d", __func__, current, address,
538 handle_breakpoints, debug_execution);
540 if (target->state != TARGET_HALTED) {
541 LOG_WARNING("target not halted");
542 return ERROR_TARGET_NOT_HALTED;
547 buf_set_u32(pc->value, 0, 32, address);
552 if (!breakpoint_find(target, buf_get_u32(pc->value, 0, 32))
553 && !debug_execution) {
554 armv7m_maybe_skip_bkpt_inst(target, NULL);
557 resume_pc = buf_get_u32(pc->value, 0, 32);
559 armv7m_restore_context(target);
561 /* registers are now invalid */
562 register_cache_invalidate(armv7m->core_cache);
564 /* the front-end may request us not to handle breakpoints */
565 if (handle_breakpoints) {
566 /* Single step past breakpoint at current address */
567 breakpoint = breakpoint_find(target, resume_pc);
569 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32 " (ID: %d)",
571 breakpoint->unique_id);
572 cortex_m3_unset_breakpoint(target, breakpoint);
574 res = stlink_if->layout->api->step(stlink_if->fd);
579 cortex_m3_set_breakpoint(target, breakpoint);
583 res = stlink_if->layout->api->run(stlink_if->fd);
588 target->state = TARGET_RUNNING;
590 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
595 static int stm32_stlink_step(struct target *target, int current,
596 uint32_t address, int handle_breakpoints)
599 struct stlink_interface_s *stlink_if = target_to_stlink(target);
600 struct armv7m_common *armv7m = target_to_armv7m(target);
601 struct breakpoint *breakpoint = NULL;
602 struct reg *pc = armv7m->arm.pc;
603 bool bkpt_inst_found = false;
605 LOG_DEBUG("%s", __func__);
607 if (target->state != TARGET_HALTED) {
608 LOG_WARNING("target not halted");
609 return ERROR_TARGET_NOT_HALTED;
613 buf_set_u32(pc->value, 0, 32, address);
618 uint32_t pc_value = buf_get_u32(pc->value, 0, 32);
620 /* the front-end may request us not to handle breakpoints */
621 if (handle_breakpoints) {
622 breakpoint = breakpoint_find(target, pc_value);
624 cortex_m3_unset_breakpoint(target, breakpoint);
627 armv7m_maybe_skip_bkpt_inst(target, &bkpt_inst_found);
629 target->debug_reason = DBG_REASON_SINGLESTEP;
631 armv7m_restore_context(target);
633 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
635 res = stlink_if->layout->api->step(stlink_if->fd);
640 /* registers are now invalid */
641 register_cache_invalidate(armv7m->core_cache);
644 cortex_m3_set_breakpoint(target, breakpoint);
646 stlink_debug_entry(target);
647 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
649 LOG_INFO("halted: PC: 0x%08x", buf_get_u32(armv7m->arm.pc->value, 0, 32));
654 static int stm32_stlink_read_memory(struct target *target, uint32_t address,
655 uint32_t size, uint32_t count,
659 uint32_t buffer_threshold = 128;
660 uint32_t addr_increment = 4;
662 struct stlink_interface_s *stlink_if = target_to_stlink(target);
664 if (!count || !buffer)
665 return ERROR_COMMAND_SYNTAX_ERROR;
667 LOG_DEBUG("%s 0x%08x %d %d", __func__, address, size, count);
669 /* prepare byte count, buffer threshold
670 * and address increment for none 32bit access
674 buffer_threshold = 64;
679 if (count > buffer_threshold)
680 c = buffer_threshold;
685 res = stlink_if->layout->api->read_mem8(stlink_if->fd,
688 res = stlink_if->layout->api->read_mem32(stlink_if->fd,
694 address += (c * addr_increment);
695 buffer += (c * addr_increment);
702 static int stm32_stlink_write_memory(struct target *target, uint32_t address,
703 uint32_t size, uint32_t count,
704 const uint8_t *buffer)
707 uint32_t buffer_threshold = 128;
708 uint32_t addr_increment = 4;
710 struct stlink_interface_s *stlink_if = target_to_stlink(target);
712 if (!count || !buffer)
713 return ERROR_COMMAND_SYNTAX_ERROR;
715 LOG_DEBUG("%s 0x%08x %d %d", __func__, address, size, count);
717 /* prepare byte count, buffer threshold
718 * and address increment for none 32bit access
722 buffer_threshold = 64;
727 if (count > buffer_threshold)
728 c = buffer_threshold;
733 res = stlink_if->layout->api->write_mem8(stlink_if->fd,
736 res = stlink_if->layout->api->write_mem32(stlink_if->fd,
742 address += (c * addr_increment);
743 buffer += (c * addr_increment);
750 static int stm32_stlink_bulk_write_memory(struct target *target,
751 uint32_t address, uint32_t count,
752 const uint8_t *buffer)
754 return stm32_stlink_write_memory(target, address, 4, count, buffer);
757 struct target_type stm32_stlink_target = {
758 .name = "stm32_stlink",
760 .init_target = stm32_stlink_init_target,
761 .target_create = stm32_stlink_target_create,
762 .examine = cortex_m3_examine,
764 .poll = stm32_stlink_poll,
765 .arch_state = armv7m_arch_state,
767 .assert_reset = stm32_stlink_assert_reset,
768 .deassert_reset = stm32_stlink_deassert_reset,
769 .soft_reset_halt = stm32_stlink_soft_reset_halt,
771 .halt = stm32_stlink_halt,
772 .resume = stm32_stlink_resume,
773 .step = stm32_stlink_step,
775 .get_gdb_reg_list = armv7m_get_gdb_reg_list,
777 .read_memory = stm32_stlink_read_memory,
778 .write_memory = stm32_stlink_write_memory,
779 .bulk_write_memory = stm32_stlink_bulk_write_memory,
780 .checksum_memory = armv7m_checksum_memory,
781 .blank_check_memory = armv7m_blank_check_memory,
783 .run_algorithm = armv7m_run_algorithm,
784 .start_algorithm = armv7m_start_algorithm,
785 .wait_algorithm = armv7m_wait_algorithm,
787 .add_breakpoint = cortex_m3_add_breakpoint,
788 .remove_breakpoint = cortex_m3_remove_breakpoint,
789 .add_watchpoint = cortex_m3_add_watchpoint,
790 .remove_watchpoint = cortex_m3_remove_watchpoint,