You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1426 lines
36 KiB

  1. /***************************************************************************
  2. * Copyright (C) 2008 digenius technology GmbH. *
  3. * Michael Bruck *
  4. * *
  5. * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
  6. * *
  7. * Copyright (C) 2008 Georg Acher <acher@in.tum.de> *
  8. * *
  9. * Copyright (C) 2009 David Brownell *
  10. * *
  11. * This program is free software; you can redistribute it and/or modify *
  12. * it under the terms of the GNU General Public License as published by *
  13. * the Free Software Foundation; either version 2 of the License, or *
  14. * (at your option) any later version. *
  15. * *
  16. * This program is distributed in the hope that it will be useful, *
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of *
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
  19. * GNU General Public License for more details. *
  20. * *
  21. * You should have received a copy of the GNU General Public License *
  22. * along with this program; if not, write to the *
  23. * Free Software Foundation, Inc., *
  24. * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
  25. ***************************************************************************/
  26. #ifdef HAVE_CONFIG_H
  27. #include "config.h"
  28. #endif
  29. #include "etm.h"
  30. #include "breakpoints.h"
  31. #include "arm11_dbgtap.h"
  32. #include "arm_simulator.h"
  33. #include <helper/time_support.h>
  34. #include "target_type.h"
  35. #include "algorithm.h"
  36. #include "register.h"
  37. #include "arm_opcodes.h"
  38. #if 0
  39. #define _DEBUG_INSTRUCTION_EXECUTION_
  40. #endif
  41. /* FIXME none of these flags should be global to all ARM11 cores!
  42. * Most of them shouldn't exist at all, once the code works...
  43. */
  44. static bool arm11_config_memwrite_burst = true;
  45. static bool arm11_config_memwrite_error_fatal = true;
  46. static uint32_t arm11_vcr = 0;
  47. static bool arm11_config_step_irq_enable = false;
  48. static bool arm11_config_hardware_step = false;
  49. static int arm11_step(struct target *target, int current,
  50. uint32_t address, int handle_breakpoints);
  51. /** Check and if necessary take control of the system
  52. *
  53. * \param arm11 Target state variable.
  54. */
  55. static int arm11_check_init(struct arm11_common *arm11)
  56. {
  57. CHECK_RETVAL(arm11_read_DSCR(arm11));
  58. LOG_DEBUG("DSCR %08x", (unsigned) arm11->dscr);
  59. if (!(arm11->dscr & DSCR_HALT_DBG_MODE))
  60. {
  61. LOG_DEBUG("Bringing target into debug mode");
  62. arm11->dscr |= DSCR_HALT_DBG_MODE;
  63. arm11_write_DSCR(arm11, arm11->dscr);
  64. /* add further reset initialization here */
  65. arm11->simulate_reset_on_next_halt = true;
  66. if (arm11->dscr & DSCR_CORE_HALTED)
  67. {
  68. /** \todo TODO: this needs further scrutiny because
  69. * arm11_debug_entry() never gets called. (WHY NOT?)
  70. * As a result we don't read the actual register states from
  71. * the target.
  72. */
  73. arm11->arm.target->state = TARGET_HALTED;
  74. arm_dpm_report_dscr(arm11->arm.dpm, arm11->dscr);
  75. }
  76. else
  77. {
  78. arm11->arm.target->state = TARGET_RUNNING;
  79. arm11->arm.target->debug_reason = DBG_REASON_NOTHALTED;
  80. }
  81. arm11_sc7_clear_vbw(arm11);
  82. }
  83. return ERROR_OK;
  84. }
  85. /**
  86. * Save processor state. This is called after a HALT instruction
  87. * succeeds, and on other occasions the processor enters debug mode
  88. * (breakpoint, watchpoint, etc). Caller has updated arm11->dscr.
  89. */
  90. static int arm11_debug_entry(struct arm11_common *arm11)
  91. {
  92. int retval;
  93. arm11->arm.target->state = TARGET_HALTED;
  94. arm_dpm_report_dscr(arm11->arm.dpm, arm11->dscr);
  95. /* REVISIT entire cache should already be invalid !!! */
  96. register_cache_invalidate(arm11->arm.core_cache);
  97. /* See e.g. ARM1136 TRM, "14.8.4 Entering Debug state" */
  98. /* maybe save wDTR (pending DCC write to debug SW, e.g. libdcc) */
  99. arm11->is_wdtr_saved = !!(arm11->dscr & DSCR_DTR_TX_FULL);
  100. if (arm11->is_wdtr_saved)
  101. {
  102. arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
  103. arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
  104. struct scan_field chain5_fields[3];
  105. arm11_setup_field(arm11, 32, NULL,
  106. &arm11->saved_wdtr, chain5_fields + 0);
  107. arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 1);
  108. arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
  109. arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
  110. }
  111. /* DSCR: set the Execute ARM instruction enable bit.
  112. *
  113. * ARM1176 spec says this is needed only for wDTR/rDTR's "ITR mode",
  114. * but not to issue ITRs(?). The ARMv7 arch spec says it's required
  115. * for executing instructions via ITR.
  116. */
  117. arm11_write_DSCR(arm11, DSCR_ITR_EN | arm11->dscr);
  118. /* From the spec:
  119. Before executing any instruction in debug state you have to drain the write buffer.
  120. This ensures that no imprecise Data Aborts can return at a later point:*/
  121. /** \todo TODO: Test drain write buffer. */
  122. #if 0
  123. while (1)
  124. {
  125. /* MRC p14,0,R0,c5,c10,0 */
  126. // arm11_run_instr_no_data1(arm11, /*0xee150e1a*/0xe320f000);
  127. /* mcr 15, 0, r0, cr7, cr10, {4} */
  128. arm11_run_instr_no_data1(arm11, 0xee070f9a);
  129. uint32_t dscr = arm11_read_DSCR(arm11);
  130. LOG_DEBUG("DRAIN, DSCR %08x", dscr);
  131. if (dscr & ARM11_DSCR_STICKY_IMPRECISE_DATA_ABORT)
  132. {
  133. arm11_run_instr_no_data1(arm11, 0xe320f000);
  134. dscr = arm11_read_DSCR(arm11);
  135. LOG_DEBUG("DRAIN, DSCR %08x (DONE)", dscr);
  136. break;
  137. }
  138. }
  139. #endif
  140. /* Save registers.
