1 /***************************************************************************
2 * Copyright (C) 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2009 by Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
27 #include "arm926ejs.h"
28 #include "time_support.h"
29 #include "target_type.h"
33 #define _DEBUG_INSTRUCTION_EXECUTION_
37 int arm926ejs_handle_cp15_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
38 int arm926ejs_handle_cp15i_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
39 int arm926ejs_handle_cache_info_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
41 int arm926ejs_handle_read_cache_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
42 int arm926ejs_handle_read_mmu_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
44 /* forward declarations */
45 int arm926ejs_target_create(struct target_s
*target
, Jim_Interp
*interp
);
46 int arm926ejs_init_target(struct command_context_s
*cmd_ctx
, struct target_s
*target
);
47 int arm926ejs_quit(void);
49 int arm926ejs_read_phys_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
);
50 int arm926ejs_write_phys_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
);
52 static int arm926ejs_virt2phys(struct target_s
*target
, uint32_t virtual, uint32_t *physical
);
53 static int arm926ejs_mmu(struct target_s
*target
, int *enabled
);
55 target_type_t arm926ejs_target
=
60 .arch_state
= arm926ejs_arch_state
,
62 .target_request_data
= arm7_9_target_request_data
,
65 .resume
= arm7_9_resume
,
68 .assert_reset
= arm7_9_assert_reset
,
69 .deassert_reset
= arm7_9_deassert_reset
,
70 .soft_reset_halt
= arm926ejs_soft_reset_halt
,
72 .get_gdb_reg_list
= armv4_5_get_gdb_reg_list
,
74 .read_memory
= arm7_9_read_memory
,
75 .write_memory
= arm926ejs_write_memory
,
76 .bulk_write_memory
= arm7_9_bulk_write_memory
,
77 .checksum_memory
= arm7_9_checksum_memory
,
78 .blank_check_memory
= arm7_9_blank_check_memory
,
80 .run_algorithm
= armv4_5_run_algorithm
,
82 .add_breakpoint
= arm7_9_add_breakpoint
,
83 .remove_breakpoint
= arm7_9_remove_breakpoint
,
84 .add_watchpoint
= arm7_9_add_watchpoint
,
85 .remove_watchpoint
= arm7_9_remove_watchpoint
,
87 .register_commands
= arm926ejs_register_commands
,
88 .target_create
= arm926ejs_target_create
,
89 .init_target
= arm926ejs_init_target
,
90 .examine
= arm9tdmi_examine
,
91 .quit
= arm926ejs_quit
,
92 .virt2phys
= arm926ejs_virt2phys
,
95 .read_phys_memory
= arm926ejs_read_phys_memory
,
96 .write_phys_memory
= arm926ejs_write_phys_memory
,
99 int arm926ejs_catch_broken_irscan(uint8_t *captured
, void *priv
, scan_field_t
*field
)
101 /* FIX!!!! this code should be reenabled. For now it does not check
105 /* The ARM926EJ-S' instruction register is 4 bits wide */
106 uint8_t t
= *captured
& 0xf;
107 uint8_t t2
= *field
->in_check_value
& 0xf;
112 else if ((t
== 0x0f) || (t
== 0x00))
114 LOG_DEBUG("caught ARM926EJ-S invalid Capture-IR result after CP15 access");
117 return ERROR_JTAG_QUEUE_FAILED
;;
121 #define ARM926EJS_CP15_ADDR(opcode_1, opcode_2, CRn, CRm) ((opcode_1 << 11) | (opcode_2 << 8) | (CRn << 4) | (CRm << 0))
123 int arm926ejs_cp15_read(target_t
*target
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
125 int retval
= ERROR_OK
;
126 armv4_5_common_t
*armv4_5
= target
->arch_info
;
127 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
128 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
129 uint32_t address
= ARM926EJS_CP15_ADDR(op1
, op2
, CRn
, CRm
);
130 scan_field_t fields
[4];
131 uint8_t address_buf
[2];
132 uint8_t nr_w_buf
= 0;
135 buf_set_u32(address_buf
, 0, 14, address
);
137 jtag_set_end_state(TAP_IDLE
);
138 if ((retval
= arm_jtag_scann(jtag_info
, 0xf)) != ERROR_OK
)
142 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
144 fields
[0].tap
= jtag_info
->tap
;
145 fields
[0].num_bits
= 32;
146 fields
[0].out_value
= NULL
;
147 fields
[0].in_value
= (uint8_t *)value
;
150 fields
[1].tap
= jtag_info
->tap
;
151 fields
[1].num_bits
= 1;
152 fields
[1].out_value
= &access
;
153 fields
[1].in_value
= &access
;
155 fields
[2].tap
= jtag_info
->tap
;
156 fields
[2].num_bits
= 14;
157 fields
[2].out_value
= address_buf
;
158 fields
[2].in_value
= NULL
;
160 fields
[3].tap
= jtag_info
->tap
;
161 fields
[3].num_bits
= 1;
162 fields
[3].out_value
= &nr_w_buf
;
163 fields
[3].in_value
= NULL
;
