1 // SPDX-License-Identifier: GPL-2.0-or-later
4 * Copyright(c) 2013-2016 Intel Corporation.
6 * Adrian Burns (adrian.burns@intel.com)
7 * Thomas Faust (thomas.faust@intel.com)
8 * Ivan De Cesaris (ivan.de.cesaris@intel.com)
9 * Julien Carreno (julien.carreno@intel.com)
10 * Jeffrey Maxwell (jeffrey.r.maxwell@intel.com)
11 * Jessica Gomez (jessica.gomez.hernandez@intel.com)
13 * Contact Information:
19 * This implements the probemode operations for Lakemont 1 (LMT1).
26 #include <helper/log.h>
29 #include "target_type.h"
32 #include "breakpoints.h"
33 #include "x86_32_common.h"
35 static int irscan(struct target
*t
, uint8_t *out
,
36 uint8_t *in
, uint8_t ir_len
);
37 static int drscan(struct target
*t
, uint8_t *out
, uint8_t *in
, uint8_t len
);
38 static int save_context(struct target
*target
);
39 static int restore_context(struct target
*target
);
40 static uint32_t get_tapstatus(struct target
*t
);
41 static int enter_probemode(struct target
*t
);
42 static int exit_probemode(struct target
*t
);
43 static int halt_prep(struct target
*t
);
44 static int do_halt(struct target
*t
);
45 static int do_resume(struct target
*t
);
46 static int read_all_core_hw_regs(struct target
*t
);
47 static int write_all_core_hw_regs(struct target
*t
);
48 static int read_hw_reg(struct target
*t
,
49 int reg
, uint32_t *regval
, uint8_t cache
);
50 static int write_hw_reg(struct target
*t
,
51 int reg
, uint32_t regval
, uint8_t cache
);
52 static struct reg_cache
*lakemont_build_reg_cache
53 (struct target
*target
);
54 static int submit_reg_pir(struct target
*t
, int num
);
55 static int submit_instruction_pir(struct target
*t
, int num
);
56 static int submit_pir(struct target
*t
, uint64_t op
);
57 static int lakemont_get_core_reg(struct reg
*reg
);
58 static int lakemont_set_core_reg(struct reg
*reg
, uint8_t *buf
);
60 static struct scan_blk scan
;
62 /* registers and opcodes for register access, pm_idx is used to identify the
63 * registers that are modified for lakemont probemode specific operations
75 /* general purpose registers */
76 { EAX
, "eax", 0x000000D01D660000ULL
, 0, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
77 { ECX
, "ecx", 0x000000501D660000ULL
, 1, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
78 { EDX
, "edx", 0x000000901D660000ULL
, 2, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
79 { EBX
, "ebx", 0x000000101D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
80 { ESP
, "esp", 0x000000E01D660000ULL
, NOT_PMREG
, 32, REG_TYPE_DATA_PTR
, "general", "org.gnu.gdb.i386.core" },
81 { EBP
, "ebp", 0x000000601D660000ULL
, NOT_PMREG
, 32, REG_TYPE_DATA_PTR
, "general", "org.gnu.gdb.i386.core" },
82 { ESI
, "esi", 0x000000A01D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
83 { EDI
, "edi", 0x000000201D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
85 /* instruction pointer & flags */
86 { EIP
, "eip", 0x000000C01D660000ULL
, 3, 32, REG_TYPE_CODE_PTR
, "general", "org.gnu.gdb.i386.core" },
87 { EFLAGS
, "eflags", 0x000000401D660000ULL
, 4, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
89 /* segment registers */
90 { CS
, "cs", 0x000000281D660000ULL
, 5, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
91 { SS
, "ss", 0x000000C81D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
92 { DS
, "ds", 0x000000481D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
93 { ES
, "es", 0x000000A81D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
94 { FS
, "fs", 0x000000881D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
95 { GS
, "gs", 0x000000081D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
97 /* floating point unit registers - not accessible via JTAG - here to satisfy GDB */
98 { ST0
, "st0", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
99 { ST1
, "st1", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
100 { ST2
, "st2", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
101 { ST3
, "st3", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
102 { ST4
, "st4", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
103 { ST5
, "st5", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
104 { ST6
, "st6", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
105 { ST7
, "st7", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
106 { FCTRL
, "fctrl", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
107 { FSTAT
, "fstat", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
108 { FTAG
, "ftag", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
109 { FISEG
, "fiseg", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
110 { FIOFF
, "fioff", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
111 { FOSEG
, "foseg", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
112 { FOOFF
, "fooff", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
113 { FOP
, "fop", 0x0, NOT_AVAIL_REG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.core" },
115 /* control registers */
116 { CR0
, "cr0", 0x000000001D660000ULL
, 6, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
117 { CR2
, "cr2", 0x000000BC1D660000ULL
, 7, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
118 { CR3
, "cr3", 0x000000801D660000ULL
, 8, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
119 { CR4
, "cr4", 0x0000002C1D660000ULL
, 9, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
121 /* debug registers */
122 { DR0
, "dr0", 0x0000007C1D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
123 { DR1
, "dr1", 0x000000FC1D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
124 { DR2
, "dr2", 0x000000021D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
125 { DR3
, "dr3", 0x000000821D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
126 { DR6
, "dr6", 0x000000301D660000ULL
, 10, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
127 { DR7
, "dr7", 0x000000B01D660000ULL
, 11, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
129 /* descriptor tables */
130 { IDTB
, "idtbase", 0x000000581D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
131 { IDTL
, "idtlimit", 0x000000D81D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
132 { IDTAR
, "idtar", 0x000000981D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
133 { GDTB
, "gdtbase", 0x000000B81D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
134 { GDTL
, "gdtlimit", 0x000000781D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
135 { GDTAR
, "gdtar", 0x000000381D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
136 { TR
, "tr", 0x000000701D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
137 { LDTR
, "ldtr", 0x000000F01D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
138 { LDTB
, "ldbase", 0x000000041D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
139 { LDTL