  141. *
  142. * NOTE: ARM1136 TRM suggests saving just R0 here now, then
  143. * CPSR and PC after the rDTR stuff. We do it all at once.
  144. */
  145. retval = arm_dpm_read_current_registers(&arm11->dpm);
  146. if (retval != ERROR_OK)
  147. LOG_ERROR("DPM REG READ -- fail %d", retval);
  148. retval = arm11_run_instr_data_prepare(arm11);
  149. if (retval != ERROR_OK)
  150. return retval;
  151. /* maybe save rDTR (pending DCC read from debug SW, e.g. libdcc) */
  152. arm11->is_rdtr_saved = !!(arm11->dscr & DSCR_DTR_RX_FULL);
  153. if (arm11->is_rdtr_saved)
  154. {
  155. /* MRC p14,0,R0,c0,c5,0 (move rDTR -> r0 (-> wDTR -> local var)) */
  156. retval = arm11_run_instr_data_from_core_via_r0(arm11,
  157. 0xEE100E15, &arm11->saved_rdtr);
  158. if (retval != ERROR_OK)
  159. return retval;
  160. }
  161. /* REVISIT Now that we've saved core state, there's may also
  162. * be MMU and cache state to care about ...
  163. */
  164. if (arm11->simulate_reset_on_next_halt)
  165. {
  166. arm11->simulate_reset_on_next_halt = false;
  167. LOG_DEBUG("Reset c1 Control Register");
  168. /* Write 0 (reset value) to Control register 0 to disable MMU/Cache etc. */
  169. /* MCR p15,0,R0,c1,c0,0 */
  170. retval = arm11_run_instr_data_to_core_via_r0(arm11, 0xee010f10, 0);
  171. if (retval != ERROR_OK)
  172. return retval;
  173. }
  174. if (arm11->arm.target->debug_reason == DBG_REASON_WATCHPOINT) {
  175. uint32_t wfar;
  176. /* MRC p15, 0, <Rd>, c6, c0, 1 ; Read WFAR */
  177. retval = arm11_run_instr_data_from_core_via_r0(arm11,
  178. ARMV4_5_MRC(15, 0, 0, 6, 0, 1),
  179. &wfar);
  180. if (retval != ERROR_OK)
  181. return retval;
  182. arm_dpm_report_wfar(arm11->arm.dpm, wfar);
  183. }
  184. retval = arm11_run_instr_data_finish(arm11);
  185. if (retval != ERROR_OK)
  186. return retval;
  187. return ERROR_OK;
  188. }
  189. /**
  190. * Restore processor state. This is called in preparation for
  191. * the RESTART function.
  192. */
  193. static int arm11_leave_debug_state(struct arm11_common *arm11, bool bpwp)
  194. {
  195. int retval;
  196. /* See e.g. ARM1136 TRM, "14.8.5 Leaving Debug state" */
  197. /* NOTE: the ARM1136 TRM suggests restoring all registers
  198. * except R0/PC/CPSR right now. Instead, we do them all
  199. * at once, just a bit later on.
  200. */
  201. /* REVISIT once we start caring about MMU and cache state,
  202. * address it here ...
  203. */
  204. /* spec says clear wDTR and rDTR; we assume they are clear as
  205. otherwise our programming would be sloppy */
  206. {
  207. CHECK_RETVAL(arm11_read_DSCR(arm11));
  208. if (arm11->dscr & (DSCR_DTR_RX_FULL | DSCR_DTR_TX_FULL))
  209. {
  210. /*
  211. The wDTR/rDTR two registers that are used to send/receive data to/from
  212. the core in tandem with corresponding instruction codes that are
  213. written into the core. The RDTR FULL/WDTR FULL flag indicates that the
  214. registers hold data that was written by one side (CPU or JTAG) and not
  215. read out by the other side.
  216. */
  217. LOG_ERROR("wDTR/rDTR inconsistent (DSCR %08x)",
  218. (unsigned) arm11->dscr);
  219. return ERROR_FAIL;
  220. }
  221. }
  222. /* maybe restore original wDTR */
  223. if (arm11->is_wdtr_saved)
  224. {
  225. retval = arm11_run_instr_data_prepare(arm11);
  226. if (retval != ERROR_OK)
  227. return retval;
  228. /* MCR p14,0,R0,c0,c5,0 */
  229. retval = arm11_run_instr_data_to_core_via_r0(arm11,
  230. 0xee000e15, arm11->saved_wdtr);
  231. if (retval != ERROR_OK)
  232. return retval;
  233. retval = arm11_run_instr_data_finish(arm11);
  234. if (retval != ERROR_OK)
  235. return retval;
  236. }
  237. /* restore CPSR, PC, and R0 ... after flushing any modified
  238. * registers.
