1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2006 by Magnus Lundin *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
11 * Copyright (C) 2009 by Dirk Behme *
12 * dirk.behme@gmail.com - copy from cortex_m3 *
14 * Copyright (C) 2010 Øyvind Harboe *
15 * oyvind.harboe@zylin.com *
17 * Copyright (C) ST-Ericsson SA 2011 *
18 * michel.jaouen@stericsson.com : smp minimum support *
20 * Copyright (C) Broadcom 2012 *
21 * ehunter@broadcom.com : Cortex-R4 support *
23 * Copyright (C) 2013 Kamal Dasu *
24 * kdasu.kdev@gmail.com *
26 * This program is free software; you can redistribute it and/or modify *
27 * it under the terms of the GNU General Public License as published by *
28 * the Free Software Foundation; either version 2 of the License, or *
29 * (at your option) any later version. *
31 * This program is distributed in the hope that it will be useful, *
32 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
33 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
34 * GNU General Public License for more details. *
36 * You should have received a copy of the GNU General Public License *
37 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
39 * Cortex-A8(tm) TRM, ARM DDI 0344H *
40 * Cortex-A9(tm) TRM, ARM DDI 0407F *
41 * Cortex-A4(tm) TRM, ARM DDI 0363E *
42 * Cortex-A15(tm)TRM, ARM DDI 0438C *
44 ***************************************************************************/
50 #include "breakpoints.h"
53 #include "target_request.h"
54 #include "target_type.h"
55 #include "arm_opcodes.h"
56 #include <helper/time_support.h>
58 static int cortex_a_poll(struct target
*target
);
59 static int cortex_a_debug_entry(struct target
*target
);
60 static int cortex_a_restore_context(struct target
*target
, bool bpwp
);
61 static int cortex_a_set_breakpoint(struct target
*target
,
62 struct breakpoint
*breakpoint
, uint8_t matchmode
);
63 static int cortex_a_set_context_breakpoint(struct target
*target
,
64 struct breakpoint
*breakpoint
, uint8_t matchmode
);
65 static int cortex_a_set_hybrid_breakpoint(struct target
*target
,
66 struct breakpoint
*breakpoint
);
67 static int cortex_a_unset_breakpoint(struct target
*target
,
68 struct breakpoint
*breakpoint
);
69 static int cortex_a_dap_read_coreregister_u32(struct target
*target
,
70 uint32_t *value
, int regnum
);
71 static int cortex_a_dap_write_coreregister_u32(struct target
*target
,
72 uint32_t value
, int regnum
);
73 static int cortex_a_mmu(struct target
*target
, int *enabled
);
74 static int cortex_a_mmu_modify(struct target
*target
, int enable
);
75 static int cortex_a_virt2phys(struct target
*target
,
76 uint32_t virt
, uint32_t *phys
);
77 static int cortex_a_read_cpu_memory(struct target
*target
,
78 uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
);
81 /* restore cp15_control_reg at resume */
82 static int cortex_a_restore_cp15_control_reg(struct target
*target
)
84 int retval
= ERROR_OK
;
85 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
86 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
88 if (cortex_a
->cp15_control_reg
!= cortex_a
->cp15_control_reg_curr
) {
89 cortex_a
->cp15_control_reg_curr
= cortex_a
->cp15_control_reg
;
90 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_a->cp15_control_reg); */
91 retval
= armv7a
->arm
.mcr(target
, 15,
94 cortex_a
->cp15_control_reg
);
100 * Set up ARM core for memory access.
101 * If !phys_access, switch to SVC mode and make sure MMU is on
102 * If phys_access, switch off mmu
104 static int cortex_a_prep_memaccess(struct target
*target
, int phys_access
)
106 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
107 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
110 if (phys_access
== 0) {
111 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_SVC
);
112 cortex_a_mmu(target
, &mmu_enabled
);
114 cortex_a_mmu_modify(target
, 1);
115 if (cortex_a
->dacrfixup_mode
== CORTEX_A_DACRFIXUP_ON
) {
116 /* overwrite DACR to all-manager */
117 armv7a
->arm
.mcr(target
, 15,
122 cortex_a_mmu(target
, &mmu_enabled
);
124 cortex_a_mmu_modify(target
, 0);
130 * Restore ARM core after memory access.
131 * If !phys_access, switch to previous mode
132 * If phys_access, restore MMU setting
134 static int cortex_a_post_memaccess(struct target
*target
, int phys_access
)
136 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
137 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
139 if (phys_access
== 0) {
140 if (cortex_a
->dacrfixup_mode
== CORTEX_A_DACRFIXUP_ON
) {
142 armv7a
->arm
.mcr(target
, 15,
144 cortex_a
->cp15_dacr_reg
);
146 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
149 cortex_a_mmu(target
, &mmu_enabled
);
151 cortex_a_mmu_modify(target
, 1);
157 /* modify cp15_control_reg in order to enable or disable mmu for :
158 * - virt2phys address conversion
159 * - read or write memory in phys or virt address */
160 static int cortex_a_mmu_modify(struct target
*target
, int enable
)
162 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
163 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
164 int retval
= ERROR_OK
;
168 /* if mmu enabled at target stop and mmu not enable */
169 if (!(cortex_a
->cp15_control_reg
& 0x1U
)) {
170 LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
173 if ((cortex_a
->cp15_control_reg_curr
& 0x1U
) == 0) {
174 cortex_a
->cp15_control_reg_curr
|= 0x1U
;
178 if ((cortex_a
->cp15_control_reg_curr
& 0x1U
) == 0x1U
) {
179 cortex_a
->cp15_control_reg_curr
&= ~0x1U
;
185 LOG_DEBUG("%s, writing cp15 ctrl: %" PRIx32
,
186 enable
? "enable mmu" : "disable mmu",
187 cortex_a
->cp15_control_reg_curr
);
189 retval
= armv7a
->arm
.mcr(target
, 15,
192 cortex_a
->cp15_control_reg_curr
);
198 * Cortex-A Basic debug access, very low level assumes state is saved
200 static int cortex_a8_init_debug_access(struct target
*target
)
202 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
207 /* Unlocking the debug registers for modification
208 * The debugport might be uninitialised so try twice */
209 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
210 armv7a
->debug_base
+ CPUDBG_LOCKACCESS
, 0xC5ACCE55);
211 if (retval
!= ERROR_OK
) {
213 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
214 armv7a
->debug_base
+ CPUDBG_LOCKACCESS
, 0xC5ACCE55);
215 if (retval
== ERROR_OK
)
217 "Locking debug access failed on first, but succeeded on second try.");
224 * Cortex-A Basic debug access, very low level assumes state is saved
226 static int cortex_a_init_debug_access(struct target
*target
)
228 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
231 uint32_t cortex_part_num
;
232 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
235 cortex_part_num
= (cortex_a
->cpuid
& CORTEX_A_MIDR_PARTNUM_MASK
) >>
236 CORTEX_A_MIDR_PARTNUM_SHIFT
;
238 switch (cortex_part_num
) {
239 case CORTEX_A7_PARTNUM
:
240 case CORTEX_A15_PARTNUM
:
241 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
242 armv7a
->debug_base
+ CPUDBG_OSLSR
,
244 if (retval
!= ERROR_OK
)
247 LOG_DEBUG("DBGOSLSR 0x%" PRIx32
, dbg_osreg
);
249 if (dbg_osreg
& CPUDBG_OSLAR_LK_MASK
)
250 /* Unlocking the DEBUG OS registers for modification */
251 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
252 armv7a
->debug_base
+ CPUDBG_OSLAR
,
256 case CORTEX_A5_PARTNUM
:
257 case CORTEX_A8_PARTNUM
:
258 case CORTEX_A9_PARTNUM
:
260 retval
= cortex_a8_init_debug_access(target
);
263 if (retval
!= ERROR_OK
)
265 /* Clear Sticky Power Down status Bit in PRSR to enable access to
266 the registers in the Core Power Domain */
267 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
268 armv7a
->debug_base
+ CPUDBG_PRSR
, &dbg_osreg
);
269 LOG_DEBUG("target->coreid %" PRId32
" DBGPRSR 0x%" PRIx32
, target
->coreid
, dbg_osreg
);
271 if (retval
!= ERROR_OK
)
274 /* Disable cacheline fills and force cache write-through in debug state */
275 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
276 armv7a
->debug_base
+ CPUDBG_DSCCR
, 0);
277 if (retval
!= ERROR_OK
)
280 /* Disable TLB lookup and refill/eviction in debug state */
281 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
282 armv7a
->debug_base
+ CPUDBG_DSMCR
, 0);
283 if (retval
!= ERROR_OK
)
286 /* Enabling of instruction execution in debug mode is done in debug_entry code */
288 /* Resync breakpoint registers */
290 /* Since this is likely called from init or reset, update target state information*/
291 return cortex_a_poll(target
);
294 static int cortex_a_wait_instrcmpl(struct target
*target
, uint32_t *dscr
, bool force
)
296 /* Waits until InstrCmpl_l becomes 1, indicating instruction is done.
297 * Writes final value of DSCR into *dscr. Pass force to force always
298 * reading DSCR at least once. */
299 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
300 int64_t then
= timeval_ms();
301 while ((*dscr
& DSCR_INSTR_COMP
) == 0 || force
) {
303 int retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
304 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
305 if (retval
!= ERROR_OK
) {
306 LOG_ERROR("Could not read DSCR register");
309 if (timeval_ms() > then
+ 1000) {
310 LOG_ERROR("Timeout waiting for InstrCompl=1");
317 /* To reduce needless round-trips, pass in a pointer to the current
318 * DSCR value. Initialize it to zero if you just need to know the
319 * value on return from this function; or DSCR_INSTR_COMP if you
320 * happen to know that no instruction is pending.
322 static int cortex_a_exec_opcode(struct target
*target
,
323 uint32_t opcode
, uint32_t *dscr_p
)
327 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
329 dscr
= dscr_p
? *dscr_p
: 0;
331 LOG_DEBUG("exec opcode 0x%08" PRIx32
, opcode
);
333 /* Wait for InstrCompl bit to be set */
334 retval
= cortex_a_wait_instrcmpl(target
, dscr_p
, false);
335 if (retval
!= ERROR_OK
)
338 retval
= mem_ap_write_u32(armv7a
->debug_ap
,
339 armv7a
->debug_base
+ CPUDBG_ITR
, opcode
);
340 if (retval
!= ERROR_OK
)
343 int64_t then
= timeval_ms();
345 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
346 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
347 if (retval
!= ERROR_OK
) {
348 LOG_ERROR("Could not read DSCR register");
351 if (timeval_ms() > then
+ 1000) {
352 LOG_ERROR("Timeout waiting for cortex_a_exec_opcode");
355 } while ((dscr
& DSCR_INSTR_COMP
) == 0); /* Wait for InstrCompl bit to be set */
363 /**************************************************************************
364 Read core register with very few exec_opcode, fast but needs work_area.
365 This can cause problems with MMU active.
366 **************************************************************************/
367 static int cortex_a_read_regs_through_mem(struct target
*target
, uint32_t address
,
370 int retval
= ERROR_OK
;
371 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
373 retval
= cortex_a_dap_read_coreregister_u32(target
, regfile
, 0);
374 if (retval
!= ERROR_OK
)
376 retval
= cortex_a_dap_write_coreregister_u32(target
, address
, 0);
377 if (retval
!= ERROR_OK
)
379 retval
= cortex_a_exec_opcode(target
, ARMV4_5_STMIA(0, 0xFFFE, 0, 0), NULL
);
380 if (retval
!= ERROR_OK
)
383 retval
= mem_ap_read_buf(armv7a
->memory_ap
,
384 (uint8_t *)(®file
[1]), 4, 15, address
);
389 static int cortex_a_dap_read_coreregister_u32(struct target
*target
,
390 uint32_t *value
, int regnum
)
392 int retval
= ERROR_OK
;
393 uint8_t reg
= regnum
&0xFF;
395 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
401 /* Rn to DCCTX, "MCR p14, 0, Rn, c0, c5, 0" 0xEE00nE15 */
402 retval
= cortex_a_exec_opcode(target
,
403 ARMV4_5_MCR(14, 0, reg
, 0, 5, 0),
405 if (retval
!= ERROR_OK
)
407 } else if (reg
== 15) {
408 /* "MOV r0, r15"; then move r0 to DCCTX */
409 retval
= cortex_a_exec_opcode(target
, 0xE1A0000F, &dscr
);
410 if (retval
!= ERROR_OK
)
412 retval
= cortex_a_exec_opcode(target
,
413 ARMV4_5_MCR(14, 0, 0, 0, 5, 0),
415 if (retval
!= ERROR_OK
)
418 /* "MRS r0, CPSR" or "MRS r0, SPSR"
419 * then move r0 to DCCTX
421 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRS(0, reg
& 1), &dscr
);
422 if (retval
!= ERROR_OK
)
424 retval
= cortex_a_exec_opcode(target
,
425 ARMV4_5_MCR(14, 0, 0, 0, 5, 0),
427 if (retval
!= ERROR_OK
)
431 /* Wait for DTRRXfull then read DTRRTX */
432 int64_t then
= timeval_ms();
433 while ((dscr
& DSCR_DTR_TX_FULL
) == 0) {
434 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
435 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
436 if (retval
!= ERROR_OK
)
438 if (timeval_ms() > then
+ 1000) {
439 LOG_ERROR("Timeout waiting for cortex_a_exec_opcode");
444 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
445 armv7a
->debug_base
+ CPUDBG_DTRTX
, value
);
446 LOG_DEBUG("read DCC 0x%08" PRIx32
, *value
);
451 static int cortex_a_dap_write_coreregister_u32(struct target
*target
,
452 uint32_t value
, int regnum
)
454 int retval
= ERROR_OK
;
455 uint8_t Rd
= regnum
&0xFF;
457 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
459 LOG_DEBUG("register %i, value 0x%08" PRIx32
, regnum
, value
);
461 /* Check that DCCRX is not full */
462 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
463 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
464 if (retval
!= ERROR_OK
)
466 if (dscr
& DSCR_DTR_RX_FULL
) {
467 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32
, dscr
);
468 /* Clear DCCRX with MRC(p14, 0, Rd, c0, c5, 0), opcode 0xEE100E15 */
469 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
471 if (retval
!= ERROR_OK
)
478 /* Write DTRRX ... sets DSCR.DTRRXfull but exec_opcode() won't care */
479 LOG_DEBUG("write DCC 0x%08" PRIx32
, value
);
480 retval
= mem_ap_write_u32(armv7a
->debug_ap
,
481 armv7a
->debug_base
+ CPUDBG_DTRRX
, value
);
482 if (retval
!= ERROR_OK
)
486 /* DCCRX to Rn, "MRC p14, 0, Rn, c0, c5, 0", 0xEE10nE15 */
487 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, Rd
, 0, 5, 0),
490 if (retval
!= ERROR_OK
)
492 } else if (Rd
== 15) {
493 /* DCCRX to R0, "MRC p14, 0, R0, c0, c5, 0", 0xEE100E15
496 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
498 if (retval
!= ERROR_OK
)
500 retval
= cortex_a_exec_opcode(target
, 0xE1A0F000, &dscr
);
501 if (retval
!= ERROR_OK
)
504 /* DCCRX to R0, "MRC p14, 0, R0, c0, c5, 0", 0xEE100E15
505 * then "MSR CPSR_cxsf, r0" or "MSR SPSR_cxsf, r0" (all fields)
507 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
509 if (retval
!= ERROR_OK
)
511 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MSR_GP(0, 0xF, Rd
& 1),
513 if (retval
!= ERROR_OK
)
516 /* "Prefetch flush" after modifying execution status in CPSR */
518 retval
= cortex_a_exec_opcode(target
,
519 ARMV4_5_MCR(15, 0, 0, 7, 5, 4),
521 if (retval
!= ERROR_OK
)
529 /* Write to memory mapped registers directly with no cache or mmu handling */
530 static int cortex_a_dap_write_memap_register_u32(struct target
*target
,
535 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
537 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
, address
, value
);
543 * Cortex-A implementation of Debug Programmer's Model
545 * NOTE the invariant: these routines return with DSCR_INSTR_COMP set,
546 * so there's no need to poll for it before executing an instruction.
