1 /***************************************************************************
2 * Copyright (C) 2015 by David Ung *
4 * This program is free software; you can redistribute it and/or modify *
5 * it under the terms of the GNU General Public License as published by *
6 * the Free Software Foundation; either version 2 of the License, or *
7 * (at your option) any later version. *
9 * This program is distributed in the hope that it will be useful, *
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
12 * GNU General Public License for more details. *
14 * You should have received a copy of the GNU General Public License *
15 * along with this program; if not, write to the *
16 * Free Software Foundation, Inc., *
18 ***************************************************************************/
24 #include "breakpoints.h"
27 #include "target_request.h"
28 #include "target_type.h"
29 #include "armv8_opcodes.h"
30 #include "armv8_cache.h"
31 #include <helper/time_support.h>
43 static int aarch64_poll(struct target
*target
);
44 static int aarch64_debug_entry(struct target
*target
);
45 static int aarch64_restore_context(struct target
*target
, bool bpwp
);
46 static int aarch64_set_breakpoint(struct target
*target
,
47 struct breakpoint
*breakpoint
, uint8_t matchmode
);
48 static int aarch64_set_context_breakpoint(struct target
*target
,
49 struct breakpoint
*breakpoint
, uint8_t matchmode
);
50 static int aarch64_set_hybrid_breakpoint(struct target
*target
,
51 struct breakpoint
*breakpoint
);
52 static int aarch64_unset_breakpoint(struct target
*target
,
53 struct breakpoint
*breakpoint
);
54 static int aarch64_mmu(struct target
*target
, int *enabled
);
55 static int aarch64_virt2phys(struct target
*target
,
56 target_addr_t virt
, target_addr_t
*phys
);
57 static int aarch64_read_cpu_memory(struct target
*target
,
58 uint64_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
);
60 #define foreach_smp_target(pos, head) \
61 for (pos = head; (pos != NULL); pos = pos->next)
63 static int aarch64_restore_system_control_reg(struct target
*target
)
65 enum arm_mode target_mode
= ARM_MODE_ANY
;
66 int retval
= ERROR_OK
;
69 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
70 struct armv8_common
*armv8
= target_to_armv8(target
);
72 if (aarch64
->system_control_reg
!= aarch64
->system_control_reg_curr
) {
73 aarch64
->system_control_reg_curr
= aarch64
->system_control_reg
;
74 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_v8->cp15_control_reg); */
76 switch (armv8
->arm
.core_mode
) {
78 target_mode
= ARMV8_64_EL1H
;
82 instr
= ARMV8_MSR_GP(SYSTEM_SCTLR_EL1
, 0);
86 instr
= ARMV8_MSR_GP(SYSTEM_SCTLR_EL2
, 0);
90 instr
= ARMV8_MSR_GP(SYSTEM_SCTLR_EL3
, 0);
97 instr
= ARMV4_5_MCR(15, 0, 0, 1, 0, 0);
101 LOG_INFO("cannot read system control register in this mode");
105 if (target_mode
!= ARM_MODE_ANY
)
106 armv8_dpm_modeswitch(&armv8
->dpm
, target_mode
);
108 retval
= armv8
->dpm
.instr_write_data_r0(&armv8
->dpm
, instr
, aarch64
->system_control_reg
);
109 if (retval
!= ERROR_OK
)
112 if (target_mode
!= ARM_MODE_ANY
)
113 armv8_dpm_modeswitch(&armv8
->dpm
, ARM_MODE_ANY
);
119 /* modify system_control_reg in order to enable or disable mmu for :
120 * - virt2phys address conversion
121 * - read or write memory in phys or virt address */
122 static int aarch64_mmu_modify(struct target
*target
, int enable
)
124 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
125 struct armv8_common
*armv8
= &aarch64
->armv8_common
;
126 int retval
= ERROR_OK
;
130 /* if mmu enabled at target stop and mmu not enable */
131 if (!(aarch64
->system_control_reg
& 0x1U
)) {
132 LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
135 if (!(aarch64
->system_control_reg_curr
& 0x1U
))
136 aarch64
->system_control_reg_curr
|= 0x1U
;
138 if (aarch64
->system_control_reg_curr
& 0x4U
) {
139 /* data cache is active */
140 aarch64
->system_control_reg_curr
&= ~0x4U
;
141 /* flush data cache armv8 function to be called */
142 if (armv8
->armv8_mmu
.armv8_cache
.flush_all_data_cache
)
143 armv8
->armv8_mmu
.armv8_cache
.flush_all_data_cache(target
);
145 if ((aarch64
->system_control_reg_curr
& 0x1U
)) {
146 aarch64
->system_control_reg_curr
&= ~0x1U
;
150 switch (armv8
->arm
.core_mode
) {
154 instr
= ARMV8_MSR_GP(SYSTEM_SCTLR_EL1
, 0);
158 instr
= ARMV8_MSR_GP(SYSTEM_SCTLR_EL2
, 0);
162 instr
= ARMV8_MSR_GP(SYSTEM_SCTLR_EL3
, 0);
165 LOG_DEBUG("unknown cpu state 0x%x" PRIx32
, armv8
->arm
.core_state
);
169 retval
= armv8
->dpm
.instr_write_data_r0(&armv8
->dpm
, instr
,
170 aarch64
->system_control_reg_curr
);
175 * Basic debug access, very low level assumes state is saved
177 static int aarch64_init_debug_access(struct target
*target
)
179 struct armv8_common
*armv8
= target_to_armv8(target
);
185 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
186 armv8
->debug_base
+ CPUV8_DBG_OSLAR
, 0);
187 if (retval
!= ERROR_OK
) {
188 LOG_DEBUG("Examine %s failed", "oslock");
192 /* Clear Sticky Power Down status Bit in PRSR to enable access to
193 the registers in the Core Power Domain */
194 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
195 armv8
->debug_base
+ CPUV8_DBG_PRSR
, &dummy
);
196 if (retval
!= ERROR_OK
)
200 * Static CTI configuration:
201 * Channel 0 -> trigger outputs HALT request to PE
202 * Channel 1 -> trigger outputs Resume request to PE
203 * Gate all channel trigger events from entering the CTM
207 retval
= arm_cti_enable(armv8
->cti
, true);
208 /* By default, gate all channel events to and from the CTM */
209 if (retval
== ERROR_OK
)
210 retval
= arm_cti_write_reg(armv8
->cti
, CTI_GATE
, 0);
211 /* output halt requests to PE on channel 0 event */
212 if (retval
== ERROR_OK
)
213 retval
= arm_cti_write_reg(armv8
->cti
, CTI_OUTEN0
, CTI_CHNL(0));
214 /* output restart requests to PE on channel 1 event */
215 if (retval
== ERROR_OK
)
216 retval
= arm_cti_write_reg(armv8
->cti
, CTI_OUTEN1
, CTI_CHNL(1));
217 if (retval
!= ERROR_OK
)
220 /* Resync breakpoint registers */
225 /* Write to memory mapped registers directly with no cache or mmu handling */
226 static int aarch64_dap_write_memap_register_u32(struct target
*target
,
231 struct armv8_common
*armv8
= target_to_armv8(target
);
233 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
, address
, value
);
238 static int aarch64_dpm_setup(struct aarch64_common
*a8
, uint64_t debug
)
240 struct arm_dpm
*dpm
= &a8
->armv8_common
.dpm
;
243 dpm
->arm
= &a8
->armv8_common
.arm
;
246 retval
= armv8_dpm_setup(dpm
);
247 if (retval
== ERROR_OK
)
248 retval
= armv8_dpm_initialize(dpm
);
253 static int aarch64_set_dscr_bits(struct target
*target
, unsigned long bit_mask
, unsigned long value
)
255 struct armv8_common
*armv8
= target_to_armv8(target
);
256 return armv8_set_dbgreg_bits(armv8
, CPUV8_DBG_DSCR
, bit_mask
, value
);
259 static int aarch64_check_state_one(struct target
*target
,
260 uint32_t mask
, uint32_t val
, int *p_result
, uint32_t *p_prsr
)
262 struct armv8_common
*armv8
= target_to_armv8(target
);
266 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
267 armv8
->debug_base
+ CPUV8_DBG_PRSR
, &prsr
);
268 if (retval
!= ERROR_OK
)
275 *p_result
= (prsr
& mask
) == (val
& mask
);
280 static int aarch64_wait_halt_one(struct target
*target
)
282 int retval
= ERROR_OK
;
285 int64_t then
= timeval_ms();
289 retval
= aarch64_check_state_one(target
, PRSR_HALT
, PRSR_HALT
, &halted
, &prsr
);
290 if (retval
!= ERROR_OK
|| halted
)
293 if (timeval_ms() > then
+ 1000) {
294 retval
= ERROR_TARGET_TIMEOUT
;
295 LOG_DEBUG("target %s timeout, prsr=0x%08"PRIx32
, target_name(target
), prsr
);
302 static int aarch64_prepare_halt_smp(struct target
*target
, bool exc_target
, struct target
**p_first
)
304 int retval
= ERROR_OK
;
305 struct target_list
*head
= target
->head
;
306 struct target
*first
= NULL
;
308 LOG_DEBUG("target %s exc %i", target_name(target
), exc_target
);
310 while (head
!= NULL
) {
311 struct target
*curr
= head
->target
;
312 struct armv8_common
*armv8
= target_to_armv8(curr
);
315 if (exc_target
&& curr
== target
)
317 if (!target_was_examined(curr
))
319 if (curr
->state
!= TARGET_RUNNING
)
322 /* HACK: mark this target as prepared for halting */
323 curr
->debug_reason
= DBG_REASON_DBGRQ
;
325 /* open the gate for channel 0 to let HALT requests pass to the CTM */
326 retval
= arm_cti_ungate_channel(armv8
->cti
, 0);
327 if (retval
== ERROR_OK
)
328 retval
= aarch64_set_dscr_bits(curr
, DSCR_HDE
, DSCR_HDE
);
329 if (retval
!= ERROR_OK
)
332 LOG_DEBUG("target %s prepared", target_name(curr
));
339 if (exc_target
&& first
)
348 static int aarch64_halt_one(struct target
*target
, enum halt_mode mode
)
350 int retval
= ERROR_OK
;
351 struct armv8_common
*armv8
= target_to_armv8(target
);
353 LOG_DEBUG("%s", target_name(target
));
355 /* allow Halting Debug Mode */
356 retval
= aarch64_set_dscr_bits(target
, DSCR_HDE
, DSCR_HDE
);
357 if (retval
!= ERROR_OK
)
360 /* trigger an event on channel 0, this outputs a halt request to the PE */
361 retval
= arm_cti_pulse_channel(armv8
->cti
, 0);
362 if (retval
!= ERROR_OK
)
365 if (mode
== HALT_SYNC
) {
366 retval
= aarch64_wait_halt_one(target
);
367 if (retval
!= ERROR_OK
) {
368 if (retval
== ERROR_TARGET_TIMEOUT
)
369 LOG_ERROR("Timeout waiting for target %s halt", target_name(target
));
377 static int aarch64_halt_smp(struct target
*target
, bool exc_target
)
379 struct target
*next
= target
;
382 /* prepare halt on all PEs of the group */
383 retval
= aarch64_prepare_halt_smp(target
, exc_target
, &next
);
385 if (exc_target
&& next
== target
)
388 /* halt the target PE */
389 if (retval
== ERROR_OK
)
390 retval
= aarch64_halt_one(next
, HALT_LAZY
);
392 if (retval
!= ERROR_OK
)
395 /* wait for all PEs to halt */
396 int64_t then
= timeval_ms();
398 bool all_halted
= true;
399 struct target_list
*head
;
402 foreach_smp_target(head
, target
->head
) {
407 if (!target_was_examined(curr
))
410 retval
= aarch64_check_state_one(curr
, PRSR_HALT
, PRSR_HALT
, &halted
, NULL
);
411 if (retval
!= ERROR_OK
|| !halted
) {
420 if (timeval_ms() > then
+ 1000) {
421 retval
= ERROR_TARGET_TIMEOUT
;
426 * HACK: on Hi6220 there are 8 cores organized in 2 clusters
427 * and it looks like the CTI's are not connected by a common
428 * trigger matrix. It seems that we need to halt one core in each
429 * cluster explicitly. So if we find that a core has not halted
430 * yet, we trigger an explicit halt for the second cluster.
