search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
target: create/use register_cache_invalidate()
[openocd/cortex.git] / src / target / cortex_a8.c
blobd02fee9e17affa30f904c726d8a4913e9b59d9dc
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2006 by Magnus Lundin *
6 * lundin@mlu.mine.nu *
7 * *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
10 * *
11 * Copyright (C) 2009 by Dirk Behme *
12 * dirk.behme@gmail.com - copy from cortex_m3 *
13 * *
14 * This program is free software; you can redistribute it and/or modify *
15 * it under the terms of the GNU General Public License as published by *
16 * the Free Software Foundation; either version 2 of the License, or *
17 * (at your option) any later version. *
18 * *
19 * This program is distributed in the hope that it will be useful, *
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
22 * GNU General Public License for more details. *
23 * *
24 * You should have received a copy of the GNU General Public License *
25 * along with this program; if not, write to the *
26 * Free Software Foundation, Inc., *
27 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
28 * *
29 * Cortex-A8(tm) TRM, ARM DDI 0344H *
30 * *
31 ***************************************************************************/
32 #ifdef HAVE_CONFIG_H
33 #include "config.h"
34 #endif
35
36 #include "breakpoints.h"
37 #include "cortex_a8.h"
38 #include "register.h"
39 #include "target_request.h"
40 #include "target_type.h"
41
42 static int cortex_a8_poll(struct target *target);
43 static int cortex_a8_debug_entry(struct target *target);
44 static int cortex_a8_restore_context(struct target *target);
45 static int cortex_a8_set_breakpoint(struct target *target,
46 struct breakpoint *breakpoint, uint8_t matchmode);
47 static int cortex_a8_unset_breakpoint(struct target *target,
48 struct breakpoint *breakpoint);
49 static int cortex_a8_dap_read_coreregister_u32(struct target *target,
50 uint32_t *value, int regnum);
51 static int cortex_a8_dap_write_coreregister_u32(struct target *target,
52 uint32_t value, int regnum);
53 /*
54 * FIXME do topology discovery using the ROM; don't
55 * assume this is an OMAP3.
56 */
57 #define swjdp_memoryap 0
58 #define swjdp_debugap 1
59 #define OMAP3530_DEBUG_BASE 0x54011000
60
61 /*
62 * Cortex-A8 Basic debug access, very low level assumes state is saved
63 */
64 static int cortex_a8_init_debug_access(struct target *target)
65 {
66 struct armv7a_common *armv7a = target_to_armv7a(target);
67 struct swjdp_common *swjdp = &armv7a->swjdp_info;
68
69 int retval;
70 uint32_t dummy;
71
72 LOG_DEBUG(" ");
73
74 /* Unlocking the debug registers for modification */
75 /* The debugport might be uninitialised so try twice */
76 retval = mem_ap_write_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_LOCKACCESS, 0xC5ACCE55);
77 if (retval != ERROR_OK)
78 mem_ap_write_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_LOCKACCESS, 0xC5ACCE55);
79 /* Clear Sticky Power Down status Bit in PRSR to enable access to
80 the registers in the Core Power Domain */
81 retval = mem_ap_read_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_PRSR, &dummy);
82 /* Enabling of instruction execution in debug mode is done in debug_entry code */
83
84 /* Resync breakpoint registers */
85
86 /* Since this is likley called from init or reset, update targtet state information*/
87 cortex_a8_poll(target);
88
89 return retval;
90 }
91
92 int cortex_a8_exec_opcode(struct target *target, uint32_t opcode)
93 {
94 uint32_t dscr;
95 int retval;
96 struct armv7a_common *armv7a = target_to_armv7a(target);
97 struct swjdp_common *swjdp = &armv7a->swjdp_info;
98
99 LOG_DEBUG("exec opcode 0x%08" PRIx32, opcode);
100 do
101 {
102 retval = mem_ap_read_atomic_u32(swjdp,
103 armv7a->debug_base + CPUDBG_DSCR, &dscr);
104 if (retval != ERROR_OK)
105 {
106 LOG_ERROR("Could not read DSCR register, opcode = 0x%08" PRIx32, opcode);
107 return retval;
108 }
109 }
110 while ((dscr & (1 << DSCR_INSTR_COMP)) == 0); /* Wait for InstrCompl bit to be set */
111
112 mem_ap_write_u32(swjdp, armv7a->debug_base + CPUDBG_ITR, opcode);
113
114 do
115 {
116 retval = mem_ap_read_atomic_u32(swjdp,
117 armv7a->debug_base + CPUDBG_DSCR, &dscr);
118 if (retval != ERROR_OK)
119 {
120 LOG_ERROR("Could not read DSCR register");
121 return retval;
122 }
123 }
124 while ((dscr & (1 << DSCR_INSTR_COMP)) == 0); /* Wait for InstrCompl bit to be set */
125
126 return retval;
127 }
128
129 /**************************************************************************
130 Read core register with very few exec_opcode, fast but needs work_area.
131 This can cause problems with MMU active.
132 **************************************************************************/
133 static int cortex_a8_read_regs_through_mem(struct target *target, uint32_t address,
134 uint32_t * regfile)
135 {
136 int retval = ERROR_OK;
137 struct armv7a_common *armv7a = target_to_armv7a(target);
138 struct swjdp_common *swjdp = &armv7a->swjdp_info;
139
140 cortex_a8_dap_read_coreregister_u32(target, regfile, 0);
141 cortex_a8_dap_write_coreregister_u32(target, address, 0);
142 cortex_a8_exec_opcode(target, ARMV4_5_STMIA(0, 0xFFFE, 0, 0));
143 dap_ap_select(swjdp, swjdp_memoryap);
144 mem_ap_read_buf_u32(swjdp, (uint8_t *)(&regfile[1]), 4*15, address);
145 dap_ap_select(swjdp, swjdp_debugap);
146
147 return retval;
148 }
149
150 static int cortex_a8_read_cp(struct target *target, uint32_t *value, uint8_t CP,
151 uint8_t op1, uint8_t CRn, uint8_t CRm, uint8_t op2)
152 {
153 int retval;
154 struct armv7a_common *armv7a = target_to_armv7a(target);
155 struct swjdp_common *swjdp = &armv7a->swjdp_info;
156
157 cortex_a8_exec_opcode(target, ARMV4_5_MRC(CP, op1, 0, CRn, CRm, op2));
158 /* Move R0 to DTRTX */
159 cortex_a8_exec_opcode(target, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
160
161 /* Read DCCTX */
162 retval = mem_ap_read_atomic_u32(swjdp,
163 armv7a->debug_base + CPUDBG_DTRTX, value);
164
165 return retval;
166 }
167
168 static int cortex_a8_write_cp(struct target *target, uint32_t value,
169 uint8_t CP, uint8_t op1, uint8_t CRn, uint8_t CRm, uint8_t op2)
170 {
171 int retval;
172 uint32_t dscr;
173 struct armv7a_common *armv7a = target_to_armv7a(target);
174 struct swjdp_common *swjdp = &armv7a->swjdp_info;
175
176 LOG_DEBUG("CP%i, CRn %i, value 0x%08" PRIx32, CP, CRn, value);
177
178 /* Check that DCCRX is not full */
179 retval = mem_ap_read_atomic_u32(swjdp,
180 armv7a->debug_base + CPUDBG_DSCR, &dscr);
181 if (dscr & (1 << DSCR_DTR_RX_FULL))
182 {
183 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32, dscr);
184 /* Clear DCCRX with MCR(p14, 0, Rd, c0, c5, 0), opcode 0xEE000E15 */
