1 // SPDX-License-Identifier: GPL-2.0-or-later
3 /***************************************************************************
4 * Copyright (C) 2005 by Dominic Rath *
5 * Dominic.Rath@gmx.de *
7 * Copyright (C) 2006 by Magnus Lundin *
10 * Copyright (C) 2008 by Spencer Oliver *
11 * spen@spen-soft.co.uk *
13 * Copyright (C) 2009 by Dirk Behme *
14 * dirk.behme@gmail.com - copy from cortex_m3 *
16 * Copyright (C) 2010 Øyvind Harboe *
17 * oyvind.harboe@zylin.com *
19 * Copyright (C) ST-Ericsson SA 2011 *
20 * michel.jaouen@stericsson.com : smp minimum support *
22 * Copyright (C) Broadcom 2012 *
23 * ehunter@broadcom.com : Cortex-R4 support *
25 * Copyright (C) 2013 Kamal Dasu *
26 * kdasu.kdev@gmail.com *
28 * Copyright (C) 2016 Chengyu Zheng *
29 * chengyu.zheng@polimi.it : watchpoint support *
31 * Cortex-A8(tm) TRM, ARM DDI 0344H *
32 * Cortex-A9(tm) TRM, ARM DDI 0407F *
33 * Cortex-A4(tm) TRM, ARM DDI 0363E *
34 * Cortex-A15(tm)TRM, ARM DDI 0438C *
36 ***************************************************************************/
42 #include "breakpoints.h"
45 #include "armv7a_mmu.h"
46 #include "target_request.h"
47 #include "target_type.h"
48 #include "arm_coresight.h"
49 #include "arm_opcodes.h"
50 #include "arm_semihosting.h"
51 #include "jtag/interface.h"
52 #include "transport/transport.h"
54 #include <helper/bits.h>
55 #include <helper/nvp.h>
56 #include <helper/time_support.h>
58 static int cortex_a_poll(struct target
*target
);
59 static int cortex_a_debug_entry(struct target
*target
);
60 static int cortex_a_restore_context(struct target
*target
, bool bpwp
);
61 static int cortex_a_set_breakpoint(struct target
*target
,
62 struct breakpoint
*breakpoint
, uint8_t matchmode
);
63 static int cortex_a_set_context_breakpoint(struct target
*target
,
64 struct breakpoint
*breakpoint
, uint8_t matchmode
);
65 static int cortex_a_set_hybrid_breakpoint(struct target
*target
,
66 struct breakpoint
*breakpoint
);
67 static int cortex_a_unset_breakpoint(struct target
*target
,
68 struct breakpoint
*breakpoint
);
69 static int cortex_a_wait_dscr_bits(struct target
*target
, uint32_t mask
,
70 uint32_t value
, uint32_t *dscr
);
71 static int cortex_a_mmu(struct target
*target
, int *enabled
);
72 static int cortex_a_mmu_modify(struct target
*target
, int enable
);
73 static int cortex_a_virt2phys(struct target
*target
,
74 target_addr_t virt
, target_addr_t
*phys
);
75 static int cortex_a_read_cpu_memory(struct target
*target
,
76 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
);
78 static unsigned int ilog2(unsigned int x
)
89 /* restore cp15_control_reg at resume */
90 static int cortex_a_restore_cp15_control_reg(struct target
*target
)
92 int retval
= ERROR_OK
;
93 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
94 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
96 if (cortex_a
->cp15_control_reg
!= cortex_a
->cp15_control_reg_curr
) {
97 cortex_a
->cp15_control_reg_curr
= cortex_a
->cp15_control_reg
;
98 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_a->cp15_control_reg); */
99 retval
= armv7a
->arm
.mcr(target
, 15,
102 cortex_a
->cp15_control_reg
);
108 * Set up ARM core for memory access.
109 * If !phys_access, switch to SVC mode and make sure MMU is on
110 * If phys_access, switch off mmu
112 static int cortex_a_prep_memaccess(struct target
*target
, int phys_access
)
114 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
115 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
118 if (phys_access
== 0) {
119 arm_dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_SVC
);
120 cortex_a_mmu(target
, &mmu_enabled
);
122 cortex_a_mmu_modify(target
, 1);
123 if (cortex_a
->dacrfixup_mode
== CORTEX_A_DACRFIXUP_ON
) {
124 /* overwrite DACR to all-manager */
125 armv7a
->arm
.mcr(target
, 15,
130 cortex_a_mmu(target
, &mmu_enabled
);
132 cortex_a_mmu_modify(target
, 0);
138 * Restore ARM core after memory access.
139 * If !phys_access, switch to previous mode
140 * If phys_access, restore MMU setting
142 static int cortex_a_post_memaccess(struct target
*target
, int phys_access
)
144 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
145 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
147 if (phys_access
== 0) {
148 if (cortex_a
->dacrfixup_mode
== CORTEX_A_DACRFIXUP_ON
) {
150 armv7a
->arm
.mcr(target
, 15,
152 cortex_a
->cp15_dacr_reg
);
154 arm_dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
157 cortex_a_mmu(target
, &mmu_enabled
);
159 cortex_a_mmu_modify(target
, 1);
165 /* modify cp15_control_reg in order to enable or disable mmu for :
166 * - virt2phys address conversion
167 * - read or write memory in phys or virt address */
168 static int cortex_a_mmu_modify(struct target
*target
, int enable
)
170 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
171 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
172 int retval
= ERROR_OK
;
176 /* if mmu enabled at target stop and mmu not enable */
177 if (!(cortex_a
->cp15_control_reg
& 0x1U
)) {
178 LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
181 if ((cortex_a
->cp15_control_reg_curr
& 0x1U
) == 0) {
182 cortex_a
->cp15_control_reg_curr
|= 0x1U
;
186 if ((cortex_a
->cp15_control_reg_curr
& 0x1U
) == 0x1U
) {
187 cortex_a
->cp15_control_reg_curr
&= ~0x1U
;
193 LOG_DEBUG("%s, writing cp15 ctrl: %" PRIx32
,
194 enable
? "enable mmu" : "disable mmu",
195 cortex_a
->cp15_control_reg_curr
);
197 retval
= armv7a
->arm
.mcr(target
, 15,
200 cortex_a
->cp15_control_reg_curr
);
206 * Cortex-A Basic debug access, very low level assumes state is saved
208 static int cortex_a_init_debug_access(struct target
*target
)
210 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
214 /* lock memory-mapped access to debug registers to prevent
215 * software interference */
216 retval
= mem_ap_write_u32(armv7a
->debug_ap
,
217 armv7a
->debug_base
+ CPUDBG_LOCKACCESS
, 0);
218 if (retval
!= ERROR_OK
)
221 /* Disable cacheline fills and force cache write-through in debug state */
222 retval
= mem_ap_write_u32(armv7a
->debug_ap
,
223 armv7a
->debug_base
+ CPUDBG_DSCCR
, 0);
224 if (retval
!= ERROR_OK
)
227 /* Disable TLB lookup and refill/eviction in debug state */
228 retval
= mem_ap_write_u32(armv7a
->debug_ap
,
229 armv7a
->debug_base
+ CPUDBG_DSMCR
, 0);
230 if (retval
!= ERROR_OK
)
233 retval
= dap_run(armv7a
->debug_ap
->dap
);
234 if (retval
!= ERROR_OK
)
237 /* Enabling of instruction execution in debug mode is done in debug_entry code */
239 /* Resync breakpoint registers */
241 /* Enable halt for breakpoint, watchpoint and vector catch */
242 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
243 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
244 if (retval
!= ERROR_OK
)
246 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
247 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
| DSCR_HALT_DBG_MODE
);
248 if (retval
!= ERROR_OK
)
251 /* Since this is likely called from init or reset, update target state information*/
252 return cortex_a_poll(target
);
255 static int cortex_a_wait_instrcmpl(struct target
*target
, uint32_t *dscr
, bool force
)
257 /* Waits until InstrCmpl_l becomes 1, indicating instruction is done.
258 * Writes final value of DSCR into *dscr. Pass force to force always
259 * reading DSCR at least once. */
260 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
264 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
265 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
266 if (retval
!= ERROR_OK
) {
267 LOG_ERROR("Could not read DSCR register");
272 retval
= cortex_a_wait_dscr_bits(target
, DSCR_INSTR_COMP
, DSCR_INSTR_COMP
, dscr
);
273 if (retval
!= ERROR_OK
)
274 LOG_ERROR("Error waiting for InstrCompl=1");
278 /* To reduce needless round-trips, pass in a pointer to the current
279 * DSCR value. Initialize it to zero if you just need to know the
280 * value on return from this function; or DSCR_INSTR_COMP if you
281 * happen to know that no instruction is pending.
283 static int cortex_a_exec_opcode(struct target
*target
,
284 uint32_t opcode
, uint32_t *dscr_p
)
288 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
290 dscr
= dscr_p
? *dscr_p
: 0;
292 LOG_DEBUG("exec opcode 0x%08" PRIx32
, opcode
);
294 /* Wait for InstrCompl bit to be set */
295 retval
= cortex_a_wait_instrcmpl(target
, dscr_p
, false);
296 if (retval
!= ERROR_OK
)
299 retval
= mem_ap_write_u32(armv7a
->debug_ap
,
300 armv7a
->debug_base
+ CPUDBG_ITR
, opcode
);
301 if (retval
!= ERROR_OK
)
304 /* Wait for InstrCompl bit to be set */
305 retval
= cortex_a_wait_instrcmpl(target
, &dscr
, true);
306 if (retval
!= ERROR_OK
) {
307 LOG_ERROR("Error waiting for cortex_a_exec_opcode");
318 * Cortex-A implementation of Debug Programmer's Model
320 * NOTE the invariant: these routines return with DSCR_INSTR_COMP set,
321 * so there's no need to poll for it before executing an instruction.
323 * NOTE that in several of these cases the "stall" mode might be useful.
324 * It'd let us queue a few operations together... prepare/finish might
325 * be the places to enable/disable that mode.
