semihosting: support fileio operation
[openocd.git] / src / target / cortex_m.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2006 by Magnus Lundin *
6 * lundin@mlu.mine.nu *
7 * *
8 * Copyright (C) 2008 by Spencer Oliver *
9 * spen@spen-soft.co.uk *
10 * *
11 * This program is free software; you can redistribute it and/or modify *
12 * it under the terms of the GNU General Public License as published by *
13 * the Free Software Foundation; either version 2 of the License, or *
14 * (at your option) any later version. *
15 * *
16 * This program is distributed in the hope that it will be useful, *
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
19 * GNU General Public License for more details. *
20 * *
21 * You should have received a copy of the GNU General Public License *
22 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
23 * *
24 * *
25 * Cortex-M3(tm) TRM, ARM DDI 0337E (r1p1) and 0337G (r2p0) *
26 * *
27 ***************************************************************************/
28 #ifdef HAVE_CONFIG_H
29 #include "config.h"
30 #endif
31
32 #include "jtag/interface.h"
33 #include "breakpoints.h"
34 #include "cortex_m.h"
35 #include "target_request.h"
36 #include "target_type.h"
37 #include "arm_disassembler.h"
38 #include "register.h"
39 #include "arm_opcodes.h"
40 #include "arm_semihosting.h"
41 #include <helper/time_support.h>
42
43 /* NOTE: most of this should work fine for the Cortex-M1 and
44 * Cortex-M0 cores too, although they're ARMv6-M not ARMv7-M.
45 * Some differences: M0/M1 doesn't have FBP remapping or the
46 * DWT tracing/profiling support. (So the cycle counter will
47 * not be usable; the other stuff isn't currently used here.)
48 *
49 * Although there are some workarounds for errata seen only in r0p0
50 * silicon, such old parts are hard to find and thus not much tested
51 * any longer.
52 */
53
54 /**
55 * Returns the type of a break point required by address location
56 */
57 #define BKPT_TYPE_BY_ADDR(addr) ((addr) < 0x20000000 ? BKPT_HARD : BKPT_SOFT)
58
59 /* forward declarations */
60 static int cortex_m_store_core_reg_u32(struct target *target,
61 uint32_t num, uint32_t value);
62 static void cortex_m_dwt_free(struct target *target);
63
64 static int cortexm_dap_read_coreregister_u32(struct target *target,
65 uint32_t *value, int regnum)
66 {
67 struct armv7m_common *armv7m = target_to_armv7m(target);
68 int retval;
69 uint32_t dcrdr;
70
71 /* because the DCB_DCRDR is used for the emulated dcc channel
72 * we have to save/restore the DCB_DCRDR when used */
73 if (target->dbg_msg_enabled) {
74 retval = mem_ap_read_u32(armv7m->debug_ap, DCB_DCRDR, &dcrdr);
75 if (retval != ERROR_OK)
76 return retval;
77 }
78
79 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DCRSR, regnum);
80 if (retval != ERROR_OK)
81 return retval;
82
83 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DCRDR, value);
84 if (retval != ERROR_OK)
85 return retval;
86
87 if (target->dbg_msg_enabled) {
88 /* restore DCB_DCRDR - this needs to be in a separate
89 * transaction otherwise the emulated DCC channel breaks */
90 if (retval == ERROR_OK)
91 retval = mem_ap_write_atomic_u32(armv7m->debug_ap, DCB_DCRDR, dcrdr);
92 }
93
94 return retval;
95 }
96
97 static int cortexm_dap_write_coreregister_u32(struct target *target,
98 uint32_t value, int regnum)
99 {
100 struct armv7m_common *armv7m = target_to_armv7m(target);
101 int retval;
102 uint32_t dcrdr;
103
104 /* because the DCB_DCRDR is used for the emulated dcc channel
105 * we have to save/restore the DCB_DCRDR when used */
106 if (target->dbg_msg_enabled) {
107 retval = mem_ap_read_u32(armv7m->debug_ap, DCB_DCRDR, &dcrdr);
108 if (retval != ERROR_OK)
109 return retval;
110 }
111
112 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DCRDR, value);
113 if (retval != ERROR_OK)
114 return retval;
115
116 retval = mem_ap_write_atomic_u32(armv7m->debug_ap, DCB_DCRSR, regnum | DCRSR_WnR);
117 if (retval != ERROR_OK)
118 return retval;
119
120 if (target->dbg_msg_enabled) {
121 /* restore DCB_DCRDR - this needs to be in a seperate
122 * transaction otherwise the emulated DCC channel breaks */
123 if (retval == ERROR_OK)
124 retval = mem_ap_write_atomic_u32(armv7m->debug_ap, DCB_DCRDR, dcrdr);
125 }
126
127 return retval;
128 }
129
130 static int cortex_m_write_debug_halt_mask(struct target *target,
131 uint32_t mask_on, uint32_t mask_off)
132 {
133 struct cortex_m_common *cortex_m = target_to_cm(target);
134 struct armv7m_common *armv7m = &cortex_m->armv7m;
135
136 /* mask off status bits */
137 cortex_m->dcb_dhcsr &= ~((0xFFFF << 16) | mask_off);
138 /* create new register mask */
139 cortex_m->dcb_dhcsr |= DBGKEY | C_DEBUGEN | mask_on;
140
141 return mem_ap_write_atomic_u32(armv7m->debug_ap, DCB_DHCSR, cortex_m->dcb_dhcsr);
142 }
143
144 static int cortex_m_clear_halt(struct target *target)
145 {
146 struct cortex_m_common *cortex_m = target_to_cm(target);
147 struct armv7m_common *armv7m = &cortex_m->armv7m;
148 int retval;
149
150 /* clear step if any */
151 cortex_m_write_debug_halt_mask(target, C_HALT, C_STEP);
152
153 /* Read Debug Fault Status Register */
154 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, NVIC_DFSR, &cortex_m->nvic_dfsr);
155 if (retval != ERROR_OK)
156 return retval;
157
158 /* Clear Debug Fault Status */
159 retval = mem_ap_write_atomic_u32(armv7m->debug_ap, NVIC_DFSR, cortex_m->nvic_dfsr);
160 if (retval != ERROR_OK)
161 return retval;
162 LOG_DEBUG(" NVIC_DFSR 0x%" PRIx32 "", cortex_m->nvic_dfsr);
163
164 return ERROR_OK;
165 }
166
167 static int cortex_m_single_step_core(struct target *target)
168 {
169 struct cortex_m_common *cortex_m = target_to_cm(target);
170 struct armv7m_common *armv7m = &cortex_m->armv7m;
171 uint32_t dhcsr_save;
172 int retval;
173
174 /* backup dhcsr reg */
175 dhcsr_save = cortex_m->dcb_dhcsr;
176
177 /* Mask interrupts before clearing halt, if done already. This avoids
178 * Erratum 377497 (fixed in r1p0) where setting MASKINTS while clearing
179 * HALT can put the core into an unknown state.
180 */
181 if (!(cortex_m->dcb_dhcsr & C_MASKINTS)) {
182 retval = mem_ap_write_atomic_u32(armv7m->debug_ap, DCB_DHCSR,
183 DBGKEY | C_MASKINTS | C_HALT | C_DEBUGEN);
184 if (retval != ERROR_OK)
185 return retval;
186 }
187 retval = mem_ap_write_atomic_u32(armv7m->debug_ap, DCB_DHCSR,
188 DBGKEY | C_MASKINTS | C_STEP | C_DEBUGEN);
189 if (retval != ERROR_OK)
190 return retval;
191 LOG_DEBUG(" ");
192
193 /* restore dhcsr reg */
194 cortex_m->dcb_dhcsr = dhcsr_save;
195 cortex_m_clear_halt(target);
196
197 return ERROR_OK;
198 }
199
200 static int cortex_m_enable_fpb(struct target *target)
201 {
202 int retval = target_write_u32(target, FP_CTRL, 3);
203 if (retval != ERROR_OK)
204 return retval;
205
206 /* check the fpb is actually enabled */
207 uint32_t fpctrl;
208 retval = target_read_u32(target, FP_CTRL, &fpctrl);
209 if (retval != ERROR_OK)
210 return retval;
211
212 if (fpctrl & 1)
213 return ERROR_OK;
214
215 return ERROR_FAIL;
216 }
217
218 static int cortex_m_endreset_event(struct target *target)
219 {
220 int i;
221 int retval;
222 uint32_t dcb_demcr;
223 struct cortex_m_common *cortex_m = target_to_cm(target);
224 struct armv7m_common *armv7m = &cortex_m->armv7m;
225 struct adiv5_dap *swjdp = cortex_m->armv7m.arm.dap;
226 struct cortex_m_fp_comparator *fp_list = cortex_m->fp_comparator_list;
227 struct cortex_m_dwt_comparator *dwt_list = cortex_m->dwt_comparator_list;
228
229 /* REVISIT The four debug monitor bits are currently ignored... */
230 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DEMCR, &dcb_demcr);
231 if (retval != ERROR_OK)
232 return retval;
233 LOG_DEBUG("DCB_DEMCR = 0x%8.8" PRIx32 "", dcb_demcr);
234
235 /* this register is used for emulated dcc channel */
236 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DCRDR, 0);
237 if (retval != ERROR_OK)
238 return retval;
239
240 /* Enable debug requests */
241 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DHCSR, &cortex_m->dcb_dhcsr);
242 if (retval != ERROR_OK)
243 return retval;
244 if (!(cortex_m->dcb_dhcsr & C_DEBUGEN)) {
245 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DHCSR, DBGKEY | C_DEBUGEN);
246 if (retval != ERROR_OK)
247 return retval;
248 }
249
250 /* clear any interrupt masking */
251 cortex_m_write_debug_halt_mask(target, 0, C_MASKINTS);
252
253 /* Enable features controlled by ITM and DWT blocks, and catch only
254 * the vectors we were told to pay attention to.
255 *
256 * Target firmware is responsible for all fault handling policy
257 * choices *EXCEPT* explicitly scripted overrides like "vector_catch"
258 * or manual updates to the NVIC SHCSR and CCR registers.
259 */
260 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DEMCR, TRCENA | armv7m->demcr);
261 if (retval != ERROR_OK)
262 return retval;
263
264 /* Paranoia: evidently some (early?) chips don't preserve all the
265 * debug state (including FBP, DWT, etc) across reset...
