Don't expose the RDTR register through the register cache any
more. If anyone wants Tcl scripts to be able to use DCC based
communication with app code in the target, this wouldn't do it.
Bugfix: don't trust the Tcl-accessible version of DSCR to
flag whether RDTR needs to be restored when resuming.
Streamline arm11_on_enter_debug_state() entry:
- It should handle the standard updates:
* target->debug_reason
* target->state
- Don't waste time re-reading DSCR; just pass it in
Also rename the routine to "arm11_debug_entry()", matching the
convention used elsewhere in OpenOCD.
Save and display the address of the instruction which triggered the
watchpoint. Because of pipelining, that's well behind the PC value
when debug entry completes. (Example in a subroutine that had been
returned from...)
Remove unused A8 stuff, mostly watchpoint hooks from the header.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Except for USR/SYS mode, the labels for the shadowed SP and LR
registers were reversed. LR is r14; SP is r13. Fix.
This would not affect GDB users; GDB references are positional.
Only folk working directly with OpenOCD register values would
have noticed this bug.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Actually this should handle both breakpoints and watchpoints ... but
the DPM framework only handles watchpoints for now. Works on Beagle.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This is a NOP unless the underlying core exposes two new methods, and
neither of the two cores using this (ARM11xx, Cortex-A8) do so yet.
This patch only updates those cores so they pass a flag saying whether
or not to update breakpoint and watchpoint status before resuming; and
removing some now-needless anti-segfault code from ARM11. Cortex-A8
didn't have that code ... yes, it segfaulted when setting watchpoints.
NOTE: this uses a slightly different strategy for setting/clearing
breakpoints than the ARM7/ARM9/etc code uses. It leaves them alone
unless it's *got* to change something, to speed halt/resume cycles
(including single stepping).
ALSO NOTE: this under-delivers for Cortex-A8, where regions with size
up to 2 GBytes can be watched ... it handles watchpoints which ARM11 can
also handle (size 1/2/4 bytes). Should get fixed later.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
We don't need this code, now that the DPM code handles it.
Neither do we need the ARMv7-A CP15 operations; remove their
remnants too. And disable a mostly-needless diagnostic.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Instead of having separate ARM11 and Cortex-A8 implementations of
this code, have one shared implementation which just builds on the
existing "run instruction via R0" support.
This enables followup patches to remove that now-unused code from
those two drivers. (Patches to move the "mrc" and "mcr" code into
"struct arm" are due too ... MIPS and other cores do not support
those ARM-specific concepts.)
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Switch "mrc" and "mcr" commands to be toplevel ARM operations,
as they should initially have been.
Correct the usage message for both commands: it matches ARM
documentation (as one wants!) instead of reordering them to
match the funky mrc() and mcr() method usage (sigh).
For Cortex-A8: restore a line that got accidentally dropped,
so the secure monitor mode shadow registers will show again.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
The ARMv7-A code uses read_cp15() to access fault registers.
Instead, use DPM operations directly, passing in the relevant
MRC instructions.
This eliminates per-operation overhead (though it'll be hard
to observe, this is uncommon) and helps eliminate read_cp15().
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
There were two chunks of Cortex-A8 code which called the
ARMv7-A CP15 operations; get rid of them, helping prepare
to remove those methods completely:
- post_debug_entry() can use the mrc() method to read
its two registers.
- write_memory() can use dpm->instr_write_data_r0() to
flush the ICache and DCache ... doing it this way is
actually faster since it reduces per-write overhead.
Note that the mrc() method parameters are re-ordered with
respect to the ARM instruction documentation, so that part
can be confusing.
Cleaned up the layout and comments in those areas a bit.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Clean up two aspects to this routine: bad naming, since it
doesn't restore the context, just the banked registers; and
excess indentation for the bulk of the code.
Also make some of its call sites stash the function's return
code; someday they should use it for error checking.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This "loop over all registers" routine shared the same mess as
full_context() in terms of dozens of needless number_to_mode()
calls. Fix that, and comments, with related cleanup.
The misnamed xscale_restore_context() had a related bug. It
was restoring the *WRONG REGISTERS* ... always from whatever
the current mode was, instead of using the copy from whichever
register bank it was trying to restore. (But it marked the
intended register as having been restored...) Fixed that.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Streamline the loop by continuing as soon as we know there's no
work to be done; this lets us un-indent almost everything.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
When fetching all the registers, XScale was doing various stupid
things like calling number_to_mode() a few dozen times instead of
just once, and mapping access to each register three times (again,
instead of just once). Stop that.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Use the new mapping interfaces in the debug entry path.
SPSR and the banked registers now have smaller and faster
accessors ... use them.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Those commands presume support for the "classic" set of CPU
modes (FIQ, supervisor, IRQ, etc) ... which aren't supported
by the ARMv7-M or ARMv6-M architectures. They also presume
a "struct arm" base type, which this code doesn't use.
We haven't cleaned up the register handling enough to be able
to share any of those "base" methods.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Eliminate the monolithic tcl_target_func by registering each of its
commands using the new chained command registration mechanism.