328 static inline struct cortex_a_common
*dpm_to_a(struct arm_dpm
*dpm
)
330 return container_of(dpm
, struct cortex_a_common
, armv7a_common
.dpm
);
333 static int cortex_a_write_dcc(struct cortex_a_common
*a
, uint32_t data
)
335 LOG_DEBUG("write DCC 0x%08" PRIx32
, data
);
336 return mem_ap_write_u32(a
->armv7a_common
.debug_ap
,
337 a
->armv7a_common
.debug_base
+ CPUDBG_DTRRX
, data
);
340 static int cortex_a_read_dcc(struct cortex_a_common
*a
, uint32_t *data
,
343 uint32_t dscr
= DSCR_INSTR_COMP
;
349 /* Wait for DTRRXfull */
350 retval
= cortex_a_wait_dscr_bits(a
->armv7a_common
.arm
.target
,
351 DSCR_DTR_TX_FULL
, DSCR_DTR_TX_FULL
, &dscr
);
352 if (retval
!= ERROR_OK
) {
353 LOG_ERROR("Error waiting for read dcc");
357 retval
= mem_ap_read_atomic_u32(a
->armv7a_common
.debug_ap
,
358 a
->armv7a_common
.debug_base
+ CPUDBG_DTRTX
, data
);
359 if (retval
!= ERROR_OK
)
361 /* LOG_DEBUG("read DCC 0x%08" PRIx32, *data); */
369 static int cortex_a_dpm_prepare(struct arm_dpm
*dpm
)
371 struct cortex_a_common
*a
= dpm_to_a(dpm
);
375 /* set up invariant: INSTR_COMP is set after ever DPM operation */
376 retval
= cortex_a_wait_instrcmpl(dpm
->arm
->target
, &dscr
, true);
377 if (retval
!= ERROR_OK
) {
378 LOG_ERROR("Error waiting for dpm prepare");
382 /* this "should never happen" ... */
383 if (dscr
& DSCR_DTR_RX_FULL
) {
384 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32
, dscr
);
386 retval
= cortex_a_exec_opcode(
387 a
->armv7a_common
.arm
.target
,
388 ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
390 if (retval
!= ERROR_OK
)
397 static int cortex_a_dpm_finish(struct arm_dpm
*dpm
)
399 /* REVISIT what could be done here? */
403 static int cortex_a_instr_write_data_dcc(struct arm_dpm
*dpm
,
404 uint32_t opcode
, uint32_t data
)
406 struct cortex_a_common
*a
= dpm_to_a(dpm
);
408 uint32_t dscr
= DSCR_INSTR_COMP
;
410 retval
= cortex_a_write_dcc(a
, data
);
411 if (retval
!= ERROR_OK
)
414 return cortex_a_exec_opcode(
415 a
->armv7a_common
.arm
.target
,
420 static int cortex_a_instr_write_data_rt_dcc(struct arm_dpm
*dpm
,
421 uint8_t rt
, uint32_t data
)
423 struct cortex_a_common
*a
= dpm_to_a(dpm
);
424 uint32_t dscr
= DSCR_INSTR_COMP
;
428 return ERROR_TARGET_INVALID
;
430 retval
= cortex_a_write_dcc(a
, data
);
431 if (retval
!= ERROR_OK
)
434 /* DCCRX to Rt, "MCR p14, 0, R0, c0, c5, 0", 0xEE000E15 */
435 return cortex_a_exec_opcode(
436 a
->armv7a_common
.arm
.target
,
437 ARMV4_5_MRC(14, 0, rt
, 0, 5, 0),
441 static int cortex_a_instr_write_data_r0(struct arm_dpm
*dpm
,
442 uint32_t opcode
, uint32_t data
)
444 struct cortex_a_common
*a
= dpm_to_a(dpm
);
445 uint32_t dscr
= DSCR_INSTR_COMP
;
448 retval
= cortex_a_instr_write_data_rt_dcc(dpm
, 0, data
);
449 if (retval
!= ERROR_OK
)
452 /* then the opcode, taking data from R0 */
453 retval
= cortex_a_exec_opcode(
454 a
->armv7a_common
.arm
.target
,
461 static int cortex_a_instr_write_data_r0_r1(struct arm_dpm
*dpm
,
462 uint32_t opcode
, uint64_t data
)
464 struct cortex_a_common
*a
= dpm_to_a(dpm
);
465 uint32_t dscr
= DSCR_INSTR_COMP
;
468 retval
= cortex_a_instr_write_data_rt_dcc(dpm
, 0, data
& 0xffffffffULL
);
469 if (retval
!= ERROR_OK
)
472 retval
= cortex_a_instr_write_data_rt_dcc(dpm
, 1, data
>> 32);
473 if (retval
!= ERROR_OK
)
476 /* then the opcode, taking data from R0, R1 */
477 retval
= cortex_a_exec_opcode(a
->armv7a_common
.arm
.target
,
483 static int cortex_a_instr_cpsr_sync(struct arm_dpm
*dpm
)
485 struct target
*target
= dpm
->arm
->target
;
486 uint32_t dscr
= DSCR_INSTR_COMP
;
488 /* "Prefetch flush" after modifying execution status in CPSR */
489 return cortex_a_exec_opcode(target
,
490 ARMV4_5_MCR(15, 0, 0, 7, 5, 4),
494 static int cortex_a_instr_read_data_dcc(struct arm_dpm
*dpm
,
495 uint32_t opcode
, uint32_t *data
)
497 struct cortex_a_common
*a
= dpm_to_a(dpm
);
499 uint32_t dscr
= DSCR_INSTR_COMP
;
501 /* the opcode, writing data to DCC */
502 retval
= cortex_a_exec_opcode(
503 a
->armv7a_common
.arm
.target
,
506 if (retval
!= ERROR_OK
)
509 return cortex_a_read_dcc(a
, data
, &dscr
);
512 static int cortex_a_instr_read_data_rt_dcc(struct arm_dpm
*dpm
,
513 uint8_t rt
, uint32_t *data
)
515 struct cortex_a_common
*a
= dpm_to_a(dpm
);
516 uint32_t dscr
= DSCR_INSTR_COMP
;
520 return ERROR_TARGET_INVALID
;
522 retval
= cortex_a_exec_opcode(
523 a
->armv7a_common
.arm
.target
,
524 ARMV4_5_MCR(14, 0, rt
, 0, 5, 0),
526 if (retval
!= ERROR_OK
)
529 return cortex_a_read_dcc(a
, data
, &dscr
);
532 static int cortex_a_instr_read_data_r0(struct arm_dpm
*dpm
,
533 uint32_t opcode
, uint32_t *data
)
535 struct cortex_a_common
*a
= dpm_to_a(dpm
);
536 uint32_t dscr
= DSCR_INSTR_COMP
;
539 /* the opcode, writing data to R0 */
540 retval
= cortex_a_exec_opcode(
541 a
->armv7a_common
.arm
.target
,
544 if (retval
!= ERROR_OK
)
547 /* write R0 to DCC */
548 return cortex_a_instr_read_data_rt_dcc(dpm
, 0, data
);
551 static int cortex_a_instr_read_data_r0_r1(struct arm_dpm
*dpm
,
552 uint32_t opcode
, uint64_t *data
)
557 /* the opcode, writing data to RO, R1 */
558 retval
= cortex_a_instr_read_data_r0(dpm
, opcode
, &lo
);
559 if (retval
!= ERROR_OK
)
564 /* write R1 to DCC */
565 retval
= cortex_a_instr_read_data_rt_dcc(dpm
, 1, &hi
);
566 if (retval
!= ERROR_OK
)
569 *data
|= (uint64_t)hi
<< 32;
574 static int cortex_a_bpwp_enable(struct arm_dpm
*dpm
, unsigned index_t
,
575 uint32_t addr
, uint32_t control
)
577 struct cortex_a_common
*a
= dpm_to_a(dpm
);
578 uint32_t vr
= a
->armv7a_common
.debug_base
;
579 uint32_t cr
= a
->armv7a_common
.debug_base
;
583 case 0 ... 15: /* breakpoints */
584 vr
+= CPUDBG_BVR_BASE
;
585 cr
+= CPUDBG_BCR_BASE
;
587 case 16 ... 31: /* watchpoints */
588 vr
+= CPUDBG_WVR_BASE
;
589 cr
+= CPUDBG_WCR_BASE
;
598 LOG_DEBUG("A: bpwp enable, vr %08x cr %08x",
599 (unsigned) vr
, (unsigned) cr
);
601 retval
= mem_ap_write_atomic_u32(a
->armv7a_common
.debug_ap
,
603 if (retval
!= ERROR_OK
)
605 retval
= mem_ap_write_atomic_u32(a
->armv7a_common
.debug_ap
,
610 static int cortex_a_bpwp_disable(struct arm_dpm
*dpm
, unsigned index_t
)
612 struct cortex_a_common
*a
= dpm_to_a(dpm
);
617 cr
= a
->armv7a_common
.debug_base
+ CPUDBG_BCR_BASE
;
620 cr
= a
->armv7a_common
.debug_base
+ CPUDBG_WCR_BASE
;
628 LOG_DEBUG("A: bpwp disable, cr %08x", (unsigned) cr
);
630 /* clear control register */
631 return mem_ap_write_atomic_u32(a
->armv7a_common
.debug_ap
, cr
, 0);
634 static int cortex_a_dpm_setup(struct cortex_a_common
*a
, uint32_t didr
)
636 struct arm_dpm
*dpm
= &a
->armv7a_common
.dpm
;
639 dpm
->arm
= &a
->armv7a_common
.arm
;
642 dpm
->prepare
= cortex_a_dpm_prepare
;
643 dpm
->finish
= cortex_a_dpm_finish
;
645 dpm
->instr_write_data_dcc
= cortex_a_instr_write_data_dcc
;
646 dpm
->instr_write_data_r0
= cortex_a_instr_write_data_r0
;
647 dpm
->instr_write_data_r0_r1
= cortex_a_instr_write_data_r0_r1
;
648 dpm
->instr_cpsr_sync
= cortex_a_instr_cpsr_sync
;
650 dpm
->instr_read_data_dcc
= cortex_a_instr_read_data_dcc
;
651 dpm
->instr_read_data_r0
= cortex_a_instr_read_data_r0
;
652 dpm
->instr_read_data_r0_r1
= cortex_a_instr_read_data_r0_r1
;
654 dpm
->bpwp_enable
= cortex_a_bpwp_enable
;
655 dpm
->bpwp_disable
= cortex_a_bpwp_disable
;
657 retval
= arm_dpm_setup(dpm
);
658 if (retval
== ERROR_OK
)
659 retval
= arm_dpm_initialize(dpm
);
663 static struct target
*get_cortex_a(struct target
*target
, int32_t coreid
)
665 struct target_list
*head
;
667 foreach_smp_target(head
, target
->smp_targets
) {
668 struct target
*curr
= head
->target
;
669 if ((curr
->coreid
== coreid
) && (curr
->state
== TARGET_HALTED
))
674 static int cortex_a_halt(struct target
*target
);
676 static int cortex_a_halt_smp(struct target
*target
)
679 struct target_list
*head
;
681 foreach_smp_target(head
, target
->smp_targets
) {
682 struct target
*curr
= head
->target
;
683 if ((curr
!= target
) && (curr
->state
!= TARGET_HALTED
)
684 && target_was_examined(curr
))
685 retval
+= cortex_a_halt(curr
);
690 static int update_halt_gdb(struct target
*target
)
692 struct target
*gdb_target
= NULL
;
693 struct target_list
*head
;
697 if (target
->gdb_service
&& target
->gdb_service
->core
[0] == -1) {
698 target
->gdb_service
->target
= target
;
699 target
->gdb_service
->core
[0] = target
->coreid
;
700 retval
+= cortex_a_halt_smp(target
);
703 if (target
->gdb_service
)
704 gdb_target
= target
->gdb_service
->target
;
706 foreach_smp_target(head
, target
->smp_targets
) {
708 /* skip calling context */
711 if (!target_was_examined(curr
))
713 /* skip targets that were already halted */
714 if (curr
->state
== TARGET_HALTED
)
716 /* Skip gdb_target; it alerts GDB so has to be polled as last one */
717 if (curr
== gdb_target
)
720 /* avoid recursion in cortex_a_poll() */
726 /* after all targets were updated, poll the gdb serving target */
727 if (gdb_target
&& gdb_target
!= target
)
728 cortex_a_poll(gdb_target
);
733 * Cortex-A Run control
736 static int cortex_a_poll(struct target
*target
)
738 int retval
= ERROR_OK
;
740 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
741 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
742 enum target_state prev_target_state
= target
->state
;
743 /* toggle to another core is done by gdb as follow */
744 /* maint packet J core_id */
746 /* the next polling trigger an halt event sent to gdb */
747 if ((target
->state
== TARGET_HALTED
) && (target
->smp
) &&
748 (target
->gdb_service
) &&
749 (!target
->gdb_service
->target
)) {
750 target
->gdb_service
->target
=
751 get_cortex_a(target
, target
->gdb_service
->core
[1]);
752 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
755 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
756 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
757 if (retval
!= ERROR_OK
)
759 cortex_a
->cpudbg_dscr
= dscr
;
761 if (DSCR_RUN_MODE(dscr
) == (DSCR_CORE_HALTED
| DSCR_CORE_RESTARTED
)) {
762 if (prev_target_state
!= TARGET_HALTED
) {
763 /* We have a halting debug event */
764 LOG_DEBUG("Target halted");
765 target
->state
= TARGET_HALTED
;
767 retval
= cortex_a_debug_entry(target
);
768 if (retval
!= ERROR_OK
)
772 retval
= update_halt_gdb(target
);
773 if (retval
!= ERROR_OK
)
777 if (prev_target_state
== TARGET_DEBUG_RUNNING
) {
778 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_HALTED
);
779 } else { /* prev_target_state is RUNNING, UNKNOWN or RESET */
780 if (arm_semihosting(target
, &retval
) != 0)
783 target_call_event_callbacks(target
,
784 TARGET_EVENT_HALTED
);
788 target
->state
= TARGET_RUNNING
;
793 static int cortex_a_halt(struct target
*target
)
797 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
800 * Tell the core to be halted by writing DRCR with 0x1
801 * and then wait for the core to be halted.
803 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
804 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_HALT
);
805 if (retval
!= ERROR_OK
)
808 dscr
= 0; /* force read of dscr */
809 retval
= cortex_a_wait_dscr_bits(target
, DSCR_CORE_HALTED
,
810 DSCR_CORE_HALTED
, &dscr
);
811 if (retval
!= ERROR_OK
) {
812 LOG_ERROR("Error waiting for halt");
816 target
->debug_reason
= DBG_REASON_DBGRQ
;
821 static int cortex_a_internal_restore(struct target
*target
, int current
,
822 target_addr_t
*address
, int handle_breakpoints
, int debug_execution
)
824 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
825 struct arm
*arm
= &armv7a
->arm
;
829 if (!debug_execution
)
830 target_free_all_working_areas(target
);
833 if (debug_execution
) {
834 /* Disable interrupts */
835 /* We disable interrupts in the PRIMASK register instead of
836 * masking with C_MASKINTS,
837 * This is probably the same issue as Cortex-M3 Errata 377493:
838 * C_MASKINTS in parallel with disabled interrupts can cause
839 * local faults to not be taken. */
840 buf_set_u32(armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].value
, 0, 32, 1);
841 armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].dirty
= true;
842 armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].valid
= true;
844 /* Make sure we are in Thumb mode */
845 buf_set_u32(armv7m
->core_cache
->reg_list
[ARMV7M_XPSR
].value
, 0, 32,
846 buf_get_u32(armv7m
->core_cache
->reg_list
[ARMV7M_XPSR
].value
, 0,
848 armv7m
->core_cache
->reg_list
[ARMV7M_XPSR
].dirty
= true;
849 armv7m
->core_cache
->reg_list
[ARMV7M_XPSR
].valid
= true;
853 /* current = 1: continue on current pc, otherwise continue at <address> */
854 resume_pc
= buf_get_u32(arm
->pc
->value
, 0, 32);
856 resume_pc
= *address
;
858 *address
= resume_pc
;
860 /* Make sure that the Armv7 gdb thumb fixups does not
861 * kill the return address
863 switch (arm
->core_state
) {
865 resume_pc
&= 0xFFFFFFFC;
867 case ARM_STATE_THUMB
:
868 case ARM_STATE_THUMB_EE
:
869 /* When the return address is loaded into PC
870 * bit 0 must be 1 to stay in Thumb state
874 case ARM_STATE_JAZELLE
:
875 LOG_ERROR("How do I resume into Jazelle state??");
877 case ARM_STATE_AARCH64
:
878 LOG_ERROR("Shouldn't be in AARCH64 state");
881 LOG_DEBUG("resume pc = 0x%08" PRIx32
, resume_pc
);
882 buf_set_u32(arm
->pc
->value
, 0, 32, resume_pc
);
883 arm
->pc
->dirty
= true;
884 arm
->pc
->valid
= true;
886 /* restore dpm_mode at system halt */
887 arm_dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
888 /* called it now before restoring context because it uses cpu
889 * register r0 for restoring cp15 control register */
890 retval
= cortex_a_restore_cp15_control_reg(target
);
891 if (retval
!= ERROR_OK
)
893 retval
= cortex_a_restore_context(target
, handle_breakpoints
);
894 if (retval
!= ERROR_OK
)
896 target
->debug_reason
= DBG_REASON_NOTHALTED
;
897 target
->state
= TARGET_RUNNING
;
899 /* registers are now invalid */
900 register_cache_invalidate(arm
->core_cache
);
903 /* the front-end may request us not to handle breakpoints */
904 if (handle_breakpoints
) {
905 /* Single step past breakpoint at current address */
906 breakpoint
= breakpoint_find(target
, resume_pc
);
908 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint
->address
);
909 cortex_m3_unset_breakpoint(target
, breakpoint
);
910 cortex_m3_single_step_core(target
);
911 cortex_m3_set_breakpoint(target
, breakpoint
);
919 static int cortex_a_internal_restart(struct target
*target
)
921 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
922 struct arm
*arm
= &armv7a
->arm
;
926 * * Restart core and wait for it to be started. Clear ITRen and sticky
927 * * exception flags: see ARMv7 ARM, C5.9.
