You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1640 lines
46 KiB

  1. /***************************************************************************
  2. * Copyright (C) 2005 by Dominic Rath *
  3. * Dominic.Rath@gmx.de *
  4. * *
  5. * Copyright (C) 2006 by Magnus Lundin *
  6. * lundin@mlu.mine.nu *
  7. * *
  8. * Copyright (C) 2008 by Spencer Oliver *
  9. * spen@spen-soft.co.uk *
  10. * *
  11. * Copyright (C) 2009 by Dirk Behme *
  12. * dirk.behme@gmail.com - copy from cortex_m3 *
  13. * *
  14. * This program is free software; you can redistribute it and/or modify *
  15. * it under the terms of the GNU General Public License as published by *
  16. * the Free Software Foundation; either version 2 of the License, or *
  17. * (at your option) any later version. *
  18. * *
  19. * This program is distributed in the hope that it will be useful, *
  20. * but WITHOUT ANY WARRANTY; without even the implied warranty of *
  21. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
  22. * GNU General Public License for more details. *
  23. * *
  24. * You should have received a copy of the GNU General Public License *
  25. * along with this program; if not, write to the *
  26. * Free Software Foundation, Inc., *
  27. * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
  28. * *
  29. * Cortex-A8(tm) TRM, ARM DDI 0344H *
  30. * *
  31. ***************************************************************************/
  32. #ifdef HAVE_CONFIG_H
  33. #include "config.h"
  34. #endif
  35. #include "cortex_a8.h"
  36. #include "armv7a.h"
  37. #include "armv4_5.h"
  38. #include "target_request.h"
  39. #include "target_type.h"
  40. /* cli handling */
  41. int cortex_a8_register_commands(struct command_context_s *cmd_ctx);
  42. /* forward declarations */
  43. int cortex_a8_target_create(struct target_s *target, Jim_Interp *interp);
  44. int cortex_a8_init_target(struct command_context_s *cmd_ctx,
  45. struct target_s *target);
  46. int cortex_a8_examine(struct target_s *target);
  47. int cortex_a8_poll(target_t *target);
  48. int cortex_a8_halt(target_t *target);
  49. int cortex_a8_resume(struct target_s *target, int current, uint32_t address,
  50. int handle_breakpoints, int debug_execution);
  51. int cortex_a8_step(struct target_s *target, int current, uint32_t address,
  52. int handle_breakpoints);
  53. int cortex_a8_debug_entry(target_t *target);
  54. int cortex_a8_restore_context(target_t *target);
  55. int cortex_a8_bulk_write_memory(target_t *target, uint32_t address,
  56. uint32_t count, uint8_t *buffer);
  57. int cortex_a8_set_breakpoint(struct target_s *target,
  58. breakpoint_t *breakpoint, uint8_t matchmode);
  59. int cortex_a8_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
  60. int cortex_a8_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
  61. int cortex_a8_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint);
  62. int cortex_a8_dap_read_coreregister_u32(target_t *target,
  63. uint32_t *value, int regnum);
  64. int cortex_a8_dap_write_coreregister_u32(target_t *target,
  65. uint32_t value, int regnum);
  66. int cortex_a8_assert_reset(target_t *target);
  67. int cortex_a8_deassert_reset(target_t *target);
  68. target_type_t cortexa8_target =
  69. {
  70. .name = "cortex_a8",
  71. .poll = cortex_a8_poll,
  72. .arch_state = armv7a_arch_state,
  73. .target_request_data = NULL,
  74. .halt = cortex_a8_halt,
  75. .resume = cortex_a8_resume,
  76. .step = cortex_a8_step,
  77. .assert_reset = cortex_a8_assert_reset,
  78. .deassert_reset = cortex_a8_deassert_reset,
  79. .soft_reset_halt = NULL,
  80. .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
  81. .read_memory = cortex_a8_read_memory,
  82. .write_memory = cortex_a8_write_memory,
  83. .bulk_write_memory = cortex_a8_bulk_write_memory,
  84. .checksum_memory = arm7_9_checksum_memory,
  85. .blank_check_memory = arm7_9_blank_check_memory,
  86. .run_algorithm = armv4_5_run_algorithm,
  87. .add_breakpoint = cortex_a8_add_breakpoint,
  88. .remove_breakpoint = cortex_a8_remove_breakpoint,
  89. .add_watchpoint = NULL,
  90. .remove_watchpoint = NULL,
  91. .register_commands = cortex_a8_register_commands,
  92. .target_create = cortex_a8_target_create,
  93. .init_target = cortex_a8_init_target,
  94. .examine = cortex_a8_examine,
  95. .quit = NULL
  96. };
  97. /*
  98. * FIXME do topology discovery using the ROM; don't
  99. * assume this is an OMAP3.
  100. */
  101. #define swjdp_memoryap 0
  102. #define swjdp_debugap 1
  103. #define OMAP3530_DEBUG_BASE 0x54011000
  104. /*
  105. * Cortex-A8 Basic debug access, very low level assumes state is saved
  106. */
  107. int cortex_a8_init_debug_access(target_t *target)
  108. {
  109. /* get pointers to arch-specific information */
  110. armv4_5_common_t *armv4_5 = target->arch_info;
  111. armv7a_common_t *armv7a = armv4_5->arch_info;
  112. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  113. int retval;
  114. uint32_t dummy;
  115. LOG_DEBUG(" ");
  116. /* Unlocking the debug registers for modification */
  117. /* The debugport might be uninitialised so try twice */
  118. retval = mem_ap_write_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_LOCKACCESS, 0xC5ACCE55);
  119. if (retval != ERROR_OK)
  120. mem_ap_write_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_LOCKACCESS, 0xC5ACCE55);
  121. /* Clear Sticky Power Down status Bit in PRSR to enable access to
  122. the registers in the Core Power Domain */
  123. retval = mem_ap_read_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_PRSR, &dummy);
  124. /* Enabling of instruction execution in debug mode is done in debug_entry code */
  125. /* Resync breakpoint registers */
  126. /* Since this is likley called from init or reset, update targtet state information*/
  127. cortex_a8_poll(target);
  128. return retval;
  129. }
  130. int cortex_a8_exec_opcode(target_t *target, uint32_t opcode)
  131. {
  132. uint32_t dscr;
  133. int retval;
  134. /* get pointers to arch-specific information */
  135. armv4_5_common_t *armv4_5 = target->arch_info;
  136. armv7a_common_t *armv7a = armv4_5->arch_info;
  137. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  138. LOG_DEBUG("exec opcode 0x%08" PRIx32, opcode);
  139. do
  140. {
  141. retval = mem_ap_read_atomic_u32(swjdp,
  142. armv7a->debug_base + CPUDBG_DSCR, &dscr);
  143. if (retval != ERROR_OK)
  144. return retval;
  145. }
  146. while ((dscr & (1 << DSCR_INSTR_COMP)) == 0); /* Wait for InstrCompl bit to be set */
  147. mem_ap_write_u32(swjdp, armv7a->debug_base + CPUDBG_ITR, opcode);
  148. do
  149. {
  150. retval = mem_ap_read_atomic_u32(swjdp,
  151. armv7a->debug_base + CPUDBG_DSCR, &dscr);
  152. if (retval != ERROR_OK)
  153. return retval;
  154. }
  155. while ((dscr & (1 << DSCR_INSTR_COMP)) == 0); /* Wait for InstrCompl bit to be set */
  156. return retval;
