1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2006 by Magnus Lundin *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
11 * Copyright (C) 2009 by Dirk Behme *
12 * dirk.behme@gmail.com - copy from cortex_m3 *
14 * Copyright (C) 2010 Øyvind Harboe *
15 * oyvind.harboe@zylin.com *
17 * Copyright (C) ST-Ericsson SA 2011 *
18 * michel.jaouen@stericsson.com : smp minimum support *
20 * Copyright (C) Broadcom 2012 *
21 * ehunter@broadcom.com : Cortex R4 support *
23 * Copyright (C) 2013 Kamal Dasu *
24 * kdasu.kdev@gmail.com *
26 * This program is free software; you can redistribute it and/or modify *
27 * it under the terms of the GNU General Public License as published by *
28 * the Free Software Foundation; either version 2 of the License, or *
29 * (at your option) any later version. *
31 * This program is distributed in the hope that it will be useful, *
32 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
33 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
34 * GNU General Public License for more details. *
36 * You should have received a copy of the GNU General Public License *
37 * along with this program; if not, write to the *
38 * Free Software Foundation, Inc., *
39 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
41 * Cortex-A8(tm) TRM, ARM DDI 0344H *
42 * Cortex-A9(tm) TRM, ARM DDI 0407F *
43 * Cortex-A4(tm) TRM, ARM DDI 0363E *
44 * Cortex-A15(tm)TRM, ARM DDI 0438C *
46 ***************************************************************************/
52 #include "breakpoints.h"
55 #include "target_request.h"
56 #include "target_type.h"
57 #include "arm_opcodes.h"
58 #include <helper/time_support.h>
60 static int cortex_a_poll(struct target
*target
);
61 static int cortex_a_debug_entry(struct target
*target
);
62 static int cortex_a_restore_context(struct target
*target
, bool bpwp
);
63 static int cortex_a_set_breakpoint(struct target
*target
,
64 struct breakpoint
*breakpoint
, uint8_t matchmode
);
65 static int cortex_a_set_context_breakpoint(struct target
*target
,
66 struct breakpoint
*breakpoint
, uint8_t matchmode
);
67 static int cortex_a_set_hybrid_breakpoint(struct target
*target
,
68 struct breakpoint
*breakpoint
);
69 static int cortex_a_unset_breakpoint(struct target
*target
,
70 struct breakpoint
*breakpoint
);
71 static int cortex_a_dap_read_coreregister_u32(struct target
*target
,
72 uint32_t *value
, int regnum
);
73 static int cortex_a_dap_write_coreregister_u32(struct target
*target
,
74 uint32_t value
, int regnum
);
75 static int cortex_a_mmu(struct target
*target
, int *enabled
);
76 static int cortex_a_mmu_modify(struct target
*target
, int enable
);
77 static int cortex_a_virt2phys(struct target
*target
,
78 uint32_t virt
, uint32_t *phys
);
79 static int cortex_a_read_apb_ab_memory(struct target
*target
,
80 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
);
83 /* restore cp15_control_reg at resume */
84 static int cortex_a_restore_cp15_control_reg(struct target
*target
)
86 int retval
= ERROR_OK
;
87 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
88 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
90 if (cortex_a
->cp15_control_reg
!= cortex_a
->cp15_control_reg_curr
) {
91 cortex_a
->cp15_control_reg_curr
= cortex_a
->cp15_control_reg
;
92 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_a->cp15_control_reg); */
93 retval
= armv7a
->arm
.mcr(target
, 15,
96 cortex_a
->cp15_control_reg
);
102 * Set up ARM core for memory access.
103 * If !phys_access, switch to SVC mode and make sure MMU is on
104 * If phys_access, switch off mmu
106 static int cortex_a_prep_memaccess(struct target
*target
, int phys_access
)
108 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
109 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
112 if (phys_access
== 0) {
113 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_SVC
);
114 cortex_a_mmu(target
, &mmu_enabled
);
116 cortex_a_mmu_modify(target
, 1);
117 if (cortex_a
->dacrfixup_mode
== CORTEX_A_DACRFIXUP_ON
) {
118 /* overwrite DACR to all-manager */
119 armv7a
->arm
.mcr(target
, 15,
124 cortex_a_mmu(target
, &mmu_enabled
);
126 cortex_a_mmu_modify(target
, 0);
132 * Restore ARM core after memory access.
133 * If !phys_access, switch to previous mode
134 * If phys_access, restore MMU setting
136 static int cortex_a_post_memaccess(struct target
*target
, int phys_access
)
138 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
139 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
141 if (phys_access
== 0) {
142 if (cortex_a
->dacrfixup_mode
== CORTEX_A_DACRFIXUP_ON
) {
144 armv7a
->arm
.mcr(target
, 15,
146 cortex_a
->cp15_dacr_reg
);
148 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
151 cortex_a_mmu(target
, &mmu_enabled
);
153 cortex_a_mmu_modify(target
, 1);
159 /* modify cp15_control_reg in order to enable or disable mmu for :
160 * - virt2phys address conversion
161 * - read or write memory in phys or virt address */
162 static int cortex_a_mmu_modify(struct target
*target
, int enable
)
164 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
165 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
166 int retval
= ERROR_OK
;
170 /* if mmu enabled at target stop and mmu not enable */
171 if (!(cortex_a
->cp15_control_reg
& 0x1U
)) {
172 LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
175 if ((cortex_a
->cp15_control_reg_curr
& 0x1U
) == 0) {
176 cortex_a
->cp15_control_reg_curr
|= 0x1U
;
180 if ((cortex_a
->cp15_control_reg_curr
& 0x1U
) == 0x1U
) {
181 cortex_a
->cp15_control_reg_curr
&= ~0x1U
;
187 LOG_DEBUG("%s, writing cp15 ctrl: %" PRIx32
,
188 enable
? "enable mmu" : "disable mmu",
189 cortex_a
->cp15_control_reg_curr
);
191 retval
= armv7a
->arm
.mcr(target
, 15,
194 cortex_a
->cp15_control_reg_curr
);
200 * Cortex-A Basic debug access, very low level assumes state is saved
202 static int cortex_a8_init_debug_access(struct target
*target
)
204 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
209 /* Unlocking the debug registers for modification
210 * The debugport might be uninitialised so try twice */
211 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
212 armv7a
->debug_base
+ CPUDBG_LOCKACCESS
, 0xC5ACCE55);
213 if (retval
!= ERROR_OK
) {
215 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
216 armv7a
->debug_base
+ CPUDBG_LOCKACCESS
, 0xC5ACCE55);
217 if (retval
== ERROR_OK
)
219 "Locking debug access failed on first, but succeeded on second try.");
226 * Cortex-A Basic debug access, very low level assumes state is saved
228 static int cortex_a_init_debug_access(struct target
*target
)
230 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
233 uint32_t cortex_part_num
;
234 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
237 cortex_part_num
= (cortex_a
->cpuid
& CORTEX_A_MIDR_PARTNUM_MASK
) >>
238 CORTEX_A_MIDR_PARTNUM_SHIFT
;
240 switch (cortex_part_num
) {
241 case CORTEX_A7_PARTNUM
:
242 case CORTEX_A15_PARTNUM
:
243 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
244 armv7a
->debug_base
+ CPUDBG_OSLSR
,
246 if (retval
!= ERROR_OK
)
249 LOG_DEBUG("DBGOSLSR 0x%" PRIx32
, dbg_osreg
);
251 if (dbg_osreg
& CPUDBG_OSLAR_LK_MASK
)
252 /* Unlocking the DEBUG OS registers for modification */
253 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
254 armv7a
->debug_base
+ CPUDBG_OSLAR
,
258 case CORTEX_A5_PARTNUM
:
259 case CORTEX_A8_PARTNUM
:
260 case CORTEX_A9_PARTNUM
:
262 retval
= cortex_a8_init_debug_access(target
);
265 if (retval
!= ERROR_OK
)
267 /* Clear Sticky Power Down status Bit in PRSR to enable access to
268 the registers in the Core Power Domain */
269 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
270 armv7a
->debug_base
+ CPUDBG_PRSR
, &dbg_osreg
);
271 LOG_DEBUG("target->coreid %" PRId32
" DBGPRSR 0x%" PRIx32
, target
->coreid
, dbg_osreg
);
273 if (retval
!= ERROR_OK
)
276 /* Disable cacheline fills and force cache write-through in debug state */
277 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
278 armv7a
->debug_base
+ CPUDBG_DSCCR
, 0);
279 if (retval
!= ERROR_OK
)
282 /* Disable TLB lookup and refill/eviction in debug state */
283 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
284 armv7a
->debug_base
+ CPUDBG_DSMCR
, 0);
285 if (retval
!= ERROR_OK
)
288 /* Enabling of instruction execution in debug mode is done in debug_entry code */
290 /* Resync breakpoint registers */
292 /* Since this is likely called from init or reset, update target state information*/
293 return cortex_a_poll(target
);
296 static int cortex_a_wait_instrcmpl(struct target
*target
, uint32_t *dscr
, bool force
)
298 /* Waits until InstrCmpl_l becomes 1, indicating instruction is done.
299 * Writes final value of DSCR into *dscr. Pass force to force always
300 * reading DSCR at least once. */
301 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
302 int64_t then
= timeval_ms();
303 while ((*dscr
& DSCR_INSTR_COMP
) == 0 || force
) {
305 int retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
306 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
307 if (retval
!= ERROR_OK
) {
308 LOG_ERROR("Could not read DSCR register");
311 if (timeval_ms() > then
+ 1000) {
312 LOG_ERROR("Timeout waiting for InstrCompl=1");
319 /* To reduce needless round-trips, pass in a pointer to the current
320 * DSCR value. Initialize it to zero if you just need to know the
321 * value on return from this function; or DSCR_INSTR_COMP if you
322 * happen to know that no instruction is pending.
324 static int cortex_a_exec_opcode(struct target
*target
,
325 uint32_t opcode
, uint32_t *dscr_p
)
329 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
331 dscr
= dscr_p
? *dscr_p
: 0;
333 LOG_DEBUG("exec opcode 0x%08" PRIx32
, opcode
);
335 /* Wait for InstrCompl bit to be set */
336 retval
= cortex_a_wait_instrcmpl(target
, dscr_p
, false);
337 if (retval
!= ERROR_OK
)
340 retval
= mem_ap_write_u32(armv7a
->debug_ap
,
341 armv7a
->debug_base
+ CPUDBG_ITR
, opcode
);
342 if (retval
!= ERROR_OK
)
345 int64_t then
= timeval_ms();
347 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
348 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
349 if (retval
!= ERROR_OK
) {
350 LOG_ERROR("Could not read DSCR register");
353 if (timeval_ms() > then
+ 1000) {
354 LOG_ERROR("Timeout waiting for cortex_a_exec_opcode");
357 } while ((dscr
& DSCR_INSTR_COMP
) == 0); /* Wait for InstrCompl bit to be set */
365 /**************************************************************************
366 Read core register with very few exec_opcode, fast but needs work_area.
367 This can cause problems with MMU active.
368 **************************************************************************/
369 static int cortex_a_read_regs_through_mem(struct target
*target
, uint32_t address
,
372 int retval
= ERROR_OK
;
373 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
375 retval
= cortex_a_dap_read_coreregister_u32(target
, regfile
, 0);
376 if (retval
!= ERROR_OK
)
378 retval
= cortex_a_dap_write_coreregister_u32(target
, address
, 0);
379 if (retval
!= ERROR_OK
)
381 retval
= cortex_a_exec_opcode(target
, ARMV4_5_STMIA(0, 0xFFFE, 0, 0), NULL
);
382 if (retval
!= ERROR_OK
)
385 retval
= mem_ap_read_buf(armv7a
->memory_ap
,
386 (uint8_t *)(®file
[1]), 4, 15, address
);
391 static int cortex_a_dap_read_coreregister_u32(struct target
*target
,
392 uint32_t *value
, int regnum
)
394 int retval
= ERROR_OK
;
395 uint8_t reg
= regnum
&0xFF;
397 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
403 /* Rn to DCCTX, "MCR p14, 0, Rn, c0, c5, 0" 0xEE00nE15 */
404 retval
= cortex_a_exec_opcode(target
,
405 ARMV4_5_MCR(14, 0, reg
, 0, 5, 0),
407 if (retval
!= ERROR_OK
)
409 } else if (reg
== 15) {
410 /* "MOV r0, r15"; then move r0 to DCCTX */
411 retval
= cortex_a_exec_opcode(target
, 0xE1A0000F, &dscr
);
412 if (retval
!= ERROR_OK
)
414 retval
= cortex_a_exec_opcode(target
,
415 ARMV4_5_MCR(14, 0, 0, 0, 5, 0),
417 if (retval
!= ERROR_OK
)
420 /* "MRS r0, CPSR" or "MRS r0, SPSR"
421 * then move r0 to DCCTX
423 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRS(0, reg
& 1), &dscr
);
424 if (retval
!= ERROR_OK
)
426 retval
= cortex_a_exec_opcode(target
,
427 ARMV4_5_MCR(14, 0, 0, 0, 5, 0),
429 if (retval
!= ERROR_OK
)
433 /* Wait for DTRRXfull then read DTRRTX */
434 int64_t then
= timeval_ms();
435 while ((dscr
& DSCR_DTR_TX_FULL
) == 0) {
436 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
437 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
438 if (retval
!= ERROR_OK
)
440 if (timeval_ms() > then
+ 1000) {
441 LOG_ERROR("Timeout waiting for cortex_a_exec_opcode");
446 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
447 armv7a
->debug_base
+ CPUDBG_DTRTX
, value
);
448 LOG_DEBUG("read DCC 0x%08" PRIx32
, *value
);
453 static int cortex_a_dap_write_coreregister_u32(struct target
*target
,
454 uint32_t value
, int regnum
)
456 int retval
= ERROR_OK
;
457 uint8_t Rd
= regnum
&0xFF;
459 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
461 LOG_DEBUG("register %i, value 0x%08" PRIx32
, regnum
, value
);
463 /* Check that DCCRX is not full */
464 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
465 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
466 if (retval
!= ERROR_OK
)
468 if (dscr
& DSCR_DTR_RX_FULL
) {
469 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32
, dscr
);
470 /* Clear DCCRX with MRC(p14, 0, Rd, c0, c5, 0), opcode 0xEE100E15 */
471 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
473 if (retval
!= ERROR_OK
)
480 /* Write DTRRX ... sets DSCR.DTRRXfull but exec_opcode() won't care */
481 LOG_DEBUG("write DCC 0x%08" PRIx32
, value
);
482 retval
= mem_ap_write_u32(armv7a
->debug_ap
,
483 armv7a
->debug_base
+ CPUDBG_DTRRX
, value
);
484 if (retval
!= ERROR_OK
)
488 /* DCCRX to Rn, "MRC p14, 0, Rn, c0, c5, 0", 0xEE10nE15 */
489 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, Rd
, 0, 5, 0),
492 if (retval
!= ERROR_OK
)
494 } else if (Rd
== 15) {
495 /* DCCRX to R0, "MRC p14, 0, R0, c0, c5, 0", 0xEE100E15
498 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
500 if (retval
!= ERROR_OK
)
502 retval
= cortex_a_exec_opcode(target
, 0xE1A0F000, &dscr
);
503 if (retval
!= ERROR_OK
)
506 /* DCCRX to R0, "MRC p14, 0, R0, c0, c5, 0", 0xEE100E15
507 * then "MSR CPSR_cxsf, r0" or "MSR SPSR_cxsf, r0" (all fields)
509 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
511 if (retval
!= ERROR_OK
)
513 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MSR_GP(0, 0xF, Rd
& 1),
515 if (retval
!= ERROR_OK
)
518 /* "Prefetch flush" after modifying execution status in CPSR */
520 retval
= cortex_a_exec_opcode(target
,
521 ARMV4_5_MCR(15, 0, 0, 7, 5, 4),
523 if (retval
!= ERROR_OK
)
531 /* Write to memory mapped registers directly with no cache or mmu handling */
532 static int cortex_a_dap_write_memap_register_u32(struct target
*target
,
537 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
539 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
, address
, value
);
545 * Cortex-A implementation of Debug Programmer's Model
547 * NOTE the invariant: these routines return with DSCR_INSTR_COMP set,
548 * so there's no need to poll for it before executing an instruction.