929 * REVISIT: for single stepping, we probably want to
930 * disable IRQs by default, with optional override...
933 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
934 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
935 if (retval
!= ERROR_OK
)
938 if ((dscr
& DSCR_INSTR_COMP
) == 0)
939 LOG_ERROR("DSCR InstrCompl must be set before leaving debug!");
941 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
942 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
& ~DSCR_ITR_EN
);
943 if (retval
!= ERROR_OK
)
946 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
947 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_RESTART
|
948 DRCR_CLEAR_EXCEPTIONS
);
949 if (retval
!= ERROR_OK
)
952 dscr
= 0; /* force read of dscr */
953 retval
= cortex_a_wait_dscr_bits(target
, DSCR_CORE_RESTARTED
,
954 DSCR_CORE_RESTARTED
, &dscr
);
955 if (retval
!= ERROR_OK
) {
956 LOG_ERROR("Error waiting for resume");
960 target
->debug_reason
= DBG_REASON_NOTHALTED
;
961 target
->state
= TARGET_RUNNING
;
963 /* registers are now invalid */
964 register_cache_invalidate(arm
->core_cache
);
969 static int cortex_a_restore_smp(struct target
*target
, int handle_breakpoints
)
972 struct target_list
*head
;
973 target_addr_t address
;
975 foreach_smp_target(head
, target
->smp_targets
) {
976 struct target
*curr
= head
->target
;
977 if ((curr
!= target
) && (curr
->state
!= TARGET_RUNNING
)
978 && target_was_examined(curr
)) {
979 /* resume current address , not in step mode */
980 retval
+= cortex_a_internal_restore(curr
, 1, &address
,
981 handle_breakpoints
, 0);
982 retval
+= cortex_a_internal_restart(curr
);
988 static int cortex_a_resume(struct target
*target
, int current
,
989 target_addr_t address
, int handle_breakpoints
, int debug_execution
)
992 /* dummy resume for smp toggle in order to reduce gdb impact */
993 if ((target
->smp
) && (target
->gdb_service
->core
[1] != -1)) {
994 /* simulate a start and halt of target */
995 target
->gdb_service
->target
= NULL
;
996 target
->gdb_service
->core
[0] = target
->gdb_service
->core
[1];
997 /* fake resume at next poll we play the target core[1], see poll*/
998 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1001 cortex_a_internal_restore(target
, current
, &address
, handle_breakpoints
, debug_execution
);
1003 target
->gdb_service
->core
[0] = -1;
1004 retval
= cortex_a_restore_smp(target
, handle_breakpoints
);
1005 if (retval
!= ERROR_OK
)
1008 cortex_a_internal_restart(target
);
1010 if (!debug_execution
) {
1011 target
->state
= TARGET_RUNNING
;
1012 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1013 LOG_DEBUG("target resumed at " TARGET_ADDR_FMT
, address
);
1015 target
->state
= TARGET_DEBUG_RUNNING
;
1016 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_RESUMED
);
1017 LOG_DEBUG("target debug resumed at " TARGET_ADDR_FMT
, address
);
1023 static int cortex_a_debug_entry(struct target
*target
)
1026 int retval
= ERROR_OK
;
1027 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1028 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1029 struct arm
*arm
= &armv7a
->arm
;
1031 LOG_DEBUG("dscr = 0x%08" PRIx32
, cortex_a
->cpudbg_dscr
);
1033 /* REVISIT surely we should not re-read DSCR !! */
1034 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1035 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1036 if (retval
!= ERROR_OK
)
1039 /* REVISIT see A TRM 12.11.4 steps 2..3 -- make sure that any
1040 * imprecise data aborts get discarded by issuing a Data
1041 * Synchronization Barrier: ARMV4_5_MCR(15, 0, 0, 7, 10, 4).
1044 /* Enable the ITR execution once we are in debug mode */
1045 dscr
|= DSCR_ITR_EN
;
1046 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1047 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1048 if (retval
!= ERROR_OK
)
1051 /* Examine debug reason */
1052 arm_dpm_report_dscr(&armv7a
->dpm
, cortex_a
->cpudbg_dscr
);
1054 /* save address of instruction that triggered the watchpoint? */
1055 if (target
->debug_reason
== DBG_REASON_WATCHPOINT
) {
1058 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1059 armv7a
->debug_base
+ CPUDBG_WFAR
,
1061 if (retval
!= ERROR_OK
)
1063 arm_dpm_report_wfar(&armv7a
->dpm
, wfar
);
1066 /* First load register accessible through core debug port */
1067 retval
= arm_dpm_read_current_registers(&armv7a
->dpm
);
1068 if (retval
!= ERROR_OK
)
1073 retval
= arm_dpm_read_reg(&armv7a
->dpm
, arm
->spsr
, 17);
1074 if (retval
!= ERROR_OK
)
1079 /* TODO, Move this */
1080 uint32_t cp15_control_register
, cp15_cacr
, cp15_nacr
;
1081 cortex_a_read_cp(target
, &cp15_control_register
, 15, 0, 1, 0, 0);
1082 LOG_DEBUG("cp15_control_register = 0x%08x", cp15_control_register
);
1084 cortex_a_read_cp(target
, &cp15_cacr
, 15, 0, 1, 0, 2);
1085 LOG_DEBUG("cp15 Coprocessor Access Control Register = 0x%08x", cp15_cacr
);
1087 cortex_a_read_cp(target
, &cp15_nacr
, 15, 0, 1, 1, 2);
1088 LOG_DEBUG("cp15 Nonsecure Access Control Register = 0x%08x", cp15_nacr
);
1091 /* Are we in an exception handler */
1092 /* armv4_5->exception_number = 0; */
1093 if (armv7a
->post_debug_entry
) {
1094 retval
= armv7a
->post_debug_entry(target
);
1095 if (retval
!= ERROR_OK
)
1102 static int cortex_a_post_debug_entry(struct target
*target
)
1104 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1105 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1108 /* MRC p15,0,<Rt>,c1,c0,0 ; Read CP15 System Control Register */
1109 retval
= armv7a
->arm
.mrc(target
, 15,
1110 0, 0, /* op1, op2 */
1111 1, 0, /* CRn, CRm */
1112 &cortex_a
->cp15_control_reg
);
1113 if (retval
!= ERROR_OK
)
1115 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, cortex_a
->cp15_control_reg
);
1116 cortex_a
->cp15_control_reg_curr
= cortex_a
->cp15_control_reg
;
1118 if (!armv7a
->is_armv7r
)
1119 armv7a_read_ttbcr(target
);
1121 if (armv7a
->armv7a_mmu
.armv7a_cache
.info
== -1)
1122 armv7a_identify_cache(target
);
1124 if (armv7a
->is_armv7r
) {
1125 armv7a
->armv7a_mmu
.mmu_enabled
= 0;
1127 armv7a
->armv7a_mmu
.mmu_enabled
=
1128 (cortex_a
->cp15_control_reg
& 0x1U
) ? 1 : 0;
1130 armv7a
->armv7a_mmu
.armv7a_cache
.d_u_cache_enabled
=
1131 (cortex_a
->cp15_control_reg
& 0x4U
) ? 1 : 0;
1132 armv7a
->armv7a_mmu
.armv7a_cache
.i_cache_enabled
=
1133 (cortex_a
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
1134 cortex_a
->curr_mode
= armv7a
->arm
.core_mode
;
1136 /* switch to SVC mode to read DACR */
1137 arm_dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_SVC
);
1138 armv7a
->arm
.mrc(target
, 15,
1140 &cortex_a
->cp15_dacr_reg
);
1142 LOG_DEBUG("cp15_dacr_reg: %8.8" PRIx32
,
1143 cortex_a
->cp15_dacr_reg
);
1145 arm_dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
1149 static int cortex_a_set_dscr_bits(struct target
*target
,
1150 unsigned long bit_mask
, unsigned long value
)
1152 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1156 int retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1157 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1158 if (retval
!= ERROR_OK
)
1161 /* clear bitfield */
1164 dscr
|= value
& bit_mask
;
1166 /* write new DSCR */
1167 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1168 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1172 static int cortex_a_step(struct target
*target
, int current
, target_addr_t address
,
1173 int handle_breakpoints
)
1175 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1176 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1177 struct arm
*arm
= &armv7a
->arm
;
1178 struct breakpoint
*breakpoint
= NULL
;
1179 struct breakpoint stepbreakpoint
;
1183 if (target
->state
!= TARGET_HALTED
) {
1184 LOG_TARGET_ERROR(target
, "not halted");
1185 return ERROR_TARGET_NOT_HALTED
;
1188 /* current = 1: continue on current pc, otherwise continue at <address> */
1191 buf_set_u32(r
->value
, 0, 32, address
);
1193 address
= buf_get_u32(r
->value
, 0, 32);
1195 /* The front-end may request us not to handle breakpoints.
1196 * But since Cortex-A uses breakpoint for single step,
1197 * we MUST handle breakpoints.
1199 handle_breakpoints
= 1;
1200 if (handle_breakpoints
) {
1201 breakpoint
= breakpoint_find(target
, address
);
1203 cortex_a_unset_breakpoint(target
, breakpoint
);
1206 /* Setup single step breakpoint */
1207 stepbreakpoint
.address
= address
;
1208 stepbreakpoint
.asid
= 0;
1209 stepbreakpoint
.length
= (arm
->core_state
== ARM_STATE_THUMB
)
1211 stepbreakpoint
.type
= BKPT_HARD
;
1212 stepbreakpoint
.is_set
= false;
1214 /* Disable interrupts during single step if requested */
1215 if (cortex_a
->isrmasking_mode
== CORTEX_A_ISRMASK_ON
) {
1216 retval
= cortex_a_set_dscr_bits(target
, DSCR_INT_DIS
, DSCR_INT_DIS
);
1217 if (retval
!= ERROR_OK
)
1221 /* Break on IVA mismatch */
1222 cortex_a_set_breakpoint(target
, &stepbreakpoint
, 0x04);
1224 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1226 retval
= cortex_a_resume(target
, 1, address
, 0, 0);
1227 if (retval
!= ERROR_OK
)
1230 int64_t then
= timeval_ms();
1231 while (target
->state
!= TARGET_HALTED
) {
1232 retval
= cortex_a_poll(target
);
1233 if (retval
!= ERROR_OK
)
1235 if (target
->state
== TARGET_HALTED
)
1237 if (timeval_ms() > then
+ 1000) {
1238 LOG_ERROR("timeout waiting for target halt");
1243 cortex_a_unset_breakpoint(target
, &stepbreakpoint
);
1245 /* Re-enable interrupts if they were disabled */
1246 if (cortex_a
->isrmasking_mode
== CORTEX_A_ISRMASK_ON
) {
1247 retval
= cortex_a_set_dscr_bits(target
, DSCR_INT_DIS
, 0);
1248 if (retval
!= ERROR_OK
)
1253 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1256 cortex_a_set_breakpoint(target
, breakpoint
, 0);
1258 if (target
->state
!= TARGET_HALTED
)
1259 LOG_DEBUG("target stepped");
1264 static int cortex_a_restore_context(struct target
*target
, bool bpwp
)
1266 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1270 if (armv7a
->pre_restore_context
)
1271 armv7a
->pre_restore_context(target
);
1273 return arm_dpm_write_dirty_registers(&armv7a
->dpm
, bpwp
);
1277 * Cortex-A Breakpoint and watchpoint functions
1280 /* Setup hardware Breakpoint Register Pair */
1281 static int cortex_a_set_breakpoint(struct target
*target
,
1282 struct breakpoint
*breakpoint
, uint8_t matchmode
)
1287 uint8_t byte_addr_select
= 0x0F;
1288 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1289 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1290 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1292 if (breakpoint
->is_set
) {
1293 LOG_WARNING("breakpoint already set");
1297 if (breakpoint
->type
== BKPT_HARD
) {
1298 while (brp_list
[brp_i
].used
&& (brp_i
< cortex_a
->brp_num
))
1300 if (brp_i
>= cortex_a
->brp_num
) {
1301 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1302 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1304 breakpoint_hw_set(breakpoint
, brp_i
);
1305 if (breakpoint
->length
== 2)
1306 byte_addr_select
= (3 << (breakpoint
->address
& 0x02));
1307 control
= ((matchmode
& 0x7) << 20)
1308 | (byte_addr_select
<< 5)
1310 brp_list
[brp_i
].used
= true;
1311 brp_list
[brp_i
].value
= (breakpoint
->address
& 0xFFFFFFFC);
1312 brp_list
[brp_i
].control
= control
;
1313 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1314 armv7a
->debug_base
+ CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].brpn
,
1315 brp_list
[brp_i
].value
);
1316 if (retval
!= ERROR_OK
)
1318 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1319 armv7a
->debug_base
+ CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].brpn
,
1320 brp_list
[brp_i
].control
);
1321 if (retval
!= ERROR_OK
)
1323 LOG_DEBUG("brp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1324 brp_list
[brp_i
].control
,
1325 brp_list
[brp_i
].value
);
1326 } else if (breakpoint
->type
== BKPT_SOFT
) {
1328 /* length == 2: Thumb breakpoint */
1329 if (breakpoint
->length
== 2)
1330 buf_set_u32(code
, 0, 32, ARMV5_T_BKPT(0x11));
1332 /* length == 3: Thumb-2 breakpoint, actual encoding is
1333 * a regular Thumb BKPT instruction but we replace a
1334 * 32bit Thumb-2 instruction, so fix-up the breakpoint
1337 if (breakpoint
->length
== 3) {
1338 buf_set_u32(code
, 0, 32, ARMV5_T_BKPT(0x11));
1339 breakpoint
->length
= 4;
1341 /* length == 4, normal ARM breakpoint */
1342 buf_set_u32(code
, 0, 32, ARMV5_BKPT(0x11));
1344 retval
= target_read_memory(target
,
1345 breakpoint
->address
& 0xFFFFFFFE,
1346 breakpoint
->length
, 1,
1347 breakpoint
->orig_instr
);
1348 if (retval
!= ERROR_OK
)
1351 /* make sure data cache is cleaned & invalidated down to PoC */
1352 armv7a_cache_flush_virt(target
, breakpoint
->address
,
1353 breakpoint
->length
);
1355 retval
= target_write_memory(target
,
1356 breakpoint
->address
& 0xFFFFFFFE,
1357 breakpoint
->length
, 1, code
);
1358 if (retval
!= ERROR_OK
)
1361 /* update i-cache at breakpoint location */
1362 armv7a_l1_d_cache_inval_virt(target
, breakpoint
->address
,
1363 breakpoint
->length
);