165 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
167 long long then
= timeval_ms();
171 /* rescan with NOP, to wait for the access to complete */
174 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
176 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
178 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
183 if (buf_get_u32(&access
, 0, 1) == 1)
189 if ((timeval_ms()-then
)>10)
191 LOG_ERROR("cp15 read operation timed out");
196 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
197 LOG_DEBUG("addr: 0x%x value: %8.8x", address
, *value
);
200 arm_jtag_set_instr(jtag_info
, 0xc, &arm926ejs_catch_broken_irscan
);
205 int arm926ejs_cp15_write(target_t
*target
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
207 int retval
= ERROR_OK
;
208 armv4_5_common_t
*armv4_5
= target
->arch_info
;
209 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
210 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
211 uint32_t address
= ARM926EJS_CP15_ADDR(op1
, op2
, CRn
, CRm
);
212 scan_field_t fields
[4];
213 uint8_t value_buf
[4];
214 uint8_t address_buf
[2];
215 uint8_t nr_w_buf
= 1;
218 buf_set_u32(address_buf
, 0, 14, address
);
219 buf_set_u32(value_buf
, 0, 32, value
);
221 jtag_set_end_state(TAP_IDLE
);
222 if ((retval
= arm_jtag_scann(jtag_info
, 0xf)) != ERROR_OK
)
226 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
228 fields
[0].tap
= jtag_info
->tap
;
229 fields
[0].num_bits
= 32;
230 fields
[0].out_value
= value_buf
;
231 fields
[0].in_value
= NULL
;
233 fields
[1].tap
= jtag_info
->tap
;
234 fields
[1].num_bits
= 1;
235 fields
[1].out_value
= &access
;
236 fields
[1].in_value
= &access
;
238 fields
[2].tap
= jtag_info
->tap
;
239 fields
[2].num_bits
= 14;
240 fields
[2].out_value
= address_buf
;
241 fields
[2].in_value
= NULL
;
243 fields
[3].tap
= jtag_info
->tap
;
244 fields
[3].num_bits
= 1;
245 fields
[3].out_value
= &nr_w_buf
;
246 fields
[3].in_value
= NULL
;
248 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
250 long long then
= timeval_ms();
254 /* rescan with NOP, to wait for the access to complete */
257 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
258 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
263 if (buf_get_u32(&access
, 0, 1) == 1)
269 if ((timeval_ms()-then
)>10)
271 LOG_ERROR("cp15 write operation timed out");
276 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
277 LOG_DEBUG("addr: 0x%x value: %8.8x", address
, value
);
280 arm_jtag_set_instr(jtag_info
, 0xf, &arm926ejs_catch_broken_irscan
);
285 static int arm926ejs_examine_debug_reason(target_t
*target
)
287 armv4_5_common_t
*armv4_5
= target
->arch_info
;
288 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
289 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
293 embeddedice_read_reg(dbg_stat
);
294 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
297 /* Method-Of-Entry (MOE) field */
298 debug_reason
= buf_get_u32(dbg_stat
->value
, 6, 4);
300 switch (debug_reason
)
303 LOG_DEBUG("no *NEW* debug entry (?missed one?)");
304 /* ... since last restart or debug reset ... */
305 target
->debug_reason
= DBG_REASON_DBGRQ
;
308 LOG_DEBUG("breakpoint from EICE unit 0");
309 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
312 LOG_DEBUG("breakpoint from EICE unit 1");
313 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
316 LOG_DEBUG("soft breakpoint (BKPT instruction)");
317 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
320 LOG_DEBUG("vector catch breakpoint");
321 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
324 LOG_DEBUG("external breakpoint");
325 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
328 LOG_DEBUG("watchpoint from EICE unit 0");
329 target
->debug_reason
= DBG_REASON_WATCHPOINT
;
332 LOG_DEBUG("watchpoint from EICE unit 1");
333 target
->debug_reason
= DBG_REASON_WATCHPOINT
;
336 LOG_DEBUG("external watchpoint");
337 target
->debug_reason
= DBG_REASON_WATCHPOINT
;
340 LOG_DEBUG("internal debug request");
341 target
->debug_reason
= DBG_REASON_DBGRQ
;
344 LOG_DEBUG("external debug request");
345 target
->debug_reason
= DBG_REASON_DBGRQ
;
348 LOG_DEBUG("debug re-entry from system speed access");
349 /* This is normal when connecting to something that's
350 * already halted, or in some related code paths, but
351 * otherwise is surprising (and presumably wrong).