, "ldlimit", 0x000000841D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
140 { LDTAR
, "ldtar", 0x000000F81D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
142 /* segment registers */
143 { CSB
, "csbase", 0x000000F41D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
144 { CSL
, "cslimit", 0x0000000C1D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
145 { CSAR
, "csar", 0x000000741D660000ULL
, 12, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
146 { DSB
, "dsbase", 0x000000941D660000ULL
, 13, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
147 { DSL
, "dslimit", 0x000000541D660000ULL
, 14, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
148 { DSAR
, "dsar", 0x000000141D660000ULL
, 15, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
149 { ESB
, "esbase", 0x0000004C1D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
150 { ESL
, "eslimit", 0x000000CC1D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
151 { ESAR
, "esar", 0x0000008C1D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
152 { FSB
, "fsbase", 0x000000641D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
153 { FSL
, "fslimit", 0x000000E41D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
154 { FSAR
, "fsar", 0x000000A41D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
155 { GSB
, "gsbase", 0x000000C41D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
156 { GSL
, "gslimit", 0x000000241D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
157 { GSAR
, "gsar", 0x000000441D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
158 { SSB
, "ssbase", 0x000000341D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
159 { SSL
, "sslimit", 0x000000B41D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
160 { SSAR
, "ssar", 0x000000D41D660000ULL
, 16, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
161 { TSSB
, "tssbase", 0x000000E81D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
162 { TSSL
, "tsslimit", 0x000000181D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
163 { TSSAR
, "tssar", 0x000000681D660000ULL
, NOT_PMREG
, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
164 /* probemode control register */
165 { PMCR
, "pmcr", 0x000000421D660000ULL
, 17, 32, REG_TYPE_INT32
, "general", "org.gnu.gdb.i386.sys" },
168 static const struct {
173 /* memory read/write */
174 { MEMRDB32
, "MEMRDB32", 0x0909090909090851ULL
},
175 { MEMRDB16
, "MEMRDB16", 0x09090909090851E6ULL
},
176 { MEMRDH32
, "MEMRDH32", 0x090909090908D166ULL
},
177 { MEMRDH16
, "MEMRDH16", 0x090909090908D1E6ULL
},
178 { MEMRDW32
, "MEMRDW32", 0x09090909090908D1ULL
},
179 { MEMRDW16
, "MEMRDW16", 0x0909090908D1E666ULL
},
180 { MEMWRB32
, "MEMWRB32", 0x0909090909090811ULL
},
181 { MEMWRB16
, "MEMWRB16", 0x09090909090811E6ULL
},
182 { MEMWRH32
, "MEMWRH32", 0x0909090909089166ULL
},
183 { MEMWRH16
, "MEMWRH16", 0x09090909090891E6ULL
},
184 { MEMWRW32
, "MEMWRW32", 0x0909090909090891ULL
},
185 { MEMWRW16
, "MEMWRW16", 0x090909090891E666ULL
},
187 { IORDB32
, "IORDB32", 0x0909090909090937ULL
},
188 { IORDB16
, "IORDB16", 0x09090909090937E6ULL
},
189 { IORDH32
, "IORDH32", 0x090909090909B766ULL
},
190 { IORDH16
, "IORDH16", 0x090909090909B7E6ULL
},
191 { IORDW32
, "IORDW32", 0x09090909090909B7ULL
},
192 { IORDW16
, "IORDW16", 0x0909090909B7E666ULL
},
193 { IOWRB32
, "IOWRB32", 0x0909090909090977ULL
},
194 { IOWRB16
, "IOWRB16", 0x09090909090977E6ULL
},
195 { IOWRH32
, "IOWRH32", 0x090909090909F766ULL
},
196 { IOWRH16
, "IOWRH16", 0x090909090909F7E6ULL
},
197 { IOWRW32
, "IOWRW32", 0x09090909090909F7ULL
},
198 { IOWRW16
, "IOWRW16", 0x0909090909F7E666ULL
},
199 /* lakemont1 core shadow ram access opcodes */
200 { SRAMACCESS
, "SRAMACCESS", 0x0000000E9D660000ULL
},
201 { SRAM2PDR
, "SRAM2PDR", 0x4CF0000000000000ULL
},
202 { PDR2SRAM
, "PDR2SRAM", 0x0CF0000000000000ULL
},
203 { WBINVD
, "WBINVD", 0x09090909090990F0ULL
},
206 bool check_not_halted(const struct target
*t
)
208 bool halted
= t
->state
== TARGET_HALTED
;
210 LOG_ERROR("target running, halt it first");
214 static int irscan(struct target
*t
, uint8_t *out
,
215 uint8_t *in
, uint8_t ir_len
)
217 int retval
= ERROR_OK
;
218 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
221 LOG_ERROR("%s invalid target tap", __func__
);
224 if (ir_len
!= t
->tap
->ir_length
) {
227 LOG_ERROR("%s tap enabled but tap irlen=%d",
228 __func__
, t
->tap
->ir_length
);
230 LOG_ERROR("%s tap not enabled and irlen=%d",
231 __func__
, t
->tap
->ir_length
);
234 struct scan_field
*fields
= &scan
.field
;
235 fields
->num_bits
= ir_len
;
236 fields
->out_value
= out
;
237 fields
->in_value
= in
;
238 jtag_add_ir_scan(x86_32
->curr_tap
, fields
, TAP_IDLE
);
240 retval
= jtag_execute_queue();
241 if (retval
!= ERROR_OK
)
242 LOG_ERROR("%s failed to execute queue", __func__
);
247 static int drscan(struct target
*t
, uint8_t *out
, uint8_t *in
, uint8_t len
)
249 int retval
= ERROR_OK
;
251 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
254 LOG_ERROR("%s invalid target tap", __func__
);
257 if (len
> MAX_SCAN_SIZE
|| 0 == len
) {
259 LOG_ERROR("%s data len is %d bits, max is %d bits",
260 __func__
, len
, MAX_SCAN_SIZE
);
263 struct scan_field
*fields
= &scan
.field
;
264 fields
->out_value
= out
;
265 fields
->in_value
= in
;
266 fields
->num_bits
= len
;
267 jtag_add_dr_scan(x86_32
->curr_tap
, 1, fields
, TAP_IDLE
);
269 retval
= jtag_execute_queue();
270 if (retval
!= ERROR_OK
) {
271 LOG_ERROR("%s drscan failed to execute queue", __func__
);
277 for (int n
= (len
/ 8) - 1 ; n
>= 0; n
--)
278 data
= (data
<< 8) + *(in
+n
);
280 LOG_DEBUG("dr in 0x%02" PRIx8
, *in
);
282 LOG_ERROR("%s no drscan data", __func__
);
288 static int save_context(struct target
*t
)
291 /* read core registers from lakemont sram */
292 err
= read_all_core_hw_regs(t
);
293 if (err
!= ERROR_OK
) {
294 LOG_ERROR("%s error reading regs", __func__
);
300 static int restore_context(struct target
*t
)
304 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
306 /* write core regs into the core PM SRAM from the reg_cache */
307 err
= write_all_core_hw_regs(t
);
308 if (err
!= ERROR_OK
) {
309 LOG_ERROR("%s error writing regs", __func__
);
313 for (i
= 0; i
< (x86_32
->cache
->num_regs
); i
++) {
314 x86_32
->cache
->reg_list
[i
].dirty
= false;
315 x86_32
->cache
->reg_list
[i
].valid
= false;
321 * we keep reg_cache in sync with hardware at halt/resume time, we avoid
322 * writing to real hardware here because pm_regs reflects the hardware
323 * while we are halted then reg_cache syncs with hw on resume
324 * TODO - in order for "reg eip force" to work it assume get/set reads
325 * and writes from hardware, may be other reasons also because generally
326 * other openocd targets read/write from hardware in get/set - watch this!