1364 armv7a_l1_i_cache_inval_virt(target
, breakpoint
->address
,
1365 breakpoint
->length
);
1367 breakpoint
->is_set
= true;
1373 static int cortex_a_set_context_breakpoint(struct target
*target
,
1374 struct breakpoint
*breakpoint
, uint8_t matchmode
)
1376 int retval
= ERROR_FAIL
;
1379 uint8_t byte_addr_select
= 0x0F;
1380 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1381 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1382 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1384 if (breakpoint
->is_set
) {
1385 LOG_WARNING("breakpoint already set");
1388 /*check available context BRPs*/
1389 while ((brp_list
[brp_i
].used
||
1390 (brp_list
[brp_i
].type
!= BRP_CONTEXT
)) && (brp_i
< cortex_a
->brp_num
))
1393 if (brp_i
>= cortex_a
->brp_num
) {
1394 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1398 breakpoint_hw_set(breakpoint
, brp_i
);
1399 control
= ((matchmode
& 0x7) << 20)
1400 | (byte_addr_select
<< 5)
1402 brp_list
[brp_i
].used
= true;
1403 brp_list
[brp_i
].value
= (breakpoint
->asid
);
1404 brp_list
[brp_i
].control
= control
;
1405 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1406 armv7a
->debug_base
+ CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].brpn
,
1407 brp_list
[brp_i
].value
);
1408 if (retval
!= ERROR_OK
)
1410 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1411 armv7a
->debug_base
+ CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].brpn
,
1412 brp_list
[brp_i
].control
);
1413 if (retval
!= ERROR_OK
)
1415 LOG_DEBUG("brp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1416 brp_list
[brp_i
].control
,
1417 brp_list
[brp_i
].value
);
1422 static int cortex_a_set_hybrid_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1424 int retval
= ERROR_FAIL
;
1425 int brp_1
= 0; /* holds the contextID pair */
1426 int brp_2
= 0; /* holds the IVA pair */
1427 uint32_t control_ctx
, control_iva
;
1428 uint8_t ctx_byte_addr_select
= 0x0F;
1429 uint8_t iva_byte_addr_select
= 0x0F;
1430 uint8_t ctx_machmode
= 0x03;
1431 uint8_t iva_machmode
= 0x01;
1432 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1433 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1434 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1436 if (breakpoint
->is_set
) {
1437 LOG_WARNING("breakpoint already set");
1440 /*check available context BRPs*/
1441 while ((brp_list
[brp_1
].used
||
1442 (brp_list
[brp_1
].type
!= BRP_CONTEXT
)) && (brp_1
< cortex_a
->brp_num
))
1445 LOG_DEBUG("brp(CTX) found num: %d", brp_1
);
1446 if (brp_1
>= cortex_a
->brp_num
) {
1447 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1451 while ((brp_list
[brp_2
].used
||
1452 (brp_list
[brp_2
].type
!= BRP_NORMAL
)) && (brp_2
< cortex_a
->brp_num
))
1455 LOG_DEBUG("brp(IVA) found num: %d", brp_2
);
1456 if (brp_2
>= cortex_a
->brp_num
) {
1457 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1461 breakpoint_hw_set(breakpoint
, brp_1
);
1462 breakpoint
->linked_brp
= brp_2
;
1463 control_ctx
= ((ctx_machmode
& 0x7) << 20)
1466 | (ctx_byte_addr_select
<< 5)
1468 brp_list
[brp_1
].used
= true;
1469 brp_list
[brp_1
].value
= (breakpoint
->asid
);
1470 brp_list
[brp_1
].control
= control_ctx
;
1471 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1472 armv7a
->debug_base
+ CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_1
].brpn
,
1473 brp_list
[brp_1
].value
);
1474 if (retval
!= ERROR_OK
)
1476 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1477 armv7a
->debug_base
+ CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_1
].brpn
,
1478 brp_list
[brp_1
].control
);
1479 if (retval
!= ERROR_OK
)
1482 control_iva
= ((iva_machmode
& 0x7) << 20)
1484 | (iva_byte_addr_select
<< 5)
1486 brp_list
[brp_2
].used
= true;
1487 brp_list
[brp_2
].value
= (breakpoint
->address
& 0xFFFFFFFC);
1488 brp_list
[brp_2
].control
= control_iva
;
1489 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1490 armv7a
->debug_base
+ CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_2
].brpn
,
1491 brp_list
[brp_2
].value
);
1492 if (retval
!= ERROR_OK
)
1494 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1495 armv7a
->debug_base
+ CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_2
].brpn
,
1496 brp_list
[brp_2
].control
);
1497 if (retval
!= ERROR_OK
)
1503 static int cortex_a_unset_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1506 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1507 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1508 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1510 if (!breakpoint
->is_set
) {
1511 LOG_WARNING("breakpoint not set");
1515 if (breakpoint
->type
== BKPT_HARD
) {
1516 if ((breakpoint
->address
!= 0) && (breakpoint
->asid
!= 0)) {
1517 int brp_i
= breakpoint
->number
;
1518 int brp_j
= breakpoint
->linked_brp
;
1519 if (brp_i
>= cortex_a
->brp_num
) {
1520 LOG_DEBUG("Invalid BRP number in breakpoint");
1523 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1524 brp_list
[brp_i
].control
, brp_list
[brp_i
].value
);
1525 brp_list
[brp_i
].used
= false;
1526 brp_list
[brp_i
].value
= 0;
1527 brp_list
[brp_i
].control
= 0;
1528 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1529 armv7a
->debug_base
+ CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].brpn
,
1530 brp_list
[brp_i
].control
);
1531 if (retval
!= ERROR_OK
)
1533 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1534 armv7a
->debug_base
+ CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].brpn
,
1535 brp_list
[brp_i
].value
);
1536 if (retval
!= ERROR_OK
)
1538 if ((brp_j
< 0) || (brp_j
>= cortex_a
->brp_num
)) {
1539 LOG_DEBUG("Invalid BRP number in breakpoint");
1542 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_j
,
1543 brp_list
[brp_j
].control
, brp_list
[brp_j
].value
);
1544 brp_list
[brp_j
].used
= false;
1545 brp_list
[brp_j
].value
= 0;
1546 brp_list
[brp_j
].control
= 0;
1547 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1548 armv7a
->debug_base
+ CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_j
].brpn
,
1549 brp_list
[brp_j
].control
);
1550 if (retval
!= ERROR_OK
)
1552 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1553 armv7a
->debug_base
+ CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_j
].brpn
,
1554 brp_list
[brp_j
].value
);
1555 if (retval
!= ERROR_OK
)
1557 breakpoint
->linked_brp
= 0;
1558 breakpoint
->is_set
= false;
1562 int brp_i
= breakpoint
->number
;
1563 if (brp_i
>= cortex_a
->brp_num
) {
1564 LOG_DEBUG("Invalid BRP number in breakpoint");
1567 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1568 brp_list
[brp_i
].control
, brp_list
[brp_i
].value
);
1569 brp_list
[brp_i
].used
= false;
1570 brp_list
[brp_i
].value
= 0;
1571 brp_list
[brp_i
].control
= 0;
1572 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1573 armv7a
->debug_base
+ CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].brpn
,
1574 brp_list
[brp_i
].control
);
1575 if (retval
!= ERROR_OK
)
1577 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1578 armv7a
->debug_base
+ CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].brpn
,
1579 brp_list
[brp_i
].value
);
1580 if (retval
!= ERROR_OK
)
1582 breakpoint
->is_set
= false;
1587 /* make sure data cache is cleaned & invalidated down to PoC */
1588 armv7a_cache_flush_virt(target
, breakpoint
->address
,
1589 breakpoint
->length
);
1591 /* restore original instruction (kept in target endianness) */
1592 if (breakpoint
->length
== 4) {
1593 retval
= target_write_memory(target
,
1594 breakpoint
->address
& 0xFFFFFFFE,
1595 4, 1, breakpoint
->orig_instr
);
1596 if (retval
!= ERROR_OK
)
1599 retval
= target_write_memory(target
,
1600 breakpoint
->address
& 0xFFFFFFFE,
1601 2, 1, breakpoint
->orig_instr
);
1602 if (retval
!= ERROR_OK
)
1606 /* update i-cache at breakpoint location */
1607 armv7a_l1_d_cache_inval_virt(target
, breakpoint
->address
,
1608 breakpoint
->length
);
1609 armv7a_l1_i_cache_inval_virt(target
, breakpoint
->address
,
1610 breakpoint
->length
);
1612 breakpoint
->is_set
= false;
1617 static int cortex_a_add_breakpoint(struct target
*target
,
1618 struct breakpoint
*breakpoint
)
1620 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1622 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1623 LOG_INFO("no hardware breakpoint available");
1624 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1627 if (breakpoint
->type
== BKPT_HARD
)
1628 cortex_a
->brp_num_available
--;
1630 return cortex_a_set_breakpoint(target
, breakpoint
, 0x00); /* Exact match */
1633 static int cortex_a_add_context_breakpoint(struct target
*target
,
1634 struct breakpoint
*breakpoint
)
1636 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1638 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1639 LOG_INFO("no hardware breakpoint available");
1640 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1643 if (breakpoint
->type
== BKPT_HARD
)
1644 cortex_a
->brp_num_available
--;
1646 return cortex_a_set_context_breakpoint(target
, breakpoint
, 0x02); /* asid match */
1649 static int cortex_a_add_hybrid_breakpoint(struct target
*target
,
1650 struct breakpoint
*breakpoint
)
1652 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1654 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1655 LOG_INFO("no hardware breakpoint available");
1656 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1659 if (breakpoint
->type
== BKPT_HARD
)
1660 cortex_a
->brp_num_available
--;
1662 return cortex_a_set_hybrid_breakpoint(target
, breakpoint
); /* ??? */
1666 static int cortex_a_remove_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1668 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1671 /* It is perfectly possible to remove breakpoints while the target is running */
1672 if (target
->state
!= TARGET_HALTED
) {
1673 LOG_WARNING("target not halted");
1674 return ERROR_TARGET_NOT_HALTED
;
1678 if (breakpoint
->is_set
) {
1679 cortex_a_unset_breakpoint(target
, breakpoint
);
1680 if (breakpoint
->type
== BKPT_HARD
)
1681 cortex_a
->brp_num_available
++;
1689 * Sets a watchpoint for an Cortex-A target in one of the watchpoint units. It is
1690 * considered a bug to call this function when there are no available watchpoint
1693 * @param target Pointer to an Cortex-A target to set a watchpoint on
1694 * @param watchpoint Pointer to the watchpoint to be set
1695 * @return Error status if watchpoint set fails or the result of executing the
1698 static int cortex_a_set_watchpoint(struct target
*target
, struct watchpoint
*watchpoint
)
1700 int retval
= ERROR_OK
;
1704 uint8_t address_mask
;
1705 uint8_t byte_address_select
;
1706 uint8_t load_store_access_control
= 0x3;
1707 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1708 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1709 struct cortex_a_wrp
*wrp_list
= cortex_a
->wrp_list
;
1711 if (watchpoint
->is_set
) {
1712 LOG_WARNING("watchpoint already set");
1716 /* check available context WRPs */
1717 while (wrp_list
[wrp_i
].used
&& (wrp_i
< cortex_a
->wrp_num
))
1720 if (wrp_i
>= cortex_a
->wrp_num
) {
1721 LOG_ERROR("ERROR Can not find free Watchpoint Register Pair");
1725 if (watchpoint
->length
== 0 || watchpoint
->length
> 0x80000000U
||
1726 (watchpoint
->length
& (watchpoint
->length
- 1))) {
1727 LOG_WARNING("watchpoint length must be a power of 2");
1731 if (watchpoint
->address
& (watchpoint
->length
- 1)) {
1732 LOG_WARNING("watchpoint address must be aligned at length");
1736 /* FIXME: ARM DDI 0406C: address_mask is optional. What to do if it's missing? */
1737 /* handle wp length 1 and 2 through byte select */
1738 switch (watchpoint
->length
) {
1740 byte_address_select
= BIT(watchpoint
->address
& 0x3);
1741 address
= watchpoint
->address
& ~0x3;
1746 byte_address_select
= 0x03 << (watchpoint
->address
& 0x2);
1747 address
= watchpoint
->address
& ~0x3;
1752 byte_address_select
= 0x0f;
1753 address
= watchpoint
->address
;
1758 byte_address_select
= 0xff;
1759 address
= watchpoint
->address
;
1760 address_mask
= ilog2(watchpoint
->length
);
1764 watchpoint_set(watchpoint
, wrp_i
);
1765 control
= (address_mask
<< 24) |
1766 (byte_address_select
<< 5) |
1767 (load_store_access_control
<< 3) |
1769 wrp_list
[wrp_i
].used
= true;
1770 wrp_list
[wrp_i
].value
= address
;
1771 wrp_list
[wrp_i
].control
= control
;
1773 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1774 armv7a
->debug_base
+ CPUDBG_WVR_BASE
+ 4 * wrp_list
[wrp_i
].wrpn
,
1775 wrp_list
[wrp_i
].value
);
1776 if (retval
!= ERROR_OK
)
1779 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1780 armv7a
->debug_base
+ CPUDBG_WCR_BASE
+ 4 * wrp_list
[wrp_i
].wrpn
,
1781 wrp_list
[wrp_i
].control
);
1782 if (retval
!= ERROR_OK
)
1785 LOG_DEBUG("wp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, wrp_i
,
1786 wrp_list
[wrp_i
].control
,
1787 wrp_list
[wrp_i
].value
);
1793 * Unset an existing watchpoint and clear the used watchpoint unit.