185 cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0));
186 }
187
188 retval = mem_ap_write_u32(swjdp,
189 armv7a->debug_base + CPUDBG_DTRRX, value);
190 /* Move DTRRX to r0 */
191 cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0));
192
193 cortex_a8_exec_opcode(target, ARMV4_5_MCR(CP, op1, 0, CRn, CRm, op2));
194 return retval;
195 }
196
197 static int cortex_a8_read_cp15(struct target *target, uint32_t op1, uint32_t op2,
198 uint32_t CRn, uint32_t CRm, uint32_t *value)
199 {
200 return cortex_a8_read_cp(target, value, 15, op1, CRn, CRm, op2);
201 }
202
203 static int cortex_a8_write_cp15(struct target *target, uint32_t op1, uint32_t op2,
204 uint32_t CRn, uint32_t CRm, uint32_t value)
205 {
206 return cortex_a8_write_cp(target, value, 15, op1, CRn, CRm, op2);
207 }
208
209 static int cortex_a8_mrc(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
210 {
211 if (cpnum!=15)
212 {
213 LOG_ERROR("Only cp15 is supported");
214 return ERROR_FAIL;
215 }
216 return cortex_a8_read_cp15(target, op1, op2, CRn, CRm, value);
217 }
218
219 static int cortex_a8_mcr(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
220 {
221 if (cpnum!=15)
222 {
223 LOG_ERROR("Only cp15 is supported");
224 return ERROR_FAIL;
225 }
226 return cortex_a8_write_cp15(target, op1, op2, CRn, CRm, value);
227 }
228
229
230
231 static int cortex_a8_dap_read_coreregister_u32(struct target *target,
232 uint32_t *value, int regnum)
233 {
234 int retval = ERROR_OK;
235 uint8_t reg = regnum&0xFF;
236 uint32_t dscr;
237 struct armv7a_common *armv7a = target_to_armv7a(target);
238 struct swjdp_common *swjdp = &armv7a->swjdp_info;
239
240 if (reg > 16)
241 return retval;
242
243 if (reg < 15)
244 {
245 /* Rn to DCCTX, "MCR p14, 0, Rn, c0, c5, 0" 0xEE00nE15 */
246 cortex_a8_exec_opcode(target, ARMV4_5_MCR(14, 0, reg, 0, 5, 0));
247 }
248 else if (reg == 15)
249 {
250 /* "MOV r0, r15"; then move r0 to DCCTX */
251 cortex_a8_exec_opcode(target, 0xE1A0000F);
252 cortex_a8_exec_opcode(target, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
253 }
254 else if (reg == 16)
255 {
256 /* "MRS r0, CPSR"; then move r0 to DCCTX */
257 cortex_a8_exec_opcode(target, ARMV4_5_MRS(0, 0));
258 cortex_a8_exec_opcode(target, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
259 }
260
261 /* Read DTRRTX */
262 do
263 {
264 retval = mem_ap_read_atomic_u32(swjdp,
265 armv7a->debug_base + CPUDBG_DSCR, &dscr);
266 }
267 while ((dscr & (1 << DSCR_DTR_TX_FULL)) == 0); /* Wait for DTRRXfull */
268
269 retval = mem_ap_read_atomic_u32(swjdp,
270 armv7a->debug_base + CPUDBG_DTRTX, value);
271
272 return retval;
273 }
274
275 static int cortex_a8_dap_write_coreregister_u32(struct target *target, uint32_t value, int regnum)
276 {
277 int retval = ERROR_OK;
278 uint8_t Rd = regnum&0xFF;
279 uint32_t dscr;
280 struct armv7a_common *armv7a = target_to_armv7a(target);
281 struct swjdp_common *swjdp = &armv7a->swjdp_info;
282
283 LOG_DEBUG("register %i, value 0x%08" PRIx32, regnum, value);
284
285 /* Check that DCCRX is not full */
286 retval = mem_ap_read_atomic_u32(swjdp,
287 armv7a->debug_base + CPUDBG_DSCR, &dscr);
288 if (dscr & (1 << DSCR_DTR_RX_FULL))
289 {
290 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32, dscr);
291 /* Clear DCCRX with MCR(p14, 0, Rd, c0, c5, 0), opcode 0xEE000E15 */
292 cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0));
293 }
294
295 if (Rd > 16)
296 return retval;
297
298 /* Write to DCCRX */
299 retval = mem_ap_write_u32(swjdp,
300 armv7a->debug_base + CPUDBG_DTRRX, value);
301
302 if (Rd < 15)
303 {
304 /* DCCRX to Rd, MCR p14, 0, Rd, c0, c5, 0, 0xEE000E15 */
305 cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, Rd, 0, 5, 0));
306 }
307 else if (Rd == 15)
308 {
309 cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0));
310 cortex_a8_exec_opcode(target, 0xE1A0F000);
311 }
312 else if (Rd == 16)
313 {
314 cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0));
315 cortex_a8_exec_opcode(target, ARMV4_5_MSR_GP(0, 0xF, 0));
316 /* Execute a PrefetchFlush instruction through the ITR. */
317 cortex_a8_exec_opcode(target, ARMV4_5_MCR(15, 0, 0, 7, 5, 4));
318 }
319
320 return retval;
321 }
322
323 /* Write to memory mapped registers directly with no cache or mmu handling */
324 static int cortex_a8_dap_write_memap_register_u32(struct target *target, uint32_t address, uint32_t value)
325 {
326 int retval;
327 struct armv7a_common *armv7a = target_to_armv7a(target);
328 struct swjdp_common *swjdp = &armv7a->swjdp_info;
329
330 retval = mem_ap_write_atomic_u32(swjdp, address, value);
331
332 return retval;
333 }
334
335 /*
336 * Cortex-A8 Run control
337 */
338
339 static int cortex_a8_poll(struct target *target)
340 {
341 int retval = ERROR_OK;
342 uint32_t dscr;
343 struct cortex_a8_common *cortex_a8 = target_to_cortex_a8(target);
344 struct armv7a_common *armv7a = &cortex_a8->armv7a_common;
345 struct swjdp_common *swjdp = &armv7a->swjdp_info;
346 enum target_state prev_target_state = target->state;
347 uint8_t saved_apsel = dap_ap_get_select(swjdp);
348
349 dap_ap_select(swjdp, swjdp_debugap);
350 retval = mem_ap_read_atomic_u32(swjdp,
351 armv7a->debug_base + CPUDBG_DSCR, &dscr);
352 if (retval != ERROR_OK)
353 {
354 dap_ap_select(swjdp, saved_apsel);
355 return retval;
356 }
357 cortex_a8->cpudbg_dscr = dscr;
358
359 if ((dscr & 0x3) == 0x3)
360 {
361 if (prev_target_state != TARGET_HALTED)
362 {
363 /* We have a halting debug event */
364 LOG_DEBUG("Target halted");
365 target->state = TARGET_HALTED;
366 if ((prev_target_state == TARGET_RUNNING)
367 || (prev_target_state == TARGET_RESET))
368 {
369 retval = cortex_a8_debug_entry(target);
370 if (retval != ERROR_OK)
371 return retval;
372
373 target_call_event_callbacks(target,
374 TARGET_EVENT_HALTED);
375 }
376 if (prev_target_state == TARGET_DEBUG_RUNNING)
377 {
378 LOG_DEBUG(" ");
379
380 retval = cortex_a8_debug_entry(target);
381 if (retval != ERROR_OK)
382 return retval;
383
384 target_call_event_callbacks(target,
385 TARGET_EVENT_DEBUG_HALTED);
386 }
387 }
388 }
389 else if ((dscr & 0x3) == 0x2)
390 {
391 target->state = TARGET_RUNNING;
392 }
393 else
394 {
395 LOG_DEBUG("Unknown target state dscr = 0x%08" PRIx32, dscr);
396 target->state = TARGET_UNKNOWN;
397 }
398
399 dap_ap_select(swjdp, saved_apsel);
400
401 return retval;
402 }
403
404 static int cortex_a8_halt(struct target *target)
405 {
406 int retval = ERROR_OK;
407 uint32_t dscr;
408 struct armv7a_common *armv7a = target_to_armv7a(target);
409 struct swjdp_common *swjdp = &armv7a->swjdp_info;
410 uint8_t saved_apsel = dap_ap_get_select(swjdp);
411 dap_ap_select(swjdp, swjdp_debugap);
412
413 /*
414 * Tell the core to be halted by writing DRCR with 0x1
415 * and then wait for the core to be halted.