548 * NOTE that in several of these cases the "stall" mode might be useful.
549 * It'd let us queue a few operations together... prepare/finish might
550 * be the places to enable/disable that mode.
553 static inline struct cortex_a_common
*dpm_to_a(struct arm_dpm
*dpm
)
555 return container_of(dpm
, struct cortex_a_common
, armv7a_common
.dpm
);
558 static int cortex_a_write_dcc(struct cortex_a_common
*a
, uint32_t data
)
560 LOG_DEBUG("write DCC 0x%08" PRIx32
, data
);
561 return mem_ap_write_u32(a
->armv7a_common
.debug_ap
,
562 a
->armv7a_common
.debug_base
+ CPUDBG_DTRRX
, data
);
565 static int cortex_a_read_dcc(struct cortex_a_common
*a
, uint32_t *data
,
568 uint32_t dscr
= DSCR_INSTR_COMP
;
574 /* Wait for DTRRXfull */
575 int64_t then
= timeval_ms();
576 while ((dscr
& DSCR_DTR_TX_FULL
) == 0) {
577 retval
= mem_ap_read_atomic_u32(a
->armv7a_common
.debug_ap
,
578 a
->armv7a_common
.debug_base
+ CPUDBG_DSCR
,
580 if (retval
!= ERROR_OK
)
582 if (timeval_ms() > then
+ 1000) {
583 LOG_ERROR("Timeout waiting for read dcc");
588 retval
= mem_ap_read_atomic_u32(a
->armv7a_common
.debug_ap
,
589 a
->armv7a_common
.debug_base
+ CPUDBG_DTRTX
, data
);
590 if (retval
!= ERROR_OK
)
592 /* LOG_DEBUG("read DCC 0x%08" PRIx32, *data); */
600 static int cortex_a_dpm_prepare(struct arm_dpm
*dpm
)
602 struct cortex_a_common
*a
= dpm_to_a(dpm
);
606 /* set up invariant: INSTR_COMP is set after ever DPM operation */
607 int64_t then
= timeval_ms();
609 retval
= mem_ap_read_atomic_u32(a
->armv7a_common
.debug_ap
,
610 a
->armv7a_common
.debug_base
+ CPUDBG_DSCR
,
612 if (retval
!= ERROR_OK
)
614 if ((dscr
& DSCR_INSTR_COMP
) != 0)
616 if (timeval_ms() > then
+ 1000) {
617 LOG_ERROR("Timeout waiting for dpm prepare");
622 /* this "should never happen" ... */
623 if (dscr
& DSCR_DTR_RX_FULL
) {
624 LOG_ERROR("DSCR_DTR_RX_FULL, dscr 0x%08" PRIx32
, dscr
);
626 retval
= cortex_a_exec_opcode(
627 a
->armv7a_common
.arm
.target
,
628 ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
630 if (retval
!= ERROR_OK
)
637 static int cortex_a_dpm_finish(struct arm_dpm
*dpm
)
639 /* REVISIT what could be done here? */
643 static int cortex_a_instr_write_data_dcc(struct arm_dpm
*dpm
,
644 uint32_t opcode
, uint32_t data
)
646 struct cortex_a_common
*a
= dpm_to_a(dpm
);
648 uint32_t dscr
= DSCR_INSTR_COMP
;
650 retval
= cortex_a_write_dcc(a
, data
);
651 if (retval
!= ERROR_OK
)
654 return cortex_a_exec_opcode(
655 a
->armv7a_common
.arm
.target
,
660 static int cortex_a_instr_write_data_r0(struct arm_dpm
*dpm
,
661 uint32_t opcode
, uint32_t data
)
663 struct cortex_a_common
*a
= dpm_to_a(dpm
);
664 uint32_t dscr
= DSCR_INSTR_COMP
;
667 retval
= cortex_a_write_dcc(a
, data
);
668 if (retval
!= ERROR_OK
)
671 /* DCCRX to R0, "MCR p14, 0, R0, c0, c5, 0", 0xEE000E15 */
672 retval
= cortex_a_exec_opcode(
673 a
->armv7a_common
.arm
.target
,
674 ARMV4_5_MRC(14, 0, 0, 0, 5, 0),
676 if (retval
!= ERROR_OK
)
679 /* then the opcode, taking data from R0 */
680 retval
= cortex_a_exec_opcode(
681 a
->armv7a_common
.arm
.target
,
688 static int cortex_a_instr_cpsr_sync(struct arm_dpm
*dpm
)
690 struct target
*target
= dpm
->arm
->target
;
691 uint32_t dscr
= DSCR_INSTR_COMP
;
693 /* "Prefetch flush" after modifying execution status in CPSR */
694 return cortex_a_exec_opcode(target
,
695 ARMV4_5_MCR(15, 0, 0, 7, 5, 4),
699 static int cortex_a_instr_read_data_dcc(struct arm_dpm
*dpm
,
700 uint32_t opcode
, uint32_t *data
)
702 struct cortex_a_common
*a
= dpm_to_a(dpm
);
704 uint32_t dscr
= DSCR_INSTR_COMP
;
706 /* the opcode, writing data to DCC */
707 retval
= cortex_a_exec_opcode(
708 a
->armv7a_common
.arm
.target
,
711 if (retval
!= ERROR_OK
)
714 return cortex_a_read_dcc(a
, data
, &dscr
);
718 static int cortex_a_instr_read_data_r0(struct arm_dpm
*dpm
,
719 uint32_t opcode
, uint32_t *data
)
721 struct cortex_a_common
*a
= dpm_to_a(dpm
);
722 uint32_t dscr
= DSCR_INSTR_COMP
;
725 /* the opcode, writing data to R0 */
726 retval
= cortex_a_exec_opcode(
727 a
->armv7a_common
.arm
.target
,
730 if (retval
!= ERROR_OK
)
733 /* write R0 to DCC */
734 retval
= cortex_a_exec_opcode(
735 a
->armv7a_common
.arm
.target
,
736 ARMV4_5_MCR(14, 0, 0, 0, 5, 0),
738 if (retval
!= ERROR_OK
)
741 return cortex_a_read_dcc(a
, data
, &dscr
);
744 static int cortex_a_bpwp_enable(struct arm_dpm
*dpm
, unsigned index_t
,
745 uint32_t addr
, uint32_t control
)
747 struct cortex_a_common
*a
= dpm_to_a(dpm
);
748 uint32_t vr
= a
->armv7a_common
.debug_base
;
749 uint32_t cr
= a
->armv7a_common
.debug_base
;
753 case 0 ... 15: /* breakpoints */
754 vr
+= CPUDBG_BVR_BASE
;
755 cr
+= CPUDBG_BCR_BASE
;
757 case 16 ... 31: /* watchpoints */
758 vr
+= CPUDBG_WVR_BASE
;
759 cr
+= CPUDBG_WCR_BASE
;
768 LOG_DEBUG("A: bpwp enable, vr %08x cr %08x",
769 (unsigned) vr
, (unsigned) cr
);
771 retval
= cortex_a_dap_write_memap_register_u32(dpm
->arm
->target
,
773 if (retval
!= ERROR_OK
)
775 retval
= cortex_a_dap_write_memap_register_u32(dpm
->arm
->target
,
780 static int cortex_a_bpwp_disable(struct arm_dpm
*dpm
, unsigned index_t
)
782 struct cortex_a_common
*a
= dpm_to_a(dpm
);
787 cr
= a
->armv7a_common
.debug_base
+ CPUDBG_BCR_BASE
;
790 cr
= a
->armv7a_common
.debug_base
+ CPUDBG_WCR_BASE
;
798 LOG_DEBUG("A: bpwp disable, cr %08x", (unsigned) cr
);
800 /* clear control register */
801 return cortex_a_dap_write_memap_register_u32(dpm
->arm
->target
, cr
, 0);
804 static int cortex_a_dpm_setup(struct cortex_a_common
*a
, uint32_t didr
)
806 struct arm_dpm
*dpm
= &a
->armv7a_common
.dpm
;
809 dpm
->arm
= &a
->armv7a_common
.arm
;
812 dpm
->prepare
= cortex_a_dpm_prepare
;
813 dpm
->finish
= cortex_a_dpm_finish
;
815 dpm
->instr_write_data_dcc
= cortex_a_instr_write_data_dcc
;
816 dpm
->instr_write_data_r0
= cortex_a_instr_write_data_r0
;
817 dpm
->instr_cpsr_sync
= cortex_a_instr_cpsr_sync
;
819 dpm
->instr_read_data_dcc
= cortex_a_instr_read_data_dcc
;
820 dpm
->instr_read_data_r0
= cortex_a_instr_read_data_r0
;
822 dpm
->bpwp_enable
= cortex_a_bpwp_enable
;
823 dpm
->bpwp_disable
= cortex_a_bpwp_disable
;
825 retval
= arm_dpm_setup(dpm
);
826 if (retval
== ERROR_OK
)
827 retval
= arm_dpm_initialize(dpm
);
831 static struct target
*get_cortex_a(struct target
*target
, int32_t coreid
)
833 struct target_list
*head
;
837 while (head
!= (struct target_list
*)NULL
) {
839 if ((curr
->coreid
== coreid
) && (curr
->state
== TARGET_HALTED
))
845 static int cortex_a_halt(struct target
*target
);
847 static int cortex_a_halt_smp(struct target
*target
)
850 struct target_list
*head
;
853 while (head
!= (struct target_list
*)NULL
) {
855 if ((curr
!= target
) && (curr
->state
!= TARGET_HALTED
))
856 retval
+= cortex_a_halt(curr
);
862 static int update_halt_gdb(struct target
*target
)
865 if (target
->gdb_service
&& target
->gdb_service
->core
[0] == -1) {
866 target
->gdb_service
->target
= target
;
867 target
->gdb_service
->core
[0] = target
->coreid
;
868 retval
+= cortex_a_halt_smp(target
);
874 * Cortex-A Run control
877 static int cortex_a_poll(struct target
*target
)
879 int retval
= ERROR_OK
;
881 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
882 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
883 enum target_state prev_target_state
= target
->state
;
884 /* toggle to another core is done by gdb as follow */
885 /* maint packet J core_id */
887 /* the next polling trigger an halt event sent to gdb */
888 if ((target
->state
== TARGET_HALTED
) && (target
->smp
) &&
889 (target
->gdb_service
) &&
890 (target
->gdb_service
->target
== NULL
)) {
891 target
->gdb_service
->target
=
892 get_cortex_a(target
, target
->gdb_service
->core
[1]);
893 target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
896 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
897 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
898 if (retval
!= ERROR_OK
)
900 cortex_a
->cpudbg_dscr
= dscr
;
902 if (DSCR_RUN_MODE(dscr
) == (DSCR_CORE_HALTED
| DSCR_CORE_RESTARTED
)) {
903 if (prev_target_state
!= TARGET_HALTED
) {
904 /* We have a halting debug event */
905 LOG_DEBUG("Target halted");
906 target
->state
= TARGET_HALTED
;
907 if ((prev_target_state
== TARGET_RUNNING
)
908 || (prev_target_state
== TARGET_UNKNOWN
)
909 || (prev_target_state
== TARGET_RESET
)) {
910 retval
= cortex_a_debug_entry(target
);
911 if (retval
!= ERROR_OK
)
914 retval
= update_halt_gdb(target
);
915 if (retval
!= ERROR_OK
)
918 target_call_event_callbacks(target
,
919 TARGET_EVENT_HALTED
);
921 if (prev_target_state
== TARGET_DEBUG_RUNNING
) {
924 retval
= cortex_a_debug_entry(target
);
925 if (retval
!= ERROR_OK
)
928 retval
= update_halt_gdb(target
);
929 if (retval
!= ERROR_OK
)
933 target_call_event_callbacks(target
,
934 TARGET_EVENT_DEBUG_HALTED
);
937 } else if (DSCR_RUN_MODE(dscr
) == DSCR_CORE_RESTARTED
)
938 target
->state
= TARGET_RUNNING
;
940 LOG_DEBUG("Unknown target state dscr = 0x%08" PRIx32
, dscr
);
941 target
->state
= TARGET_UNKNOWN
;
947 static int cortex_a_halt(struct target
*target
)
949 int retval
= ERROR_OK
;
951 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
954 * Tell the core to be halted by writing DRCR with 0x1
955 * and then wait for the core to be halted.