1795 * @param target Pointer to the target to have the watchpoint removed
1796 * @param watchpoint Pointer to the watchpoint to be removed
1797 * @return Error status while trying to unset the watchpoint or the result of
1798 * executing the JTAG queue
1800 static int cortex_a_unset_watchpoint(struct target
*target
, struct watchpoint
*watchpoint
)
1803 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1804 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1805 struct cortex_a_wrp
*wrp_list
= cortex_a
->wrp_list
;
1807 if (!watchpoint
->is_set
) {
1808 LOG_WARNING("watchpoint not set");
1812 int wrp_i
= watchpoint
->number
;
1813 if (wrp_i
>= cortex_a
->wrp_num
) {
1814 LOG_DEBUG("Invalid WRP number in watchpoint");
1817 LOG_DEBUG("wrp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, wrp_i
,
1818 wrp_list
[wrp_i
].control
, wrp_list
[wrp_i
].value
);
1819 wrp_list
[wrp_i
].used
= false;
1820 wrp_list
[wrp_i
].value
= 0;
1821 wrp_list
[wrp_i
].control
= 0;
1822 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1823 armv7a
->debug_base
+ CPUDBG_WCR_BASE
+ 4 * wrp_list
[wrp_i
].wrpn
,
1824 wrp_list
[wrp_i
].control
);
1825 if (retval
!= ERROR_OK
)
1827 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1828 armv7a
->debug_base
+ CPUDBG_WVR_BASE
+ 4 * wrp_list
[wrp_i
].wrpn
,
1829 wrp_list
[wrp_i
].value
);
1830 if (retval
!= ERROR_OK
)
1832 watchpoint
->is_set
= false;
1838 * Add a watchpoint to an Cortex-A target. If there are no watchpoint units
1839 * available, an error response is returned.
1841 * @param target Pointer to the Cortex-A target to add a watchpoint to
1842 * @param watchpoint Pointer to the watchpoint to be added
1843 * @return Error status while trying to add the watchpoint
1845 static int cortex_a_add_watchpoint(struct target
*target
, struct watchpoint
*watchpoint
)
1847 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1849 if (cortex_a
->wrp_num_available
< 1) {
1850 LOG_INFO("no hardware watchpoint available");
1851 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1854 int retval
= cortex_a_set_watchpoint(target
, watchpoint
);
1855 if (retval
!= ERROR_OK
)
1858 cortex_a
->wrp_num_available
--;
1863 * Remove a watchpoint from an Cortex-A target. The watchpoint will be unset and
1864 * the used watchpoint unit will be reopened.
1866 * @param target Pointer to the target to remove a watchpoint from
1867 * @param watchpoint Pointer to the watchpoint to be removed
1868 * @return Result of trying to unset the watchpoint
1870 static int cortex_a_remove_watchpoint(struct target
*target
, struct watchpoint
*watchpoint
)
1872 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1874 if (watchpoint
->is_set
) {
1875 cortex_a
->wrp_num_available
++;
1876 cortex_a_unset_watchpoint(target
, watchpoint
);
1883 * Cortex-A Reset functions
1886 static int cortex_a_assert_reset(struct target
*target
)
1888 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1892 /* FIXME when halt is requested, make it work somehow... */
1894 /* This function can be called in "target not examined" state */
1896 /* Issue some kind of warm reset. */
1897 if (target_has_event_action(target
, TARGET_EVENT_RESET_ASSERT
))
1898 target_handle_event(target
, TARGET_EVENT_RESET_ASSERT
);
1899 else if (jtag_get_reset_config() & RESET_HAS_SRST
) {
1900 /* REVISIT handle "pulls" cases, if there's
1901 * hardware that needs them to work.
1905 * FIXME: fix reset when transport is not JTAG. This is a temporary
1906 * work-around for release v0.10 that is not intended to stay!
1908 if (!transport_is_jtag() ||
1909 (target
->reset_halt
&& (jtag_get_reset_config() & RESET_SRST_NO_GATING
)))
1910 adapter_assert_reset();
1913 LOG_ERROR("%s: how to reset?", target_name(target
));
1917 /* registers are now invalid */
1918 if (armv7a
->arm
.core_cache
)
1919 register_cache_invalidate(armv7a
->arm
.core_cache
);
1921 target
->state
= TARGET_RESET
;
1926 static int cortex_a_deassert_reset(struct target
*target
)
1928 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1933 /* be certain SRST is off */
1934 adapter_deassert_reset();
1936 if (target_was_examined(target
)) {
1937 retval
= cortex_a_poll(target
);
1938 if (retval
!= ERROR_OK
)
1942 if (target
->reset_halt
) {
1943 if (target
->state
!= TARGET_HALTED
) {
1944 LOG_WARNING("%s: ran after reset and before halt ...",
1945 target_name(target
));
1946 if (target_was_examined(target
)) {
1947 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1948 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_HALT
);
1949 if (retval
!= ERROR_OK
)
1952 target
->state
= TARGET_UNKNOWN
;
1959 static int cortex_a_set_dcc_mode(struct target
*target
, uint32_t mode
, uint32_t *dscr
)
1961 /* Changes the mode of the DCC between non-blocking, stall, and fast mode.
1962 * New desired mode must be in mode. Current value of DSCR must be in
1963 * *dscr, which is updated with new value.
1965 * This function elides actually sending the mode-change over the debug
1966 * interface if the mode is already set as desired.
1968 uint32_t new_dscr
= (*dscr
& ~DSCR_EXT_DCC_MASK
) | mode
;
1969 if (new_dscr
!= *dscr
) {
1970 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1971 int retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1972 armv7a
->debug_base
+ CPUDBG_DSCR
, new_dscr
);
1973 if (retval
== ERROR_OK
)
1981 static int cortex_a_wait_dscr_bits(struct target
*target
, uint32_t mask
,
1982 uint32_t value
, uint32_t *dscr
)
1984 /* Waits until the specified bit(s) of DSCR take on a specified value. */
1985 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1989 if ((*dscr
& mask
) == value
)
1992 then
= timeval_ms();
1994 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1995 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1996 if (retval
!= ERROR_OK
) {
1997 LOG_ERROR("Could not read DSCR register");
2000 if ((*dscr
& mask
) == value
)
2002 if (timeval_ms() > then
+ 1000) {
2003 LOG_ERROR("timeout waiting for DSCR bit change");
2010 static int cortex_a_read_copro(struct target
*target
, uint32_t opcode
,
2011 uint32_t *data
, uint32_t *dscr
)
2014 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2016 /* Move from coprocessor to R0. */
2017 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2018 if (retval
!= ERROR_OK
)
2021 /* Move from R0 to DTRTX. */
2022 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MCR(14, 0, 0, 0, 5, 0), dscr
);
2023 if (retval
!= ERROR_OK
)
2026 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
2027 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2028 * must also check TXfull_l). Most of the time this will be free
2029 * because TXfull_l will be set immediately and cached in dscr. */
2030 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2031 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2032 if (retval
!= ERROR_OK
)
2035 /* Read the value transferred to DTRTX. */
2036 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2037 armv7a
->debug_base
+ CPUDBG_DTRTX
, data
);
2038 if (retval
!= ERROR_OK
)
2044 static int cortex_a_read_dfar_dfsr(struct target
*target
, uint32_t *dfar
,
2045 uint32_t *dfsr
, uint32_t *dscr
)
2050 retval
= cortex_a_read_copro(target
, ARMV4_5_MRC(15, 0, 0, 6, 0, 0), dfar
, dscr
);
2051 if (retval
!= ERROR_OK
)
2056 retval
= cortex_a_read_copro(target
, ARMV4_5_MRC(15, 0, 0, 5, 0, 0), dfsr
, dscr
);
2057 if (retval
!= ERROR_OK
)
2064 static int cortex_a_write_copro(struct target
*target
, uint32_t opcode
,
2065 uint32_t data
, uint32_t *dscr
)
2068 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2070 /* Write the value into DTRRX. */
2071 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2072 armv7a
->debug_base
+ CPUDBG_DTRRX
, data
);
2073 if (retval
!= ERROR_OK
)
2076 /* Move from DTRRX to R0. */
2077 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), dscr
);
2078 if (retval
!= ERROR_OK
)
2081 /* Move from R0 to coprocessor. */
2082 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2083 if (retval
!= ERROR_OK
)
2086 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
2087 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2088 * check RXfull_l). Most of the time this will be free because RXfull_l
2089 * will be cleared immediately and cached in dscr. */
2090 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, dscr
);
2091 if (retval
!= ERROR_OK
)
2097 static int cortex_a_write_dfar_dfsr(struct target
*target
, uint32_t dfar
,
2098 uint32_t dfsr
, uint32_t *dscr
)
2102 retval
= cortex_a_write_copro(target
, ARMV4_5_MCR(15, 0, 0, 6, 0, 0), dfar
, dscr
);
2103 if (retval
!= ERROR_OK
)
2106 retval
= cortex_a_write_copro(target
, ARMV4_5_MCR(15, 0, 0, 5, 0, 0), dfsr
, dscr
);
2107 if (retval
!= ERROR_OK
)
2113 static int cortex_a_dfsr_to_error_code(uint32_t dfsr
)
2115 uint32_t status
, upper4
;
2117 if (dfsr
& (1 << 9)) {
2119 status
= dfsr
& 0x3f;
2120 upper4
= status
>> 2;
2121 if (upper4
== 1 || upper4
== 2 || upper4
== 3 || upper4
== 15)
2122 return ERROR_TARGET_TRANSLATION_FAULT
;
2123 else if (status
== 33)
2124 return ERROR_TARGET_UNALIGNED_ACCESS
;
2126 return ERROR_TARGET_DATA_ABORT
;
2128 /* Normal format. */
2129 status
= ((dfsr
>> 6) & 0x10) | (dfsr
& 0xf);
2131 return ERROR_TARGET_UNALIGNED_ACCESS
;
2132 else if (status
== 5 || status
== 7 || status
== 3 || status
== 6 ||
2133 status
== 9 || status
== 11 || status
== 13 || status
== 15)
2134 return ERROR_TARGET_TRANSLATION_FAULT
;
2136 return ERROR_TARGET_DATA_ABORT
;
2140 static int cortex_a_write_cpu_memory_slow(struct target
*target
,
2141 uint32_t size
, uint32_t count
, const uint8_t *buffer
, uint32_t *dscr
)
2143 /* Writes count objects of size size from *buffer. Old value of DSCR must
2144 * be in *dscr; updated to new value. This is slow because it works for
2145 * non-word-sized objects. Avoid unaligned accesses as they do not work
2146 * on memory address space without "Normal" attribute. If size == 4 and
2147 * the address is aligned, cortex_a_write_cpu_memory_fast should be
2150 * - Address is in R0.
2151 * - R0 is marked dirty.
2153 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2154 struct arm
*arm
= &armv7a
->arm
;
2157 /* Mark register R1 as dirty, to use for transferring data. */
2158 arm_reg_current(arm
, 1)->dirty
= true;
2160 /* Switch to non-blocking mode if not already in that mode. */
2161 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2162 if (retval
!= ERROR_OK
)
2165 /* Go through the objects. */
2167 /* Write the value to store into DTRRX. */
2168 uint32_t data
, opcode
;
2172 data
= target_buffer_get_u16(target
, buffer
);
2174 data
= target_buffer_get_u32(target
, buffer
);
2175 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2176 armv7a
->debug_base
+ CPUDBG_DTRRX
, data
);
2177 if (retval
!= ERROR_OK
)
2180 /* Transfer the value from DTRRX to R1. */
2181 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), dscr
);
2182 if (retval
!= ERROR_OK
)
2185 /* Write the value transferred to R1 into memory. */
2187 opcode
= ARMV4_5_STRB_IP(1, 0);
2189 opcode
= ARMV4_5_STRH_IP(1, 0);
2191 opcode
= ARMV4_5_STRW_IP(1, 0);
2192 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2193 if (retval
!= ERROR_OK
)
2196 /* Check for faults and return early. */
2197 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2198 return ERROR_OK
; /* A data fault is not considered a system failure. */
2200 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture
2201 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2202 * must also check RXfull_l). Most of the time this will be free
2203 * because RXfull_l will be cleared immediately and cached in dscr. */
2204 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, dscr
);
2205 if (retval
!= ERROR_OK
)
2216 static int cortex_a_write_cpu_memory_fast(struct target
*target
,
2217 uint32_t count
, const uint8_t *buffer
, uint32_t *dscr
)
2219 /* Writes count objects of size 4 from *buffer. Old value of DSCR must be
2220 * in *dscr; updated to new value. This is fast but only works for
2221 * word-sized objects at aligned addresses.
2223 * - Address is in R0 and must be a multiple of 4.
2224 * - R0 is marked dirty.