328 static int lakemont_get_core_reg(struct reg
*reg
)
330 int retval
= ERROR_OK
;
331 struct lakemont_core_reg
*lakemont_reg
= reg
->arch_info
;
332 struct target
*t
= lakemont_reg
->target
;
333 if (check_not_halted(t
))
334 return ERROR_TARGET_NOT_HALTED
;
335 LOG_DEBUG("reg=%s, value=0x%08" PRIx32
, reg
->name
,
336 buf_get_u32(reg
->value
, 0, 32));
340 static int lakemont_set_core_reg(struct reg
*reg
, uint8_t *buf
)
342 struct lakemont_core_reg
*lakemont_reg
= reg
->arch_info
;
343 struct target
*t
= lakemont_reg
->target
;
344 uint32_t value
= buf_get_u32(buf
, 0, 32);
345 LOG_DEBUG("reg=%s, newval=0x%08" PRIx32
, reg
->name
, value
);
346 if (check_not_halted(t
))
347 return ERROR_TARGET_NOT_HALTED
;
348 buf_set_u32(reg
->value
, 0, 32, value
);
354 static const struct reg_arch_type lakemont_reg_type
= {
355 /* these get called if reg_cache doesn't have a "valid" value
356 * of an individual reg eg "reg eip" but not for "reg" block
358 .get
= lakemont_get_core_reg
,
359 .set
= lakemont_set_core_reg
,
362 struct reg_cache
*lakemont_build_reg_cache(struct target
*t
)
364 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
365 int num_regs
= ARRAY_SIZE(regs
);
366 struct reg_cache
**cache_p
= register_get_last_cache_p(&t
->reg_cache
);
367 struct reg_cache
*cache
= malloc(sizeof(struct reg_cache
));
368 struct reg
*reg_list
= calloc(num_regs
, sizeof(struct reg
));
369 struct lakemont_core_reg
*arch_info
= malloc(sizeof(struct lakemont_core_reg
) * num_regs
);
370 struct reg_feature
*feature
;
373 if (!cache
|| !reg_list
|| !arch_info
) {
377 LOG_ERROR("%s out of memory", __func__
);
381 /* Build the process context cache */
382 cache
->name
= "lakemont registers";
384 cache
->reg_list
= reg_list
;
385 cache
->num_regs
= num_regs
;
387 x86_32
->cache
= cache
;
389 for (i
= 0; i
< num_regs
; i
++) {
390 arch_info
[i
].target
= t
;
391 arch_info
[i
].x86_32_common
= x86_32
;
392 arch_info
[i
].op
= regs
[i
].op
;
393 arch_info
[i
].pm_idx
= regs
[i
].pm_idx
;
394 reg_list
[i
].name
= regs
[i
].name
;
395 reg_list
[i
].size
= 32;
396 reg_list
[i
].value
= calloc(1, 4);
397 reg_list
[i
].dirty
= false;
398 reg_list
[i
].valid
= false;
399 reg_list
[i
].type
= &lakemont_reg_type
;
400 reg_list
[i
].arch_info
= &arch_info
[i
];
402 reg_list
[i
].group
= regs
[i
].group
;
403 reg_list
[i
].number
= i
;
404 reg_list
[i
].exist
= true;
405 reg_list
[i
].caller_save
= true; /* gdb defaults to true */
407 feature
= calloc(1, sizeof(struct reg_feature
));
409 feature
->name
= regs
[i
].feature
;
410 reg_list
[i
].feature
= feature
;
412 LOG_ERROR("%s unable to allocate feature list", __func__
);
414 reg_list
[i
].reg_data_type
= calloc(1, sizeof(struct reg_data_type
));
415 if (reg_list
[i
].reg_data_type
)
416 reg_list
[i
].reg_data_type
->type
= regs
[i
].type
;
418 LOG_ERROR("%s unable to allocate reg type list", __func__
);
423 static uint32_t get_tapstatus(struct target
*t
)
425 scan
.out
[0] = TAPSTATUS
;
426 if (irscan(t
, scan
.out
, NULL
, LMT_IRLEN
) != ERROR_OK
)
428 if (drscan(t
, NULL
, scan
.out
, TS_SIZE
) != ERROR_OK
)
430 return buf_get_u32(scan
.out
, 0, 32);
433 static int enter_probemode(struct target
*t
)
435 uint32_t tapstatus
= 0;
438 tapstatus
= get_tapstatus(t
);
439 LOG_DEBUG("TS before PM enter = 0x%08" PRIx32
, tapstatus
);
440 if (tapstatus
& TS_PM_BIT
) {
441 LOG_DEBUG("core already in probemode");
444 scan
.out
[0] = PROBEMODE
;
445 if (irscan(t
, scan
.out
, NULL
, LMT_IRLEN
) != ERROR_OK
)
448 if (drscan(t
, scan
.out
, scan
.in
, 1) != ERROR_OK
)
452 tapstatus
= get_tapstatus(t
);
453 LOG_DEBUG("TS after PM enter = 0x%08" PRIx32
, tapstatus
);
454 if ((tapstatus
& TS_PM_BIT
) && (!(tapstatus
& TS_EN_PM_BIT
)))
458 LOG_ERROR("%s PM enter error, tapstatus = 0x%08" PRIx32
459 , __func__
, tapstatus
);
463 static int exit_probemode(struct target
*t
)
465 uint32_t tapstatus
= get_tapstatus(t
);
466 LOG_DEBUG("TS before PM exit = 0x%08" PRIx32
, tapstatus
);
468 if (!(tapstatus
& TS_PM_BIT
)) {
469 LOG_USER("core not in PM");
472 scan
.out
[0] = PROBEMODE
;
473 if (irscan(t
, scan
.out
, NULL
, LMT_IRLEN
) != ERROR_OK
)
476 if (drscan(t
, scan
.out
, scan
.in
, 1) != ERROR_OK
)
481 /* do whats needed to properly enter probemode for debug on lakemont */
482 static int halt_prep(struct target
*t
)
484 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