266 */
267
268 /* Enable FPB */
269 retval = cortex_m_enable_fpb(target);
270 if (retval != ERROR_OK) {
271 LOG_ERROR("Failed to enable the FPB");
272 return retval;
273 }
274
275 cortex_m->fpb_enabled = 1;
276
277 /* Restore FPB registers */
278 for (i = 0; i < cortex_m->fp_num_code + cortex_m->fp_num_lit; i++) {
279 retval = target_write_u32(target, fp_list[i].fpcr_address, fp_list[i].fpcr_value);
280 if (retval != ERROR_OK)
281 return retval;
282 }
283
284 /* Restore DWT registers */
285 for (i = 0; i < cortex_m->dwt_num_comp; i++) {
286 retval = target_write_u32(target, dwt_list[i].dwt_comparator_address + 0,
287 dwt_list[i].comp);
288 if (retval != ERROR_OK)
289 return retval;
290 retval = target_write_u32(target, dwt_list[i].dwt_comparator_address + 4,
291 dwt_list[i].mask);
292 if (retval != ERROR_OK)
293 return retval;
294 retval = target_write_u32(target, dwt_list[i].dwt_comparator_address + 8,
295 dwt_list[i].function);
296 if (retval != ERROR_OK)
297 return retval;
298 }
299 retval = dap_run(swjdp);
300 if (retval != ERROR_OK)
301 return retval;
302
303 register_cache_invalidate(armv7m->arm.core_cache);
304
305 /* make sure we have latest dhcsr flags */
306 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DHCSR, &cortex_m->dcb_dhcsr);
307
308 return retval;
309 }
310
311 static int cortex_m_examine_debug_reason(struct target *target)
312 {
313 struct cortex_m_common *cortex_m = target_to_cm(target);
314
315 /* THIS IS NOT GOOD, TODO - better logic for detection of debug state reason
316 * only check the debug reason if we don't know it already */
317
318 if ((target->debug_reason != DBG_REASON_DBGRQ)
319 && (target->debug_reason != DBG_REASON_SINGLESTEP)) {
320 if (cortex_m->nvic_dfsr & DFSR_BKPT) {
321 target->debug_reason = DBG_REASON_BREAKPOINT;
322 if (cortex_m->nvic_dfsr & DFSR_DWTTRAP)
323 target->debug_reason = DBG_REASON_WPTANDBKPT;
324 } else if (cortex_m->nvic_dfsr & DFSR_DWTTRAP)
325 target->debug_reason = DBG_REASON_WATCHPOINT;
326 else if (cortex_m->nvic_dfsr & DFSR_VCATCH)
327 target->debug_reason = DBG_REASON_BREAKPOINT;
328 else /* EXTERNAL, HALTED */
329 target->debug_reason = DBG_REASON_UNDEFINED;
330 }
331
332 return ERROR_OK;
333 }
334
335 static int cortex_m_examine_exception_reason(struct target *target)
336 {
337 uint32_t shcsr = 0, except_sr = 0, cfsr = -1, except_ar = -1;
338 struct armv7m_common *armv7m = target_to_armv7m(target);
339 struct adiv5_dap *swjdp = armv7m->arm.dap;
340 int retval;
341
342 retval = mem_ap_read_u32(armv7m->debug_ap, NVIC_SHCSR, &shcsr);
343 if (retval != ERROR_OK)
344 return retval;
345 switch (armv7m->exception_number) {
346 case 2: /* NMI */
347 break;
348 case 3: /* Hard Fault */
349 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, NVIC_HFSR, &except_sr);
350 if (retval != ERROR_OK)
351 return retval;
352 if (except_sr & 0x40000000) {
353 retval = mem_ap_read_u32(armv7m->debug_ap, NVIC_CFSR, &cfsr);
354 if (retval != ERROR_OK)
355 return retval;
356 }
357 break;
358 case 4: /* Memory Management */
359 retval = mem_ap_read_u32(armv7m->debug_ap, NVIC_CFSR, &except_sr);
360 if (retval != ERROR_OK)
361 return retval;
362 retval = mem_ap_read_u32(armv7m->debug_ap, NVIC_MMFAR, &except_ar);
363 if (retval != ERROR_OK)
364 return retval;
365 break;
366 case 5: /* Bus Fault */
367 retval = mem_ap_read_u32(armv7m->debug_ap, NVIC_CFSR, &except_sr);
368 if (retval != ERROR_OK)
369 return retval;
370 retval = mem_ap_read_u32(armv7m->debug_ap, NVIC_BFAR, &except_ar);
371 if (retval != ERROR_OK)
372 return retval;
373 break;
374 case 6: /* Usage Fault */
375 retval = mem_ap_read_u32(armv7m->debug_ap, NVIC_CFSR, &except_sr);
376 if (retval != ERROR_OK)
377 return retval;
378 break;
379 case 11: /* SVCall */
380 break;
381 case 12: /* Debug Monitor */
382 retval = mem_ap_read_u32(armv7m->debug_ap, NVIC_DFSR, &except_sr);
383 if (retval != ERROR_OK)
384 return retval;
385 break;
386 case 14: /* PendSV */
387 break;
388 case 15: /* SysTick */
389 break;
390 default:
391 except_sr = 0;
392 break;
393 }
394 retval = dap_run(swjdp);
395 if (retval == ERROR_OK)
396 LOG_DEBUG("%s SHCSR 0x%" PRIx32 ", SR 0x%" PRIx32
397 ", CFSR 0x%" PRIx32 ", AR 0x%" PRIx32,
398 armv7m_exception_string(armv7m->exception_number),
399 shcsr, except_sr, cfsr, except_ar);
400 return retval;
401 }
402
403 static int cortex_m_debug_entry(struct target *target)
404 {
405 int i;
406 uint32_t xPSR;
407 int retval;
408 struct cortex_m_common *cortex_m = target_to_cm(target);
409 struct armv7m_common *armv7m = &cortex_m->armv7m;
410 struct arm *arm = &armv7m->arm;
411 struct reg *r;
412
413 LOG_DEBUG(" ");
414
415 cortex_m_clear_halt(target);
416 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DHCSR, &cortex_m->dcb_dhcsr);
417 if (retval != ERROR_OK)
418 return retval;
419
420 retval = armv7m->examine_debug_reason(target);
421 if (retval != ERROR_OK)
422 return retval;
423
424 /* Examine target state and mode
425 * First load register accessible through core debug port */
426 int num_regs = arm->core_cache->num_regs;
427
428 for (i = 0; i < num_regs; i++) {
429 r = &armv7m->arm.core_cache->reg_list[i];
430 if (!r->valid)
431 arm->read_core_reg(target, r, i, ARM_MODE_ANY);
432 }
433
434 r = arm->cpsr;
435 xPSR = buf_get_u32(r->value, 0, 32);
436
437 /* For IT instructions xPSR must be reloaded on resume and clear on debug exec */
438 if (xPSR & 0xf00) {
439 r->dirty = r->valid;
440 cortex_m_store_core_reg_u32(target, 16, xPSR & ~0xff);
441 }
442
443 /* Are we in an exception handler */
444 if (xPSR & 0x1FF) {
445 armv7m->exception_number = (xPSR & 0x1FF);
446
447 arm->core_mode = ARM_MODE_HANDLER;
448 arm->map = armv7m_msp_reg_map;
449 } else {
450 unsigned control = buf_get_u32(arm->core_cache
451 ->reg_list[ARMV7M_CONTROL].value, 0, 2);
452
453 /* is this thread privileged? */
454 arm->core_mode = control & 1
455 ? ARM_MODE_USER_THREAD
456 : ARM_MODE_THREAD;
457
458 /* which stack is it using? */
459 if (control & 2)
460 arm->map = armv7m_psp_reg_map;
461 else
462 arm->map = armv7m_msp_reg_map;
463
464 armv7m->exception_number = 0;
465 }
466
467 if (armv7m->exception_number)
468 cortex_m_examine_exception_reason(target);
469
470 LOG_DEBUG("entered debug state in core mode: %s at PC 0x%" PRIx32 ", target->state: %s",
471 arm_mode_name(arm->core_mode),
472 buf_get_u32(arm->pc->value, 0, 32),
473 target_state_name(target));
474
475 if (armv7m->post_debug_entry) {
476 retval = armv7m->post_debug_entry(target);
477 if (retval != ERROR_OK)
478 return retval;
479 }
480
481 return ERROR_OK;
482 }
483
484 static int cortex_m_poll(struct target *target)
485 {
486 int detected_failure = ERROR_OK;
487 int retval = ERROR_OK;
488 enum target_state prev_target_state = target->state;
489 struct cortex_m_common *cortex_m = target_to_cm(target);
490 struct armv7m_common *armv7m = &cortex_m->armv7m;
491
492 /* Read from Debug Halting Control and Status Register */
493 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DHCSR, &cortex_m->dcb_dhcsr);
494 if (retval != ERROR_OK) {
495 target->state = TARGET_UNKNOWN;
496 return retval;
497 }
498
499 /* Recover from lockup. See ARMv7-M architecture spec,
500 * section B1.5.15 "Unrecoverable exception cases".
501 */
502 if (cortex_m->dcb_dhcsr & S_LOCKUP) {
503 LOG_ERROR("%s -- clearing lockup after double fault",
504 target_name(target));
505 cortex_m_write_debug_halt_mask(target, C_HALT, 0);
506 target->debug_reason = DBG_REASON_DBGRQ;
507
508 /* We have to execute the rest (the "finally" equivalent, but
509 * still throw this exception again).
510 */
511 detected_failure = ERROR_FAIL;
512
513 /* refresh status bits */
514 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DHCSR, &cortex_m->dcb_dhcsr);
515 if (retval != ERROR_OK)
516 return retval;
517 }
518
519 if (cortex_m->dcb_dhcsr & S_RESET_ST) {
520 target->state = TARGET_RESET;
521 return ERROR_OK;
522 }
523
524 if (target->state == TARGET_RESET) {
525 /* Cannot switch context while running so endreset is
526 * called with target->state == TARGET_RESET
527 */
528 LOG_DEBUG("Exit from reset with dcb_dhcsr 0x%" PRIx32,
529 cortex_m->dcb_dhcsr);
530 retval = cortex_m_endreset_event(target);
531 if (retval != ERROR_OK) {
532 target->state = TARGET_UNKNOWN;
533 return retval;
534 }
535 target->state = TARGET_RUNNING;
536 prev_target_state = TARGET_RUNNING;
537 }
538
539 if (cortex_m->dcb_dhcsr & S_HALT) {
540 target->state = TARGET_HALTED;
541
542 if ((prev_target_state == TARGET_RUNNING) || (prev_target_state == TARGET_RESET)) {
543 retval = cortex_m_debug_entry(target);
544 if (retval != ERROR_OK)
545 return retval;
546
547 if (arm_semihosting(target, &retval) != 0)
548 return retval;
549
550 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
551 }
552 if (prev_target_state == TARGET_DEBUG_RUNNING) {
553 LOG_DEBUG(" ");
554 retval = cortex_m_debug_entry(target);
555 if (retval != ERROR_OK)
556 return retval;
557
558 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
559 }
560 }
561
562 /* REVISIT when S_SLEEP is set, it's in a Sleep or DeepSleep state.
563 * How best to model low power modes?