2226 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2229 /* Switch to fast mode if not already in that mode. */
2230 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_FAST_MODE
, dscr
);
2231 if (retval
!= ERROR_OK
)
2234 /* Latch STC instruction. */
2235 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2236 armv7a
->debug_base
+ CPUDBG_ITR
, ARMV4_5_STC(0, 1, 0, 1, 14, 5, 0, 4));
2237 if (retval
!= ERROR_OK
)
2240 /* Transfer all the data and issue all the instructions. */
2241 return mem_ap_write_buf_noincr(armv7a
->debug_ap
, buffer
,
2242 4, count
, armv7a
->debug_base
+ CPUDBG_DTRRX
);
2245 static int cortex_a_write_cpu_memory(struct target
*target
,
2246 uint32_t address
, uint32_t size
,
2247 uint32_t count
, const uint8_t *buffer
)
2249 /* Write memory through the CPU. */
2250 int retval
, final_retval
;
2251 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2252 struct arm
*arm
= &armv7a
->arm
;
2253 uint32_t dscr
, orig_dfar
, orig_dfsr
, fault_dscr
, fault_dfar
, fault_dfsr
;
2255 LOG_DEBUG("Writing CPU memory address 0x%" PRIx32
" size %" PRIu32
" count %" PRIu32
,
2256 address
, size
, count
);
2257 if (target
->state
!= TARGET_HALTED
) {
2258 LOG_TARGET_ERROR(target
, "not halted");
2259 return ERROR_TARGET_NOT_HALTED
;
2265 /* Clear any abort. */
2266 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2267 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2268 if (retval
!= ERROR_OK
)
2272 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2273 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2274 if (retval
!= ERROR_OK
)
2277 /* Switch to non-blocking mode if not already in that mode. */
2278 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2279 if (retval
!= ERROR_OK
)
2282 /* Mark R0 as dirty. */
2283 arm_reg_current(arm
, 0)->dirty
= true;
2285 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2286 retval
= cortex_a_read_dfar_dfsr(target
, &orig_dfar
, &orig_dfsr
, &dscr
);
2287 if (retval
!= ERROR_OK
)
2290 /* Get the memory address into R0. */
2291 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2292 armv7a
->debug_base
+ CPUDBG_DTRRX
, address
);
2293 if (retval
!= ERROR_OK
)
2295 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr
);
2296 if (retval
!= ERROR_OK
)
2299 if (size
== 4 && (address
% 4) == 0) {
2300 /* We are doing a word-aligned transfer, so use fast mode. */
2301 retval
= cortex_a_write_cpu_memory_fast(target
, count
, buffer
, &dscr
);
2303 /* Use slow path. Adjust size for aligned accesses */
2304 switch (address
% 4) {
2319 retval
= cortex_a_write_cpu_memory_slow(target
, size
, count
, buffer
, &dscr
);
2322 final_retval
= retval
;
2324 /* Switch to non-blocking mode if not already in that mode. */
2325 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2326 if (final_retval
== ERROR_OK
)
2327 final_retval
= retval
;
2329 /* Wait for last issued instruction to complete. */
2330 retval
= cortex_a_wait_instrcmpl(target
, &dscr
, true);
2331 if (final_retval
== ERROR_OK
)
2332 final_retval
= retval
;
2334 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
2335 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2336 * check RXfull_l). Most of the time this will be free because RXfull_l
2337 * will be cleared immediately and cached in dscr. However, don't do this
2338 * if there is fault, because then the instruction might not have completed
2340 if (!(dscr
& DSCR_STICKY_ABORT_PRECISE
)) {
2341 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, &dscr
);
2342 if (retval
!= ERROR_OK
)
2346 /* If there were any sticky abort flags, clear them. */
2347 if (dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
)) {
2349 mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2350 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2351 dscr
&= ~(DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
);
2356 /* Handle synchronous data faults. */
2357 if (fault_dscr
& DSCR_STICKY_ABORT_PRECISE
) {
2358 if (final_retval
== ERROR_OK
) {
2359 /* Final return value will reflect cause of fault. */
2360 retval
= cortex_a_read_dfar_dfsr(target
, &fault_dfar
, &fault_dfsr
, &dscr
);
2361 if (retval
== ERROR_OK
) {
2362 LOG_ERROR("data abort at 0x%08" PRIx32
", dfsr = 0x%08" PRIx32
, fault_dfar
, fault_dfsr
);
2363 final_retval
= cortex_a_dfsr_to_error_code(fault_dfsr
);
2365 final_retval
= retval
;
2367 /* Fault destroyed DFAR/DFSR; restore them. */
2368 retval
= cortex_a_write_dfar_dfsr(target
, orig_dfar
, orig_dfsr
, &dscr
);
2369 if (retval
!= ERROR_OK
)
2370 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32
, dscr
);
2373 /* Handle asynchronous data faults. */
2374 if (fault_dscr
& DSCR_STICKY_ABORT_IMPRECISE
) {
2375 if (final_retval
== ERROR_OK
)
2376 /* No other error has been recorded so far, so keep this one. */
2377 final_retval
= ERROR_TARGET_DATA_ABORT
;
2380 /* If the DCC is nonempty, clear it. */
2381 if (dscr
& DSCR_DTRTX_FULL_LATCHED
) {
2383 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2384 armv7a
->debug_base
+ CPUDBG_DTRTX
, &dummy
);
2385 if (final_retval
== ERROR_OK
)
2386 final_retval
= retval
;
2388 if (dscr
& DSCR_DTRRX_FULL_LATCHED
) {
2389 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr
);
2390 if (final_retval
== ERROR_OK
)
2391 final_retval
= retval
;
2395 return final_retval
;
2398 static int cortex_a_read_cpu_memory_slow(struct target
*target
,
2399 uint32_t size
, uint32_t count
, uint8_t *buffer
, uint32_t *dscr
)
2401 /* Reads count objects of size size into *buffer. Old value of DSCR must be
2402 * in *dscr; updated to new value. This is slow because it works for
2403 * non-word-sized objects. Avoid unaligned accesses as they do not work
2404 * on memory address space without "Normal" attribute. If size == 4 and
2405 * the address is aligned, cortex_a_read_cpu_memory_fast should be
2408 * - Address is in R0.
2409 * - R0 is marked dirty.
2411 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2412 struct arm
*arm
= &armv7a
->arm
;
2415 /* Mark register R1 as dirty, to use for transferring data. */
2416 arm_reg_current(arm
, 1)->dirty
= true;
2418 /* Switch to non-blocking mode if not already in that mode. */
2419 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2420 if (retval
!= ERROR_OK
)
2423 /* Go through the objects. */
2425 /* Issue a load of the appropriate size to R1. */
2426 uint32_t opcode
, data
;
2428 opcode
= ARMV4_5_LDRB_IP(1, 0);
2430 opcode
= ARMV4_5_LDRH_IP(1, 0);
2432 opcode
= ARMV4_5_LDRW_IP(1, 0);
2433 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2434 if (retval
!= ERROR_OK
)
2437 /* Issue a write of R1 to DTRTX. */
2438 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MCR(14, 0, 1, 0, 5, 0), dscr
);
2439 if (retval
!= ERROR_OK
)
2442 /* Check for faults and return early. */
2443 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2444 return ERROR_OK
; /* A data fault is not considered a system failure. */
2446 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
2447 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2448 * must also check TXfull_l). Most of the time this will be free
2449 * because TXfull_l will be set immediately and cached in dscr. */
2450 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2451 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2452 if (retval
!= ERROR_OK
)
2455 /* Read the value transferred to DTRTX into the buffer. */
2456 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2457 armv7a
->debug_base
+ CPUDBG_DTRTX
, &data
);
2458 if (retval
!= ERROR_OK
)
2461 *buffer
= (uint8_t) data
;
2463 target_buffer_set_u16(target
, buffer
, (uint16_t) data
);
2465 target_buffer_set_u32(target
, buffer
, data
);
2475 static int cortex_a_read_cpu_memory_fast(struct target
*target
,
2476 uint32_t count
, uint8_t *buffer
, uint32_t *dscr
)
2478 /* Reads count objects of size 4 into *buffer. Old value of DSCR must be in
2479 * *dscr; updated to new value. This is fast but only works for word-sized
2480 * objects at aligned addresses.
2482 * - Address is in R0 and must be a multiple of 4.
2483 * - R0 is marked dirty.
2485 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2489 /* Switch to non-blocking mode if not already in that mode. */
2490 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2491 if (retval
!= ERROR_OK
)
2494 /* Issue the LDC instruction via a write to ITR. */
2495 retval
= cortex_a_exec_opcode(target
, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4), dscr
);
2496 if (retval
!= ERROR_OK
)
2502 /* Switch to fast mode if not already in that mode. */
2503 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_FAST_MODE
, dscr
);
2504 if (retval
!= ERROR_OK
)
2507 /* Latch LDC instruction. */
2508 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2509 armv7a
->debug_base
+ CPUDBG_ITR
, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4));
2510 if (retval
!= ERROR_OK
)
2513 /* Read the value transferred to DTRTX into the buffer. Due to fast
2514 * mode rules, this blocks until the instruction finishes executing and
2515 * then reissues the read instruction to read the next word from
2516 * memory. The last read of DTRTX in this call reads the second-to-last
2517 * word from memory and issues the read instruction for the last word.
2519 retval
= mem_ap_read_buf_noincr(armv7a
->debug_ap
, buffer
,
2520 4, count
, armv7a
->debug_base
+ CPUDBG_DTRTX
);
2521 if (retval
!= ERROR_OK
)
2525 buffer
+= count
* 4;
2528 /* Wait for last issued instruction to complete. */
2529 retval
= cortex_a_wait_instrcmpl(target
, dscr
, false);
2530 if (retval
!= ERROR_OK
)
2533 /* Switch to non-blocking mode if not already in that mode. */
2534 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2535 if (retval
!= ERROR_OK
)
2538 /* Check for faults and return early. */
2539 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2540 return ERROR_OK
; /* A data fault is not considered a system failure. */
2542 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture manual
2543 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2544 * check TXfull_l). Most of the time this will be free because TXfull_l
2545 * will be set immediately and cached in dscr. */
2546 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2547 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2548 if (retval
!= ERROR_OK
)
2551 /* Read the value transferred to DTRTX into the buffer. This is the last
2553 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2554 armv7a
->debug_base
+ CPUDBG_DTRTX
, &u32
);
2555 if (retval
!= ERROR_OK
)
2557 target_buffer_set_u32(target
, buffer
, u32
);
2562 static int cortex_a_read_cpu_memory(struct target
*target
,
2563 uint32_t address
, uint32_t size
,
2564 uint32_t count
, uint8_t *buffer
)
2566 /* Read memory through the CPU. */
2567 int retval
, final_retval
;
2568 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2569 struct arm
*arm
= &armv7a
->arm
;
2570 uint32_t dscr
, orig_dfar
, orig_dfsr
, fault_dscr
, fault_dfar
, fault_dfsr
;
2572 LOG_DEBUG("Reading CPU memory address 0x%" PRIx32
" size %" PRIu32
" count %" PRIu32
,
2573 address
, size
, count
);
2574 if (target
->state
!= TARGET_HALTED
) {
2575 LOG_TARGET_ERROR(target
, "not halted");
2576 return ERROR_TARGET_NOT_HALTED
;
2582 /* Clear any abort. */
2583 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2584 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2585 if (retval
!= ERROR_OK
)
2589 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2590 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2591 if (retval
!= ERROR_OK
)
2594 /* Switch to non-blocking mode if not already in that mode. */
2595 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2596 if (retval
!= ERROR_OK
)
2599 /* Mark R0 as dirty. */
2600 arm_reg_current(arm
, 0)->dirty
= true;
2602 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2603 retval
= cortex_a_read_dfar_dfsr(target
, &orig_dfar
, &orig_dfsr
, &dscr
);
2604 if (retval
!= ERROR_OK
)
2607 /* Get the memory address into R0. */
2608 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2609 armv7a
->debug_base
+ CPUDBG_DTRRX
, address
);
2610 if (retval
!= ERROR_OK
)
2612 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr
);
2613 if (retval
!= ERROR_OK
)
2616 if (size
== 4 && (address
% 4) == 0) {
2617 /* We are doing a word-aligned transfer, so use fast mode. */
2618 retval
= cortex_a_read_cpu_memory_fast(target
, count
, buffer
, &dscr
);
2620 /* Use slow path. Adjust size for aligned accesses */
2621 switch (address
% 4) {
2637 retval
= cortex_a_read_cpu_memory_slow(target
, size
, count
, buffer
, &dscr
);
2640 final_retval
= retval
;
2642 /* Switch to non-blocking mode if not already in that mode. */
2643 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2644 if (final_retval
== ERROR_OK
)
2645 final_retval
= retval
;
2647 /* Wait for last issued instruction to complete. */
2648 retval
= cortex_a_wait_instrcmpl(target
, &dscr
, true);
2649 if (final_retval
== ERROR_OK
)
2650 final_retval
= retval
;
2652 /* If there were any sticky abort flags, clear them. */
2653 if (dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
)) {
2655 mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2656 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2657 dscr
&= ~(DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
);
2662 /* Handle synchronous data faults. */
2663 if (fault_dscr
& DSCR_STICKY_ABORT_PRECISE
) {
2664 if (final_retval
== ERROR_OK
) {
2665 /* Final return value will reflect cause of fault. */
2666 retval
= cortex_a_read_dfar_dfsr(target
, &fault_dfar
, &fault_dfsr
, &dscr
);
2667 if (retval
== ERROR_OK
) {
2668 LOG_ERROR("data abort at 0x%08" PRIx32
", dfsr = 0x%08" PRIx32
, fault_dfar
, fault_dfsr
);
2669 final_retval
= cortex_a_dfsr_to_error_code(fault_dfsr
);
2671 final_retval
= retval
;
2673 /* Fault destroyed DFAR/DFSR; restore them. */
2674 retval
= cortex_a_write_dfar_dfsr(target
, orig_dfar
, orig_dfsr
, &dscr
);
2675 if (retval
!= ERROR_OK
)
2676 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32
, dscr
);
2679 /* Handle asynchronous data faults. */
2680 if (fault_dscr
& DSCR_STICKY_ABORT_IMPRECISE
) {
2681 if (final_retval
== ERROR_OK
)
2682 /* No other error has been recorded so far, so keep this one. */
2683 final_retval
= ERROR_TARGET_DATA_ABORT
;
2686 /* If the DCC is nonempty, clear it. */
2687 if (dscr
& DSCR_DTRTX_FULL_LATCHED
) {
2689 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2690 armv7a
->debug_base
+ CPUDBG_DTRTX
, &dummy
);
2691 if (final_retval
== ERROR_OK
)
2692 final_retval
= retval
;
2694 if (dscr
& DSCR_DTRRX_FULL_LATCHED
) {
2695 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr
);
2696 if (final_retval
== ERROR_OK
)
2697 final_retval
= retval
;
2701 return final_retval
;
2706 * Cortex-A Memory access
2708 * This is same Cortex-M3 but we must also use the correct
2709 * ap number for every access.