432 retval
= aarch64_halt_one(curr
, HALT_LAZY
);
433 if (retval
!= ERROR_OK
)
440 static int update_halt_gdb(struct target
*target
, enum target_debug_reason debug_reason
)
442 struct target
*gdb_target
= NULL
;
443 struct target_list
*head
;
446 if (debug_reason
== DBG_REASON_NOTHALTED
) {
447 LOG_INFO("Halting remaining targets in SMP group");
448 aarch64_halt_smp(target
, true);
451 /* poll all targets in the group, but skip the target that serves GDB */
452 foreach_smp_target(head
, target
->head
) {
454 /* skip calling context */
457 if (!target_was_examined(curr
))
459 /* skip targets that were already halted */
460 if (curr
->state
== TARGET_HALTED
)
462 /* remember the gdb_service->target */
463 if (curr
->gdb_service
!= NULL
)
464 gdb_target
= curr
->gdb_service
->target
;
466 if (curr
== gdb_target
)
469 /* avoid recursion in aarch64_poll() */
475 /* after all targets were updated, poll the gdb serving target */
476 if (gdb_target
!= NULL
&& gdb_target
!= target
)
477 aarch64_poll(gdb_target
);
483 * Aarch64 Run control
486 static int aarch64_poll(struct target
*target
)
488 enum target_state prev_target_state
;
489 int retval
= ERROR_OK
;
492 retval
= aarch64_check_state_one(target
,
493 PRSR_HALT
, PRSR_HALT
, &halted
, NULL
);
494 if (retval
!= ERROR_OK
)
498 prev_target_state
= target
->state
;
499 if (prev_target_state
!= TARGET_HALTED
) {
500 enum target_debug_reason debug_reason
= target
->debug_reason
;
502 /* We have a halting debug event */
503 target
->state
= TARGET_HALTED
;
504 LOG_DEBUG("Target %s halted", target_name(target
));
505 retval
= aarch64_debug_entry(target
);
506 if (retval
!= ERROR_OK
)
510 update_halt_gdb(target
, debug_reason
);
512 switch (prev_target_state
) {
516 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
518 case TARGET_DEBUG_RUNNING
:
519 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_HALTED
);
526 target
->state
= TARGET_RUNNING
;
531 static int aarch64_halt(struct target
*target
)
534 return aarch64_halt_smp(target
, false);
536 return aarch64_halt_one(target
, HALT_SYNC
);
539 static int aarch64_restore_one(struct target
*target
, int current
,
540 uint64_t *address
, int handle_breakpoints
, int debug_execution
)
542 struct armv8_common
*armv8
= target_to_armv8(target
);
543 struct arm
*arm
= &armv8
->arm
;
547 LOG_DEBUG("%s", target_name(target
));
549 if (!debug_execution
)
550 target_free_all_working_areas(target
);
552 /* current = 1: continue on current pc, otherwise continue at <address> */
553 resume_pc
= buf_get_u64(arm
->pc
->value
, 0, 64);
555 resume_pc
= *address
;
557 *address
= resume_pc
;
559 /* Make sure that the Armv7 gdb thumb fixups does not
560 * kill the return address
562 switch (arm
->core_state
) {
564 resume_pc
&= 0xFFFFFFFC;
566 case ARM_STATE_AARCH64
:
567 resume_pc
&= 0xFFFFFFFFFFFFFFFC;
569 case ARM_STATE_THUMB
:
570 case ARM_STATE_THUMB_EE
:
571 /* When the return address is loaded into PC
572 * bit 0 must be 1 to stay in Thumb state
576 case ARM_STATE_JAZELLE
:
577 LOG_ERROR("How do I resume into Jazelle state??");
580 LOG_DEBUG("resume pc = 0x%016" PRIx64
, resume_pc
);
581 buf_set_u64(arm
->pc
->value
, 0, 64, resume_pc
);
585 /* called it now before restoring context because it uses cpu
586 * register r0 for restoring system control register */
587 retval
= aarch64_restore_system_control_reg(target
);
588 if (retval
== ERROR_OK
)
589 retval
= aarch64_restore_context(target
, handle_breakpoints
);
595 * prepare single target for restart
599 static int aarch64_prepare_restart_one(struct target
*target
)
601 struct armv8_common
*armv8
= target_to_armv8(target
);
606 LOG_DEBUG("%s", target_name(target
));
608 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
609 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
610 if (retval
!= ERROR_OK
)
613 if ((dscr
& DSCR_ITE
) == 0)
614 LOG_ERROR("DSCR.ITE must be set before leaving debug!");
615 if ((dscr
& DSCR_ERR
) != 0)
616 LOG_ERROR("DSCR.ERR must be cleared before leaving debug!");
618 /* acknowledge a pending CTI halt event */
619 retval
= arm_cti_ack_events(armv8
->cti
, CTI_TRIG(HALT
));
621 * open the CTI gate for channel 1 so that the restart events
622 * get passed along to all PEs. Also close gate for channel 0
623 * to isolate the PE from halt events.
625 if (retval
== ERROR_OK
)
626 retval
= arm_cti_ungate_channel(armv8
->cti
, 1);
627 if (retval
== ERROR_OK
)
628 retval
= arm_cti_gate_channel(armv8
->cti
, 0);
630 /* make sure that DSCR.HDE is set */
631 if (retval
== ERROR_OK
) {
633 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
634 armv8
->debug_base
+ CPUV8_DBG_DSCR
, dscr
);
637 /* clear sticky bits in PRSR, SDR is now 0 */
638 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
639 armv8
->debug_base
+ CPUV8_DBG_PRSR
, &tmp
);
644 static int aarch64_do_restart_one(struct target
*target
, enum restart_mode mode
)
646 struct armv8_common
*armv8
= target_to_armv8(target
);
649 LOG_DEBUG("%s", target_name(target
));
651 /* trigger an event on channel 1, generates a restart request to the PE */
652 retval
= arm_cti_pulse_channel(armv8
->cti
, 1);
653 if (retval
!= ERROR_OK
)
656 if (mode
== RESTART_SYNC
) {
657 int64_t then
= timeval_ms();
661 * if PRSR.SDR is set now, the target did restart, even
662 * if it's now already halted again (e.g. due to breakpoint)
664 retval
= aarch64_check_state_one(target
,
665 PRSR_SDR
, PRSR_SDR
, &resumed
, NULL
);
666 if (retval
!= ERROR_OK
|| resumed
)
669 if (timeval_ms() > then
+ 1000) {
670 LOG_ERROR("%s: Timeout waiting for resume"PRIx32
, target_name(target
));
671 retval
= ERROR_TARGET_TIMEOUT
;
677 if (retval
!= ERROR_OK
)
680 target
->debug_reason
= DBG_REASON_NOTHALTED
;
681 target
->state
= TARGET_RUNNING
;
686 static int aarch64_restart_one(struct target
*target
, enum restart_mode mode
)
690 LOG_DEBUG("%s", target_name(target
));
692 retval
= aarch64_prepare_restart_one(target
);
693 if (retval
== ERROR_OK
)
694 retval
= aarch64_do_restart_one(target
, mode
);
700 * prepare all but the current target for restart
702 static int aarch64_prep_restart_smp(struct target
*target
, int handle_breakpoints
, struct target
**p_first
)
704 int retval
= ERROR_OK
;
705 struct target_list
*head
;
706 struct target
*first
= NULL
;
709 foreach_smp_target(head
, target
->head
) {
710 struct target
*curr
= head
->target
;
712 /* skip calling target */
715 if (!target_was_examined(curr
))
717 if (curr
->state
!= TARGET_HALTED
)
720 /* resume at current address, not in step mode */
721 retval
= aarch64_restore_one(curr
, 1, &address
, handle_breakpoints
, 0);
722 if (retval
== ERROR_OK
)
723 retval
= aarch64_prepare_restart_one(curr
);
724 if (retval
!= ERROR_OK
) {
725 LOG_ERROR("failed to restore target %s", target_name(curr
));
728 /* remember the first valid target in the group */
740 static int aarch64_step_restart_smp(struct target
*target
)
742 int retval
= ERROR_OK
;
743 struct target_list
*head
;
744 struct target
*first
= NULL
;
746 LOG_DEBUG("%s", target_name(target
));
748 retval
= aarch64_prep_restart_smp(target
, 0, &first
);
749 if (retval
!= ERROR_OK
)
753 retval
= aarch64_do_restart_one(first
, RESTART_LAZY
);
754 if (retval
!= ERROR_OK
) {
755 LOG_DEBUG("error restarting target %s", target_name(first
));
759 int64_t then
= timeval_ms();
761 struct target
*curr
= target
;
762 bool all_resumed
= true;
764 foreach_smp_target(head
, target
->head
) {
773 retval
= aarch64_check_state_one(curr
,
774 PRSR_SDR
, PRSR_SDR
, &resumed
, &prsr
);
775 if (retval
!= ERROR_OK
|| (!resumed
&& (prsr
& PRSR_HALT
))) {
780 if (curr
->state
!= TARGET_RUNNING
) {
781 curr
->state
= TARGET_RUNNING
;
782 curr
->debug_reason
= DBG_REASON_NOTHALTED
;
783 target_call_event_callbacks(curr
, TARGET_EVENT_RESUMED
);
790 if (timeval_ms() > then
+ 1000) {
791 LOG_ERROR("%s: timeout waiting for target resume", __func__
);
792 retval
= ERROR_TARGET_TIMEOUT
;
796 * HACK: on Hi6220 there are 8 cores organized in 2 clusters
797 * and it looks like the CTI's are not connected by a common
798 * trigger matrix. It seems that we need to halt one core in each
799 * cluster explicitly. So if we find that a core has not halted
800 * yet, we trigger an explicit resume for the second cluster.