957 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
958 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_HALT
);
959 if (retval
!= ERROR_OK
)
963 * enter halting debug mode
965 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
966 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
967 if (retval
!= ERROR_OK
)
970 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
971 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
| DSCR_HALT_DBG_MODE
);
972 if (retval
!= ERROR_OK
)
975 int64_t then
= timeval_ms();
977 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
978 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
979 if (retval
!= ERROR_OK
)
981 if ((dscr
& DSCR_CORE_HALTED
) != 0)
983 if (timeval_ms() > then
+ 1000) {
984 LOG_ERROR("Timeout waiting for halt");
989 target
->debug_reason
= DBG_REASON_DBGRQ
;
994 static int cortex_a_internal_restore(struct target
*target
, int current
,
995 uint32_t *address
, int handle_breakpoints
, int debug_execution
)
997 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
998 struct arm
*arm
= &armv7a
->arm
;
1002 if (!debug_execution
)
1003 target_free_all_working_areas(target
);
1006 if (debug_execution
) {
1007 /* Disable interrupts */
1008 /* We disable interrupts in the PRIMASK register instead of
1009 * masking with C_MASKINTS,
1010 * This is probably the same issue as Cortex-M3 Errata 377493:
1011 * C_MASKINTS in parallel with disabled interrupts can cause
1012 * local faults to not be taken. */
1013 buf_set_u32(armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].value
, 0, 32, 1);
1014 armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].dirty
= 1;
1015 armv7m
->core_cache
->reg_list
[ARMV7M_PRIMASK
].valid
= 1;
1017 /* Make sure we are in Thumb mode */
1018 buf_set_u32(armv7m
->core_cache
->reg_list
[ARMV7M_xPSR
].value
, 0, 32,
1019 buf_get_u32(armv7m
->core_cache
->reg_list
[ARMV7M_xPSR
].value
, 0,
1021 armv7m
->core_cache
->reg_list
[ARMV7M_xPSR
].dirty
= 1;
1022 armv7m
->core_cache
->reg_list
[ARMV7M_xPSR
].valid
= 1;
1026 /* current = 1: continue on current pc, otherwise continue at <address> */
1027 resume_pc
= buf_get_u32(arm
->pc
->value
, 0, 32);
1029 resume_pc
= *address
;
1031 *address
= resume_pc
;
1033 /* Make sure that the Armv7 gdb thumb fixups does not
1034 * kill the return address
1036 switch (arm
->core_state
) {
1038 resume_pc
&= 0xFFFFFFFC;
1040 case ARM_STATE_THUMB
:
1041 case ARM_STATE_THUMB_EE
:
1042 /* When the return address is loaded into PC
1043 * bit 0 must be 1 to stay in Thumb state
1047 case ARM_STATE_JAZELLE
:
1048 LOG_ERROR("How do I resume into Jazelle state??");
1051 LOG_DEBUG("resume pc = 0x%08" PRIx32
, resume_pc
);
1052 buf_set_u32(arm
->pc
->value
, 0, 32, resume_pc
);
1056 /* restore dpm_mode at system halt */
1057 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
1058 /* called it now before restoring context because it uses cpu
1059 * register r0 for restoring cp15 control register */
1060 retval
= cortex_a_restore_cp15_control_reg(target
);
1061 if (retval
!= ERROR_OK
)
1063 retval
= cortex_a_restore_context(target
, handle_breakpoints
);
1064 if (retval
!= ERROR_OK
)
1066 target
->debug_reason
= DBG_REASON_NOTHALTED
;
1067 target
->state
= TARGET_RUNNING
;
1069 /* registers are now invalid */
1070 register_cache_invalidate(arm
->core_cache
);
1073 /* the front-end may request us not to handle breakpoints */
1074 if (handle_breakpoints
) {
1075 /* Single step past breakpoint at current address */
1076 breakpoint
= breakpoint_find(target
, resume_pc
);
1078 LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint
->address
);
1079 cortex_m3_unset_breakpoint(target
, breakpoint
);
1080 cortex_m3_single_step_core(target
);
1081 cortex_m3_set_breakpoint(target
, breakpoint
);
1089 static int cortex_a_internal_restart(struct target
*target
)
1091 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1092 struct arm
*arm
= &armv7a
->arm
;
1096 * * Restart core and wait for it to be started. Clear ITRen and sticky
1097 * * exception flags: see ARMv7 ARM, C5.9.
1099 * REVISIT: for single stepping, we probably want to
1100 * disable IRQs by default, with optional override...
1103 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1104 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1105 if (retval
!= ERROR_OK
)
1108 if ((dscr
& DSCR_INSTR_COMP
) == 0)
1109 LOG_ERROR("DSCR InstrCompl must be set before leaving debug!");
1111 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1112 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
& ~DSCR_ITR_EN
);
1113 if (retval
!= ERROR_OK
)
1116 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1117 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_RESTART
|
1118 DRCR_CLEAR_EXCEPTIONS
);
1119 if (retval
!= ERROR_OK
)
1122 int64_t then
= timeval_ms();
1124 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1125 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1126 if (retval
!= ERROR_OK
)
1128 if ((dscr
& DSCR_CORE_RESTARTED
) != 0)
1130 if (timeval_ms() > then
+ 1000) {
1131 LOG_ERROR("Timeout waiting for resume");
1136 target
->debug_reason
= DBG_REASON_NOTHALTED
;
1137 target
->state
= TARGET_RUNNING
;
1139 /* registers are now invalid */
1140 register_cache_invalidate(arm
->core_cache
);
1145 static int cortex_a_restore_smp(struct target
*target
, int handle_breakpoints
)
1148 struct target_list
*head
;
1149 struct target
*curr
;
1151 head
= target
->head
;
1152 while (head
!= (struct target_list
*)NULL
) {
1153 curr
= head
->target
;
1154 if ((curr
!= target
) && (curr
->state
!= TARGET_RUNNING
)) {
1155 /* resume current address , not in step mode */
1156 retval
+= cortex_a_internal_restore(curr
, 1, &address
,
1157 handle_breakpoints
, 0);
1158 retval
+= cortex_a_internal_restart(curr
);
1166 static int cortex_a_resume(struct target
*target
, int current
,
1167 uint32_t address
, int handle_breakpoints
, int debug_execution
)
1170 /* dummy resume for smp toggle in order to reduce gdb impact */
1171 if ((target
->smp
) && (target
->gdb_service
->core
[1] != -1)) {
1172 /* simulate a start and halt of target */
1173 target
->gdb_service
->target
= NULL
;
1174 target
->gdb_service
->core
[0] = target
->gdb_service
->core
[1];
1175 /* fake resume at next poll we play the target core[1], see poll*/
1176 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1179 cortex_a_internal_restore(target
, current
, &address
, handle_breakpoints
, debug_execution
);
1181 target
->gdb_service
->core
[0] = -1;
1182 retval
= cortex_a_restore_smp(target
, handle_breakpoints
);
1183 if (retval
!= ERROR_OK
)
1186 cortex_a_internal_restart(target
);
1188 if (!debug_execution
) {
1189 target
->state
= TARGET_RUNNING
;
1190 target_call_event_callbacks(target
, TARGET_EVENT_RESUMED
);
1191 LOG_DEBUG("target resumed at 0x%" PRIx32
, address
);
1193 target
->state
= TARGET_DEBUG_RUNNING
;
1194 target_call_event_callbacks(target
, TARGET_EVENT_DEBUG_RESUMED
);
1195 LOG_DEBUG("target debug resumed at 0x%" PRIx32
, address
);
1201 static int cortex_a_debug_entry(struct target
*target
)
1204 uint32_t regfile
[16], cpsr
, dscr
;
1205 int retval
= ERROR_OK
;
1206 struct working_area
*regfile_working_area
= NULL
;
1207 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1208 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1209 struct arm
*arm
= &armv7a
->arm
;
1212 LOG_DEBUG("dscr = 0x%08" PRIx32
, cortex_a
->cpudbg_dscr
);
1214 /* REVISIT surely we should not re-read DSCR !! */
1215 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1216 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1217 if (retval
!= ERROR_OK
)
1220 /* REVISIT see A TRM 12.11.4 steps 2..3 -- make sure that any
1221 * imprecise data aborts get discarded by issuing a Data
1222 * Synchronization Barrier: ARMV4_5_MCR(15, 0, 0, 7, 10, 4).
1225 /* Enable the ITR execution once we are in debug mode */
1226 dscr
|= DSCR_ITR_EN
;
1227 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1228 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1229 if (retval
!= ERROR_OK
)
1232 /* Examine debug reason */
1233 arm_dpm_report_dscr(&armv7a
->dpm
, cortex_a
->cpudbg_dscr
);
1235 /* save address of instruction that triggered the watchpoint? */
1236 if (target
->debug_reason
== DBG_REASON_WATCHPOINT
) {
1239 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1240 armv7a
->debug_base
+ CPUDBG_WFAR
,
1242 if (retval
!= ERROR_OK
)
1244 arm_dpm_report_wfar(&armv7a
->dpm
, wfar
);
1247 /* REVISIT fast_reg_read is never set ... */
1249 /* Examine target state and mode */
1250 if (cortex_a
->fast_reg_read
)
1251 target_alloc_working_area(target
, 64, ®file_working_area
);
1253 /* First load register acessible through core debug port*/
1254 if (!regfile_working_area
)
1255 retval
= arm_dpm_read_current_registers(&armv7a
->dpm
);
1257 retval
= cortex_a_read_regs_through_mem(target
,
1258 regfile_working_area
->address
, regfile
);
1260 target_free_working_area(target
, regfile_working_area
);
1261 if (retval
!= ERROR_OK
)
1264 /* read Current PSR */
1265 retval
= cortex_a_dap_read_coreregister_u32(target
, &cpsr
, 16);
1266 /* store current cpsr */
1267 if (retval
!= ERROR_OK
)
1270 LOG_DEBUG("cpsr: %8.8" PRIx32
, cpsr
);
1272 arm_set_cpsr(arm
, cpsr
);
1275 for (i
= 0; i
<= ARM_PC
; i
++) {
1276 reg
= arm_reg_current(arm
, i
);
1278 buf_set_u32(reg
->value
, 0, 32, regfile
[i
]);
1283 /* Fixup PC Resume Address */
1284 if (cpsr
& (1 << 5)) {
1285 /* T bit set for Thumb or ThumbEE state */
1286 regfile
[ARM_PC
] -= 4;
1289 regfile
[ARM_PC
] -= 8;
1293 buf_set_u32(reg
->value
, 0, 32, regfile
[ARM_PC
]);
1294 reg
->dirty
= reg
->valid
;
1298 /* TODO, Move this */
1299 uint32_t cp15_control_register
, cp15_cacr
, cp15_nacr
;
1300 cortex_a_read_cp(target
, &cp15_control_register
, 15, 0, 1, 0, 0);
1301 LOG_DEBUG("cp15_control_register = 0x%08x", cp15_control_register
);
1303 cortex_a_read_cp(target
, &cp15_cacr
, 15, 0, 1, 0, 2);
1304 LOG_DEBUG("cp15 Coprocessor Access Control Register = 0x%08x", cp15_cacr
);
1306 cortex_a_read_cp(target
, &cp15_nacr
, 15, 0, 1, 1, 2);
1307 LOG_DEBUG("cp15 Nonsecure Access Control Register = 0x%08x", cp15_nacr
);
1310 /* Are we in an exception handler */
1311 /* armv4_5->exception_number = 0; */
1312 if (armv7a
->post_debug_entry
) {
1313 retval
= armv7a
->post_debug_entry(target
);
1314 if (retval
!= ERROR_OK
)
1321 static int cortex_a_post_debug_entry(struct target
*target
)
1323 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1324 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1327 /* MRC p15,0,<Rt>,c1,c0,0 ; Read CP15 System Control Register */
1328 retval
= armv7a
->arm
.mrc(target
, 15,
1329 0, 0, /* op1, op2 */
1330 1, 0, /* CRn, CRm */
1331 &cortex_a
->cp15_control_reg
);
1332 if (retval
!= ERROR_OK
)
1334 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, cortex_a
->cp15_control_reg
);
1335 cortex_a
->cp15_control_reg_curr
= cortex_a
->cp15_control_reg
;
1337 if (armv7a
->armv7a_mmu
.armv7a_cache
.info
== -1)
1338 armv7a_identify_cache(target
);
1340 if (armv7a
->is_armv7r
) {
1341 armv7a
->armv7a_mmu
.mmu_enabled
= 0;
1343 armv7a
->armv7a_mmu
.mmu_enabled
=
1344 (cortex_a
->cp15_control_reg
& 0x1U
) ? 1 : 0;
1346 armv7a
->armv7a_mmu
.armv7a_cache
.d_u_cache_enabled
=
1347 (cortex_a
->cp15_control_reg
& 0x4U
) ? 1 : 0;
1348 armv7a
->armv7a_mmu
.armv7a_cache
.i_cache_enabled
=
1349 (cortex_a
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
1350 cortex_a
->curr_mode
= armv7a
->arm
.core_mode
;
1352 /* switch to SVC mode to read DACR */
1353 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_SVC
);
1354 armv7a
->arm
.mrc(target
, 15,
1356 &cortex_a
->cp15_dacr_reg
);
1358 LOG_DEBUG("cp15_dacr_reg: %8.8" PRIx32
,
1359 cortex_a
->cp15_dacr_reg
);
1361 dpm_modeswitch(&armv7a
->dpm
, ARM_MODE_ANY
);
1365 int cortex_a_set_dscr_bits(struct target
*target
, unsigned long bit_mask
, unsigned long value
)
1367 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1371 int retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1372 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
1373 if (ERROR_OK
!= retval
)
1376 /* clear bitfield */
1379 dscr
|= value
& bit_mask
;
1381 /* write new DSCR */
1382 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1383 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1387 static int cortex_a_step(struct target
*target
, int current
, uint32_t address
,
1388 int handle_breakpoints
)
1390 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1391 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1392 struct arm
*arm
= &armv7a
->arm
;
1393 struct breakpoint
*breakpoint
= NULL
;
1394 struct breakpoint stepbreakpoint
;
1398 if (target
->state
!= TARGET_HALTED
) {
1399 LOG_WARNING("target not halted");
1400 return ERROR_TARGET_NOT_HALTED
;
1403 /* current = 1: continue on current pc, otherwise continue at <address> */
1406 buf_set_u32(r
->value
, 0, 32, address
);
1408 address
= buf_get_u32(r
->value
, 0, 32);
1410 /* The front-end may request us not to handle breakpoints.
1411 * But since Cortex-A uses breakpoint for single step,
1412 * we MUST handle breakpoints.