Also chains the target's commands under the CPU command, though these
may not work properly without some further modification.
The 'target' command group was implemented using its own command
dispatching, which can be eliminated by using the new chained command
registration mechanism. This patch splits the jim_target() function
into individual handlers, which makes them to be visible to the help and
usage commands. These one-trick handlers are much easier to understand.
There is no DEBUG() macro; don't call one! Always at
least *parse* debug code, to help prevent such errors.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
In target_type.h it's documented that the target must be
halted for add_breakpoint() ... and with slight ambiguity,
also for its add_watchpoint() sibling. So rather than
verifying that constraint in the CPU drivers, do it in the
target_add_{break,watch}point() routines.
Add minor paranoia on the remove_*point() paths too: save
the return value, and print it out in in the LOG_DEBUG message
in case it's nonzero.
Note that with some current cores, like all ARMv7 ones I've
looked at, there's no technical issue preventing watchpoint or
breakpoint add/remove operations on active cores. This model
seems deeply wired into OpenOCD though.
ALSO: the ARM targets were fairly "good" about enforcing that
constraint themselves. The MIPS ones were relied on other code
to catch such stuff, but it's not clear such code existed ...
keep an eye out for new issues on MIPS.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Use the new "reset-assert" event; else SRST; else fail.
Tested on an OMAP3, using the event.
NOTE: still doesn't handle "reset halt". For some reason
neither VCR nor PRCR seemed effective; they held the value
that was written, but VCR didn't trigger debug entry when
the reset vector fired (maybe the vector needs configuring?)
and PRCR refused to hold the chip in reset until deassert()
could force the core into debug state.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This defines a "reset-assert" event and a supporting utility
routine, and documents both how targets should implement it
and how config scripts should use it. Core-specific updates
are needed to make this work.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
When writing to a chip's "reset yourself" register, the ARM11 code
was reporting a spurious failure. Just don't bother checking for
correctly incremented pointers given single-unit writes ... it's
a bit faster that way too. (Reads should likely do the same thing.
For that matter, such checks are usually just a waste...)
Shrink an overlong parameter name, and associated lines'o'code.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Just make these fail, instead of letting them write over
potentially random memory. Users should be able to work
around the lack of real implementations by disbling the
MMU by hand ... until someone provides a Real Fix.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Several of the sites now using target_type_name() really
ought to be using an instance-specific name. Create a
function called target_name(), accessing the instance's
own (command) name.
Use it in several places that really should be displaying
instance-specific names. Also in several places which
were already doing so, but which had no wrapper to call.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
There are two names that may matter on a per-target basis.
One is a per-instance name (for example, "at91sam7s.cpu").
The other is the name of its type (for example, "arm7tdmi"),
which is shared among multiple targets.
Currently target_get_name() returns the type name, which is
misleading and is rarely appropriate for target diagnostics.
Rename that as target_type_name().
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Alliteration aside, this should provide the final piece of the puzzle
for developers that want to get started writing a new target type.
In this way, it also seeks to complement the 'dummy' interface driver
and 'faux' NOR flash driver.
Adding jim_handler field to command_registration allows removing the
register_jim helper. All command registrations now go through the
register_command{,s}() functions.
Converts callback to an array of command_registration records.
Moves oocd_trace driver definition to end of file to eliminate
useless forward declaration.
Uses chaining of command_registration structures to eliminate all
target_type register_callback routines. Exports the command_handler
registration arrays for those target types that are used by others.
There was a lot of needless handshaking overhead in the current
Cortex-A8 DCC/ITR operations, since the status read by each step
was discarded rather than letting the next step know it.
This shrinks the handshaking by: (a) passing status along from
previous steps, avoiding re-fetching; which enables the big win
(b) relying on a useful invariant: that the DSCR_INSTR_COMP bit
is set after every call to a DPM method.
A "reg sp_usr" call previously took 17 flushes; now it takes just 9.
This visibly speeds common operations like entry to debug state and
stepping, as well as "arm reg" and so on.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This replaces two versions of register access functions. One
was commented out, and seemed to have uncertain intent. The
other was fairly new, and helped motivate the DPM framework
once I observed that the ARM11 was doing the very same ops.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This implements the DPM interface for Cortex-A8 cores. It
also adds a synchronization operation to the DPM framework,
which is needed by the Cortex-A8 after CPSR writes.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Make various functions static, add some comments, report
vector catch as a flavor of DBG_REASON_BREAKPOINT, get
rid of needless/undesirable ARMV4_5_CORE_REG_MODE, etc.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This finishes the basic switchover to the new register code,
for everything except the debug registers. (And maybe we
shouldn't have a cache for *those* which works this way...)
The context save/restore code now uses the new code, but
it's in a slightly different sequence. That should be fine
since the R0/PC/CPSR stuff is all that really matters (and
if we can update those, we can update the rest).
Now there's no longer a way any code can be confused about
which copy of "r1" (etc) to use.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
As with single stepping, the previous stuff was needed because
the ARM11 code wasn't using the standard ARM base type and
register access ... but now those mechanisms work, so we can
switch out that special-purpose glue, in favor of the more
thoroughly tested/capable "standard" code.