2712 static int cortex_a_read_phys_memory(struct target
*target
,
2713 target_addr_t address
, uint32_t size
,
2714 uint32_t count
, uint8_t *buffer
)
2718 if (!count
|| !buffer
)
2719 return ERROR_COMMAND_SYNTAX_ERROR
;
2721 LOG_DEBUG("Reading memory at real address " TARGET_ADDR_FMT
"; size %" PRIu32
"; count %" PRIu32
,
2722 address
, size
, count
);
2724 /* read memory through the CPU */
2725 cortex_a_prep_memaccess(target
, 1);
2726 retval
= cortex_a_read_cpu_memory(target
, address
, size
, count
, buffer
);
2727 cortex_a_post_memaccess(target
, 1);
2732 static int cortex_a_read_memory(struct target
*target
, target_addr_t address
,
2733 uint32_t size
, uint32_t count
, uint8_t *buffer
)
2737 /* cortex_a handles unaligned memory access */
2738 LOG_DEBUG("Reading memory at address " TARGET_ADDR_FMT
"; size %" PRIu32
"; count %" PRIu32
,
2739 address
, size
, count
);
2741 cortex_a_prep_memaccess(target
, 0);
2742 retval
= cortex_a_read_cpu_memory(target
, address
, size
, count
, buffer
);
2743 cortex_a_post_memaccess(target
, 0);
2748 static int cortex_a_write_phys_memory(struct target
*target
,
2749 target_addr_t address
, uint32_t size
,
2750 uint32_t count
, const uint8_t *buffer
)
2754 if (!count
|| !buffer
)
2755 return ERROR_COMMAND_SYNTAX_ERROR
;
2757 LOG_DEBUG("Writing memory to real address " TARGET_ADDR_FMT
"; size %" PRIu32
"; count %" PRIu32
,
2758 address
, size
, count
);
2760 /* write memory through the CPU */
2761 cortex_a_prep_memaccess(target
, 1);
2762 retval
= cortex_a_write_cpu_memory(target
, address
, size
, count
, buffer
);
2763 cortex_a_post_memaccess(target
, 1);
2768 static int cortex_a_write_memory(struct target
*target
, target_addr_t address
,
2769 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
2773 /* cortex_a handles unaligned memory access */
2774 LOG_DEBUG("Writing memory at address " TARGET_ADDR_FMT
"; size %" PRIu32
"; count %" PRIu32
,
2775 address
, size
, count
);
2777 cortex_a_prep_memaccess(target
, 0);
2778 retval
= cortex_a_write_cpu_memory(target
, address
, size
, count
, buffer
);
2779 cortex_a_post_memaccess(target
, 0);
2783 static int cortex_a_read_buffer(struct target
*target
, target_addr_t address
,
2784 uint32_t count
, uint8_t *buffer
)
2788 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2789 * will have something to do with the size we leave to it. */
2790 for (size
= 1; size
< 4 && count
>= size
* 2 + (address
& size
); size
*= 2) {
2791 if (address
& size
) {
2792 int retval
= target_read_memory(target
, address
, size
, 1, buffer
);
2793 if (retval
!= ERROR_OK
)
2801 /* Read the data with as large access size as possible. */
2802 for (; size
> 0; size
/= 2) {
2803 uint32_t aligned
= count
- count
% size
;
2805 int retval
= target_read_memory(target
, address
, size
, aligned
/ size
, buffer
);
2806 if (retval
!= ERROR_OK
)
2817 static int cortex_a_write_buffer(struct target
*target
, target_addr_t address
,
2818 uint32_t count
, const uint8_t *buffer
)
2822 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2823 * will have something to do with the size we leave to it. */
2824 for (size
= 1; size
< 4 && count
>= size
* 2 + (address
& size
); size
*= 2) {
2825 if (address
& size
) {
2826 int retval
= target_write_memory(target
, address
, size
, 1, buffer
);
2827 if (retval
!= ERROR_OK
)
2835 /* Write the data with as large access size as possible. */
2836 for (; size
> 0; size
/= 2) {
2837 uint32_t aligned
= count
- count
% size
;
2839 int retval
= target_write_memory(target
, address
, size
, aligned
/ size
, buffer
);
2840 if (retval
!= ERROR_OK
)
2851 static int cortex_a_handle_target_request(void *priv
)
2853 struct target
*target
= priv
;
2854 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2857 if (!target_was_examined(target
))
2859 if (!target
->dbg_msg_enabled
)
2862 if (target
->state
== TARGET_RUNNING
) {
2865 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2866 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2868 /* check if we have data */
2869 int64_t then
= timeval_ms();
2870 while ((dscr
& DSCR_DTR_TX_FULL
) && (retval
== ERROR_OK
)) {
2871 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2872 armv7a
->debug_base
+ CPUDBG_DTRTX
, &request
);
2873 if (retval
== ERROR_OK
) {
2874 target_request(target
, request
);
2875 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2876 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2878 if (timeval_ms() > then
+ 1000) {
2879 LOG_ERROR("Timeout waiting for dtr tx full");
2889 * Cortex-A target information and configuration
2892 static int cortex_a_examine_first(struct target
*target
)
2894 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
2895 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
2896 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2897 struct adiv5_private_config
*pc
= target
->private_config
;
2900 int retval
= ERROR_OK
;
2901 uint32_t didr
, cpuid
, dbg_osreg
, dbg_idpfr1
;
2903 if (!armv7a
->debug_ap
) {
2904 if (pc
->ap_num
== DP_APSEL_INVALID
) {
2905 /* Search for the APB-AP - it is needed for access to debug registers */
2906 retval
= dap_find_get_ap(swjdp
, AP_TYPE_APB_AP
, &armv7a
->debug_ap
);
2907 if (retval
!= ERROR_OK
) {
2908 LOG_ERROR("Could not find APB-AP for debug access");
2912 armv7a
->debug_ap
= dap_get_ap(swjdp
, pc
->ap_num
);
2913 if (!armv7a
->debug_ap
) {
2914 LOG_ERROR("Cannot get AP");
2920 retval
= mem_ap_init(armv7a
->debug_ap
);
2921 if (retval
!= ERROR_OK
) {
2922 LOG_ERROR("Could not initialize the APB-AP");
2926 armv7a
->debug_ap
->memaccess_tck
= 80;
2928 if (!target
->dbgbase_set
) {
2929 LOG_DEBUG("%s's dbgbase is not set, trying to detect using the ROM table",
2931 /* Lookup Processor DAP */
2932 retval
= dap_lookup_cs_component(armv7a
->debug_ap
, ARM_CS_C9_DEVTYPE_CORE_DEBUG
,
2933 &armv7a
->debug_base
, target
->coreid
);
2934 if (retval
!= ERROR_OK
) {
2935 LOG_ERROR("Can't detect %s's dbgbase from the ROM table; you need to specify it explicitly.",
2939 LOG_DEBUG("Detected core %" PRId32
" dbgbase: " TARGET_ADDR_FMT
,
2940 target
->coreid
, armv7a
->debug_base
);
2942 armv7a
->debug_base
= target
->dbgbase
;
2944 if ((armv7a
->debug_base
& (1UL<<31)) == 0)
2945 LOG_WARNING("Debug base address for target %s has bit 31 set to 0. Access to debug registers will likely fail!\n"
2946 "Please fix the target configuration.", target_name(target
));
2948 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2949 armv7a
->debug_base
+ CPUDBG_DIDR
, &didr
);
2950 if (retval
!= ERROR_OK
) {
2951 LOG_DEBUG("Examine %s failed", "DIDR");
2955 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2956 armv7a
->debug_base
+ CPUDBG_CPUID
, &cpuid
);
2957 if (retval
!= ERROR_OK
) {
2958 LOG_DEBUG("Examine %s failed", "CPUID");
2962 LOG_DEBUG("didr = 0x%08" PRIx32
, didr
);
2963 LOG_DEBUG("cpuid = 0x%08" PRIx32
, cpuid
);
2965 cortex_a
->didr
= didr
;
2966 cortex_a
->cpuid
= cpuid
;
2968 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2969 armv7a
->debug_base
+ CPUDBG_PRSR
, &dbg_osreg
);
2970 if (retval
!= ERROR_OK
)
2972 LOG_TARGET_DEBUG(target
, "DBGPRSR 0x%" PRIx32
, dbg_osreg
);
2974 if ((dbg_osreg
& PRSR_POWERUP_STATUS
) == 0) {
2975 LOG_TARGET_ERROR(target
, "powered down!");
2976 target
->state
= TARGET_UNKNOWN
; /* TARGET_NO_POWER? */
2977 return ERROR_TARGET_INIT_FAILED
;
2980 if (dbg_osreg
& PRSR_STICKY_RESET_STATUS
)
2981 LOG_TARGET_DEBUG(target
, "was reset!");
2983 /* Read DBGOSLSR and check if OSLK is implemented */
2984 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2985 armv7a
->debug_base
+ CPUDBG_OSLSR
, &dbg_osreg
);
2986 if (retval
!= ERROR_OK
)
2988 LOG_TARGET_DEBUG(target
, "DBGOSLSR 0x%" PRIx32
, dbg_osreg
);
2990 /* check if OS Lock is implemented */
2991 if ((dbg_osreg
& OSLSR_OSLM
) == OSLSR_OSLM0
|| (dbg_osreg
& OSLSR_OSLM
) == OSLSR_OSLM1
) {
2992 /* check if OS Lock is set */
2993 if (dbg_osreg
& OSLSR_OSLK
) {
2994 LOG_TARGET_DEBUG(target
, "OSLock set! Trying to unlock");
2996 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2997 armv7a
->debug_base
+ CPUDBG_OSLAR
,
2999 if (retval
== ERROR_OK
)
3000 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3001 armv7a
->debug_base
+ CPUDBG_OSLSR
, &dbg_osreg
);
3003 /* if we fail to access the register or cannot reset the OSLK bit, bail out */
3004 if (retval
!= ERROR_OK
|| (dbg_osreg
& OSLSR_OSLK
) != 0) {
3005 LOG_TARGET_ERROR(target
, "OSLock sticky, core not powered?");
3006 target
->state
= TARGET_UNKNOWN
; /* TARGET_NO_POWER? */
3007 return ERROR_TARGET_INIT_FAILED
;
3012 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3013 armv7a
->debug_base
+ CPUDBG_ID_PFR1
, &dbg_idpfr1
);
3014 if (retval
!= ERROR_OK
)
3017 if (dbg_idpfr1
& 0x000000f0) {
3018 LOG_TARGET_DEBUG(target
, "has security extensions");
3019 armv7a
->arm
.core_type
= ARM_CORE_TYPE_SEC_EXT
;
3021 if (dbg_idpfr1
& 0x0000f000) {
3022 LOG_TARGET_DEBUG(target
, "has virtualization extensions");
3024 * overwrite and simplify the checks.