  239. */
  240. retval = arm_dpm_write_dirty_registers(&arm11->dpm, bpwp);
  241. retval = arm11_bpwp_flush(arm11);
  242. register_cache_invalidate(arm11->arm.core_cache);
  243. /* restore DSCR */
  244. arm11_write_DSCR(arm11, arm11->dscr);
  245. /* maybe restore rDTR */
  246. if (arm11->is_rdtr_saved)
  247. {
  248. arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
  249. arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
  250. struct scan_field chain5_fields[3];
  251. uint8_t Ready = 0; /* ignored */
  252. uint8_t Valid = 0; /* ignored */
  253. arm11_setup_field(arm11, 32, &arm11->saved_rdtr,
  254. NULL, chain5_fields + 0);
  255. arm11_setup_field(arm11, 1, &Ready, NULL, chain5_fields + 1);
  256. arm11_setup_field(arm11, 1, &Valid, NULL, chain5_fields + 2);
  257. arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
  258. }
  259. /* now processor is ready to RESTART */
  260. return ERROR_OK;
  261. }
  262. /* poll current target status */
  263. static int arm11_poll(struct target *target)
  264. {
  265. int retval;
  266. struct arm11_common *arm11 = target_to_arm11(target);
  267. CHECK_RETVAL(arm11_check_init(arm11));
  268. if (arm11->dscr & DSCR_CORE_HALTED)
  269. {
  270. if (target->state != TARGET_HALTED)
  271. {
  272. enum target_state old_state = target->state;
  273. LOG_DEBUG("enter TARGET_HALTED");
  274. retval = arm11_debug_entry(arm11);
  275. if (retval != ERROR_OK)
  276. return retval;
  277. target_call_event_callbacks(target,
  278. (old_state == TARGET_DEBUG_RUNNING)
  279. ? TARGET_EVENT_DEBUG_HALTED
  280. : TARGET_EVENT_HALTED);
  281. }
  282. }
  283. else
  284. {
  285. if (target->state != TARGET_RUNNING && target->state != TARGET_DEBUG_RUNNING)
  286. {
  287. LOG_DEBUG("enter TARGET_RUNNING");
  288. target->state = TARGET_RUNNING;
  289. target->debug_reason = DBG_REASON_NOTHALTED;
  290. }
  291. }
  292. return ERROR_OK;
  293. }
  294. /* architecture specific status reply */
  295. static int arm11_arch_state(struct target *target)
  296. {
  297. struct arm11_common *arm11 = target_to_arm11(target);
  298. int retval;
  299. retval = arm_arch_state(target);
  300. /* REVISIT also display ARM11-specific MMU and cache status ... */
  301. if (target->debug_reason == DBG_REASON_WATCHPOINT)
  302. LOG_USER("Watchpoint triggered at PC %#08x",
  303. (unsigned) arm11->dpm.wp_pc);
  304. return retval;
  305. }
  306. /* target request support */
  307. static int arm11_target_request_data(struct target *target,
  308. uint32_t size, uint8_t *buffer)
  309. {
  310. LOG_WARNING("Not implemented: %s", __func__);
  311. return ERROR_FAIL;
  312. }
  313. /* target execution control */
  314. static int arm11_halt(struct target *target)
  315. {
  316. struct arm11_common *arm11 = target_to_arm11(target);
  317. LOG_DEBUG("target->state: %s",
  318. target_state_name(target));
  319. if (target->state == TARGET_UNKNOWN)
  320. {
  321. arm11->simulate_reset_on_next_halt = true;
  322. }
  323. if (target->state == TARGET_HALTED)
  324. {
  325. LOG_DEBUG("target was already halted");
  326. return ERROR_OK;
  327. }
  328. arm11_add_IR(arm11, ARM11_HALT, TAP_IDLE);
  329. CHECK_RETVAL(jtag_execute_queue());
  330. int i = 0;
  331. while (1)
  332. {
  333. CHECK_RETVAL(arm11_read_DSCR(arm11));
  334. if (arm11->dscr & DSCR_CORE_HALTED)
  335. break;
  336. long long then = 0;
  337. if (i == 1000)
  338. {
  339. then = timeval_ms();
  340. }
  341. if (i >= 1000)
  342. {
  343. if ((timeval_ms()-then) > 1000)
  344. {
  345. LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
  346. return ERROR_FAIL;
  347. }
  348. }
  349. i++;
  350. }
  351. enum target_state old_state = target->state;
  352. arm11_debug_entry(arm11);
  353. CHECK_RETVAL(
  354. target_call_event_callbacks(target,
  355. old_state == TARGET_DEBUG_RUNNING ? TARGET_EVENT_DEBUG_HALTED : TARGET_EVENT_HALTED));
  356. return ERROR_OK;
  357. }
  358. static uint32_t
  359. arm11_nextpc(struct arm11_common *arm11, int current, uint32_t address)
  360. {
  361. void *value = arm11->arm.core_cache->reg_list[15].value;
  362. if (!current)
  363. buf_set_u32(value, 0, 32, address);
  364. else
  365. address = buf_get_u32(value, 0, 32);
  366. return address;
  367. }
  368. static int arm11_resume(struct target *target, int current,
  369. uint32_t address, int handle_breakpoints, int debug_execution)
  370. {
  371. // LOG_DEBUG("current %d address %08x handle_breakpoints %d debug_execution %d",
  372. // current, address, handle_breakpoints, debug_execution);
  373. struct arm11_common *arm11 = target_to_arm11(target);
  374. LOG_DEBUG("target->state: %s",
  375. target_state_name(target));
  376. if (target->state != TARGET_HALTED)
  377. {
  378. LOG_ERROR("Target not halted");
  379. return ERROR_TARGET_NOT_HALTED;
  380. }
  381. address = arm11_nextpc(arm11, current, address);
  382. LOG_DEBUG("RESUME PC %08" PRIx32 "%s", address, !current ? "!" : "");