  157. }
  158. /**************************************************************************
  159. Read core register with very few exec_opcode, fast but needs work_area.
  160. This can cause problems with MMU active.
  161. **************************************************************************/
  162. int cortex_a8_read_regs_through_mem(target_t *target, uint32_t address,
  163. uint32_t * regfile)
  164. {
  165. int retval = ERROR_OK;
  166. /* get pointers to arch-specific information */
  167. armv4_5_common_t *armv4_5 = target->arch_info;
  168. armv7a_common_t *armv7a = armv4_5->arch_info;
  169. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  170. cortex_a8_dap_read_coreregister_u32(target, regfile, 0);
  171. cortex_a8_dap_write_coreregister_u32(target, address, 0);
  172. cortex_a8_exec_opcode(target, ARMV4_5_STMIA(0, 0xFFFE, 0, 0));
  173. dap_ap_select(swjdp, swjdp_memoryap);
  174. mem_ap_read_buf_u32(swjdp, (uint8_t *)(&regfile[1]), 4*15, address);
  175. dap_ap_select(swjdp, swjdp_debugap);
  176. return retval;
  177. }
  178. int cortex_a8_read_cp(target_t *target, uint32_t *value, uint8_t CP,
  179. uint8_t op1, uint8_t CRn, uint8_t CRm, uint8_t op2)
  180. {
  181. int retval;
  182. /* get pointers to arch-specific information */
  183. armv4_5_common_t *armv4_5 = target->arch_info;
  184. armv7a_common_t *armv7a = armv4_5->arch_info;
  185. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  186. cortex_a8_exec_opcode(target, ARMV4_5_MRC(CP, op1, 0, CRn, CRm, op2));
  187. /* Move R0 to DTRTX */
  188. cortex_a8_exec_opcode(target, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
  189. /* Read DCCTX */
  190. retval = mem_ap_read_atomic_u32(swjdp,
  191. armv7a->debug_base + CPUDBG_DTRTX, value);
  192. return retval;
  193. }
  194. int cortex_a8_write_cp(target_t *target, uint32_t value,
  195. uint8_t CP, uint8_t op1, uint8_t CRn, uint8_t CRm, uint8_t op2)
  196. {
  197. int retval;
  198. /* get pointers to arch-specific information */
  199. armv4_5_common_t *armv4_5 = target->arch_info;
  200. armv7a_common_t *armv7a = armv4_5->arch_info;
  201. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  202. retval = mem_ap_write_u32(swjdp,
  203. armv7a->debug_base + CPUDBG_DTRRX, value);
  204. /* Move DTRRX to r0 */
  205. cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0));
  206. cortex_a8_exec_opcode(target, ARMV4_5_MCR(CP, op1, 0, CRn, CRm, op2));
  207. return retval;
  208. }
  209. int cortex_a8_read_cp15(target_t *target, uint32_t op1, uint32_t op2,
  210. uint32_t CRn, uint32_t CRm, uint32_t *value)
  211. {
  212. return cortex_a8_read_cp(target, value, 15, op1, CRn, CRm, op2);
  213. }
  214. int cortex_a8_write_cp15(target_t *target, uint32_t op1, uint32_t op2,
  215. uint32_t CRn, uint32_t CRm, uint32_t value)
  216. {
  217. return cortex_a8_write_cp(target, value, 15, op1, CRn, CRm, op2);
  218. }
  219. int cortex_a8_dap_read_coreregister_u32(target_t *target,
  220. uint32_t *value, int regnum)
  221. {
  222. int retval = ERROR_OK;
  223. uint8_t reg = regnum&0xFF;
  224. uint32_t dscr;
  225. /* get pointers to arch-specific information */
  226. armv4_5_common_t *armv4_5 = target->arch_info;
  227. armv7a_common_t *armv7a = armv4_5->arch_info;
  228. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  229. if (reg > 16)
  230. return retval;
  231. if (reg < 15)
  232. {
  233. /* Rn to DCCTX, MCR p14, 0, Rd, c0, c5, 0, 0xEE000E15 */
  234. cortex_a8_exec_opcode(target, ARMV4_5_MCR(14, 0, reg, 0, 5, 0));
  235. }
  236. else if (reg == 15)
  237. {
  238. cortex_a8_exec_opcode(target, 0xE1A0000F);
  239. cortex_a8_exec_opcode(target, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
  240. }
  241. else if (reg == 16)
  242. {
  243. cortex_a8_exec_opcode(target, ARMV4_5_MRS(0, 0));
  244. cortex_a8_exec_opcode(target, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
  245. }
  246. /* Read DTRRTX */
  247. do
  248. {
  249. retval = mem_ap_read_atomic_u32(swjdp,
  250. armv7a->debug_base + CPUDBG_DSCR, &dscr);
  251. }
  252. while ((dscr & (1 << DSCR_DTR_TX_FULL)) == 0); /* Wait for DTRRXfull */
  253. retval = mem_ap_read_atomic_u32(swjdp,
  254. armv7a->debug_base + CPUDBG_DTRTX, value);
  255. return retval;
  256. }
  257. int cortex_a8_dap_write_coreregister_u32(target_t *target, uint32_t value, int regnum)
  258. {
  259. int retval = ERROR_OK;
  260. uint8_t Rd = regnum&0xFF;
  261. /* get pointers to arch-specific information */
  262. armv4_5_common_t *armv4_5 = target->arch_info;
  263. armv7a_common_t *armv7a = armv4_5->arch_info;
  264. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  265. if (Rd > 16)
  266. return retval;
  267. /* Write to DCCRX */
  268. retval = mem_ap_write_u32(swjdp,
  269. armv7a->debug_base + CPUDBG_DTRRX, value);
  270. if (Rd < 15)
  271. {
  272. /* DCCRX to Rd, MCR p14, 0, Rd, c0, c5, 0, 0xEE000E15 */
  273. cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, Rd, 0, 5, 0));
  274. }
  275. else if (Rd == 15)
  276. {
  277. cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0));
  278. cortex_a8_exec_opcode(target, 0xE1A0F000);
  279. }
  280. else if (Rd == 16)
  281. {
  282. cortex_a8_exec_opcode(target, ARMV4_5_MRC(14, 0, 0, 0, 5, 0));
  283. cortex_a8_exec_opcode(target, ARMV4_5_MSR_GP(0, 0xF, 0));
  284. /* Execute a PrefetchFlush instruction through the ITR. */
  285. cortex_a8_exec_opcode(target, ARMV4_5_MCR(15, 0, 0, 7, 5, 4));
  286. }
  287. return retval;
  288. }
  289. /* Write to memory mapped registers directly with no cache or mmu handling */
  290. int cortex_a8_dap_write_memap_register_u32(target_t *target, uint32_t address, uint32_t value)
  291. {
  292. int retval;
  293. /* get pointers to arch-specific information */
  294. armv4_5_common_t *armv4_5 = target->arch_info;
  295. armv7a_common_t *armv7a = armv4_5->arch_info;
  296. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  297. retval = mem_ap_write_atomic_u32(swjdp, address, value);
  298. return retval;
  299. }
  300. /*
  301. * Cortex-A8 Run control
  302. */
  303. int cortex_a8_poll(target_t *target)
  304. {
  305. int retval = ERROR_OK;
  306. uint32_t dscr;
  307. /* get pointers to arch-specific information */
  308. armv4_5_common_t *armv4_5 = target->arch_info;
  309. armv7a_common_t *armv7a = armv4_5->arch_info;
  310. cortex_a8_common_t *cortex_a8 = armv7a->arch_info;
  311. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  312. enum target_state prev_target_state = target->state;
  313. uint8_t saved_apsel = dap_ap_get_select(swjdp);
  314. dap_ap_select(swjdp, swjdp_debugap);
  315. retval = mem_ap_read_atomic_u32(swjdp,
  316. armv7a->debug_base + CPUDBG_DSCR, &dscr);
  317. if (retval != ERROR_OK)
  318. {
  319. dap_ap_select(swjdp, saved_apsel);
  320. return retval;
  321. }
  322. cortex_a8->cpudbg_dscr = dscr;
  323. if ((dscr & 0x3) == 0x3)
  324. {
  325. if (prev_target_state != TARGET_HALTED)
  326. {
  327. /* We have a halting debug event */
  328. LOG_DEBUG("Target halted");
  329. target->state = TARGET_HALTED;
  330. if ((prev_target_state == TARGET_RUNNING)
  331. || (prev_target_state == TARGET_RESET))
  332. {
  333. retval = cortex_a8_debug_entry(target);
  334. if (retval != ERROR_OK)
  335. return retval;
  336. target_call_event_callbacks(target,
  337. TARGET_EVENT_HALTED);
  338. }
  339. if (prev_target_state == TARGET_DEBUG_RUNNING)
  340. {
  341. LOG_DEBUG(" ");
  342. retval = cortex_a8_debug_entry(target);
  343. if (retval != ERROR_OK)
  344. return retval;
  345. target_call_event_callbacks(target,
  346. TARGET_EVENT_DEBUG_HALTED);
  347. }
  348. }
  349. }
  350. else if ((dscr & 0x3) == 0x2)
  351. {
  352. target->state = TARGET_RUNNING;
  353. }
  354. else
  355. {
  356. LOG_DEBUG("Unknown target state dscr = 0x%08" PRIx32, dscr);
  357. target->state = TARGET_UNKNOWN;
  358. }
  359. dap_ap_select(swjdp, saved_apsel);
  360. return retval;
  361. }
  362. int cortex_a8_halt(target_t *target)
  363. {
  364. int retval = ERROR_OK;
  365. uint32_t dscr;
  366. /* get pointers to arch-specific information */
  367. armv4_5_common_t *armv4_5 = target->arch_info;
  368. armv7a_common_t *armv7a = armv4_5->arch_info;
  369. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  370. uint8_t saved_apsel = dap_ap_get_select(swjdp);
  371. dap_ap_select(swjdp, swjdp_debugap);
  372. /*
  373. * Tell the core to be halted by writing DRCR with 0x1
  374. * and then wait for the core to be halted.