802 retval
= aarch64_do_restart_one(curr
, RESTART_LAZY
);
803 if (retval
!= ERROR_OK
)
810 static int aarch64_resume(struct target
*target
, int current
,
811 target_addr_t address
, int handle_breakpoints
, int debug_execution
)
814 uint64_t addr
= address
;
816 if (target
->state
!= TARGET_HALTED
)
817 return ERROR_TARGET_NOT_HALTED
;
820 * If this target is part of a SMP group, prepare the others
821 * targets for resuming. This involves restoring the complete
822 * target register context and setting up CTI gates to accept
823 * resume events from the trigger matrix.
826 retval
= aarch64_prep_restart_smp(target
, handle_breakpoints
, NULL
);
827 if (retval
!= ERROR_OK
)
831 /* all targets prepared, restore and restart the current target */
832 retval
= aarch64_restore_one(target
, current
, &addr
, handle_breakpoints
,
834 if (retval
== ERROR_OK
)
835 retval
= aarch64_restart_one(target
, RESTART_SYNC
);
836 if (retval
!= ERROR_OK
)
840 int64_t then
= timeval_ms();
842 struct target
*curr
= target
;
843 struct target_list
*head
;
844 bool all_resumed
= true;
846 foreach_smp_target(head
, target
->head
) {
853 if (!target_was_examined(curr
))
856 retval
= aarch64_check_state_one(curr
,
857 PRSR_SDR
, PRSR_SDR
, &resumed
, &prsr
);
858 if (retval
!= ERROR_OK
|| (!resumed
&& (prsr
& PRSR_HALT
))) {
863 if (curr
->state
!= TARGET_RUNNING
) {
864 curr
->state
= TARGET_RUNNING
;
865 curr
->debug_reason
= DBG_REASON_NOTHALTED
;
866 target_call_event_callbacks(curr
, TARGET_EVENT_RESUMED
);
873 if (timeval_ms() > then
+ 1000) {
874 LOG_ERROR("%s: timeout waiting for target %s to resume", __func__
, target_name(curr
));
875 retval
= ERROR_TARGET_TIMEOUT
;
880 * HACK: on Hi6220 there are 8 cores organized in 2 clusters
881 * and it looks like the CTI's are not connected by a common
882 * trigger matrix. It seems that we need to halt one core in each
883 * cluster explicitly. So if we find that a core has not halted
884 * yet, we trigger an explicit resume for the second cluster.
886 retval
= aarch64_do_restart_one(curr
, RESTART_LAZY
);
887 if (retval
!= ERROR_OK
)
892 if (retval
!= ERROR_OK
)
895 target
->debug_reason
= DBG_REASON_NOTHALTED
;
897 if (!debug_execution
) {
898 target
->state
= TARGET_RUNNING
;
899 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
900 LOG_DEBUG("target resumed at 0x%" PRIx64
, addr
);
902 target
->state
= TARGET_DEBUG_RUNNING
;
903 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_RESUMED
);
904 LOG_DEBUG("target debug resumed at 0x%" PRIx64
, addr
);
910 static int aarch64_debug_entry(struct target
*target
)
912 int retval
= ERROR_OK
;
913 struct armv8_common
*armv8
= target_to_armv8(target
);
914 struct arm_dpm
*dpm
= &armv8
->dpm
;
915 enum arm_state core_state
;
918 /* make sure to clear all sticky errors */
919 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
920 armv8
->debug_base
+ CPUV8_DBG_DRCR
, DRCR_CSE
);
921 if (retval
== ERROR_OK
)
922 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
923 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
924 if (retval
== ERROR_OK
)
925 retval
= arm_cti_ack_events(armv8
->cti
, CTI_TRIG(HALT
));
927 if (retval
!= ERROR_OK
)
930 LOG_DEBUG("%s dscr = 0x%08" PRIx32
, target_name(target
), dscr
);
933 core_state
= armv8_dpm_get_core_state(dpm
);
934 armv8_select_opcodes(armv8
, core_state
== ARM_STATE_AARCH64
);
935 armv8_select_reg_access(armv8
, core_state
== ARM_STATE_AARCH64
);
937 /* close the CTI gate for all events */
938 if (retval
== ERROR_OK
)
939 retval
= arm_cti_write_reg(armv8
->cti
, CTI_GATE
, 0);
940 /* discard async exceptions */
941 if (retval
== ERROR_OK
)
942 retval
= dpm
->instr_cpsr_sync(dpm
);
943 if (retval
!= ERROR_OK
)
946 /* Examine debug reason */
947 armv8_dpm_report_dscr(dpm
, dscr
);
949 /* save address of instruction that triggered the watchpoint? */
950 if (target
->debug_reason
== DBG_REASON_WATCHPOINT
) {
954 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
955 armv8
->debug_base
+ CPUV8_DBG_WFAR1
,
957 if (retval
!= ERROR_OK
)
961 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
962 armv8
->debug_base
+ CPUV8_DBG_WFAR0
,
964 if (retval
!= ERROR_OK
)
967 armv8_dpm_report_wfar(&armv8
->dpm
, wfar
);
970 retval
= armv8_dpm_read_current_registers(&armv8
->dpm
);
972 if (retval
== ERROR_OK
&& armv8
->post_debug_entry
)
973 retval
= armv8
->post_debug_entry(target
);
978 static int aarch64_post_debug_entry(struct target
*target
)
980 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
981 struct armv8_common
*armv8
= &aarch64
->armv8_common
;
983 enum arm_mode target_mode
= ARM_MODE_ANY
;
986 switch (armv8
->arm
.core_mode
) {
988 target_mode
= ARMV8_64_EL1H
;
992 instr
= ARMV8_MRS(SYSTEM_SCTLR_EL1
, 0);
996 instr
= ARMV8_MRS(SYSTEM_SCTLR_EL2
, 0);
1000 instr
= ARMV8_MRS(SYSTEM_SCTLR_EL3
, 0);
1007 instr
= ARMV4_5_MRC(15, 0, 0, 1, 0, 0);
1011 LOG_INFO("cannot read system control register in this mode");
1015 if (target_mode
!= ARM_MODE_ANY
)
1016 armv8_dpm_modeswitch(&armv8
->dpm
, target_mode
);
1018 retval
= armv8
->dpm
.instr_read_data_r0(&armv8
->dpm
, instr
, &aarch64
->system_control_reg
);
1019 if (retval
!= ERROR_OK
)
1022 if (target_mode
!= ARM_MODE_ANY
)
1023 armv8_dpm_modeswitch(&armv8
->dpm
, ARM_MODE_ANY
);
1025 LOG_DEBUG("System_register: %8.8" PRIx32
, aarch64
->system_control_reg
);
1026 aarch64
->system_control_reg_curr
= aarch64
->system_control_reg
;
1028 if (armv8
->armv8_mmu
.armv8_cache
.info
== -1) {
1029 armv8_identify_cache(armv8
);
1030 armv8_read_mpidr(armv8
);
1033 armv8
->armv8_mmu
.mmu_enabled
=
1034 (aarch64
->system_control_reg
& 0x1U
) ? 1 : 0;
1035 armv8
->armv8_mmu
.armv8_cache
.d_u_cache_enabled
=
1036 (aarch64
->system_control_reg
& 0x4U
) ? 1 : 0;
1037 armv8
->armv8_mmu
.armv8_cache
.i_cache_enabled
=
1038 (aarch64
->system_control_reg
& 0x1000U
) ? 1 : 0;
1043 * single-step a target
1045 static int aarch64_step(struct target
*target
, int current
, target_addr_t address
,
1046 int handle_breakpoints
)
1048 struct armv8_common
*armv8
= target_to_armv8(target
);
1049 int saved_retval
= ERROR_OK
;
1053 if (target
->state
!= TARGET_HALTED
) {
1054 LOG_WARNING("target not halted");
1055 return ERROR_TARGET_NOT_HALTED
;
1058 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
1059 armv8
->debug_base
+ CPUV8_DBG_EDECR
, &edecr
);
1060 /* make sure EDECR.SS is not set when restoring the register */
1062 if (retval
== ERROR_OK
) {
1064 /* set EDECR.SS to enter hardware step mode */
1065 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1066 armv8
->debug_base
+ CPUV8_DBG_EDECR
, (edecr
|0x4));
1068 /* disable interrupts while stepping */
1069 if (retval
== ERROR_OK
)
1070 retval
= aarch64_set_dscr_bits(target
, 0x3 << 22, 0x3 << 22);
1071 /* bail out if stepping setup has failed */
1072 if (retval
!= ERROR_OK
)
1075 if (target
->smp
&& !handle_breakpoints
) {
1077 * isolate current target so that it doesn't get resumed
1078 * together with the others
1080 retval
= arm_cti_gate_channel(armv8
->cti
, 1);
1081 /* resume all other targets in the group */
1082 if (retval
== ERROR_OK
)
1083 retval
= aarch64_step_restart_smp(target
);
1084 if (retval
!= ERROR_OK
) {
1085 LOG_ERROR("Failed to restart non-stepping targets in SMP group");
1088 LOG_DEBUG("Restarted all non-stepping targets in SMP group");
1091 /* all other targets running, restore and restart the current target */
1092 retval
= aarch64_restore_one(target
, current
, &address
, 0, 0);
1093 if (retval
== ERROR_OK
)
1094 retval
= aarch64_restart_one(target
, RESTART_LAZY
);
1096 if (retval
!= ERROR_OK
)
1099 LOG_DEBUG("target step-resumed at 0x%" PRIx64
, address
);
1100 if (!handle_breakpoints
)