550 * NOTE that in several of these cases the "stall" mode might be useful.
551 * It'd let us queue a few operations together... prepare/finish might
552 * be the places to enable/disable that mode.
555 static inline struct cortex_a_common
*dpm_to_a(struct arm_dpm
*dpm
)
557 return container_of(dpm
, struct cortex_a_common
, armv7a_common
.dpm
);
560 static int cortex_a_write_dcc(struct cortex_a_common
*a
, uint32_t data
)
562 LOG_DEBUG("write DCC 0x%08" PRIx32
, data
);
563 return mem_ap_write_u32(a
->armv7a_common
.debug_ap
,
564 a
->armv7a_common
.debug_base
+ CPUDBG_DTRRX
, data
);
567 static int cortex_a_read_dcc(struct cortex_a_common
*a
, uint32_t *data
,
570 uint32_t dscr
= DSCR_INSTR_COMP
;
576 /* Wait for DTRRXfull */
577 int64_t then
= timeval_ms();
578 while ((dscr
& DSCR_DTR_TX_FULL
) == 0) {
579 retval
= mem_ap_read_atomic_u32(a
->armv7a_common
.debug_ap
,
580 a
->armv7a_common
.debug_base
+ CPUDBG_DSCR
,
582 if (retval
!= ERROR_OK
)
584 if (timeval_ms() > then
+ 1000) {
585 LOG_ERROR("Timeout waiting for read dcc");
590 retval
= mem_ap_read_atomic_u32(a
->armv7a_common
.debug_ap
,
591 a
->armv7a_common
.debug_base
+ CPUDBG_DTRTX
, data
);
592 if (retval
!= ERROR_OK
)
594 /* LOG_DEBUG("read DCC 0x%08" PRIx32, *data); */
602 static int cortex_a_dpm_prepare(struct arm_dpm
*dpm
)
604 struct cortex_a_common
*a
= dpm_to_a(dpm
);
608 /* set up invariant: INSTR_COMP is set after ever DPM operation */
609 int64_t then
= timeval_ms();
611 retval
= mem_ap_read_atomic_u32(a
->armv7a_common
.debug_ap
,
612 a
->armv7a_common
.debug_base
+ CPUDBG_DSCR
,
614 if (retval
!= ERROR_OK
)
616 if ((dscr
& DSCR_INSTR_COMP
) != 0)
618 if (timeval_ms() > then
+ 1000) {
619 LOG_ERROR("Timeout waiting for dpm prepare");
624 /* this "should never happen" ... */
625 if (dscr
& DSCR_DTR_RX_FULL
) {
626 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32
, dscr
);
628 retval
= cortex_a_exec_opcode(
629 a
->armv7a_common
.arm
.target
,
630 ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
632 if (retval
!= ERROR_OK
)
639 static int cortex_a_dpm_finish(struct arm_dpm
*dpm
)
641 /* REVISIT what could be done here? */
645 static int cortex_a_instr_write_data_dcc(struct arm_dpm
*dpm
,
646 uint32_t opcode
, uint32_t data
)
648 struct cortex_a_common
*a
= dpm_to_a(dpm
);
650 uint32_t dscr
= DSCR_INSTR_COMP
;
652 retval
= cortex_a_write_dcc(a
, data
);
653 if (retval
!= ERROR_OK
)
656 return cortex_a_exec_opcode(
657 a
->armv7a_common
.arm
.target
,
662 static int cortex_a_instr_write_data_r0(struct arm_dpm
*dpm
,
663 uint32_t opcode
, uint32_t data
)
665 struct cortex_a_common
*a
= dpm_to_a(dpm
);
666 uint32_t dscr
= DSCR_INSTR_COMP
;
669 retval
= cortex_a_write_dcc(a
, data
);
670 if (retval
!= ERROR_OK
)
673 /* DCCRX to R0, "MCR p14, 0, R0, c0, c5, 0", 0xEE000E15 */
674 retval
= cortex_a_exec_opcode(
675 a
->armv7a_common
.arm
.target
,
676 ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
678 if (retval
!= ERROR_OK
)
681 /* then the opcode, taking data from R0 */
682 retval
= cortex_a_exec_opcode(
683 a
->armv7a_common
.arm
.target
,
690 static int cortex_a_instr_cpsr_sync(struct arm_dpm
*dpm
)
692 struct target
*target
= dpm
->arm
->target
;
693 uint32_t dscr
= DSCR_INSTR_COMP
;
695 /* "Prefetch flush" after modifying execution status in CPSR */
696 return cortex_a_exec_opcode(target
,
697 ARMV4_5_MCR(15, 0, 0, 7, 5, 4),
701 static int cortex_a_instr_read_data_dcc(struct arm_dpm
*dpm
,
702 uint32_t opcode
, uint32_t *data
)
704 struct cortex_a_common
*a
= dpm_to_a(dpm
);
706 uint32_t dscr
= DSCR_INSTR_COMP
;
708 /* the opcode, writing data to DCC */
709 retval
= cortex_a_exec_opcode(
710 a
->armv7a_common
.arm
.target
,
713 if (retval
!= ERROR_OK
)
716 return cortex_a_read_dcc(a
, data
, &dscr
);
720 static int cortex_a_instr_read_data_r0(struct arm_dpm
*dpm
,
721 uint32_t opcode
, uint32_t *data
)
723 struct cortex_a_common
*a
= dpm_to_a(dpm
);
724 uint32_t dscr
= DSCR_INSTR_COMP
;
727 /* the opcode, writing data to R0 */
728 retval
= cortex_a_exec_opcode(
729 a
->armv7a_common
.arm
.target
,
732 if (retval
!= ERROR_OK
)
735 /* write R0 to DCC */
736 retval
= cortex_a_exec_opcode(
737 a
->armv7a_common
.arm
.target
,
738 ARMV4_5_MCR(14, 0, 0, 0, 5, 0),
740 if (retval
!= ERROR_OK
)
743 return cortex_a_read_dcc(a
, data
, &dscr
);
746 static int cortex_a_bpwp_enable(struct arm_dpm
*dpm
, unsigned index_t
,
747 uint32_t addr
, uint32_t control
)
749 struct cortex_a_common
*a
= dpm_to_a(dpm
);
750 uint32_t vr
= a
->armv7a_common
.debug_base
;
751 uint32_t cr
= a
->armv7a_common
.debug_base
;
755 case 0 ... 15: /* breakpoints */
756 vr
+= CPUDBG_BVR_BASE
;
757 cr
+= CPUDBG_BCR_BASE
;
759 case 16 ... 31: /* watchpoints */
760 vr
+= CPUDBG_WVR_BASE
;
761 cr
+= CPUDBG_WCR_BASE
;
770 LOG_DEBUG("A: bpwp enable, vr %08x cr %08x",
771 (unsigned) vr
, (unsigned) cr
);
773 retval
= cortex_a_dap_write_memap_register_u32(dpm
->arm
->target
,
775 if (retval
!= ERROR_OK
)
777 retval
= cortex_a_dap_write_memap_register_u32(dpm
->arm
->target
,
782 static int cortex_a_bpwp_disable(struct arm_dpm
*dpm
, unsigned index_t
)
784 struct cortex_a_common
*a
= dpm_to_a(dpm
);
789 cr
= a
->armv7a_common
.debug_base
+ CPUDBG_BCR_BASE
;
792 cr
= a
->armv7a_common
.debug_base
+ CPUDBG_WCR_BASE
;
800 LOG_DEBUG("A: bpwp disable, cr %08x", (unsigned) cr
);
802 /* clear control register */
803 return cortex_a_dap_write_memap_register_u32(dpm
->arm
->target
, cr
, 0);
806 static int cortex_a_dpm_setup(struct cortex_a_common
*a
, uint32_t didr
)
808 struct arm_dpm
*dpm
= &a
->armv7a_common
.dpm
;
811 dpm
->arm
= &a
->armv7a_common
.arm
;
814 dpm
->prepare
= cortex_a_dpm_prepare
;
815 dpm
->finish
= cortex_a_dpm_finish
;
817 dpm
->instr_write_data_dcc
= cortex_a_instr_write_data_dcc
;
818 dpm
->instr_write_data_r0
= cortex_a_instr_write_data_r0
;
819 dpm
->instr_cpsr_sync
= cortex_a_instr_cpsr_sync
;
821 dpm
->instr_read_data_dcc
= cortex_a_instr_read_data_dcc
;
822 dpm
->instr_read_data_r0
= cortex_a_instr_read_data_r0
;
824 dpm
->bpwp_enable
= cortex_a_bpwp_enable
;
825 dpm
->bpwp_disable
= cortex_a_bpwp_disable
;
827 retval
= arm_dpm_setup(dpm
);
828 if (retval
== ERROR_OK
)
829 retval
= arm_dpm_initialize(dpm
);
833 static struct target
*get_cortex_a(struct target
*target
, int32_t coreid
)
835 struct target_list
*head
;
839 while (head
!= (struct target_list
*)NULL
) {
841 if ((curr
->coreid
== coreid
) && (curr
->state
== TARGET_HALTED
))
847 static int cortex_a_halt(struct target
*target
);
849 static int cortex_a_halt_smp(struct target
*target
)
852 struct target_list
*head
;
855 while (head
!= (struct target_list
*)NULL
) {
857 if ((curr
!= target
) && (curr
->state
!= TARGET_HALTED
))
858 retval
+= cortex_a_halt(curr
);
864 static int update_halt_gdb(struct target
*target
)
867 if (target
->gdb_service
&& target
->gdb_service
->core
[0] == -1) {
868 target
->gdb_service
->target
= target
;
869 target
->gdb_service
->core
[0] = target
->coreid
;
870 retval
+= cortex_a_halt_smp(target
);
876 * Cortex-A Run control
879 static int cortex_a_poll(struct target
*target
)
881 int retval
= ERROR_OK
;
883 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
884 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
885 enum target_state prev_target_state
= target
->state
;
886 /* toggle to another core is done by gdb as follow */
887 /* maint packet J core_id */
889 /* the next polling trigger an halt event sent to gdb */
890 if ((target
->state
== TARGET_HALTED
) && (target
->smp
) &&
891 (target
->gdb_service
) &&
892 (target
->gdb_service
->target
== NULL
)) {
893 target
->gdb_service
->target
=
894 get_cortex_a(target
, target
->gdb_service
->core
[1]);
895 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
898 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
899 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
900 if (retval
!= ERROR_OK
)
902 cortex_a
->cpudbg_dscr
= dscr
;
904 if (DSCR_RUN_MODE(dscr
) == (DSCR_CORE_HALTED
| DSCR_CORE_RESTARTED
)) {
905 if (prev_target_state
!= TARGET_HALTED
) {
906 /* We have a halting debug event */
907 LOG_DEBUG("Target halted");
908 target
->state
= TARGET_HALTED
;
909 if ((prev_target_state
== TARGET_RUNNING
)
910 || (prev_target_state
== TARGET_UNKNOWN
)
911 || (prev_target_state
== TARGET_RESET
)) {
912 retval
= cortex_a_debug_entry(target
);
913 if (retval
!= ERROR_OK
)
916 retval
= update_halt_gdb(target
);
917 if (retval
!= ERROR_OK
)
920 target_call_event_callbacks(target
,
921 TARGET_EVENT_HALTED
);
923 if (prev_target_state
== TARGET_DEBUG_RUNNING
) {
926 retval
= cortex_a_debug_entry(target
);
927 if (retval
!= ERROR_OK
)
930 retval
= update_halt_gdb(target
);
931 if (retval
!= ERROR_OK
)
935 target_call_event_callbacks(target
,
936 TARGET_EVENT_DEBUG_HALTED
);
939 } else if (DSCR_RUN_MODE(dscr
) == DSCR_CORE_RESTARTED
)
940 target
->state
= TARGET_RUNNING
;
942 LOG_DEBUG("Unknown target state dscr = 0x%08" PRIx32
, dscr
);
943 target
->state
= TARGET_UNKNOWN
;
949 static int cortex_a_halt(struct target
*target
)
951 int retval
= ERROR_OK
;
953 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
956 * Tell the core to be halted by writing DRCR with 0x1
957 * and then wait for the core to be halted.