485 if (write_hw_reg(t
, DSB
, PM_DSB
, 0) != ERROR_OK
)
487 LOG_DEBUG("write %s 0x%08" PRIx32
, regs
[DSB
].name
, PM_DSB
);
488 if (write_hw_reg(t
, DSL
, PM_DSL
, 0) != ERROR_OK
)
490 LOG_DEBUG("write %s 0x%08" PRIx32
, regs
[DSL
].name
, PM_DSL
);
491 if (write_hw_reg(t
, DSAR
, PM_DSAR
, 0) != ERROR_OK
)
493 LOG_DEBUG("write DSAR 0x%08" PRIx32
, PM_DSAR
);
494 if (write_hw_reg(t
, CSB
, PM_DSB
, 0) != ERROR_OK
)
496 LOG_DEBUG("write %s 0x%08" PRIx32
, regs
[CSB
].name
, PM_DSB
);
497 if (write_hw_reg(t
, CSL
, PM_DSL
, 0) != ERROR_OK
)
499 LOG_DEBUG("write %s 0x%08" PRIx32
, regs
[CSL
].name
, PM_DSL
);
500 if (write_hw_reg(t
, DR7
, PM_DR7
, 0) != ERROR_OK
)
502 LOG_DEBUG("write DR7 0x%08" PRIx32
, PM_DR7
);
504 uint32_t eflags
= buf_get_u32(x86_32
->cache
->reg_list
[EFLAGS
].value
, 0, 32);
505 uint32_t csar
= buf_get_u32(x86_32
->cache
->reg_list
[CSAR
].value
, 0, 32);
506 uint32_t ssar
= buf_get_u32(x86_32
->cache
->reg_list
[SSAR
].value
, 0, 32);
507 uint32_t cr0
= buf_get_u32(x86_32
->cache
->reg_list
[CR0
].value
, 0, 32);
509 /* clear VM86 and IF bits if they are set */
510 LOG_DEBUG("EFLAGS = 0x%08" PRIx32
", VM86 = %d, IF = %d", eflags
,
511 eflags
& EFLAGS_VM86
? 1 : 0,
512 eflags
& EFLAGS_IF
? 1 : 0);
513 if ((eflags
& EFLAGS_VM86
) || (eflags
& EFLAGS_IF
)) {
514 x86_32
->pm_regs
[I(EFLAGS
)] = eflags
& ~(EFLAGS_VM86
| EFLAGS_IF
);
515 if (write_hw_reg(t
, EFLAGS
, x86_32
->pm_regs
[I(EFLAGS
)], 0) != ERROR_OK
)
517 LOG_DEBUG("EFLAGS now = 0x%08" PRIx32
", VM86 = %d, IF = %d",
518 x86_32
->pm_regs
[I(EFLAGS
)],
519 x86_32
->pm_regs
[I(EFLAGS
)] & EFLAGS_VM86
? 1 : 0,
520 x86_32
->pm_regs
[I(EFLAGS
)] & EFLAGS_IF
? 1 : 0);
523 /* set CPL to 0 for memory access */
524 if (csar
& CSAR_DPL
) {
525 x86_32
->pm_regs
[I(CSAR
)] = csar
& ~CSAR_DPL
;
526 if (write_hw_reg(t
, CSAR
, x86_32
->pm_regs
[I(CSAR
)], 0) != ERROR_OK
)
528 LOG_DEBUG("write CSAR_CPL to 0 0x%08" PRIx32
, x86_32
->pm_regs
[I(CSAR
)]);
530 if (ssar
& SSAR_DPL
) {
531 x86_32
->pm_regs
[I(SSAR
)] = ssar
& ~SSAR_DPL
;
532 if (write_hw_reg(t
, SSAR
, x86_32
->pm_regs
[I(SSAR
)], 0) != ERROR_OK
)
534 LOG_DEBUG("write SSAR_CPL to 0 0x%08" PRIx32
, x86_32
->pm_regs
[I(SSAR
)]);
537 /* if cache's are enabled, disable and flush, depending on the core version */
538 if (!(x86_32
->core_type
== LMT3_5
) && !(cr0
& CR0_CD
)) {
539 LOG_DEBUG("caching enabled CR0 = 0x%08" PRIx32
, cr0
);
541 x86_32
->pm_regs
[I(CR0
)] = cr0
& ~CR0_PG
;
542 if (write_hw_reg(t
, CR0
, x86_32
->pm_regs
[I(CR0
)], 0) != ERROR_OK
)
544 LOG_DEBUG("cleared paging CR0_PG = 0x%08" PRIx32
, x86_32
->pm_regs
[I(CR0
)]);
545 /* submit wbinvd to flush cache */
546 if (submit_reg_pir(t
, WBINVD
) != ERROR_OK
)
548 x86_32
->pm_regs
[I(CR0
)] =
549 x86_32
->pm_regs
[I(CR0
)] | (CR0_CD
| CR0_NW
| CR0_PG
);
550 if (write_hw_reg(t
, CR0
, x86_32
->pm_regs
[I(CR0
)], 0) != ERROR_OK
)
552 LOG_DEBUG("set CD, NW and PG, CR0 = 0x%08" PRIx32
, x86_32
->pm_regs
[I(CR0
)]);
558 static int do_halt(struct target
*t
)
560 /* needs proper handling later if doing a halt errors out */
561 t
->state
= TARGET_DEBUG_RUNNING
;
562 if (enter_probemode(t
) != ERROR_OK
)
565 return lakemont_update_after_probemode_entry(t
);
568 /* we need to expose the update to be able to complete the reset at SoC level */
569 int lakemont_update_after_probemode_entry(struct target
*t
)
571 if (save_context(t
) != ERROR_OK
)
573 if (halt_prep(t
) != ERROR_OK
)
575 t
->state
= TARGET_HALTED
;
577 return target_call_event_callbacks(t
, TARGET_EVENT_HALTED
);
580 static int do_resume(struct target
*t
)
582 /* needs proper handling later */
583 t
->state
= TARGET_DEBUG_RUNNING
;
584 if (restore_context(t
) != ERROR_OK
)
586 if (exit_probemode(t
) != ERROR_OK
)
588 t
->state
= TARGET_RUNNING
;
590 t
->debug_reason
= DBG_REASON_NOTHALTED
;
591 LOG_USER("target running");
593 return target_call_event_callbacks(t
, TARGET_EVENT_RESUMED
);
596 static int read_all_core_hw_regs(struct target
*t
)
601 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
602 for (i
= 0; i
< (x86_32
->cache
->num_regs
); i
++) {
603 if (regs
[i
].pm_idx
== NOT_AVAIL_REG
)
605 err
= read_hw_reg(t
, regs
[i
].id
, ®val
, 1);
606 if (err
!= ERROR_OK
) {
607 LOG_ERROR("%s error saving reg %s",
608 __func__
, x86_32
->cache
->reg_list
[i
].name
);
612 LOG_DEBUG("read_all_core_hw_regs read %u registers ok", i