  375. */
  376. retval = mem_ap_write_atomic_u32(swjdp,
  377. armv7a->debug_base + CPUDBG_DRCR, 0x1);
  378. /*
  379. * enter halting debug mode
  380. */
  381. mem_ap_read_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_DSCR, &dscr);
  382. retval = mem_ap_write_atomic_u32(swjdp,
  383. armv7a->debug_base + CPUDBG_DSCR, dscr | (1 << DSCR_HALT_DBG_MODE));
  384. if (retval != ERROR_OK)
  385. goto out;
  386. do {
  387. mem_ap_read_atomic_u32(swjdp,
  388. armv7a->debug_base + CPUDBG_DSCR, &dscr);
  389. } while ((dscr & (1 << DSCR_CORE_HALTED)) == 0);
  390. target->debug_reason = DBG_REASON_DBGRQ;
  391. out:
  392. dap_ap_select(swjdp, saved_apsel);
  393. return retval;
  394. }
  395. int cortex_a8_resume(struct target_s *target, int current,
  396. uint32_t address, int handle_breakpoints, int debug_execution)
  397. {
  398. /* get pointers to arch-specific information */
  399. armv4_5_common_t *armv4_5 = target->arch_info;
  400. armv7a_common_t *armv7a = armv4_5->arch_info;
  401. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  402. // breakpoint_t *breakpoint = NULL;
  403. uint32_t resume_pc, dscr;
  404. uint8_t saved_apsel = dap_ap_get_select(swjdp);
  405. dap_ap_select(swjdp, swjdp_debugap);
  406. if (!debug_execution)
  407. {
  408. target_free_all_working_areas(target);
  409. // cortex_m3_enable_breakpoints(target);
  410. // cortex_m3_enable_watchpoints(target);
  411. }
  412. #if 0
  413. if (debug_execution)
  414. {
  415. /* Disable interrupts */
  416. /* We disable interrupts in the PRIMASK register instead of
  417. * masking with C_MASKINTS,
  418. * This is probably the same issue as Cortex-M3 Errata 377493:
  419. * C_MASKINTS in parallel with disabled interrupts can cause
  420. * local faults to not be taken. */
  421. buf_set_u32(armv7m->core_cache->reg_list[ARMV7M_PRIMASK].value, 0, 32, 1);
  422. armv7m->core_cache->reg_list[ARMV7M_PRIMASK].dirty = 1;
  423. armv7m->core_cache->reg_list[ARMV7M_PRIMASK].valid = 1;
  424. /* Make sure we are in Thumb mode */
  425. buf_set_u32(armv7m->core_cache->reg_list[ARMV7M_xPSR].value, 0, 32,
  426. buf_get_u32(armv7m->core_cache->reg_list[ARMV7M_xPSR].value, 0, 32) | (1 << 24));
  427. armv7m->core_cache->reg_list[ARMV7M_xPSR].dirty = 1;
  428. armv7m->core_cache->reg_list[ARMV7M_xPSR].valid = 1;
  429. }
  430. #endif
  431. /* current = 1: continue on current pc, otherwise continue at <address> */
  432. resume_pc = buf_get_u32(
  433. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  434. armv4_5->core_mode, 15).value,
  435. 0, 32);
  436. if (!current)
  437. resume_pc = address;
  438. /* Make sure that the Armv7 gdb thumb fixups does not
  439. * kill the return address
  440. */
  441. if (armv7a->core_state == ARMV7A_STATE_ARM)
  442. {
  443. resume_pc &= 0xFFFFFFFC;
  444. }
  445. /* When the return address is loaded into PC
  446. * bit 0 must be 1 to stay in Thumb state
  447. */
  448. if (armv7a->core_state == ARMV7A_STATE_THUMB)
  449. {
  450. resume_pc |= 0x1;
  451. }
  452. LOG_DEBUG("resume pc = 0x%08" PRIx32, resume_pc);
  453. buf_set_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  454. armv4_5->core_mode, 15).value,
  455. 0, 32, resume_pc);
  456. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  457. armv4_5->core_mode, 15).dirty = 1;
  458. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  459. armv4_5->core_mode, 15).valid = 1;
  460. cortex_a8_restore_context(target);
  461. // arm7_9_restore_context(target); TODO Context is currently NOT Properly restored
  462. #if 0
  463. /* the front-end may request us not to handle breakpoints */
  464. if (handle_breakpoints)
  465. {
  466. /* Single step past breakpoint at current address */
  467. if ((breakpoint = breakpoint_find(target, resume_pc)))
  468. {
  469. LOG_DEBUG("unset breakpoint at 0x%8.8x", breakpoint->address);
  470. cortex_m3_unset_breakpoint(target, breakpoint);
  471. cortex_m3_single_step_core(target);
  472. cortex_m3_set_breakpoint(target, breakpoint);
  473. }
  474. }
  475. #endif
  476. /* Restart core and wait for it to be started */
  477. mem_ap_write_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_DRCR, 0x2);
  478. do {
  479. mem_ap_read_atomic_u32(swjdp,
  480. armv7a->debug_base + CPUDBG_DSCR, &dscr);
  481. } while ((dscr & (1 << DSCR_CORE_RESTARTED)) == 0);
  482. target->debug_reason = DBG_REASON_NOTHALTED;
  483. target->state = TARGET_RUNNING;
  484. /* registers are now invalid */
  485. armv4_5_invalidate_core_regs(target);
  486. if (!debug_execution)
  487. {
  488. target->state = TARGET_RUNNING;
  489. target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
  490. LOG_DEBUG("target resumed at 0x%" PRIx32, resume_pc);
  491. }
  492. else
  493. {
  494. target->state = TARGET_DEBUG_RUNNING;
  495. target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
  496. LOG_DEBUG("target debug resumed at 0x%" PRIx32, resume_pc);
  497. }
  498. dap_ap_select(swjdp, saved_apsel);
  499. return ERROR_OK;
  500. }
  501. int cortex_a8_debug_entry(target_t *target)
  502. {
  503. int i;
  504. uint32_t regfile[16], pc, cpsr, dscr;
  505. int retval = ERROR_OK;
  506. working_area_t *regfile_working_area = NULL;
  507. /* get pointers to arch-specific information */
  508. armv4_5_common_t *armv4_5 = target->arch_info;
  509. armv7a_common_t *armv7a = armv4_5->arch_info;
  510. cortex_a8_common_t *cortex_a8 = armv7a->arch_info;
  511. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  512. if (armv7a->pre_debug_entry)
  513. armv7a->pre_debug_entry(target);
  514. LOG_DEBUG("dscr = 0x%08" PRIx32, cortex_a8->cpudbg_dscr);
  515. /* Enable the ITR execution once we are in debug mode */
  516. mem_ap_read_atomic_u32(swjdp,
  517. armv7a->debug_base + CPUDBG_DSCR, &dscr);
  518. dscr |= (1 << DSCR_EXT_INT_EN);
  519. retval = mem_ap_write_atomic_u32(swjdp,
  520. armv7a->debug_base + CPUDBG_DSCR, dscr);
  521. /* Examine debug reason */