416 */
417 retval = mem_ap_write_atomic_u32(swjdp,
418 armv7a->debug_base + CPUDBG_DRCR, 0x1);
419
420 /*
421 * enter halting debug mode
422 */
423 mem_ap_read_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_DSCR, &dscr);
424 retval = mem_ap_write_atomic_u32(swjdp,
425 armv7a->debug_base + CPUDBG_DSCR, dscr | (1 << DSCR_HALT_DBG_MODE));
426
427 if (retval != ERROR_OK)
428 goto out;
429
430 do {
431 mem_ap_read_atomic_u32(swjdp,
432 armv7a->debug_base + CPUDBG_DSCR, &dscr);
433 } while ((dscr & (1 << DSCR_CORE_HALTED)) == 0);
434
435 target->debug_reason = DBG_REASON_DBGRQ;
436
437 out:
438 dap_ap_select(swjdp, saved_apsel);
439 return retval;
440 }
441
442 static int cortex_a8_resume(struct target *target, int current,
443 uint32_t address, int handle_breakpoints, int debug_execution)
444 {
445 struct armv7a_common *armv7a = target_to_armv7a(target);
446 struct armv4_5_common_s *armv4_5 = &armv7a->armv4_5_common;
447 struct swjdp_common *swjdp = &armv7a->swjdp_info;
448
449 // struct breakpoint *breakpoint = NULL;
450 uint32_t resume_pc, dscr;
451
452 uint8_t saved_apsel = dap_ap_get_select(swjdp);
453 dap_ap_select(swjdp, swjdp_debugap);
454
455 if (!debug_execution)
456 {
457 target_free_all_working_areas(target);
458 // cortex_m3_enable_breakpoints(target);
459 // cortex_m3_enable_watchpoints(target);
460 }
461
462 #if 0
463 if (debug_execution)
464 {
465 /* Disable interrupts */
466 /* We disable interrupts in the PRIMASK register instead of
467 * masking with C_MASKINTS,
468 * This is probably the same issue as Cortex-M3 Errata 377493:
469 * C_MASKINTS in parallel with disabled interrupts can cause
470 * local faults to not be taken. */
471 buf_set_u32(armv7m->core_cache->reg_list[ARMV7M_PRIMASK].value, 0, 32, 1);
472 armv7m->core_cache->reg_list[ARMV7M_PRIMASK].dirty = 1;
473 armv7m->core_cache->reg_list[ARMV7M_PRIMASK].valid = 1;
474
475 /* Make sure we are in Thumb mode */
476 buf_set_u32(armv7m->core_cache->reg_list[ARMV7M_xPSR].value, 0, 32,
477 buf_get_u32(armv7m->core_cache->reg_list[ARMV7M_xPSR].value, 0, 32) | (1 << 24));
478 armv7m->core_cache->reg_list[ARMV7M_xPSR].dirty = 1;
479 armv7m->core_cache->reg_list[ARMV7M_xPSR].valid = 1;
480 }
481 #endif
482
483 /* current = 1: continue on current pc, otherwise continue at <address> */
484 resume_pc = buf_get_u32(
485 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
486 armv4_5->core_mode, 15).value,
487 0, 32);
488 if (!current)
489 resume_pc = address;
490
491 /* Make sure that the Armv7 gdb thumb fixups does not
492 * kill the return address
493 */
494 switch (armv4_5->core_state)
495 {
496 case ARMV4_5_STATE_ARM:
497 resume_pc &= 0xFFFFFFFC;
498 break;
499 case ARMV4_5_STATE_THUMB:
500 case ARM_STATE_THUMB_EE:
501 /* When the return address is loaded into PC
502 * bit 0 must be 1 to stay in Thumb state
503 */
504 resume_pc |= 0x1;
505 break;
506 case ARMV4_5_STATE_JAZELLE:
507 LOG_ERROR("How do I resume into Jazelle state??");
508 return ERROR_FAIL;
509 }
510 LOG_DEBUG("resume pc = 0x%08" PRIx32, resume_pc);
511 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
512 armv4_5->core_mode, 15).value,
513 0, 32, resume_pc);
514 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
515 armv4_5->core_mode, 15).dirty = 1;
516 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
517 armv4_5->core_mode, 15).valid = 1;
518
519 cortex_a8_restore_context(target);
520 // arm7_9_restore_context(target); TODO Context is currently NOT Properly restored
521 #if 0
522 /* the front-end may request us not to handle breakpoints */
523 if (handle_breakpoints)
524 {
525 /* Single step past breakpoint at current address */
526 if ((breakpoint = breakpoint_find(target, resume_pc)))
527 {
528 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
529 cortex_m3_unset_breakpoint(target, breakpoint);
530 cortex_m3_single_step_core(target);
531 cortex_m3_set_breakpoint(target, breakpoint);
532 }
533 }
534
535 #endif
536 /* Restart core and wait for it to be started */
537 mem_ap_write_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_DRCR, 0x2);
538
539 do {
540 mem_ap_read_atomic_u32(swjdp,
541 armv7a->debug_base + CPUDBG_DSCR, &dscr);
542 } while ((dscr & (1 << DSCR_CORE_RESTARTED)) == 0);
543
544 target->debug_reason = DBG_REASON_NOTHALTED;
545 target->state = TARGET_RUNNING;
546
547 /* registers are now invalid */
548 register_cache_invalidate(armv4_5->core_cache);
549
550 if (!debug_execution)
551 {
552 target->state = TARGET_RUNNING;
553 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
554 LOG_DEBUG("target resumed at 0x%" PRIx32, resume_pc);
555 }
556 else
557 {
558 target->state = TARGET_DEBUG_RUNNING;
559 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
560 LOG_DEBUG("target debug resumed at 0x%" PRIx32, resume_pc);
561 }
562
563 dap_ap_select(swjdp, saved_apsel);
564
565 return ERROR_OK;
566 }
567
568 static int cortex_a8_debug_entry(struct target *target)
569 {
570 int i;
571 uint32_t regfile[16], pc, cpsr, dscr;
572 int retval = ERROR_OK;
573 struct working_area *regfile_working_area = NULL;
574 struct cortex_a8_common *cortex_a8 = target_to_cortex_a8(target);
575 struct armv7a_common *armv7a = target_to_armv7a(target);
576 struct armv4_5_common_s *armv4_5 = &armv7a->armv4_5_common;
577 struct swjdp_common *swjdp = &armv7a->swjdp_info;
578 struct reg *reg;
579
580 LOG_DEBUG("dscr = 0x%08" PRIx32, cortex_a8->cpudbg_dscr);
581
582 /* Enable the ITR execution once we are in debug mode */
583 mem_ap_read_atomic_u32(swjdp,
584 armv7a->debug_base + CPUDBG_DSCR, &dscr);
585 dscr |= (1 << DSCR_EXT_INT_EN);
586 retval = mem_ap_write_atomic_u32(swjdp,
587 armv7a->debug_base + CPUDBG_DSCR, dscr);
588
589 /* Examine debug reason */
590 switch ((cortex_a8->cpudbg_dscr >> 2)&0xF)
591 {
592 case 0:
593 case 4:
594 target->debug_reason = DBG_REASON_DBGRQ;
595 break;
596 case 1:
597 case 3:
598 target->debug_reason = DBG_REASON_BREAKPOINT;
599 break;
600 case 10:
601 target->debug_reason = DBG_REASON_WATCHPOINT;
602 break;
603 default:
604 target->debug_reason = DBG_REASON_UNDEFINED;
605 break;
606 }
607
608 /* Examine target state and mode */
609 if (cortex_a8->fast_reg_read)
610 target_alloc_working_area(target, 64, &regfile_working_area);
611
612 /* First load register acessible through core debug port*/
613 if (!regfile_working_area)
614 {
615 /* FIXME we don't actually need all these registers;
616 * reading them slows us down. Just R0, PC, CPSR...