);
616 static int write_all_core_hw_regs(struct target
*t
)
620 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
621 for (i
= 0; i
< (x86_32
->cache
->num_regs
); i
++) {
622 if (regs
[i
].pm_idx
== NOT_AVAIL_REG
)
624 err
= write_hw_reg(t
, i
, 0, 1);
625 if (err
!= ERROR_OK
) {
626 LOG_ERROR("%s error restoring reg %s",
627 __func__
, x86_32
->cache
->reg_list
[i
].name
);
631 LOG_DEBUG("write_all_core_hw_regs wrote %u registers ok", i
);
635 /* read reg from lakemont core shadow ram, update reg cache if needed */
636 static int read_hw_reg(struct target
*t
, int reg
, uint32_t *regval
, uint8_t cache
)
638 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
639 struct lakemont_core_reg
*arch_info
;
640 arch_info
= x86_32
->cache
->reg_list
[reg
].arch_info
;
641 x86_32
->flush
= 0; /* don't flush scans till we have a batch */
642 if (submit_reg_pir(t
, reg
) != ERROR_OK
)
644 if (submit_instruction_pir(t
, SRAMACCESS
) != ERROR_OK
)
646 if (submit_instruction_pir(t
, SRAM2PDR
) != ERROR_OK
)
649 scan
.out
[0] = RDWRPDR
;
650 if (irscan(t
, scan
.out
, NULL
, LMT_IRLEN
) != ERROR_OK
)
652 if (drscan(t
, NULL
, scan
.out
, PDR_SIZE
) != ERROR_OK
)
655 jtag_add_sleep(DELAY_SUBMITPIR
);
656 *regval
= buf_get_u32(scan
.out
, 0, 32);
658 buf_set_u32(x86_32
->cache
->reg_list
[reg
].value
, 0, 32, *regval
);
659 x86_32
->cache
->reg_list
[reg
].valid
= true;
660 x86_32
->cache
->reg_list
[reg
].dirty
= false;
662 LOG_DEBUG("reg=%s, op=0x%016" PRIx64
", val=0x%08" PRIx32
,
663 x86_32
->cache
->reg_list
[reg
].name
,
669 /* write lakemont core shadow ram reg, update reg cache if needed */
670 static int write_hw_reg(struct target
*t
, int reg
, uint32_t regval
, uint8_t cache
)
672 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
673 struct lakemont_core_reg
*arch_info
;
674 arch_info
= x86_32
->cache
->reg_list
[reg
].arch_info
;
678 regval
= buf_get_u32(x86_32
->cache
->reg_list
[reg
].value
, 0, 32);
679 buf_set_u32(reg_buf
, 0, 32, regval
);
680 LOG_DEBUG("reg=%s, op=0x%016" PRIx64
", val=0x%08" PRIx32
,
681 x86_32
->cache
->reg_list
[reg
].name
,
685 x86_32
->flush
= 0; /* don't flush scans till we have a batch */
686 if (submit_reg_pir(t
, reg
) != ERROR_OK
)
688 if (submit_instruction_pir(t
, SRAMACCESS
) != ERROR_OK
)
690 scan
.out
[0] = RDWRPDR
;
691 if (irscan(t
, scan
.out
, NULL
, LMT_IRLEN
) != ERROR_OK
)
693 if (drscan(t
, reg_buf
, scan
.out
, PDR_SIZE
) != ERROR_OK
)
696 if (submit_instruction_pir(t
, PDR2SRAM
) != ERROR_OK
)
699 /* we are writing from the cache so ensure we reset flags */
701 x86_32
->cache
->reg_list
[reg
].dirty
= false;
702 x86_32
->cache
->reg_list
[reg
].valid
= false;
707 static bool is_paging_enabled(struct target
*t
)
709 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
710 if (x86_32
->pm_regs
[I(CR0
)] & CR0_PG
)
716 static uint8_t get_num_user_regs(struct target
*t
)
718 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
719 return x86_32
->cache
->num_regs
;
721 /* value of the CR0.PG (paging enabled) bit influences memory reads/writes */
722 static int disable_paging(struct target
*t
)
724 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
725 x86_32
->pm_regs
[I(CR0
)] = x86_32
->pm_regs
[I(CR0
)] & ~CR0_PG
;
726 int err
= x86_32
->write_hw_reg(t
, CR0
, x86_32
->pm_regs
[I(CR0
)], 0);
727 if (err
!= ERROR_OK
) {
728 LOG_ERROR("%s error disabling paging", __func__
);
734 static int enable_paging(struct target
*t
)
736 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
737 x86_32
->pm_regs
[I(CR0
)] = (x86_32
->pm_regs
[I(CR0
)] | CR0_PG
);
738 int err
= x86_32
->write_hw_reg(t
, CR0
, x86_32
->pm_regs
[I(CR0
)], 0);
739 if (err
!= ERROR_OK
) {
740 LOG_ERROR("%s error enabling paging", __func__
);
746 static bool sw_bpts_supported(struct target
*t
)
748 uint32_t tapstatus
= get_tapstatus(t
);
749 if (tapstatus
& TS_SBP_BIT
)
755 static int transaction_status(struct target
*t
)
757 uint32_t tapstatus
= get_tapstatus(t
);
758 if ((TS_EN_PM_BIT
| TS_PRDY_BIT
) & tapstatus
) {
759 LOG_ERROR("%s transaction error tapstatus = 0x%08" PRIx32
760 , __func__
, tapstatus
);
767 static int submit_instruction(struct target
*t
, int num
)
769 int err
= submit_instruction_pir(t
, num
);
770 if (err
!= ERROR_OK
) {
771 LOG_ERROR("%s error submitting pir", __func__
);
777 static int submit_reg_pir(struct target