564 */
565
566 if (target->state == TARGET_UNKNOWN) {
567 /* check if processor is retiring instructions */
568 if (cortex_m->dcb_dhcsr & S_RETIRE_ST) {
569 target->state = TARGET_RUNNING;
570 retval = ERROR_OK;
571 }
572 }
573
574 /* Did we detect a failure condition that we cleared? */
575 if (detected_failure != ERROR_OK)
576 retval = detected_failure;
577 return retval;
578 }
579
580 static int cortex_m_halt(struct target *target)
581 {
582 LOG_DEBUG("target->state: %s",
583 target_state_name(target));
584
585 if (target->state == TARGET_HALTED) {
586 LOG_DEBUG("target was already halted");
587 return ERROR_OK;
588 }
589
590 if (target->state == TARGET_UNKNOWN)
591 LOG_WARNING("target was in unknown state when halt was requested");
592
593 if (target->state == TARGET_RESET) {
594 if ((jtag_get_reset_config() & RESET_SRST_PULLS_TRST) && jtag_get_srst()) {
595 LOG_ERROR("can't request a halt while in reset if nSRST pulls nTRST");
596 return ERROR_TARGET_FAILURE;
597 } else {
598 /* we came here in a reset_halt or reset_init sequence
599 * debug entry was already prepared in cortex_m3_assert_reset()
600 */
601 target->debug_reason = DBG_REASON_DBGRQ;
602
603 return ERROR_OK;
604 }
605 }
606
607 /* Write to Debug Halting Control and Status Register */
608 cortex_m_write_debug_halt_mask(target, C_HALT, 0);
609
610 target->debug_reason = DBG_REASON_DBGRQ;
611
612 return ERROR_OK;
613 }
614
615 static int cortex_m_soft_reset_halt(struct target *target)
616 {
617 struct cortex_m_common *cortex_m = target_to_cm(target);
618 struct armv7m_common *armv7m = &cortex_m->armv7m;
619 uint32_t dcb_dhcsr = 0;
620 int retval, timeout = 0;
621
622 /* soft_reset_halt is deprecated on cortex_m as the same functionality
623 * can be obtained by using 'reset halt' and 'cortex_m reset_config vectreset'
624 * As this reset only used VC_CORERESET it would only ever reset the cortex_m
625 * core, not the peripherals */
626 LOG_WARNING("soft_reset_halt is deprecated, please use 'reset halt' instead.");
627
628 /* Enter debug state on reset; restore DEMCR in endreset_event() */
629 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DEMCR,
630 TRCENA | VC_HARDERR | VC_BUSERR | VC_CORERESET);
631 if (retval != ERROR_OK)
632 return retval;
633
634 /* Request a core-only reset */
635 retval = mem_ap_write_atomic_u32(armv7m->debug_ap, NVIC_AIRCR,
636 AIRCR_VECTKEY | AIRCR_VECTRESET);
637 if (retval != ERROR_OK)
638 return retval;
639 target->state = TARGET_RESET;
640
641 /* registers are now invalid */
642 register_cache_invalidate(cortex_m->armv7m.arm.core_cache);
643
644 while (timeout < 100) {
645 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DHCSR, &dcb_dhcsr);
646 if (retval == ERROR_OK) {
647 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, NVIC_DFSR,
648 &cortex_m->nvic_dfsr);
649 if (retval != ERROR_OK)
650 return retval;
651 if ((dcb_dhcsr & S_HALT)
652 && (cortex_m->nvic_dfsr & DFSR_VCATCH)) {
653 LOG_DEBUG("system reset-halted, DHCSR 0x%08x, "
654 "DFSR 0x%08x",
655 (unsigned) dcb_dhcsr,
656 (unsigned) cortex_m->nvic_dfsr);
657 cortex_m_poll(target);
658 /* FIXME restore user's vector catch config */
659 return ERROR_OK;
660 } else
661 LOG_DEBUG("waiting for system reset-halt, "
662 "DHCSR 0x%08x, %d ms",
663 (unsigned) dcb_dhcsr, timeout);
664 }
665 timeout++;
666 alive_sleep(1);
667 }
668
669 return ERROR_OK;
670 }
671
672 void cortex_m_enable_breakpoints(struct target *target)
673 {
674 struct breakpoint *breakpoint = target->breakpoints;
675
676 /* set any pending breakpoints */
677 while (breakpoint) {
678 if (!breakpoint->set)
679 cortex_m_set_breakpoint(target, breakpoint);
680 breakpoint = breakpoint->next;
681 }
682 }
683
684 static int cortex_m_resume(struct target *target, int current,
685 uint32_t address, int handle_breakpoints, int debug_execution)
686 {
687 struct armv7m_common *armv7m = target_to_armv7m(target);
688 struct breakpoint *breakpoint = NULL;
689 uint32_t resume_pc;
690 struct reg *r;
691
692 if (target->state != TARGET_HALTED) {
693 LOG_WARNING("target not halted");
694 return ERROR_TARGET_NOT_HALTED;
695 }
696
697 if (!debug_execution) {
698 target_free_all_working_areas(target);
699 cortex_m_enable_breakpoints(target);
700 cortex_m_enable_watchpoints(target);
701 }
702
703 if (debug_execution) {
704 r = armv7m->arm.core_cache->reg_list + ARMV7M_PRIMASK;
705
706 /* Disable interrupts */
707 /* We disable interrupts in the PRIMASK register instead of
708 * masking with C_MASKINTS. This is probably the same issue
709 * as Cortex-M3 Erratum 377493 (fixed in r1p0): C_MASKINTS
710 * in parallel with disabled interrupts can cause local faults
711 * to not be taken.
712 *
713 * REVISIT this clearly breaks non-debug execution, since the
714 * PRIMASK register state isn't saved/restored... workaround
715 * by never resuming app code after debug execution.
716 */
717 buf_set_u32(r->value, 0, 1, 1);
718 r->dirty = true;
719 r->valid = true;
720
721 /* Make sure we are in Thumb mode */
722 r = armv7m->arm.cpsr;
723 buf_set_u32(r->value, 24, 1, 1);
724 r->dirty = true;
725 r->valid = true;
726 }
727
728 /* current = 1: continue on current pc, otherwise continue at <address> */
729 r = armv7m->arm.pc;
730 if (!current) {
731 buf_set_u32(r->value, 0, 32, address);
732 r->dirty = true;
733 r->valid = true;
734 }
735
736 /* if we halted last time due to a bkpt instruction
737 * then we have to manually step over it, otherwise
738 * the core will break again */
739
740 if (!breakpoint_find(target, buf_get_u32(r->value, 0, 32))
741 && !debug_execution)
742 armv7m_maybe_skip_bkpt_inst(target, NULL);
743
744 resume_pc = buf_get_u32(r->value, 0, 32);
745
746 armv7m_restore_context(target);
747
748 /* the front-end may request us not to handle breakpoints */
749 if (handle_breakpoints) {
750 /* Single step past breakpoint at current address */
751 breakpoint = breakpoint_find(target, resume_pc);
752 if (breakpoint) {
753 LOG_DEBUG("unset breakpoint at 0x%8.8" PRIx32 " (ID: %" PRIu32 ")",
754 breakpoint->address,
755 breakpoint->unique_id);
756 cortex_m_unset_breakpoint(target, breakpoint);
757 cortex_m_single_step_core(target);
758 cortex_m_set_breakpoint(target, breakpoint);
759 }
760 }
761
762 /* Restart core */
763 cortex_m_write_debug_halt_mask(target, 0, C_HALT);
764
765 target->debug_reason = DBG_REASON_NOTHALTED;
766
767 /* registers are now invalid */
768 register_cache_invalidate(armv7m->arm.core_cache);
769
770 if (!debug_execution) {
771 target->state = TARGET_RUNNING;
772 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
773 LOG_DEBUG("target resumed at 0x%" PRIx32 "", resume_pc);
774 } else {
775 target->state = TARGET_DEBUG_RUNNING;
776 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
777 LOG_DEBUG("target debug resumed at 0x%" PRIx32 "", resume_pc);
778 }
779
780 return ERROR_OK;
781 }
782
783 /* int irqstepcount = 0; */
784 static int cortex_m_step(struct target *target, int current,
785 uint32_t address, int handle_breakpoints)
786 {
787 struct cortex_m_common *cortex_m = target_to_cm(target);
788 struct armv7m_common *armv7m = &cortex_m->armv7m;
789 struct breakpoint *breakpoint = NULL;
790 struct reg *pc = armv7m->arm.pc;
791 bool bkpt_inst_found = false;
792 int retval;
793 bool isr_timed_out = false;
794
795 if (target->state != TARGET_HALTED) {
796 LOG_WARNING("target not halted");
797 return ERROR_TARGET_NOT_HALTED;
798 }
799
800 /* current = 1: continue on current pc, otherwise continue at <address> */
801 if (!current)
802 buf_set_u32(pc->value, 0, 32, address);
803
804 uint32_t pc_value = buf_get_u32(pc->value, 0, 32);
805
806 /* the front-end may request us not to handle breakpoints */
807 if (handle_breakpoints) {
808 breakpoint = breakpoint_find(target, pc_value);
809 if (breakpoint)
810 cortex_m_unset_breakpoint(target, breakpoint);
811 }
812
813 armv7m_maybe_skip_bkpt_inst(target, &bkpt_inst_found);
814
815 target->debug_reason = DBG_REASON_SINGLESTEP;
816
817 armv7m_restore_context(target);
818
819 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
820
821 /* if no bkpt instruction is found at pc then we can perform
822 * a normal step, otherwise we have to manually step over the bkpt
823 * instruction - as such simulate a step */
824 if (bkpt_inst_found == false) {
825 /* Automatic ISR masking mode off: Just step over the next instruction */
826 if ((cortex_m->isrmasking_mode != CORTEX_M_ISRMASK_AUTO))
827 cortex_m_write_debug_halt_mask(target, C_STEP, C_HALT);
828 else {
829 /* Process interrupts during stepping in a way they don't interfere
830 * debugging.
831 *
832 * Principle:
833 *
834 * Set a temporary break point at the current pc and let the core run
835 * with interrupts enabled. Pending interrupts get served and we run
836 * into the breakpoint again afterwards. Then we step over the next
837 * instruction with interrupts disabled.
838 *
839 * If the pending interrupts don't complete within time, we leave the
840 * core running. This may happen if the interrupts trigger faster
841 * than the core can process them or the handler doesn't return.
842 *
843 * If no more breakpoints are available we simply do a step with
844 * interrupts enabled.
845 *
846 */
847
848 /* 2012-09-29 ph
849 *
850 * If a break point is already set on the lower half word then a break point on
851 * the upper half word will not break again when the core is restarted. So we
852 * just step over the instruction with interrupts disabled.
853 *
854 * The documentation has no information about this, it was found by observation
855 * on STM32F1 and STM32F2. Proper explanation welcome. STM32F0 dosen't seem to
856 * suffer from this problem.
857 *
858 * To add some confusion: pc_value has bit 0 always set, while the breakpoint
859 * address has it always cleared. The former is done to indicate thumb mode
860 * to gdb.
861 *
862 */
863 if ((pc_value & 0x02) && breakpoint_find(target, pc_value & ~0x03)) {
864 LOG_DEBUG("Stepping over next instruction with interrupts disabled");
865 cortex_m_write_debug_halt_mask(target, C_HALT | C_MASKINTS, 0);
866 cortex_m_write_debug_halt_mask(target, C_STEP, C_HALT);
867 /* Re-enable interrupts */
868 cortex_m_write_debug_halt_mask(target, C_HALT, C_MASKINTS);
869 }
870 else {
871
872 /* Set a temporary break point */
873 if (breakpoint)
874 retval = cortex_m_set_breakpoint(target, breakpoint);
875 else
876 retval = breakpoint_add(target, pc_value, 2, BKPT_TYPE_BY_ADDR(pc_value));
877 bool tmp_bp_set = (retval == ERROR_OK);
878
879 /* No more breakpoints left, just do a step */
880 if (!tmp_bp_set)
881 cortex_m_write_debug_halt_mask(target, C_STEP, C_HALT);
882 else {
883 /* Start the core */
884 LOG_DEBUG("Starting core to serve pending interrupts");
885 int64_t t_start = timeval_ms();
886 cortex_m_write_debug_halt_mask(target, 0, C_HALT | C_STEP);
887
888 /* Wait for pending handlers to complete or timeout */
889 do {
890 retval = mem_ap_read_atomic_u32(armv7m->debug_ap,
891 DCB_DHCSR,
892 &cortex_m->dcb_dhcsr);
893 if (retval != ERROR_OK) {
894 target->state = TARGET_UNKNOWN;
895 return retval;
896 }
897 isr_timed_out = ((timeval_ms() - t_start) > 500);
898 } while (!((cortex_m->dcb_dhcsr & S_HALT) || isr_timed_out));
899
900 /* only remove breakpoint if we created it */
901 if (breakpoint)
902 cortex_m_unset_breakpoint(target, breakpoint);
903 else {
904 /* Remove the temporary breakpoint */
905 breakpoint_remove(target, pc_value);
906 }
907
908 if (isr_timed_out) {
909 LOG_DEBUG("Interrupt handlers didn't complete within time, "
910 "leaving target running");
911 } else {
912 /* Step over next instruction with interrupts disabled */
913 cortex_m_write_debug_halt_mask(target,
914 C_HALT | C_MASKINTS,
915 0);
916 cortex_m_write_debug_halt_mask(target, C_STEP, C_HALT);
917 /* Re-enable interrupts */
918 cortex_m_write_debug_halt_mask(target, C_HALT, C_MASKINTS);
919 }
920 }
921 }
922 }
923 }
924
925 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DHCSR, &cortex_m->dcb_dhcsr);
926 if (retval != ERROR_OK)
927 return retval;
928
929 /* registers are now invalid */
930 register_cache_invalidate(armv7m->arm.core_cache);
931
932 if (breakpoint)
933 cortex_m_set_breakpoint(target, breakpoint);
934
935 if (isr_timed_out) {
936 /* Leave the core running. The user has to stop execution manually. */
937 target->debug_reason = DBG_REASON_NOTHALTED;
938 target->state = TARGET_RUNNING;
939 return ERROR_OK;
940 }
941
942 LOG_DEBUG("target stepped dcb_dhcsr = 0x%" PRIx32
943 " nvic_icsr = 0x%" PRIx32,
944 cortex_m->dcb_dhcsr, cortex_m->nvic_icsr);
945
946 retval = cortex_m_debug_entry(target);
947 if (retval != ERROR_OK)
948 return retval;
949 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
950
951 LOG_DEBUG("target stepped dcb_dhcsr = 0x%" PRIx32
952 " nvic_icsr = 0x%" PRIx32,
953 cortex_m->dcb_dhcsr, cortex_m->nvic_icsr);
954
955 return ERROR_OK;
956 }
957
958 static int cortex_m_assert_reset(struct target *target)
959 {
960 struct cortex_m_common *cortex_m = target_to_cm(target);
961 struct armv7m_common *armv7m = &cortex_m->armv7m;
962 enum cortex_m_soft_reset_config reset_config = cortex_m->soft_reset_config;
963
964 LOG_DEBUG("target->state: %s",
965 target_state_name(target));
966
967 enum reset_types jtag_reset_config = jtag_get_reset_config();
968
969 if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT)) {
970 /* allow scripts to override the reset event */
971
972 target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
973 register_cache_invalidate(cortex_m->armv7m.arm.core_cache);
974 target->state = TARGET_RESET;
975
976 return ERROR_OK;
977 }
978
979 /* some cores support connecting while srst is asserted
980 * use that mode is it has been configured */
981
982 bool srst_asserted = false;
983
984 if (!target_was_examined(target)) {
985 if (jtag_reset_config & RESET_HAS_SRST) {
986 adapter_assert_reset();
987 if (target->reset_halt)
988 LOG_ERROR("Target not examined, will not halt after reset!");
989 return ERROR_OK;
990 } else {
991 LOG_ERROR("Target not examined, reset NOT asserted!");
992 return ERROR_FAIL;
993 }
994 }
995
996 if ((jtag_reset_config & RESET_HAS_SRST) &&
997 (jtag_reset_config & RESET_SRST_NO_GATING)) {
998 adapter_assert_reset();
999 srst_asserted = true;
1000 }
1001
1002 /* Enable debug requests */
1003 int retval;
1004 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DHCSR, &cortex_m->dcb_dhcsr);
1005 /* Store important errors instead of failing and proceed to reset assert */
1006
1007 if (retval != ERROR_OK || !(cortex_m->dcb_dhcsr & C_DEBUGEN))
1008 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DHCSR, DBGKEY | C_DEBUGEN);
1009
1010 /* If the processor is sleeping in a WFI or WFE instruction, the
1011 * C_HALT bit must be asserted to regain control */
1012 if (retval == ERROR_OK && (cortex_m->dcb_dhcsr & S_SLEEP))
1013 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DHCSR, DBGKEY | C_HALT | C_DEBUGEN);
1014
1015 mem_ap_write_u32(armv7m->debug_ap, DCB_DCRDR, 0);
1016 /* Ignore less important errors */
1017
1018 if (!target->reset_halt) {
1019 /* Set/Clear C_MASKINTS in a separate operation */
1020 if (cortex_m->dcb_dhcsr & C_MASKINTS)
1021 mem_ap_write_atomic_u32(armv7m->debug_ap, DCB_DHCSR,
1022 DBGKEY | C_DEBUGEN | C_HALT);
1023
1024 /* clear any debug flags before resuming */
1025 cortex_m_clear_halt(target);
1026
1027 /* clear C_HALT in dhcsr reg */
1028 cortex_m_write_debug_halt_mask(target, 0, C_HALT);
1029 } else {
1030 /* Halt in debug on reset; endreset_event() restores DEMCR.
