work around issues with software breakpoints when the text segment
is mapped read-only by the OS. Set DACR to "all-manager" to bypass
TLB permission checks on memory access.
Change-Id: I79fd9b32b04a4d538d489896470ee30b26b72b30
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3107
Tested-by: jenkins
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
This patch fixes the tap order so that it matches the actual jtag
chain when all taps are enabled. It also introduces a variable
DEFAULT_TAPS that can be set outside of this script, e.g. on the
command line, to specify which taps are to be enabled on init.
Lastly, a new debug target "am335x.m3" is added so that the Wakeup-M3
can be selected for debugging.
Change-Id: Iccf177fda8d5e3737b1b2bb8fd1eaa7d3262ed9f
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3013
Tested-by: jenkins
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Tested with "J-Link OB RX621-ARM-SWD V1 compiled Nov 4 2014 10:47:22".
Change-Id: Ib64c0be407f99df57f058a4498556fd5ab7e9112
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-on: http://openocd.zylin.com/3170
Tested-by: jenkins
Reviewed-by: Spencer Oliver <spen@spen-soft.co.uk>
Tested with Relax Kit for 5V Shields:
J-Link Lite-XMC4200 Rev.1 compiled Oct 14 2015 10:14:50
and with Relax Lite Kit:
J-Link Lite-XMC4200 Rev.1 compiled Oct 14 2015 10:14:50
Derived from xmc4800-relax.cfg.
Change-Id: I4e10fb6ed1f85168634d3b5259d3041ffc6b74d8
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-on: http://openocd.zylin.com/3130
Tested-by: jenkins
Reviewed-by: Spencer Oliver <spen@spen-soft.co.uk>
Change tests when reading from 'value' in sysfs from =='0' to !='1'.
This guards against broken sysfs GPIO implementations that return
non-zero for high rather than just '1' while still being clean and
correct code. Note that sysfs will never output a leading zero even
in a very broken implementation as that is covered in gpiolib.c, not
the offending driver.
Tested against broken Freescale kernel 3.14.38 on i.MX6SL.
Change-Id: Id05567bb8504b1babef33d6ee5172bceefeca8b8
Signed-off-by: Matthew Campbell <mcampbell@izotope.com>
Reviewed-on: http://openocd.zylin.com/3121
Tested-by: jenkins
Reviewed-by: Antonio Borneo <borneo.antonio@gmail.com>
Reviewed-by: Spencer Oliver <spen@spen-soft.co.uk>
On JTAG, all reads are pipelined. If you read a register, the result is not
delivered inside the request that issued the read, it is delivered in the
following request. The current code therefore issues a scan of the RDBUFF
register after each read. This adds a superfluous transaction after each
read.
This patch follows a strategy similar to what SWD already implements.
It also leverages that all JTAG reads are pipelined, i.e. the result
will be clocked out in the next JTAG data phase, no matter if it's
READ or WRITE. Therefore it's never necessary to explicitly read RDBUFF
other than for the very last READ before a dap_run().
Change-Id: Ie40b1fef3203f0cdcb503f40dcbd2a68b0f9776c
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3167
Tested-by: jenkins
Reviewed-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Debug initialization blindly selects AP#0 as default, which is the AHB-AP
in many cases. This sets the default for target_read/write functions.
However, AHB-AP is the wrong choice, because it bypasses caches on read
and write and also makes some peripherals inaccessible (e.g. l2 outer
caches). This patch explicitely selects the APB-AP (debug_ap) as the
default.
Change-Id: I13f9e0750186d35dcfc135c8d67d437c5884d9c4
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3113
Tested-by: jenkins
Reviewed-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Remove entirely the concept of a "selected" AP that has to be maintained
between calls. All the information the DAP ops need are now provided to
each call through the AP/DAP pointer.
Consolidate the cache of the SELECT fields into one single field caching
the entire register.
Change-Id: I2e1c93ac5ee8ac38a7d680ca2c660c30093a6b87
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3165
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Move the mandatory dap_ap_select() call into the dap_queue_ap_read/write
wrapper.
This avoids the need for dap_ap_select() and the notion of a "current" AP
within target code.