1414 handle_breakpoints
= 1;
1415 if (handle_breakpoints
) {
1416 breakpoint
= breakpoint_find(target
, address
);
1418 cortex_a_unset_breakpoint(target
, breakpoint
);
1421 /* Setup single step breakpoint */
1422 stepbreakpoint
.address
= address
;
1423 stepbreakpoint
.length
= (arm
->core_state
== ARM_STATE_THUMB
)
1425 stepbreakpoint
.type
= BKPT_HARD
;
1426 stepbreakpoint
.set
= 0;
1428 /* Disable interrupts during single step if requested */
1429 if (cortex_a
->isrmasking_mode
== CORTEX_A_ISRMASK_ON
) {
1430 retval
= cortex_a_set_dscr_bits(target
, DSCR_INT_DIS
, DSCR_INT_DIS
);
1431 if (ERROR_OK
!= retval
)
1435 /* Break on IVA mismatch */
1436 cortex_a_set_breakpoint(target
, &stepbreakpoint
, 0x04);
1438 target
->debug_reason
= DBG_REASON_SINGLESTEP
;
1440 retval
= cortex_a_resume(target
, 1, address
, 0, 0);
1441 if (retval
!= ERROR_OK
)
1444 int64_t then
= timeval_ms();
1445 while (target
->state
!= TARGET_HALTED
) {
1446 retval
= cortex_a_poll(target
);
1447 if (retval
!= ERROR_OK
)
1449 if (timeval_ms() > then
+ 1000) {
1450 LOG_ERROR("timeout waiting for target halt");
1455 cortex_a_unset_breakpoint(target
, &stepbreakpoint
);
1457 /* Re-enable interrupts if they were disabled */
1458 if (cortex_a
->isrmasking_mode
== CORTEX_A_ISRMASK_ON
) {
1459 retval
= cortex_a_set_dscr_bits(target
, DSCR_INT_DIS
, 0);
1460 if (ERROR_OK
!= retval
)
1465 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
1468 cortex_a_set_breakpoint(target
, breakpoint
, 0);
1470 if (target
->state
!= TARGET_HALTED
)
1471 LOG_DEBUG("target stepped");
1476 static int cortex_a_restore_context(struct target
*target
, bool bpwp
)
1478 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1482 if (armv7a
->pre_restore_context
)
1483 armv7a
->pre_restore_context(target
);
1485 return arm_dpm_write_dirty_registers(&armv7a
->dpm
, bpwp
);
1489 * Cortex-A Breakpoint and watchpoint functions
1492 /* Setup hardware Breakpoint Register Pair */
1493 static int cortex_a_set_breakpoint(struct target
*target
,
1494 struct breakpoint
*breakpoint
, uint8_t matchmode
)
1499 uint8_t byte_addr_select
= 0x0F;
1500 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1501 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1502 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1504 if (breakpoint
->set
) {
1505 LOG_WARNING("breakpoint already set");
1509 if (breakpoint
->type
== BKPT_HARD
) {
1510 while (brp_list
[brp_i
].used
&& (brp_i
< cortex_a
->brp_num
))
1512 if (brp_i
>= cortex_a
->brp_num
) {
1513 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1514 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1516 breakpoint
->set
= brp_i
+ 1;
1517 if (breakpoint
->length
== 2)
1518 byte_addr_select
= (3 << (breakpoint
->address
& 0x02));
1519 control
= ((matchmode
& 0x7) << 20)
1520 | (byte_addr_select
<< 5)
1522 brp_list
[brp_i
].used
= 1;
1523 brp_list
[brp_i
].value
= (breakpoint
->address
& 0xFFFFFFFC);
1524 brp_list
[brp_i
].control
= control
;
1525 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1526 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1527 brp_list
[brp_i
].value
);
1528 if (retval
!= ERROR_OK
)
1530 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1531 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1532 brp_list
[brp_i
].control
);
1533 if (retval
!= ERROR_OK
)
1535 LOG_DEBUG("brp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1536 brp_list
[brp_i
].control
,
1537 brp_list
[brp_i
].value
);
1538 } else if (breakpoint
->type
== BKPT_SOFT
) {
1540 if (breakpoint
->length
== 2)
1541 buf_set_u32(code
, 0, 32, ARMV5_T_BKPT(0x11));
1543 buf_set_u32(code
, 0, 32, ARMV5_BKPT(0x11));
1544 retval
= target_read_memory(target
,
1545 breakpoint
->address
& 0xFFFFFFFE,
1546 breakpoint
->length
, 1,
1547 breakpoint
->orig_instr
);
1548 if (retval
!= ERROR_OK
)
1551 /* make sure data cache is cleaned & invalidated down to PoC */
1552 if (!armv7a
->armv7a_mmu
.armv7a_cache
.auto_cache_enabled
) {
1553 armv7a_cache_flush_virt(target
, breakpoint
->address
,
1554 breakpoint
->length
);
1557 retval
= target_write_memory(target
,
1558 breakpoint
->address
& 0xFFFFFFFE,
1559 breakpoint
->length
, 1, code
);
1560 if (retval
!= ERROR_OK
)
1563 /* update i-cache at breakpoint location */
1564 armv7a_l1_d_cache_inval_virt(target
, breakpoint
->address
,
1565 breakpoint
->length
);
1566 armv7a_l1_i_cache_inval_virt(target
, breakpoint
->address
,
1567 breakpoint
->length
);
1569 breakpoint
->set
= 0x11; /* Any nice value but 0 */
1575 static int cortex_a_set_context_breakpoint(struct target
*target
,
1576 struct breakpoint
*breakpoint
, uint8_t matchmode
)
1578 int retval
= ERROR_FAIL
;
1581 uint8_t byte_addr_select
= 0x0F;
1582 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1583 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1584 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1586 if (breakpoint
->set
) {
1587 LOG_WARNING("breakpoint already set");
1590 /*check available context BRPs*/
1591 while ((brp_list
[brp_i
].used
||
1592 (brp_list
[brp_i
].type
!= BRP_CONTEXT
)) && (brp_i
< cortex_a
->brp_num
))
1595 if (brp_i
>= cortex_a
->brp_num
) {
1596 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1600 breakpoint
->set
= brp_i
+ 1;
1601 control
= ((matchmode
& 0x7) << 20)
1602 | (byte_addr_select
<< 5)
1604 brp_list
[brp_i
].used
= 1;
1605 brp_list
[brp_i
].value
= (breakpoint
->asid
);
1606 brp_list
[brp_i
].control
= control
;
1607 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1608 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1609 brp_list
[brp_i
].value
);
1610 if (retval
!= ERROR_OK
)
1612 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1613 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1614 brp_list
[brp_i
].control
);
1615 if (retval
!= ERROR_OK
)
1617 LOG_DEBUG("brp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1618 brp_list
[brp_i
].control
,
1619 brp_list
[brp_i
].value
);
1624 static int cortex_a_set_hybrid_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1626 int retval
= ERROR_FAIL
;
1627 int brp_1
= 0; /* holds the contextID pair */
1628 int brp_2
= 0; /* holds the IVA pair */
1629 uint32_t control_CTX
, control_IVA
;
1630 uint8_t CTX_byte_addr_select
= 0x0F;
1631 uint8_t IVA_byte_addr_select
= 0x0F;
1632 uint8_t CTX_machmode
= 0x03;
1633 uint8_t IVA_machmode
= 0x01;
1634 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1635 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1636 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1638 if (breakpoint
->set
) {
1639 LOG_WARNING("breakpoint already set");
1642 /*check available context BRPs*/
1643 while ((brp_list
[brp_1
].used
||
1644 (brp_list
[brp_1
].type
!= BRP_CONTEXT
)) && (brp_1
< cortex_a
->brp_num
))
1647 printf("brp(CTX) found num: %d\n", brp_1
);
1648 if (brp_1
>= cortex_a
->brp_num
) {
1649 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1653 while ((brp_list
[brp_2
].used
||
1654 (brp_list
[brp_2
].type
!= BRP_NORMAL
)) && (brp_2
< cortex_a
->brp_num
))
1657 printf("brp(IVA) found num: %d\n", brp_2
);
1658 if (brp_2
>= cortex_a
->brp_num
) {
1659 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1663 breakpoint
->set
= brp_1
+ 1;
1664 breakpoint
->linked_BRP
= brp_2
;
1665 control_CTX
= ((CTX_machmode
& 0x7) << 20)
1668 | (CTX_byte_addr_select
<< 5)
1670 brp_list
[brp_1
].used
= 1;
1671 brp_list
[brp_1
].value
= (breakpoint
->asid
);
1672 brp_list
[brp_1
].control
= control_CTX
;
1673 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1674 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_1
].BRPn
,
1675 brp_list
[brp_1
].value
);
1676 if (retval
!= ERROR_OK
)
1678 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1679 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_1
].BRPn
,
1680 brp_list
[brp_1
].control
);
1681 if (retval
!= ERROR_OK
)
1684 control_IVA
= ((IVA_machmode
& 0x7) << 20)
1686 | (IVA_byte_addr_select
<< 5)
1688 brp_list
[brp_2
].used
= 1;
1689 brp_list
[brp_2
].value
= (breakpoint
->address
& 0xFFFFFFFC);
1690 brp_list
[brp_2
].control
= control_IVA
;
1691 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1692 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_2
].BRPn
,
1693 brp_list
[brp_2
].value
);
1694 if (retval
!= ERROR_OK
)
1696 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1697 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_2
].BRPn
,
1698 brp_list
[brp_2
].control
);
1699 if (retval
!= ERROR_OK
)
1705 static int cortex_a_unset_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1708 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1709 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
1710 struct cortex_a_brp
*brp_list
= cortex_a
->brp_list
;
1712 if (!breakpoint
->set
) {
1713 LOG_WARNING("breakpoint not set");
1717 if (breakpoint
->type
== BKPT_HARD
) {
1718 if ((breakpoint
->address
!= 0) && (breakpoint
->asid
!= 0)) {
1719 int brp_i
= breakpoint
->set
- 1;
1720 int brp_j
= breakpoint
->linked_BRP
;
1721 if ((brp_i
< 0) || (brp_i
>= cortex_a
->brp_num
)) {
1722 LOG_DEBUG("Invalid BRP number in breakpoint");
1725 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1726 brp_list
[brp_i
].control
, brp_list
[brp_i
].value
);
1727 brp_list
[brp_i
].used
= 0;
1728 brp_list
[brp_i
].value
= 0;
1729 brp_list
[brp_i
].control
= 0;
1730 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1731 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1732 brp_list
[brp_i
].control
);
1733 if (retval
!= ERROR_OK
)
1735 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1736 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1737 brp_list
[brp_i
].value
);
1738 if (retval
!= ERROR_OK
)
1740 if ((brp_j
< 0) || (brp_j
>= cortex_a
->brp_num
)) {
1741 LOG_DEBUG("Invalid BRP number in breakpoint");
1744 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_j
,
1745 brp_list
[brp_j
].control
, brp_list
[brp_j
].value
);
1746 brp_list
[brp_j
].used
= 0;
1747 brp_list
[brp_j
].value
= 0;
1748 brp_list
[brp_j
].control
= 0;
1749 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1750 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_j
].BRPn
,
1751 brp_list
[brp_j
].control
);
1752 if (retval
!= ERROR_OK
)
1754 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1755 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_j
].BRPn
,
1756 brp_list
[brp_j
].value
);
1757 if (retval
!= ERROR_OK
)
1759 breakpoint
->linked_BRP
= 0;
1760 breakpoint
->set
= 0;
1764 int brp_i
= breakpoint
->set
- 1;
1765 if ((brp_i
< 0) || (brp_i
>= cortex_a
->brp_num
)) {
1766 LOG_DEBUG("Invalid BRP number in breakpoint");
1769 LOG_DEBUG("rbp %i control 0x%0" PRIx32
" value 0x%0" PRIx32
, brp_i
,
1770 brp_list
[brp_i
].control
, brp_list
[brp_i
].value
);
1771 brp_list
[brp_i
].used
= 0;
1772 brp_list
[brp_i
].value
= 0;
1773 brp_list
[brp_i
].control
= 0;
1774 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1775 + CPUDBG_BCR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1776 brp_list
[brp_i
].control
);
1777 if (retval
!= ERROR_OK
)
1779 retval
= cortex_a_dap_write_memap_register_u32(target
, armv7a
->debug_base
1780 + CPUDBG_BVR_BASE
+ 4 * brp_list
[brp_i
].BRPn
,
1781 brp_list
[brp_i
].value
);
1782 if (retval
!= ERROR_OK
)
1784 breakpoint
->set
= 0;
1789 /* make sure data cache is cleaned & invalidated down to PoC */
1790 if (!armv7a
->armv7a_mmu
.armv7a_cache
.auto_cache_enabled
) {
1791 armv7a_cache_flush_virt(target
, breakpoint
->address
,
1792 breakpoint
->length
);
1795 /* restore original instruction (kept in target endianness) */
1796 if (breakpoint
->length
== 4) {
1797 retval
= target_write_memory(target
,
1798 breakpoint
->address
& 0xFFFFFFFE,
1799 4, 1, breakpoint
->orig_instr
);
1800 if (retval
!= ERROR_OK
)
1803 retval
= target_write_memory(target
,
1804 breakpoint
->address
& 0xFFFFFFFE,
1805 2, 1, breakpoint
->orig_instr
);
1806 if (retval
!= ERROR_OK
)
1810 /* update i-cache at breakpoint location */
1811 armv7a_l1_d_cache_inval_virt(target
, breakpoint
->address
,
1812 breakpoint
->length
);
1813 armv7a_l1_i_cache_inval_virt(target
, breakpoint
->address
,
1814 breakpoint
->length
);
1816 breakpoint
->set
= 0;
1821 static int cortex_a_add_breakpoint(struct target
*target
,
1822 struct breakpoint
*breakpoint
)
1824 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1826 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1827 LOG_INFO("no hardware breakpoint available");
1828 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1831 if (breakpoint
->type
== BKPT_HARD
)
1832 cortex_a
->brp_num_available
--;
1834 return cortex_a_set_breakpoint(target
, breakpoint
, 0x00); /* Exact match */
1837 static int cortex_a_add_context_breakpoint(struct target
*target
,
1838 struct breakpoint
*breakpoint
)
1840 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1842 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1843 LOG_INFO("no hardware breakpoint available");
1844 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1847 if (breakpoint
->type
== BKPT_HARD
)
1848 cortex_a
->brp_num_available
--;
1850 return cortex_a_set_context_breakpoint(target
, breakpoint
, 0x02); /* asid match */
1853 static int cortex_a_add_hybrid_breakpoint(struct target
*target
,
1854 struct breakpoint
*breakpoint
)
1856 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1858 if ((breakpoint
->type
== BKPT_HARD
) && (cortex_a
->brp_num_available
< 1)) {
1859 LOG_INFO("no hardware breakpoint available");
1860 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE
;
1863 if (breakpoint
->type
== BKPT_HARD
)
1864 cortex_a
->brp_num_available
--;
1866 return cortex_a_set_hybrid_breakpoint(target
, breakpoint
); /* ??? */
1870 static int cortex_a_remove_breakpoint(struct target
*target
, struct breakpoint
*breakpoint
)
1872 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
1875 /* It is perfectly possible to remove breakpoints while the target is running */
1876 if (target
->state
!= TARGET_HALTED
) {
1877 LOG_WARNING("target not halted");
1878 return ERROR_TARGET_NOT_HALTED
;
1882 if (breakpoint
->set
) {
1883 cortex_a_unset_breakpoint(target
, breakpoint
);
1884 if (breakpoint
->type
== BKPT_HARD
)
1885 cortex_a
->brp_num_available
++;
1893 * Cortex-A Reset functions
1896 static int cortex_a_assert_reset(struct target
*target
)
1898 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1902 /* FIXME when halt is requested, make it work somehow... */
1904 /* This function can be called in "target not examined" state */
1906 /* Issue some kind of warm reset. */
1907 if (target_has_event_action(target
, TARGET_EVENT_RESET_ASSERT
))
1908 target_handle_event(target
, TARGET_EVENT_RESET_ASSERT
);
1909 else if (jtag_get_reset_config() & RESET_HAS_SRST
) {
1910 /* REVISIT handle "pulls" cases, if there's
1911 * hardware that needs them to work.