  383. /* clear breakpoints/watchpoints and VCR*/
  384. arm11_sc7_clear_vbw(arm11);
  385. if (!debug_execution)
  386. target_free_all_working_areas(target);
  387. /* Set up breakpoints */
  388. if (handle_breakpoints)
  389. {
  390. /* check if one matches PC and step over it if necessary */
  391. struct breakpoint * bp;
  392. for (bp = target->breakpoints; bp; bp = bp->next)
  393. {
  394. if (bp->address == address)
  395. {
  396. LOG_DEBUG("must step over %08" PRIx32 "", bp->address);
  397. arm11_step(target, 1, 0, 0);
  398. break;
  399. }
  400. }
  401. /* set all breakpoints */
  402. unsigned brp_num = 0;
  403. for (bp = target->breakpoints; bp; bp = bp->next)
  404. {
  405. struct arm11_sc7_action brp[2];
  406. brp[0].write = 1;
  407. brp[0].address = ARM11_SC7_BVR0 + brp_num;
  408. brp[0].value = bp->address;
  409. brp[1].write = 1;
  410. brp[1].address = ARM11_SC7_BCR0 + brp_num;
  411. brp[1].value = 0x1 | (3 << 1) | (0x0F << 5) | (0 << 14) | (0 << 16) | (0 << 20) | (0 << 21);
  412. arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp));
  413. LOG_DEBUG("Add BP %d at %08" PRIx32, brp_num,
  414. bp->address);
  415. brp_num++;
  416. }
  417. if (arm11_vcr)
  418. arm11_sc7_set_vcr(arm11, arm11_vcr);
  419. }
  420. arm11_leave_debug_state(arm11, handle_breakpoints);
  421. arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
  422. CHECK_RETVAL(jtag_execute_queue());
  423. int i = 0;
  424. while (1)
  425. {
  426. CHECK_RETVAL(arm11_read_DSCR(arm11));
  427. LOG_DEBUG("DSCR %08x", (unsigned) arm11->dscr);
  428. if (arm11->dscr & DSCR_CORE_RESTARTED)
  429. break;
  430. long long then = 0;
  431. if (i == 1000)
  432. {
  433. then = timeval_ms();
  434. }
  435. if (i >= 1000)
  436. {
  437. if ((timeval_ms()-then) > 1000)
  438. {
  439. LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
  440. return ERROR_FAIL;
  441. }
  442. }
  443. i++;
  444. }
  445. target->debug_reason = DBG_REASON_NOTHALTED;
  446. if (!debug_execution)
  447. target->state = TARGET_RUNNING;
  448. else
  449. target->state = TARGET_DEBUG_RUNNING;
  450. CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_RESUMED));
  451. return ERROR_OK;
  452. }
  453. static int arm11_step(struct target *target, int current,
  454. uint32_t address, int handle_breakpoints)
  455. {
  456. LOG_DEBUG("target->state: %s",
  457. target_state_name(target));
  458. if (target->state != TARGET_HALTED)
  459. {
  460. LOG_WARNING("target was not halted");
  461. return ERROR_TARGET_NOT_HALTED;
  462. }
  463. struct arm11_common *arm11 = target_to_arm11(target);
  464. address = arm11_nextpc(arm11, current, address);
  465. LOG_DEBUG("STEP PC %08" PRIx32 "%s", address, !current ? "!" : "");
  466. /** \todo TODO: Thumb not supported here */
  467. uint32_t next_instruction;
  468. CHECK_RETVAL(arm11_read_memory_word(arm11, address, &next_instruction));
  469. /* skip over BKPT */
  470. if ((next_instruction & 0xFFF00070) == 0xe1200070)
  471. {
  472. address = arm11_nextpc(arm11, 0, address + 4);
  473. LOG_DEBUG("Skipping BKPT");
  474. }
  475. /* skip over Wait for interrupt / Standby */
  476. /* mcr 15, 0, r?, cr7, cr0, {4} */
  477. else if ((next_instruction & 0xFFFF0FFF) == 0xee070f90)
  478. {
  479. address = arm11_nextpc(arm11, 0, address + 4);
  480. LOG_DEBUG("Skipping WFI");
  481. }
  482. /* ignore B to self */
  483. else if ((next_instruction & 0xFEFFFFFF) == 0xeafffffe)
  484. {
  485. LOG_DEBUG("Not stepping jump to self");
  486. }
  487. else
  488. {
  489. /** \todo TODO: check if break-/watchpoints make any sense at all in combination
  490. * with this. */
  491. /** \todo TODO: check if disabling IRQs might be a good idea here. Alternatively
  492. * the VCR might be something worth looking into. */
  493. /* Set up breakpoint for stepping */
  494. struct arm11_sc7_action brp[2];
  495. brp[0].write = 1;
  496. brp[0].address = ARM11_SC7_BVR0;
  497. brp[1].write = 1;
  498. brp[1].address = ARM11_SC7_BCR0;
  499. if (arm11_config_hardware_step)
  500. {
  501. /* Hardware single stepping ("instruction address
  502. * mismatch") is used if enabled. It's not quite
  503. * exactly "run one instruction"; "branch to here"
  504. * loops won't break, neither will some other cases,
  505. * but it's probably the best default.
  506. *
  507. * Hardware single stepping isn't supported on v6
  508. * debug modules. ARM1176 and v7 can support it...
  509. *
  510. * FIXME Thumb stepping likely needs to use 0x03
  511. * or 0xc0 byte masks, not 0x0f.
  512. */
  513. brp[0].value = address;
  514. brp[1].value = 0x1 | (3 << 1) | (0x0F << 5)
  515. | (0 << 14) | (0 << 16) | (0 << 20)
  516. | (2 << 21);
  517. } else
  518. {
  519. /* Sets a breakpoint on the next PC, as calculated
  520. * by instruction set simulation.
  521. *
  522. * REVISIT stepping Thumb on ARM1156 requires Thumb2
  523. * support from the simulator.