*t
, int num
)
779 LOG_DEBUG("reg %s op=0x%016" PRIx64
, regs
[num
].name
, regs
[num
].op
);
780 int err
= submit_pir(t
, regs
[num
].op
);
781 if (err
!= ERROR_OK
) {
782 LOG_ERROR("%s error submitting pir", __func__
);
788 static int submit_instruction_pir(struct target
*t
, int num
)
790 LOG_DEBUG("%s op=0x%016" PRIx64
, instructions
[num
].name
,
791 instructions
[num
].op
);
792 int err
= submit_pir(t
, instructions
[num
].op
);
793 if (err
!= ERROR_OK
) {
794 LOG_ERROR("%s error submitting pir", __func__
);
801 * PIR (Probe Mode Instruction Register), SUBMITPIR is an "IR only" TAP
802 * command; there is no corresponding data register
804 static int submit_pir(struct target
*t
, uint64_t op
)
806 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
809 buf_set_u64(op_buf
, 0, 64, op
);
810 int flush
= x86_32
->flush
;
813 if (irscan(t
, scan
.out
, NULL
, LMT_IRLEN
) != ERROR_OK
)
815 if (drscan(t
, op_buf
, scan
.out
, PIR_SIZE
) != ERROR_OK
)
817 scan
.out
[0] = SUBMITPIR
;
818 x86_32
->flush
= flush
;
819 if (irscan(t
, scan
.out
, NULL
, LMT_IRLEN
) != ERROR_OK
)
821 jtag_add_sleep(DELAY_SUBMITPIR
);
825 int lakemont_init_target(struct command_context
*cmd_ctx
, struct target
*t
)
827 lakemont_build_reg_cache(t
);
828 t
->state
= TARGET_RUNNING
;
829 t
->debug_reason
= DBG_REASON_NOTHALTED
;
833 int lakemont_init_arch_info(struct target
*t
, struct x86_32_common
*x86_32
)
835 x86_32
->submit_instruction
= submit_instruction
;
836 x86_32
->transaction_status
= transaction_status
;
837 x86_32
->read_hw_reg
= read_hw_reg
;
838 x86_32
->write_hw_reg
= write_hw_reg
;
839 x86_32
->sw_bpts_supported
= sw_bpts_supported
;
840 x86_32
->get_num_user_regs
= get_num_user_regs
;
841 x86_32
->is_paging_enabled
= is_paging_enabled
;
842 x86_32
->disable_paging
= disable_paging
;
843 x86_32
->enable_paging
= enable_paging
;
847 int lakemont_poll(struct target
*t
)
849 /* LMT1 PMCR register currently allows code breakpoints, data breakpoints,
850 * single stepping and shutdowns to be redirected to PM but does not allow
851 * redirecting into PM as a result of SMM enter and SMM exit
853 uint32_t ts
= get_tapstatus(t
);
855 if (ts
== 0xFFFFFFFF && t
->state
!= TARGET_DEBUG_RUNNING
) {
856 /* something is wrong here */
857 LOG_ERROR("tapstatus invalid - scan_chain serialization or locked JTAG access issues");
858 /* TODO: Give a hint that unlocking is wrong or maybe a
859 * 'jtag arp_init' helps
861 t
->state
= TARGET_DEBUG_RUNNING
;
865 if (t
->state
== TARGET_HALTED
&& (!(ts
& TS_PM_BIT
))) {
866 LOG_INFO("target running for unknown reason");
867 t
->state
= TARGET_RUNNING
;
870 if (t
->state
== TARGET_RUNNING
&&
871 t
->state
!= TARGET_DEBUG_RUNNING
) {
873 if ((ts
& TS_PM_BIT
) && (ts
& TS_PMCR_BIT
)) {
875 LOG_DEBUG("redirect to PM, tapstatus=0x%08" PRIx32
, get_tapstatus(t
));
877 t
->state
= TARGET_DEBUG_RUNNING
;
878 if (save_context(t
) != ERROR_OK
)
880 if (halt_prep(t
) != ERROR_OK
)
882 t
->state
= TARGET_HALTED
;
883 t
->debug_reason
= DBG_REASON_UNDEFINED
;
885 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
886 uint32_t eip
= buf_get_u32(x86_32
->cache
->reg_list
[EIP
].value
, 0, 32);
887 uint32_t dr6
= buf_get_u32(x86_32
->cache
->reg_list
[DR6
].value
, 0, 32);
888 uint32_t hwbreakpoint
= (uint32_t)-1;
890 if (dr6
& DR6_BRKDETECT_0
)
892 if (dr6
& DR6_BRKDETECT_1
)
894 if (dr6
& DR6_BRKDETECT_2
)
896 if (dr6
& DR6_BRKDETECT_3
)
899 if (hwbreakpoint
!= (uint32_t)-1) {
900 uint32_t dr7
= buf_get_u32(x86_32
->cache
->reg_list
[DR7
].value
, 0, 32);
901 uint32_t type
= dr7
& (0x03 << (DR7_RW_SHIFT
+ hwbreakpoint
*DR7_RW_LEN_SIZE
));
902 if (type
== DR7_BP_EXECUTE
) {
903 LOG_USER("hit hardware breakpoint (hwreg=%" PRIu32
") at 0x%08" PRIx32
, hwbreakpoint
, eip
);
905 uint32_t address
= 0;
906 switch (hwbreakpoint
) {
909 address
= buf_get_u32(x86_32
->cache
->reg_list
[DR0
].value
, 0, 32);
912 address
= buf_get_u32(x86_32
->cache
->reg_list
[DR1
].value
, 0, 32);
915 address
= buf_get_u32(x86_32
->cache
->reg_list
[DR2
].value
, 0, 32);
918 address
= buf_get_u32(x86_32
->cache
->reg_list
[DR3
].value
, 0, 32);
921 LOG_USER("hit '%s' watchpoint for 0x%08" PRIx32
" (hwreg=%" PRIu32
") at 0x%08" PRIx32
,
922 type
== DR7_BP_WRITE
? "write" : "access", address
,
925 t
->debug_reason
= DBG_REASON_BREAKPOINT
;
927 /* Check if the target hit a software breakpoint.