1913 if (target
->reset_halt
)
1914 if (jtag_get_reset_config() & RESET_SRST_NO_GATING
)
1915 jtag_add_reset(0, 1);
1917 LOG_ERROR("%s: how to reset?", target_name(target
));
1921 /* registers are now invalid */
1922 register_cache_invalidate(armv7a
->arm
.core_cache
);
1924 target
->state
= TARGET_RESET
;
1929 static int cortex_a_deassert_reset(struct target
*target
)
1935 /* be certain SRST is off */
1936 jtag_add_reset(0, 0);
1938 retval
= cortex_a_poll(target
);
1939 if (retval
!= ERROR_OK
)
1942 if (target
->reset_halt
) {
1943 if (target
->state
!= TARGET_HALTED
) {
1944 LOG_WARNING("%s: ran after reset and before halt ...",
1945 target_name(target
));
1946 retval
= target_halt(target
);
1947 if (retval
!= ERROR_OK
)
1955 static int cortex_a_set_dcc_mode(struct target
*target
, uint32_t mode
, uint32_t *dscr
)
1957 /* Changes the mode of the DCC between non-blocking, stall, and fast mode.
1958 * New desired mode must be in mode. Current value of DSCR must be in
1959 * *dscr, which is updated with new value.
1961 * This function elides actually sending the mode-change over the debug
1962 * interface if the mode is already set as desired.
1964 uint32_t new_dscr
= (*dscr
& ~DSCR_EXT_DCC_MASK
) | mode
;
1965 if (new_dscr
!= *dscr
) {
1966 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1967 int retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
1968 armv7a
->debug_base
+ CPUDBG_DSCR
, new_dscr
);
1969 if (retval
== ERROR_OK
)
1977 static int cortex_a_wait_dscr_bits(struct target
*target
, uint32_t mask
,
1978 uint32_t value
, uint32_t *dscr
)
1980 /* Waits until the specified bit(s) of DSCR take on a specified value. */
1981 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
1982 int64_t then
= timeval_ms();
1985 while ((*dscr
& mask
) != value
) {
1986 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
1987 armv7a
->debug_base
+ CPUDBG_DSCR
, dscr
);
1988 if (retval
!= ERROR_OK
)
1990 if (timeval_ms() > then
+ 1000) {
1991 LOG_ERROR("timeout waiting for DSCR bit change");
1998 static int cortex_a_read_copro(struct target
*target
, uint32_t opcode
,
1999 uint32_t *data
, uint32_t *dscr
)
2002 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2004 /* Move from coprocessor to R0. */
2005 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2006 if (retval
!= ERROR_OK
)
2009 /* Move from R0 to DTRTX. */
2010 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MCR(14, 0, 0, 0, 5, 0), dscr
);
2011 if (retval
!= ERROR_OK
)
2014 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
2015 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2016 * must also check TXfull_l). Most of the time this will be free
2017 * because TXfull_l will be set immediately and cached in dscr. */
2018 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2019 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2020 if (retval
!= ERROR_OK
)
2023 /* Read the value transferred to DTRTX. */
2024 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2025 armv7a
->debug_base
+ CPUDBG_DTRTX
, data
);
2026 if (retval
!= ERROR_OK
)
2032 static int cortex_a_read_dfar_dfsr(struct target
*target
, uint32_t *dfar
,
2033 uint32_t *dfsr
, uint32_t *dscr
)
2038 retval
= cortex_a_read_copro(target
, ARMV4_5_MRC(15, 0, 0, 6, 0, 0), dfar
, dscr
);
2039 if (retval
!= ERROR_OK
)
2044 retval
= cortex_a_read_copro(target
, ARMV4_5_MRC(15, 0, 0, 5, 0, 0), dfsr
, dscr
);
2045 if (retval
!= ERROR_OK
)
2052 static int cortex_a_write_copro(struct target
*target
, uint32_t opcode
,
2053 uint32_t data
, uint32_t *dscr
)
2056 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2058 /* Write the value into DTRRX. */
2059 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2060 armv7a
->debug_base
+ CPUDBG_DTRRX
, data
);
2061 if (retval
!= ERROR_OK
)
2064 /* Move from DTRRX to R0. */
2065 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), dscr
);
2066 if (retval
!= ERROR_OK
)
2069 /* Move from R0 to coprocessor. */
2070 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2071 if (retval
!= ERROR_OK
)
2074 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
2075 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2076 * check RXfull_l). Most of the time this will be free because RXfull_l
2077 * will be cleared immediately and cached in dscr. */
2078 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, dscr
);
2079 if (retval
!= ERROR_OK
)
2085 static int cortex_a_write_dfar_dfsr(struct target
*target
, uint32_t dfar
,
2086 uint32_t dfsr
, uint32_t *dscr
)
2090 retval
= cortex_a_write_copro(target
, ARMV4_5_MCR(15, 0, 0, 6, 0, 0), dfar
, dscr
);
2091 if (retval
!= ERROR_OK
)
2094 retval
= cortex_a_write_copro(target
, ARMV4_5_MCR(15, 0, 0, 5, 0, 0), dfsr
, dscr
);
2095 if (retval
!= ERROR_OK
)
2101 static int cortex_a_dfsr_to_error_code(uint32_t dfsr
)
2103 uint32_t status
, upper4
;
2105 if (dfsr
& (1 << 9)) {
2107 status
= dfsr
& 0x3f;
2108 upper4
= status
>> 2;
2109 if (upper4
== 1 || upper4
== 2 || upper4
== 3 || upper4
== 15)
2110 return ERROR_TARGET_TRANSLATION_FAULT
;
2111 else if (status
== 33)
2112 return ERROR_TARGET_UNALIGNED_ACCESS
;
2114 return ERROR_TARGET_DATA_ABORT
;
2116 /* Normal format. */
2117 status
= ((dfsr
>> 6) & 0x10) | (dfsr
& 0xf);
2119 return ERROR_TARGET_UNALIGNED_ACCESS
;
2120 else if (status
== 5 || status
== 7 || status
== 3 || status
== 6 ||
2121 status
== 9 || status
== 11 || status
== 13 || status
== 15)
2122 return ERROR_TARGET_TRANSLATION_FAULT
;
2124 return ERROR_TARGET_DATA_ABORT
;
2128 static int cortex_a_write_cpu_memory_slow(struct target
*target
,
2129 uint32_t size
, uint32_t count
, const uint8_t *buffer
, uint32_t *dscr
)
2131 /* Writes count objects of size size from *buffer. Old value of DSCR must
2132 * be in *dscr; updated to new value. This is slow because it works for
2133 * non-word-sized objects and (maybe) unaligned accesses. If size == 4 and
2134 * the address is aligned, cortex_a_write_cpu_memory_fast should be
2137 * - Address is in R0.
2138 * - R0 is marked dirty.
2140 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2141 struct arm
*arm
= &armv7a
->arm
;
2144 /* Mark register R1 as dirty, to use for transferring data. */
2145 arm_reg_current(arm
, 1)->dirty
= true;
2147 /* Switch to non-blocking mode if not already in that mode. */
2148 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2149 if (retval
!= ERROR_OK
)
2152 /* Go through the objects. */
2154 /* Write the value to store into DTRRX. */
2155 uint32_t data
, opcode
;
2159 data
= target_buffer_get_u16(target
, buffer
);
2161 data
= target_buffer_get_u32(target
, buffer
);
2162 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2163 armv7a
->debug_base
+ CPUDBG_DTRRX
, data
);
2164 if (retval
!= ERROR_OK
)
2167 /* Transfer the value from DTRRX to R1. */
2168 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), dscr
);
2169 if (retval
!= ERROR_OK
)
2172 /* Write the value transferred to R1 into memory. */
2174 opcode
= ARMV4_5_STRB_IP(1, 0);
2176 opcode
= ARMV4_5_STRH_IP(1, 0);
2178 opcode
= ARMV4_5_STRW_IP(1, 0);
2179 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2180 if (retval
!= ERROR_OK
)
2183 /* Check for faults and return early. */
2184 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2185 return ERROR_OK
; /* A data fault is not considered a system failure. */
2187 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture
2188 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2189 * must also check RXfull_l). Most of the time this will be free
2190 * because RXfull_l will be cleared immediately and cached in dscr. */
2191 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, dscr
);
2192 if (retval
!= ERROR_OK
)
2203 static int cortex_a_write_cpu_memory_fast(struct target
*target
,
2204 uint32_t count
, const uint8_t *buffer
, uint32_t *dscr
)
2206 /* Writes count objects of size 4 from *buffer. Old value of DSCR must be
2207 * in *dscr; updated to new value. This is fast but only works for
2208 * word-sized objects at aligned addresses.
2210 * - Address is in R0 and must be a multiple of 4.
2211 * - R0 is marked dirty.
2213 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2216 /* Switch to fast mode if not already in that mode. */
2217 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_FAST_MODE
, dscr
);
2218 if (retval
!= ERROR_OK
)
2221 /* Latch STC instruction. */
2222 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2223 armv7a
->debug_base
+ CPUDBG_ITR
, ARMV4_5_STC(0, 1, 0, 1, 14, 5, 0, 4));
2224 if (retval
!= ERROR_OK
)
2227 /* Transfer all the data and issue all the instructions. */
2228 return mem_ap_write_buf_noincr(armv7a
->debug_ap
, buffer
,
2229 4, count
, armv7a
->debug_base
+ CPUDBG_DTRRX
);
2232 static int cortex_a_write_cpu_memory(struct target
*target
,
2233 uint32_t address
, uint32_t size
,
2234 uint32_t count
, const uint8_t *buffer
)
2236 /* Write memory through the CPU. */
2237 int retval
, final_retval
;
2238 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2239 struct arm
*arm
= &armv7a
->arm
;
2240 uint32_t dscr
, orig_dfar
, orig_dfsr
, fault_dscr
, fault_dfar
, fault_dfsr
;
2242 LOG_DEBUG("Writing CPU memory address 0x%" PRIx32
" size %" PRIu32
" count %" PRIu32
,
2243 address
, size
, count
);
2244 if (target
->state
!= TARGET_HALTED
) {
2245 LOG_WARNING("target not halted");
2246 return ERROR_TARGET_NOT_HALTED
;
2252 /* Clear any abort. */
2253 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2254 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2255 if (retval
!= ERROR_OK
)
2259 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2260 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2261 if (retval
!= ERROR_OK
)
2264 /* Switch to non-blocking mode if not already in that mode. */
2265 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2266 if (retval
!= ERROR_OK
)
2269 /* Mark R0 as dirty. */
2270 arm_reg_current(arm
, 0)->dirty
= true;
2272 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2273 retval
= cortex_a_read_dfar_dfsr(target
, &orig_dfar
, &orig_dfsr
, &dscr
);
2274 if (retval
!= ERROR_OK
)
2277 /* Get the memory address into R0. */
2278 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2279 armv7a
->debug_base
+ CPUDBG_DTRRX
, address
);
2280 if (retval
!= ERROR_OK
)
2282 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr
);
2283 if (retval
!= ERROR_OK
)
2286 if (size
== 4 && (address
% 4) == 0) {
2287 /* We are doing a word-aligned transfer, so use fast mode. */
2288 retval
= cortex_a_write_cpu_memory_fast(target
, count
, buffer
, &dscr
);
2290 /* Use slow path. */
2291 retval
= cortex_a_write_cpu_memory_slow(target
, size
, count
, buffer
, &dscr
);
2295 final_retval
= retval
;
2297 /* Switch to non-blocking mode if not already in that mode. */
2298 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2299 if (final_retval
== ERROR_OK
)
2300 final_retval
= retval
;
2302 /* Wait for last issued instruction to complete. */
2303 retval
= cortex_a_wait_instrcmpl(target
, &dscr
, true);
2304 if (final_retval
== ERROR_OK
)
2305 final_retval
= retval
;
2307 /* Wait until DTRRX is empty (according to ARMv7-A/-R architecture manual
2308 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2309 * check RXfull_l). Most of the time this will be free because RXfull_l
2310 * will be cleared immediately and cached in dscr. However, don't do this
2311 * if there is fault, because then the instruction might not have completed
2313 if (!(dscr
& DSCR_STICKY_ABORT_PRECISE
)) {
2314 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRRX_FULL_LATCHED
, 0, &dscr
);
2315 if (retval
!= ERROR_OK
)
2319 /* If there were any sticky abort flags, clear them. */
2320 if (dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
)) {
2322 mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2323 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2324 dscr
&= ~(DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
);
2329 /* Handle synchronous data faults. */
2330 if (fault_dscr
& DSCR_STICKY_ABORT_PRECISE
) {
2331 if (final_retval
== ERROR_OK
) {
2332 /* Final return value will reflect cause of fault. */
2333 retval
= cortex_a_read_dfar_dfsr(target
, &fault_dfar
, &fault_dfsr
, &dscr
);
2334 if (retval
== ERROR_OK
) {
2335 LOG_ERROR("data abort at 0x%08" PRIx32
", dfsr = 0x%08" PRIx32
, fault_dfar
, fault_dfsr
);
2336 final_retval
= cortex_a_dfsr_to_error_code(fault_dfsr
);
2338 final_retval
= retval
;
2340 /* Fault destroyed DFAR/DFSR; restore them. */
2341 retval
= cortex_a_write_dfar_dfsr(target
, orig_dfar
, orig_dfsr
, &dscr
);
2342 if (retval
!= ERROR_OK
)
2343 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32
, dscr
);
2346 /* Handle asynchronous data faults. */
2347 if (fault_dscr
& DSCR_STICKY_ABORT_IMPRECISE
) {
2348 if (final_retval
== ERROR_OK
)
2349 /* No other error has been recorded so far, so keep this one. */
2350 final_retval
= ERROR_TARGET_DATA_ABORT
;
2353 /* If the DCC is nonempty, clear it. */
2354 if (dscr
& DSCR_DTRTX_FULL_LATCHED
) {
2356 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2357 armv7a
->debug_base
+ CPUDBG_DTRTX
, &dummy
);
2358 if (final_retval
== ERROR_OK
)
2359 final_retval
= retval
;
2361 if (dscr
& DSCR_DTRRX_FULL_LATCHED
) {
2362 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr
);
2363 if (final_retval
== ERROR_OK
)
2364 final_retval
= retval
;
2368 return final_retval
;
2371 static int cortex_a_read_cpu_memory_slow(struct target
*target
,
2372 uint32_t size
, uint32_t count
, uint8_t *buffer
, uint32_t *dscr
)
2374 /* Reads count objects of size size into *buffer. Old value of DSCR must be
2375 * in *dscr; updated to new value. This is slow because it works for
2376 * non-word-sized objects and (maybe) unaligned accesses. If size == 4 and
2377 * the address is aligned, cortex_a_read_cpu_memory_fast should be
2380 * - Address is in R0.