  524. */
  525. uint32_t next_pc;
  526. int retval;
  527. retval = arm_simulate_step(target, &next_pc);
  528. if (retval != ERROR_OK)
  529. return retval;
  530. brp[0].value = next_pc;
  531. brp[1].value = 0x1 | (3 << 1) | (0x0F << 5)
  532. | (0 << 14) | (0 << 16) | (0 << 20)
  533. | (0 << 21);
  534. }
  535. CHECK_RETVAL(arm11_sc7_run(arm11, brp, ARRAY_SIZE(brp)));
  536. /* resume */
  537. if (arm11_config_step_irq_enable)
  538. /* this disable should be redundant ... */
  539. arm11->dscr &= ~DSCR_INT_DIS;
  540. else
  541. arm11->dscr |= DSCR_INT_DIS;
  542. CHECK_RETVAL(arm11_leave_debug_state(arm11, handle_breakpoints));
  543. arm11_add_IR(arm11, ARM11_RESTART, TAP_IDLE);
  544. CHECK_RETVAL(jtag_execute_queue());
  545. /* wait for halt */
  546. int i = 0;
  547. while (1)
  548. {
  549. const uint32_t mask = DSCR_CORE_RESTARTED
  550. | DSCR_CORE_HALTED;
  551. CHECK_RETVAL(arm11_read_DSCR(arm11));
  552. LOG_DEBUG("DSCR %08x e", (unsigned) arm11->dscr);
  553. if ((arm11->dscr & mask) == mask)
  554. break;
  555. long long then = 0;
  556. if (i == 1000)
  557. {
  558. then = timeval_ms();
  559. }
  560. if (i >= 1000)
  561. {
  562. if ((timeval_ms()-then) > 1000)
  563. {
  564. LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
  565. return ERROR_FAIL;
  566. }
  567. }
  568. i++;
  569. }
  570. /* clear breakpoint */
  571. arm11_sc7_clear_vbw(arm11);
  572. /* save state */
  573. CHECK_RETVAL(arm11_debug_entry(arm11));
  574. /* restore default state */
  575. arm11->dscr &= ~DSCR_INT_DIS;
  576. }
  577. target->debug_reason = DBG_REASON_SINGLESTEP;
  578. CHECK_RETVAL(target_call_event_callbacks(target, TARGET_EVENT_HALTED));
  579. return ERROR_OK;
  580. }
  581. static int arm11_assert_reset(struct target *target)
  582. {
  583. struct arm11_common *arm11 = target_to_arm11(target);
  584. /* optionally catch reset vector */
  585. if (target->reset_halt && !(arm11_vcr & 1))
  586. arm11_sc7_set_vcr(arm11, arm11_vcr | 1);
  587. /* Issue some kind of warm reset. */
  588. if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT)) {
  589. target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
  590. } else if (jtag_get_reset_config() & RESET_HAS_SRST) {
  591. /* REVISIT handle "pulls" cases, if there's
  592. * hardware that needs them to work.
  593. */
  594. jtag_add_reset(0, 1);
  595. } else {
  596. LOG_ERROR("%s: how to reset?", target_name(target));
  597. return ERROR_FAIL;
  598. }
  599. /* registers are now invalid */
  600. register_cache_invalidate(arm11->arm.core_cache);
  601. target->state = TARGET_RESET;
  602. return ERROR_OK;
  603. }
  604. /*
  605. * - There is another bug in the arm11 core. (iMX31 specific again?)
  606. * When you generate an access to external logic (for example DDR
  607. * controller via AHB bus) and that block is not configured (perhaps
  608. * it is still held in reset), that transaction will never complete.
  609. * This will hang arm11 core but it will also hang JTAG controller.
  610. * Nothing short of srst assertion will bring it out of this.
  611. */
  612. static int arm11_deassert_reset(struct target *target)
  613. {
  614. struct arm11_common *arm11 = target_to_arm11(target);
  615. int retval;
  616. /* be certain SRST is off */
  617. jtag_add_reset(0, 0);
  618. /* WORKAROUND i.MX31 problems: SRST goofs the TAP, and resets
  619. * at least DSCR. OMAP24xx doesn't show that problem, though
  620. * SRST-only reset seems to be problematic for other reasons.
  621. * (Secure boot sequences being one likelihood!)
  622. */
  623. jtag_add_tlr();
  624. retval = arm11_poll(target);
  625. if (target->reset_halt) {
  626. if (target->state != TARGET_HALTED) {
  627. LOG_WARNING("%s: ran after reset and before halt ...",
  628. target_name(target));
  629. if ((retval = target_halt(target)) != ERROR_OK)
  630. return retval;
  631. }
  632. }
  633. /* maybe restore vector catch config */
  634. if (target->reset_halt && !(arm11_vcr & 1))
  635. arm11_sc7_set_vcr(arm11, arm11_vcr);
  636. return ERROR_OK;
  637. }
  638. static int arm11_soft_reset_halt(struct target *target)
  639. {
  640. LOG_WARNING("Not implemented: %s", __func__);
  641. return ERROR_FAIL;
  642. }
  643. /* target memory access
  644. * size: 1 = byte (8bit), 2 = half-word (16bit), 4 = word (32bit)
  645. * count: number of items of <size>
  646. *
  647. * arm11_config_memrw_no_increment - in the future we may want to be able
  648. * to read/write a range of data to a "port". a "port" is an action on
  649. * read memory address for some peripheral.
  650. */
  651. static int arm11_read_memory_inner(struct target *target,
  652. uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer,
  653. bool arm11_config_memrw_no_increment)
  654. {
  655. /** \todo TODO: check if buffer cast to uint32_t* and uint16_t* might cause alignment problems */
  656. int retval;
  657. if (target->state != TARGET_HALTED)
  658. {
  659. LOG_WARNING("target was not halted");
  660. return ERROR_TARGET_NOT_HALTED;
  661. }
  662. LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
  663. struct arm11_common *arm11 = target_to_arm11(target);
  664. retval = arm11_run_instr_data_prepare(arm11);
  665. if (retval != ERROR_OK)
  666. return retval;
  667. /* MRC p14,0,r0,c0,c5,0 */
  668. retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
  669. if (retval != ERROR_OK)
  670. return retval;
  671. switch (size)
  672. {
  673. case 1:
  674. arm11->arm.core_cache->reg_list[1].dirty = true;
  675. for (size_t i = 0; i < count; i++)
  676. {
  677. /* ldrb r1, [r0], #1 */
  678. /* ldrb r1, [r0] */
  679. arm11_run_instr_no_data1(arm11,
  680. !arm11_config_memrw_no_increment ? 0xe4d01001 : 0xe5d01000);
  681. uint32_t res;
  682. /* MCR p14,0,R1,c0,c5,0 */
  683. arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
  684. *buffer++ = res;
  685. }
  686. break;
  687. case 2:
  688. {
  689. arm11->arm.core_cache->reg_list[1].dirty = true;
  690. for (size_t i = 0; i < count; i++)
  691. {
  692. /* ldrh r1, [r0], #2 */
  693. arm11_run_instr_no_data1(arm11,
  694. !arm11_config_memrw_no_increment ? 0xe0d010b2 : 0xe1d010b0);
  695. uint32_t res;
  696. /* MCR p14,0,R1,c0,c5,0 */
  697. arm11_run_instr_data_from_core(arm11, 0xEE001E15, &res, 1);
  698. uint16_t svalue = res;
  699. memcpy(buffer + i * sizeof(uint16_t), &svalue, sizeof(uint16_t));
  700. }
  701. break;
  702. }
  703. case 4:
  704. {
  705. uint32_t instr = !arm11_config_memrw_no_increment ? 0xecb05e01 : 0xed905e00;
  706. /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
  707. uint32_t *words = (uint32_t *)buffer;
  708. /* LDC p14,c5,[R0],#4 */
  709. /* LDC p14,c5,[R0] */
  710. arm11_run_instr_data_from_core(arm11, instr, words, count);
  711. break;
  712. }
  713. }
  714. return arm11_run_instr_data_finish(arm11);
  715. }
  716. static int arm11_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
  717. {
  718. return arm11_read_memory_inner(target, address, size, count, buffer, false);
  719. }
  720. /*
  721. * no_increment - in the future we may want to be able
  722. * to read/write a range of data to a "port". a "port" is an action on
  723. * read memory address for some peripheral.