1031 *
1032 * REVISIT catching BUSERR presumably helps to defend against
1033 * bad vector table entries. Should this include MMERR or
1034 * other flags too?
1035 */
1036 int retval2;
1037 retval2 = mem_ap_write_atomic_u32(armv7m->debug_ap, DCB_DEMCR,
1038 TRCENA | VC_HARDERR | VC_BUSERR | VC_CORERESET);
1039 if (retval != ERROR_OK || retval2 != ERROR_OK)
1040 LOG_INFO("AP write error, reset will not halt");
1041 }
1042
1043 if (jtag_reset_config & RESET_HAS_SRST) {
1044 /* default to asserting srst */
1045 if (!srst_asserted)
1046 adapter_assert_reset();
1047
1048 /* srst is asserted, ignore AP access errors */
1049 retval = ERROR_OK;
1050 } else {
1051 /* Use a standard Cortex-M3 software reset mechanism.
1052 * We default to using VECRESET as it is supported on all current cores.
1053 * This has the disadvantage of not resetting the peripherals, so a
1054 * reset-init event handler is needed to perform any peripheral resets.
1055 */
1056 LOG_DEBUG("Using Cortex-M %s", (reset_config == CORTEX_M_RESET_SYSRESETREQ)
1057 ? "SYSRESETREQ" : "VECTRESET");
1058
1059 if (reset_config == CORTEX_M_RESET_VECTRESET) {
1060 LOG_WARNING("Only resetting the Cortex-M core, use a reset-init event "
1061 "handler to reset any peripherals or configure hardware srst support.");
1062 }
1063
1064 int retval3;
1065 retval3 = mem_ap_write_atomic_u32(armv7m->debug_ap, NVIC_AIRCR,
1066 AIRCR_VECTKEY | ((reset_config == CORTEX_M_RESET_SYSRESETREQ)
1067 ? AIRCR_SYSRESETREQ : AIRCR_VECTRESET));
1068 if (retval3 != ERROR_OK)
1069 LOG_DEBUG("Ignoring AP write error right after reset");
1070
1071 retval3 = dap_dp_init(armv7m->debug_ap->dap);
1072 if (retval3 != ERROR_OK)
1073 LOG_ERROR("DP initialisation failed");
1074
1075 else {
1076 /* I do not know why this is necessary, but it
1077 * fixes strange effects (step/resume cause NMI
1078 * after reset) on LM3S6918 -- Michael Schwingen
1079 */
1080 uint32_t tmp;
1081 mem_ap_read_atomic_u32(armv7m->debug_ap, NVIC_AIRCR, &tmp);
1082 }
1083 }
1084
1085 target->state = TARGET_RESET;
1086 jtag_add_sleep(50000);
1087
1088 register_cache_invalidate(cortex_m->armv7m.arm.core_cache);
1089
1090 /* now return stored error code if any */
1091 if (retval != ERROR_OK)
1092 return retval;
1093
1094 if (target->reset_halt) {
1095 retval = target_halt(target);
1096 if (retval != ERROR_OK)
1097 return retval;
1098 }
1099
1100 return ERROR_OK;
1101 }
1102
1103 static int cortex_m_deassert_reset(struct target *target)
1104 {
1105 struct armv7m_common *armv7m = &target_to_cm(target)->armv7m;
1106
1107 LOG_DEBUG("target->state: %s",
1108 target_state_name(target));
1109
1110 /* deassert reset lines */
1111 adapter_deassert_reset();
1112
1113 enum reset_types jtag_reset_config = jtag_get_reset_config();
1114
1115 if ((jtag_reset_config & RESET_HAS_SRST) &&
1116 !(jtag_reset_config & RESET_SRST_NO_GATING) &&
1117 target_was_examined(target)) {
1118 int retval = dap_dp_init(armv7m->debug_ap->dap);
1119 if (retval != ERROR_OK) {
1120 LOG_ERROR("DP initialisation failed");
1121 return retval;
1122 }
1123 }
1124
1125 return ERROR_OK;
1126 }
1127
1128 int cortex_m_set_breakpoint(struct target *target, struct breakpoint *breakpoint)
1129 {
1130 int retval;
1131 int fp_num = 0;
1132 struct cortex_m_common *cortex_m = target_to_cm(target);
1133 struct cortex_m_fp_comparator *comparator_list = cortex_m->fp_comparator_list;
1134
1135 if (breakpoint->set) {
1136 LOG_WARNING("breakpoint (BPID: %" PRIu32 ") already set", breakpoint->unique_id);
1137 return ERROR_OK;
1138 }
1139
1140 if (cortex_m->auto_bp_type)
1141 breakpoint->type = BKPT_TYPE_BY_ADDR(breakpoint->address);
1142
1143 if (breakpoint->type == BKPT_HARD) {
1144 uint32_t fpcr_value;
1145 while (comparator_list[fp_num].used && (fp_num < cortex_m->fp_num_code))
1146 fp_num++;
1147 if (fp_num >= cortex_m->fp_num_code) {
1148 LOG_ERROR("Can not find free FPB Comparator!");
1149 return ERROR_FAIL;
1150 }
1151 breakpoint->set = fp_num + 1;
1152 fpcr_value = breakpoint->address | 1;
1153 if (cortex_m->fp_rev == 0) {
1154 uint32_t hilo;
1155 hilo = (breakpoint->address & 0x2) ? FPCR_REPLACE_BKPT_HIGH : FPCR_REPLACE_BKPT_LOW;
1156 fpcr_value = (fpcr_value & 0x1FFFFFFC) | hilo | 1;
1157 } else if (cortex_m->fp_rev > 1) {
1158 LOG_ERROR("Unhandled Cortex-M Flash Patch Breakpoint architecture revision");
1159 return ERROR_FAIL;
1160 }
1161 comparator_list[fp_num].used = 1;
1162 comparator_list[fp_num].fpcr_value = fpcr_value;
1163 target_write_u32(target, comparator_list[fp_num].fpcr_address,
1164 comparator_list[fp_num].fpcr_value);
1165 LOG_DEBUG("fpc_num %i fpcr_value 0x%" PRIx32 "",
1166 fp_num,
1167 comparator_list[fp_num].fpcr_value);
1168 if (!cortex_m->fpb_enabled) {
1169 LOG_DEBUG("FPB wasn't enabled, do it now");
1170 retval = cortex_m_enable_fpb(target);
1171 if (retval != ERROR_OK) {
1172 LOG_ERROR("Failed to enable the FPB");
1173 return retval;
1174 }
1175
1176 cortex_m->fpb_enabled = 1;
1177 }
1178 } else if (breakpoint->type == BKPT_SOFT) {
1179 uint8_t code[4];
1180
1181 /* NOTE: on ARMv6-M and ARMv7-M, BKPT(0xab) is used for
1182 * semihosting; don't use that. Otherwise the BKPT
1183 * parameter is arbitrary.