959 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
960 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_HALT
);
961 if (retval
!= ERROR_OK
)
965 * enter halting debug mode
967 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
968 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
969 if (retval
!= ERROR_OK
)
972 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
973 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
| DSCR_HALT_DBG_MODE
);
974 if (retval
!= ERROR_OK
)
977 int64_t then
= timeval_ms();
979 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
980 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
981 if (retval
!= ERROR_OK
)
983 if ((dscr
& DSCR_CORE_HALTED
) != 0)
985 if (timeval_ms() > then
+ 1000) {
986 LOG_ERROR("Timeout waiting for halt");
991 target
->debug_reason
= DBG_REASON_DBGRQ
;
996 static int cortex_a_internal_restore(struct target
*target
, int current
,
997 uint32_t *address
, int handle_breakpoints
, int debug_execution
)
999 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1000 struct arm
*arm
= &armv7a
->arm
;
1004 if (!debug_execution
)
1005 target_free_all_working_areas(target
);
1008 if (debug_execution
) {
1009 /* Disable interrupts */
1010 /* We disable interrupts in the PRIMASK register instead of
1011 * masking with C_MASKINTS,
1012 * This is probably the same issue as Cortex-M3 Errata 377493:
1013 * C_MASKINTS in parallel with disabled interrupts can cause
1014 * local faults to not be taken. */
1015 buf_set_u32(armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].value
, 0, 32, 1);
1016 armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].dirty
= 1;
1017 armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].valid
= 1;
1019 /* Make sure we are in Thumb mode */
1020 buf_set_u32(armv7m
->core_cache
->reg_list
[ARMV7M_xPSR
].value
, 0, 32,
1021 buf_get_u32(armv7m
->core_cache
->reg_list
[ARMV7M_xPSR
].value
, 0,
1023 armv7m
->core_cache
->reg_list
[ARMV7M_xPSR
].dirty
= 1;
1024 armv7m
->core_cache
->reg_list
[ARMV7M_xPSR
].valid
= 1;
1028 /* current = 1: continue on current pc, otherwise continue at <address> */
1029 resume_pc
= buf_get_u32(arm
->pc
->value
, 0, 32);
1031 resume_pc
= *address
;
1033 *address
= resume_pc
;
1035 /* Make sure that the Armv7 gdb thumb fixups does not
1036 * kill the return address
1038 switch (arm
->core_state
) {
1040 resume_pc
&= 0xFFFFFFFC;
1042 case ARM_STATE_THUMB
:
1043 case ARM_STATE_THUMB_EE
:
1044 /* When the return address is loaded into PC
1045 * bit 0 must be 1 to stay in Thumb state
1049 case ARM_STATE_JAZELLE
:
1050 LOG_ERROR("How do I resume into Jazelle state??");
1053 LOG_DEBUG("resume pc = 0x%08" PRIx32
, resume_pc
);
1054 buf_set_u32(arm
->pc
->value
, 0, 32, resume_pc
);
1058 /* restore dpm_mode at system halt */
1059 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
1060 /* called it now before restoring context because it uses cpu
1061 * register r0 for restoring cp15 control register */
1062 retval
= cortex_a_restore_cp15_control_reg(target
);
1063 if (retval
!= ERROR_OK
)
1065 retval
= cortex_a_restore_context(target
, handle_breakpoints
);
1066 if (retval
!= ERROR_OK
)
1068 target
->debug_reason
= DBG_REASON_NOTHALTED
;
1069 target
->state
= TARGET_RUNNING
;
1071 /* registers are now invalid */
1072 register_cache_invalidate(arm
->core_cache
);
1075 /* the front-end may request us not to handle breakpoints */
1076 if (handle_breakpoints
) {
1077 /* Single step past breakpoint at current address */
1078 breakpoint
= breakpoint_find(target
, resume_pc
);
1080 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint
->address
);
1081 cortex_m3_unset_breakpoint(target
, breakpoint
);
1082 cortex_m3_single_step_core(target
);
1083 cortex_m3_set_breakpoint(target
, breakpoint
);
1091 static int cortex_a_internal_restart(struct target
*target
)
1093 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1094 struct arm
*arm
= &armv7a
->arm
;
1098 * * Restart core and wait for it to be started. Clear ITRen and sticky
1099 * * exception flags: see ARMv7 ARM, C5.9.
1101 * REVISIT: for single stepping, we probably want to
1102 * disable IRQs by default, with optional override...
1105 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1106 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1107 if (retval
!= ERROR_OK
)
1110 if ((dscr
& DSCR_INSTR_COMP
) == 0)
1111 LOG_ERROR("DSCR InstrCompl must be set before leaving debug!");
1113 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1114 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
& ~DSCR_ITR_EN
);
1115 if (retval
!= ERROR_OK
)
1118 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1119 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_RESTART
|
1120 DRCR_CLEAR_EXCEPTIONS
);
1121 if (retval
!= ERROR_OK
)
1124 int64_t then
= timeval_ms();
1126 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1127 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1128 if (retval
!= ERROR_OK
)
1130 if ((dscr
& DSCR_CORE_RESTARTED
) != 0)
1132 if (timeval_ms() > then
+ 1000) {
1133 LOG_ERROR("Timeout waiting for resume");
1138 target
->debug_reason
= DBG_REASON_NOTHALTED
;
1139 target
->state
= TARGET_RUNNING
;
1141 /* registers are now invalid */
1142 register_cache_invalidate(arm
->core_cache
);
1147 static int cortex_a_restore_smp(struct target
*target
, int handle_breakpoints
)
1150 struct target_list
*head
;
1151 struct target
*curr
;
1153 head
= target
->head
;
1154 while (head
!= (struct target_list
*)NULL
) {
1155 curr
= head
->target
;
1156 if ((curr
!= target
) && (curr
->state
!= TARGET_RUNNING
)) {
1157 /* resume current address , not in step mode */
1158 retval
+= cortex_a_internal_restore(curr
, 1, &address
,
1159 handle_breakpoints
, 0);
1160 retval
+= cortex_a_internal_restart(curr
);
1168 static int cortex_a_resume(struct target
*target
, int current
,
1169 uint32_t address
, int handle_breakpoints
, int debug_execution
)
1172 /* dummy resume for smp toggle in order to reduce gdb impact */
1173 if ((target
->smp
) && (target
->gdb_service
->core
[1] != -1)) {
1174 /* simulate a start and halt of target */
1175 target
->gdb_service
->target
= NULL
;
1176 target
->gdb_service
->core
[0] = target
->gdb_service
->core
[1];
1177 /* fake resume at next poll we play the target core[1], see poll*/
1178 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1181 cortex_a_internal_restore(target
, current
, &address
, handle_breakpoints
, debug_execution
);
1183 target
->gdb_service
->core
[0] = -1;
1184 retval
= cortex_a_restore_smp(target
, handle_breakpoints
);
1185 if (retval
!= ERROR_OK
)
1188 cortex_a_internal_restart(target
);
1190 if (!debug_execution
) {
1191 target
->state
= TARGET_RUNNING
;
1192 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1193 LOG_DEBUG("target resumed at 0x%" PRIx32
, address
);
1195 target
->state
= TARGET_DEBUG_RUNNING
;
1196 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_RESUMED
);
1197 LOG_DEBUG("target debug resumed at 0x%" PRIx32
, address
);
1203 static int cortex_a_debug_entry(struct target
*target
)
1206 uint32_t regfile
[16], cpsr
, dscr
;
1207 int retval
= ERROR_OK
;
1208 struct working_area
*regfile_working_area
= NULL
;
1209 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1210 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1211 struct arm
*arm
= &armv7a
->arm
;
1214 LOG_DEBUG("dscr = 0x%08" PRIx32
, cortex_a
->cpudbg_dscr
);
1216 /* REVISIT surely we should not re-read DSCR !! */
1217 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1218 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1219 if (retval
!= ERROR_OK
)
1222 /* REVISIT see A TRM 12.11.4 steps 2..3 -- make sure that any
1223 * imprecise data aborts get discarded by issuing a Data
1224 * Synchronization Barrier: ARMV4_5_MCR(15, 0, 0, 7, 10, 4).
1227 /* Enable the ITR execution once we are in debug mode */
1228 dscr
|= DSCR_ITR_EN
;
1229 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1230 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1231 if (retval
!= ERROR_OK
)
1234 /* Examine debug reason */
1235 arm_dpm_report_dscr(&armv7a
->dpm
, cortex_a
->cpudbg_dscr
);
1237 /* save address of instruction that triggered the watchpoint? */
1238 if (target
->debug_reason
== DBG_REASON_WATCHPOINT
) {
1241 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1242 armv7a
->debug_base
+ CPUDBG_WFAR
,
1244 if (retval
!= ERROR_OK
)
1246 arm_dpm_report_wfar(&armv7a
->dpm
, wfar
);
1249 /* REVISIT fast_reg_read is never set ... */
1251 /* Examine target state and mode */
1252 if (cortex_a
->fast_reg_read
)
1253 target_alloc_working_area(target
, 64, ®file_working_area
);
1255 /* First load register acessible through core debug port*/
1256 if (!regfile_working_area
)
1257 retval
= arm_dpm_read_current_registers(&armv7a
->dpm
);
1259 retval
= cortex_a_read_regs_through_mem(target
,
1260 regfile_working_area
->address
, regfile
);
1262 target_free_working_area(target
, regfile_working_area
);
1263 if (retval
!= ERROR_OK
)
1266 /* read Current PSR */
1267 retval
= cortex_a_dap_read_coreregister_u32(target
, &cpsr
, 16);
1268 /* store current cpsr */
1269 if (retval
!= ERROR_OK
)
1272 LOG_DEBUG("cpsr: %8.8" PRIx32
, cpsr
);
1274 arm_set_cpsr(arm
, cpsr
);
1277 for (i
= 0; i
<= ARM_PC
; i
++) {
1278 reg
= arm_reg_current(arm
, i
);
1280 buf_set_u32(reg
->value
, 0, 32, regfile
[i
]);
1285 /* Fixup PC Resume Address */
1286 if (cpsr
& (1 << 5)) {
1287 /* T bit set for Thumb or ThumbEE state */
1288 regfile
[ARM_PC
] -= 4;
1291 regfile
[ARM_PC
] -= 8;
1295 buf_set_u32(reg
->value
, 0, 32, regfile
[ARM_PC
]);
1296 reg
->dirty
= reg
->valid
;
1300 /* TODO, Move this */
1301 uint32_t cp15_control_register
, cp15_cacr
, cp15_nacr
;
1302 cortex_a_read_cp(target
, &cp15_control_register
, 15, 0, 1, 0, 0);
1303 LOG_DEBUG("cp15_control_register = 0x%08x", cp15_control_register
);
1305 cortex_a_read_cp(target
, &cp15_cacr
, 15, 0, 1, 0, 2);
1306 LOG_DEBUG("cp15 Coprocessor Access Control Register = 0x%08x", cp15_cacr
);
1308 cortex_a_read_cp(target
, &cp15_nacr
, 15, 0, 1, 1, 2);
1309 LOG_DEBUG("cp15 Nonsecure Access Control Register = 0x%08x", cp15_nacr
);
1312 /* Are we in an exception handler */
1313 /* armv4_5->exception_number = 0; */
1314 if (armv7a
->post_debug_entry
) {
1315 retval
= armv7a
->post_debug_entry(target
);
1316 if (retval
!= ERROR_OK
)
1323 static int cortex_a_post_debug_entry(struct target
*target
)
1325 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1326 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1329 /* MRC p15,0,<Rt>,c1,c0,0 ; Read CP15 System Control Register */
1330 retval
= armv7a
->arm
.mrc(target
, 15,
1331 0, 0, /* op1, op2 */
1332 1, 0, /* CRn, CRm */
1333 &cortex_a
->cp15_control_reg
);
1334 if (retval
!= ERROR_OK
)
1336 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, cortex_a
->cp15_control_reg
);
1337 cortex_a
->cp15_control_reg_curr
= cortex_a
->cp15_control_reg
;
1339 if (armv7a
->armv7a_mmu
.armv7a_cache
.info
== -1)
1340 armv7a_identify_cache(target
);
1342 if (armv7a
->is_armv7r
) {
1343 armv7a
->armv7a_mmu
.mmu_enabled
= 0;
1345 armv7a
->armv7a_mmu
.mmu_enabled
=
1346 (cortex_a
->cp15_control_reg
& 0x1U
) ? 1 : 0;
1348 armv7a
->armv7a_mmu
.armv7a_cache
.d_u_cache_enabled
=
1349 (cortex_a
->cp15_control_reg
& 0x4U
) ? 1 : 0;
1350 armv7a
->armv7a_mmu
.armv7a_cache
.i_cache_enabled
=
1351 (cortex_a
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
1352 cortex_a
->curr_mode
= armv7a
->arm
.core_mode
;
1354 /* switch to SVC mode to read DACR */
1355 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_SVC
);
1356 armv7a
->arm
.mrc(target
, 15,
1358 &cortex_a
->cp15_dacr_reg
);
1360 LOG_DEBUG("cp15_dacr_reg: %8.8" PRIx32
,
1361 cortex_a
->cp15_dacr_reg
);
1363 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
1367 int cortex_a_set_dscr_bits(struct target
*target
, unsigned long bit_mask
, unsigned long value
)
1369 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1373 int retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1374 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1375 if (ERROR_OK
!= retval
)
1378 /* clear bitfield */
1381 dscr
|= value
& bit_mask
;
1383 /* write new DSCR */
1384 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1385 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1389 static int cortex_a_step(struct target
*target
, int current
, uint32_t address
,
1390 int handle_breakpoints
)
1392 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1393 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1394 struct arm
*arm
= &armv7a
->arm
;
1395 struct breakpoint
*breakpoint
= NULL
;
1396 struct breakpoint stepbreakpoint
;
1400 if (target
->state
!= TARGET_HALTED
) {
1401 LOG_WARNING("target not halted");
1402 return ERROR_TARGET_NOT_HALTED
;
1405 /* current = 1: continue on current pc, otherwise continue at <address> */
1408 buf_set_u32(r
->value
, 0, 32, address
);
1410 address
= buf_get_u32(r
->value
, 0, 32);
1412 /* The front-end may request us not to handle breakpoints.