  724. */
  725. static int arm11_write_memory_inner(struct target *target,
  726. uint32_t address, uint32_t size,
  727. uint32_t count, uint8_t *buffer,
  728. bool no_increment)
  729. {
  730. int retval;
  731. if (target->state != TARGET_HALTED)
  732. {
  733. LOG_WARNING("target was not halted");
  734. return ERROR_TARGET_NOT_HALTED;
  735. }
  736. LOG_DEBUG("ADDR %08" PRIx32 " SIZE %08" PRIx32 " COUNT %08" PRIx32 "", address, size, count);
  737. struct arm11_common *arm11 = target_to_arm11(target);
  738. retval = arm11_run_instr_data_prepare(arm11);
  739. if (retval != ERROR_OK)
  740. return retval;
  741. /* MRC p14,0,r0,c0,c5,0 */
  742. retval = arm11_run_instr_data_to_core1(arm11, 0xee100e15, address);
  743. if (retval != ERROR_OK)
  744. return retval;
  745. /* burst writes are not used for single words as those may well be
  746. * reset init script writes.
  747. *
  748. * The other advantage is that as burst writes are default, we'll
  749. * now exercise both burst and non-burst code paths with the
  750. * default settings, increasing code coverage.
  751. */
  752. bool burst = arm11_config_memwrite_burst && (count > 1);
  753. switch (size)
  754. {
  755. case 1:
  756. {
  757. arm11->arm.core_cache->reg_list[1].dirty = true;
  758. for (size_t i = 0; i < count; i++)
  759. {
  760. /* MRC p14,0,r1,c0,c5,0 */
  761. retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, *buffer++);
  762. if (retval != ERROR_OK)
  763. return retval;
  764. /* strb r1, [r0], #1 */
  765. /* strb r1, [r0] */
  766. retval = arm11_run_instr_no_data1(arm11,
  767. !no_increment
  768. ? 0xe4c01001
  769. : 0xe5c01000);
  770. if (retval != ERROR_OK)
  771. return retval;
  772. }
  773. break;
  774. }
  775. case 2:
  776. {
  777. arm11->arm.core_cache->reg_list[1].dirty = true;
  778. for (size_t i = 0; i < count; i++)
  779. {
  780. uint16_t value;
  781. memcpy(&value, buffer + i * sizeof(uint16_t), sizeof(uint16_t));
  782. /* MRC p14,0,r1,c0,c5,0 */
  783. retval = arm11_run_instr_data_to_core1(arm11, 0xee101e15, value);
  784. if (retval != ERROR_OK)
  785. return retval;
  786. /* strh r1, [r0], #2 */
  787. /* strh r1, [r0] */
  788. retval = arm11_run_instr_no_data1(arm11,
  789. !no_increment
  790. ? 0xe0c010b2
  791. : 0xe1c010b0);
  792. if (retval != ERROR_OK)
  793. return retval;
  794. }
  795. break;
  796. }
  797. case 4: {
  798. /* increment: STC p14,c5,[R0],#4 */
  799. /* no increment: STC p14,c5,[R0]*/
  800. uint32_t instr = !no_increment ? 0xeca05e01 : 0xed805e00;
  801. /** \todo TODO: buffer cast to uint32_t* causes alignment warnings */
  802. uint32_t *words = (uint32_t*)buffer;
  803. /* "burst" here just means trusting each instruction executes
  804. * fully before we run the next one: per-word roundtrips, to
  805. * check the Ready flag, are not used.
  806. */
  807. if (!burst)
  808. retval = arm11_run_instr_data_to_core(arm11,
  809. instr, words, count);
  810. else
  811. retval = arm11_run_instr_data_to_core_noack(arm11,
  812. instr, words, count);
  813. if (retval != ERROR_OK)
  814. return retval;
  815. break;
  816. }
  817. }
  818. /* r0 verification */
  819. if (!no_increment)
  820. {
  821. uint32_t r0;
  822. /* MCR p14,0,R0,c0,c5,0 */
  823. retval = arm11_run_instr_data_from_core(arm11, 0xEE000E15, &r0, 1);
  824. if (retval != ERROR_OK)
  825. return retval;
  826. if (address + size * count != r0)
  827. {
  828. LOG_ERROR("Data transfer failed. Expected end "
  829. "address 0x%08x, got 0x%08x",
  830. (unsigned) (address + size * count),
  831. (unsigned) r0);
  832. if (burst)
  833. LOG_ERROR("use 'arm11 memwrite burst disable' to disable fast burst mode");
  834. if (arm11_config_memwrite_error_fatal)
  835. return ERROR_FAIL;
  836. }
  837. }
  838. return arm11_run_instr_data_finish(arm11);
  839. }
  840. static int arm11_write_memory(struct target *target,
  841. uint32_t address, uint32_t size,
  842. uint32_t count, uint8_t *buffer)
  843. {
  844. /* pointer increment matters only for multi-unit writes ...
  845. * not e.g. to a "reset the chip" controller.