1101 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1103 int64_t then
= timeval_ms();
1108 retval
= aarch64_check_state_one(target
,
1109 PRSR_SDR
|PRSR_HALT
, PRSR_SDR
|PRSR_HALT
, &stepped
, &prsr
);
1110 if (retval
!= ERROR_OK
|| stepped
)
1113 if (timeval_ms() > then
+ 1000) {
1114 LOG_ERROR("timeout waiting for target %s halt after step",
1115 target_name(target
));
1116 retval
= ERROR_TARGET_TIMEOUT
;
1121 if (retval
== ERROR_TARGET_TIMEOUT
)
1122 saved_retval
= retval
;
1125 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1126 armv8
->debug_base
+ CPUV8_DBG_EDECR
, edecr
);
1127 if (retval
!= ERROR_OK
)
1130 /* restore interrupts */
1131 retval
= aarch64_set_dscr_bits(target
, 0x3 << 22, 0);
1132 if (retval
!= ERROR_OK
)
1135 if (saved_retval
!= ERROR_OK
)
1136 return saved_retval
;
1138 return aarch64_poll(target
);
1141 static int aarch64_restore_context(struct target
*target
, bool bpwp
)
1143 struct armv8_common
*armv8
= target_to_armv8(target
);
1144 struct arm
*arm
= &armv8
->arm
;
1148 LOG_DEBUG("%s", target_name(target
));
1150 if (armv8
->pre_restore_context
)
1151 armv8
->pre_restore_context(target
);
1153 retval
= armv8_dpm_write_dirty_registers(&armv8
->dpm
, bpwp
);
1154 if (retval
== ERROR_OK
) {
1155 /* registers are now invalid */
1156 register_cache_invalidate(arm
->core_cache
);
1157 register_cache_invalidate(arm
->core_cache
->next
);
1164 * Cortex-A8 Breakpoint and watchpoint functions
1167 /* Setup hardware Breakpoint Register Pair */
1168 static int aarch64_set_breakpoint(struct target
*target
,
1169 struct breakpoint
*breakpoint
, uint8_t matchmode
)
1174 uint8_t byte_addr_select
= 0x0F;
1175 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
1176 struct armv8_common
*armv8
= &aarch64
->armv8_common
;
1177 struct aarch64_brp
*brp_list
= aarch64
->brp_list
;
1179 if (breakpoint
->set
) {
1180 LOG_WARNING("breakpoint already set");
1184 if (breakpoint
->type
== BKPT_HARD
) {
1186 while (brp_list
[brp_i
].used
&& (brp_i
< aarch64
->brp_num
))
1188 if (brp_i
>= aarch64
->brp_num
) {
1189 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1190 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1192 breakpoint
->set
= brp_i
+ 1;
1193 if (breakpoint
->length
== 2)
1194 byte_addr_select
= (3 << (breakpoint
->address
& 0x02));
1195 control
= ((matchmode
& 0x7) << 20)
1197 | (byte_addr_select
<< 5)
1199 brp_list
[brp_i
].used
= 1;
1200 brp_list
[brp_i
].value
= breakpoint
->address
& 0xFFFFFFFFFFFFFFFC;
1201 brp_list
[brp_i
].control
= control
;
1202 bpt_value
= brp_list
[brp_i
].value
;
1204 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1205 + CPUV8_DBG_BVR_BASE
+ 16 * brp_list
[brp_i
].BRPn
,
1206 (uint32_t)(bpt_value
& 0xFFFFFFFF));
1207 if (retval
!= ERROR_OK
)
1209 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1210 + CPUV8_DBG_BVR_BASE
+ 4 + 16 * brp_list
[brp_i
].BRPn
,
1211 (uint32_t)(bpt_value
>> 32));
1212 if (retval
!= ERROR_OK
)
1215 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1216 + CPUV8_DBG_BCR_BASE
+ 16 * brp_list
[brp_i
].BRPn
,
1217 brp_list
[brp_i
].control
);
1218 if (retval
!= ERROR_OK
)
1220 LOG_DEBUG("brp %i control 0x%0" PRIx32
" value 0x%" TARGET_PRIxADDR
, brp_i
,
1221 brp_list
[brp_i
].control
,
1222 brp_list
[brp_i
].value
);
1224 } else if (breakpoint
->type
== BKPT_SOFT
) {
1227 buf_set_u32(code
, 0, 32, armv8_opcode(armv8
, ARMV8_OPC_HLT
));
1228 retval
= target_read_memory(target
,
1229 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1230 breakpoint
->length
, 1,
1231 breakpoint
->orig_instr
);
1232 if (retval
!= ERROR_OK
)
1235 armv8_cache_d_inner_flush_virt(armv8
,
1236 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1237 breakpoint
->length
);
1239 retval
= target_write_memory(target
,
1240 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1241 breakpoint
->length
, 1, code
);
1242 if (retval
!= ERROR_OK
)
1245 armv8_cache_d_inner_flush_virt(armv8
,
1246 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1247 breakpoint
->length
);
1249 armv8_cache_i_inner_inval_virt(armv8
,
1250 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1251 breakpoint
->length
);
1253 breakpoint
->set
= 0x11; /* Any nice value but 0 */
1256 /* Ensure that halting debug mode is enable */
1257 retval
= aarch64_set_dscr_bits(target
, DSCR_HDE
, DSCR_HDE
);
1258 if (retval
!= ERROR_OK
) {
1259 LOG_DEBUG("Failed to set DSCR.HDE");
1266 static int aarch64_set_context_breakpoint(struct target
*target
,
1267 struct breakpoint
*breakpoint
, uint8_t matchmode
)
1269 int retval
= ERROR_FAIL
;
1272 uint8_t byte_addr_select
= 0x0F;
1273 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
1274 struct armv8_common
*armv8
= &aarch64
->armv8_common
;
1275 struct aarch64_brp
*brp_list
= aarch64
->brp_list
;
1277 if (breakpoint
->set
) {
1278 LOG_WARNING("breakpoint already set");
1281 /*check available context BRPs*/
1282 while ((brp_list
[brp_i
].used
||
1283 (brp_list
[brp_i
].type
!= BRP_CONTEXT
)) && (brp_i
< aarch64
->brp_num
))
1286 if (brp_i
>= aarch64
->brp_num
) {
1287 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1291 breakpoint
->set
= brp_i
+ 1;
1292 control
= ((matchmode
& 0x7) << 20)
1294 | (byte_addr_select
<< 5)
1296 brp_list
[brp_i
].used
= 1;
1297 brp_list
[brp_i
].value
= (breakpoint
->asid
);
1298 brp_list
[brp_i
].control
= control
;
1299 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1300 + CPUV8_DBG_BVR_BASE
+ 16 * brp_list
[brp_i
].BRPn
,
1301 brp_list
[brp_i
].value
);
1302 if (retval
!= ERROR_OK
)
1304 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1305 + CPUV8_DBG_BCR_BASE
+ 16 * brp_list
[brp_i
].BRPn
,
1306 brp_list
[brp_i
].control
);
1307 if (retval
!= ERROR_OK
)
1309 LOG_DEBUG("brp %i control 0x%0" PRIx32
" value 0x%" TARGET_PRIxADDR
, brp_i
,
1310 brp_list
[brp_i
].control
,
1311 brp_list
[brp_i
].value
);
1316 static int aarch64_set_hybrid_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1318 int retval
= ERROR_FAIL
;
1319 int brp_1
= 0; /* holds the contextID pair */
1320 int brp_2
= 0; /* holds the IVA pair */
1321 uint32_t control_CTX
, control_IVA
;
1322 uint8_t CTX_byte_addr_select
= 0x0F;
1323 uint8_t IVA_byte_addr_select
= 0x0F;
1324 uint8_t CTX_machmode
= 0x03;
1325 uint8_t IVA_machmode
= 0x01;
1326 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
1327 struct armv8_common
*armv8
= &aarch64
->armv8_common
;
1328 struct aarch64_brp
*brp_list
= aarch64
->brp_list
;
1330 if (breakpoint
->set
) {
1331 LOG_WARNING("breakpoint already set");
1334 /*check available context BRPs*/
1335 while ((brp_list
[brp_1
].used
||
1336 (brp_list
[brp_1
].type
!= BRP_CONTEXT
)) && (brp_1
< aarch64
->brp_num
))
1339 printf("brp(CTX) found num: %d\n", brp_1
);
1340 if (brp_1
>= aarch64
->brp_num
) {
1341 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1345 while ((brp_list
[brp_2
].used
||
1346 (brp_list
[brp_2
].type
!= BRP_NORMAL
)) && (brp_2
< aarch64
->brp_num
))
1349 printf("brp(IVA) found num: %d\n", brp_2
);
1350 if (brp_2
>= aarch64
->brp_num
) {
1351 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1355 breakpoint
->set
= brp_1
+ 1;
1356 breakpoint
->linked_BRP
= brp_2
;
1357 control_CTX
= ((CTX_machmode
& 0x7) << 20)
1360 | (CTX_byte_addr_select
<< 5)
1362 brp_list
[brp_1
].used
= 1;
1363 brp_list
[brp_1
].value
= (breakpoint
->asid
);
1364 brp_list
[brp_1
].control
= control_CTX
;
1365 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1366 + CPUV8_DBG_BVR_BASE
+ 16 * brp_list
[brp_1
].BRPn
,
1367 brp_list
[brp_1
].value
);
1368 if (retval
!= ERROR_OK
)
1370 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1371 + CPUV8_DBG_BCR_BASE
+ 16 * brp_list
[brp_1
].BRPn
,
1372 brp_list
[brp_1
].control
);