1413 * But since Cortex-A uses breakpoint for single step,
1414 * we MUST handle breakpoints.
1416 handle_breakpoints
= 1;
1417 if (handle_breakpoints
) {
1418 breakpoint
= breakpoint_find(target
, address
);
1420 cortex_a_unset_breakpoint(target
, breakpoint
);
1423 /* Setup single step breakpoint */
1424 stepbreakpoint
.address
= address
;
1425 stepbreakpoint
.length
= (arm
->core_state
== ARM_STATE_THUMB
)
1427 stepbreakpoint
.type
= BKPT_HARD
;
1428 stepbreakpoint
.set
= 0;
1430 /* Disable interrupts during single step if requested */
1431 if (cortex_a
->isrmasking_mode
== CORTEX_A_ISRMASK_ON
) {
1432 retval
= cortex_a_set_dscr_bits(target
, DSCR_INT_DIS
, DSCR_INT_DIS
);
1433 if (ERROR_OK
!= retval
)
1437 /* Break on IVA mismatch */
1438 cortex_a_set_breakpoint(target
, &stepbreakpoint
, 0x04);
1440 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1442 retval
= cortex_a_resume(target
, 1, address
, 0, 0);
1443 if (retval
!= ERROR_OK
)
1446 int64_t then
= timeval_ms();
1447 while (target
->state
!= TARGET_HALTED
) {
1448 retval
= cortex_a_poll(target
);
1449 if (retval
!= ERROR_OK
)
1451 if (timeval_ms() > then
+ 1000) {
1452 LOG_ERROR("timeout waiting for target halt");
1457 cortex_a_unset_breakpoint(target
, &stepbreakpoint
);
1459 /* Re-enable interrupts if they were disabled */
1460 if (cortex_a
->isrmasking_mode
== CORTEX_A_ISRMASK_ON
) {
1461 retval
= cortex_a_set_dscr_bits(target
, DSCR_INT_DIS
, 0);
1462 if (ERROR_OK
!= retval
)
1467 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1470 cortex_a_set_breakpoint(target
, breakpoint
, 0);
1472 if (target
->state
!= TARGET_HALTED
)
1473 LOG_DEBUG("target stepped");
1478 static int cortex_a_restore_context(struct target
*target
, bool bpwp
)
1480 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1484 if (armv7a
->pre_restore_context
)
1485 armv7a
->pre_restore_context(target
);
1487 return arm_dpm_write_dirty_registers(&armv7a
->dpm
, bpwp
);
1491 * Cortex-A Breakpoint and watchpoint functions
1494 /* Setup hardware Breakpoint Register Pair */
1495 static int cortex_a_set_breakpoint(struct target
*target
,
1496 struct breakpoint
*breakpoint
, uint8_t matchmode
)
1501 uint8_t byte_addr_select
= 0x0F;
1502 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1503 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1504 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1506 if (breakpoint
->set
) {
1507 LOG_WARNING("breakpoint already set");
1511 if (breakpoint
->type
== BKPT_HARD
) {
1512 while (brp_list
[brp_i
].used
&& (brp_i
< cortex_a
->brp_num
))
1514 if (brp_i
>= cortex_a
->brp_num
) {
1515 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1516 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1518 breakpoint
->set
= brp_i
+ 1;
1519 if (breakpoint
->length
== 2)
1520 byte_addr_select
= (3 << (breakpoint
->address
& 0x02));
1521 control
= ((matchmode
& 0x7) << 20)
1522 | (byte_addr_select
<< 5)
1524 brp_list
[brp_i
].used
= 1;
1525 brp_list
[brp_i
].value
= (breakpoint
->address
& 0xFFFFFFFC);
1526 brp_list
[brp_i
].control
= control
;
1527 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1528 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1529 brp_list
[brp_i
].value
);
1530 if (retval
!= ERROR_OK
)
1532 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1533 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1534 brp_list
[brp_i
].control
);
1535 if (retval
!= ERROR_OK
)
1537 LOG_DEBUG("brp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1538 brp_list
[brp_i
].control
,
1539 brp_list
[brp_i
].value
);
1540 } else if (breakpoint
->type
== BKPT_SOFT
) {
1542 if (breakpoint
->length
== 2)
1543 buf_set_u32(code
, 0, 32, ARMV5_T_BKPT(0x11));
1545 buf_set_u32(code
, 0, 32, ARMV5_BKPT(0x11));
1546 retval
= target_read_memory(target
,
1547 breakpoint
->address
& 0xFFFFFFFE,
1548 breakpoint
->length
, 1,
1549 breakpoint
->orig_instr
);
1550 if (retval
!= ERROR_OK
)
1553 /* make sure data cache is cleaned & invalidated down to PoC */
1554 if (!armv7a
->armv7a_mmu
.armv7a_cache
.auto_cache_enabled
) {
1555 armv7a_cache_flush_virt(target
, breakpoint
->address
,
1556 breakpoint
->length
);
1559 retval
= target_write_memory(target
,
1560 breakpoint
->address
& 0xFFFFFFFE,
1561 breakpoint
->length
, 1, code
);
1562 if (retval
!= ERROR_OK
)
1565 /* update i-cache at breakpoint location */
1566 armv7a_l1_d_cache_inval_virt(target
, breakpoint
->address
,
1567 breakpoint
->length
);
1568 armv7a_l1_i_cache_inval_virt(target
, breakpoint
->address
,
1569 breakpoint
->length
);
1571 breakpoint
->set
= 0x11; /* Any nice value but 0 */
1577 static int cortex_a_set_context_breakpoint(struct target
*target
,
1578 struct breakpoint
*breakpoint
, uint8_t matchmode
)
1580 int retval
= ERROR_FAIL
;
1583 uint8_t byte_addr_select
= 0x0F;
1584 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1585 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1586 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1588 if (breakpoint
->set
) {
1589 LOG_WARNING("breakpoint already set");
1592 /*check available context BRPs*/
1593 while ((brp_list
[brp_i
].used
||
1594 (brp_list
[brp_i
].type
!= BRP_CONTEXT
)) && (brp_i
< cortex_a
->brp_num
))
1597 if (brp_i
>= cortex_a
->brp_num
) {
1598 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1602 breakpoint
->set
= brp_i
+ 1;
1603 control
= ((matchmode
& 0x7) << 20)
1604 | (byte_addr_select
<< 5)
1606 brp_list
[brp_i
].used
= 1;
1607 brp_list
[brp_i
].value
= (breakpoint
->asid
);
1608 brp_list
[brp_i
].control
= control
;
1609 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1610 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1611 brp_list
[brp_i
].value
);
1612 if (retval
!= ERROR_OK
)
1614 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1615 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1616 brp_list
[brp_i
].control
);
1617 if (retval
!= ERROR_OK
)
1619 LOG_DEBUG("brp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1620 brp_list
[brp_i
].control
,
1621 brp_list
[brp_i
].value
);
1626 static int cortex_a_set_hybrid_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1628 int retval
= ERROR_FAIL
;
1629 int brp_1
= 0; /* holds the contextID pair */
1630 int brp_2
= 0; /* holds the IVA pair */
1631 uint32_t control_CTX
, control_IVA
;
1632 uint8_t CTX_byte_addr_select
= 0x0F;
1633 uint8_t IVA_byte_addr_select
= 0x0F;
1634 uint8_t CTX_machmode
= 0x03;
1635 uint8_t IVA_machmode
= 0x01;
1636 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1637 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1638 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1640 if (breakpoint
->set
) {
1641 LOG_WARNING("breakpoint already set");
1644 /*check available context BRPs*/
1645 while ((brp_list
[brp_1
].used
||
1646 (brp_list
[brp_1
].type
!= BRP_CONTEXT
)) && (brp_1
< cortex_a
->brp_num
))
1649 printf("brp(CTX) found num: %d\n", brp_1
);
1650 if (brp_1
>= cortex_a
->brp_num
) {
1651 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1655 while ((brp_list
[brp_2
].used
||
1656 (brp_list
[brp_2
].type
!= BRP_NORMAL
)) && (brp_2
< cortex_a
->brp_num
))
1659 printf("brp(IVA) found num: %d\n", brp_2
);
1660 if (brp_2
>= cortex_a
->brp_num
) {
1661 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1665 breakpoint
->set
= brp_1
+ 1;
1666 breakpoint
->linked_BRP
= brp_2
;
1667 control_CTX
= ((CTX_machmode
& 0x7) << 20)
1670 | (CTX_byte_addr_select
<< 5)
1672 brp_list
[brp_1
].used
= 1;
1673 brp_list
[brp_1
].value
= (breakpoint
->asid
);
1674 brp_list
[brp_1
].control
= control_CTX
;
1675 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1676 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_1
].BRPn
,
1677 brp_list
[brp_1
].value
);
1678 if (retval
!= ERROR_OK
)
1680 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1681 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_1
].BRPn
,
1682 brp_list
[brp_1
].control
);
1683 if (retval
!= ERROR_OK
)
1686 control_IVA
= ((IVA_machmode
& 0x7) << 20)
1688 | (IVA_byte_addr_select
<< 5)
1690 brp_list
[brp_2
].used
= 1;
1691 brp_list
[brp_2
].value
= (breakpoint
->address
& 0xFFFFFFFC);
1692 brp_list
[brp_2
].control
= control_IVA
;
1693 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1694 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_2
].BRPn
,
1695 brp_list
[brp_2
].value
);
1696 if (retval
!= ERROR_OK
)
1698 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1699 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_2
].BRPn
,
1700 brp_list
[brp_2
].control
);
1701 if (retval
!= ERROR_OK
)
1707 static int cortex_a_unset_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1710 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1711 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1712 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1714 if (!breakpoint
->set
) {
1715 LOG_WARNING("breakpoint not set");
1719 if (breakpoint
->type
== BKPT_HARD
) {
1720 if ((breakpoint
->address
!= 0) && (breakpoint
->asid
!= 0)) {
1721 int brp_i
= breakpoint
->set
- 1;
1722 int brp_j
= breakpoint
->linked_BRP
;
1723 if ((brp_i
< 0) || (brp_i
>= cortex_a
->brp_num
)) {
1724 LOG_DEBUG("Invalid BRP number in breakpoint");
1727 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1728 brp_list
[brp_i
].control
, brp_list
[brp_i
].value
);
1729 brp_list
[brp_i
].used
= 0;
1730 brp_list
[brp_i
].value
= 0;
1731 brp_list
[brp_i
].control
= 0;
1732 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1733 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1734 brp_list
[brp_i
].control
);
1735 if (retval
!= ERROR_OK
)
1737 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1738 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1739 brp_list
[brp_i
].value
);
1740 if (retval
!= ERROR_OK
)
1742 if ((brp_j
< 0) || (brp_j
>= cortex_a
->brp_num
)) {
1743 LOG_DEBUG("Invalid BRP number in breakpoint");
1746 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_j
,
1747 brp_list
[brp_j
].control
, brp_list
[brp_j
].value
);
1748 brp_list
[brp_j
].used
= 0;
1749 brp_list
[brp_j
].value
= 0;
1750 brp_list
[brp_j
].control
= 0;
1751 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1752 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_j
].BRPn
,
1753 brp_list
[brp_j
].control
);
1754 if (retval
!= ERROR_OK
)
1756 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1757 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_j
].BRPn
,
1758 brp_list
[brp_j
].value
);
1759 if (retval
!= ERROR_OK
)
1761 breakpoint
->linked_BRP
= 0;
1762 breakpoint
->set
= 0;
1766 int brp_i
= breakpoint
->set
- 1;
1767 if ((brp_i
< 0) || (brp_i
>= cortex_a
->brp_num
)) {
1768 LOG_DEBUG("Invalid BRP number in breakpoint");
1771 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1772 brp_list
[brp_i
].control
, brp_list
[brp_i
].value
);
1773 brp_list
[brp_i
].used
= 0;
1774 brp_list
[brp_i
].value
= 0;
1775 brp_list
[brp_i
].control
= 0;
1776 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1777 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1778 brp_list
[brp_i
].control
);
1779 if (retval
!= ERROR_OK
)
1781 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1782 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1783 brp_list
[brp_i
].value
);
1784 if (retval
!= ERROR_OK
)
1786 breakpoint
->set
= 0;
1791 /* make sure data cache is cleaned & invalidated down to PoC */
1792 if (!armv7a
->armv7a_mmu
.armv7a_cache
.auto_cache_enabled
) {
1793 armv7a_cache_flush_virt(target
, breakpoint
->address
,
1794 breakpoint
->length
);
1797 /* restore original instruction (kept in target endianness) */
1798 if (breakpoint
->length
== 4) {
1799 retval
= target_write_memory(target
,
1800 breakpoint
->address
& 0xFFFFFFFE,
1801 4, 1, breakpoint
->orig_instr
);
1802 if (retval
!= ERROR_OK
)
1805 retval
= target_write_memory(target
,
1806 breakpoint
->address
& 0xFFFFFFFE,
1807 2, 1, breakpoint
->orig_instr
);
1808 if (retval
!= ERROR_OK
)
1812 /* update i-cache at breakpoint location */
1813 armv7a_l1_d_cache_inval_virt(target
, breakpoint
->address
,
1814 breakpoint
->length
);
1815 armv7a_l1_i_cache_inval_virt(target
, breakpoint
->address
,
1816 breakpoint
->length
);
1818 breakpoint
->set
= 0;
1823 static int cortex_a_add_breakpoint(struct target
*target
,
1824 struct breakpoint
*breakpoint
)
1826 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1828 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1829 LOG_INFO("no hardware breakpoint available");
1830 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1833 if (breakpoint
->type
== BKPT_HARD
)
1834 cortex_a
->brp_num_available
--;
1836 return cortex_a_set_breakpoint(target
, breakpoint
, 0x00); /* Exact match */
1839 static int cortex_a_add_context_breakpoint(struct target
*target
,
1840 struct breakpoint
*breakpoint
)
1842 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1844 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1845 LOG_INFO("no hardware breakpoint available");
1846 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1849 if (breakpoint
->type
== BKPT_HARD
)
1850 cortex_a
->brp_num_available
--;
1852 return cortex_a_set_context_breakpoint(target
, breakpoint
, 0x02); /* asid match */
1855 static int cortex_a_add_hybrid_breakpoint(struct target
*target
,
1856 struct breakpoint
*breakpoint
)
1858 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1860 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1861 LOG_INFO("no hardware breakpoint available");
1862 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1865 if (breakpoint
->type
== BKPT_HARD
)
1866 cortex_a
->brp_num_available
--;
1868 return cortex_a_set_hybrid_breakpoint(target
, breakpoint
); /* ??? */
1872 static int cortex_a_remove_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1874 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1877 /* It is perfectly possible to remove breakpoints while the target is running */
1878 if (target
->state
!= TARGET_HALTED
) {
1879 LOG_WARNING("target not halted");
1880 return ERROR_TARGET_NOT_HALTED
;
1884 if (breakpoint
->set
) {
1885 cortex_a_unset_breakpoint(target
, breakpoint
);
1886 if (breakpoint
->type
== BKPT_HARD
)
1887 cortex_a
->brp_num_available
++;
1895 * Cortex-A Reset functions
1898 static int cortex_a_assert_reset(struct target
*target
)
1900 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1904 /* FIXME when halt is requested, make it work somehow... */
1906 /* Issue some kind of warm reset. */
1907 if (target_has_event_action(target
, TARGET_EVENT_RESET_ASSERT
))
1908 target_handle_event(target
, TARGET_EVENT_RESET_ASSERT
);
1909 else if (jtag_get_reset_config() & RESET_HAS_SRST
) {
1910 /* REVISIT handle "pulls" cases, if there's
1911 * hardware that needs them to work.