617 */
618 for (i = 0; i <= 15; i++)
619 cortex_a8_dap_read_coreregister_u32(target,
620 &regfile[i], i);
621 }
622 else
623 {
624 dap_ap_select(swjdp, swjdp_memoryap);
625 cortex_a8_read_regs_through_mem(target,
626 regfile_working_area->address, regfile);
627 dap_ap_select(swjdp, swjdp_memoryap);
628 target_free_working_area(target, regfile_working_area);
629 }
630
631 /* read Current PSR */
632 cortex_a8_dap_read_coreregister_u32(target, &cpsr, 16);
633 pc = regfile[15];
634 dap_ap_select(swjdp, swjdp_debugap);
635 LOG_DEBUG("cpsr: %8.8" PRIx32, cpsr);
636
637 armv4_5->core_mode = cpsr & 0x1F;
638
639 i = (cpsr >> 5) & 1; /* T */
640 i |= (cpsr >> 23) & 1; /* J << 1 */
641 switch (i) {
642 case 0: /* J = 0, T = 0 */
643 armv4_5->core_state = ARMV4_5_STATE_ARM;
644 break;
645 case 1: /* J = 0, T = 1 */
646 armv4_5->core_state = ARMV4_5_STATE_THUMB;
647 break;
648 case 2: /* J = 1, T = 0 */
649 LOG_WARNING("Jazelle state -- not handled");
650 armv4_5->core_state = ARMV4_5_STATE_JAZELLE;
651 break;
652 case 3: /* J = 1, T = 1 */
653 /* ThumbEE is very much like Thumb, but some of the
654 * instructions are different. Single stepping and
655 * breakpoints need updating...
656 */
657 LOG_WARNING("ThumbEE -- incomplete support");
658 armv4_5->core_state = ARM_STATE_THUMB_EE;
659 break;
660 }
661
662 /* update cache */
663 reg = armv4_5->core_cache->reg_list + ARMV4_5_CPSR;
664 buf_set_u32(reg->value, 0, 32, cpsr);
665 reg->valid = 1;
666 reg->dirty = 0;
667
668 for (i = 0; i <= ARM_PC; i++)
669 {
670 reg = &ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
671 armv4_5->core_mode, i);
672
673 buf_set_u32(reg->value, 0, 32, regfile[i]);
674 reg->valid = 1;
675 reg->dirty = 0;
676 }
677
678 /* Fixup PC Resume Address */
679 if (cpsr & (1 << 5))
680 {
681 // T bit set for Thumb or ThumbEE state
682 regfile[ARM_PC] -= 4;
683 }
684 else
685 {
686 // ARM state
687 regfile[ARM_PC] -= 8;
688 }
689 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
690 armv4_5->core_mode, ARM_PC).value,
691 0, 32, regfile[ARM_PC]);
692
693 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0)
694 .dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
695 armv4_5->core_mode, 0).valid;
696 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 15)
697 .dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
698 armv4_5->core_mode, 15).valid;
699
700 #if 0
701 /* TODO, Move this */
702 uint32_t cp15_control_register, cp15_cacr, cp15_nacr;
703 cortex_a8_read_cp(target, &cp15_control_register, 15, 0, 1, 0, 0);
704 LOG_DEBUG("cp15_control_register = 0x%08x", cp15_control_register);
705
706 cortex_a8_read_cp(target, &cp15_cacr, 15, 0, 1, 0, 2);
707 LOG_DEBUG("cp15 Coprocessor Access Control Register = 0x%08x", cp15_cacr);
708
709 cortex_a8_read_cp(target, &cp15_nacr, 15, 0, 1, 1, 2);
710 LOG_DEBUG("cp15 Nonsecure Access Control Register = 0x%08x", cp15_nacr);
711 #endif
712
713 /* Are we in an exception handler */
714 // armv4_5->exception_number = 0;
715 if (armv7a->post_debug_entry)
716 armv7a->post_debug_entry(target);
717
718
719
720 return retval;
721
722 }
723
724 static void cortex_a8_post_debug_entry(struct target *target)
725 {
726 struct cortex_a8_common *cortex_a8 = target_to_cortex_a8(target);
727 struct armv7a_common *armv7a = &cortex_a8->armv7a_common;
728
729 // cortex_a8_read_cp(target, &cp15_control_register, 15, 0, 1, 0, 0);
730 /* examine cp15 control reg */
731 armv7a->read_cp15(target, 0, 0, 1, 0, &cortex_a8->cp15_control_reg);
732 jtag_execute_queue();
733 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, cortex_a8->cp15_control_reg);
734
735 if (armv7a->armv4_5_mmu.armv4_5_cache.ctype == -1)
736 {
737 uint32_t cache_type_reg;
738 /* identify caches */
739 armv7a->read_cp15(target, 0, 1, 0, 0, &cache_type_reg);
740 jtag_execute_queue();
741 /* FIXME the armv4_4 cache info DOES NOT APPLY to Cortex-A8 */
742 armv4_5_identify_cache(cache_type_reg,
743 &armv7a->armv4_5_mmu.armv4_5_cache);
744 }
745
746 armv7a->armv4_5_mmu.mmu_enabled =
747 (cortex_a8->cp15_control_reg & 0x1U) ? 1 : 0;
748 armv7a->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
749 (cortex_a8->cp15_control_reg & 0x4U) ? 1 : 0;
750 armv7a->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
751 (cortex_a8->cp15_control_reg & 0x1000U) ? 1 : 0;
752
753
754 }
755
756 static int cortex_a8_step(struct target *target, int current, uint32_t address,
757 int handle_breakpoints)
758 {
759 struct armv7a_common *armv7a = target_to_armv7a(target);
760 struct armv4_5_common_s *armv4_5 = &armv7a->armv4_5_common;
761 struct breakpoint *breakpoint = NULL;
762 struct breakpoint stepbreakpoint;
763
764 int timeout = 100;
765
766 if (target->state != TARGET_HALTED)
767 {
768 LOG_WARNING("target not halted");
769 return ERROR_TARGET_NOT_HALTED;
770 }
771
772 /* current = 1: continue on current pc, otherwise continue at <address> */
773 if (!current)
774 {
775 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
776 armv4_5->core_mode, ARM_PC).value,
777 0, 32, address);
778 }
779 else
780 {
781 address = buf_get_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
782 armv4_5->core_mode, ARM_PC).value,
783 0, 32);
784 }
785
786 /* The front-end may request us not to handle breakpoints.
787 * But since Cortex-A8 uses breakpoint for single step,
788 * we MUST handle breakpoints.