2381 * - R0 is marked dirty.
2383 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2384 struct arm
*arm
= &armv7a
->arm
;
2387 /* Mark register R1 as dirty, to use for transferring data. */
2388 arm_reg_current(arm
, 1)->dirty
= true;
2390 /* Switch to non-blocking mode if not already in that mode. */
2391 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2392 if (retval
!= ERROR_OK
)
2395 /* Go through the objects. */
2397 /* Issue a load of the appropriate size to R1. */
2398 uint32_t opcode
, data
;
2400 opcode
= ARMV4_5_LDRB_IP(1, 0);
2402 opcode
= ARMV4_5_LDRH_IP(1, 0);
2404 opcode
= ARMV4_5_LDRW_IP(1, 0);
2405 retval
= cortex_a_exec_opcode(target
, opcode
, dscr
);
2406 if (retval
!= ERROR_OK
)
2409 /* Issue a write of R1 to DTRTX. */
2410 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MCR(14, 0, 1, 0, 5, 0), dscr
);
2411 if (retval
!= ERROR_OK
)
2414 /* Check for faults and return early. */
2415 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2416 return ERROR_OK
; /* A data fault is not considered a system failure. */
2418 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture
2419 * manual section C8.4.3, checking InstrCmpl_l is not sufficient; one
2420 * must also check TXfull_l). Most of the time this will be free
2421 * because TXfull_l will be set immediately and cached in dscr. */
2422 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2423 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2424 if (retval
!= ERROR_OK
)
2427 /* Read the value transferred to DTRTX into the buffer. */
2428 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2429 armv7a
->debug_base
+ CPUDBG_DTRTX
, &data
);
2430 if (retval
!= ERROR_OK
)
2433 *buffer
= (uint8_t) data
;
2435 target_buffer_set_u16(target
, buffer
, (uint16_t) data
);
2437 target_buffer_set_u32(target
, buffer
, data
);
2447 static int cortex_a_read_cpu_memory_fast(struct target
*target
,
2448 uint32_t count
, uint8_t *buffer
, uint32_t *dscr
)
2450 /* Reads count objects of size 4 into *buffer. Old value of DSCR must be in
2451 * *dscr; updated to new value. This is fast but only works for word-sized
2452 * objects at aligned addresses.
2454 * - Address is in R0 and must be a multiple of 4.
2455 * - R0 is marked dirty.
2457 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2461 /* Switch to non-blocking mode if not already in that mode. */
2462 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2463 if (retval
!= ERROR_OK
)
2466 /* Issue the LDC instruction via a write to ITR. */
2467 retval
= cortex_a_exec_opcode(target
, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4), dscr
);
2468 if (retval
!= ERROR_OK
)
2474 /* Switch to fast mode if not already in that mode. */
2475 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_FAST_MODE
, dscr
);
2476 if (retval
!= ERROR_OK
)
2479 /* Latch LDC instruction. */
2480 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2481 armv7a
->debug_base
+ CPUDBG_ITR
, ARMV4_5_LDC(0, 1, 0, 1, 14, 5, 0, 4));
2482 if (retval
!= ERROR_OK
)
2485 /* Read the value transferred to DTRTX into the buffer. Due to fast
2486 * mode rules, this blocks until the instruction finishes executing and
2487 * then reissues the read instruction to read the next word from
2488 * memory. The last read of DTRTX in this call reads the second-to-last
2489 * word from memory and issues the read instruction for the last word.
2491 retval
= mem_ap_read_buf_noincr(armv7a
->debug_ap
, buffer
,
2492 4, count
, armv7a
->debug_base
+ CPUDBG_DTRTX
);
2493 if (retval
!= ERROR_OK
)
2497 buffer
+= count
* 4;
2500 /* Wait for last issued instruction to complete. */
2501 retval
= cortex_a_wait_instrcmpl(target
, dscr
, false);
2502 if (retval
!= ERROR_OK
)
2505 /* Switch to non-blocking mode if not already in that mode. */
2506 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, dscr
);
2507 if (retval
!= ERROR_OK
)
2510 /* Check for faults and return early. */
2511 if (*dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
))
2512 return ERROR_OK
; /* A data fault is not considered a system failure. */
2514 /* Wait until DTRTX is full (according to ARMv7-A/-R architecture manual
2515 * section C8.4.3, checking InstrCmpl_l is not sufficient; one must also
2516 * check TXfull_l). Most of the time this will be free because TXfull_l
2517 * will be set immediately and cached in dscr. */
2518 retval
= cortex_a_wait_dscr_bits(target
, DSCR_DTRTX_FULL_LATCHED
,
2519 DSCR_DTRTX_FULL_LATCHED
, dscr
);
2520 if (retval
!= ERROR_OK
)
2523 /* Read the value transferred to DTRTX into the buffer. This is the last
2525 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2526 armv7a
->debug_base
+ CPUDBG_DTRTX
, &u32
);
2527 if (retval
!= ERROR_OK
)
2529 target_buffer_set_u32(target
, buffer
, u32
);
2534 static int cortex_a_read_cpu_memory(struct target
*target
,
2535 uint32_t address
, uint32_t size
,
2536 uint32_t count
, uint8_t *buffer
)
2538 /* Read memory through the CPU. */
2539 int retval
, final_retval
;
2540 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2541 struct arm
*arm
= &armv7a
->arm
;
2542 uint32_t dscr
, orig_dfar
, orig_dfsr
, fault_dscr
, fault_dfar
, fault_dfsr
;
2544 LOG_DEBUG("Reading CPU memory address 0x%" PRIx32
" size %" PRIu32
" count %" PRIu32
,
2545 address
, size
, count
);
2546 if (target
->state
!= TARGET_HALTED
) {
2547 LOG_WARNING("target not halted");
2548 return ERROR_TARGET_NOT_HALTED
;
2554 /* Clear any abort. */
2555 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2556 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2557 if (retval
!= ERROR_OK
)
2561 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2562 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2563 if (retval
!= ERROR_OK
)
2566 /* Switch to non-blocking mode if not already in that mode. */
2567 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2568 if (retval
!= ERROR_OK
)
2571 /* Mark R0 as dirty. */
2572 arm_reg_current(arm
, 0)->dirty
= true;
2574 /* Read DFAR and DFSR, as they will be modified in the event of a fault. */
2575 retval
= cortex_a_read_dfar_dfsr(target
, &orig_dfar
, &orig_dfsr
, &dscr
);
2576 if (retval
!= ERROR_OK
)
2579 /* Get the memory address into R0. */
2580 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2581 armv7a
->debug_base
+ CPUDBG_DTRRX
, address
);
2582 if (retval
!= ERROR_OK
)
2584 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 0, 0, 5, 0), &dscr
);
2585 if (retval
!= ERROR_OK
)
2588 if (size
== 4 && (address
% 4) == 0) {
2589 /* We are doing a word-aligned transfer, so use fast mode. */
2590 retval
= cortex_a_read_cpu_memory_fast(target
, count
, buffer
, &dscr
);
2592 /* Use slow path. */
2593 retval
= cortex_a_read_cpu_memory_slow(target
, size
, count
, buffer
, &dscr
);
2597 final_retval
= retval
;
2599 /* Switch to non-blocking mode if not already in that mode. */
2600 retval
= cortex_a_set_dcc_mode(target
, DSCR_EXT_DCC_NON_BLOCKING
, &dscr
);
2601 if (final_retval
== ERROR_OK
)
2602 final_retval
= retval
;
2604 /* Wait for last issued instruction to complete. */
2605 retval
= cortex_a_wait_instrcmpl(target
, &dscr
, true);
2606 if (final_retval
== ERROR_OK
)
2607 final_retval
= retval
;
2609 /* If there were any sticky abort flags, clear them. */
2610 if (dscr
& (DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
)) {
2612 mem_ap_write_atomic_u32(armv7a
->debug_ap
,
2613 armv7a
->debug_base
+ CPUDBG_DRCR
, DRCR_CLEAR_EXCEPTIONS
);
2614 dscr
&= ~(DSCR_STICKY_ABORT_PRECISE
| DSCR_STICKY_ABORT_IMPRECISE
);
2619 /* Handle synchronous data faults. */
2620 if (fault_dscr
& DSCR_STICKY_ABORT_PRECISE
) {
2621 if (final_retval
== ERROR_OK
) {
2622 /* Final return value will reflect cause of fault. */
2623 retval
= cortex_a_read_dfar_dfsr(target
, &fault_dfar
, &fault_dfsr
, &dscr
);
2624 if (retval
== ERROR_OK
) {
2625 LOG_ERROR("data abort at 0x%08" PRIx32
", dfsr = 0x%08" PRIx32
, fault_dfar
, fault_dfsr
);
2626 final_retval
= cortex_a_dfsr_to_error_code(fault_dfsr
);
2628 final_retval
= retval
;
2630 /* Fault destroyed DFAR/DFSR; restore them. */
2631 retval
= cortex_a_write_dfar_dfsr(target
, orig_dfar
, orig_dfsr
, &dscr
);
2632 if (retval
!= ERROR_OK
)
2633 LOG_ERROR("error restoring dfar/dfsr - dscr = 0x%08" PRIx32
, dscr
);
2636 /* Handle asynchronous data faults. */
2637 if (fault_dscr
& DSCR_STICKY_ABORT_IMPRECISE
) {
2638 if (final_retval
== ERROR_OK
)
2639 /* No other error has been recorded so far, so keep this one. */
2640 final_retval
= ERROR_TARGET_DATA_ABORT
;
2643 /* If the DCC is nonempty, clear it. */
2644 if (dscr
& DSCR_DTRTX_FULL_LATCHED
) {
2646 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2647 armv7a
->debug_base
+ CPUDBG_DTRTX
, &dummy
);
2648 if (final_retval
== ERROR_OK
)
2649 final_retval
= retval
;
2651 if (dscr
& DSCR_DTRRX_FULL_LATCHED
) {
2652 retval
= cortex_a_exec_opcode(target
, ARMV4_5_MRC(14, 0, 1, 0, 5, 0), &dscr
);
2653 if (final_retval
== ERROR_OK
)
2654 final_retval
= retval
;
2658 return final_retval
;
2663 * Cortex-A Memory access
2665 * This is same Cortex-M3 but we must also use the correct
2666 * ap number for every access.