1913 jtag_add_reset(0, 1);
1915 LOG_ERROR("%s: how to reset?", target_name(target
));
1919 /* registers are now invalid */
1920 register_cache_invalidate(armv7a
->arm
.core_cache
);
1922 target
->state
= TARGET_RESET
;
1927 static int cortex_a_deassert_reset(struct target
*target
)
1933 /* be certain SRST is off */
1934 jtag_add_reset(0, 0);
1936 retval
= cortex_a_poll(target
);
1937 if (retval
!= ERROR_OK
)
1940 if (target
->reset_halt
) {
1941 if (target
->state
!= TARGET_HALTED
) {
1942 LOG_WARNING("%s: ran after reset and before halt ...",
1943 target_name(target
));
1944 retval
= target_halt(target
);
1945 if (retval
!= ERROR_OK
)
1953 static int cortex_a_set_dcc_mode(struct target
*target
, uint32_t mode
, uint32_t *dscr
)
1955 /* Changes the mode of the DCC between non-blocking, stall, and fast mode.
1956 * New desired mode must be in mode. Current value of DSCR must be in
1957 * *dscr, which is updated with new value.
1959 * This function elides actually sending the mode-change over the debug
1960 * interface if the mode is already set as desired.
1962 uint32_t new_dscr
= (*dscr
& ~DSCR_EXT_DCC_MASK
) | mode
;
1963 if (new_dscr
!= *dscr
) {
1964 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1965 int retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1966 armv7a
->debug_base
+ CPUDBG_DSCR
, new_dscr
);
1967 if (retval
== ERROR_OK
)
1975 static int cortex_a_wait_dscr_bits(struct target
*target
, uint32_t mask
,
1976 uint32_t value
, uint32_t *dscr
)
1978 /* Waits until the specified bit(s) of DSCR take on a specified value. */
1979 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1980 int64_t then
= timeval_ms();
1983 while ((*dscr
& mask
) != value
) {
1984 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1985 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1986 if (retval
!= ERROR_OK
)
1988 if (timeval_ms() > then
+ 1000) {
1989 LOG_ERROR("timeout waiting for DSCR bit change");
1996 static int cortex_a_read_copro(struct target
*target
, uint32_t opcode
,
1997 uint32_t *data
, uint32_t *dscr
)
2000 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2002 /* Move from coprocessor to R0. */
2003 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2004 if (retval
!= ERROR_OK
)
2007 /* Move from R0 to DTRTX. */
2008 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MCR(14, 0, 0, 0, 5, 0), dscr
);
2009 if (retval
!= ERROR_OK
)
2012 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
2013 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2014 * must also check TXfull_l). Most of the time this will be free
2015 * because TXfull_l will be set immediately and cached in dscr. */
2016 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2017 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2018 if (retval
!= ERROR_OK
)
2021 /* Read the value transferred to DTRTX. */
2022 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2023 armv7a
->debug_base
+ CPUDBG_DTRTX
, data
);
2024 if (retval
!= ERROR_OK
)
2030 static int cortex_a_read_dfar_dfsr(struct target
*target
, uint32_t *dfar
,
2031 uint32_t *dfsr
, uint32_t *dscr
)
2036 retval
= cortex_a_read_copro(target
, ARMV4_5_MRC(15, 0, 0, 6, 0, 0), dfar
, dscr
);
2037 if (retval
!= ERROR_OK
)
2042 retval
= cortex_a_read_copro(target
, ARMV4_5_MRC(15, 0, 0, 5, 0, 0), dfsr
, dscr
);
2043 if (retval
!= ERROR_OK
)
2050 static int cortex_a_write_copro(struct target
*target
, uint32_t opcode
,
2051 uint32_t data
, uint32_t *dscr
)
2054 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2056 /* Write the value into DTRRX. */
2057 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2058 armv7a
->debug_base
+ CPUDBG_DTRRX
, data
);
2059 if (retval
!= ERROR_OK
)
2062 /* Move from DTRRX to R0. */
2063 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), dscr
);
2064 if (retval
!= ERROR_OK
)
2067 /* Move from R0 to coprocessor. */
2068 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2069 if (retval
!= ERROR_OK
)
2072 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
2073 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2074 * check RXfull_l). Most of the time this will be free because RXfull_l
2075 * will be cleared immediately and cached in dscr. */
2076 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, dscr
);
2077 if (retval
!= ERROR_OK
)
2083 static int cortex_a_write_dfar_dfsr(struct target
*target
, uint32_t dfar
,
2084 uint32_t dfsr
, uint32_t *dscr
)
2088 retval
= cortex_a_write_copro(target
, ARMV4_5_MCR(15, 0, 0, 6, 0, 0), dfar
, dscr
);
2089 if (retval
!= ERROR_OK
)
2092 retval
= cortex_a_write_copro(target
, ARMV4_5_MCR(15, 0, 0, 5, 0, 0), dfsr
, dscr
);
2093 if (retval
!= ERROR_OK
)
2099 static int cortex_a_dfsr_to_error_code(uint32_t dfsr
)
2101 uint32_t status
, upper4
;
2103 if (dfsr
& (1 << 9)) {
2105 status
= dfsr
& 0x3f;
2106 upper4
= status
>> 2;
2107 if (upper4
== 1 || upper4
== 2 || upper4
== 3 || upper4
== 15)
2108 return ERROR_TARGET_TRANSLATION_FAULT
;
2109 else if (status
== 33)
2110 return ERROR_TARGET_UNALIGNED_ACCESS
;
2112 return ERROR_TARGET_DATA_ABORT
;
2114 /* Normal format. */
2115 status
= ((dfsr
>> 6) & 0x10) | (dfsr
& 0xf);
2117 return ERROR_TARGET_UNALIGNED_ACCESS
;
2118 else if (status
== 5 || status
== 7 || status
== 3 || status
== 6 ||
2119 status
== 9 || status
== 11 || status
== 13 || status
== 15)
2120 return ERROR_TARGET_TRANSLATION_FAULT
;
2122 return ERROR_TARGET_DATA_ABORT
;
2126 static int cortex_a_write_apb_ab_memory_slow(struct target
*target
,
2127 uint32_t size
, uint32_t count
, const uint8_t *buffer
, uint32_t *dscr
)
2129 /* Writes count objects of size size from *buffer. Old value of DSCR must
2130 * be in *dscr; updated to new value. This is slow because it works for
2131 * non-word-sized objects and (maybe) unaligned accesses. If size == 4 and
2132 * the address is aligned, cortex_a_write_apb_ab_memory_fast should be
2135 * - Address is in R0.
2136 * - R0 is marked dirty.
2138 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2139 struct arm
*arm
= &armv7a
->arm
;
2142 /* Mark register R1 as dirty, to use for transferring data. */
2143 arm_reg_current(arm
, 1)->dirty
= true;
2145 /* Switch to non-blocking mode if not already in that mode. */
2146 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2147 if (retval
!= ERROR_OK
)
2150 /* Go through the objects. */
2152 /* Write the value to store into DTRRX. */
2153 uint32_t data
, opcode
;
2157 data
= target_buffer_get_u16(target
, buffer
);
2159 data
= target_buffer_get_u32(target
, buffer
);
2160 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2161 armv7a
->debug_base
+ CPUDBG_DTRRX
, data
);
2162 if (retval
!= ERROR_OK
)
2165 /* Transfer the value from DTRRX to R1. */
2166 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), dscr
);
2167 if (retval
!= ERROR_OK
)
2170 /* Write the value transferred to R1 into memory. */
2172 opcode
= ARMV4_5_STRB_IP(1, 0);
2174 opcode
= ARMV4_5_STRH_IP(1, 0);
2176 opcode
= ARMV4_5_STRW_IP(1, 0);
2177 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2178 if (retval
!= ERROR_OK
)
2181 /* Check for faults and return early. */
2182 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2183 return ERROR_OK
; /* A data fault is not considered a system failure. */
2185 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture
2186 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2187 * must also check RXfull_l). Most of the time this will be free
2188 * because RXfull_l will be cleared immediately and cached in dscr. */
2189 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, dscr
);
2190 if (retval
!= ERROR_OK
)
2201 static int cortex_a_write_apb_ab_memory_fast(struct target
*target
,
2202 uint32_t count
, const uint8_t *buffer
, uint32_t *dscr
)
2204 /* Writes count objects of size 4 from *buffer. Old value of DSCR must be
2205 * in *dscr; updated to new value. This is fast but only works for
2206 * word-sized objects at aligned addresses.
2208 * - Address is in R0 and must be a multiple of 4.
2209 * - R0 is marked dirty.