  846. */
  847. return arm11_write_memory_inner(target, address, size,
  848. count, buffer, count == 1);
  849. }
  850. /* write target memory in multiples of 4 byte, optimized for writing large quantities of data */
  851. static int arm11_bulk_write_memory(struct target *target,
  852. uint32_t address, uint32_t count, uint8_t *buffer)
  853. {
  854. if (target->state != TARGET_HALTED)
  855. {
  856. LOG_WARNING("target was not halted");
  857. return ERROR_TARGET_NOT_HALTED;
  858. }
  859. return arm11_write_memory(target, address, 4, count, buffer);
  860. }
  861. /* target break-/watchpoint control
  862. * rw: 0 = write, 1 = read, 2 = access
  863. */
  864. static int arm11_add_breakpoint(struct target *target,
  865. struct breakpoint *breakpoint)
  866. {
  867. struct arm11_common *arm11 = target_to_arm11(target);
  868. #if 0
  869. if (breakpoint->type == BKPT_SOFT)
  870. {
  871. LOG_INFO("sw breakpoint requested, but software breakpoints not enabled");
  872. return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
  873. }
  874. #endif
  875. if (!arm11->free_brps)
  876. {
  877. LOG_DEBUG("no breakpoint unit available for hardware breakpoint");
  878. return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
  879. }
  880. if (breakpoint->length != 4)
  881. {
  882. LOG_DEBUG("only breakpoints of four bytes length supported");
  883. return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
  884. }
  885. arm11->free_brps--;
  886. return ERROR_OK;
  887. }
  888. static int arm11_remove_breakpoint(struct target *target,
  889. struct breakpoint *breakpoint)
  890. {
  891. struct arm11_common *arm11 = target_to_arm11(target);
  892. arm11->free_brps++;
  893. return ERROR_OK;
  894. }
  895. static int arm11_target_create(struct target *target, Jim_Interp *interp)
  896. {
  897. struct arm11_common *arm11;
  898. if (target->tap == NULL)
  899. return ERROR_FAIL;
  900. if (target->tap->ir_length != 5)
  901. {
  902. LOG_ERROR("'target arm11' expects IR LENGTH = 5");
  903. return ERROR_COMMAND_SYNTAX_ERROR;
  904. }
  905. arm11 = calloc(1, sizeof *arm11);
  906. if (!arm11)
  907. return ERROR_FAIL;
  908. arm_init_arch_info(target, &arm11->arm);
  909. arm11->jtag_info.tap = target->tap;
  910. arm11->jtag_info.scann_size = 5;
  911. arm11->jtag_info.scann_instr = ARM11_SCAN_N;
  912. arm11->jtag_info.cur_scan_chain = ~0; /* invalid/unknown */
  913. arm11->jtag_info.intest_instr = ARM11_INTEST;
  914. return ERROR_OK;
  915. }
  916. static int arm11_init_target(struct command_context *cmd_ctx,
  917. struct target *target)
  918. {
  919. /* Initialize anything we can set up without talking to the target */
  920. return ERROR_OK;
  921. }
  922. /* talk to the target and set things up */
  923. static int arm11_examine(struct target *target)
  924. {
  925. int retval;
  926. char *type;
  927. struct arm11_common *arm11 = target_to_arm11(target);
  928. uint32_t didr, device_id;
  929. uint8_t implementor;
  930. /* FIXME split into do-first-time and do-every-time logic ... */
  931. /* check IDCODE */
  932. arm11_add_IR(arm11, ARM11_IDCODE, ARM11_TAP_DEFAULT);
  933. struct scan_field idcode_field;
  934. arm11_setup_field(arm11, 32, NULL, &device_id, &idcode_field);
  935. arm11_add_dr_scan_vc(1, &idcode_field, TAP_DRPAUSE);
  936. /* check DIDR */
  937. arm11_add_debug_SCAN_N(arm11, 0x00, ARM11_TAP_DEFAULT);
  938. arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
  939. struct scan_field chain0_fields[2];
  940. arm11_setup_field(arm11, 32, NULL, &didr, chain0_fields + 0);
  941. arm11_setup_field(arm11, 8, NULL, &implementor, chain0_fields + 1);
  942. arm11_add_dr_scan_vc(ARRAY_SIZE(chain0_fields), chain0_fields, TAP_IDLE);
  943. CHECK_RETVAL(jtag_execute_queue());
  944. /* assume the manufacturer id is ok; check the part # */
  945. switch ((device_id >> 12) & 0xFFFF)
  946. {
  947. case 0x7B36:
  948. type = "ARM1136";
  949. break;
  950. case 0x7B37:
  951. type = "ARM11 MPCore";
  952. break;
  953. case 0x7B56:
  954. type = "ARM1156";
  955. break;
  956. case 0x7B76:
  957. arm11->arm.core_type = ARM_MODE_MON;
  958. type = "ARM1176";
  959. break;
  960. default:
  961. LOG_ERROR("unexpected ARM11 ID code");
  962. return ERROR_FAIL;
  963. }
  964. LOG_INFO("found %s", type);
  965. /* unlikely this could ever fail, but ... */
  966. switch ((didr >> 16) & 0x0F) {
  967. case ARM11_DEBUG_V6:
  968. case ARM11_DEBUG_V61: /* supports security extensions */
  969. break;
  970. default:
  971. LOG_ERROR("Only ARM v6 and v6.1 debug supported.");
  972. return ERROR_FAIL;
  973. }
  974. arm11->brp = ((didr >> 24) & 0x0F) + 1;
  975. /** \todo TODO: reserve one brp slot if we allow breakpoints during step */
  976. arm11->free_brps = arm11->brp;
  977. LOG_DEBUG("IDCODE %08" PRIx32 " IMPLEMENTOR %02x DIDR %08" PRIx32,
  978. device_id, implementor, didr);
  979. /* as a side-effect this reads DSCR and thus
  980. * clears the ARM11_DSCR_STICKY_PRECISE_DATA_ABORT / Sticky Precise Data Abort Flag
  981. * as suggested by the spec.
  982. */
  983. retval = arm11_check_init(arm11);
  984. if (retval != ERROR_OK)
  985. return retval;
  986. /* Build register cache "late", after target_init(), since we
  987. * want to know if this core supports Secure Monitor mode.