1184 */
1185 buf_set_u32(code, 0, 32, ARMV5_T_BKPT(0x11));
1186 retval = target_read_memory(target,
1187 breakpoint->address & 0xFFFFFFFE,
1188 breakpoint->length, 1,
1189 breakpoint->orig_instr);
1190 if (retval != ERROR_OK)
1191 return retval;
1192 retval = target_write_memory(target,
1193 breakpoint->address & 0xFFFFFFFE,
1194 breakpoint->length, 1,
1195 code);
1196 if (retval != ERROR_OK)
1197 return retval;
1198 breakpoint->set = true;
1199 }
1200
1201 LOG_DEBUG("BPID: %" PRIu32 ", Type: %d, Address: 0x%08" PRIx32 " Length: %d (set=%d)",
1202 breakpoint->unique_id,
1203 (int)(breakpoint->type),
1204 breakpoint->address,
1205 breakpoint->length,
1206 breakpoint->set);
1207
1208 return ERROR_OK;
1209 }
1210
1211 int cortex_m_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
1212 {
1213 int retval;
1214 struct cortex_m_common *cortex_m = target_to_cm(target);
1215 struct cortex_m_fp_comparator *comparator_list = cortex_m->fp_comparator_list;
1216
1217 if (!breakpoint->set) {
1218 LOG_WARNING("breakpoint not set");
1219 return ERROR_OK;
1220 }
1221
1222 LOG_DEBUG("BPID: %" PRIu32 ", Type: %d, Address: 0x%08" PRIx32 " Length: %d (set=%d)",
1223 breakpoint->unique_id,
1224 (int)(breakpoint->type),
1225 breakpoint->address,
1226 breakpoint->length,
1227 breakpoint->set);
1228
1229 if (breakpoint->type == BKPT_HARD) {
1230 int fp_num = breakpoint->set - 1;
1231 if ((fp_num < 0) || (fp_num >= cortex_m->fp_num_code)) {
1232 LOG_DEBUG("Invalid FP Comparator number in breakpoint");
1233 return ERROR_OK;
1234 }
1235 comparator_list[fp_num].used = 0;
1236 comparator_list[fp_num].fpcr_value = 0;
1237 target_write_u32(target, comparator_list[fp_num].fpcr_address,
1238 comparator_list[fp_num].fpcr_value);
1239 } else {
1240 /* restore original instruction (kept in target endianness) */
1241 if (breakpoint->length == 4) {
1242 retval = target_write_memory(target, breakpoint->address & 0xFFFFFFFE, 4, 1,
1243 breakpoint->orig_instr);
1244 if (retval != ERROR_OK)
1245 return retval;
1246 } else {
1247 retval = target_write_memory(target, breakpoint->address & 0xFFFFFFFE, 2, 1,
1248 breakpoint->orig_instr);
1249 if (retval != ERROR_OK)
1250 return retval;
1251 }
1252 }
1253 breakpoint->set = false;
1254
1255 return ERROR_OK;
1256 }
1257
1258 int cortex_m_add_breakpoint(struct target *target, struct breakpoint *breakpoint)
1259 {
1260 struct cortex_m_common *cortex_m = target_to_cm(target);
1261
1262 if (cortex_m->auto_bp_type)
1263 breakpoint->type = BKPT_TYPE_BY_ADDR(breakpoint->address);
1264
1265 if (breakpoint->type != BKPT_TYPE_BY_ADDR(breakpoint->address)) {
1266 if (breakpoint->type == BKPT_HARD) {
1267 LOG_INFO("flash patch comparator requested outside code memory region");
1268 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1269 }
1270
1271 if (breakpoint->type == BKPT_SOFT) {
1272 LOG_INFO("soft breakpoint requested in code (flash) memory region");
1273 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1274 }
1275 }
1276
1277 if ((breakpoint->type == BKPT_HARD) && (cortex_m->fp_code_available < 1)) {
1278 LOG_INFO("no flash patch comparator unit available for hardware breakpoint");
1279 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1280 }
1281
1282 if (breakpoint->length == 3) {
1283 LOG_DEBUG("Using a two byte breakpoint for 32bit Thumb-2 request");
1284 breakpoint->length = 2;
1285 }
1286
1287 if ((breakpoint->length != 2)) {
1288 LOG_INFO("only breakpoints of two bytes length supported");
1289 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1290 }
1291
1292 if (breakpoint->type == BKPT_HARD)
1293 cortex_m->fp_code_available--;
1294
1295 return cortex_m_set_breakpoint(target, breakpoint);
1296 }
1297
1298 int cortex_m_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
1299 {
1300 struct cortex_m_common *cortex_m = target_to_cm(target);
1301
1302 /* REVISIT why check? FBP can be updated with core running ... */
1303 if (target->state != TARGET_HALTED) {
1304 LOG_WARNING("target not halted");
1305 return ERROR_TARGET_NOT_HALTED;
1306 }
1307
1308 if (cortex_m->auto_bp_type)
1309 breakpoint->type = BKPT_TYPE_BY_ADDR(breakpoint->address);
1310
1311 if (breakpoint->set)
1312 cortex_m_unset_breakpoint(target, breakpoint);
1313
1314 if (breakpoint->type == BKPT_HARD)
1315 cortex_m->fp_code_available++;
1316
1317 return ERROR_OK;
1318 }
1319
1320 int cortex_m_set_watchpoint(struct target *target, struct watchpoint *watchpoint)
1321 {
1322 int dwt_num = 0;
1323 uint32_t mask, temp;
1324 struct cortex_m_common *cortex_m = target_to_cm(target);
1325
1326 /* watchpoint params were validated earlier */
1327 mask = 0;
1328 temp = watchpoint->length;
1329 while (temp) {
1330 temp >>= 1;
1331 mask++;
1332 }
1333 mask--;
1334
1335 /* REVISIT Don't fully trust these "not used" records ... users
1336 * may set up breakpoints by hand, e.g. dual-address data value
1337 * watchpoint using comparator #1; comparator #0 matching cycle
1338 * count; send data trace info through ITM and TPIU; etc
1339 */
1340 struct cortex_m_dwt_comparator *comparator;
1341
1342 for (comparator = cortex_m->dwt_comparator_list;
1343 comparator->used && dwt_num < cortex_m->dwt_num_comp;
1344 comparator++, dwt_num++)
1345 continue;
1346 if (dwt_num >= cortex_m->dwt_num_comp) {
1347 LOG_ERROR("Can not find free DWT Comparator");
1348 return ERROR_FAIL;
1349 }
1350 comparator->used = 1;
1351 watchpoint->set = dwt_num + 1;
1352
1353 comparator->comp = watchpoint->address;
1354 target_write_u32(target, comparator->dwt_comparator_address + 0,
1355 comparator->comp);
1356
1357 comparator->mask = mask;
1358 target_write_u32(target, comparator->dwt_comparator_address + 4,
1359 comparator->mask);
1360
1361 switch (watchpoint->rw) {
1362 case WPT_READ:
1363 comparator->function = 5;
1364 break;
1365 case WPT_WRITE:
1366 comparator->function = 6;
1367 break;
1368 case WPT_ACCESS:
1369 comparator->function = 7;
1370 break;
1371 }
1372 target_write_u32(target, comparator->dwt_comparator_address + 8,
1373 comparator->function);
1374
1375 LOG_DEBUG("Watchpoint (ID %d) DWT%d 0x%08x 0x%x 0x%05x",
1376 watchpoint->unique_id, dwt_num,
1377 (unsigned) comparator->comp,
1378 (unsigned) comparator->mask,
1379 (unsigned) comparator->function);
1380 return ERROR_OK;
1381 }
1382
1383 int cortex_m_unset_watchpoint(struct target *target, struct watchpoint *watchpoint)
1384 {
1385 struct cortex_m_common *cortex_m = target_to_cm(target);
1386 struct cortex_m_dwt_comparator *comparator;
1387 int dwt_num;
1388
1389 if (!watchpoint->set) {
1390 LOG_WARNING("watchpoint (wpid: %d) not set",
1391 watchpoint->unique_id);
1392 return ERROR_OK;
1393 }
1394
1395 dwt_num = watchpoint->set - 1;
1396
1397 LOG_DEBUG("Watchpoint (ID %d) DWT%d address: 0x%08x clear",
1398 watchpoint->unique_id, dwt_num,
1399 (unsigned) watchpoint->address);
1400
1401 if ((dwt_num < 0) || (dwt_num >= cortex_m->dwt_num_comp)) {
1402 LOG_DEBUG("Invalid DWT Comparator number in watchpoint");
1403 return ERROR_OK;
1404 }
1405
1406 comparator = cortex_m->dwt_comparator_list + dwt_num;
1407 comparator->used = 0;
1408 comparator->function = 0;
1409 target_write_u32(target, comparator->dwt_comparator_address + 8,
1410 comparator->function);
1411
1412 watchpoint->set = false;
1413
1414 return ERROR_OK;
1415 }
1416
1417 int cortex_m_add_watchpoint(struct target *target, struct watchpoint *watchpoint)
1418 {
1419 struct cortex_m_common *cortex_m = target_to_cm(target);
1420
1421 if (cortex_m->dwt_comp_available < 1) {
1422 LOG_DEBUG("no comparators?");
1423 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1424 }
1425
1426 /* hardware doesn't support data value masking */
1427 if (watchpoint->mask != ~(uint32_t)0) {
1428 LOG_DEBUG("watchpoint value masks not supported");
1429 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1430 }
1431
1432 /* hardware allows address masks of up to 32K */
1433 unsigned mask;
1434
1435 for (mask = 0; mask < 16; mask++) {
1436 if ((1u << mask) == watchpoint->length)
1437 break;
1438 }
1439 if (mask == 16) {
1440 LOG_DEBUG("unsupported watchpoint length");
1441 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1442 }
1443 if (watchpoint->address & ((1 << mask) - 1)) {
1444 LOG_DEBUG("watchpoint address is unaligned");
1445 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1446 }
1447
1448 /* Caller doesn't seem to be able to describe watching for data
1449 * values of zero; that flags "no value".
1450 *
1451 * REVISIT This DWT may well be able to watch for specific data
1452 * values. Requires comparator #1 to set DATAVMATCH and match
1453 * the data, and another comparator (DATAVADDR0) matching addr.
1454 */
1455 if (watchpoint->value) {
1456 LOG_DEBUG("data value watchpoint not YET supported");
1457 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1458 }
1459
1460 cortex_m->dwt_comp_available--;
1461 LOG_DEBUG("dwt_comp_available: %d", cortex_m->dwt_comp_available);
1462
1463 return ERROR_OK;
1464 }
1465
1466 int cortex_m_remove_watchpoint(struct target *target, struct watchpoint *watchpoint)
1467 {
1468 struct cortex_m_common *cortex_m = target_to_cm(target);
1469
1470 /* REVISIT why check? DWT can be updated with core running ... */
1471 if (target->state != TARGET_HALTED) {
1472 LOG_WARNING("target not halted");
1473 return ERROR_TARGET_NOT_HALTED;
1474 }
1475
1476 if (watchpoint->set)
1477 cortex_m_unset_watchpoint(target, watchpoint);
1478
1479 cortex_m->dwt_comp_available++;
1480 LOG_DEBUG("dwt_comp_available: %d", cortex_m->dwt_comp_available);
1481
1482 return ERROR_OK;
1483 }
1484
1485 void cortex_m_enable_watchpoints(struct target *target)
1486 {
1487 struct watchpoint *watchpoint = target->watchpoints;
1488
1489 /* set any pending watchpoints */
1490 while (watchpoint) {
1491 if (!watchpoint->set)
1492 cortex_m_set_watchpoint(target, watchpoint);
1493 watchpoint = watchpoint->next;
1494 }
1495 }
1496
1497 static int cortex_m_load_core_reg_u32(struct target *target,
1498 uint32_t num, uint32_t *value)
1499 {
1500 int retval;
1501
1502 /* NOTE: we "know" here that the register identifiers used
1503 * in the v7m header match the Cortex-M3 Debug Core Register
1504 * Selector values for R0..R15, xPSR, MSP, and PSP.
1505 */
1506 switch (num) {
1507 case 0 ... 18:
1508 /* read a normal core register */
1509 retval = cortexm_dap_read_coreregister_u32(target, value, num);
1510
1511 if (retval != ERROR_OK) {
1512 LOG_ERROR("JTAG failure %i", retval);
1513 return ERROR_JTAG_DEVICE_ERROR;
1514 }
1515 LOG_DEBUG("load from core reg %i value 0x%" PRIx32 "", (int)num, *value);
1516 break;
1517
1518 case ARMV7M_FPSCR:
1519 /* Floating-point Status and Registers */
1520 retval = target_write_u32(target, DCB_DCRSR, 0x21);
1521 if (retval != ERROR_OK)
1522 return retval;
1523 retval = target_read_u32(target, DCB_DCRDR, value);
1524 if (retval != ERROR_OK)
1525 return retval;
1526 LOG_DEBUG("load from FPSCR value 0x%" PRIx32, *value);
1527 break;
1528
1529 case ARMV7M_S0 ... ARMV7M_S31:
1530 /* Floating-point Status and Registers */
1531 retval = target_write_u32(target, DCB_DCRSR, num - ARMV7M_S0 + 0x40);
1532 if (retval != ERROR_OK)
1533 return retval;
1534 retval = target_read_u32(target, DCB_DCRDR, value);
1535 if (retval != ERROR_OK)
1536 return retval;
1537 LOG_DEBUG("load from FPU reg S%d value 0x%" PRIx32,
1538 (int)(num - ARMV7M_S0), *value);
1539 break;
1540
1541 case ARMV7M_PRIMASK:
1542 case ARMV7M_BASEPRI:
1543 case ARMV7M_FAULTMASK:
1544 case ARMV7M_CONTROL:
1545 /* Cortex-M3 packages these four registers as bitfields
1546 * in one Debug Core register. So say r0 and r2 docs;
1547 * it was removed from r1 docs, but still works.