789 */
790 handle_breakpoints = 1;
791 if (handle_breakpoints) {
792 breakpoint = breakpoint_find(target,
793 buf_get_u32(ARMV4_5_CORE_REG_MODE(
794 armv4_5->core_cache,
795 armv4_5->core_mode, 15).value,
796 0, 32));
797 if (breakpoint)
798 cortex_a8_unset_breakpoint(target, breakpoint);
799 }
800
801 /* Setup single step breakpoint */
802 stepbreakpoint.address = address;
803 stepbreakpoint.length = (armv4_5->core_state == ARMV4_5_STATE_THUMB)
804 ? 2 : 4;
805 stepbreakpoint.type = BKPT_HARD;
806 stepbreakpoint.set = 0;
807
808 /* Break on IVA mismatch */
809 cortex_a8_set_breakpoint(target, &stepbreakpoint, 0x04);
810
811 target->debug_reason = DBG_REASON_SINGLESTEP;
812
813 cortex_a8_resume(target, 1, address, 0, 0);
814
815 while (target->state != TARGET_HALTED)
816 {
817 cortex_a8_poll(target);
818 if (--timeout == 0)
819 {
820 LOG_WARNING("timeout waiting for target halt");
821 break;
822 }
823 }
824
825 cortex_a8_unset_breakpoint(target, &stepbreakpoint);
826 if (timeout > 0) target->debug_reason = DBG_REASON_BREAKPOINT;
827
828 if (breakpoint)
829 cortex_a8_set_breakpoint(target, breakpoint, 0);
830
831 if (target->state != TARGET_HALTED)
832 LOG_DEBUG("target stepped");
833
834 return ERROR_OK;
835 }
836
837 static int cortex_a8_restore_context(struct target *target)
838 {
839 int i;
840 uint32_t value;
841 struct armv7a_common *armv7a = target_to_armv7a(target);
842 struct armv4_5_common_s *armv4_5 = &armv7a->armv4_5_common;
843
844 LOG_DEBUG(" ");
845
846 if (armv7a->pre_restore_context)
847 armv7a->pre_restore_context(target);
848
849 for (i = 15; i >= 0; i--)
850 {
851 if (ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
852 armv4_5->core_mode, i).dirty)
853 {
854 value = buf_get_u32(ARMV4_5_CORE_REG_MODE(
855 armv4_5->core_cache,
856 armv4_5->core_mode, i).value,
857 0, 32);
858 /* TODO Check return values */
859 cortex_a8_dap_write_coreregister_u32(target, value, i);
860 }
861 }
862
863 if (armv7a->post_restore_context)
864 armv7a->post_restore_context(target);
865
866 return ERROR_OK;
867 }
868
869
870 #if 0
871 /*
872 * Cortex-A8 Core register functions
873 */
874 static int cortex_a8_load_core_reg_u32(struct target *target, int num,
875 armv4_5_mode_t mode, uint32_t * value)
876 {
877 int retval;
878 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
879
880 if ((num <= ARM_CPSR))
881 {
882 /* read a normal core register */
883 retval = cortex_a8_dap_read_coreregister_u32(target, value, num);
884
885 if (retval != ERROR_OK)
886 {
887 LOG_ERROR("JTAG failure %i", retval);
888 return ERROR_JTAG_DEVICE_ERROR;
889 }
890 LOG_DEBUG("load from core reg %i value 0x%" PRIx32, num, *value);
891 }
892 else
893 {
894 return ERROR_INVALID_ARGUMENTS;
895 }
896
897 /* Register other than r0 - r14 uses r0 for access */
898 if (num > 14)
899 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
900 armv4_5->core_mode, 0).dirty =
901 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
902 armv4_5->core_mode, 0).valid;
903 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
904 armv4_5->core_mode, 15).dirty =
905 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
906 armv4_5->core_mode, 15).valid;
907
908 return ERROR_OK;
909 }
910
911 static int cortex_a8_store_core_reg_u32(struct target *target, int num,
912 armv4_5_mode_t mode, uint32_t value)
913 {
914 int retval;
915 // uint32_t reg;
916 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
917
918 #ifdef ARMV7_GDB_HACKS
919 /* If the LR register is being modified, make sure it will put us
920 * in "thumb" mode, or an INVSTATE exception will occur. This is a
921 * hack to deal with the fact that gdb will sometimes "forge"
922 * return addresses, and doesn't set the LSB correctly (i.e., when
923 * printing expressions containing function calls, it sets LR=0.) */
924
925 if (num == 14)
926 value |= 0x01;
927 #endif
928
929 if ((num <= ARM_CPSR))
930 {
931 retval = cortex_a8_dap_write_coreregister_u32(target, value, num);
932 if (retval != ERROR_OK)
933 {
934 LOG_ERROR("JTAG failure %i", retval);
935 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
936 armv4_5->core_mode, num).dirty =
937 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
938 armv4_5->core_mode, num).valid;
939 return ERROR_JTAG_DEVICE_ERROR;
940 }
941 LOG_DEBUG("write core reg %i value 0x%" PRIx32, num, value);
942 }
943 else
944 {
945 return ERROR_INVALID_ARGUMENTS;
946 }
947
948 return ERROR_OK;
949 }
950 #endif
951
952
953 static int cortex_a8_read_core_reg(struct target *target, int num,
954 enum armv4_5_mode mode)
955 {
956 uint32_t value;
957 int retval;
958 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
959
960 /* FIXME cortex may not be in "mode" ... */
961
962 cortex_a8_dap_read_coreregister_u32(target, &value, num);
963
964 if ((retval = jtag_execute_queue()) != ERROR_OK)
965 {
966 return retval;
967 }
968
969 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
970 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
971 buf_set_u32(ARMV4_5_CORE_REG_MODE(armv4_5->core_cache,
972 mode, num).value, 0, 32, value);
973
974 return ERROR_OK;
975 }
976
977 static int cortex_a8_write_core_reg(struct target *target, int num,
978 enum armv4_5_mode mode, uint32_t value)
979 {
980 int retval;
981 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
982
983 /* FIXME cortex may not be in "mode" ... */
984
985 cortex_a8_dap_write_coreregister_u32(target, value, num);
986 if ((retval = jtag_execute_queue()) != ERROR_OK)
987 {
988 return retval;
989 }
990
991 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
992 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
993
994 return ERROR_OK;
995 }
996
997
998 /*
999 * Cortex-A8 Breakpoint and watchpoint fuctions
1000 */
1001
1002 /* Setup hardware Breakpoint Register Pair */
1003 static int cortex_a8_set_breakpoint(struct target *target,
1004 struct breakpoint *breakpoint, uint8_t matchmode)
1005 {
1006 int retval;
1007 int brp_i=0;
1008 uint32_t control;
1009 uint8_t byte_addr_select = 0x0F;
1010 struct cortex_a8_common *cortex_a8 = target_to_cortex_a8(target);
1011 struct armv7a_common *armv7a = &cortex_a8->armv7a_common;
1012 struct cortex_a8_brp * brp_list = cortex_a8->brp_list;
1013
1014 if (breakpoint->set)
1015 {
1016 LOG_WARNING("breakpoint already set");
1017 return ERROR_OK;
1018 }
1019