1373 if (retval
!= ERROR_OK
)
1376 control_IVA
= ((IVA_machmode
& 0x7) << 20)
1379 | (IVA_byte_addr_select
<< 5)
1381 brp_list
[brp_2
].used
= 1;
1382 brp_list
[brp_2
].value
= breakpoint
->address
& 0xFFFFFFFFFFFFFFFC;
1383 brp_list
[brp_2
].control
= control_IVA
;
1384 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1385 + CPUV8_DBG_BVR_BASE
+ 16 * brp_list
[brp_2
].BRPn
,
1386 brp_list
[brp_2
].value
& 0xFFFFFFFF);
1387 if (retval
!= ERROR_OK
)
1389 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1390 + CPUV8_DBG_BVR_BASE
+ 4 + 16 * brp_list
[brp_2
].BRPn
,
1391 brp_list
[brp_2
].value
>> 32);
1392 if (retval
!= ERROR_OK
)
1394 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1395 + CPUV8_DBG_BCR_BASE
+ 16 * brp_list
[brp_2
].BRPn
,
1396 brp_list
[brp_2
].control
);
1397 if (retval
!= ERROR_OK
)
1403 static int aarch64_unset_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1406 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
1407 struct armv8_common
*armv8
= &aarch64
->armv8_common
;
1408 struct aarch64_brp
*brp_list
= aarch64
->brp_list
;
1410 if (!breakpoint
->set
) {
1411 LOG_WARNING("breakpoint not set");
1415 if (breakpoint
->type
== BKPT_HARD
) {
1416 if ((breakpoint
->address
!= 0) && (breakpoint
->asid
!= 0)) {
1417 int brp_i
= breakpoint
->set
- 1;
1418 int brp_j
= breakpoint
->linked_BRP
;
1419 if ((brp_i
< 0) || (brp_i
>= aarch64
->brp_num
)) {
1420 LOG_DEBUG("Invalid BRP number in breakpoint");
1423 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%" TARGET_PRIxADDR
, brp_i
,
1424 brp_list
[brp_i
].control
, brp_list
[brp_i
].value
);
1425 brp_list
[brp_i
].used
= 0;
1426 brp_list
[brp_i
].value
= 0;
1427 brp_list
[brp_i
].control
= 0;
1428 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1429 + CPUV8_DBG_BCR_BASE
+ 16 * brp_list
[brp_i
].BRPn
,
1430 brp_list
[brp_i
].control
);
1431 if (retval
!= ERROR_OK
)
1433 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1434 + CPUV8_DBG_BVR_BASE
+ 16 * brp_list
[brp_i
].BRPn
,
1435 (uint32_t)brp_list
[brp_i
].value
);
1436 if (retval
!= ERROR_OK
)
1438 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1439 + CPUV8_DBG_BVR_BASE
+ 4 + 16 * brp_list
[brp_i
].BRPn
,
1440 (uint32_t)brp_list
[brp_i
].value
);
1441 if (retval
!= ERROR_OK
)
1443 if ((brp_j
< 0) || (brp_j
>= aarch64
->brp_num
)) {
1444 LOG_DEBUG("Invalid BRP number in breakpoint");
1447 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx64
, brp_j
,
1448 brp_list
[brp_j
].control
, brp_list
[brp_j
].value
);
1449 brp_list
[brp_j
].used
= 0;
1450 brp_list
[brp_j
].value
= 0;
1451 brp_list
[brp_j
].control
= 0;
1452 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1453 + CPUV8_DBG_BCR_BASE
+ 16 * brp_list
[brp_j
].BRPn
,
1454 brp_list
[brp_j
].control
);
1455 if (retval
!= ERROR_OK
)
1457 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1458 + CPUV8_DBG_BVR_BASE
+ 16 * brp_list
[brp_j
].BRPn
,
1459 (uint32_t)brp_list
[brp_j
].value
);
1460 if (retval
!= ERROR_OK
)
1462 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1463 + CPUV8_DBG_BVR_BASE
+ 4 + 16 * brp_list
[brp_j
].BRPn
,
1464 (uint32_t)brp_list
[brp_j
].value
);
1465 if (retval
!= ERROR_OK
)
1468 breakpoint
->linked_BRP
= 0;
1469 breakpoint
->set
= 0;
1473 int brp_i
= breakpoint
->set
- 1;
1474 if ((brp_i
< 0) || (brp_i
>= aarch64
->brp_num
)) {
1475 LOG_DEBUG("Invalid BRP number in breakpoint");
1478 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx64
, brp_i
,
1479 brp_list
[brp_i
].control
, brp_list
[brp_i
].value
);
1480 brp_list
[brp_i
].used
= 0;
1481 brp_list
[brp_i
].value
= 0;
1482 brp_list
[brp_i
].control
= 0;
1483 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1484 + CPUV8_DBG_BCR_BASE
+ 16 * brp_list
[brp_i
].BRPn
,
1485 brp_list
[brp_i
].control
);
1486 if (retval
!= ERROR_OK
)
1488 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1489 + CPUV8_DBG_BVR_BASE
+ 16 * brp_list
[brp_i
].BRPn
,
1490 brp_list
[brp_i
].value
);
1491 if (retval
!= ERROR_OK
)
1494 retval
= aarch64_dap_write_memap_register_u32(target
, armv8
->debug_base
1495 + CPUV8_DBG_BVR_BASE
+ 4 + 16 * brp_list
[brp_i
].BRPn
,
1496 (uint32_t)brp_list
[brp_i
].value
);
1497 if (retval
!= ERROR_OK
)
1499 breakpoint
->set
= 0;
1503 /* restore original instruction (kept in target endianness) */
1505 armv8_cache_d_inner_flush_virt(armv8
,
1506 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1507 breakpoint
->length
);
1509 if (breakpoint
->length
== 4) {
1510 retval
= target_write_memory(target
,
1511 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1512 4, 1, breakpoint
->orig_instr
);
1513 if (retval
!= ERROR_OK
)
1516 retval
= target_write_memory(target
,
1517 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1518 2, 1, breakpoint
->orig_instr
);
1519 if (retval
!= ERROR_OK
)
1523 armv8_cache_d_inner_flush_virt(armv8
,
1524 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1525 breakpoint
->length
);
1527 armv8_cache_i_inner_inval_virt(armv8
,
1528 breakpoint
->address
& 0xFFFFFFFFFFFFFFFE,
1529 breakpoint
->length
);
1531 breakpoint
->set
= 0;
1536 static int aarch64_add_breakpoint(struct target
*target
,
1537 struct breakpoint
*breakpoint
)
1539 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
1541 if ((breakpoint
->type
== BKPT_HARD
) && (aarch64
->brp_num_available
< 1)) {
1542 LOG_INFO("no hardware breakpoint available");
1543 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1546 if (breakpoint
->type
== BKPT_HARD
)
1547 aarch64
->brp_num_available
--;
1549 return aarch64_set_breakpoint(target
, breakpoint
, 0x00); /* Exact match */
1552 static int aarch64_add_context_breakpoint(struct target
*target
,
1553 struct breakpoint
*breakpoint
)
1555 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
1557 if ((breakpoint
->type
== BKPT_HARD
) && (aarch64
->brp_num_available
< 1)) {
1558 LOG_INFO("no hardware breakpoint available");
1559 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1562 if (breakpoint
->type
== BKPT_HARD
)
1563 aarch64
->brp_num_available
--;
1565 return aarch64_set_context_breakpoint(target
, breakpoint
, 0x02); /* asid match */
1568 static int aarch64_add_hybrid_breakpoint(struct target
*target
,
1569 struct breakpoint
*breakpoint
)
1571 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
1573 if ((breakpoint
->type
== BKPT_HARD
) && (aarch64
->brp_num_available
< 1)) {
1574 LOG_INFO("no hardware breakpoint available");
1575 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1578 if (breakpoint
->type
== BKPT_HARD
)
1579 aarch64
->brp_num_available
--;
1581 return aarch64_set_hybrid_breakpoint(target
, breakpoint
); /* ??? */
1585 static int aarch64_remove_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1587 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
1590 /* It is perfectly possible to remove breakpoints while the target is running */
1591 if (target
->state
!= TARGET_HALTED
) {
1592 LOG_WARNING("target not halted");
1593 return ERROR_TARGET_NOT_HALTED
;
1597 if (breakpoint
->set
) {
1598 aarch64_unset_breakpoint(target
, breakpoint
);
1599 if (breakpoint
->type
== BKPT_HARD
)
1600 aarch64
->brp_num_available
++;
1607 * Cortex-A8 Reset functions
1610 static int aarch64_assert_reset(struct target
*target
)
1612 struct armv8_common
*armv8
= target_to_armv8(target
);
1616 /* FIXME when halt is requested, make it work somehow... */
1618 /* Issue some kind of warm reset. */
1619 if (target_has_event_action(target
, TARGET_EVENT_RESET_ASSERT
))
1620 target_handle_event(target
, TARGET_EVENT_RESET_ASSERT
);
1621 else if (jtag_get_reset_config() & RESET_HAS_SRST
) {
1622 /* REVISIT handle "pulls" cases, if there's
1623 * hardware that needs them to work.