  522. switch ((cortex_a8->cpudbg_dscr >> 2)&0xF)
  523. {
  524. case 0:
  525. case 4:
  526. target->debug_reason = DBG_REASON_DBGRQ;
  527. break;
  528. case 1:
  529. case 3:
  530. target->debug_reason = DBG_REASON_BREAKPOINT;
  531. break;
  532. case 10:
  533. target->debug_reason = DBG_REASON_WATCHPOINT;
  534. break;
  535. default:
  536. target->debug_reason = DBG_REASON_UNDEFINED;
  537. break;
  538. }
  539. /* Examine target state and mode */
  540. if (cortex_a8->fast_reg_read)
  541. target_alloc_working_area(target, 64, &regfile_working_area);
  542. /* First load register acessible through core debug port*/
  543. if (!regfile_working_area)
  544. {
  545. for (i = 0; i <= 15; i++)
  546. cortex_a8_dap_read_coreregister_u32(target,
  547. &regfile[i], i);
  548. }
  549. else
  550. {
  551. dap_ap_select(swjdp, swjdp_memoryap);
  552. cortex_a8_read_regs_through_mem(target,
  553. regfile_working_area->address, regfile);
  554. dap_ap_select(swjdp, swjdp_memoryap);
  555. target_free_working_area(target, regfile_working_area);
  556. }
  557. cortex_a8_dap_read_coreregister_u32(target, &cpsr, 16);
  558. pc = regfile[15];
  559. dap_ap_select(swjdp, swjdp_debugap);
  560. LOG_DEBUG("cpsr: %8.8" PRIx32, cpsr);
  561. armv4_5->core_mode = cpsr & 0x1F;
  562. armv7a->core_state = (cpsr & 0x20)?ARMV7A_STATE_THUMB:ARMV7A_STATE_ARM;
  563. for (i = 0; i <= ARM_PC; i++)
  564. {
  565. buf_set_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  566. armv4_5->core_mode, i).value,
  567. 0, 32, regfile[i]);
  568. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  569. armv4_5->core_mode, i).valid = 1;
  570. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  571. armv4_5->core_mode, i).dirty = 0;
  572. }
  573. buf_set_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  574. armv4_5->core_mode, 16).value,
  575. 0, 32, cpsr);
  576. ARMV7A_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).valid = 1;
  577. ARMV7A_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 16).dirty = 0;
  578. /* Fixup PC Resume Address */
  579. if (armv7a->core_state == ARMV7A_STATE_THUMB)
  580. {
  581. // T bit set for Thumb or ThumbEE state
  582. regfile[ARM_PC] -= 4;
  583. }
  584. else
  585. {
  586. // ARM state
  587. regfile[ARM_PC] -= 8;
  588. }
  589. buf_set_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  590. armv4_5->core_mode, ARM_PC).value,
  591. 0, 32, regfile[ARM_PC]);
  592. ARMV7A_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0)
  593. .dirty = ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  594. armv4_5->core_mode, 0).valid;
  595. ARMV7A_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 15)
  596. .dirty = ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  597. armv4_5->core_mode, 15).valid;
  598. #if 0
  599. /* TODO, Move this */
  600. uint32_t cp15_control_register, cp15_cacr, cp15_nacr;
  601. cortex_a8_read_cp(target, &cp15_control_register, 15, 0, 1, 0, 0);
  602. LOG_DEBUG("cp15_control_register = 0x%08x", cp15_control_register);
  603. cortex_a8_read_cp(target, &cp15_cacr, 15, 0, 1, 0, 2);
  604. LOG_DEBUG("cp15 Coprocessor Access Control Register = 0x%08x", cp15_cacr);
  605. cortex_a8_read_cp(target, &cp15_nacr, 15, 0, 1, 1, 2);
  606. LOG_DEBUG("cp15 Nonsecure Access Control Register = 0x%08x", cp15_nacr);
  607. #endif
  608. /* Are we in an exception handler */
  609. // armv4_5->exception_number = 0;
  610. if (armv7a->post_debug_entry)
  611. armv7a->post_debug_entry(target);
  612. return retval;
  613. }
  614. void cortex_a8_post_debug_entry(target_t *target)
  615. {
  616. /* get pointers to arch-specific information */
  617. armv4_5_common_t *armv4_5 = target->arch_info;
  618. armv7a_common_t *armv7a = armv4_5->arch_info;
  619. cortex_a8_common_t *cortex_a8 = armv7a->arch_info;
  620. // cortex_a8_read_cp(target, &cp15_control_register, 15, 0, 1, 0, 0);
  621. /* examine cp15 control reg */
  622. armv7a->read_cp15(target, 0, 0, 1, 0, &cortex_a8->cp15_control_reg);
  623. jtag_execute_queue();
  624. LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, cortex_a8->cp15_control_reg);
  625. if (armv7a->armv4_5_mmu.armv4_5_cache.ctype == -1)
  626. {
  627. uint32_t cache_type_reg;
  628. /* identify caches */
  629. armv7a->read_cp15(target, 0, 1, 0, 0, &cache_type_reg);
  630. jtag_execute_queue();
  631. /* FIXME the armv4_4 cache info DOES NOT APPLY to Cortex-A8 */
  632. armv4_5_identify_cache(cache_type_reg,
  633. &armv7a->armv4_5_mmu.armv4_5_cache);
  634. }
  635. armv7a->armv4_5_mmu.mmu_enabled =
  636. (cortex_a8->cp15_control_reg & 0x1U) ? 1 : 0;
  637. armv7a->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
  638. (cortex_a8->cp15_control_reg & 0x4U) ? 1 : 0;
  639. armv7a->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
  640. (cortex_a8->cp15_control_reg & 0x1000U) ? 1 : 0;
  641. }
  642. int cortex_a8_step(struct target_s *target, int current, uint32_t address,
  643. int handle_breakpoints)
  644. {
  645. /* get pointers to arch-specific information */
  646. armv4_5_common_t *armv4_5 = target->arch_info;
  647. armv7a_common_t *armv7a = armv4_5->arch_info;
  648. breakpoint_t *breakpoint = NULL;
  649. breakpoint_t stepbreakpoint;
  650. int timeout = 100;
  651. if (target->state != TARGET_HALTED)
  652. {
  653. LOG_WARNING("target not halted");
  654. return ERROR_TARGET_NOT_HALTED;
  655. }
  656. /* current = 1: continue on current pc, otherwise continue at <address> */
  657. if (!current)
  658. {
  659. buf_set_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  660. armv4_5->core_mode, ARM_PC).value,
  661. 0, 32, address);
  662. }
  663. else
  664. {
  665. address = buf_get_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  666. armv4_5->core_mode, ARM_PC).value,
  667. 0, 32);
  668. }
  669. /* The front-end may request us not to handle breakpoints.
  670. * But since Cortex-A8 uses breakpoint for single step,
  671. * we MUST handle breakpoints.