928 * ! Watch out: EIP is currently pointing after the breakpoint opcode
930 struct breakpoint
*bp
= NULL
;
931 bp
= breakpoint_find(t
, eip
-1);
933 t
->debug_reason
= DBG_REASON_BREAKPOINT
;
934 if (bp
->type
== BKPT_SOFT
) {
935 /* The EIP is now pointing the next byte after the
936 * breakpoint instruction. This needs to be corrected.
938 buf_set_u32(x86_32
->cache
->reg_list
[EIP
].value
, 0, 32, eip
-1);
939 x86_32
->cache
->reg_list
[EIP
].dirty
= true;
940 x86_32
->cache
->reg_list
[EIP
].valid
= true;
941 LOG_USER("hit software breakpoint at 0x%08" PRIx32
, eip
-1);
943 /* it's not a hardware breakpoint (checked already in DR6 state)
944 * and it's also not a software breakpoint ...
946 LOG_USER("hit unknown breakpoint at 0x%08" PRIx32
, eip
);
950 /* There is also the case that we hit an breakpoint instruction,
951 * which was not set by us. This needs to be handled be the
952 * application that introduced the breakpoint.
955 LOG_USER("unknown break reason at 0x%08" PRIx32
, eip
);
959 return target_call_event_callbacks(t
, TARGET_EVENT_HALTED
);
966 int lakemont_arch_state(struct target
*t
)
968 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
970 LOG_USER("target halted due to %s at 0x%08" PRIx32
" in %s mode",
971 debug_reason_name(t
),
972 buf_get_u32(x86_32
->cache
->reg_list
[EIP
].value
, 0, 32),
973 (buf_get_u32(x86_32
->cache
->reg_list
[CR0
].value
, 0, 32) & CR0_PE
) ? "protected" : "real");
978 int lakemont_halt(struct target
*t
)
980 if (t
->state
== TARGET_RUNNING
) {
981 t
->debug_reason
= DBG_REASON_DBGRQ
;
982 if (do_halt(t
) != ERROR_OK
)
986 LOG_ERROR("%s target not running", __func__
);
991 int lakemont_resume(struct target
*t
, int current
, target_addr_t address
,
992 int handle_breakpoints
, int debug_execution
)
994 struct breakpoint
*bp
= NULL
;
995 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
997 if (check_not_halted(t
))
998 return ERROR_TARGET_NOT_HALTED
;
999 /* TODO lakemont_enable_breakpoints(t); */
1000 if (t
->state
== TARGET_HALTED
) {
1002 /* running away for a software breakpoint needs some special handling */
1003 uint32_t eip
= buf_get_u32(x86_32
->cache
->reg_list
[EIP
].value
, 0, 32);
1004 bp
= breakpoint_find(t
, eip
);
1005 if (bp
/*&& bp->type == BKPT_SOFT*/) {
1006 /* the step will step over the breakpoint */
1007 if (lakemont_step(t
, 0, 0, 1) != ERROR_OK
) {
1008 LOG_ERROR("%s stepping over a software breakpoint at 0x%08" PRIx32
" "
1009 "failed to resume the target", __func__
, eip
);
1014 /* if breakpoints are enabled, we need to redirect these into probe mode */
1015 struct breakpoint
*activeswbp
= t
->breakpoints
;
1016 while (activeswbp
&& !activeswbp
->is_set
)
1017 activeswbp
= activeswbp
->next
;
1018 struct watchpoint
*activehwbp
= t
->watchpoints
;
1019 while (activehwbp
&& !activehwbp
->is_set
)
1020 activehwbp
= activehwbp
->next
;
1021 if (activeswbp
|| activehwbp
)
1022 buf_set_u32(x86_32
->cache
->reg_list
[PMCR
].value
, 0, 32, 1);
1023 if (do_resume(t
) != ERROR_OK
)
1026 LOG_USER("target not halted");
1032 int lakemont_step(struct target
*t
, int current
,
1033 target_addr_t address
, int handle_breakpoints
)
1035 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
1036 uint32_t eflags
= buf_get_u32(x86_32
->cache
->reg_list
[EFLAGS
].value
, 0, 32);
1037 uint32_t eip
= buf_get_u32(x86_32
->cache
->reg_list
[EIP
].value
, 0, 32);
1038 uint32_t pmcr
= buf_get_u32(x86_32
->cache
->reg_list
[PMCR
].value
, 0, 32);
1039 struct breakpoint
*bp
= NULL
;
1040 int retval
= ERROR_OK
;
1041 uint32_t tapstatus
= 0;
1043 if (check_not_halted(t
))
1044 return ERROR_TARGET_NOT_HALTED
;
1045 bp
= breakpoint_find(t
, eip
);
1046 if (retval
== ERROR_OK
&& bp
/*&& bp->type == BKPT_SOFT*/) {
1047 /* TODO: This should only be done for software breakpoints.