2669 static int cortex_a_read_phys_memory(struct target
*target
,
2670 uint32_t address
, uint32_t size
,
2671 uint32_t count
, uint8_t *buffer
)
2673 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2674 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2675 uint8_t apsel
= swjdp
->apsel
;
2678 if (!count
|| !buffer
)
2679 return ERROR_COMMAND_SYNTAX_ERROR
;
2681 LOG_DEBUG("Reading memory at real address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
,
2682 address
, size
, count
);
2684 if (armv7a
->memory_ap_available
&& (apsel
== armv7a
->memory_ap
->ap_num
))
2685 return mem_ap_read_buf(armv7a
->memory_ap
, buffer
, size
, count
, address
);
2687 /* read memory through the CPU */
2688 cortex_a_prep_memaccess(target
, 1);
2689 retval
= cortex_a_read_cpu_memory(target
, address
, size
, count
, buffer
);
2690 cortex_a_post_memaccess(target
, 1);
2695 static int cortex_a_read_memory(struct target
*target
, uint32_t address
,
2696 uint32_t size
, uint32_t count
, uint8_t *buffer
)
2700 /* cortex_a handles unaligned memory access */
2701 LOG_DEBUG("Reading memory at address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2704 cortex_a_prep_memaccess(target
, 0);
2705 retval
= cortex_a_read_cpu_memory(target
, address
, size
, count
, buffer
);
2706 cortex_a_post_memaccess(target
, 0);
2711 static int cortex_a_read_memory_ahb(struct target
*target
, uint32_t address
,
2712 uint32_t size
, uint32_t count
, uint8_t *buffer
)
2714 int mmu_enabled
= 0;
2715 uint32_t virt
, phys
;
2717 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2718 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2719 uint8_t apsel
= swjdp
->apsel
;
2721 if (!armv7a
->memory_ap_available
|| (apsel
!= armv7a
->memory_ap
->ap_num
))
2722 return target_read_memory(target
, address
, size
, count
, buffer
);
2724 /* cortex_a handles unaligned memory access */
2725 LOG_DEBUG("Reading memory at address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2728 /* determine if MMU was enabled on target stop */
2729 if (!armv7a
->is_armv7r
) {
2730 retval
= cortex_a_mmu(target
, &mmu_enabled
);
2731 if (retval
!= ERROR_OK
)
2737 retval
= cortex_a_virt2phys(target
, virt
, &phys
);
2738 if (retval
!= ERROR_OK
)
2741 LOG_DEBUG("Reading at virtual address. Translating v:0x%" PRIx32
" to r:0x%" PRIx32
,
2746 if (!count
|| !buffer
)
2747 return ERROR_COMMAND_SYNTAX_ERROR
;
2749 retval
= mem_ap_read_buf(armv7a
->memory_ap
, buffer
, size
, count
, address
);
2754 static int cortex_a_write_phys_memory(struct target
*target
,
2755 uint32_t address
, uint32_t size
,
2756 uint32_t count
, const uint8_t *buffer
)
2758 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2759 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2760 uint8_t apsel
= swjdp
->apsel
;
2763 if (!count
|| !buffer
)
2764 return ERROR_COMMAND_SYNTAX_ERROR
;
2766 LOG_DEBUG("Writing memory to real address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2769 if (armv7a
->memory_ap_available
&& (apsel
== armv7a
->memory_ap
->ap_num
))
2770 return mem_ap_write_buf(armv7a
->memory_ap
, buffer
, size
, count
, address
);
2772 /* write memory through the CPU */
2773 cortex_a_prep_memaccess(target
, 1);
2774 retval
= cortex_a_write_cpu_memory(target
, address
, size
, count
, buffer
);
2775 cortex_a_post_memaccess(target
, 1);
2780 static int cortex_a_write_memory(struct target
*target
, uint32_t address
,
2781 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
2785 /* cortex_a handles unaligned memory access */
2786 LOG_DEBUG("Writing memory at address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2789 /* memory writes bypass the caches, must flush before writing */
2790 armv7a_cache_auto_flush_on_write(target
, address
, size
* count
);
2792 cortex_a_prep_memaccess(target
, 0);
2793 retval
= cortex_a_write_cpu_memory(target
, address
, size
, count
, buffer
);
2794 cortex_a_post_memaccess(target
, 0);
2798 static int cortex_a_write_memory_ahb(struct target
*target
, uint32_t address
,
2799 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
2801 int mmu_enabled
= 0;
2802 uint32_t virt
, phys
;
2804 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2805 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2806 uint8_t apsel
= swjdp
->apsel
;
2808 if (!armv7a
->memory_ap_available
|| (apsel
!= armv7a
->memory_ap
->ap_num
))
2809 return target_write_memory(target
, address
, size
, count
, buffer
);
2811 /* cortex_a handles unaligned memory access */
2812 LOG_DEBUG("Writing memory at address 0x%" PRIx32
"; size %" PRId32
"; count %" PRId32
, address
,
2815 /* determine if MMU was enabled on target stop */
2816 if (!armv7a
->is_armv7r
) {
2817 retval
= cortex_a_mmu(target
, &mmu_enabled
);
2818 if (retval
!= ERROR_OK
)
2824 retval
= cortex_a_virt2phys(target
, virt
, &phys
);
2825 if (retval
!= ERROR_OK
)
2828 LOG_DEBUG("Writing to virtual address. Translating v:0x%" PRIx32
" to r:0x%" PRIx32
,
2834 if (!count
|| !buffer
)
2835 return ERROR_COMMAND_SYNTAX_ERROR
;
2837 retval
= mem_ap_write_buf(armv7a
->memory_ap
, buffer
, size
, count
, address
);
2842 static int cortex_a_read_buffer(struct target
*target
, uint32_t address
,
2843 uint32_t count
, uint8_t *buffer
)
2847 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2848 * will have something to do with the size we leave to it. */
2849 for (size
= 1; size
< 4 && count
>= size
* 2 + (address
& size
); size
*= 2) {
2850 if (address
& size
) {
2851 int retval
= cortex_a_read_memory_ahb(target
, address
, size
, 1, buffer
);
2852 if (retval
!= ERROR_OK
)
2860 /* Read the data with as large access size as possible. */
2861 for (; size
> 0; size
/= 2) {
2862 uint32_t aligned
= count
- count
% size
;
2864 int retval
= cortex_a_read_memory_ahb(target
, address
, size
, aligned
/ size
, buffer
);
2865 if (retval
!= ERROR_OK
)
2876 static int cortex_a_write_buffer(struct target
*target
, uint32_t address
,
2877 uint32_t count
, const uint8_t *buffer
)
2881 /* Align up to maximum 4 bytes. The loop condition makes sure the next pass
2882 * will have something to do with the size we leave to it. */
2883 for (size
= 1; size
< 4 && count
>= size
* 2 + (address
& size
); size
*= 2) {
2884 if (address
& size
) {
2885 int retval
= cortex_a_write_memory_ahb(target
, address
, size
, 1, buffer
);
2886 if (retval
!= ERROR_OK
)
2894 /* Write the data with as large access size as possible. */
2895 for (; size
> 0; size
/= 2) {
2896 uint32_t aligned
= count
- count
% size
;
2898 int retval
= cortex_a_write_memory_ahb(target
, address
, size
, aligned
/ size
, buffer
);
2899 if (retval
!= ERROR_OK
)
2910 static int cortex_a_handle_target_request(void *priv
)
2912 struct target
*target
= priv
;
2913 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
2916 if (!target_was_examined(target
))
2918 if (!target
->dbg_msg_enabled
)
2921 if (target
->state
== TARGET_RUNNING
) {
2924 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2925 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2927 /* check if we have data */
2928 int64_t then
= timeval_ms();
2929 while ((dscr
& DSCR_DTR_TX_FULL
) && (retval
== ERROR_OK
)) {
2930 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2931 armv7a
->debug_base
+ CPUDBG_DTRTX
, &request
);
2932 if (retval
== ERROR_OK
) {
2933 target_request(target
, request
);
2934 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
2935 armv7a
->debug_base
+ CPUDBG_DSCR
, &dscr
);
2937 if (timeval_ms() > then
+ 1000) {
2938 LOG_ERROR("Timeout waiting for dtr tx full");
2948 * Cortex-A target information and configuration
2951 static int cortex_a_examine_first(struct target
*target
)
2953 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
2954 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
2955 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
2957 int retval
= ERROR_OK
;
2958 uint32_t didr
, ctypr
, ttypr
, cpuid
, dbg_osreg
;
2960 retval
= dap_dp_init(swjdp
);
2961 if (retval
!= ERROR_OK
) {
2962 LOG_ERROR("Could not initialize the debug port");
2966 /* Search for the APB-AP - it is needed for access to debug registers */
2967 retval
= dap_find_ap(swjdp
, AP_TYPE_APB_AP
, &armv7a
->debug_ap
);
2968 if (retval
!= ERROR_OK
) {
2969 LOG_ERROR("Could not find APB-AP for debug access");
2973 retval
= mem_ap_init(armv7a
->debug_ap
);
2974 if (retval
!= ERROR_OK
) {
2975 LOG_ERROR("Could not initialize the APB-AP");
2979 armv7a
->debug_ap
->memaccess_tck
= 80;
2981 /* Search for the AHB-AB.
2982 * REVISIT: We should search for AXI-AP as well and make sure the AP's MEMTYPE says it
2983 * can access system memory. */
2984 armv7a
->memory_ap_available
= false;
2985 retval
= dap_find_ap(swjdp
, AP_TYPE_AHB_AP
, &armv7a
->memory_ap
);
2986 if (retval
== ERROR_OK
) {
2987 retval
= mem_ap_init(armv7a
->memory_ap
);
2988 if (retval
== ERROR_OK
)
2989 armv7a
->memory_ap_available
= true;
2991 if (retval
!= ERROR_OK
) {
2992 /* AHB-AP not found or unavailable - use the CPU */
2993 LOG_DEBUG("No AHB-AP available for memory access");
2996 if (!target
->dbgbase_set
) {
2998 /* Get ROM Table base */
3000 int32_t coreidx
= target
->coreid
;
3001 LOG_DEBUG("%s's dbgbase is not set, trying to detect using the ROM table",
3003 retval
= dap_get_debugbase(armv7a
->debug_ap
, &dbgbase
, &apid
);
3004 if (retval
!= ERROR_OK
)
3006 /* Lookup 0x15 -- Processor DAP */
3007 retval
= dap_lookup_cs_component(armv7a
->debug_ap
, dbgbase
, 0x15,
3008 &armv7a
->debug_base
, &coreidx
);
3009 if (retval
!= ERROR_OK
) {
3010 LOG_ERROR("Can't detect %s's dbgbase from the ROM table; you need to specify it explicitly.",
3014 LOG_DEBUG("Detected core %" PRId32
" dbgbase: %08" PRIx32
,
3015 target
->coreid
, armv7a
->debug_base
);
3017 armv7a
->debug_base
= target
->dbgbase
;
3019 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3020 armv7a
->debug_base
+ CPUDBG_CPUID
, &cpuid
);
3021 if (retval
!= ERROR_OK
)
3024 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3025 armv7a
->debug_base
+ CPUDBG_CPUID
, &cpuid
);
3026 if (retval
!= ERROR_OK
) {
3027 LOG_DEBUG("Examine %s failed", "CPUID");
3031 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3032 armv7a
->debug_base
+ CPUDBG_CTYPR
, &ctypr
);
3033 if (retval
!= ERROR_OK
) {
3034 LOG_DEBUG("Examine %s failed", "CTYPR");
3038 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3039 armv7a
->debug_base
+ CPUDBG_TTYPR
, &ttypr
);
3040 if (retval
!= ERROR_OK
) {
3041 LOG_DEBUG("Examine %s failed", "TTYPR");
3045 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3046 armv7a
->debug_base
+ CPUDBG_DIDR
, &didr
);
3047 if (retval
!= ERROR_OK
) {
3048 LOG_DEBUG("Examine %s failed", "DIDR");
3052 LOG_DEBUG("cpuid = 0x%08" PRIx32
, cpuid
);
3053 LOG_DEBUG("ctypr = 0x%08" PRIx32
, ctypr
);
3054 LOG_DEBUG("ttypr = 0x%08" PRIx32
, ttypr
);
3055 LOG_DEBUG("didr = 0x%08" PRIx32
, didr
);
3057 cortex_a
->cpuid
= cpuid
;
3058 cortex_a
->ctypr
= ctypr
;
3059 cortex_a
->ttypr
= ttypr
;
3060 cortex_a
->didr
= didr
;
3062 /* Unlocking the debug registers */
3063 if ((cpuid
& CORTEX_A_MIDR_PARTNUM_MASK
) >> CORTEX_A_MIDR_PARTNUM_SHIFT
==
3064 CORTEX_A15_PARTNUM
) {
3066 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
3067 armv7a
->debug_base
+ CPUDBG_OSLAR
,
3070 if (retval
!= ERROR_OK
)
3074 /* Unlocking the debug registers */
3075 if ((cpuid
& CORTEX_A_MIDR_PARTNUM_MASK
) >> CORTEX_A_MIDR_PARTNUM_SHIFT
==
3076 CORTEX_A7_PARTNUM
) {
3078 retval
= mem_ap_write_atomic_u32(armv7a
->debug_ap
,
3079 armv7a
->debug_base
+ CPUDBG_OSLAR
,
3082 if (retval
!= ERROR_OK
)
3086 retval
= mem_ap_read_atomic_u32(armv7a
->debug_ap
,
3087 armv7a
->debug_base
+ CPUDBG_PRSR
, &dbg_osreg
);
3089 if (retval
!= ERROR_OK
)
3092 LOG_DEBUG("target->coreid %" PRId32
" DBGPRSR 0x%" PRIx32
, target
->coreid
, dbg_osreg
);
3094 armv7a
->arm
.core_type
= ARM_MODE_MON
;
3096 /* Avoid recreating the registers cache */
3097 if (!target_was_examined(target
)) {
3098 retval
= cortex_a_dpm_setup(cortex_a
, didr
);
3099 if (retval
!= ERROR_OK
)
3103 /* Setup Breakpoint Register Pairs */
3104 cortex_a
->brp_num
= ((didr
>> 24) & 0x0F) + 1;
3105 cortex_a
->brp_num_context
= ((didr
>> 20) & 0x0F) + 1;
3106 cortex_a
->brp_num_available
= cortex_a
->brp_num
;
3107 free(cortex_a
->brp_list
);
3108 cortex_a
->brp_list
= calloc(cortex_a
->brp_num
, sizeof(struct cortex_a_brp
));
3109 /* cortex_a->brb_enabled = ????; */
3110 for (i
= 0; i
< cortex_a