  672. */
  673. handle_breakpoints = 1;
  674. if (handle_breakpoints) {
  675. breakpoint = breakpoint_find(target,
  676. buf_get_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  677. armv4_5->core_mode, 15).value,
  678. 0, 32));
  679. if (breakpoint)
  680. cortex_a8_unset_breakpoint(target, breakpoint);
  681. }
  682. /* Setup single step breakpoint */
  683. stepbreakpoint.address = address;
  684. stepbreakpoint.length = (armv7a->core_state == ARMV7A_STATE_THUMB) ? 2 : 4;
  685. stepbreakpoint.type = BKPT_HARD;
  686. stepbreakpoint.set = 0;
  687. /* Break on IVA mismatch */
  688. cortex_a8_set_breakpoint(target, &stepbreakpoint, 0x04);
  689. target->debug_reason = DBG_REASON_SINGLESTEP;
  690. cortex_a8_resume(target, 1, address, 0, 0);
  691. while (target->state != TARGET_HALTED)
  692. {
  693. cortex_a8_poll(target);
  694. if (--timeout == 0)
  695. {
  696. LOG_WARNING("timeout waiting for target halt");
  697. break;
  698. }
  699. }
  700. cortex_a8_unset_breakpoint(target, &stepbreakpoint);
  701. if (timeout > 0) target->debug_reason = DBG_REASON_BREAKPOINT;
  702. if (breakpoint)
  703. cortex_a8_set_breakpoint(target, breakpoint, 0);
  704. if (target->state != TARGET_HALTED)
  705. LOG_DEBUG("target stepped");
  706. return ERROR_OK;
  707. }
  708. int cortex_a8_restore_context(target_t *target)
  709. {
  710. int i;
  711. uint32_t value;
  712. /* get pointers to arch-specific information */
  713. armv4_5_common_t *armv4_5 = target->arch_info;
  714. armv7a_common_t *armv7a = armv4_5->arch_info;
  715. LOG_DEBUG(" ");
  716. if (armv7a->pre_restore_context)
  717. armv7a->pre_restore_context(target);
  718. for (i = 15; i >= 0; i--)
  719. {
  720. if (ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  721. armv4_5->core_mode, i).dirty)
  722. {
  723. value = buf_get_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  724. armv4_5->core_mode, i).value,
  725. 0, 32);
  726. /* TODO Check return values */
  727. cortex_a8_dap_write_coreregister_u32(target, value, i);
  728. }
  729. }
  730. if (armv7a->post_restore_context)
  731. armv7a->post_restore_context(target);
  732. return ERROR_OK;
  733. }
  734. /*
  735. * Cortex-A8 Core register functions
  736. */
  737. int cortex_a8_load_core_reg_u32(struct target_s *target, int num,
  738. armv4_5_mode_t mode, uint32_t * value)
  739. {
  740. int retval;
  741. /* get pointers to arch-specific information */
  742. armv4_5_common_t *armv4_5 = target->arch_info;
  743. if ((num <= ARM_CPSR))
  744. {
  745. /* read a normal core register */
  746. retval = cortex_a8_dap_read_coreregister_u32(target, value, num);
  747. if (retval != ERROR_OK)
  748. {
  749. LOG_ERROR("JTAG failure %i", retval);
  750. return ERROR_JTAG_DEVICE_ERROR;
  751. }
  752. LOG_DEBUG("load from core reg %i value 0x%" PRIx32, num, *value);
  753. }
  754. else
  755. {
  756. return ERROR_INVALID_ARGUMENTS;
  757. }
  758. /* Register other than r0 - r14 uses r0 for access */
  759. if (num > 14)
  760. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  761. armv4_5->core_mode, 0).dirty =
  762. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  763. armv4_5->core_mode, 0).valid;
  764. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  765. armv4_5->core_mode, 15).dirty =
  766. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  767. armv4_5->core_mode, 15).valid;
  768. return ERROR_OK;
  769. }
  770. int cortex_a8_store_core_reg_u32(struct target_s *target, int num,
  771. armv4_5_mode_t mode, uint32_t value)
  772. {
  773. int retval;
  774. // uint32_t reg;
  775. /* get pointers to arch-specific information */
  776. armv4_5_common_t *armv4_5 = target->arch_info;
  777. #ifdef ARMV7_GDB_HACKS
  778. /* If the LR register is being modified, make sure it will put us
  779. * in "thumb" mode, or an INVSTATE exception will occur. This is a
  780. * hack to deal with the fact that gdb will sometimes "forge"
  781. * return addresses, and doesn't set the LSB correctly (i.e., when
  782. * printing expressions containing function calls, it sets LR=0.) */
  783. if (num == 14)
  784. value |= 0x01;
  785. #endif
  786. if ((num <= ARM_CPSR))
  787. {
  788. retval = cortex_a8_dap_write_coreregister_u32(target, value, num);
  789. if (retval != ERROR_OK)
  790. {
  791. LOG_ERROR("JTAG failure %i", retval);
  792. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  793. armv4_5->core_mode, num).dirty =
  794. ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  795. armv4_5->core_mode, num).valid;
  796. return ERROR_JTAG_DEVICE_ERROR;
  797. }
  798. LOG_DEBUG("write core reg %i value 0x%" PRIx32, num, value);
  799. }
  800. else
  801. {
  802. return ERROR_INVALID_ARGUMENTS;
  803. }
  804. return ERROR_OK;
  805. }
  806. int cortex_a8_read_core_reg(struct target_s *target, int num,
  807. enum armv4_5_mode mode)
  808. {
  809. uint32_t value;
  810. int retval;
  811. armv4_5_common_t *armv4_5 = target->arch_info;
  812. cortex_a8_dap_read_coreregister_u32(target, &value, num);
  813. if ((retval = jtag_execute_queue()) != ERROR_OK)
  814. {
  815. return retval;
  816. }
  817. ARMV7A_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
  818. ARMV7A_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
  819. buf_set_u32(ARMV7A_CORE_REG_MODE(armv4_5->core_cache,
  820. mode, num).value, 0, 32, value);
  821. return ERROR_OK;
  822. }
  823. int cortex_a8_write_core_reg(struct target_s *target, int num,
  824. enum armv4_5_mode mode, uint32_t value)
  825. {
  826. int retval;
  827. armv4_5_common_t *armv4_5 = target->arch_info;
  828. cortex_a8_dap_write_coreregister_u32(target, value, num);
  829. if ((retval = jtag_execute_queue()) != ERROR_OK)
  830. {
  831. return retval;
  832. }
  833. ARMV7A_CORE_REG_MODE(armv4_5->core_cache, mode, num).valid = 1;
  834. ARMV7A_CORE_REG_MODE(armv4_5->core_cache, mode, num).dirty = 0;
  835. return ERROR_OK;
  836. }
  837. /*
  838. * Cortex-A8 Breakpoint and watchpoint fuctions
  839. */
  840. /* Setup hardware Breakpoint Register Pair */
  841. int cortex_a8_set_breakpoint(struct target_s *target,
  842. breakpoint_t *breakpoint, uint8_t matchmode)
  843. {
  844. int retval;
  845. int brp_i=0;
  846. uint32_t control;
  847. uint8_t byte_addr_select = 0x0F;
  848. /* get pointers to arch-specific information */