1020 if (breakpoint->type == BKPT_HARD)
1021 {
1022 while (brp_list[brp_i].used && (brp_i < cortex_a8->brp_num))
1023 brp_i++ ;
1024 if (brp_i >= cortex_a8->brp_num)
1025 {
1026 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1027 return ERROR_FAIL;
1028 }
1029 breakpoint->set = brp_i + 1;
1030 if (breakpoint->length == 2)
1031 {
1032 byte_addr_select = (3 << (breakpoint->address & 0x02));
1033 }
1034 control = ((matchmode & 0x7) << 20)
1035 | (byte_addr_select << 5)
1036 | (3 << 1) | 1;
1037 brp_list[brp_i].used = 1;
1038 brp_list[brp_i].value = (breakpoint->address & 0xFFFFFFFC);
1039 brp_list[brp_i].control = control;
1040 cortex_a8_dap_write_memap_register_u32(target, armv7a->debug_base
1041 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1042 brp_list[brp_i].value);
1043 cortex_a8_dap_write_memap_register_u32(target, armv7a->debug_base
1044 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1045 brp_list[brp_i].control);
1046 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1047 brp_list[brp_i].control,
1048 brp_list[brp_i].value);
1049 }
1050 else if (breakpoint->type == BKPT_SOFT)
1051 {
1052 uint8_t code[4];
1053 if (breakpoint->length == 2)
1054 {
1055 buf_set_u32(code, 0, 32, ARMV5_T_BKPT(0x11));
1056 }
1057 else
1058 {
1059 buf_set_u32(code, 0, 32, ARMV5_BKPT(0x11));
1060 }
1061 retval = target->type->read_memory(target,
1062 breakpoint->address & 0xFFFFFFFE,
1063 breakpoint->length, 1,
1064 breakpoint->orig_instr);
1065 if (retval != ERROR_OK)
1066 return retval;
1067 retval = target->type->write_memory(target,
1068 breakpoint->address & 0xFFFFFFFE,
1069 breakpoint->length, 1, code);
1070 if (retval != ERROR_OK)
1071 return retval;
1072 breakpoint->set = 0x11; /* Any nice value but 0 */
1073 }
1074
1075 return ERROR_OK;
1076 }
1077
1078 static int cortex_a8_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
1079 {
1080 int retval;
1081 struct cortex_a8_common *cortex_a8 = target_to_cortex_a8(target);
1082 struct armv7a_common *armv7a = &cortex_a8->armv7a_common;
1083 struct cortex_a8_brp * brp_list = cortex_a8->brp_list;
1084
1085 if (!breakpoint->set)
1086 {
1087 LOG_WARNING("breakpoint not set");
1088 return ERROR_OK;
1089 }
1090
1091 if (breakpoint->type == BKPT_HARD)
1092 {
1093 int brp_i = breakpoint->set - 1;
1094 if ((brp_i < 0) || (brp_i >= cortex_a8->brp_num))
1095 {
1096 LOG_DEBUG("Invalid BRP number in breakpoint");
1097 return ERROR_OK;
1098 }
1099 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
1100 brp_list[brp_i].control, brp_list[brp_i].value);
1101 brp_list[brp_i].used = 0;
1102 brp_list[brp_i].value = 0;
1103 brp_list[brp_i].control = 0;
1104 cortex_a8_dap_write_memap_register_u32(target, armv7a->debug_base
1105 + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
1106 brp_list[brp_i].control);
1107 cortex_a8_dap_write_memap_register_u32(target, armv7a->debug_base
1108 + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
1109 brp_list[brp_i].value);
1110 }
1111 else
1112 {
1113 /* restore original instruction (kept in target endianness) */
1114 if (breakpoint->length == 4)
1115 {
1116 retval = target->type->write_memory(target,
1117 breakpoint->address & 0xFFFFFFFE,
1118 4, 1, breakpoint->orig_instr);
1119 if (retval != ERROR_OK)
1120 return retval;
1121 }
1122 else
1123 {
1124 retval = target->type->write_memory(target,
1125 breakpoint->address & 0xFFFFFFFE,
1126 2, 1, breakpoint->orig_instr);
1127 if (retval != ERROR_OK)
1128 return retval;
1129 }
1130 }
1131 breakpoint->set = 0;
1132
1133 return ERROR_OK;
1134 }
1135
1136 int cortex_a8_add_breakpoint(struct target *target, struct breakpoint *breakpoint)
1137 {
1138 struct cortex_a8_common *cortex_a8 = target_to_cortex_a8(target);
1139
1140 if ((breakpoint->type == BKPT_HARD) && (cortex_a8->brp_num_available < 1))
1141 {
1142 LOG_INFO("no hardware breakpoint available");
1143 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1144 }
1145
1146 if (breakpoint->type == BKPT_HARD)
1147 cortex_a8->brp_num_available--;
1148 cortex_a8_set_breakpoint(target, breakpoint, 0x00); /* Exact match */
1149
1150 return ERROR_OK;
1151 }
1152
1153 static int cortex_a8_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
1154 {
1155 struct cortex_a8_common *cortex_a8 = target_to_cortex_a8(target);
1156
1157 #if 0
1158 /* It is perfectly possible to remove brakpoints while the taget is running */
1159 if (target->state != TARGET_HALTED)
1160 {
1161 LOG_WARNING("target not halted");
1162 return ERROR_TARGET_NOT_HALTED;
1163 }
1164 #endif
1165
1166 if (breakpoint->set)
1167 {
1168 cortex_a8_unset_breakpoint(target, breakpoint);
1169 if (breakpoint->type == BKPT_HARD)
1170 cortex_a8->brp_num_available++ ;
1171 }
1172
1173
1174 return ERROR_OK;
1175 }
1176
1177
1178
1179 /*
1180 * Cortex-A8 Reset fuctions
1181 */
1182
1183 static int cortex_a8_assert_reset(struct target *target)
1184 {
1185 struct armv7a_common *armv7a = target_to_armv7a(target);
1186
1187 LOG_DEBUG(" ");
1188
1189 /* registers are now invalid */
1190 register_cache_invalidate(armv7a->armv4_5_common.core_cache);
1191
1192 target->state = TARGET_RESET;
1193
1194 return ERROR_OK;
1195 }
1196
1197 static int cortex_a8_deassert_reset(struct target *target)
1198 {
1199
1200 LOG_DEBUG(" ");
1201
1202 if (target->reset_halt)
1203 {
1204 int retval;
1205 if ((retval = target_halt(target)) != ERROR_OK)
1206 return retval;
1207 }
1208
1209 return ERROR_OK;
1210 }
1211
1212 /*
1213 * Cortex-A8 Memory access
1214 *
1215 * This is same Cortex M3 but we must also use the correct
1216 * ap number for every access.
1217 */
1218
1219 static int cortex_a8_read_memory(struct target *target, uint32_t address,
1220 uint32_t size, uint32_t count, uint8_t *buffer)
1221 {
1222 struct armv7a_common *armv7a = target_to_armv7a(target);
1223 struct swjdp_common *swjdp = &armv7a->swjdp_info;
1224 int retval = ERROR_INVALID_ARGUMENTS;
1225
1226 /* cortex_a8 handles unaligned memory access */
1227
1228 // ??? dap_ap_select(swjdp, swjdp_memoryap);
1229
1230 if (count && buffer) {
1231 switch (size) {
1232 case 4:
1233 retval = mem_ap_read_buf_u32(swjdp, buffer, 4 * count, address);
1234 break;
1235 case 2:
1236 retval = mem_ap_read_buf_u16(swjdp, buffer, 2 * count, address);
1237 break;
1238 case 1:
1239 retval = mem_ap_read_buf_u8(swjdp, buffer, count, address);
1240 break;
1241 }
1242 }
1243
1244 return retval;