2211 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2214 /* Switch to fast mode if not already in that mode. */
2215 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_FAST_MODE
, dscr
);
2216 if (retval
!= ERROR_OK
)
2219 /* Latch STC instruction. */
2220 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2221 armv7a
->debug_base
+ CPUDBG_ITR
, ARMV4_5_STC(0, 1, 0, 1, 14, 5, 0, 4));
2222 if (retval
!= ERROR_OK
)
2225 /* Transfer all the data and issue all the instructions. */
2226 return mem_ap_write_buf_noincr(armv7a
->debug_ap
, buffer
,
2227 4, count
, armv7a
->debug_base
+ CPUDBG_DTRRX
);
2230 static int cortex_a_write_apb_ab_memory(struct target
*target
,
2231 uint32_t address
, uint32_t size
,
2232 uint32_t count
, const uint8_t *buffer
)
2234 /* Write memory through APB-AP. */
2235 int retval
, final_retval
;
2236 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2237 struct arm
*arm
= &armv7a
->arm
;
2238 uint32_t dscr
, orig_dfar
, orig_dfsr
, fault_dscr
, fault_dfar
, fault_dfsr
;
2240 LOG_DEBUG("Writing APB-AP memory address 0x%" PRIx32
" size %" PRIu32
" count %" PRIu32
,
2241 address
, size
, count
);
2242 if (target
->state
!= TARGET_HALTED
) {
2243 LOG_WARNING("target not halted");
2244 return ERROR_TARGET_NOT_HALTED
;
2250 /* Clear any abort. */
2251 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2252 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2253 if (retval
!= ERROR_OK
)
2257 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2258 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2259 if (retval
!= ERROR_OK
)
2262 /* Switch to non-blocking mode if not already in that mode. */
2263 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2264 if (retval
!= ERROR_OK
)
2267 /* Mark R0 as dirty. */
2268 arm_reg_current(arm
, 0)->dirty
= true;
2270 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2271 retval
= cortex_a_read_dfar_dfsr(target
, &orig_dfar
, &orig_dfsr
, &dscr
);
2272 if (retval
!= ERROR_OK
)
2275 /* Get the memory address into R0. */
2276 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2277 armv7a
->debug_base
+ CPUDBG_DTRRX
, address
);
2278 if (retval
!= ERROR_OK
)
2280 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr
);
2281 if (retval
!= ERROR_OK
)
2284 if (size
== 4 && (address
% 4) == 0) {
2285 /* We are doing a word-aligned transfer, so use fast mode. */
2286 retval
= cortex_a_write_apb_ab_memory_fast(target
, count
, buffer
, &dscr
);
2288 /* Use slow path. */
2289 retval
= cortex_a_write_apb_ab_memory_slow(target
, size
, count
, buffer
, &dscr
);
2293 final_retval
= retval
;
2295 /* Switch to non-blocking mode if not already in that mode. */
2296 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2297 if (final_retval
== ERROR_OK
)
2298 final_retval
= retval
;
2300 /* Wait for last issued instruction to complete. */
2301 retval
= cortex_a_wait_instrcmpl(target
, &dscr
, true);
2302 if (final_retval
== ERROR_OK
)
2303 final_retval
= retval
;
2305 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
2306 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2307 * check RXfull_l). Most of the time this will be free because RXfull_l
2308 * will be cleared immediately and cached in dscr. However, don't do this
2309 * if there is fault, because then the instruction might not have completed
2311 if (!(dscr
& DSCR_STICKY_ABORT_PRECISE
)) {
2312 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, &dscr
);
2313 if (retval
!= ERROR_OK
)
2317 /* If there were any sticky abort flags, clear them. */
2318 if (dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
)) {
2320 mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2321 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2322 dscr
&= ~(DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
);
2327 /* Handle synchronous data faults. */
2328 if (fault_dscr
& DSCR_STICKY_ABORT_PRECISE
) {
2329 if (final_retval
== ERROR_OK
) {
2330 /* Final return value will reflect cause of fault. */
2331 retval
= cortex_a_read_dfar_dfsr(target
, &fault_dfar
, &fault_dfsr
, &dscr
);
2332 if (retval
== ERROR_OK
) {
2333 LOG_ERROR("data abort at 0x%08" PRIx32
", dfsr = 0x%08" PRIx32
, fault_dfar
, fault_dfsr
);
2334 final_retval
= cortex_a_dfsr_to_error_code(fault_dfsr
);
2336 final_retval
= retval
;
2338 /* Fault destroyed DFAR/DFSR; restore them. */
2339 retval
= cortex_a_write_dfar_dfsr(target
, orig_dfar
, orig_dfsr
, &dscr
);
2340 if (retval
!= ERROR_OK
)
2341 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32
, dscr
);
2344 /* Handle asynchronous data faults. */
2345 if (fault_dscr
& DSCR_STICKY_ABORT_IMPRECISE
) {
2346 if (final_retval
== ERROR_OK
)
2347 /* No other error has been recorded so far, so keep this one. */
2348 final_retval
= ERROR_TARGET_DATA_ABORT
;
2351 /* If the DCC is nonempty, clear it. */
2352 if (dscr
& DSCR_DTRTX_FULL_LATCHED
) {
2354 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2355 armv7a
->debug_base
+ CPUDBG_DTRTX
, &dummy
);
2356 if (final_retval
== ERROR_OK
)
2357 final_retval
= retval
;
2359 if (dscr
& DSCR_DTRRX_FULL_LATCHED
) {
2360 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr
);
2361 if (final_retval
== ERROR_OK
)
2362 final_retval
= retval
;
2366 return final_retval
;
2369 static int cortex_a_read_apb_ab_memory_slow(struct target
*target
,
2370 uint32_t size
, uint32_t count
, uint8_t *buffer
, uint32_t *dscr
)
2372 /* Reads count objects of size size into *buffer. Old value of DSCR must be
2373 * in *dscr; updated to new value. This is slow because it works for
2374 * non-word-sized objects and (maybe) unaligned accesses. If size == 4 and
2375 * the address is aligned, cortex_a_read_apb_ab_memory_fast should be
2378 * - Address is in R0.
2379 * - R0 is marked dirty.
2381 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2382 struct arm
*arm
= &armv7a
->arm
;
2385 /* Mark register R1 as dirty, to use for transferring data. */
2386 arm_reg_current(arm
, 1)->dirty
= true;
2388 /* Switch to non-blocking mode if not already in that mode. */
2389 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2390 if (retval
!= ERROR_OK
)
2393 /* Go through the objects. */
2395 /* Issue a load of the appropriate size to R1. */
2396 uint32_t opcode
, data
;
2398 opcode
= ARMV4_5_LDRB_IP(1, 0);
2400 opcode
= ARMV4_5_LDRH_IP(1, 0);
2402 opcode
= ARMV4_5_LDRW_IP(1, 0);
2403 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2404 if (retval
!= ERROR_OK
)
2407 /* Issue a write of R1 to DTRTX. */
2408 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MCR(14, 0, 1, 0, 5, 0), dscr
);
2409 if (retval
!= ERROR_OK
)
2412 /* Check for faults and return early. */
2413 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2414 return ERROR_OK
; /* A data fault is not considered a system failure. */
2416 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
2417 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2418 * must also check TXfull_l). Most of the time this will be free
2419 * because TXfull_l will be set immediately and cached in dscr. */
2420 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2421 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2422 if (retval
!= ERROR_OK
)
2425 /* Read the value transferred to DTRTX into the buffer. */
2426 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2427 armv7a
->debug_base
+ CPUDBG_DTRTX
, &data
);
2428 if (retval
!= ERROR_OK
)
2431 *buffer
= (uint8_t) data
;
2433 target_buffer_set_u16(target
, buffer
, (uint16_t) data
);
2435 target_buffer_set_u32(target
, buffer
, data
);
2445 static int cortex_a_read_apb_ab_memory_fast(struct target
*target
,
2446 uint32_t count
, uint8_t *buffer
, uint32_t *dscr
)
2448 /* Reads count objects of size 4 into *buffer. Old value of DSCR must be in
2449 * *dscr; updated to new value. This is fast but only works for word-sized
2450 * objects at aligned addresses.
2452 * - Address is in R0 and must be a multiple of 4.
2453 * - R0 is marked dirty.
2455 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2459 /* Switch to non-blocking mode if not already in that mode. */
2460 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2461 if (retval
!= ERROR_OK
)
2464 /* Issue the LDC instruction via a write to ITR. */
2465 retval
= cortex_a_exec_opcode(target
, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4), dscr
);
2466 if (retval
!= ERROR_OK
)
2472 /* Switch to fast mode if not already in that mode. */
2473 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_FAST_MODE
, dscr
);
2474 if (retval
!= ERROR_OK
)
2477 /* Latch LDC instruction. */
2478 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2479 armv7a
->debug_base
+ CPUDBG_ITR
, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4));
2480 if (retval
!= ERROR_OK
)
2483 /* Read the value transferred to DTRTX into the buffer. Due to fast
2484 * mode rules, this blocks until the instruction finishes executing and
2485 * then reissues the read instruction to read the next word from
2486 * memory. The last read of DTRTX in this call reads the second-to-last
2487 * word from memory and issues the read instruction for the last word.
2489 retval
= mem_ap_read_buf_noincr(armv7a
->debug_ap
, buffer
,
2490 4, count
, armv7a
->debug_base
+ CPUDBG_DTRTX
);
2491 if (retval
!= ERROR_OK
)
2495 buffer
+= count
* 4;
2498 /* Wait for last issued instruction to complete. */
2499 retval
= cortex_a_wait_instrcmpl(target
, dscr
, false);
2500 if (retval
!= ERROR_OK
)
2503 /* Switch to non-blocking mode if not already in that mode. */
2504 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2505 if (retval
!= ERROR_OK
)
2508 /* Check for faults and return early. */
2509 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2510 return ERROR_OK
; /* A data fault is not considered a system failure. */
2512 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture manual
2513 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2514 * check TXfull_l). Most of the time this will be free because TXfull_l
2515 * will be set immediately and cached in dscr. */
2516 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2517 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2518 if (retval
!= ERROR_OK
)
2521 /* Read the value transferred to DTRTX into the buffer. This is the last
2523 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2524 armv7a
->debug_base
+ CPUDBG_DTRTX
, &u32
);
2525 if (retval
!= ERROR_OK
)
2527 target_buffer_set_u32(target
, buffer
, u32
);
2532 static int cortex_a_read_apb_ab_memory(struct target
*target
,
2533 uint32_t address
, uint32_t size
,
2534 uint32_t count
, uint8_t *buffer
)
2536 /* Read memory through APB-AP. */
2537 int retval
, final_retval
;
2538 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2539 struct arm
*arm
= &armv7a
->arm
;
2540 uint32_t dscr
, orig_dfar
, orig_dfsr
, fault_dscr
, fault_dfar
, fault_dfsr
;
2542 LOG_DEBUG("Reading APB-AP memory address 0x%" PRIx32
" size %" PRIu32
" count %" PRIu32
,
2543 address
, size
, count
);
2544 if (target
->state
!= TARGET_HALTED
) {
2545 LOG_WARNING("target not halted");
2546 return ERROR_TARGET_NOT_HALTED
;
2552 /* Clear any abort. */
2553 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2554 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2555 if (retval
!= ERROR_OK
)
2559 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2560 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2561 if (retval
!= ERROR_OK
)
2564 /* Switch to non-blocking mode if not already in that mode. */
2565 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2566 if (retval
!= ERROR_OK
)
2569 /* Mark R0 as dirty. */
2570 arm_reg_current(arm
, 0)->dirty
= true;
2572 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2573 retval
= cortex_a_read_dfar_dfsr(target
, &orig_dfar
, &orig_dfsr
, &dscr
);
2574 if (retval
!= ERROR_OK
)
2577 /* Get the memory address into R0. */
2578 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2579 armv7a
->debug_base
+ CPUDBG_DTRRX
, address
);
2580 if (retval
!= ERROR_OK
)
2582 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr
);
2583 if (retval
!= ERROR_OK
)
2586 if (size
== 4 && (address
% 4) == 0) {
2587 /* We are doing a word-aligned transfer, so use fast mode. */
2588 retval
= cortex_a_read_apb_ab_memory_fast(target
, count
, buffer
, &dscr
);
2590 /* Use slow path. */
2591 retval
= cortex_a_read_apb_ab_memory_slow(target
, size
, count
, buffer
, &dscr
);
2595 final_retval
= retval
;
2597 /* Switch to non-blocking mode if not already in that mode. */
2598 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2599 if (final_retval
== ERROR_OK
)
2600 final_retval
= retval
;
2602 /* Wait for last issued instruction to complete. */
2603 retval
= cortex_a_wait_instrcmpl(target
, &dscr
, true);
2604 if (final_retval
== ERROR_OK
)
2605 final_retval
= retval
;
2607 /* If there were any sticky abort flags, clear them. */
2608 if (dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
)) {
2610 mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2611 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2612 dscr
&= ~(DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
);
2617 /* Handle synchronous data faults. */
2618 if (fault_dscr
& DSCR_STICKY_ABORT_PRECISE
) {
2619 if (final_retval
== ERROR_OK
) {
2620 /* Final return value will reflect cause of fault. */
2621 retval
= cortex_a_read_dfar_dfsr(target
, &fault_dfar
, &fault_dfsr
, &dscr
);
2622 if (retval
== ERROR_OK
) {
2623 LOG_ERROR("data abort at 0x%08" PRIx32
", dfsr = 0x%08" PRIx32
, fault_dfar
, fault_dfsr
);
2624 final_retval
= cortex_a_dfsr_to_error_code(fault_dfsr
);
2626 final_retval
= retval
;
2628 /* Fault destroyed DFAR/DFSR; restore them. */
2629 retval
= cortex_a_write_dfar_dfsr(target
, orig_dfar
, orig_dfsr
, &dscr
);
2630 if (retval
!= ERROR_OK
)
2631 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32
, dscr
);
2634 /* Handle asynchronous data faults. */
2635 if (fault_dscr
& DSCR_STICKY_ABORT_IMPRECISE
) {
2636 if (final_retval
== ERROR_OK
)
2637 /* No other error has been recorded so far, so keep this one. */
2638 final_retval
= ERROR_TARGET_DATA_ABORT
;
2641 /* If the DCC is nonempty, clear it. */
2642 if (dscr
& DSCR_DTRTX_FULL_LATCHED
) {
2644 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2645 armv7a
->debug_base
+ CPUDBG_DTRTX
, &dummy
);
2646 if (final_retval
== ERROR_OK
)
2647 final_retval
= retval
;
2649 if (dscr
& DSCR_DTRRX_FULL_LATCHED
) {
2650 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr
);
2651 if (final_retval
== ERROR_OK
)
2652 final_retval
= retval
;
2656 return final_retval
;
2661 * Cortex-A Memory access
2663 * This is same Cortex M3 but we must also use the correct
2664 * ap number for every access.