Fixes a bug in the resume() implementation: it wasn't handling
two of its arguments correctly, preventing the "flash erase_check"
algorithm from working. (This code needs a *subsequent* update
for correct register handling, though... removing the confusion
about which "r2", for example, to use.)
This should resolve some "FIXME" comments too, for Thumb and
processor mode support. It also gets rid of a nasty exit()
call; servers should only have *clean* shutdown paths.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
The previous stuff was needed because the ARM11 code wasn't using
the standard ARM base type and register access ... but now those
mechanisms work, so we can switch out that special-purpose glue.
This should resolve all the "FIXME -- handle Thumb single stepping"
comments too, and properly handle the processor's mode. (Modulo
the issue that this code doesn't yet handle two-byte breakpoints.)
Clarify the comments about the the hardware single stepping. When
we eventually share breakpoint code with Cortex-A8, we can just make
that be the default on cores which support it. We may still want an
override command, not just to facilitate testing but to cope with
"instruction address mismatch" not quite being true single-step.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This provides "standard" ARM register support -- with twenty or
more shadow registers on top of what this code now handles, but
properly associated with the various core modes -- parallel to
the current register code. That is, the current code is stilil
managing the "current" registers; the new code shadows them.
You can see all the registers with "arm reg", modify the shadows
like "r8_fiq" or "sp_abt" with "reg", and see them get properly
written back when you step. (Just don't do that with any of the
registers managed by the "old" code ...)
It also switches to using more standard code, relying on those
standard registers, in two places: (a) the poll status display,
which now shows core state (ARM/Thumb/...) and mode (Supervisor,
IRQ, etc); and (b) GDB register access.
So it's not a full migration, there are warts -- every place that
touches the old register cache is a potential bug -- but it's a
small more-or-less-comprehensible step that's even somewhat useful.
Later patches complete the migration.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This was a private mechanism to snapshot registers before leaving
debug state, and then on reentry to optionally display what changed.
It was coupled to the private register cache, which won't be sticking
around in that form for much longer. Remove (instead of teaching
it how to handle *all* the registers).
(The idea is interesting, but we ought to be able to implement
this in a generic way. Ideally through Tcl scripts that can
automatically be invoked following debug entry...)
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This is a very thin layer over some of the current ARM11
debug TAP utilities. The layer isn't yet hooked up.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
First version of interface for sharing code between ARMv6 and ARMv7a
debug modules ... now the architecture includes debug support. (Not
the same as for the trimmed-down v7m or v6m though!) This is a first
version of an interface that will let the ARM11 and Cortex-A8 support
share code, features, and bugfixes. Based on existing code from both
of those cores.
The ARM v7-AR architecture specification calls this commonality the
"Debug Programmer's Model (DPM)", which seemed to be an appropriate
acronym -- a TLA even! -- for use in our code. Made it so. :)
The initial scope of this just supports register access, and is geared
towards supporting top level "struct arm" mechanisms. Later, things
like breakpoint and watchpoint support should be included.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
For now there's no point in saving this stuff after examine()
checks it out as OK. Ditto exporting symbols that aren't
used outside of the module which defines them. In fact, those
two things needlessly complicate the code...
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Make this code look more like the rest of the OpenOCD code.
- Use calloc() directly, not NEW() ... and fix some potential
memory leaks while we're at it.
- Remove FNC_INFO ... it's a NOP that just clutters things,
and it's trivial for developers to add tracing as needed.
- Replace FNC_INFO_NOTIMPLEMENTED with LOG_WARNING calls;
ditto. And stop having those call sites wrongly succeed!
- Waste less space with the CHECK_RETVAL() macro.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
This will allow data to be allocated in read only
memory instead of on the stack. Speeds things up
and reduces stack usage.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
buf_set_u32() operated on an uninitialized stack
variable with non-byte boundaries, which led to
warnings about reading uninitialized stack.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Start using the arm_reg_current() call. This shrinks and speeds
the affected code. It can also prevent some coredumps coming from
invalid CPSR values ... the ARMV4_5_CORE_REG_MODE() macro returns
bogus registers if e.g. "Secure Monitor" mode isn't supported by
the current CPU.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
We don't need to use size_t in these places; so it's easy
to be rid of the need for this #ifdef and its MS-derived
portability problems.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
With -O3 when inlining aggressively the total stack usage will
be the sum of many fn's, which can easily get out of hand.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Have arm_set_cpsr() handle the two core state flags, updating
the CPU state. This eliminates code in various debug_entry()
paths, and marginally improves handling of the J bit.
Catch and comment a few holes in the handling of the J bit on
ARM926ejs cores ... it's unlikely our users will care about
Jazelle mode, but we can at least warn of Impending Doom. If
anyone does use it, these breadcrumbs may help them to find
the right path through the code.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
David Brownell
Zachary T Welch
Marek Vasut
Jerry Ling
Øyvind Harboe