1245 }
1246
1247 int cortex_a8_write_memory(struct target *target, uint32_t address,
1248 uint32_t size, uint32_t count, uint8_t *buffer)
1249 {
1250 struct armv7a_common *armv7a = target_to_armv7a(target);
1251 struct swjdp_common *swjdp = &armv7a->swjdp_info;
1252 int retval = ERROR_INVALID_ARGUMENTS;
1253
1254 // ??? dap_ap_select(swjdp, swjdp_memoryap);
1255
1256 if (count && buffer) {
1257 switch (size) {
1258 case 4:
1259 retval = mem_ap_write_buf_u32(swjdp, buffer, 4 * count, address);
1260 break;
1261 case 2:
1262 retval = mem_ap_write_buf_u16(swjdp, buffer, 2 * count, address);
1263 break;
1264 case 1:
1265 retval = mem_ap_write_buf_u8(swjdp, buffer, count, address);
1266 break;
1267 }
1268 }
1269
1270 if (retval == ERROR_OK && target->state == TARGET_HALTED)
1271 {
1272 /* The Cache handling will NOT work with MMU active, the wrong addresses will be invalidated */
1273 /* invalidate I-Cache */
1274 if (armv7a->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
1275 {
1276 /* Invalidate ICache single entry with MVA, repeat this for all cache
1277 lines in the address range, Cortex-A8 has fixed 64 byte line length */
1278 /* Invalidate Cache single entry with MVA to PoU */
1279 for (uint32_t cacheline=address; cacheline<address+size*count; cacheline+=64)
1280 armv7a->write_cp15(target, 0, 1, 7, 5, cacheline); /* I-Cache to PoU */
1281 }
1282 /* invalidate D-Cache */
1283 if (armv7a->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
1284 {
1285 /* Invalidate Cache single entry with MVA to PoC */
1286 for (uint32_t cacheline=address; cacheline<address+size*count; cacheline+=64)
1287 armv7a->write_cp15(target, 0, 1, 7, 6, cacheline); /* U/D cache to PoC */
1288 }
1289 }
1290
1291 return retval;
1292 }
1293
1294 static int cortex_a8_bulk_write_memory(struct target *target, uint32_t address,
1295 uint32_t count, uint8_t *buffer)
1296 {
1297 return cortex_a8_write_memory(target, address, 4, count, buffer);
1298 }
1299
1300
1301 static int cortex_a8_dcc_read(struct swjdp_common *swjdp, uint8_t *value, uint8_t *ctrl)
1302 {
1303 #if 0
1304 u16 dcrdr;
1305
1306 mem_ap_read_buf_u16(swjdp, (uint8_t*)&dcrdr, 1, DCB_DCRDR);
1307 *ctrl = (uint8_t)dcrdr;
1308 *value = (uint8_t)(dcrdr >> 8);
1309
1310 LOG_DEBUG("data 0x%x ctrl 0x%x", *value, *ctrl);
1311
1312 /* write ack back to software dcc register
1313 * signify we have read data */
1314 if (dcrdr & (1 << 0))
1315 {
1316 dcrdr = 0;
1317 mem_ap_write_buf_u16(swjdp, (uint8_t*)&dcrdr, 1, DCB_DCRDR);
1318 }
1319 #endif
1320 return ERROR_OK;
1321 }
1322
1323
1324 static int cortex_a8_handle_target_request(void *priv)
1325 {
1326 struct target *target = priv;
1327 struct armv7a_common *armv7a = target_to_armv7a(target);
1328 struct swjdp_common *swjdp = &armv7a->swjdp_info;
1329
1330 if (!target_was_examined(target))
1331 return ERROR_OK;
1332 if (!target->dbg_msg_enabled)
1333 return ERROR_OK;
1334
1335 if (target->state == TARGET_RUNNING)
1336 {
1337 uint8_t data = 0;
1338 uint8_t ctrl = 0;
1339
1340 cortex_a8_dcc_read(swjdp, &data, &ctrl);
1341
1342 /* check if we have data */
1343 if (ctrl & (1 << 0))
1344 {
1345 uint32_t request;
1346
1347 /* we assume target is quick enough */
1348 request = data;
1349 cortex_a8_dcc_read(swjdp, &data, &ctrl);
1350 request |= (data << 8);
1351 cortex_a8_dcc_read(swjdp, &data, &ctrl);
1352 request |= (data << 16);
1353 cortex_a8_dcc_read(swjdp, &data, &ctrl);
1354 request |= (data << 24);
1355 target_request(target, request);
1356 }
1357 }
1358
1359 return ERROR_OK;
1360 }
1361
1362 /*
1363 * Cortex-A8 target information and configuration
1364 */
1365
1366 static int cortex_a8_examine_first(struct target *target)
1367 {
1368 struct cortex_a8_common *cortex_a8 = target_to_cortex_a8(target);
1369 struct armv7a_common *armv7a = &cortex_a8->armv7a_common;
1370 struct swjdp_common *swjdp = &armv7a->swjdp_info;
1371 int i;
1372 int retval = ERROR_OK;
1373 uint32_t didr, ctypr, ttypr, cpuid;
1374
1375 LOG_DEBUG("TODO");
1376
1377 /* Here we shall insert a proper ROM Table scan */
1378 armv7a->debug_base = OMAP3530_DEBUG_BASE;
1379
1380 /* We do one extra read to ensure DAP is configured,
1381 * we call ahbap_debugport_init(swjdp) instead
1382 */
1383 ahbap_debugport_init(swjdp);
1384 mem_ap_read_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_CPUID, &cpuid);
1385 if ((retval = mem_ap_read_atomic_u32(swjdp,
1386 armv7a->debug_base + CPUDBG_CPUID, &cpuid)) != ERROR_OK)
1387 {
1388 LOG_DEBUG("Examine failed");
1389 return retval;
1390 }
1391
1392 if ((retval = mem_ap_read_atomic_u32(swjdp,
1393 armv7a->debug_base + CPUDBG_CTYPR, &ctypr)) != ERROR_OK)
1394 {
1395 LOG_DEBUG("Examine failed");
1396 return retval;
1397 }
1398
1399 if ((retval = mem_ap_read_atomic_u32(swjdp,
1400 armv7a->debug_base + CPUDBG_TTYPR, &ttypr)) != ERROR_OK)
1401 {
1402 LOG_DEBUG("Examine failed");
1403 return retval;
1404 }
1405
1406 if ((retval = mem_ap_read_atomic_u32(swjdp,
1407 armv7a->debug_base + CPUDBG_DIDR, &didr)) != ERROR_OK)
1408 {
1409 LOG_DEBUG("Examine failed");
1410 return retval;
1411 }
1412
1413 LOG_DEBUG("cpuid = 0x%08" PRIx32, cpuid);
1414 LOG_DEBUG("ctypr = 0x%08" PRIx32, ctypr);
1415 LOG_DEBUG("ttypr = 0x%08" PRIx32, ttypr);
1416 LOG_DEBUG("didr = 0x%08" PRIx32, didr);
1417
1418 /* Setup Breakpoint Register Pairs */
1419 cortex_a8->brp_num = ((didr >> 24) & 0x0F) + 1;
1420 cortex_a8->brp_num_context = ((didr >> 20) & 0x0F) + 1;
1421 cortex_a8->brp_num_available = cortex_a8->brp_num;
1422 cortex_a8->brp_list = calloc(cortex_a8->brp_num, sizeof(struct cortex_a8_brp));
1423 // cortex_a8->brb_enabled = ????;
1424 for (i = 0; i < cortex_a8->brp_num; i++)
1425 {
1426 cortex_a8->brp_list[i].used = 0;
1427 if (i < (cortex_a8->brp_num-cortex_a8->brp_num_context))
1428 cortex_a8->brp_list[i].type = BRP_NORMAL;
1429 else
1430 cortex_a8->brp_list[i].type = BRP_CONTEXT;
1431 cortex_a8->brp_list[i].value = 0;
1432 cortex_a8->brp_list[i].control = 0;
1433 cortex_a8->brp_list[i].BRPn = i;
1434 }
1435
1436 /* Setup Watchpoint Register Pairs */
1437 cortex_a8->wrp_num = ((didr >> 28) & 0x0F) + 1;
1438 cortex_a8->wrp_num_available = cortex_a8->wrp_num;
1439 cortex_a8->wrp_list = calloc(cortex_a8->wrp_num, sizeof(struct cortex_a8_wrp));
1440 for (i = 0; i < cortex_a8->wrp_num; i++)
1441 {
1442 cortex_a8->wrp_list[i].used = 0;
1443 cortex_a8->wrp_list[i].type = 0;