  849. armv4_5_common_t *armv4_5 = target->arch_info;
  850. armv7a_common_t *armv7a = armv4_5->arch_info;
  851. cortex_a8_common_t *cortex_a8 = armv7a->arch_info;
  852. cortex_a8_brp_t * brp_list = cortex_a8->brp_list;
  853. if (breakpoint->set)
  854. {
  855. LOG_WARNING("breakpoint already set");
  856. return ERROR_OK;
  857. }
  858. if (breakpoint->type == BKPT_HARD)
  859. {
  860. while (brp_list[brp_i].used && (brp_i < cortex_a8->brp_num))
  861. brp_i++ ;
  862. if (brp_i >= cortex_a8->brp_num)
  863. {
  864. LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
  865. exit(-1);
  866. }
  867. breakpoint->set = brp_i + 1;
  868. if (breakpoint->length == 2)
  869. {
  870. byte_addr_select = (3 << (breakpoint->address & 0x02));
  871. }
  872. control = ((matchmode & 0x7) << 20)
  873. | (byte_addr_select << 5)
  874. | (3 << 1) | 1;
  875. brp_list[brp_i].used = 1;
  876. brp_list[brp_i].value = (breakpoint->address & 0xFFFFFFFC);
  877. brp_list[brp_i].control = control;
  878. cortex_a8_dap_write_memap_register_u32(target, armv7a->debug_base
  879. + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
  880. brp_list[brp_i].value);
  881. cortex_a8_dap_write_memap_register_u32(target, armv7a->debug_base
  882. + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
  883. brp_list[brp_i].control);
  884. LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
  885. brp_list[brp_i].control,
  886. brp_list[brp_i].value);
  887. }
  888. else if (breakpoint->type == BKPT_SOFT)
  889. {
  890. uint8_t code[4];
  891. if (breakpoint->length == 2)
  892. {
  893. buf_set_u32(code, 0, 32, ARMV5_T_BKPT(0x11));
  894. }
  895. else
  896. {
  897. buf_set_u32(code, 0, 32, ARMV5_BKPT(0x11));
  898. }
  899. retval = target->type->read_memory(target,
  900. breakpoint->address & 0xFFFFFFFE,
  901. breakpoint->length, 1,
  902. breakpoint->orig_instr);
  903. if (retval != ERROR_OK)
  904. return retval;
  905. retval = target->type->write_memory(target,
  906. breakpoint->address & 0xFFFFFFFE,
  907. breakpoint->length, 1, code);
  908. if (retval != ERROR_OK)
  909. return retval;
  910. breakpoint->set = 0x11; /* Any nice value but 0 */
  911. }
  912. return ERROR_OK;
  913. }
  914. int cortex_a8_unset_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
  915. {
  916. int retval;
  917. /* get pointers to arch-specific information */
  918. armv4_5_common_t *armv4_5 = target->arch_info;
  919. armv7a_common_t *armv7a = armv4_5->arch_info;
  920. cortex_a8_common_t *cortex_a8 = armv7a->arch_info;
  921. cortex_a8_brp_t * brp_list = cortex_a8->brp_list;
  922. if (!breakpoint->set)
  923. {
  924. LOG_WARNING("breakpoint not set");
  925. return ERROR_OK;
  926. }
  927. if (breakpoint->type == BKPT_HARD)
  928. {
  929. int brp_i = breakpoint->set - 1;
  930. if ((brp_i < 0) || (brp_i >= cortex_a8->brp_num))
  931. {
  932. LOG_DEBUG("Invalid BRP number in breakpoint");
  933. return ERROR_OK;
  934. }
  935. LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx32, brp_i,
  936. brp_list[brp_i].control, brp_list[brp_i].value);
  937. brp_list[brp_i].used = 0;
  938. brp_list[brp_i].value = 0;
  939. brp_list[brp_i].control = 0;
  940. cortex_a8_dap_write_memap_register_u32(target, armv7a->debug_base
  941. + CPUDBG_BCR_BASE + 4 * brp_list[brp_i].BRPn,
  942. brp_list[brp_i].control);
  943. cortex_a8_dap_write_memap_register_u32(target, armv7a->debug_base
  944. + CPUDBG_BVR_BASE + 4 * brp_list[brp_i].BRPn,
  945. brp_list[brp_i].value);
  946. }
  947. else
  948. {
  949. /* restore original instruction (kept in target endianness) */
  950. if (breakpoint->length == 4)
  951. {
  952. retval = target->type->write_memory(target,
  953. breakpoint->address & 0xFFFFFFFE,
  954. 4, 1, breakpoint->orig_instr);
  955. if (retval != ERROR_OK)
  956. return retval;
  957. }
  958. else
  959. {
  960. retval = target->type->write_memory(target,
  961. breakpoint->address & 0xFFFFFFFE,
  962. 2, 1, breakpoint->orig_instr);
  963. if (retval != ERROR_OK)
  964. return retval;
  965. }
  966. }
  967. breakpoint->set = 0;
  968. return ERROR_OK;
  969. }
  970. int cortex_a8_add_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
  971. {
  972. /* get pointers to arch-specific information */
  973. armv4_5_common_t *armv4_5 = target->arch_info;
  974. armv7a_common_t *armv7a = armv4_5->arch_info;
  975. cortex_a8_common_t *cortex_a8 = armv7a->arch_info;
  976. if ((breakpoint->type == BKPT_HARD) && (cortex_a8->brp_num_available < 1))
  977. {
  978. LOG_INFO("no hardware breakpoint available");
  979. return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
  980. }
  981. if (breakpoint->type == BKPT_HARD)
  982. cortex_a8->brp_num_available--;
  983. cortex_a8_set_breakpoint(target, breakpoint, 0x00); /* Exact match */
  984. return ERROR_OK;
  985. }
  986. int cortex_a8_remove_breakpoint(struct target_s *target, breakpoint_t *breakpoint)
  987. {
  988. /* get pointers to arch-specific information */
  989. armv4_5_common_t *armv4_5 = target->arch_info;
  990. armv7a_common_t *armv7a = armv4_5->arch_info;
  991. cortex_a8_common_t *cortex_a8 = armv7a->arch_info;
  992. #if 0
  993. /* It is perfectly possible to remove brakpoints while the taget is running */
  994. if (target->state != TARGET_HALTED)
  995. {
  996. LOG_WARNING("target not halted");
  997. return ERROR_TARGET_NOT_HALTED;
  998. }
  999. #endif
  1000. if (breakpoint->set)
  1001. {
  1002. cortex_a8_unset_breakpoint(target, breakpoint);
  1003. if (breakpoint->type == BKPT_HARD)
  1004. cortex_a8->brp_num_available++ ;
  1005. }
  1006. return ERROR_OK;
  1007. }
  1008. /*
  1009. * Cortex-A8 Reset fuctions
  1010. */
  1011. int cortex_a8_assert_reset(target_t *target)
  1012. {
  1013. LOG_DEBUG(" ");
  1014. /* registers are now invalid */
  1015. armv4_5_invalidate_core_regs(target);
  1016. target->state = TARGET_RESET;
  1017. return ERROR_OK;
  1018. }
  1019. int cortex_a8_deassert_reset(target_t *target)
  1020. {
  1021. LOG_DEBUG(" ");
  1022. if (target->reset_halt)
  1023. {
  1024. int retval;
  1025. if ((retval = target_halt(target)) != ERROR_OK)
  1026. return retval;
  1027. }
  1028. return ERROR_OK;
  1029. }
  1030. /*
  1031. * Cortex-A8 Memory access
  1032. *
  1033. * This is same Cortex M3 but we must also use the correct
  1034. * ap number for every access.