Change-Id: I5cde8f3eef2c662f7458be6f3b3dd44ea693bd74
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3164
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Make dap apsel without arguments show current state instead of changing
to AP 0.
Change-Id: I75ea10e3e1b8a067f2dc417ec6691dc7ceec1af6
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3163
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
All AP operations should select the AP to use before calling it so
there's no point in restoring the previous value afterwards.
The explicit call to dap_ap_select() before all AP operations should be
moved into dap_queue_ap_read/write() which then would have to take the
AP as an argument instead of the DAP.
Change-Id: Icacb0c76ef2a5ac36b4d2f26b52ec01a8850286e
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3156
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
It's currently set during target creation but the AP that will be used
for the target is not even known.
Change-Id: I4502e7eb1fa8d90f746445b8cf8a4c21cb7d519e
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3155
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
The AP for which the TAR/CSW is printed may not be the one that caused
the failure. Remove the flawed output entirely. The correct info is
printed in mem_ap_read/write anyway.
Change-Id: I97580a0662dcf02e80646e45445cdbfc251122d8
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3154
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
All mem_ap_* functions now make sure the SELECT register is updated with
the AP number that it's operating on. This shouldn't have to be handled
explicitly.
Change-Id: Ib193d8930fabb6a25715064355f98258c9580b5d
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3153
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
This function does two separate things, powering up the DP and setting
up a MEM-AP. But the DP needs to be powered before even searching for a
MEM-AP to initialize and targets may have multiple MEM-APs that need
initializing.
Split the function into dap_dp_init() and mem_ap_init() and change all
call sites to use the appropriate one.
Change-Id: I92f55e09754a93f3f01dd8e5aa1ffdf60c856126
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3151
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Reduce use of magic numbers and add AXI type MEM-AP detection. Don't try
to call dap_rom_display on a non-existent AP.
AP identification is unique per designer, so make sure the JEDEC code
matches ARM when interpreting the AP type.
Change-Id: I8e86b7de61811382afe99bf15094ab71b43f5fdf
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3150
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Change the debug_ap and memory_ap fields of the cortex_a target and
the debug_ap field of the cortex_m target to be pointers to the
struct adiv5_ap instead of AP numbers in some known DAP.
This reduces the dependency on the DAP struct in the targets and
enables MEM-AP accesses to take the relevant AP as parameter.
Change-Id: I39d7b134d78000564b7eec5bff464adf0ef89147
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3147
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
This required fixing the AP ID parsing in dap_find_ap() to
match IHI0031C. The AXI type was added too.
Change-Id: I44577a7848df37586e650dce0fb57ac26f5f858c
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3146
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
This will make it possible to reference directly the AP used for debug
in the target instance and remove the DAP reference. This will in turn
enable getting rid of the need to select an "active" AP in the DAP (using
dap apsel).
Change-Id: I265846a427c714204f4fd3df3cdb75843686c2d0
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3144
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Not clear what it was supposed to be used for. It probably shouldn't.
Change-Id: Ife1d833e59ba80f93876447d752a0ca7e7b57b0f
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3143
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
The Cortex-A and Cortex-M keeps an arm_jtag struct around just to be
able to pass a pointer to it to one common JTAG function which anyway
only uses the TAP field.
Refactor the function to take a TAP directly, remove the legacy struct
from cortex instances and store the TAP pointer only in the DAP.
Cortex-M makes a call to arm_jtag_setup_connection() with the struct
but the function does nothing useful for a Cortex-M target so remove
the call.
Change-Id: I3b33709ef55372ef14522ed4337e9f2e817ae3ab
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3142
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Making the SWD driver aware of the DAP that controls it is a layering
violation.
The only usage for the DAP pointer is to store the number of idle cycles
the AP may need to avoid WAITs. Replace the DAP pointer with a cycle
count hint instead to avoid future misuse.