1444 cortex_a8->wrp_list[i].value = 0;
1445 cortex_a8->wrp_list[i].control = 0;
1446 cortex_a8->wrp_list[i].WRPn = i;
1447 }
1448 LOG_DEBUG("Configured %i hw breakpoint pairs and %i hw watchpoint pairs",
1449 cortex_a8->brp_num , cortex_a8->wrp_num);
1450
1451 target_set_examined(target);
1452 return ERROR_OK;
1453 }
1454
1455 static int cortex_a8_examine(struct target *target)
1456 {
1457 int retval = ERROR_OK;
1458
1459 /* don't re-probe hardware after each reset */
1460 if (!target_was_examined(target))
1461 retval = cortex_a8_examine_first(target);
1462
1463 /* Configure core debug access */
1464 if (retval == ERROR_OK)
1465 retval = cortex_a8_init_debug_access(target);
1466
1467 return retval;
1468 }
1469
1470 /*
1471 * Cortex-A8 target creation and initialization
1472 */
1473
1474 static void cortex_a8_build_reg_cache(struct target *target)
1475 {
1476 struct reg_cache **cache_p = register_get_last_cache_p(&target->reg_cache);
1477 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
1478
1479 armv4_5->core_type = ARM_MODE_MON;
1480
1481 (*cache_p) = armv4_5_build_reg_cache(target, armv4_5);
1482 armv4_5->core_cache = (*cache_p);
1483 }
1484
1485
1486 static int cortex_a8_init_target(struct command_context *cmd_ctx,
1487 struct target *target)
1488 {
1489 cortex_a8_build_reg_cache(target);
1490 return ERROR_OK;
1491 }
1492
1493 int cortex_a8_init_arch_info(struct target *target,
1494 struct cortex_a8_common *cortex_a8, struct jtag_tap *tap)
1495 {
1496 struct armv7a_common *armv7a = &cortex_a8->armv7a_common;
1497 struct arm *armv4_5 = &armv7a->armv4_5_common;
1498 struct swjdp_common *swjdp = &armv7a->swjdp_info;
1499
1500 /* Setup struct cortex_a8_common */
1501 cortex_a8->common_magic = CORTEX_A8_COMMON_MAGIC;
1502 armv4_5->arch_info = armv7a;
1503
1504 /* prepare JTAG information for the new target */
1505 cortex_a8->jtag_info.tap = tap;
1506 cortex_a8->jtag_info.scann_size = 4;
1507 LOG_DEBUG(" ");
1508 swjdp->dp_select_value = -1;
1509 swjdp->ap_csw_value = -1;
1510 swjdp->ap_tar_value = -1;
1511 swjdp->jtag_info = &cortex_a8->jtag_info;
1512 swjdp->memaccess_tck = 80;
1513
1514 /* Number of bits for tar autoincrement, impl. dep. at least 10 */
1515 swjdp->tar_autoincr_block = (1 << 10);
1516
1517 cortex_a8->fast_reg_read = 0;
1518
1519
1520 /* register arch-specific functions */
1521 armv7a->examine_debug_reason = NULL;
1522
1523 armv7a->post_debug_entry = cortex_a8_post_debug_entry;
1524
1525 armv7a->pre_restore_context = NULL;
1526 armv7a->post_restore_context = NULL;
1527 armv7a->armv4_5_mmu.armv4_5_cache.ctype = -1;
1528 // armv7a->armv4_5_mmu.get_ttb = armv7a_get_ttb;
1529 armv7a->armv4_5_mmu.read_memory = cortex_a8_read_memory;
1530 armv7a->armv4_5_mmu.write_memory = cortex_a8_write_memory;
1531 // armv7a->armv4_5_mmu.disable_mmu_caches = armv7a_disable_mmu_caches;
1532 // armv7a->armv4_5_mmu.enable_mmu_caches = armv7a_enable_mmu_caches;
1533 armv7a->armv4_5_mmu.has_tiny_pages = 1;
1534 armv7a->armv4_5_mmu.mmu_enabled = 0;
1535 armv7a->read_cp15 = cortex_a8_read_cp15;
1536 armv7a->write_cp15 = cortex_a8_write_cp15;
1537
1538
1539 // arm7_9->handle_target_request = cortex_a8_handle_target_request;
1540
1541 armv4_5->read_core_reg = cortex_a8_read_core_reg;
1542 armv4_5->write_core_reg = cortex_a8_write_core_reg;
1543
1544 /* REVISIT v7a setup should be in a v7a-specific routine */
1545 armv4_5_init_arch_info(target, armv4_5);
1546 armv7a->common_magic = ARMV7_COMMON_MAGIC;
1547
1548 target_register_timer_callback(cortex_a8_handle_target_request, 1, 1, target);
1549
1550 return ERROR_OK;
1551 }
1552
1553 static int cortex_a8_target_create(struct target *target, Jim_Interp *interp)
1554 {
1555 struct cortex_a8_common *cortex_a8 = calloc(1, sizeof(struct cortex_a8_common));
1556
1557 cortex_a8_init_arch_info(target, cortex_a8, target->tap);
1558
1559 return ERROR_OK;
1560 }
1561
1562 COMMAND_HANDLER(cortex_a8_handle_cache_info_command)
1563 {
1564 struct target *target = get_current_target(CMD_CTX);
1565 struct armv7a_common *armv7a = target_to_armv7a(target);
1566
1567 return armv4_5_handle_cache_info_command(CMD_CTX,
1568 &armv7a->armv4_5_mmu.armv4_5_cache);
1569 }
1570
1571
1572 COMMAND_HANDLER(cortex_a8_handle_dbginit_command)
1573 {
1574 struct target *target = get_current_target(CMD_CTX);
1575
1576 cortex_a8_init_debug_access(target);
1577
1578 return ERROR_OK;
1579 }
1580
1581
1582 static int cortex_a8_register_commands(struct command_context *cmd_ctx)
1583 {
1584 struct command *cortex_a8_cmd;
1585 int retval = ERROR_OK;
1586
1587 armv4_5_register_commands(cmd_ctx);
1588 armv7a_register_commands(cmd_ctx);
1589
1590 cortex_a8_cmd = register_command(cmd_ctx, NULL, "cortex_a8",
1591 NULL, COMMAND_ANY,
1592 "cortex_a8 specific commands");
1593
1594 register_command(cmd_ctx, cortex_a8_cmd, "cache_info",
1595 cortex_a8_handle_cache_info_command, COMMAND_EXEC,
1596 "display information about target caches");
1597
1598 register_command(cmd_ctx, cortex_a8_cmd, "dbginit",
1599 cortex_a8_handle_dbginit_command, COMMAND_EXEC,
1600 "Initialize core debug");
1601
1602 return retval;
1603 }
1604
1605 struct target_type cortexa8_target = {
1606 .name = "cortex_a8",
1607
1608 .poll = cortex_a8_poll,
1609 .arch_state = armv7a_arch_state,
1610
1611 .target_request_data = NULL,
1612
1613 .halt = cortex_a8_halt,
1614 .resume = cortex_a8_resume,
1615 .step = cortex_a8_step,
1616
1617 .assert_reset = cortex_a8_assert_reset,
1618 .deassert_reset = cortex_a8_deassert_reset,
1619 .soft_reset_halt = NULL,
1620
1621 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
1622
1623 .read_memory = cortex_a8_read_memory,
1624 .write_memory = cortex_a8_write_memory,
1625 .bulk_write_memory = cortex_a8_bulk_write_memory,
1626
1627 .checksum_memory = arm_checksum_memory,
1628 .blank_check_memory = arm_blank_check_memory,
1629
1630 .run_algorithm = armv4_5_run_algorithm,
1631
1632 .add_breakpoint = cortex_a8_add_breakpoint,
1633 .remove_breakpoint = cortex_a8_remove_breakpoint,
1634 .add_watchpoint = NULL,
1635 .remove_watchpoint = NULL,
1636
1637 .register_commands = cortex_a8_register_commands,
1638 .target_create = cortex_a8_target_create,
1639 .init_target = cortex_a8_init_target,
1640 .examine = cortex_a8_examine,
1641 .mrc = cortex_a8_mrc,
1642 .mcr = cortex_a8_mcr,
1643 };
Marex's Cortex A8 development branch