  1035. */
  1036. int cortex_a8_read_memory(struct target_s *target, uint32_t address,
  1037. uint32_t size, uint32_t count, uint8_t *buffer)
  1038. {
  1039. /* get pointers to arch-specific information */
  1040. armv4_5_common_t *armv4_5 = target->arch_info;
  1041. armv7a_common_t *armv7a = armv4_5->arch_info;
  1042. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  1043. int retval = ERROR_OK;
  1044. /* sanitize arguments */
  1045. if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
  1046. return ERROR_INVALID_ARGUMENTS;
  1047. /* cortex_a8 handles unaligned memory access */
  1048. // ??? dap_ap_select(swjdp, swjdp_memoryap);
  1049. switch (size)
  1050. {
  1051. case 4:
  1052. retval = mem_ap_read_buf_u32(swjdp, buffer, 4 * count, address);
  1053. break;
  1054. case 2:
  1055. retval = mem_ap_read_buf_u16(swjdp, buffer, 2 * count, address);
  1056. break;
  1057. case 1:
  1058. retval = mem_ap_read_buf_u8(swjdp, buffer, count, address);
  1059. break;
  1060. default:
  1061. LOG_ERROR("BUG: we shouldn't get here");
  1062. exit(-1);
  1063. }
  1064. return retval;
  1065. }
  1066. int cortex_a8_write_memory(struct target_s *target, uint32_t address,
  1067. uint32_t size, uint32_t count, uint8_t *buffer)
  1068. {
  1069. /* get pointers to arch-specific information */
  1070. armv4_5_common_t *armv4_5 = target->arch_info;
  1071. armv7a_common_t *armv7a = armv4_5->arch_info;
  1072. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  1073. int retval;
  1074. /* sanitize arguments */
  1075. if (((size != 4) && (size != 2) && (size != 1)) || (count == 0) || !(buffer))
  1076. return ERROR_INVALID_ARGUMENTS;
  1077. // ??? dap_ap_select(swjdp, swjdp_memoryap);
  1078. switch (size)
  1079. {
  1080. case 4:
  1081. retval = mem_ap_write_buf_u32(swjdp, buffer, 4 * count, address);
  1082. break;
  1083. case 2:
  1084. retval = mem_ap_write_buf_u16(swjdp, buffer, 2 * count, address);
  1085. break;
  1086. case 1:
  1087. retval = mem_ap_write_buf_u8(swjdp, buffer, count, address);
  1088. break;
  1089. default:
  1090. LOG_ERROR("BUG: we shouldn't get here");
  1091. exit(-1);
  1092. }
  1093. /* The Cache handling will NOT work with MMU active, the wrong addresses will be invalidated */
  1094. /* invalidate I-Cache */
  1095. if (armv7a->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
  1096. {
  1097. /* Invalidate ICache single entry with MVA, repeat this for all cache
  1098. lines in the address range, Cortex-A8 has fixed 64 byte line length */
  1099. /* Invalidate Cache single entry with MVA to PoU */
  1100. for (uint32_t cacheline=address; cacheline<address+size*count; cacheline+=64)
  1101. armv7a->write_cp15(target, 0, 1, 7, 5, cacheline); /* I-Cache to PoU */
  1102. }
  1103. /* invalidate D-Cache */
  1104. if (armv7a->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
  1105. {
  1106. /* Invalidate Cache single entry with MVA to PoC */
  1107. for (uint32_t cacheline=address; cacheline<address+size*count; cacheline+=64)
  1108. armv7a->write_cp15(target, 0, 1, 7, 6, cacheline); /* U/D cache to PoC */
  1109. }
  1110. return retval;
  1111. }
  1112. int cortex_a8_bulk_write_memory(target_t *target, uint32_t address,
  1113. uint32_t count, uint8_t *buffer)
  1114. {
  1115. return cortex_a8_write_memory(target, address, 4, count, buffer);
  1116. }
  1117. int cortex_a8_dcc_read(swjdp_common_t *swjdp, uint8_t *value, uint8_t *ctrl)
  1118. {
  1119. #if 0
  1120. u16 dcrdr;
  1121. mem_ap_read_buf_u16(swjdp, (uint8_t*)&dcrdr, 1, DCB_DCRDR);
  1122. *ctrl = (uint8_t)dcrdr;
  1123. *value = (uint8_t)(dcrdr >> 8);
  1124. LOG_DEBUG("data 0x%x ctrl 0x%x", *value, *ctrl);
  1125. /* write ack back to software dcc register
  1126. * signify we have read data */
  1127. if (dcrdr & (1 << 0))
  1128. {
  1129. dcrdr = 0;
  1130. mem_ap_write_buf_u16(swjdp, (uint8_t*)&dcrdr, 1, DCB_DCRDR);
  1131. }
  1132. #endif
  1133. return ERROR_OK;
  1134. }
  1135. int cortex_a8_handle_target_request(void *priv)
  1136. {
  1137. target_t *target = priv;
  1138. if (!target->type->examined)
  1139. return ERROR_OK;
  1140. armv4_5_common_t *armv4_5 = target->arch_info;
  1141. armv7a_common_t *armv7a = armv4_5->arch_info;
  1142. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  1143. if (!target->dbg_msg_enabled)
  1144. return ERROR_OK;
  1145. if (target->state == TARGET_RUNNING)
  1146. {
  1147. uint8_t data = 0;
  1148. uint8_t ctrl = 0;
  1149. cortex_a8_dcc_read(swjdp, &data, &ctrl);
  1150. /* check if we have data */
  1151. if (ctrl & (1 << 0))
  1152. {
  1153. uint32_t request;
  1154. /* we assume target is quick enough */
  1155. request = data;
  1156. cortex_a8_dcc_read(swjdp, &data, &ctrl);
  1157. request |= (data << 8);
  1158. cortex_a8_dcc_read(swjdp, &data, &ctrl);
  1159. request |= (data << 16);
  1160. cortex_a8_dcc_read(swjdp, &data, &ctrl);
  1161. request |= (data << 24);
  1162. target_request(target, request);
  1163. }
  1164. }
  1165. return ERROR_OK;
  1166. }
  1167. /*
  1168. * Cortex-A8 target information and configuration
  1169. */
  1170. int cortex_a8_examine(struct target_s *target)
  1171. {
  1172. /* get pointers to arch-specific information */
  1173. armv4_5_common_t *armv4_5 = target->arch_info;
  1174. armv7a_common_t *armv7a = armv4_5->arch_info;
  1175. cortex_a8_common_t *cortex_a8 = armv7a->arch_info;
  1176. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  1177. int i;
  1178. int retval = ERROR_OK;
  1179. uint32_t didr, ctypr, ttypr, cpuid;
  1180. LOG_DEBUG("TODO");
  1181. /* Here we shall insert a proper ROM Table scan */
  1182. armv7a->debug_base = OMAP3530_DEBUG_BASE;
  1183. /* We do one extra read to ensure DAP is configured,
  1184. * we call ahbap_debugport_init(swjdp) instead
  1185. */
  1186. ahbap_debugport_init(swjdp);
  1187. mem_ap_read_atomic_u32(swjdp, armv7a->debug_base + CPUDBG_CPUID, &cpuid);
  1188. if ((retval = mem_ap_read_atomic_u32(swjdp,
  1189. armv7a->debug_base + CPUDBG_CPUID, &cpuid)) != ERROR_OK)
  1190. {
  1191. LOG_DEBUG("Examine failed");
  1192. return retval;
  1193. }
  1194. if ((retval = mem_ap_read_atomic_u32(swjdp,
  1195. armv7a->debug_base + CPUDBG_CTYPR, &ctypr)) != ERROR_OK)
  1196. {
  1197. LOG_DEBUG("Examine failed");
  1198. return retval;
  1199. }
  1200. if ((retval = mem_ap_read_atomic_u32(swjdp,
  1201. armv7a->debug_base + CPUDBG_TTYPR, &ttypr)) != ERROR_OK)
  1202. {
  1203. LOG_DEBUG("Examine failed");
  1204. return retval;
  1205. }
  1206. if ((retval = mem_ap_read_atomic_u32(swjdp,
  1207. armv7a->debug_base + CPUDBG_DIDR, &didr)) != ERROR_OK)
  1208. {
  1209. LOG_DEBUG("Examine failed");
  1210. return retval;
  1211. }