1625 jtag_add_reset(0, 1);
1627 LOG_ERROR("%s: how to reset?", target_name(target
));
1631 /* registers are now invalid */
1632 if (target_was_examined(target
)) {
1633 register_cache_invalidate(armv8
->arm
.core_cache
);
1634 register_cache_invalidate(armv8
->arm
.core_cache
->next
);
1637 target
->state
= TARGET_RESET
;
1642 static int aarch64_deassert_reset(struct target
*target
)
1648 /* be certain SRST is off */
1649 jtag_add_reset(0, 0);
1651 if (!target_was_examined(target
))
1654 retval
= aarch64_poll(target
);
1655 if (retval
!= ERROR_OK
)
1658 if (target
->reset_halt
) {
1659 if (target
->state
!= TARGET_HALTED
) {
1660 LOG_WARNING("%s: ran after reset and before halt ...",
1661 target_name(target
));
1662 retval
= target_halt(target
);
1663 if (retval
!= ERROR_OK
)
1668 return aarch64_init_debug_access(target
);
1671 static int aarch64_write_cpu_memory_slow(struct target
*target
,
1672 uint32_t size
, uint32_t count
, const uint8_t *buffer
, uint32_t *dscr
)
1674 struct armv8_common
*armv8
= target_to_armv8(target
);
1675 struct arm_dpm
*dpm
= &armv8
->dpm
;
1676 struct arm
*arm
= &armv8
->arm
;
1679 armv8_reg_current(arm
, 1)->dirty
= true;
1681 /* change DCC to normal mode if necessary */
1682 if (*dscr
& DSCR_MA
) {
1684 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1685 armv8
->debug_base
+ CPUV8_DBG_DSCR
, *dscr
);
1686 if (retval
!= ERROR_OK
)
1691 uint32_t data
, opcode
;
1693 /* write the data to store into DTRRX */
1697 data
= target_buffer_get_u16(target
, buffer
);
1699 data
= target_buffer_get_u32(target
, buffer
);
1700 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1701 armv8
->debug_base
+ CPUV8_DBG_DTRRX
, data
);
1702 if (retval
!= ERROR_OK
)
1705 if (arm
->core_state
== ARM_STATE_AARCH64
)
1706 retval
= dpm
->instr_execute(dpm
, ARMV8_MRS(SYSTEM_DBG_DTRRX_EL0
, 1));
1708 retval
= dpm
->instr_execute(dpm
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0));
1709 if (retval
!= ERROR_OK
)
1713 opcode
= armv8_opcode(armv8
, ARMV8_OPC_STRB_IP
);
1715 opcode
= armv8_opcode(armv8
, ARMV8_OPC_STRH_IP
);
1717 opcode
= armv8_opcode(armv8
, ARMV8_OPC_STRW_IP
);
1718 retval
= dpm
->instr_execute(dpm
, opcode
);
1719 if (retval
!= ERROR_OK
)
1730 static int aarch64_write_cpu_memory_fast(struct target
*target
,
1731 uint32_t count
, const uint8_t *buffer
, uint32_t *dscr
)
1733 struct armv8_common
*armv8
= target_to_armv8(target
);
1734 struct arm
*arm
= &armv8
->arm
;
1737 armv8_reg_current(arm
, 1)->dirty
= true;
1739 /* Step 1.d - Change DCC to memory mode */
1741 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1742 armv8
->debug_base
+ CPUV8_DBG_DSCR
, *dscr
);
1743 if (retval
!= ERROR_OK
)
1747 /* Step 2.a - Do the write */
1748 retval
= mem_ap_write_buf_noincr(armv8
->debug_ap
,
1749 buffer
, 4, count
, armv8
->debug_base
+ CPUV8_DBG_DTRRX
);
1750 if (retval
!= ERROR_OK
)
1753 /* Step 3.a - Switch DTR mode back to Normal mode */
1755 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1756 armv8
->debug_base
+ CPUV8_DBG_DSCR
, *dscr
);
1757 if (retval
!= ERROR_OK
)
1763 static int aarch64_write_cpu_memory(struct target
*target
,
1764 uint64_t address
, uint32_t size
,
1765 uint32_t count
, const uint8_t *buffer
)
1767 /* write memory through APB-AP */
1768 int retval
= ERROR_COMMAND_SYNTAX_ERROR
;
1769 struct armv8_common
*armv8
= target_to_armv8(target
);
1770 struct arm_dpm
*dpm
= &armv8
->dpm
;
1771 struct arm
*arm
= &armv8
->arm
;
1774 if (target
->state
!= TARGET_HALTED
) {
1775 LOG_WARNING("target not halted");
1776 return ERROR_TARGET_NOT_HALTED
;
1779 /* Mark register X0 as dirty, as it will be used
1780 * for transferring the data.
1781 * It will be restored automatically when exiting
1784 armv8_reg_current(arm
, 0)->dirty
= true;
1786 /* This algorithm comes from DDI0487A.g, chapter J9.1 */
1789 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
1790 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
1791 if (retval
!= ERROR_OK
)
1794 /* Set Normal access mode */
1795 dscr
= (dscr
& ~DSCR_MA
);
1796 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1797 armv8
->debug_base
+ CPUV8_DBG_DSCR
, dscr
);
1799 if (arm
->core_state
== ARM_STATE_AARCH64
) {
1800 /* Write X0 with value 'address' using write procedure */
1801 /* Step 1.a+b - Write the address for read access into DBGDTR_EL0 */
1802 /* Step 1.c - Copy value from DTR to R0 using instruction mrs DBGDTR_EL0, x0 */
1803 retval
= dpm
->instr_write_data_dcc_64(dpm
,
1804 ARMV8_MRS(SYSTEM_DBG_DBGDTR_EL0
, 0), address
);
1806 /* Write R0 with value 'address' using write procedure */
1807 /* Step 1.a+b - Write the address for read access into DBGDTRRX */
1808 /* Step 1.c - Copy value from DTR to R0 using instruction mrc DBGDTRTXint, r0 */
1809 dpm
->instr_write_data_dcc(dpm
,
1810 ARMV4_5_MRC(14, 0, 0, 0, 5, 0), address
);
1813 if (size
== 4 && (address
% 4) == 0)
1814 retval
= aarch64_write_cpu_memory_fast(target
, count
, buffer
, &dscr
);
1816 retval
= aarch64_write_cpu_memory_slow(target
, size
, count
, buffer
, &dscr
);
1818 if (retval
!= ERROR_OK
) {
1819 /* Unset DTR mode */
1820 mem_ap_read_atomic_u32(armv8
->debug_ap
,
1821 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
1823 mem_ap_write_atomic_u32(armv8
->debug_ap
,
1824 armv8
->debug_base
+ CPUV8_DBG_DSCR
, dscr
);
1827 /* Check for sticky abort flags in the DSCR */
1828 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
1829 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
1830 if (retval
!= ERROR_OK
)
1834 if (dscr
& (DSCR_ERR
| DSCR_SYS_ERROR_PEND
)) {
1835 /* Abort occurred - clear it and exit */
1836 LOG_ERROR("abort occurred - dscr = 0x%08" PRIx32
, dscr
);
1837 armv8_dpm_handle_exception(dpm
);
1845 static int aarch64_read_cpu_memory_slow(struct target
*target
,
1846 uint32_t size
, uint32_t count
, uint8_t *buffer
, uint32_t *dscr
)
1848 struct armv8_common
*armv8
= target_to_armv8(target
);
1849 struct arm_dpm
*dpm
= &armv8
->dpm
;
1850 struct arm
*arm
= &armv8
->arm
;
1853 armv8_reg_current(arm
, 1)->dirty
= true;
1855 /* change DCC to normal mode (if necessary) */
1856 if (*dscr
& DSCR_MA
) {
1858 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1859 armv8
->debug_base
+ CPUV8_DBG_DSCR
, *dscr
);
1860 if (retval
!= ERROR_OK
)
1865 uint32_t opcode
, data
;
1868 opcode
= armv8_opcode(armv8
, ARMV8_OPC_LDRB_IP
);
1870 opcode
= armv8_opcode(armv8
, ARMV8_OPC_LDRH_IP
);
1872 opcode
= armv8_opcode(armv8
, ARMV8_OPC_LDRW_IP
);
1873 retval
= dpm
->instr_execute(dpm
, opcode
);
1874 if (retval
!= ERROR_OK
)
1877 if (arm
->core_state
== ARM_STATE_AARCH64
)
1878 retval
= dpm
->instr_execute(dpm
, ARMV8_MSR_GP(SYSTEM_DBG_DTRTX_EL0
, 1));
1880 retval
= dpm
->instr_execute(dpm
, ARMV4_5_MCR(14, 0, 1, 0, 5, 0));
1881 if (retval
!= ERROR_OK
)
1884 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
1885 armv8
->debug_base
+ CPUV8_DBG_DTRTX
, &data
);
1886 if (retval
!= ERROR_OK
)
1890 *buffer
= (uint8_t)data
;
1892 target_buffer_set_u16(target
, buffer
, (uint16_t)data
);
1894 target_buffer_set_u32(target
, buffer
, data
);
1904 static int aarch64_read_cpu_memory_fast(struct target
*target
,
1905 uint32_t count
, uint8_t *buffer
, uint32_t *dscr
)
1907 struct armv8_common
*armv8
= target_to_armv8(target
);
1908 struct arm_dpm
*dpm
= &armv8
->dpm
;
1909 struct arm
*arm
= &armv8
->arm
;
1913 /* Mark X1 as dirty */
1914 armv8_reg_current(arm
, 1)->dirty
= true;
1916 if (arm
->core_state
== ARM_STATE_AARCH64
) {
1917 /* Step 1.d - Dummy operation to ensure EDSCR.Txfull == 1 */
1918 retval
= dpm
->instr_execute(dpm
, ARMV8_MSR_GP(SYSTEM_DBG_DBGDTR_EL0
, 0));
1920 /* Step 1.d - Dummy operation to ensure EDSCR.Txfull == 1 */
1921 retval
= dpm
->instr_execute(dpm
, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
1924 /* Step 1.e - Change DCC to memory mode */
1926 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1927 armv8
->debug_base
+ CPUV8_DBG_DSCR
, *dscr
);
1928 /* Step 1.f - read DBGDTRTX and discard the value */
1929 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
1930 armv8
->debug_base
+ CPUV8_DBG_DTRTX
, &value
);
1933 /* Read the data - Each read of the DTRTX register causes the instruction to be reissued
1934 * Abort flags are sticky, so can be read at end of transactions
1936 * This data is read in aligned to 32 bit boundary.