2667 static int cortex_a_read_phys_memory(struct target
*target
,
2668 uint32_t address
, uint32_t size
,
2669 uint32_t count
, uint8_t *buffer
)
2671 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2672 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2673 uint8_t apsel
= swjdp
->apsel
;
2676 if (!count
|| !buffer
)
2677 return ERROR_COMMAND_SYNTAX_ERROR
;
2679 LOG_DEBUG("Reading memory at real address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
,
2680 address
, size
, count
);
2682 if (armv7a
->memory_ap_available
&& (apsel
== armv7a
->memory_ap
->ap_num
))
2683 return mem_ap_read_buf(armv7a
->memory_ap
, buffer
, size
, count
, address
);
2685 /* read memory through APB-AP */
2686 cortex_a_prep_memaccess(target
, 1);
2687 retval
= cortex_a_read_apb_ab_memory(target
, address
, size
, count
, buffer
);
2688 cortex_a_post_memaccess(target
, 1);
2693 static int cortex_a_read_memory(struct target
*target
, uint32_t address
,
2694 uint32_t size
, uint32_t count
, uint8_t *buffer
)
2698 /* cortex_a handles unaligned memory access */
2699 LOG_DEBUG("Reading memory at address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2702 cortex_a_prep_memaccess(target
, 0);
2703 retval
= cortex_a_read_apb_ab_memory(target
, address
, size
, count
, buffer
);
2704 cortex_a_post_memaccess(target
, 0);
2709 static int cortex_a_read_memory_ahb(struct target
*target
, uint32_t address
,
2710 uint32_t size
, uint32_t count
, uint8_t *buffer
)
2712 int mmu_enabled
= 0;
2713 uint32_t virt
, phys
;
2715 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2716 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2717 uint8_t apsel
= swjdp
->apsel
;
2719 if (!armv7a
->memory_ap_available
|| (apsel
!= armv7a
->memory_ap
->ap_num
))
2720 return target_read_memory(target
, address
, size
, count
, buffer
);
2722 /* cortex_a handles unaligned memory access */
2723 LOG_DEBUG("Reading memory at address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2726 /* determine if MMU was enabled on target stop */
2727 if (!armv7a
->is_armv7r
) {
2728 retval
= cortex_a_mmu(target
, &mmu_enabled
);
2729 if (retval
!= ERROR_OK
)
2735 retval
= cortex_a_virt2phys(target
, virt
, &phys
);
2736 if (retval
!= ERROR_OK
)
2739 LOG_DEBUG("Reading at virtual address. Translating v:0x%" PRIx32
" to r:0x%" PRIx32
,
2744 if (!count
|| !buffer
)
2745 return ERROR_COMMAND_SYNTAX_ERROR
;
2747 retval
= mem_ap_read_buf(armv7a
->memory_ap
, buffer
, size
, count
, address
);
2752 static int cortex_a_write_phys_memory(struct target
*target
,
2753 uint32_t address
, uint32_t size
,
2754 uint32_t count
, const uint8_t *buffer
)
2756 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2757 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2758 uint8_t apsel
= swjdp
->apsel
;
2761 if (!count
|| !buffer
)
2762 return ERROR_COMMAND_SYNTAX_ERROR
;
2764 LOG_DEBUG("Writing memory to real address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2767 if (armv7a
->memory_ap_available
&& (apsel
== armv7a
->memory_ap
->ap_num
))
2768 return mem_ap_write_buf(armv7a
->memory_ap
, buffer
, size
, count
, address
);
2770 /* write memory through APB-AP */
2771 cortex_a_prep_memaccess(target
, 1);
2772 retval
= cortex_a_write_apb_ab_memory(target
, address
, size
, count
, buffer
);
2773 cortex_a_post_memaccess(target
, 1);
2778 static int cortex_a_write_memory(struct target
*target
, uint32_t address
,
2779 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
2783 /* cortex_a handles unaligned memory access */
2784 LOG_DEBUG("Writing memory at address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2787 /* memory writes bypass the caches, must flush before writing */
2788 armv7a_cache_auto_flush_on_write(target
, address
, size
* count
);
2790 cortex_a_prep_memaccess(target
, 0);
2791 retval
= cortex_a_write_apb_ab_memory(target
, address
, size
, count
, buffer
);
2792 cortex_a_post_memaccess(target
, 0);
2796 static int cortex_a_write_memory_ahb(struct target
*target
, uint32_t address
,
2797 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
2799 int mmu_enabled
= 0;
2800 uint32_t virt
, phys
;
2802 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2803 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2804 uint8_t apsel
= swjdp
->apsel
;
2806 if (!armv7a
->memory_ap_available
|| (apsel
!= armv7a
->memory_ap
->ap_num
))
2807 return target_write_memory(target
, address
, size
, count
, buffer
);
2809 /* cortex_a handles unaligned memory access */
2810 LOG_DEBUG("Writing memory at address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2813 /* determine if MMU was enabled on target stop */
2814 if (!armv7a
->is_armv7r
) {
2815 retval
= cortex_a_mmu(target
, &mmu_enabled
);
2816 if (retval
!= ERROR_OK
)
2822 retval
= cortex_a_virt2phys(target
, virt
, &phys
);
2823 if (retval
!= ERROR_OK
)
2826 LOG_DEBUG("Writing to virtual address. Translating v:0x%" PRIx32
" to r:0x%" PRIx32
,
2832 if (!count
|| !buffer
)
2833 return ERROR_COMMAND_SYNTAX_ERROR
;
2835 retval
= mem_ap_write_buf(armv7a
->memory_ap
, buffer
, size
, count
, address
);
2840 static int cortex_a_read_buffer(struct target
*target
, uint32_t address
,
2841 uint32_t count
, uint8_t *buffer
)
2845 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2846 * will have something to do with the size we leave to it. */
2847 for (size
= 1; size
< 4 && count
>= size
* 2 + (address
& size
); size
*= 2) {
2848 if (address
& size
) {
2849 int retval
= cortex_a_read_memory_ahb(target
, address
, size
, 1, buffer
);
2850 if (retval
!= ERROR_OK
)
2858 /* Read the data with as large access size as possible. */
2859 for (; size
> 0; size
/= 2) {
2860 uint32_t aligned
= count
- count
% size
;
2862 int retval
= cortex_a_read_memory_ahb(target
, address
, size
, aligned
/ size
, buffer
);
2863 if (retval
!= ERROR_OK
)
2874 static int cortex_a_write_buffer(struct target
*target
, uint32_t address
,
2875 uint32_t count
, const uint8_t *buffer
)
2879 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2880 * will have something to do with the size we leave to it. */
2881 for (size
= 1; size
< 4 && count
>= size
* 2 + (address
& size
); size
*= 2) {
2882 if (address
& size
) {
2883 int retval
= cortex_a_write_memory_ahb(target
, address
, size
, 1, buffer
);
2884 if (retval
!= ERROR_OK
)
2892 /* Write the data with as large access size as possible. */
2893 for (; size
> 0; size
/= 2) {
2894 uint32_t aligned
= count
- count
% size
;
2896 int retval
= cortex_a_write_memory_ahb(target
, address
, size
, aligned
/ size
, buffer
);
2897 if (retval
!= ERROR_OK
)
2908 static int cortex_a_handle_target_request(void *priv
)
2910 struct target
*target
= priv
;
2911 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2914 if (!target_was_examined(target
))
2916 if (!target
->dbg_msg_enabled
)
2919 if (target
->state
== TARGET_RUNNING
) {
2922 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2923 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2925 /* check if we have data */
2926 int64_t then
= timeval_ms();
2927 while ((dscr
& DSCR_DTR_TX_FULL
) && (retval
== ERROR_OK
)) {
2928 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2929 armv7a
->debug_base
+ CPUDBG_DTRTX
, &request
);
2930 if (retval
== ERROR_OK
) {
2931 target_request(target
, request
);
2932 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2933 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2935 if (timeval_ms() > then
+ 1000) {
2936 LOG_ERROR("Timeout waiting for dtr tx full");
2946 * Cortex-A target information and configuration
2949 static int cortex_a_examine_first(struct target
*target
)
2951 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
2952 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
2953 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2955 int retval
= ERROR_OK
;
2956 uint32_t didr
, ctypr
, ttypr
, cpuid
, dbg_osreg
;
2958 retval
= dap_dp_init(swjdp
);
2959 if (retval
!= ERROR_OK
) {
2960 LOG_ERROR("Could not initialize the debug port");
2964 /* Search for the APB-AB - it is needed for access to debug registers */
2965 retval
= dap_find_ap(swjdp
, AP_TYPE_APB_AP
, &armv7a
->debug_ap
);
2966 if (retval
!= ERROR_OK
) {
2967 LOG_ERROR("Could not find APB-AP for debug access");
2971 retval
= mem_ap_init(armv7a
->debug_ap
);
2972 if (retval
!= ERROR_OK
) {
2973 LOG_ERROR("Could not initialize the APB-AP");
2977 armv7a
->debug_ap
->memaccess_tck
= 80;
2979 /* Search for the AHB-AB.
2980 * REVISIT: We should search for AXI-AP as well and make sure the AP's MEMTYPE says it
2981 * can access system memory. */
2982 armv7a
->memory_ap_available
= false;
2983 retval
= dap_find_ap(swjdp
, AP_TYPE_AHB_AP
, &armv7a
->memory_ap
);
2984 if (retval
== ERROR_OK
) {
2985 retval
= mem_ap_init(armv7a
->memory_ap
);
2986 if (retval
== ERROR_OK
)
2987 armv7a
->memory_ap_available
= true;
2989 LOG_WARNING("Could not initialize AHB-AP for memory access - using APB-AP");
2991 /* AHB-AP not found - use APB-AP */
2992 LOG_DEBUG("Could not find AHB-AP - using APB-AP for memory access");
2995 if (!target
->dbgbase_set
) {
2997 /* Get ROM Table base */
2999 int32_t coreidx
= target
->coreid
;
3000 LOG_DEBUG("%s's dbgbase is not set, trying to detect using the ROM table",
3002 retval
= dap_get_debugbase(armv7a
->debug_ap
, &dbgbase
, &apid
);
3003 if (retval
!= ERROR_OK
)
3005 /* Lookup 0x15 -- Processor DAP */
3006 retval
= dap_lookup_cs_component(armv7a
->debug_ap
, dbgbase
, 0x15,
3007 &armv7a
->debug_base
, &coreidx
);
3008 if (retval
!= ERROR_OK
) {
3009 LOG_ERROR("Can't detect %s's dbgbase from the ROM table; you need to specify it explicitly.",
3013 LOG_DEBUG("Detected core %" PRId32
" dbgbase: %08" PRIx32
,
3014 target
->coreid
, armv7a
->debug_base
);
3016 armv7a
->debug_base
= target
->dbgbase
;
3018 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3019 armv7a
->debug_base
+ CPUDBG_CPUID
, &cpuid
);
3020 if (retval
!= ERROR_OK
)
3023 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3024 armv7a
->debug_base
+ CPUDBG_CPUID
, &cpuid
);
3025 if (retval
!= ERROR_OK
) {
3026 LOG_DEBUG("Examine %s failed", "CPUID");
3030 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3031 armv7a
->debug_base
+ CPUDBG_CTYPR
, &ctypr
);
3032 if (retval
!= ERROR_OK
) {
3033 LOG_DEBUG("Examine %s failed", "CTYPR");
3037 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3038 armv7a
->debug_base
+ CPUDBG_TTYPR
, &ttypr
);
3039 if (retval
!= ERROR_OK
) {
3040 LOG_DEBUG("Examine %s failed", "TTYPR");
3044 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3045 armv7a
->debug_base
+ CPUDBG_DIDR
, &didr
);
3046 if (retval
!= ERROR_OK
) {
3047 LOG_DEBUG("Examine %s failed", "DIDR");
3051 LOG_DEBUG("cpuid = 0x%08" PRIx32
, cpuid
);
3052 LOG_DEBUG("ctypr = 0x%08" PRIx32
, ctypr
);
3053 LOG_DEBUG("ttypr = 0x%08" PRIx32
, ttypr
);
3054 LOG_DEBUG("didr = 0x%08" PRIx32
, didr
);
3056 cortex_a
->cpuid
= cpuid
;
3057 cortex_a
->ctypr
= ctypr
;
3058 cortex_a
->ttypr
= ttypr
;
3059 cortex_a
->didr
= didr
;
3061 /* Unlocking the debug registers */
3062 if ((cpuid
& CORTEX_A_MIDR_PARTNUM_MASK
) >> CORTEX_A_MIDR_PARTNUM_SHIFT
==
3063 CORTEX_A15_PARTNUM
) {
3065 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
3066 armv7a
->debug_base
+ CPUDBG_OSLAR
,
3069 if (retval
!= ERROR_OK
)
3073 /* Unlocking the debug registers */
3074 if ((cpuid
& CORTEX_A_MIDR_PARTNUM_MASK
) >> CORTEX_A_MIDR_PARTNUM_SHIFT
==
3075 CORTEX_A7_PARTNUM
) {
3077 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
3078 armv7a
->debug_base
+ CPUDBG_OSLAR
,
3081 if (retval
!= ERROR_OK
)
3085 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3086 armv7a
->debug_base
+ CPUDBG_PRSR
, &dbg_osreg
);
3088 if (retval
!= ERROR_OK
)
3091 LOG_DEBUG("target->coreid %" PRId32
" DBGPRSR 0x%" PRIx32
, target
->coreid
, dbg_osreg
);
3093 armv7a
->arm
.core_type
= ARM_MODE_MON
;
3095 /* Avoid recreating the registers cache */
3096 if (!target_was_examined(target
)) {
3097 retval
= cortex_a_dpm_setup(cortex_a
, didr
);
3098 if (retval
!= ERROR_OK
)
3102 /* Setup Breakpoint Register Pairs */
3103 cortex_a
->brp_num
= ((didr
>> 24) & 0x0F) + 1;
3104 cortex_a
->brp_num_context
= ((didr
>> 20) & 0x0F) + 1;
3105 cortex_a
->brp_num_available
= cortex_a
->brp_num
;
3106 free(cortex_a
->brp_list
);
3107 cortex_a
->brp_list
= calloc(cortex_a
->brp_num
, sizeof(struct cortex_a_brp
));
3108 /* cortex_a->brb_enabled = ????; */