Change-Id: I3e64e11a43ba2396bd646a4cf8f9bc331805d802
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Reviewed-on: http://openocd.zylin.com/3141
Tested-by: jenkins
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Separate out the values from adiv5_dap that are associated with a specific AP into a new struct, so we can properly support multiple APs. Remove the DAP struct from the armv7* structs, because we can have multiple CPUs per DAP, and we shouldn't have multiple DAP structs. Tidy up a few places where ap_current is used incorrectly.
Change-Id: I0c6ef4b49cc86b140366347aaf9b76c07cbab0a8
Signed-off-by: Patrick Stewart <patstew@gmail.com>
Reviewed-on: http://openocd.zylin.com/2984
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Prepare to support multiple cortex-m cores on one DAP. Uses mem_ap_sel_*
functions and removes mem_ap_* functions. Adds a new debug_ap
parameter to the cortex_m (currently set to zero as in existing code).
Change-Id: I6926029d1e7bf44a42d453d1aff349bda824ba72
Signed-off-by: Patrick Stewart <patstew@gmail.com>
Reviewed-on: http://openocd.zylin.com/2983
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
ERROR_WAIT is better than ERROR_FAIL in timeout condition.
Change-Id: Iefe837f276a9091ce6c18db5947212c449f49d89
Signed-off-by: Alamy Liu <alamy.liu@gmail.com>
Reviewed-on: http://openocd.zylin.com/2934
Tested-by: jenkins
Reviewed-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
This is a TODO in the src/target/arm_adi_v5.h for MEM-AP registers.
Some new registers are introduced in ADIv5.2 specification.
MEM_AP_REG_MGT (0x20) // Memory Barrier Transfer register
MEM_AP_REG_TAR64 (0x08) // Bits[63:32] of Transfer Address
MEM_AP_REG_BASE64 (0xF0) // Bits[63:32] of Debug Base Address
Refer to
7.5 MEM-AP register summary in
IHI0031C: ARM Debug Interface Architecture Specification ADIv5.0 to ADIv5.2
Change-Id: I3bc4296a04c35f5c64f851e5865d3099922613fa
Signed-off-by: Alamy Liu <alamy.liu@gmail.com>
Reviewed-on: http://openocd.zylin.com/2904
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
Problem
No matter what target->coreid is, it always shows
Detected core 0 dbgbase: ...
In dap_lookup_cs_component(), it decreases the core index value to zero
in order to find the desired core.
The reference to coreidx is necessary considering "a device which has nested
ROM tables, with each core described in its own table." (by Paul Fertser).
Change-Id: I9b56d45d6edf6639e748a625ab27787f8e5a5776
Signed-off-by: Alamy Liu <alamy.liu@gmail.com>
Reviewed-on: http://openocd.zylin.com/2902
Tested-by: jenkins
Reviewed-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
They are only used to initialize the flash bank sectors and never modified.
Explicitly specify the array length while at it.
Cleanup before adding XMC4800 support.
Change-Id: I2985b9a9946b67798dbfd47d8b219d93a7ffc3da
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-on: http://openocd.zylin.com/3131
Tested-by: jenkins
Reviewed-by: Jeff Ciesielski <jeffciesielski@gmail.com>
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
cortex_a_read_apb_ab_memory_fast() uses the wrong order of ITR and DSCR
writes when setting up the transfer. ARM DDI0406C says in C8.2 regarding
"Fast mode" operation to first switch to fast mode and then latch the
instruction in ITR. Current implementation first wrote ITR, causing
the instruction to be executed immediately, then switched to fast mode
without an instruction latched. Repeated reading of DTRTX didn't
execute LDC and thus replicated its current content into the whole buffer.
This patch uses the following, revised algorithm:
1) switch to non-blocking mode and issue the LDC for the first word
2) if more than one word is to be read:
- switch to fast mode
- latch the LDC instruction into ITR (it is _not_ executed)
- issue (count-1) reads of DTRTX register, each read returns the current
content of DTRTX and re-issues the latched instruction
-> now the second-to-last word is in the buffer and the LDC for the last
word has been issued.