1548 */
1549 cortexm_dap_read_coreregister_u32(target, value, 20);
1550
1551 switch (num) {
1552 case ARMV7M_PRIMASK:
1553 *value = buf_get_u32((uint8_t *)value, 0, 1);
1554 break;
1555
1556 case ARMV7M_BASEPRI:
1557 *value = buf_get_u32((uint8_t *)value, 8, 8);
1558 break;
1559
1560 case ARMV7M_FAULTMASK:
1561 *value = buf_get_u32((uint8_t *)value, 16, 1);
1562 break;
1563
1564 case ARMV7M_CONTROL:
1565 *value = buf_get_u32((uint8_t *)value, 24, 2);
1566 break;
1567 }
1568
1569 LOG_DEBUG("load from special reg %i value 0x%" PRIx32 "", (int)num, *value);
1570 break;
1571
1572 default:
1573 return ERROR_COMMAND_SYNTAX_ERROR;
1574 }
1575
1576 return ERROR_OK;
1577 }
1578
1579 static int cortex_m_store_core_reg_u32(struct target *target,
1580 uint32_t num, uint32_t value)
1581 {
1582 int retval;
1583 uint32_t reg;
1584 struct armv7m_common *armv7m = target_to_armv7m(target);
1585
1586 /* NOTE: we "know" here that the register identifiers used
1587 * in the v7m header match the Cortex-M3 Debug Core Register
1588 * Selector values for R0..R15, xPSR, MSP, and PSP.
1589 */
1590 switch (num) {
1591 case 0 ... 18:
1592 retval = cortexm_dap_write_coreregister_u32(target, value, num);
1593 if (retval != ERROR_OK) {
1594 struct reg *r;
1595
1596 LOG_ERROR("JTAG failure");
1597 r = armv7m->arm.core_cache->reg_list + num;
1598 r->dirty = r->valid;
1599 return ERROR_JTAG_DEVICE_ERROR;
1600 }
1601 LOG_DEBUG("write core reg %i value 0x%" PRIx32 "", (int)num, value);
1602 break;
1603
1604 case ARMV7M_FPSCR:
1605 /* Floating-point Status and Registers */
1606 retval = target_write_u32(target, DCB_DCRDR, value);
1607 if (retval != ERROR_OK)
1608 return retval;
1609 retval = target_write_u32(target, DCB_DCRSR, 0x21 | (1<<16));
1610 if (retval != ERROR_OK)
1611 return retval;
1612 LOG_DEBUG("write FPSCR value 0x%" PRIx32, value);
1613 break;
1614
1615 case ARMV7M_S0 ... ARMV7M_S31:
1616 /* Floating-point Status and Registers */
1617 retval = target_write_u32(target, DCB_DCRDR, value);
1618 if (retval != ERROR_OK)
1619 return retval;
1620 retval = target_write_u32(target, DCB_DCRSR, (num - ARMV7M_S0 + 0x40) | (1<<16));
1621 if (retval != ERROR_OK)
1622 return retval;
1623 LOG_DEBUG("write FPU reg S%d value 0x%" PRIx32,
1624 (int)(num - ARMV7M_S0), value);
1625 break;
1626
1627 case ARMV7M_PRIMASK:
1628 case ARMV7M_BASEPRI:
1629 case ARMV7M_FAULTMASK:
1630 case ARMV7M_CONTROL:
1631 /* Cortex-M3 packages these four registers as bitfields
1632 * in one Debug Core register. So say r0 and r2 docs;
1633 * it was removed from r1 docs, but still works.
1634 */
1635 cortexm_dap_read_coreregister_u32(target, &reg, 20);
1636
1637 switch (num) {
1638 case ARMV7M_PRIMASK:
1639 buf_set_u32((uint8_t *)&reg, 0, 1, value);
1640 break;
1641
1642 case ARMV7M_BASEPRI:
1643 buf_set_u32((uint8_t *)&reg, 8, 8, value);
1644 break;
1645
1646 case ARMV7M_FAULTMASK:
1647 buf_set_u32((uint8_t *)&reg, 16, 1, value);
1648 break;
1649
1650 case ARMV7M_CONTROL:
1651 buf_set_u32((uint8_t *)&reg, 24, 2, value);
1652 break;
1653 }
1654
1655 cortexm_dap_write_coreregister_u32(target, reg, 20);
1656
1657 LOG_DEBUG("write special reg %i value 0x%" PRIx32 " ", (int)num, value);
1658 break;
1659
1660 default:
1661 return ERROR_COMMAND_SYNTAX_ERROR;
1662 }
1663
1664 return ERROR_OK;
1665 }
1666
1667 static int cortex_m_read_memory(struct target *target, uint32_t address,
1668 uint32_t size, uint32_t count, uint8_t *buffer)
1669 {
1670 struct armv7m_common *armv7m = target_to_armv7m(target);
1671
1672 if (armv7m->arm.is_armv6m) {
1673 /* armv6m does not handle unaligned memory access */
1674 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1675 return ERROR_TARGET_UNALIGNED_ACCESS;
1676 }
1677
1678 return mem_ap_read_buf(armv7m->debug_ap, buffer, size, count, address);
1679 }
1680
1681 static int cortex_m_write_memory(struct target *target, uint32_t address,
1682 uint32_t size, uint32_t count, const uint8_t *buffer)
1683 {
1684 struct armv7m_common *armv7m = target_to_armv7m(target);
1685
1686 if (armv7m->arm.is_armv6m) {
1687 /* armv6m does not handle unaligned memory access */
1688 if (((size == 4) && (address & 0x3u)) || ((size == 2) && (address & 0x1u)))
1689 return ERROR_TARGET_UNALIGNED_ACCESS;
1690 }
1691
1692 return mem_ap_write_buf(armv7m->debug_ap, buffer, size, count, address);
1693 }
1694
1695 static int cortex_m_init_target(struct command_context *cmd_ctx,
1696 struct target *target)
1697 {
1698 armv7m_build_reg_cache(target);
1699 arm_semihosting_init(target);
1700 return ERROR_OK;
1701 }
1702
1703 void cortex_m_deinit_target(struct target *target)
1704 {
1705 struct cortex_m_common *cortex_m = target_to_cm(target);
1706
1707 free(cortex_m->fp_comparator_list);
1708
1709 cortex_m_dwt_free(target);
1710 armv7m_free_reg_cache(target);
1711
1712 free(cortex_m);
1713 }
1714
1715 /* REVISIT cache valid/dirty bits are unmaintained. We could set "valid"
1716 * on r/w if the core is not running, and clear on resume or reset ... or
1717 * at least, in a post_restore_context() method.
1718 */
1719
1720 struct dwt_reg_state {
1721 struct target *target;
1722 uint32_t addr;
1723 uint8_t value[4]; /* scratch/cache */
1724 };
1725
1726 static int cortex_m_dwt_get_reg(struct reg *reg)
1727 {
1728 struct dwt_reg_state *state = reg->arch_info;
1729
1730 uint32_t tmp;
1731 int retval = target_read_u32(state->target, state->addr, &tmp);
1732 if (retval != ERROR_OK)
1733 return retval;
1734
1735 buf_set_u32(state->value, 0, 32, tmp);
1736 return ERROR_OK;
1737 }
1738
1739 static int cortex_m_dwt_set_reg(struct reg *reg, uint8_t *buf)
1740 {
1741 struct dwt_reg_state *state = reg->arch_info;
1742
1743 return target_write_u32(state->target, state->addr,
1744 buf_get_u32(buf, 0, reg->size));
1745 }
1746
1747 struct dwt_reg {
1748 uint32_t addr;
1749 char *name;
1750 unsigned size;
1751 };
1752
1753 static struct dwt_reg dwt_base_regs[] = {
1754 { DWT_CTRL, "dwt_ctrl", 32, },
1755 /* NOTE that Erratum 532314 (fixed r2p0) affects CYCCNT: it wrongly
1756 * increments while the core is asleep.
1757 */
1758 { DWT_CYCCNT, "dwt_cyccnt", 32, },
1759 /* plus some 8 bit counters, useful for profiling with TPIU */
1760 };
1761
1762 static struct dwt_reg dwt_comp[] = {
1763 #define DWT_COMPARATOR(i) \
1764 { DWT_COMP0 + 0x10 * (i), "dwt_" #i "_comp", 32, }, \
1765 { DWT_MASK0 + 0x10 * (i), "dwt_" #i "_mask", 4, }, \
1766 { DWT_FUNCTION0 + 0x10 * (i), "dwt_" #i "_function", 32, }
1767 DWT_COMPARATOR(0),
1768 DWT_COMPARATOR(1),
1769 DWT_COMPARATOR(2),
1770 DWT_COMPARATOR(3),
1771 #undef DWT_COMPARATOR
1772 };
1773
1774 static const struct reg_arch_type dwt_reg_type = {
1775 .get = cortex_m_dwt_get_reg,
1776 .set = cortex_m_dwt_set_reg,
1777 };
1778
1779 static void cortex_m_dwt_addreg(struct target *t, struct reg *r, struct dwt_reg *d)
1780 {
1781 struct dwt_reg_state *state;
1782
1783 state = calloc(1, sizeof *state);
1784 if (!state)
1785 return;
1786 state->addr = d->addr;
1787 state->target = t;
1788
1789 r->name = d->name;
1790 r->size = d->size;
1791 r->value = state->value;
1792 r->arch_info = state;
1793 r->type = &dwt_reg_type;
1794 }
1795
1796 void cortex_m_dwt_setup(struct cortex_m_common *cm, struct target *target)
1797 {
1798 uint32_t dwtcr;
1799 struct reg_cache *cache;
1800 struct cortex_m_dwt_comparator *comparator;
1801 int reg, i;
1802
1803 target_read_u32(target, DWT_CTRL, &dwtcr);
1804 if (!dwtcr) {
1805 LOG_DEBUG("no DWT");
1806 return;
1807 }
1808
1809 cm->dwt_num_comp = (dwtcr >> 28) & 0xF;
1810 cm->dwt_comp_available = cm->dwt_num_comp;
1811 cm->dwt_comparator_list = calloc(cm->dwt_num_comp,
1812 sizeof(struct cortex_m_dwt_comparator));
1813 if (!cm->dwt_comparator_list) {
1814 fail0:
1815 cm->dwt_num_comp = 0;
1816 LOG_ERROR("out of mem");
1817 return;
1818 }
1819
1820 cache = calloc(1, sizeof *cache);
1821 if (!cache) {
1822 fail1:
1823 free(cm->dwt_comparator_list);
1824 goto fail0;
1825 }
1826 cache->name = "Cortex-M DWT registers";
1827 cache->num_regs = 2 + cm->dwt_num_comp * 3;
1828 cache->reg_list = calloc(cache->num_regs, sizeof *cache->reg_list);
1829 if (!cache->reg_list) {
1830 free(cache);
1831 goto fail1;
1832 }
1833
1834 for (reg = 0; reg < 2; reg++)
1835 cortex_m_dwt_addreg(target, cache->reg_list + reg,
1836 dwt_base_regs + reg);
1837
1838 comparator = cm->dwt_comparator_list;
1839 for (i = 0; i < cm->dwt_num_comp; i++, comparator++) {
1840 int j;
1841
1842 comparator->dwt_comparator_address = DWT_COMP0 + 0x10 * i;
1843 for (j = 0; j < 3; j++, reg++)
1844 cortex_m_dwt_addreg(target, cache->reg_list + reg,
1845 dwt_comp + 3 * i + j);
1846
1847 /* make sure we clear any watchpoints enabled on the target */
1848 target_write_u32(target, comparator->dwt_comparator_address + 8, 0);
1849 }
1850
1851 *register_get_last_cache_p(&target->reg_cache) = cache;
1852 cm->dwt_cache = cache;
1853
1854 LOG_DEBUG("DWT dwtcr 0x%" PRIx32 ", comp %d, watch%s",
1855 dwtcr, cm->dwt_num_comp,
1856 (dwtcr & (0xf << 24)) ? " only" : "/trigger");
1857
1858 /* REVISIT: if num_comp > 1, check whether comparator #1 can
1859 * implement single-address data value watchpoints ... so we
1860 * won't need to check it later, when asked to set one up.