3109 for (i
= 0; i
< cortex_a
->brp_num
; i
++) {
3110 cortex_a
->brp_list
[i
].used
= 0;
3111 if (i
< (cortex_a
->brp_num
-cortex_a
->brp_num_context
))
3112 cortex_a
->brp_list
[i
].type
= BRP_NORMAL
;
3114 cortex_a
->brp_list
[i
].type
= BRP_CONTEXT
;
3115 cortex_a
->brp_list
[i
].value
= 0;
3116 cortex_a
->brp_list
[i
].control
= 0;
3117 cortex_a
->brp_list
[i
].BRPn
= i
;
3120 LOG_DEBUG("Configured %i hw breakpoints", cortex_a
->brp_num
);
3122 /* select debug_ap as default */
3123 swjdp
->apsel
= armv7a
->debug_ap
->ap_num
;
3125 target_set_examined(target
);
3129 static int cortex_a_examine(struct target
*target
)
3131 int retval
= ERROR_OK
;
3133 /* Reestablish communication after target reset */
3134 retval
= cortex_a_examine_first(target
);
3136 /* Configure core debug access */
3137 if (retval
== ERROR_OK
)
3138 retval
= cortex_a_init_debug_access(target
);
3144 * Cortex-A target creation and initialization
3147 static int cortex_a_init_target(struct command_context
*cmd_ctx
,
3148 struct target
*target
)
3150 /* examine_first() does a bunch of this */
3154 static int cortex_a_init_arch_info(struct target
*target
,
3155 struct cortex_a_common
*cortex_a
, struct jtag_tap
*tap
)
3157 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
3159 /* Setup struct cortex_a_common */
3160 cortex_a
->common_magic
= CORTEX_A_COMMON_MAGIC
;
3162 /* tap has no dap initialized */
3164 tap
->dap
= dap_init();
3166 /* Leave (only) generic DAP stuff for debugport_init() */
3167 tap
->dap
->tap
= tap
;
3170 armv7a
->arm
.dap
= tap
->dap
;
3172 cortex_a
->fast_reg_read
= 0;
3174 /* register arch-specific functions */
3175 armv7a
->examine_debug_reason
= NULL
;
3177 armv7a
->post_debug_entry
= cortex_a_post_debug_entry
;
3179 armv7a
->pre_restore_context
= NULL
;
3181 armv7a
->armv7a_mmu
.read_physical_memory
= cortex_a_read_phys_memory
;
3184 /* arm7_9->handle_target_request = cortex_a_handle_target_request; */
3186 /* REVISIT v7a setup should be in a v7a-specific routine */
3187 armv7a_init_arch_info(target
, armv7a
);
3188 target_register_timer_callback(cortex_a_handle_target_request
, 1, 1, target
);
3193 static int cortex_a_target_create(struct target
*target
, Jim_Interp
*interp
)
3195 struct cortex_a_common
*cortex_a
= calloc(1, sizeof(struct cortex_a_common
));
3197 cortex_a
->armv7a_common
.is_armv7r
= false;
3199 return cortex_a_init_arch_info(target
, cortex_a
, target
->tap
);
3202 static int cortex_r4_target_create(struct target
*target
, Jim_Interp
*interp
)
3204 struct cortex_a_common
*cortex_a
= calloc(1, sizeof(struct cortex_a_common
));
3206 cortex_a
->armv7a_common
.is_armv7r
= true;
3208 return cortex_a_init_arch_info(target
, cortex_a
, target
->tap
);
3211 static void cortex_a_deinit_target(struct target
*target
)
3213 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3214 struct arm_dpm
*dpm
= &cortex_a
->armv7a_common
.dpm
;
3216 free(cortex_a
->brp_list
);
3222 static int cortex_a_mmu(struct target
*target
, int *enabled
)
3224 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
3226 if (target
->state
!= TARGET_HALTED
) {
3227 LOG_ERROR("%s: target not halted", __func__
);
3228 return ERROR_TARGET_INVALID
;
3231 if (armv7a
->is_armv7r
)
3234 *enabled
= target_to_cortex_a(target
)->armv7a_common
.armv7a_mmu
.mmu_enabled
;
3239 static int cortex_a_virt2phys(struct target
*target
,
3240 uint32_t virt
, uint32_t *phys
)
3242 int retval
= ERROR_FAIL
;
3243 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
3244 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
3245 uint8_t apsel
= swjdp
->apsel
;
3246 if (armv7a
->memory_ap_available
&& (apsel
== armv7a
->memory_ap
->ap_num
)) {
3248 retval
= armv7a_mmu_translate_va(target
,
3250 if (retval
!= ERROR_OK
)
3253 } else {/* use this method if armv7a->memory_ap not selected
3254 * mmu must be enable in order to get a correct translation */
3255 retval
= cortex_a_mmu_modify(target
, 1);
3256 if (retval
!= ERROR_OK
)
3258 retval
= armv7a_mmu_translate_va_pa(target
, virt
, phys
, 1);
3264 COMMAND_HANDLER(cortex_a_handle_cache_info_command
)
3266 struct target
*target
= get_current_target(CMD_CTX
);
3267 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
3269 return armv7a_handle_cache_info_command(CMD_CTX
,
3270 &armv7a
->armv7a_mmu
.armv7a_cache
);
3274 COMMAND_HANDLER(cortex_a_handle_dbginit_command
)
3276 struct target
*target
= get_current_target(CMD_CTX
);
3277 if (!target_was_examined(target
)) {
3278 LOG_ERROR("target not examined yet");
3282 return cortex_a_init_debug_access(target
);
3284 COMMAND_HANDLER(cortex_a_handle_smp_off_command
)
3286 struct target
*target
= get_current_target(CMD_CTX
);
3287 /* check target is an smp target */
3288 struct target_list
*head
;
3289 struct target
*curr
;
3290 head
= target
->head
;
3292 if (head
!= (struct target_list
*)NULL
) {
3293 while (head
!= (struct target_list
*)NULL
) {
3294 curr
= head
->target
;
3298 /* fixes the target display to the debugger */
3299 target
->gdb_service
->target
= target
;
3304 COMMAND_HANDLER(cortex_a_handle_smp_on_command
)
3306 struct target
*target
= get_current_target(CMD_CTX
);
3307 struct target_list
*head
;
3308 struct target
*curr
;
3309 head
= target
->head
;
3310 if (head
!= (struct target_list
*)NULL
) {
3312 while (head
!= (struct target_list
*)NULL
) {
3313 curr
= head
->target
;
3321 COMMAND_HANDLER(cortex_a_handle_smp_gdb_command
)
3323 struct target
*target
= get_current_target(CMD_CTX
);
3324 int retval
= ERROR_OK
;
3325 struct target_list
*head
;
3326 head
= target
->head
;
3327 if (head
!= (struct target_list
*)NULL
) {
3328 if (CMD_ARGC
== 1) {
3330 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], coreid
);
3331 if (ERROR_OK
!= retval
)
3333 target
->gdb_service
->core
[1] = coreid
;
3336 command_print(CMD_CTX
, "gdb coreid %" PRId32
" -> %" PRId32
, target
->gdb_service
->core
[0]
3337 , target
->gdb_service
->core
[1]);
3342 COMMAND_HANDLER(handle_cortex_a_mask_interrupts_command
)
3344 struct target
*target
= get_current_target(CMD_CTX
);
3345 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3347 static const Jim_Nvp nvp_maskisr_modes
[] = {
3348 { .name
= "off", .value
= CORTEX_A_ISRMASK_OFF
},
3349 { .name
= "on", .value
= CORTEX_A_ISRMASK_ON
},
3350 { .name
= NULL
, .value
= -1 },
3355 n
= Jim_Nvp_name2value_simple(nvp_maskisr_modes
, CMD_ARGV
[0]);
3356 if (n
->name
== NULL
) {
3357 LOG_ERROR("Unknown parameter: %s - should be off or on", CMD_ARGV
[0]);
3358 return ERROR_COMMAND_SYNTAX_ERROR
;
3361 cortex_a
->isrmasking_mode
= n
->value
;
3364 n
= Jim_Nvp_value2name_simple(nvp_maskisr_modes
, cortex_a
->isrmasking_mode
);
3365 command_print(CMD_CTX
, "cortex_a interrupt mask %s", n
->name
);
3370 COMMAND_HANDLER(handle_cortex_a_dacrfixup_command
)
3372 struct target
*target
= get_current_target(CMD_CTX
);
3373 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3375 static const Jim_Nvp nvp_dacrfixup_modes
[] = {
3376 { .name
= "off", .value
= CORTEX_A_DACRFIXUP_OFF
},
3377 { .name
= "on", .value
= CORTEX_A_DACRFIXUP_ON
},
3378 { .name
= NULL
, .value
= -1 },
3383 n
= Jim_Nvp_name2value_simple(nvp_dacrfixup_modes
, CMD_ARGV
[0]);
3384 if (n
->name
== NULL
)
3385 return ERROR_COMMAND_SYNTAX_ERROR
;
3386 cortex_a
->dacrfixup_mode
= n
->value
;
3390 n
= Jim_Nvp_value2name_simple(nvp_dacrfixup_modes
, cortex_a
->dacrfixup_mode
);
3391 command_print(CMD_CTX
, "cortex_a domain access control fixup %s", n
->name
);
3396 static const struct command_registration cortex_a_exec_command_handlers
[] = {
3398 .name
= "cache_info",
3399 .handler
= cortex_a_handle_cache_info_command
,
3400 .mode
= COMMAND_EXEC
,
3401 .help
= "display information about target caches",
3406 .handler
= cortex_a_handle_dbginit_command
,
3407 .mode
= COMMAND_EXEC
,
3408 .help
= "Initialize core debug",
3411 { .name
= "smp_off",
3412 .handler
= cortex_a_handle_smp_off_command
,
3413 .mode
= COMMAND_EXEC
,
3414 .help
= "Stop smp handling",
3418 .handler
= cortex_a_handle_smp_on_command
,
3419 .mode
= COMMAND_EXEC
,
3420 .help
= "Restart smp handling",
3425 .handler
= cortex_a_handle_smp_gdb_command
,
3426 .mode
= COMMAND_EXEC
,
3427 .help
= "display/fix current core played to gdb",
3432 .handler
= handle_cortex_a_mask_interrupts_command
,
3433 .mode
= COMMAND_ANY
,
3434 .help
= "mask cortex_a interrupts",
3435 .usage
= "['on'|'off']",
3438 .name
= "dacrfixup",
3439 .handler
= handle_cortex_a_dacrfixup_command
,
3440 .mode
= COMMAND_EXEC
,
3441 .help
= "set domain access control (DACR) to all-manager "
3443 .usage
= "['on'|'off']",
3446 COMMAND_REGISTRATION_DONE
3448 static const struct command_registration cortex_a_command_handlers
[] = {
3450 .chain
= arm_command_handlers
,
3453 .chain
= armv7a_command_handlers
,
3457 .mode
= COMMAND_ANY
,
3458 .help
= "Cortex-A command group",
3460 .chain
= cortex_a_exec_command_handlers
,
3462 COMMAND_REGISTRATION_DONE
3465 struct target_type cortexa_target
= {
3467 .deprecated_name
= "cortex_a8",
3469 .poll
= cortex_a_poll
,
3470 .arch_state
= armv7a_arch_state
,
3472 .halt
= cortex_a_halt
,
3473 .resume
= cortex_a_resume
,
3474 .step
= cortex_a_step
,
3476 .assert_reset
= cortex_a_assert_reset
,
3477 .deassert_reset
= cortex_a_deassert_reset
,
3479 /* REVISIT allow exporting VFP3 registers ... */
3480 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
3482 .read_memory
= cortex_a_read_memory
,
3483 .write_memory
= cortex_a_write_memory
,
3485 .read_buffer
= cortex_a_read_buffer
,
3486 .write_buffer
= cortex_a_write_buffer
,
3488 .checksum_memory
= arm_checksum_memory
,
3489 .blank_check_memory
= arm_blank_check_memory
,
3491 .run_algorithm
= armv4_5_run_algorithm
,
3493 .add_breakpoint
= cortex_a_add_breakpoint
,
3494 .add_context_breakpoint
= cortex_a_add_context_breakpoint
,
3495 .add_hybrid_breakpoint
= cortex_a_add_hybrid_breakpoint
,
3496 .remove_breakpoint
= cortex_a_remove_breakpoint
,
3497 .add_watchpoint
= NULL
,
3498 .remove_watchpoint
= NULL
,
3500 .commands
= cortex_a_command_handlers
,
3501 .target_create
= cortex_a_target_create
,
3502 .init_target
= cortex_a_init_target
,
3503 .examine
= cortex_a_examine
,
3504 .deinit_target
= cortex_a_deinit_target
,
3506 .read_phys_memory
= cortex_a_read_phys_memory
,
3507 .write_phys_memory
= cortex_a_write_phys_memory
,
3508 .mmu
= cortex_a_mmu
,
3509 .virt2phys
= cortex_a_virt2phys
,
3512 static const struct command_registration cortex_r4_exec_command_handlers
[] = {
3514 .name
= "cache_info",
3515 .handler
= cortex_a_handle_cache_info_command
,
3516 .mode
= COMMAND_EXEC
,
3517 .help
= "display information about target caches",
3522 .handler
= cortex_a_handle_dbginit_command
,
3523 .mode
= COMMAND_EXEC
,
3524 .help
= "Initialize core debug",
3529 .handler
= handle_cortex_a_mask_interrupts_command
,
3530 .mode
= COMMAND_EXEC
,
3531 .help
= "mask cortex_r4 interrupts",
3532 .usage
= "['on'|'off']",
3535 COMMAND_REGISTRATION_DONE
3537 static const struct command_registration cortex_r4_command_handlers
[] = {
3539 .chain
= arm_command_handlers
,
3542 .chain
= armv7a_command_handlers
,
3545 .name
= "cortex_r4",
3546 .mode
= COMMAND_ANY
,
3547 .help
= "Cortex-R4 command group",
3549 .chain
= cortex_r4_exec_command_handlers
,
3551 COMMAND_REGISTRATION_DONE
3554 struct target_type cortexr4_target
= {
3555 .name
= "cortex_r4",
3557 .poll
= cortex_a_poll
,
3558 .arch_state
= armv7a_arch_state
,
3560 .halt
= cortex_a_halt
,
3561 .resume
= cortex_a_resume
,
3562 .step
= cortex_a_step
,
3564 .assert_reset
= cortex_a_assert_reset
,
3565 .deassert_reset
= cortex_a_deassert_reset
,
3567 /* REVISIT allow exporting VFP3 registers ... */
3568 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
3570 .read_memory
= cortex_a_read_memory
,
3571 .write_memory
= cortex_a_write_memory
,
3573 .checksum_memory
= arm_checksum_memory
,
3574 .blank_check_memory
= arm_blank_check_memory
,
3576 .run_algorithm
= armv4_5_run_algorithm
,
3578 .add_breakpoint
= cortex_a_add_breakpoint
,
3579 .add_context_breakpoint
= cortex_a_add_context_breakpoint
,
3580 .add_hybrid_breakpoint
= cortex_a_add_hybrid_breakpoint
,
3581 .remove_breakpoint
= cortex_a_remove_breakpoint
,
3582 .add_watchpoint
= NULL
,
3583 .remove_watchpoint
= NULL
,
3585 .commands
= cortex_r4_command_handlers
,
3586 .target_create
= cortex_r4_target_create
,
3587 .init_target
= cortex_a_init_target
,
3588 .examine
= cortex_a_examine
,
3589 .deinit_target
= cortex_a_deinit_target
,