3) wait for the last instruction to complete
4) switch back to non-blocking mode
5) Read DTRTX for the last (or: only) word and put it into the buffer
Change-Id: I44f5c585962ffa5af257c3d5a2a802c122b6b1e4
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3122
Tested-by: jenkins
Reviewed-by: Christopher Head <chead@zaber.com>
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
When accessing memory through the ARM core, privilege levels and mmu
access permissions observed. Thus it depends on the current mode of the
ARM core whether an access is possible or not. the ARM in USR mode can
not access memory mapped to a higher privilege level. This means, if the
ARM core is halted while executing at PL0, the debugger would be
prevented from setting a breakpoint at an address with a higher privilege
level, e.g. in the OS kernel. This is not desirable.
cortex_a_check_address() tried to work around this by predicting if an
access would fail and switched the ARM core to SVC mode. However, the
prediction was based on hardcoded address ranges and only worked for
Linux and a 3G/1G user/kernel space split.
This patch changes the policy to always switch to SVC mode for memory
accesses. It introduces two functions cortex_a_prep_memaccess() and
cortex_a_post_memaccess() which bracket memory reads and writes. These
function encapsulate all actions necessary for preparation and cleanup.
Change-Id: I4ccdb5fd17eadeb2b66ae28caaf0ccd2d014eaa9
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3119
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Tested-by: jenkins
when disabling the mmu to access physical addresses, normally the d-cache
must be disabled as well. Disabling the d-cache also requires a full
clean&invalidate. However, since all memory writes are treated as write-
through no-allocate and memory reads do not allocate cache lines,
effectively the d-cache state does not change at all. We can therefore
save the the d-cache disabling and flushing.
This patch also simplifies the function a bit.
Change-Id: Ia17c56a28f432156429cd4596107e3652b788e63
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3114
Tested-by: jenkins
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
for minimal impact on the hardware state, force all memory accesses to
bypass the caches and tlbs. This may actually be the default, but ARM
recommends in DDI0406C to set proper default values on debug init.
Change-Id: If5ac097b6ee725c047b1e86c2f90eabe16b98c7b
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3079
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Tested-by: jenkins
Other cache functions use an updated pattern for the address range loop.
Bring dcache clean and flush functions in line.
Change-Id: Iccb4a05c49054471033a3403363110cb08245d5b
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3035
Tested-by: jenkins
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Call armv7a_l1_d_cache_flush_virt() before writing the breakpoint,
to make sure the d-cache is clean and invalid at the breakpoint
location down to PoC.
Call armv7a_l1_d_cache_inval_virt() after writing the breakpoint
again, so that d-cache will pick up the modified code.
Call armv7a_l1_i_cache_inval_virt() after writing the breakpoint
to memory to make the change visible to the CPU.
Change-Id: I24fc27058d99cb00d7f6002ccb623cab66b0d234
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3033
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Tested-by: jenkins
D-Cache invalidate is a dangerous operation. It will only work correctly
if full cache lines are invalidated. When partial cache lines are
invalidated, i.e. the target address range does not start and end
at a cache line boundary, cpu data writes outside of the target range
will be dropped. This patch adds special treatment for partial cache
lines by doing a clean & invalidate on the partial lines before
invalidating the rest of the range.
Change-Id: I64099ddb058638e990a7eb0ee911b9cc8f6f8901
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3034
Tested-by: jenkins
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
The following changes are implemented:
- Clean&Invalidate the VA range to PoC *before* the write takes place
- Remove SMP handling since DCCIMVA instruction already maintains SMP
coherence.
- Remove separate Invalidate step
Change-Id: I19fd3cc226d8ecf2937276fc63258b6a26e369a7
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3027
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Tested-by: jenkins
This patch adds a function for cleaning & invalidating a virtual
address range from the architecture caches down to the point of
coherence.
Change-Id: I4061ab023a3797fabc967f3a34498034841d52c6
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3026
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Tested-by: jenkins
There's only one function left that handles cache info display,
no need any more for a function pointer and runtime initialization.
Change-Id: I90b09577f81607917b11f0ab5600a0e2dce223e2
Signed-off-by: Matthias Welwarsky <matthias@welwarsky.de>
Reviewed-on: http://openocd.zylin.com/3025
Reviewed-by: Paul Fertser <fercerpav@gmail.com>
Tested-by: jenkins