1940 /* Step 2.a - Loop n-1 times, each read of DBGDTRTX reads the data from [X0] and
1941 * increments X0 by 4. */
1942 retval
= mem_ap_read_buf_noincr(armv8
->debug_ap
, buffer
, 4, count
,
1943 armv8
->debug_base
+ CPUV8_DBG_DTRTX
);
1944 if (retval
!= ERROR_OK
)
1948 /* Step 3.a - set DTR access mode back to Normal mode */
1950 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
1951 armv8
->debug_base
+ CPUV8_DBG_DSCR
, *dscr
);
1952 if (retval
!= ERROR_OK
)
1955 /* Step 3.b - read DBGDTRTX for the final value */
1956 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
1957 armv8
->debug_base
+ CPUV8_DBG_DTRTX
, &value
);
1958 if (retval
!= ERROR_OK
)
1961 target_buffer_set_u32(target
, buffer
+ count
* 4, value
);
1965 static int aarch64_read_cpu_memory(struct target
*target
,
1966 target_addr_t address
, uint32_t size
,
1967 uint32_t count
, uint8_t *buffer
)
1969 /* read memory through APB-AP */
1970 int retval
= ERROR_COMMAND_SYNTAX_ERROR
;
1971 struct armv8_common
*armv8
= target_to_armv8(target
);
1972 struct arm_dpm
*dpm
= &armv8
->dpm
;
1973 struct arm
*arm
= &armv8
->arm
;
1976 LOG_DEBUG("Reading CPU memory address 0x%016" PRIx64
" size %" PRIu32
" count %" PRIu32
,
1977 address
, size
, count
);
1979 if (target
->state
!= TARGET_HALTED
) {
1980 LOG_WARNING("target not halted");
1981 return ERROR_TARGET_NOT_HALTED
;
1984 /* Mark register X0 as dirty, as it will be used
1985 * for transferring the data.
1986 * It will be restored automatically when exiting
1989 armv8_reg_current(arm
, 0)->dirty
= true;
1992 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
1993 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
1995 /* This algorithm comes from DDI0487A.g, chapter J9.1 */
1997 /* Set Normal access mode */
1999 retval
+= mem_ap_write_atomic_u32(armv8
->debug_ap
,
2000 armv8
->debug_base
+ CPUV8_DBG_DSCR
, dscr
);
2002 if (arm
->core_state
== ARM_STATE_AARCH64
) {
2003 /* Write X0 with value 'address' using write procedure */
2004 /* Step 1.a+b - Write the address for read access into DBGDTR_EL0 */
2005 /* Step 1.c - Copy value from DTR to R0 using instruction mrs DBGDTR_EL0, x0 */
2006 retval
+= dpm
->instr_write_data_dcc_64(dpm
,
2007 ARMV8_MRS(SYSTEM_DBG_DBGDTR_EL0
, 0), address
);
2009 /* Write R0 with value 'address' using write procedure */
2010 /* Step 1.a+b - Write the address for read access into DBGDTRRXint */
2011 /* Step 1.c - Copy value from DTR to R0 using instruction mrc DBGDTRTXint, r0 */
2012 retval
+= dpm
->instr_write_data_dcc(dpm
,
2013 ARMV4_5_MRC(14, 0, 0, 0, 5, 0), address
);
2016 if (size
== 4 && (address
% 4) == 0)
2017 retval
= aarch64_read_cpu_memory_fast(target
, count
, buffer
, &dscr
);
2019 retval
= aarch64_read_cpu_memory_slow(target
, size
, count
, buffer
, &dscr
);
2021 if (dscr
& DSCR_MA
) {
2023 mem_ap_write_atomic_u32(armv8
->debug_ap
,
2024 armv8
->debug_base
+ CPUV8_DBG_DSCR
, dscr
);
2027 if (retval
!= ERROR_OK
)
2030 /* Check for sticky abort flags in the DSCR */
2031 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2032 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
2033 if (retval
!= ERROR_OK
)
2038 if (dscr
& (DSCR_ERR
| DSCR_SYS_ERROR_PEND
)) {
2039 /* Abort occurred - clear it and exit */
2040 LOG_ERROR("abort occurred - dscr = 0x%08" PRIx32
, dscr
);
2041 armv8_dpm_handle_exception(dpm
);
2049 static int aarch64_read_phys_memory(struct target
*target
,
2050 target_addr_t address
, uint32_t size
,
2051 uint32_t count
, uint8_t *buffer
)
2053 int retval
= ERROR_COMMAND_SYNTAX_ERROR
;
2055 if (count
&& buffer
) {
2056 /* read memory through APB-AP */
2057 retval
= aarch64_mmu_modify(target
, 0);
2058 if (retval
!= ERROR_OK
)
2060 retval
= aarch64_read_cpu_memory(target
, address
, size
, count
, buffer
);
2065 static int aarch64_read_memory(struct target
*target
, target_addr_t address
,
2066 uint32_t size
, uint32_t count
, uint8_t *buffer
)
2068 int mmu_enabled
= 0;
2071 /* determine if MMU was enabled on target stop */
2072 retval
= aarch64_mmu(target
, &mmu_enabled
);
2073 if (retval
!= ERROR_OK
)
2077 /* enable MMU as we could have disabled it for phys access */
2078 retval
= aarch64_mmu_modify(target
, 1);
2079 if (retval
!= ERROR_OK
)
2082 return aarch64_read_cpu_memory(target
, address
, size
, count
, buffer
);
2085 static int aarch64_write_phys_memory(struct target
*target
,
2086 target_addr_t address
, uint32_t size
,
2087 uint32_t count
, const uint8_t *buffer
)
2089 int retval
= ERROR_COMMAND_SYNTAX_ERROR
;
2091 if (count
&& buffer
) {
2092 /* write memory through APB-AP */
2093 retval
= aarch64_mmu_modify(target
, 0);
2094 if (retval
!= ERROR_OK
)
2096 return aarch64_write_cpu_memory(target
, address
, size
, count
, buffer
);
2102 static int aarch64_write_memory(struct target
*target
, target_addr_t address
,
2103 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
2105 int mmu_enabled
= 0;
2108 /* determine if MMU was enabled on target stop */
2109 retval
= aarch64_mmu(target
, &mmu_enabled
);
2110 if (retval
!= ERROR_OK
)
2114 /* enable MMU as we could have disabled it for phys access */
2115 retval
= aarch64_mmu_modify(target
, 1);
2116 if (retval
!= ERROR_OK
)
2119 return aarch64_write_cpu_memory(target
, address
, size
, count
, buffer
);
2122 static int aarch64_handle_target_request(void *priv
)
2124 struct target
*target
= priv
;
2125 struct armv8_common
*armv8
= target_to_armv8(target
);
2128 if (!target_was_examined(target
))
2130 if (!target
->dbg_msg_enabled
)
2133 if (target
->state
== TARGET_RUNNING
) {
2136 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2137 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
2139 /* check if we have data */
2140 while ((dscr
& DSCR_DTR_TX_FULL
) && (retval
== ERROR_OK
)) {
2141 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2142 armv8
->debug_base
+ CPUV8_DBG_DTRTX
, &request
);
2143 if (retval
== ERROR_OK
) {
2144 target_request(target
, request
);
2145 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2146 armv8
->debug_base
+ CPUV8_DBG_DSCR
, &dscr
);
2154 static int aarch64_examine_first(struct target
*target
)
2156 struct aarch64_common
*aarch64
= target_to_aarch64(target
);
2157 struct armv8_common
*armv8
= &aarch64
->armv8_common
;
2158 struct adiv5_dap
*swjdp
= armv8
->arm
.dap
;
2161 int retval
= ERROR_OK
;
2162 uint64_t debug
, ttypr
;
2164 uint32_t tmp0
, tmp1
;
2165 debug
= ttypr
= cpuid
= 0;
2167 retval
= dap_dp_init(swjdp
);
2168 if (retval
!= ERROR_OK
)
2171 /* Search for the APB-AB - it is needed for access to debug registers */
2172 retval
= dap_find_ap(swjdp
, AP_TYPE_APB_AP
, &armv8
->debug_ap
);
2173 if (retval
!= ERROR_OK
) {
2174 LOG_ERROR("Could not find APB-AP for debug access");
2178 retval
= mem_ap_init(armv8
->debug_ap
);
2179 if (retval
!= ERROR_OK
) {
2180 LOG_ERROR("Could not initialize the APB-AP");
2184 armv8
->debug_ap
->memaccess_tck
= 10;
2186 if (!target
->dbgbase_set
) {
2188 /* Get ROM Table base */
2190 int32_t coreidx
= target
->coreid
;
2191 retval
= dap_get_debugbase(armv8
->debug_ap
, &dbgbase
, &apid
);
2192 if (retval
!= ERROR_OK
)
2194 /* Lookup 0x15 -- Processor DAP */
2195 retval
= dap_lookup_cs_component(armv8
->debug_ap
, dbgbase
, 0x15,
2196 &armv8
->debug_base
, &coreidx
);
2197 if (retval
!= ERROR_OK
)
2199 LOG_DEBUG("Detected core %" PRId32
" dbgbase: %08" PRIx32
2200 " apid: %08" PRIx32
, coreidx
, armv8
->debug_base
, apid
);
2202 armv8
->debug_base
= target
->dbgbase
;
2205 int64_t then
= timeval_ms();
2207 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2208 armv8
->debug_base
+ CPUV8_DBG_PRSR
, &prsr
);
2209 if (retval
== ERROR_OK
) {
2210 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
2211 armv8
->debug_base
+ CPUV8_DBG_PRCR
, PRCR_COREPURQ
|PRCR_CORENPDRQ
);
2212 if (retval
!= ERROR_OK
) {
2213 LOG_DEBUG("write to PRCR failed");
2218 if (timeval_ms() > then
+ 1000) {
2219 retval
= ERROR_TARGET_TIMEOUT
;
2223 } while ((prsr
& PRSR_PU
) == 0);
2225 if (retval
!= ERROR_OK
) {