  1212. LOG_DEBUG("cpuid = 0x%08" PRIx32, cpuid);
  1213. LOG_DEBUG("ctypr = 0x%08" PRIx32, ctypr);
  1214. LOG_DEBUG("ttypr = 0x%08" PRIx32, ttypr);
  1215. LOG_DEBUG("didr = 0x%08" PRIx32, didr);
  1216. /* Setup Breakpoint Register Pairs */
  1217. cortex_a8->brp_num = ((didr >> 24) & 0x0F) + 1;
  1218. cortex_a8->brp_num_context = ((didr >> 20) & 0x0F) + 1;
  1219. cortex_a8->brp_num_available = cortex_a8->brp_num;
  1220. cortex_a8->brp_list = calloc(cortex_a8->brp_num, sizeof(cortex_a8_brp_t));
  1221. // cortex_a8->brb_enabled = ????;
  1222. for (i = 0; i < cortex_a8->brp_num; i++)
  1223. {
  1224. cortex_a8->brp_list[i].used = 0;
  1225. if (i < (cortex_a8->brp_num-cortex_a8->brp_num_context))
  1226. cortex_a8->brp_list[i].type = BRP_NORMAL;
  1227. else
  1228. cortex_a8->brp_list[i].type = BRP_CONTEXT;
  1229. cortex_a8->brp_list[i].value = 0;
  1230. cortex_a8->brp_list[i].control = 0;
  1231. cortex_a8->brp_list[i].BRPn = i;
  1232. }
  1233. /* Setup Watchpoint Register Pairs */
  1234. cortex_a8->wrp_num = ((didr >> 28) & 0x0F) + 1;
  1235. cortex_a8->wrp_num_available = cortex_a8->wrp_num;
  1236. cortex_a8->wrp_list = calloc(cortex_a8->wrp_num, sizeof(cortex_a8_wrp_t));
  1237. for (i = 0; i < cortex_a8->wrp_num; i++)
  1238. {
  1239. cortex_a8->wrp_list[i].used = 0;
  1240. cortex_a8->wrp_list[i].type = 0;
  1241. cortex_a8->wrp_list[i].value = 0;
  1242. cortex_a8->wrp_list[i].control = 0;
  1243. cortex_a8->wrp_list[i].WRPn = i;
  1244. }
  1245. LOG_DEBUG("Configured %i hw breakpoint pairs and %i hw watchpoint pairs",
  1246. cortex_a8->brp_num , cortex_a8->wrp_num);
  1247. /* Configure core debug access */
  1248. cortex_a8_init_debug_access(target);
  1249. target->type->examined = 1;
  1250. return retval;
  1251. }
  1252. /*
  1253. * Cortex-A8 target creation and initialization
  1254. */
  1255. void cortex_a8_build_reg_cache(target_t *target)
  1256. {
  1257. reg_cache_t **cache_p = register_get_last_cache_p(&target->reg_cache);
  1258. /* get pointers to arch-specific information */
  1259. armv4_5_common_t *armv4_5 = target->arch_info;
  1260. (*cache_p) = armv4_5_build_reg_cache(target, armv4_5);
  1261. armv4_5->core_cache = (*cache_p);
  1262. }
  1263. int cortex_a8_init_target(struct command_context_s *cmd_ctx,
  1264. struct target_s *target)
  1265. {
  1266. cortex_a8_build_reg_cache(target);
  1267. return ERROR_OK;
  1268. }
  1269. int cortex_a8_init_arch_info(target_t *target,
  1270. cortex_a8_common_t *cortex_a8, jtag_tap_t *tap)
  1271. {
  1272. armv4_5_common_t *armv4_5;
  1273. armv7a_common_t *armv7a;
  1274. armv7a = &cortex_a8->armv7a_common;
  1275. armv4_5 = &armv7a->armv4_5_common;
  1276. swjdp_common_t *swjdp = &armv7a->swjdp_info;
  1277. /* Setup cortex_a8_common_t */
  1278. cortex_a8->common_magic = CORTEX_A8_COMMON_MAGIC;
  1279. cortex_a8->arch_info = NULL;
  1280. armv7a->arch_info = cortex_a8;
  1281. armv4_5->arch_info = armv7a;
  1282. armv4_5_init_arch_info(target, armv4_5);
  1283. /* prepare JTAG information for the new target */
  1284. cortex_a8->jtag_info.tap = tap;
  1285. cortex_a8->jtag_info.scann_size = 4;
  1286. LOG_DEBUG(" ");
  1287. swjdp->dp_select_value = -1;
  1288. swjdp->ap_csw_value = -1;
  1289. swjdp->ap_tar_value = -1;
  1290. swjdp->jtag_info = &cortex_a8->jtag_info;
  1291. swjdp->memaccess_tck = 80;
  1292. /* Number of bits for tar autoincrement, impl. dep. at least 10 */
  1293. swjdp->tar_autoincr_block = (1 << 10);
  1294. cortex_a8->fast_reg_read = 0;
  1295. /* register arch-specific functions */
  1296. armv7a->examine_debug_reason = NULL;
  1297. armv7a->pre_debug_entry = NULL;
  1298. armv7a->post_debug_entry = cortex_a8_post_debug_entry;
  1299. armv7a->pre_restore_context = NULL;
  1300. armv7a->post_restore_context = NULL;
  1301. armv7a->armv4_5_mmu.armv4_5_cache.ctype = -1;
  1302. // armv7a->armv4_5_mmu.get_ttb = armv7a_get_ttb;
  1303. armv7a->armv4_5_mmu.read_memory = cortex_a8_read_memory;
  1304. armv7a->armv4_5_mmu.write_memory = cortex_a8_write_memory;
  1305. // armv7a->armv4_5_mmu.disable_mmu_caches = armv7a_disable_mmu_caches;
  1306. // armv7a->armv4_5_mmu.enable_mmu_caches = armv7a_enable_mmu_caches;
  1307. armv7a->armv4_5_mmu.has_tiny_pages = 1;
  1308. armv7a->armv4_5_mmu.mmu_enabled = 0;
  1309. armv7a->read_cp15 = cortex_a8_read_cp15;
  1310. armv7a->write_cp15 = cortex_a8_write_cp15;
  1311. // arm7_9->handle_target_request = cortex_a8_handle_target_request;
  1312. armv4_5->read_core_reg = cortex_a8_read_core_reg;
  1313. armv4_5->write_core_reg = cortex_a8_write_core_reg;
  1314. // armv4_5->full_context = arm7_9_full_context;
  1315. // armv4_5->load_core_reg_u32 = cortex_a8_load_core_reg_u32;
  1316. // armv4_5->store_core_reg_u32 = cortex_a8_store_core_reg_u32;
  1317. // armv4_5->read_core_reg = armv4_5_read_core_reg; /* this is default */
  1318. // armv4_5->write_core_reg = armv4_5_write_core_reg;
  1319. target_register_timer_callback(cortex_a8_handle_target_request, 1, 1, target);
  1320. return ERROR_OK;
  1321. }
  1322. int cortex_a8_target_create(struct target_s *target, Jim_Interp *interp)
  1323. {
  1324. cortex_a8_common_t *cortex_a8 = calloc(1, sizeof(cortex_a8_common_t));
  1325. cortex_a8_init_arch_info(target, cortex_a8, target->tap);
  1326. return ERROR_OK;
  1327. }
  1328. static int cortex_a8_handle_cache_info_command(struct command_context_s *cmd_ctx,
  1329. char *cmd, char **args, int argc)
  1330. {
  1331. target_t *target = get_current_target(cmd_ctx);
  1332. armv4_5_common_t *armv4_5 = target->arch_info;
  1333. armv7a_common_t *armv7a = armv4_5->arch_info;
  1334. return armv4_5_handle_cache_info_command(cmd_ctx,
  1335. &armv7a->armv4_5_mmu.armv4_5_cache);
  1336. }
  1337. static int cortex_a8_handle_dbginit_command(struct command_context_s *cmd_ctx,
  1338. char *cmd, char **args, int argc)
  1339. {
  1340. target_t *target = get_current_target(cmd_ctx);
  1341. cortex_a8_init_debug_access(target);
  1342. return ERROR_OK;
  1343. }
  1344. int cortex_a8_register_commands(struct command_context_s *cmd_ctx)
  1345. {
  1346. command_t *cortex_a8_cmd;
  1347. int retval = ERROR_OK;
  1348. armv4_5_register_commands(cmd_ctx);
  1349. armv7a_register_commands(cmd_ctx);
  1350. cortex_a8_cmd = register_command(cmd_ctx, NULL, "cortex_a8",
  1351. NULL, COMMAND_ANY,
  1352. "cortex_a8 specific commands");
  1353. register_command(cmd_ctx, cortex_a8_cmd, "cache_info",
  1354. cortex_a8_handle_cache_info_command, COMMAND_EXEC,
  1355. "display information about target caches");
  1356. register_command(cmd_ctx, cortex_a8_cmd, "dbginit",
  1357. cortex_a8_handle_dbginit_command, COMMAND_EXEC,
  1358. "Initialize core debug");
  1359. return retval;
  1360. }