  988. */
  989. if (!target_was_examined(target))
  990. retval = arm11_dpm_init(arm11, didr);
  991. /* ETM on ARM11 still uses original scanchain 6 access mode */
  992. if (arm11->arm.etm && !target_was_examined(target)) {
  993. *register_get_last_cache_p(&target->reg_cache) =
  994. etm_build_reg_cache(target, &arm11->jtag_info,
  995. arm11->arm.etm);
  996. retval = etm_setup(target);
  997. }
  998. target_set_examined(target);
  999. return ERROR_OK;
  1000. }
  1001. /* FIXME all these BOOL_WRAPPER things should be modifying
  1002. * per-instance state, not shared state; ditto the vector
  1003. * catch register support. Scan chains with multiple cores
  1004. * should be able to say "work with this core like this,
  1005. * that core like that". Example, ARM11 MPCore ...
  1006. */
  1007. #define ARM11_BOOL_WRAPPER(name, print_name) \
  1008. COMMAND_HANDLER(arm11_handle_bool_##name) \
  1009. { \
  1010. return CALL_COMMAND_HANDLER(handle_command_parse_bool, \
  1011. &arm11_config_##name, print_name); \
  1012. }
  1013. ARM11_BOOL_WRAPPER(memwrite_burst, "memory write burst mode")
  1014. ARM11_BOOL_WRAPPER(memwrite_error_fatal, "fatal error mode for memory writes")
  1015. ARM11_BOOL_WRAPPER(step_irq_enable, "IRQs while stepping")
  1016. ARM11_BOOL_WRAPPER(hardware_step, "hardware single step")
  1017. COMMAND_HANDLER(arm11_handle_vcr)
  1018. {
  1019. switch (CMD_ARGC) {
  1020. case 0:
  1021. break;
  1022. case 1:
  1023. COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], arm11_vcr);
  1024. break;
  1025. default:
  1026. return ERROR_COMMAND_SYNTAX_ERROR;
  1027. }
  1028. LOG_INFO("VCR 0x%08" PRIx32 "", arm11_vcr);
  1029. return ERROR_OK;
  1030. }
  1031. static const struct command_registration arm11_mw_command_handlers[] = {
  1032. {
  1033. .name = "burst",
  1034. .handler = arm11_handle_bool_memwrite_burst,
  1035. .mode = COMMAND_ANY,
  1036. .help = "Display or modify flag controlling potentially "
  1037. "risky fast burst mode (default: enabled)",
  1038. .usage = "['enable'|'disable']",
  1039. },
  1040. {
  1041. .name = "error_fatal",
  1042. .handler = arm11_handle_bool_memwrite_error_fatal,
  1043. .mode = COMMAND_ANY,
  1044. .help = "Display or modify flag controlling transfer "
  1045. "termination on transfer errors"
  1046. " (default: enabled)",
  1047. .usage = "['enable'|'disable']",
  1048. },
  1049. COMMAND_REGISTRATION_DONE
  1050. };
  1051. static const struct command_registration arm11_any_command_handlers[] = {
  1052. {
  1053. /* "hardware_step" is only here to check if the default
  1054. * simulate + breakpoint implementation is broken.
  1055. * TEMPORARY! NOT DOCUMENTED! */
  1056. .name = "hardware_step",
  1057. .handler = arm11_handle_bool_hardware_step,
  1058. .mode = COMMAND_ANY,
  1059. .help = "DEBUG ONLY - Hardware single stepping"
  1060. " (default: disabled)",
  1061. .usage = "['enable'|'disable']",
  1062. },
  1063. {
  1064. .name = "memwrite",
  1065. .mode = COMMAND_ANY,
  1066. .help = "memwrite command group",
  1067. .chain = arm11_mw_command_handlers,
  1068. },
  1069. {
  1070. .name = "step_irq_enable",
  1071. .handler = arm11_handle_bool_step_irq_enable,
  1072. .mode = COMMAND_ANY,
  1073. .help = "Display or modify flag controlling interrupt "
  1074. "enable while stepping (default: disabled)",
  1075. .usage = "['enable'|'disable']",
  1076. },
  1077. {
  1078. .name = "vcr",
  1079. .handler = arm11_handle_vcr,
  1080. .mode = COMMAND_ANY,
  1081. .help = "Display or modify Vector Catch Register",
  1082. .usage = "[value]",
  1083. },
  1084. COMMAND_REGISTRATION_DONE
  1085. };
  1086. static const struct command_registration arm11_command_handlers[] = {
  1087. {
  1088. .chain = arm_command_handlers,
  1089. },
  1090. {
  1091. .chain = etm_command_handlers,
  1092. },
  1093. {
  1094. .name = "arm11",
  1095. .mode = COMMAND_ANY,
  1096. .help = "ARM11 command group",
  1097. .chain = arm11_any_command_handlers,
  1098. },
  1099. COMMAND_REGISTRATION_DONE
  1100. };
  1101. /** Holds methods for ARM11xx targets. */
  1102. struct target_type arm11_target = {
  1103. .name = "arm11",
  1104. .poll = arm11_poll,
  1105. .arch_state = arm11_arch_state,
  1106. .target_request_data = arm11_target_request_data,
  1107. .halt = arm11_halt,
  1108. .resume = arm11_resume,
  1109. .step = arm11_step,
  1110. .assert_reset = arm11_assert_reset,
  1111. .deassert_reset = arm11_deassert_reset,
  1112. .soft_reset_halt = arm11_soft_reset_halt,
  1113. .get_gdb_reg_list = arm_get_gdb_reg_list,
  1114. .read_memory = arm11_read_memory,
  1115. .write_memory = arm11_write_memory,
  1116. .bulk_write_memory = arm11_bulk_write_memory,
  1117. .checksum_memory = arm_checksum_memory,
  1118. .blank_check_memory = arm_blank_check_memory,
  1119. .add_breakpoint = arm11_add_breakpoint,
  1120. .remove_breakpoint = arm11_remove_breakpoint,
  1121. .run_algorithm = armv4_5_run_algorithm,
  1122. .commands = arm11_command_handlers,
  1123. .target_create = arm11_target_create,
  1124. .init_target = arm11_init_target,
  1125. .examine = arm11_examine,
  1126. };