2226 LOG_ERROR("target %s: failed to set power state of the core.", target_name(target
));
2230 retval
= mem_ap_write_atomic_u32(armv8
->debug_ap
,
2231 armv8
->debug_base
+ CPUV8_DBG_OSLAR
, 0);
2232 if (retval
!= ERROR_OK
) {
2233 LOG_DEBUG("Examine %s failed", "oslock");
2237 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2238 armv8
->debug_base
+ CPUV8_DBG_MAINID0
, &cpuid
);
2239 if (retval
!= ERROR_OK
) {
2240 LOG_DEBUG("Examine %s failed", "CPUID");
2244 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2245 armv8
->debug_base
+ CPUV8_DBG_MEMFEATURE0
, &tmp0
);
2246 retval
+= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2247 armv8
->debug_base
+ CPUV8_DBG_MEMFEATURE0
+ 4, &tmp1
);
2248 if (retval
!= ERROR_OK
) {
2249 LOG_DEBUG("Examine %s failed", "Memory Model Type");
2253 ttypr
= (ttypr
<< 32) | tmp0
;
2255 retval
= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2256 armv8
->debug_base
+ CPUV8_DBG_DBGFEATURE0
, &tmp0
);
2257 retval
+= mem_ap_read_atomic_u32(armv8
->debug_ap
,
2258 armv8
->debug_base
+ CPUV8_DBG_DBGFEATURE0
+ 4, &tmp1
);
2259 if (retval
!= ERROR_OK
) {
2260 LOG_DEBUG("Examine %s failed", "ID_AA64DFR0_EL1");
2264 debug
= (debug
<< 32) | tmp0
;
2266 LOG_DEBUG("cpuid = 0x%08" PRIx32
, cpuid
);
2267 LOG_DEBUG("ttypr = 0x%08" PRIx64
, ttypr
);
2268 LOG_DEBUG("debug = 0x%08" PRIx64
, debug
);
2270 if (target
->ctibase
== 0) {
2271 /* assume a v8 rom table layout */
2272 cti_base
= armv8
->debug_base
+ 0x10000;
2273 LOG_INFO("Target ctibase is not set, assuming 0x%0" PRIx32
, cti_base
);
2275 cti_base
= target
->ctibase
;
2277 armv8
->cti
= arm_cti_create(armv8
->debug_ap
, cti_base
);
2278 if (armv8
->cti
== NULL
)
2281 retval
= aarch64_dpm_setup(aarch64
, debug
);
2282 if (retval
!= ERROR_OK
)
2285 /* Setup Breakpoint Register Pairs */
2286 aarch64
->brp_num
= (uint32_t)((debug
>> 12) & 0x0F) + 1;
2287 aarch64
->brp_num_context
= (uint32_t)((debug
>> 28) & 0x0F) + 1;
2288 aarch64
->brp_num_available
= aarch64
->brp_num
;
2289 aarch64
->brp_list
= calloc(aarch64
->brp_num
, sizeof(struct aarch64_brp
));
2290 for (i
= 0; i
< aarch64
->brp_num
; i
++) {
2291 aarch64
->brp_list
[i
].used
= 0;
2292 if (i
< (aarch64
->brp_num
-aarch64
->brp_num_context
))
2293 aarch64
->brp_list
[i
].type
= BRP_NORMAL
;
2295 aarch64
->brp_list
[i
].type
= BRP_CONTEXT
;
2296 aarch64
->brp_list
[i
].value
= 0;
2297 aarch64
->brp_list
[i
].control
= 0;
2298 aarch64
->brp_list
[i
].BRPn
= i
;
2301 LOG_DEBUG("Configured %i hw breakpoints", aarch64
->brp_num
);
2303 target
->state
= TARGET_RUNNING
;
2304 target
->debug_reason
= DBG_REASON_NOTHALTED
;
2306 target_set_examined(target
);
2310 static int aarch64_examine(struct target
*target
)
2312 int retval
= ERROR_OK
;
2314 /* don't re-probe hardware after each reset */
2315 if (!target_was_examined(target
))
2316 retval
= aarch64_examine_first(target
);
2318 /* Configure core debug access */
2319 if (retval
== ERROR_OK
)
2320 retval
= aarch64_init_debug_access(target
);
2326 * Cortex-A8 target creation and initialization
2329 static int aarch64_init_target(struct command_context
*cmd_ctx
,
2330 struct target
*target
)
2332 /* examine_first() does a bunch of this */
2336 static int aarch64_init_arch_info(struct target
*target
,
2337 struct aarch64_common
*aarch64
, struct jtag_tap
*tap
)
2339 struct armv8_common
*armv8
= &aarch64
->armv8_common
;
2341 /* Setup struct aarch64_common */
2342 aarch64
->common_magic
= AARCH64_COMMON_MAGIC
;
2343 /* tap has no dap initialized */
2345 tap
->dap
= dap_init();
2346 tap
->dap
->tap
= tap
;
2348 armv8
->arm
.dap
= tap
->dap
;
2350 /* register arch-specific functions */
2351 armv8
->examine_debug_reason
= NULL
;
2352 armv8
->post_debug_entry
= aarch64_post_debug_entry
;
2353 armv8
->pre_restore_context
= NULL
;
2354 armv8
->armv8_mmu
.read_physical_memory
= aarch64_read_phys_memory
;
2356 armv8_init_arch_info(target
, armv8
);
2357 target_register_timer_callback(aarch64_handle_target_request
, 1, 1, target
);
2362 static int aarch64_target_create(struct target
*target
, Jim_Interp
*interp
)
2364 struct aarch64_common
*aarch64
= calloc(1, sizeof(struct aarch64_common
));
2366 return aarch64_init_arch_info(target
, aarch64
, target
->tap
);
2369 static int aarch64_mmu(struct target
*target
, int *enabled
)
2371 if (target
->state
!= TARGET_HALTED
) {
2372 LOG_ERROR("%s: target %s not halted", __func__
, target_name(target
));
2373 return ERROR_TARGET_INVALID
;
2376 *enabled
= target_to_aarch64(target
)->armv8_common
.armv8_mmu
.mmu_enabled
;
2380 static int aarch64_virt2phys(struct target
*target
, target_addr_t virt
,
2381 target_addr_t
*phys
)
2383 return armv8_mmu_translate_va_pa(target
, virt
, phys
, 1);
2386 COMMAND_HANDLER(aarch64_handle_cache_info_command
)
2388 struct target
*target
= get_current_target(CMD_CTX
);
2389 struct armv8_common
*armv8
= target_to_armv8(target
);
2391 return armv8_handle_cache_info_command(CMD_CTX
,
2392 &armv8
->armv8_mmu
.armv8_cache
);
2396 COMMAND_HANDLER(aarch64_handle_dbginit_command
)
2398 struct target
*target
= get_current_target(CMD_CTX
);
2399 if (!target_was_examined(target
)) {
2400 LOG_ERROR("target not examined yet");
2404 return aarch64_init_debug_access(target
);
2406 COMMAND_HANDLER(aarch64_handle_smp_off_command
)
2408 struct target
*target
= get_current_target(CMD_CTX
);
2409 /* check target is an smp target */
2410 struct target_list
*head
;
2411 struct target
*curr
;
2412 head
= target
->head
;
2414 if (head
!= (struct target_list
*)NULL
) {
2415 while (head
!= (struct target_list
*)NULL
) {
2416 curr
= head
->target
;
2420 /* fixes the target display to the debugger */
2421 target
->gdb_service
->target
= target
;
2426 COMMAND_HANDLER(aarch64_handle_smp_on_command
)
2428 struct target
*target
= get_current_target(CMD_CTX
);
2429 struct target_list
*head
;
2430 struct target
*curr
;
2431 head
= target
->head
;
2432 if (head
!= (struct target_list
*)NULL
) {
2434 while (head
!= (struct target_list
*)NULL
) {
2435 curr
= head
->target
;
2443 static const struct command_registration aarch64_exec_command_handlers
[] = {
2445 .name
= "cache_info",
2446 .handler
= aarch64_handle_cache_info_command
,
2447 .mode
= COMMAND_EXEC
,
2448 .help
= "display information about target caches",
2453 .handler
= aarch64_handle_dbginit_command
,
2454 .mode
= COMMAND_EXEC
,
2455 .help
= "Initialize core debug",
2458 { .name
= "smp_off",
2459 .handler
= aarch64_handle_smp_off_command
,
2460 .mode
= COMMAND_EXEC
,
2461 .help
= "Stop smp handling",
2466 .handler
= aarch64_handle_smp_on_command
,
2467 .mode
= COMMAND_EXEC
,
2468 .help
= "Restart smp handling",
2472 COMMAND_REGISTRATION_DONE
2474 static const struct command_registration aarch64_command_handlers
[] = {
2476 .chain
= armv8_command_handlers
,
2480 .mode
= COMMAND_ANY
,
2481 .help
= "Aarch64 command group",
2483 .chain
= aarch64_exec_command_handlers
,
2485 COMMAND_REGISTRATION_DONE
2488 struct target_type aarch64_target
= {
2491 .poll
= aarch64_poll
,
2492 .arch_state
= armv8_arch_state
,
2494 .halt
= aarch64_halt
,
2495 .resume
= aarch64_resume
,
2496 .step
= aarch64_step
,
2498 .assert_reset
= aarch64_assert_reset
,
2499 .deassert_reset
= aarch64_deassert_reset
,
2501 /* REVISIT allow exporting VFP3 registers ... */
2502 .get_gdb_reg_list
= armv8_get_gdb_reg_list
,
2504 .read_memory
= aarch64_read_memory
,
2505 .write_memory
= aarch64_write_memory
,
2507 .add_breakpoint
= aarch64_add_breakpoint
,
2508 .add_context_breakpoint
= aarch64_add_context_breakpoint
,
2509 .add_hybrid_breakpoint
= aarch64_add_hybrid_breakpoint
,
2510 .remove_breakpoint
= aarch64_remove_breakpoint
,
2511 .add_watchpoint
= NULL
,
2512 .remove_watchpoint
= NULL
,
2514 .commands
= aarch64_command_handlers
,
2515 .target_create
= aarch64_target_create
,
2516 .init_target
= aarch64_init_target
,
2517 .examine
= aarch64_examine
,
2519 .read_phys_memory
= aarch64_read_phys_memory
,
2520 .write_phys_memory
= aarch64_write_phys_memory
,
2522 .virt2phys
= aarch64_virt2phys
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)