1861 */
1862 }
1863
1864 static void cortex_m_dwt_free(struct target *target)
1865 {
1866 struct cortex_m_common *cm = target_to_cm(target);
1867 struct reg_cache *cache = cm->dwt_cache;
1868
1869 free(cm->dwt_comparator_list);
1870 cm->dwt_comparator_list = NULL;
1871 cm->dwt_num_comp = 0;
1872
1873 if (cache) {
1874 register_unlink_cache(&target->reg_cache, cache);
1875
1876 if (cache->reg_list) {
1877 for (size_t i = 0; i < cache->num_regs; i++)
1878 free(cache->reg_list[i].arch_info);
1879 free(cache->reg_list);
1880 }
1881 free(cache);
1882 }
1883 cm->dwt_cache = NULL;
1884 }
1885
1886 #define MVFR0 0xe000ef40
1887 #define MVFR1 0xe000ef44
1888
1889 #define MVFR0_DEFAULT_M4 0x10110021
1890 #define MVFR1_DEFAULT_M4 0x11000011
1891
1892 #define MVFR0_DEFAULT_M7_SP 0x10110021
1893 #define MVFR0_DEFAULT_M7_DP 0x10110221
1894 #define MVFR1_DEFAULT_M7_SP 0x11000011
1895 #define MVFR1_DEFAULT_M7_DP 0x12000011
1896
1897 int cortex_m_examine(struct target *target)
1898 {
1899 int retval;
1900 uint32_t cpuid, fpcr, mvfr0, mvfr1;
1901 int i;
1902 struct cortex_m_common *cortex_m = target_to_cm(target);
1903 struct adiv5_dap *swjdp = cortex_m->armv7m.arm.dap;
1904 struct armv7m_common *armv7m = target_to_armv7m(target);
1905
1906 /* stlink shares the examine handler but does not support
1907 * all its calls */
1908 if (!armv7m->stlink) {
1909 retval = dap_dp_init(swjdp);
1910 if (retval != ERROR_OK) {
1911 LOG_ERROR("Could not initialize the debug port");
1912 return retval;
1913 }
1914
1915 /* Search for the MEM-AP */
1916 retval = dap_find_ap(swjdp, AP_TYPE_AHB_AP, &armv7m->debug_ap);
1917 if (retval != ERROR_OK) {
1918 LOG_ERROR("Could not find MEM-AP to control the core");
1919 return retval;
1920 }
1921
1922 /* Leave (only) generic DAP stuff for debugport_init(); */
1923 armv7m->debug_ap->memaccess_tck = 8;
1924
1925 retval = mem_ap_init(armv7m->debug_ap);
1926 if (retval != ERROR_OK)
1927 return retval;
1928 }
1929
1930 if (!target_was_examined(target)) {
1931 target_set_examined(target);
1932
1933 /* Read from Device Identification Registers */
1934 retval = target_read_u32(target, CPUID, &cpuid);
1935 if (retval != ERROR_OK)
1936 return retval;
1937
1938 /* Get CPU Type */
1939 i = (cpuid >> 4) & 0xf;
1940
1941 LOG_DEBUG("Cortex-M%d r%" PRId8 "p%" PRId8 " processor detected",
1942 i, (uint8_t)((cpuid >> 20) & 0xf), (uint8_t)((cpuid >> 0) & 0xf));
1943 if (i == 7) {
1944 uint8_t rev, patch;
1945 rev = (cpuid >> 20) & 0xf;
1946 patch = (cpuid >> 0) & 0xf;
1947 if ((rev == 0) && (patch < 2))
1948 LOG_WARNING("Silicon bug: single stepping will enter pending exception handler!");
1949 }
1950 LOG_DEBUG("cpuid: 0x%8.8" PRIx32 "", cpuid);
1951
1952 if (i == 4) {
1953 target_read_u32(target, MVFR0, &mvfr0);
1954 target_read_u32(target, MVFR1, &mvfr1);
1955
1956 /* test for floating point feature on Cortex-M4 */
1957 if ((mvfr0 == MVFR0_DEFAULT_M4) && (mvfr1 == MVFR1_DEFAULT_M4)) {
1958 LOG_DEBUG("Cortex-M%d floating point feature FPv4_SP found", i);
1959 armv7m->fp_feature = FPv4_SP;
1960 }
1961 } else if (i == 7) {
1962 target_read_u32(target, MVFR0, &mvfr0);
1963 target_read_u32(target, MVFR1, &mvfr1);
1964
1965 /* test for floating point features on Cortex-M7 */
1966 if ((mvfr0 == MVFR0_DEFAULT_M7_SP) && (mvfr1 == MVFR1_DEFAULT_M7_SP)) {
1967 LOG_DEBUG("Cortex-M%d floating point feature FPv5_SP found", i);
1968 armv7m->fp_feature = FPv5_SP;
1969 } else if ((mvfr0 == MVFR0_DEFAULT_M7_DP) && (mvfr1 == MVFR1_DEFAULT_M7_DP)) {
1970 LOG_DEBUG("Cortex-M%d floating point feature FPv5_DP found", i);
1971 armv7m->fp_feature = FPv5_DP;
1972 }
1973 } else if (i == 0) {
1974 /* Cortex-M0 does not support unaligned memory access */
1975 armv7m->arm.is_armv6m = true;
1976 }
1977
1978 if (armv7m->fp_feature == FP_NONE &&
1979 armv7m->arm.core_cache->num_regs > ARMV7M_NUM_CORE_REGS_NOFP) {
1980 /* free unavailable FPU registers */
1981 size_t idx;
1982
1983 for (idx = ARMV7M_NUM_CORE_REGS_NOFP;
1984 idx < armv7m->arm.core_cache->num_regs;
1985 idx++) {
1986 free(armv7m->arm.core_cache->reg_list[idx].value);
1987 free(armv7m->arm.core_cache->reg_list[idx].feature);
1988 free(armv7m->arm.core_cache->reg_list[idx].reg_data_type);
1989 }
1990 armv7m->arm.core_cache->num_regs = ARMV7M_NUM_CORE_REGS_NOFP;
1991 }
1992
1993 if (!armv7m->stlink) {
1994 if (i == 3 || i == 4)
1995 /* Cortex-M3/M4 have 4096 bytes autoincrement range,
1996 * s. ARM IHI 0031C: MEM-AP 7.2.2 */
1997 armv7m->debug_ap->tar_autoincr_block = (1 << 12);
1998 else if (i == 7)
1999 /* Cortex-M7 has only 1024 bytes autoincrement range */
2000 armv7m->debug_ap->tar_autoincr_block = (1 << 10);
2001 }
2002
2003 /* Configure trace modules */
2004 retval = target_write_u32(target, DCB_DEMCR, TRCENA | armv7m->demcr);
2005 if (retval != ERROR_OK)
2006 return retval;
2007
2008 if (armv7m->trace_config.config_type != DISABLED) {
2009 armv7m_trace_tpiu_config(target);
2010 armv7m_trace_itm_config(target);
2011 }
2012
2013 /* NOTE: FPB and DWT are both optional. */
2014
2015 /* Setup FPB */
2016 target_read_u32(target, FP_CTRL, &fpcr);
2017 cortex_m->auto_bp_type = 1;
2018 /* bits [14:12] and [7:4] */
2019 cortex_m->fp_num_code = ((fpcr >> 8) & 0x70) | ((fpcr >> 4) & 0xF);
2020 cortex_m->fp_num_lit = (fpcr >> 8) & 0xF;
2021 cortex_m->fp_code_available = cortex_m->fp_num_code;
2022 /* Detect flash patch revision, see RM DDI 0403E.b page C1-817.
2023 Revision is zero base, fp_rev == 1 means Rev.2 ! */
2024 cortex_m->fp_rev = (fpcr >> 28) & 0xf;
2025 free(cortex_m->fp_comparator_list);
2026 cortex_m->fp_comparator_list = calloc(
2027 cortex_m->fp_num_code + cortex_m->fp_num_lit,
2028 sizeof(struct cortex_m_fp_comparator));
2029 cortex_m->fpb_enabled = fpcr & 1;
2030 for (i = 0; i < cortex_m->fp_num_code + cortex_m->fp_num_lit; i++) {
2031 cortex_m->fp_comparator_list[i].type =
2032 (i < cortex_m->fp_num_code) ? FPCR_CODE : FPCR_LITERAL;
2033 cortex_m->fp_comparator_list[i].fpcr_address = FP_COMP0 + 4 * i;
2034
2035 /* make sure we clear any breakpoints enabled on the target */
2036 target_write_u32(target, cortex_m->fp_comparator_list[i].fpcr_address, 0);
2037 }
2038 LOG_DEBUG("FPB fpcr 0x%" PRIx32 ", numcode %i, numlit %i",
2039 fpcr,
2040 cortex_m->fp_num_code,
2041 cortex_m->fp_num_lit);
2042
2043 /* Setup DWT */
2044 cortex_m_dwt_free(target);
2045 cortex_m_dwt_setup(cortex_m, target);
2046
2047 /* These hardware breakpoints only work for code in flash! */
2048 LOG_INFO("%s: hardware has %d breakpoints, %d watchpoints",
2049 target_name(target),
2050 cortex_m->fp_num_code,
2051 cortex_m->dwt_num_comp);
2052 }
2053
2054 return ERROR_OK;
2055 }
2056
2057 static int cortex_m_dcc_read(struct target *target, uint8_t *value, uint8_t *ctrl)
2058 {
2059 struct armv7m_common *armv7m = target_to_armv7m(target);
2060 uint16_t dcrdr;
2061 uint8_t buf[2];
2062 int retval;
2063
2064 retval = mem_ap_read_buf_noincr(armv7m->debug_ap, buf, 2, 1, DCB_DCRDR);
2065 if (retval != ERROR_OK)
2066 return retval;
2067
2068 dcrdr = target_buffer_get_u16(target, buf);
2069 *ctrl = (uint8_t)dcrdr;
2070 *value = (uint8_t)(dcrdr >> 8);
2071
2072 LOG_DEBUG("data 0x%x ctrl 0x%x", *value, *ctrl);
2073
2074 /* write ack back to software dcc register
2075 * signify we have read data */
2076 if (dcrdr & (1 << 0)) {
2077 target_buffer_set_u16(target, buf, 0);
2078 retval = mem_ap_write_buf_noincr(armv7m->debug_ap, buf, 2, 1, DCB_DCRDR);
2079 if (retval != ERROR_OK)
2080 return retval;
2081 }
2082
2083 return ERROR_OK;
2084 }
2085
2086 static int cortex_m_target_request_data(struct target *target,
2087 uint32_t size, uint8_t *buffer)
2088 {
2089 uint8_t data;
2090 uint8_t ctrl;
2091 uint32_t i;
2092
2093 for (i = 0; i < (size * 4); i++) {
2094 int retval = cortex_m_dcc_read(target, &data, &ctrl);
2095 if (retval != ERROR_OK)
2096 return retval;
2097 buffer[i] = data;
2098 }
2099
2100 return ERROR_OK;
2101 }
2102
2103 static int cortex_m_handle_target_request(void *priv)
2104 {
2105 struct target *target = priv;
2106 if (!target_was_examined(target))
2107 return ERROR_OK;
2108
2109 if (!target->dbg_msg_enabled)
2110 return ERROR_OK;
2111
2112 if (target->state == TARGET_RUNNING) {
2113 uint8_t data;
2114 uint8_t ctrl;
2115 int retval;
2116
2117 retval = cortex_m_dcc_read(target, &data, &ctrl);
2118 if (retval != ERROR_OK)
2119 return retval;
2120
2121 /* check if we have data */
2122 if (ctrl & (1 << 0)) {
2123 uint32_t request;
2124
2125 /* we assume target is quick enough */
2126 request = data;
2127 for (int i = 1; i <= 3; i++) {
2128 retval = cortex_m_dcc_read(target, &data, &ctrl);
2129 if (retval != ERROR_OK)
2130 return retval;
2131 request |= ((uint32_t)data << (i * 8));
2132 }
2133 target_request(target, request);
2134 }
2135 }
2136
2137 return ERROR_OK;
2138 }
2139
2140 static int cortex_m_init_arch_info(struct target *target,
2141 struct cortex_m_common *cortex_m, struct jtag_tap *tap)
2142 {
2143 struct armv7m_common *armv7m = &cortex_m->armv7m;
2144
2145 armv7m_init_arch_info(target, armv7m);
2146
2147 /* tap has no dap initialized */
2148 if (!tap->dap) {
2149 tap->dap = dap_init();
2150
2151 /* Leave (only) generic DAP stuff for debugport_init() */
2152 tap->dap->tap = tap;
2153 }
2154
2155 /* default reset mode is to use srst if fitted
2156 * if not it will use CORTEX_M3_RESET_VECTRESET */
2157 cortex_m->soft_reset_config = CORTEX_M_RESET_VECTRESET;
2158
2159 armv7m->arm.dap = tap->dap;
2160
2161 /* register arch-specific functions */
2162 armv7m->examine_debug_reason = cortex_m_examine_debug_reason;
2163
2164 armv7m->post_debug_entry = NULL;
2165
2166 armv7m->pre_restore_context = NULL;
2167
2168 armv7m->load_core_reg_u32 = cortex_m_load_core_reg_u32;
2169 armv7m->store_core_reg_u32 = cortex_m_store_core_reg_u32;
2170
2171 target_register_timer_callback(cortex_m_handle_target_request, 1, 1, target);
2172
2173 return ERROR_OK;
2174 }
2175
2176 static int cortex_m_target_create(struct target *target, Jim_Interp *interp)
2177 {
2178 struct cortex_m_common *cortex_m = calloc(1, sizeof(struct cortex_m_common));
2179
2180 cortex_m->common_magic = CORTEX_M_COMMON_MAGIC;
2181 cortex_m_init_arch_info(target, cortex_m, target->tap);
2182
2183 return ERROR_OK;
2184 }
2185
2186 /*--------------------------------------------------------------------------*/
2187
2188 static int cortex_m_verify_pointer(struct command_context *cmd_ctx,
2189 struct cortex_m_common *cm)
2190 {
2191 if (cm->common_magic != CORTEX_M_COMMON_MAGIC) {
2192 command_print(cmd_ctx, "target is not a Cortex-M");
2193 return ERROR_TARGET_INVALID;
2194 }
2195 return ERROR_OK;
2196 }
2197
2198 /*
2199 * Only stuff below this line should need to verify that its target
2200 * is a Cortex-M3. Everything else should have indirected through the
2201 * cortexm3_target structure, which is only used with CM3 targets.