3025 * virtualization extensions require implementation of security extension
3027 armv7a
->arm
.core_type
= ARM_CORE_TYPE_VIRT_EXT
;
3030 /* Avoid recreating the registers cache */
3031 if (!target_was_examined(target
)) {
3032 retval
= cortex_a_dpm_setup(cortex_a
, didr
);
3033 if (retval
!= ERROR_OK
)
3037 /* Setup Breakpoint Register Pairs */
3038 cortex_a
->brp_num
= ((didr
>> 24) & 0x0F) + 1;
3039 cortex_a
->brp_num_context
= ((didr
>> 20) & 0x0F) + 1;
3040 cortex_a
->brp_num_available
= cortex_a
->brp_num
;
3041 free(cortex_a
->brp_list
);
3042 cortex_a
->brp_list
= calloc(cortex_a
->brp_num
, sizeof(struct cortex_a_brp
));
3043 /* cortex_a->brb_enabled = ????; */
3044 for (i
= 0; i
< cortex_a
->brp_num
; i
++) {
3045 cortex_a
->brp_list
[i
].used
= false;
3046 if (i
< (cortex_a
->brp_num
-cortex_a
->brp_num_context
))
3047 cortex_a
->brp_list
[i
].type
= BRP_NORMAL
;
3049 cortex_a
->brp_list
[i
].type
= BRP_CONTEXT
;
3050 cortex_a
->brp_list
[i
].value
= 0;
3051 cortex_a
->brp_list
[i
].control
= 0;
3052 cortex_a
->brp_list
[i
].brpn
= i
;
3055 LOG_DEBUG("Configured %i hw breakpoints", cortex_a
->brp_num
);
3057 /* Setup Watchpoint Register Pairs */
3058 cortex_a
->wrp_num
= ((didr
>> 28) & 0x0F) + 1;
3059 cortex_a
->wrp_num_available
= cortex_a
->wrp_num
;
3060 free(cortex_a
->wrp_list
);
3061 cortex_a
->wrp_list
= calloc(cortex_a
->wrp_num
, sizeof(struct cortex_a_wrp
));
3062 for (i
= 0; i
< cortex_a
->wrp_num
; i
++) {
3063 cortex_a
->wrp_list
[i
].used
= false;
3064 cortex_a
->wrp_list
[i
].value
= 0;
3065 cortex_a
->wrp_list
[i
].control
= 0;
3066 cortex_a
->wrp_list
[i
].wrpn
= i
;
3069 LOG_DEBUG("Configured %i hw watchpoints", cortex_a
->wrp_num
);
3071 /* select debug_ap as default */
3072 swjdp
->apsel
= armv7a
->debug_ap
->ap_num
;
3074 target_set_examined(target
);
3078 static int cortex_a_examine(struct target
*target
)
3080 int retval
= ERROR_OK
;
3082 /* Reestablish communication after target reset */
3083 retval
= cortex_a_examine_first(target
);
3085 /* Configure core debug access */
3086 if (retval
== ERROR_OK
)
3087 retval
= cortex_a_init_debug_access(target
);
3093 * Cortex-A target creation and initialization
3096 static int cortex_a_init_target(struct command_context
*cmd_ctx
,
3097 struct target
*target
)
3099 /* examine_first() does a bunch of this */
3100 arm_semihosting_init(target
);
3104 static int cortex_a_init_arch_info(struct target
*target
,
3105 struct cortex_a_common
*cortex_a
, struct adiv5_dap
*dap
)
3107 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
3109 /* Setup struct cortex_a_common */
3110 cortex_a
->common_magic
= CORTEX_A_COMMON_MAGIC
;
3111 armv7a
->arm
.dap
= dap
;
3113 /* register arch-specific functions */
3114 armv7a
->examine_debug_reason
= NULL
;
3116 armv7a
->post_debug_entry
= cortex_a_post_debug_entry
;
3118 armv7a
->pre_restore_context
= NULL
;
3120 armv7a
->armv7a_mmu
.read_physical_memory
= cortex_a_read_phys_memory
;
3123 /* arm7_9->handle_target_request = cortex_a_handle_target_request; */
3125 /* REVISIT v7a setup should be in a v7a-specific routine */
3126 armv7a_init_arch_info(target
, armv7a
);
3127 target_register_timer_callback(cortex_a_handle_target_request
, 1,
3128 TARGET_TIMER_TYPE_PERIODIC
, target
);
3133 static int cortex_a_target_create(struct target
*target
, Jim_Interp
*interp
)
3135 struct cortex_a_common
*cortex_a
;
3136 struct adiv5_private_config
*pc
;
3138 if (!target
->private_config
)
3141 pc
= (struct adiv5_private_config
*)target
->private_config
;
3143 cortex_a
= calloc(1, sizeof(struct cortex_a_common
));
3145 LOG_ERROR("Out of memory");
3148 cortex_a
->common_magic
= CORTEX_A_COMMON_MAGIC
;
3149 cortex_a
->armv7a_common
.is_armv7r
= false;
3150 cortex_a
->armv7a_common
.arm
.arm_vfp_version
= ARM_VFP_V3
;
3152 return cortex_a_init_arch_info(target
, cortex_a
, pc
->dap
);
3155 static int cortex_r4_target_create(struct target
*target
, Jim_Interp
*interp
)
3157 struct cortex_a_common
*cortex_a
;
3158 struct adiv5_private_config
*pc
;
3160 pc
= (struct adiv5_private_config
*)target
->private_config
;
3161 if (adiv5_verify_config(pc
) != ERROR_OK
)
3164 cortex_a
= calloc(1, sizeof(struct cortex_a_common
));
3166 LOG_ERROR("Out of memory");
3169 cortex_a
->common_magic
= CORTEX_A_COMMON_MAGIC
;
3170 cortex_a
->armv7a_common
.is_armv7r
= true;
3172 return cortex_a_init_arch_info(target
, cortex_a
, pc
->dap
);
3175 static void cortex_a_deinit_target(struct target
*target
)
3177 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3178 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
3179 struct arm_dpm
*dpm
= &armv7a
->dpm
;
3183 if (target_was_examined(target
)) {
3184 /* Disable halt for breakpoint, watchpoint and vector catch */
3185 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3186 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
3187 if (retval
== ERROR_OK
)
3188 mem_ap_write_atomic_u32(armv7a
->debug_ap
,
3189 armv7a
->debug_base
+ CPUDBG_DSCR
,
3190 dscr
& ~DSCR_HALT_DBG_MODE
);
3193 if (armv7a
->debug_ap
)
3194 dap_put_ap(armv7a
->debug_ap
);
3196 free(cortex_a
->wrp_list
);
3197 free(cortex_a
->brp_list
);
3198 arm_free_reg_cache(dpm
->arm
);
3201 free(target
->private_config
);
3205 static int cortex_a_mmu(struct target
*target
, int *enabled
)
3207 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
3209 if (target
->state
!= TARGET_HALTED
) {
3210 LOG_TARGET_ERROR(target
, "not halted");
3211 return ERROR_TARGET_NOT_HALTED
;
3214 if (armv7a
->is_armv7r
)
3217 *enabled
= target_to_cortex_a(target
)->armv7a_common
.armv7a_mmu
.mmu_enabled
;
3222 static int cortex_a_virt2phys(struct target
*target
,
3223 target_addr_t virt
, target_addr_t
*phys
)
3226 int mmu_enabled
= 0;
3229 * If the MMU was not enabled at debug entry, there is no
3230 * way of knowing if there was ever a valid configuration
3231 * for it and thus it's not safe to enable it. In this case,
3232 * just return the virtual address as physical.
3234 cortex_a_mmu(target
, &mmu_enabled
);
3240 /* mmu must be enable in order to get a correct translation */
3241 retval
= cortex_a_mmu_modify(target
, 1);
3242 if (retval
!= ERROR_OK
)
3244 return armv7a_mmu_translate_va_pa(target
, (uint32_t)virt
,
3248 COMMAND_HANDLER(cortex_a_handle_cache_info_command
)
3250 struct target
*target
= get_current_target(CMD_CTX
);
3251 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
3253 return armv7a_handle_cache_info_command(CMD
,
3254 &armv7a
->armv7a_mmu
.armv7a_cache
);
3258 COMMAND_HANDLER(cortex_a_handle_dbginit_command
)
3260 struct target
*target
= get_current_target(CMD_CTX
);
3261 if (!target_was_examined(target
)) {
3262 LOG_ERROR("target not examined yet");
3266 return cortex_a_init_debug_access(target
);
3269 COMMAND_HANDLER(handle_cortex_a_mask_interrupts_command
)
3271 struct target
*target
= get_current_target(CMD_CTX
);
3272 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3274 static const struct nvp nvp_maskisr_modes
[] = {
3275 { .name
= "off", .value
= CORTEX_A_ISRMASK_OFF
},
3276 { .name
= "on", .value
= CORTEX_A_ISRMASK_ON
},
3277 { .name
= NULL
, .value
= -1 },
3279 const struct nvp
*n
;
3282 n
= nvp_name2value(nvp_maskisr_modes
, CMD_ARGV
[0]);
3284 LOG_ERROR("Unknown parameter: %s - should be off or on", CMD_ARGV
[0]);
3285 return ERROR_COMMAND_SYNTAX_ERROR
;
3288 cortex_a
->isrmasking_mode
= n
->value
;
3291 n
= nvp_value2name(nvp_maskisr_modes
, cortex_a
->isrmasking_mode
);
3292 command_print(CMD
, "cortex_a interrupt mask %s", n
->name
);
3297 COMMAND_HANDLER(handle_cortex_a_dacrfixup_command
)
3299 struct target
*target
= get_current_target(CMD_CTX
);
3300 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3302 static const struct nvp nvp_dacrfixup_modes
[] = {
3303 { .name
= "off", .value
= CORTEX_A_DACRFIXUP_OFF
},
3304 { .name
= "on", .value
= CORTEX_A_DACRFIXUP_ON
},
3305 { .name
= NULL
, .value
= -1 },
3307 const struct nvp
*n
;
3310 n
= nvp_name2value(nvp_dacrfixup_modes
, CMD_ARGV
[0]);
3312 return ERROR_COMMAND_SYNTAX_ERROR
;
3313 cortex_a
->dacrfixup_mode
= n
->value
;
3317 n
= nvp_value2name(nvp_dacrfixup_modes
, cortex_a
->dacrfixup_mode
);
3318 command_print(CMD
, "cortex_a domain access control fixup %s", n
->name
);
3323 static const struct command_registration cortex_a_exec_command_handlers
[] = {
3325 .name
= "cache_info",
3326 .handler
= cortex_a_handle_cache_info_command
,
3327 .mode
= COMMAND_EXEC
,
3328 .help
= "display information about target caches",
3333 .handler
= cortex_a_handle_dbginit_command
,
3334 .mode
= COMMAND_EXEC
,
3335 .help
= "Initialize core debug",
3340 .handler
= handle_cortex_a_mask_interrupts_command
,
3341 .mode
= COMMAND_ANY
,
3342 .help
= "mask cortex_a interrupts",
3343 .usage
= "['on'|'off']",
3346 .name
= "dacrfixup",
3347 .handler
= handle_cortex_a_dacrfixup_command
,
3348 .mode
= COMMAND_ANY
,
3349 .help
= "set domain access control (DACR) to all-manager "
3351 .usage
= "['on'|'off']",
3354 .chain
= armv7a_mmu_command_handlers
,
3357 .chain
= smp_command_handlers
,
3360 COMMAND_REGISTRATION_DONE
3362 static const struct command_registration cortex_a_command_handlers
[] = {
3364 .chain
= arm_command_handlers
,
3367 .chain
= armv7a_command_handlers
,
3371 .mode
= COMMAND_ANY
,
3372 .help
= "Cortex-A command group",
3374 .chain
= cortex_a_exec_command_handlers
,
3376 COMMAND_REGISTRATION_DONE
3379 struct target_type cortexa_target
= {
3382 .poll
= cortex_a_poll
,
3383 .arch_state
= armv7a_arch_state
,
3385 .halt
= cortex_a_halt
,
3386 .resume
= cortex_a_resume
,
3387 .step
= cortex_a_step
,
3389 .assert_reset
= cortex_a_assert_reset
,
3390 .deassert_reset
= cortex_a_deassert_reset
,
3392 /* REVISIT allow exporting VFP3 registers ... */
3393 .get_gdb_arch
= arm_get_gdb_arch
,
3394 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
3396 .read_memory
= cortex_a_read_memory
,
3397 .write_memory
= cortex_a_write_memory
,
3399 .read_buffer
= cortex_a_read_buffer
,
3400 .write_buffer
= cortex_a_write_buffer
,
3402 .checksum_memory
= arm_checksum_memory
,
3403 .blank_check_memory
= arm_blank_check_memory
,
3405 .run_algorithm
= armv4_5_run_algorithm
,
3407 .add_breakpoint
= cortex_a_add_breakpoint
,
3408 .add_context_breakpoint
= cortex_a_add_context_breakpoint
,
3409 .add_hybrid_breakpoint
= cortex_a_add_hybrid_breakpoint
,
3410 .remove_breakpoint
= cortex_a_remove_breakpoint
,
3411 .add_watchpoint
= cortex_a_add_watchpoint
,
3412 .remove_watchpoint
= cortex_a_remove_watchpoint
,
3414 .commands
= cortex_a_command_handlers
,
3415 .target_create
= cortex_a_target_create
,
3416 .target_jim_configure
= adiv5_jim_configure
,
3417 .init_target
= cortex_a_init_target
,
3418 .examine
= cortex_a_examine
,
3419 .deinit_target
= cortex_a_deinit_target
,
3421 .read_phys_memory
= cortex_a_read_phys_memory
,
3422 .write_phys_memory
= cortex_a_write_phys_memory
,
3423 .mmu
= cortex_a_mmu
,
3424 .virt2phys
= cortex_a_virt2phys
,
3427 static const struct command_registration cortex_r4_exec_command_handlers
[] = {
3430 .handler
= cortex_a_handle_dbginit_command
,
3431 .mode
= COMMAND_EXEC
,
3432 .help
= "Initialize core debug",
3437 .handler
= handle_cortex_a_mask_interrupts_command
,
3438 .mode
= COMMAND_EXEC
,
3439 .help
= "mask cortex_r4 interrupts",
3440 .usage
= "['on'|'off']",
3443 COMMAND_REGISTRATION_DONE
3445 static const struct command_registration cortex_r4_command_handlers
[] = {
3447 .chain
= arm_command_handlers
,
3450 .name
= "cortex_r4",
3451 .mode
= COMMAND_ANY
,
3452 .help
= "Cortex-R4 command group",
3454 .chain
= cortex_r4_exec_command_handlers
,
3456 COMMAND_REGISTRATION_DONE
3459 struct target_type cortexr4_target
= {
3460 .name
= "cortex_r4",
3462 .poll
= cortex_a_poll
,
3463 .arch_state
= armv7a_arch_state
,
3465 .halt
= cortex_a_halt
,
3466 .resume
= cortex_a_resume
,
3467 .step
= cortex_a_step
,
3469 .assert_reset
= cortex_a_assert_reset
,
3470 .deassert_reset
= cortex_a_deassert_reset
,
3472 /* REVISIT allow exporting VFP3 registers ... */
3473 .get_gdb_arch
= arm_get_gdb_arch
,
3474 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
3476 .read_memory
= cortex_a_read_phys_memory
,
3477 .write_memory
= cortex_a_write_phys_memory
,
3479 .checksum_memory
= arm_checksum_memory
,
3480 .blank_check_memory
= arm_blank_check_memory
,
3482 .run_algorithm
= armv4_5_run_algorithm
,
3484 .add_breakpoint
= cortex_a_add_breakpoint
,
3485 .add_context_breakpoint
= cortex_a_add_context_breakpoint
,
3486 .add_hybrid_breakpoint
= cortex_a_add_hybrid_breakpoint
,
3487 .remove_breakpoint
= cortex_a_remove_breakpoint
,
3488 .add_watchpoint
= cortex_a_add_watchpoint
,
3489 .remove_watchpoint
= cortex_a_remove_watchpoint
,
3491 .commands
= cortex_r4_command_handlers
,
3492 .target_create
= cortex_r4_target_create
,
3493 .target_jim_configure
= adiv5_jim_configure
,
3494 .init_target
= cortex_a_init_target
,
3495 .examine
= cortex_a_examine
,
3496 .deinit_target
= cortex_a_deinit_target
,