->brp_num
; i
++) {
3111 cortex_a
->brp_list
[i
].used
= 0;
3112 if (i
< (cortex_a
->brp_num
-cortex_a
->brp_num_context
))
3113 cortex_a
->brp_list
[i
].type
= BRP_NORMAL
;
3115 cortex_a
->brp_list
[i
].type
= BRP_CONTEXT
;
3116 cortex_a
->brp_list
[i
].value
= 0;
3117 cortex_a
->brp_list
[i
].control
= 0;
3118 cortex_a
->brp_list
[i
].BRPn
= i
;
3121 LOG_DEBUG("Configured %i hw breakpoints", cortex_a
->brp_num
);
3123 /* select debug_ap as default */
3124 swjdp
->apsel
= armv7a
->debug_ap
->ap_num
;
3126 target_set_examined(target
);
3130 static int cortex_a_examine(struct target
*target
)
3132 int retval
= ERROR_OK
;
3134 /* Reestablish communication after target reset */
3135 retval
= cortex_a_examine_first(target
);
3137 /* Configure core debug access */
3138 if (retval
== ERROR_OK
)
3139 retval
= cortex_a_init_debug_access(target
);
3145 * Cortex-A target creation and initialization
3148 static int cortex_a_init_target(struct command_context
*cmd_ctx
,
3149 struct target
*target
)
3151 /* examine_first() does a bunch of this */
3155 static int cortex_a_init_arch_info(struct target
*target
,
3156 struct cortex_a_common
*cortex_a
, struct jtag_tap
*tap
)
3158 struct armv7a_common
*armv7a
= &cortex_a
->armv7a_common
;
3160 /* Setup struct cortex_a_common */
3161 cortex_a
->common_magic
= CORTEX_A_COMMON_MAGIC
;
3163 /* tap has no dap initialized */
3165 tap
->dap
= dap_init();
3167 /* Leave (only) generic DAP stuff for debugport_init() */
3168 tap
->dap
->tap
= tap
;
3171 armv7a
->arm
.dap
= tap
->dap
;
3173 cortex_a
->fast_reg_read
= 0;
3175 /* register arch-specific functions */
3176 armv7a
->examine_debug_reason
= NULL
;
3178 armv7a
->post_debug_entry
= cortex_a_post_debug_entry
;
3180 armv7a
->pre_restore_context
= NULL
;
3182 armv7a
->armv7a_mmu
.read_physical_memory
= cortex_a_read_phys_memory
;
3185 /* arm7_9->handle_target_request = cortex_a_handle_target_request; */
3187 /* REVISIT v7a setup should be in a v7a-specific routine */
3188 armv7a_init_arch_info(target
, armv7a
);
3189 target_register_timer_callback(cortex_a_handle_target_request
, 1, 1, target
);
3194 static int cortex_a_target_create(struct target
*target
, Jim_Interp
*interp
)
3196 struct cortex_a_common
*cortex_a
= calloc(1, sizeof(struct cortex_a_common
));
3198 cortex_a
->armv7a_common
.is_armv7r
= false;
3200 return cortex_a_init_arch_info(target
, cortex_a
, target
->tap
);
3203 static int cortex_r4_target_create(struct target
*target
, Jim_Interp
*interp
)
3205 struct cortex_a_common
*cortex_a
= calloc(1, sizeof(struct cortex_a_common
));
3207 cortex_a
->armv7a_common
.is_armv7r
= true;
3209 return cortex_a_init_arch_info(target
, cortex_a
, target
->tap
);
3212 static void cortex_a_deinit_target(struct target
*target
)
3214 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3215 struct arm_dpm
*dpm
= &cortex_a
->armv7a_common
.dpm
;
3217 free(cortex_a
->brp_list
);
3223 static int cortex_a_mmu(struct target
*target
, int *enabled
)
3225 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
3227 if (target
->state
!= TARGET_HALTED
) {
3228 LOG_ERROR("%s: target not halted", __func__
);
3229 return ERROR_TARGET_INVALID
;
3232 if (armv7a
->is_armv7r
)
3235 *enabled
= target_to_cortex_a(target
)->armv7a_common
.armv7a_mmu
.mmu_enabled
;
3240 static int cortex_a_virt2phys(struct target
*target
,
3241 uint32_t virt
, uint32_t *phys
)
3243 int retval
= ERROR_FAIL
;
3244 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
3245 struct adiv5_dap
*swjdp
= armv7a
->arm
.dap
;
3246 uint8_t apsel
= swjdp
->apsel
;
3247 if (armv7a
->memory_ap_available
&& (apsel
== armv7a
->memory_ap
->ap_num
)) {
3249 retval
= armv7a_mmu_translate_va(target
,
3251 if (retval
!= ERROR_OK
)
3254 } else {/* use this method if armv7a->memory_ap not selected
3255 * mmu must be enable in order to get a correct translation */
3256 retval
= cortex_a_mmu_modify(target
, 1);
3257 if (retval
!= ERROR_OK
)
3259 retval
= armv7a_mmu_translate_va_pa(target
, virt
, phys
, 1);
3265 COMMAND_HANDLER(cortex_a_handle_cache_info_command
)
3267 struct target
*target
= get_current_target(CMD_CTX
);
3268 struct armv7a_common
*armv7a
= target_to_armv7a(target
);
3270 return armv7a_handle_cache_info_command(CMD_CTX
,
3271 &armv7a
->armv7a_mmu
.armv7a_cache
);
3275 COMMAND_HANDLER(cortex_a_handle_dbginit_command
)
3277 struct target
*target
= get_current_target(CMD_CTX
);
3278 if (!target_was_examined(target
)) {
3279 LOG_ERROR("target not examined yet");
3283 return cortex_a_init_debug_access(target
);
3285 COMMAND_HANDLER(cortex_a_handle_smp_off_command
)
3287 struct target
*target
= get_current_target(CMD_CTX
);
3288 /* check target is an smp target */
3289 struct target_list
*head
;
3290 struct target
*curr
;
3291 head
= target
->head
;
3293 if (head
!= (struct target_list
*)NULL
) {
3294 while (head
!= (struct target_list
*)NULL
) {
3295 curr
= head
->target
;
3299 /* fixes the target display to the debugger */
3300 target
->gdb_service
->target
= target
;
3305 COMMAND_HANDLER(cortex_a_handle_smp_on_command
)
3307 struct target
*target
= get_current_target(CMD_CTX
);
3308 struct target_list
*head
;
3309 struct target
*curr
;
3310 head
= target
->head
;
3311 if (head
!= (struct target_list
*)NULL
) {
3313 while (head
!= (struct target_list
*)NULL
) {
3314 curr
= head
->target
;
3322 COMMAND_HANDLER(cortex_a_handle_smp_gdb_command
)
3324 struct target
*target
= get_current_target(CMD_CTX
);
3325 int retval
= ERROR_OK
;
3326 struct target_list
*head
;
3327 head
= target
->head
;
3328 if (head
!= (struct target_list
*)NULL
) {
3329 if (CMD_ARGC
== 1) {
3331 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], coreid
);
3332 if (ERROR_OK
!= retval
)
3334 target
->gdb_service
->core
[1] = coreid
;
3337 command_print(CMD_CTX
, "gdb coreid %" PRId32
" -> %" PRId32
, target
->gdb_service
->core
[0]
3338 , target
->gdb_service
->core
[1]);
3343 COMMAND_HANDLER(handle_cortex_a_mask_interrupts_command
)
3345 struct target
*target
= get_current_target(CMD_CTX
);
3346 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3348 static const Jim_Nvp nvp_maskisr_modes
[] = {
3349 { .name
= "off", .value
= CORTEX_A_ISRMASK_OFF
},
3350 { .name
= "on", .value
= CORTEX_A_ISRMASK_ON
},
3351 { .name
= NULL
, .value
= -1 },
3356 n
= Jim_Nvp_name2value_simple(nvp_maskisr_modes
, CMD_ARGV
[0]);
3357 if (n
->name
== NULL
) {
3358 LOG_ERROR("Unknown parameter: %s - should be off or on", CMD_ARGV
[0]);
3359 return ERROR_COMMAND_SYNTAX_ERROR
;
3362 cortex_a
->isrmasking_mode
= n
->value
;
3365 n
= Jim_Nvp_value2name_simple(nvp_maskisr_modes
, cortex_a
->isrmasking_mode
);
3366 command_print(CMD_CTX
, "cortex_a interrupt mask %s", n
->name
);
3371 COMMAND_HANDLER(handle_cortex_a_dacrfixup_command
)
3373 struct target
*target
= get_current_target(CMD_CTX
);
3374 struct cortex_a_common
*cortex_a
= target_to_cortex_a(target
);
3376 static const Jim_Nvp nvp_dacrfixup_modes
[] = {
3377 { .name
= "off", .value
= CORTEX_A_DACRFIXUP_OFF
},
3378 { .name
= "on", .value
= CORTEX_A_DACRFIXUP_ON
},
3379 { .name
= NULL
, .value
= -1 },
3384 n
= Jim_Nvp_name2value_simple(nvp_dacrfixup_modes
, CMD_ARGV
[0]);
3385 if (n
->name
== NULL
)
3386 return ERROR_COMMAND_SYNTAX_ERROR
;
3387 cortex_a
->dacrfixup_mode
= n
->value
;
3391 n
= Jim_Nvp_value2name_simple(nvp_dacrfixup_modes
, cortex_a
->dacrfixup_mode
);
3392 command_print(CMD_CTX
, "cortex_a domain access control fixup %s", n
->name
);
3397 static const struct command_registration cortex_a_exec_command_handlers
[] = {
3399 .name
= "cache_info",
3400 .handler
= cortex_a_handle_cache_info_command
,
3401 .mode
= COMMAND_EXEC
,
3402 .help
= "display information about target caches",
3407 .handler
= cortex_a_handle_dbginit_command
,
3408 .mode
= COMMAND_EXEC
,
3409 .help
= "Initialize core debug",
3412 { .name
= "smp_off",
3413 .handler
= cortex_a_handle_smp_off_command
,
3414 .mode
= COMMAND_EXEC
,
3415 .help
= "Stop smp handling",
3419 .handler
= cortex_a_handle_smp_on_command
,
3420 .mode
= COMMAND_EXEC
,
3421 .help
= "Restart smp handling",
3426 .handler
= cortex_a_handle_smp_gdb_command
,
3427 .mode
= COMMAND_EXEC
,
3428 .help
= "display/fix current core played to gdb",
3433 .handler
= handle_cortex_a_mask_interrupts_command
,
3434 .mode
= COMMAND_ANY
,
3435 .help
= "mask cortex_a interrupts",
3436 .usage
= "['on'|'off']",
3439 .name
= "dacrfixup",
3440 .handler
= handle_cortex_a_dacrfixup_command
,
3441 .mode
= COMMAND_EXEC
,
3442 .help
= "set domain access control (DACR) to all-manager "
3444 .usage
= "['on'|'off']",
3447 COMMAND_REGISTRATION_DONE
3449 static const struct command_registration cortex_a_command_handlers
[] = {
3451 .chain
= arm_command_handlers
,
3454 .chain
= armv7a_command_handlers
,
3458 .mode
= COMMAND_ANY
,
3459 .help
= "Cortex-A command group",
3461 .chain
= cortex_a_exec_command_handlers
,
3463 COMMAND_REGISTRATION_DONE
3466 struct target_type cortexa_target
= {
3468 .deprecated_name
= "cortex_a8",
3470 .poll
= cortex_a_poll
,
3471 .arch_state
= armv7a_arch_state
,
3473 .halt
= cortex_a_halt
,
3474 .resume
= cortex_a_resume
,
3475 .step
= cortex_a_step
,
3477 .assert_reset
= cortex_a_assert_reset
,
3478 .deassert_reset
= cortex_a_deassert_reset
,
3480 /* REVISIT allow exporting VFP3 registers ... */
3481 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
3483 .read_memory
= cortex_a_read_memory
,
3484 .write_memory
= cortex_a_write_memory
,
3486 .read_buffer
= cortex_a_read_buffer
,
3487 .write_buffer
= cortex_a_write_buffer
,
3489 .checksum_memory
= arm_checksum_memory
,
3490 .blank_check_memory
= arm_blank_check_memory
,
3492 .run_algorithm
= armv4_5_run_algorithm
,
3494 .add_breakpoint
= cortex_a_add_breakpoint
,
3495 .add_context_breakpoint
= cortex_a_add_context_breakpoint
,
3496 .add_hybrid_breakpoint
= cortex_a_add_hybrid_breakpoint
,
3497 .remove_breakpoint
= cortex_a_remove_breakpoint
,
3498 .add_watchpoint
= NULL
,
3499 .remove_watchpoint
= NULL
,
3501 .commands
= cortex_a_command_handlers
,
3502 .target_create
= cortex_a_target_create
,
3503 .init_target
= cortex_a_init_target
,
3504 .examine
= cortex_a_examine
,
3505 .deinit_target
= cortex_a_deinit_target
,
3507 .read_phys_memory
= cortex_a_read_phys_memory
,
3508 .write_phys_memory
= cortex_a_write_phys_memory
,
3509 .mmu
= cortex_a_mmu
,
3510 .virt2phys
= cortex_a_virt2phys
,
3513 static const struct command_registration cortex_r4_exec_command_handlers
[] = {
3515 .name
= "cache_info",
3516 .handler
= cortex_a_handle_cache_info_command
,
3517 .mode
= COMMAND_EXEC
,
3518 .help
= "display information about target caches",
3523 .handler
= cortex_a_handle_dbginit_command
,
3524 .mode
= COMMAND_EXEC
,
3525 .help
= "Initialize core debug",
3530 .handler
= handle_cortex_a_mask_interrupts_command
,
3531 .mode
= COMMAND_EXEC
,
3532 .help
= "mask cortex_r4 interrupts",
3533 .usage
= "['on'|'off']",
3536 COMMAND_REGISTRATION_DONE
3538 static const struct command_registration cortex_r4_command_handlers
[] = {
3540 .chain
= arm_command_handlers
,
3543 .chain
= armv7a_command_handlers
,
3546 .name
= "cortex_r4",
3547 .mode
= COMMAND_ANY
,
3548 .help
= "Cortex-R4 command group",
3550 .chain
= cortex_r4_exec_command_handlers
,
3552 COMMAND_REGISTRATION_DONE
3555 struct target_type cortexr4_target
= {
3556 .name
= "cortex_r4",
3558 .poll
= cortex_a_poll
,
3559 .arch_state
= armv7a_arch_state
,
3561 .halt
= cortex_a_halt
,
3562 .resume
= cortex_a_resume
,
3563 .step
= cortex_a_step
,
3565 .assert_reset
= cortex_a_assert_reset
,
3566 .deassert_reset
= cortex_a_deassert_reset
,
3568 /* REVISIT allow exporting VFP3 registers ... */
3569 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
3571 .read_memory
= cortex_a_read_memory
,
3572 .write_memory
= cortex_a_write_memory
,
3574 .checksum_memory
= arm_checksum_memory
,
3575 .blank_check_memory
= arm_blank_check_memory
,
3577 .run_algorithm
= armv4_5_run_algorithm
,
3579 .add_breakpoint
= cortex_a_add_breakpoint
,
3580 .add_context_breakpoint
= cortex_a_add_context_breakpoint
,
3581 .add_hybrid_breakpoint
= cortex_a_add_hybrid_breakpoint
,
3582 .remove_breakpoint
= cortex_a_remove_breakpoint
,
3583 .add_watchpoint
= NULL
,
3584 .remove_watchpoint
= NULL
,
3586 .commands
= cortex_r4_command_handlers
,
3587 .target_create
= cortex_r4_target_create
,
3588 .init_target
= cortex_a_init_target
,
3589 .examine
= cortex_a_examine
,
3590 .deinit_target
= cortex_a_deinit_target
,