2202 */
2203
2204 static const struct {
2205 char name[10];
2206 unsigned mask;
2207 } vec_ids[] = {
2208 { "hard_err", VC_HARDERR, },
2209 { "int_err", VC_INTERR, },
2210 { "bus_err", VC_BUSERR, },
2211 { "state_err", VC_STATERR, },
2212 { "chk_err", VC_CHKERR, },
2213 { "nocp_err", VC_NOCPERR, },
2214 { "mm_err", VC_MMERR, },
2215 { "reset", VC_CORERESET, },
2216 };
2217
2218 COMMAND_HANDLER(handle_cortex_m_vector_catch_command)
2219 {
2220 struct target *target = get_current_target(CMD_CTX);
2221 struct cortex_m_common *cortex_m = target_to_cm(target);
2222 struct armv7m_common *armv7m = &cortex_m->armv7m;
2223 uint32_t demcr = 0;
2224 int retval;
2225
2226 retval = cortex_m_verify_pointer(CMD_CTX, cortex_m);
2227 if (retval != ERROR_OK)
2228 return retval;
2229
2230 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DEMCR, &demcr);
2231 if (retval != ERROR_OK)
2232 return retval;
2233
2234 if (CMD_ARGC > 0) {
2235 unsigned catch = 0;
2236
2237 if (CMD_ARGC == 1) {
2238 if (strcmp(CMD_ARGV[0], "all") == 0) {
2239 catch = VC_HARDERR | VC_INTERR | VC_BUSERR
2240 | VC_STATERR | VC_CHKERR | VC_NOCPERR
2241 | VC_MMERR | VC_CORERESET;
2242 goto write;
2243 } else if (strcmp(CMD_ARGV[0], "none") == 0)
2244 goto write;
2245 }
2246 while (CMD_ARGC-- > 0) {
2247 unsigned i;
2248 for (i = 0; i < ARRAY_SIZE(vec_ids); i++) {
2249 if (strcmp(CMD_ARGV[CMD_ARGC], vec_ids[i].name) != 0)
2250 continue;
2251 catch |= vec_ids[i].mask;
2252 break;
2253 }
2254 if (i == ARRAY_SIZE(vec_ids)) {
2255 LOG_ERROR("No CM3 vector '%s'", CMD_ARGV[CMD_ARGC]);
2256 return ERROR_COMMAND_SYNTAX_ERROR;
2257 }
2258 }
2259 write:
2260 /* For now, armv7m->demcr only stores vector catch flags. */
2261 armv7m->demcr = catch;
2262
2263 demcr &= ~0xffff;
2264 demcr |= catch;
2265
2266 /* write, but don't assume it stuck (why not??) */
2267 retval = mem_ap_write_u32(armv7m->debug_ap, DCB_DEMCR, demcr);
2268 if (retval != ERROR_OK)
2269 return retval;
2270 retval = mem_ap_read_atomic_u32(armv7m->debug_ap, DCB_DEMCR, &demcr);
2271 if (retval != ERROR_OK)
2272 return retval;
2273
2274 /* FIXME be sure to clear DEMCR on clean server shutdown.
2275 * Otherwise the vector catch hardware could fire when there's
2276 * no debugger hooked up, causing much confusion...
2277 */
2278 }
2279
2280 for (unsigned i = 0; i < ARRAY_SIZE(vec_ids); i++) {
2281 command_print(CMD_CTX, "%9s: %s", vec_ids[i].name,
2282 (demcr & vec_ids[i].mask) ? "catch" : "ignore");
2283 }
2284
2285 return ERROR_OK;
2286 }
2287
2288 COMMAND_HANDLER(handle_cortex_m_mask_interrupts_command)
2289 {
2290 struct target *target = get_current_target(CMD_CTX);
2291 struct cortex_m_common *cortex_m = target_to_cm(target);
2292 int retval;
2293
2294 static const Jim_Nvp nvp_maskisr_modes[] = {
2295 { .name = "auto", .value = CORTEX_M_ISRMASK_AUTO },
2296 { .name = "off", .value = CORTEX_M_ISRMASK_OFF },
2297 { .name = "on", .value = CORTEX_M_ISRMASK_ON },
2298 { .name = NULL, .value = -1 },
2299 };
2300 const Jim_Nvp *n;
2301
2302
2303 retval = cortex_m_verify_pointer(CMD_CTX, cortex_m);
2304 if (retval != ERROR_OK)
2305 return retval;
2306
2307 if (target->state != TARGET_HALTED) {
2308 command_print(CMD_CTX, "target must be stopped for \"%s\" command", CMD_NAME);
2309 return ERROR_OK;
2310 }
2311
2312 if (CMD_ARGC > 0) {
2313 n = Jim_Nvp_name2value_simple(nvp_maskisr_modes, CMD_ARGV[0]);
2314 if (n->name == NULL)
2315 return ERROR_COMMAND_SYNTAX_ERROR;
2316 cortex_m->isrmasking_mode = n->value;
2317
2318
2319 if (cortex_m->isrmasking_mode == CORTEX_M_ISRMASK_ON)
2320 cortex_m_write_debug_halt_mask(target, C_HALT | C_MASKINTS, 0);
2321 else
2322 cortex_m_write_debug_halt_mask(target, C_HALT, C_MASKINTS);
2323 }
2324
2325 n = Jim_Nvp_value2name_simple(nvp_maskisr_modes, cortex_m->isrmasking_mode);
2326 command_print(CMD_CTX, "cortex_m interrupt mask %s", n->name);
2327
2328 return ERROR_OK;
2329 }
2330
2331 COMMAND_HANDLER(handle_cortex_m_reset_config_command)
2332 {
2333 struct target *target = get_current_target(CMD_CTX);
2334 struct cortex_m_common *cortex_m = target_to_cm(target);
2335 int retval;
2336 char *reset_config;
2337
2338 retval = cortex_m_verify_pointer(CMD_CTX, cortex_m);
2339 if (retval != ERROR_OK)
2340 return retval;
2341
2342 if (CMD_ARGC > 0) {
2343 if (strcmp(*CMD_ARGV, "sysresetreq") == 0)
2344 cortex_m->soft_reset_config = CORTEX_M_RESET_SYSRESETREQ;
2345 else if (strcmp(*CMD_ARGV, "vectreset") == 0)
2346 cortex_m->soft_reset_config = CORTEX_M_RESET_VECTRESET;
2347 }
2348
2349 switch (cortex_m->soft_reset_config) {
2350 case CORTEX_M_RESET_SYSRESETREQ:
2351 reset_config = "sysresetreq";
2352 break;
2353
2354 case CORTEX_M_RESET_VECTRESET:
2355 reset_config = "vectreset";
2356 break;
2357
2358 default:
2359 reset_config = "unknown";
2360 break;
2361 }
2362
2363 command_print(CMD_CTX, "cortex_m reset_config %s", reset_config);
2364
2365 return ERROR_OK;
2366 }
2367
2368 static const struct command_registration cortex_m_exec_command_handlers[] = {
2369 {
2370 .name = "maskisr",
2371 .handler = handle_cortex_m_mask_interrupts_command,
2372 .mode = COMMAND_EXEC,
2373 .help = "mask cortex_m interrupts",
2374 .usage = "['auto'|'on'|'off']",
2375 },
2376 {
2377 .name = "vector_catch",
2378 .handler = handle_cortex_m_vector_catch_command,
2379 .mode = COMMAND_EXEC,
2380 .help = "configure hardware vectors to trigger debug entry",
2381 .usage = "['all'|'none'|('bus_err'|'chk_err'|...)*]",
2382 },
2383 {
2384 .name = "reset_config",
2385 .handler = handle_cortex_m_reset_config_command,
2386 .mode = COMMAND_ANY,
2387 .help = "configure software reset handling",
2388 .usage = "['srst'|'sysresetreq'|'vectreset']",
2389 },
2390 COMMAND_REGISTRATION_DONE
2391 };
2392 static const struct command_registration cortex_m_command_handlers[] = {
2393 {
2394 .chain = armv7m_command_handlers,
2395 },
2396 {
2397 .chain = armv7m_trace_command_handlers,
2398 },
2399 {
2400 .name = "cortex_m",
2401 .mode = COMMAND_EXEC,
2402 .help = "Cortex-M command group",
2403 .usage = "",
2404 .chain = cortex_m_exec_command_handlers,
2405 },
2406 COMMAND_REGISTRATION_DONE
2407 };
2408
2409 struct target_type cortexm_target = {
2410 .name = "cortex_m",
2411 .deprecated_name = "cortex_m3",
2412
2413 .poll = cortex_m_poll,
2414 .arch_state = armv7m_arch_state,
2415
2416 .target_request_data = cortex_m_target_request_data,
2417
2418 .halt = cortex_m_halt,
2419 .resume = cortex_m_resume,
2420 .step = cortex_m_step,
2421
2422 .assert_reset = cortex_m_assert_reset,
2423 .deassert_reset = cortex_m_deassert_reset,
2424 .soft_reset_halt = cortex_m_soft_reset_halt,
2425
2426 .get_gdb_reg_list = armv7m_get_gdb_reg_list,
2427
2428 .read_memory = cortex_m_read_memory,
2429 .write_memory = cortex_m_write_memory,
2430 .checksum_memory = armv7m_checksum_memory,
2431 .blank_check_memory = armv7m_blank_check_memory,
2432
2433 .run_algorithm = armv7m_run_algorithm,
2434 .start_algorithm = armv7m_start_algorithm,
2435 .wait_algorithm = armv7m_wait_algorithm,
2436
2437 .add_breakpoint = cortex_m_add_breakpoint,
2438 .remove_breakpoint = cortex_m_remove_breakpoint,
2439 .add_watchpoint = cortex_m_add_watchpoint,
2440 .remove_watchpoint = cortex_m_remove_watchpoint,
2441
2442 .commands = cortex_m_command_handlers,
2443 .target_create = cortex_m_target_create,
2444 .init_target = cortex_m_init_target,
2445 .examine = cortex_m_examine,
2446 .deinit_target = cortex_m_deinit_target,
2447 };