1048 * Stepping from hardware breakpoints should be possible with the resume flag
1051 retval
= x86_32_common_remove_breakpoint(t
, bp
);
1054 /* Set EFLAGS[TF] and PMCR[IR], exit pm and wait for PRDY# */
1055 LOG_DEBUG("modifying PMCR = 0x%08" PRIx32
" and EFLAGS = 0x%08" PRIx32
, pmcr
, eflags
);
1056 eflags
= eflags
| (EFLAGS_TF
| EFLAGS_RF
);
1057 buf_set_u32(x86_32
->cache
->reg_list
[EFLAGS
].value
, 0, 32, eflags
);
1058 buf_set_u32(x86_32
->cache
->reg_list
[PMCR
].value
, 0, 32, 1);
1059 LOG_DEBUG("EFLAGS [TF] [RF] bits set=0x%08" PRIx32
", PMCR=0x%08" PRIx32
", EIP=0x%08" PRIx32
,
1062 /* Returned value unused. Can this line be removed? */
1065 t
->debug_reason
= DBG_REASON_SINGLESTEP
;
1066 t
->state
= TARGET_DEBUG_RUNNING
;
1067 if (restore_context(t
) != ERROR_OK
)
1069 if (exit_probemode(t
) != ERROR_OK
)
1072 target_call_event_callbacks(t
, TARGET_EVENT_RESUMED
);
1074 tapstatus
= get_tapstatus(t
);
1075 if (tapstatus
& (TS_PM_BIT
| TS_EN_PM_BIT
| TS_PRDY_BIT
| TS_PMCR_BIT
)) {
1076 /* target has stopped */
1077 if (save_context(t
) != ERROR_OK
)
1079 if (halt_prep(t
) != ERROR_OK
)
1081 t
->state
= TARGET_HALTED
;
1083 LOG_USER("step done from EIP 0x%08" PRIx32
" to 0x%08" PRIx32
, eip
,
1084 buf_get_u32(x86_32
->cache
->reg_list
[EIP
].value
, 0, 32));
1085 target_call_event_callbacks(t
, TARGET_EVENT_HALTED
);
1087 /* target didn't stop
1088 * I hope the poll() will catch it, but the deleted breakpoint is gone
1090 LOG_ERROR("%s target didn't stop after executing a single step", __func__
);
1091 t
->state
= TARGET_RUNNING
;
1095 /* try to re-apply the breakpoint, even of step failed
1096 * TODO: When a bp was set, we should try to stop the target - fix the return above
1098 if (bp
/*&& bp->type == BKPT_SOFT*/) {
1099 /* TODO: This should only be done for software breakpoints.
1100 * Stepping from hardware breakpoints should be possible with the resume flag
1103 retval
= x86_32_common_add_breakpoint(t
, bp
);
1109 static int lakemont_reset_break(struct target
*t
)
1111 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
1112 struct jtag_tap
*saved_tap
= x86_32
->curr_tap
;
1113 struct scan_field
*fields
= &scan
.field
;
1115 int retval
= ERROR_OK
;
1117 LOG_DEBUG("issuing port 0xcf9 reset");
1119 /* prepare resetbreak setting the proper bits in CLTAPC_CPU_VPREQ */
1120 x86_32
->curr_tap
= jtag_tap_by_position(1);
1121 if (!x86_32
->curr_tap
) {
1122 x86_32
->curr_tap
= saved_tap
;
1123 LOG_ERROR("%s could not select quark_x10xx.cltap", __func__
);
1127 fields
->in_value
= NULL
;
1128 fields
->num_bits
= 8;
1130 /* select CLTAPC_CPU_VPREQ instruction*/
1132 fields
->out_value
= ((uint8_t *)scan
.out
);
1133 jtag_add_ir_scan(x86_32
->curr_tap
, fields
, TAP_IDLE
);
1134 retval
= jtag_execute_queue();
1135 if (retval
!= ERROR_OK
) {
1136 x86_32
->curr_tap
= saved_tap
;
1137 LOG_ERROR("%s irscan failed to execute queue", __func__
);
1141 /* set enable_preq_on_reset & enable_preq_on_reset2 bits*/
1143 fields
->out_value
= ((uint8_t *)scan
.out
);
1144 jtag_add_dr_scan(x86_32
->curr_tap
, 1, fields
, TAP_IDLE
);
1145 retval
= jtag_execute_queue();
1146 if (retval
!= ERROR_OK
) {
1147 LOG_ERROR("%s drscan failed to execute queue", __func__
);
1148 x86_32
->curr_tap
= saved_tap
;
1152 /* restore current tap */
1153 x86_32
->curr_tap
= saved_tap
;
1159 * If we ever get an adapter with support for PREQ# and PRDY#, we should
1160 * update this function to add support for using those two signals.
1162 * Meanwhile, we're assuming that we only support reset break.
1164 int lakemont_reset_assert(struct target
*t
)
1166 struct x86_32_common
*x86_32
= target_to_x86_32(t
);
1167 /* write 0x6 to I/O port 0xcf9 to cause the reset */
1168 uint8_t cf9_reset_val
= 0x6;
1173 if (t
->state
!= TARGET_HALTED
) {
1174 LOG_DEBUG("target must be halted first");
1175 retval
= lakemont_halt(t
);
1176 if (retval
!= ERROR_OK
) {
1177 LOG_ERROR("could not halt target");
1180 x86_32
->forced_halt_for_reset
= true;
1183 if (t
->reset_halt
) {
1184 retval
= lakemont_reset_break(t
);
1185 if (retval
!= ERROR_OK
)
1189 retval
= x86_32_common_write_io(t
, 0xcf9, BYTE
, &cf9_reset_val
);
1190 if (retval
!= ERROR_OK
) {
1191 LOG_ERROR("could not write to port 0xcf9");
1195 if (!t
->reset_halt
&& x86_32
->forced_halt_for_reset
) {
1196 x86_32
->forced_halt_for_reset
= false;
1197 retval
= lakemont_resume(t
, true, 0x00, false, true);
1198 if (retval
!= ERROR_OK
)
1202 /* remove breakpoints and watchpoints */
1203 x86_32_common_reset_breakpoints_watchpoints(t
);
1208 int lakemont_reset_deassert(struct target
*t
)
1214 if (target_was_examined(t
)) {
1215 retval
= lakemont_poll(t
);
1216 if (retval
!= ERROR_OK
)
1220 if (t
->reset_halt
) {
1221 /* entered PM after reset, update the state */
1222 retval
= lakemont_update_after_probemode_entry(t
);
1223 if (retval
!= ERROR_OK
) {
1224 LOG_ERROR("could not update state after probemode entry");
1228 if (t
->state
!= TARGET_HALTED
) {
1229 LOG_WARNING("%s: ran after reset and before halt ...",
1231 if (target_was_examined(t
)) {
1232 retval
= target_halt(t
);
1233 if (retval
!= ERROR_OK
)
1236 t
->state
= TARGET_UNKNOWN
;