353 switch (target
->debug_reason
) {
354 case DBG_REASON_DBGRQ
:
357 LOG_ERROR("unexpected -- debug re-entry");
359 case DBG_REASON_UNDEFINED
:
360 target
->debug_reason
= DBG_REASON_DBGRQ
;
365 /* FIX!!!! here be dragons!!! We need to fail here so
366 * the target will interpreted as halted but we won't
367 * try to talk to it right now... a resume + halt seems
368 * to sync things up again. Please send an email to
369 * openocd development mailing list if you have hardware
370 * to donate to look into this problem....
372 LOG_WARNING("WARNING: mystery debug reason MOE = 0xc. Try issuing a resume + halt.");
373 target
->debug_reason
= DBG_REASON_DBGRQ
;
376 LOG_WARNING("WARNING: unknown debug reason: 0x%x", debug_reason
);
377 /* Oh agony! should we interpret this as a halt request or
378 * that the target stopped on it's own accord?
380 target
->debug_reason
= DBG_REASON_DBGRQ
;
381 /* if we fail here, we won't talk to the target and it will
382 * be reported to be in the halted state */
389 uint32_t arm926ejs_get_ttb(target_t
*target
)
391 armv4_5_common_t
*armv4_5
= target
->arch_info
;
392 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
393 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
394 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
398 if ((retval
= arm926ejs
->read_cp15(target
, 0, 0, 2, 0, &ttb
)) != ERROR_OK
)
404 void arm926ejs_disable_mmu_caches(target_t
*target
, int mmu
, int d_u_cache
, int i_cache
)
406 armv4_5_common_t
*armv4_5
= target
->arch_info
;
407 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
408 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
409 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
410 uint32_t cp15_control
;
412 /* read cp15 control register */
413 arm926ejs
->read_cp15(target
, 0, 0, 1, 0, &cp15_control
);
414 jtag_execute_queue();
419 arm926ejs
->write_cp15(target
, 0, 0, 8, 7, 0x0);
421 cp15_control
&= ~0x1U
;
426 uint32_t debug_override
;
427 /* read-modify-write CP15 debug override register
428 * to enable "test and clean all" */
429 arm926ejs
->read_cp15(target
, 0, 0, 15, 0, &debug_override
);
430 debug_override
|= 0x80000;
431 arm926ejs
->write_cp15(target
, 0, 0, 15, 0, debug_override
);
433 /* clean and invalidate DCache */
434 arm926ejs
->write_cp15(target
, 0, 0, 7, 5, 0x0);
436 /* write CP15 debug override register
437 * to disable "test and clean all" */
438 debug_override
&= ~0x80000;
439 arm926ejs
->write_cp15(target
, 0, 0, 15, 0, debug_override
);
441 cp15_control
&= ~0x4U
;
446 /* invalidate ICache */
447 arm926ejs
->write_cp15(target
, 0, 0, 7, 5, 0x0);
449 cp15_control
&= ~0x1000U
;
452 arm926ejs
->write_cp15(target
, 0, 0, 1, 0, cp15_control
);
455 void arm926ejs_enable_mmu_caches(target_t
*target
, int mmu
, int d_u_cache
, int i_cache
)
457 armv4_5_common_t
*armv4_5
= target
->arch_info
;
458 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
459 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
460 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
461 uint32_t cp15_control
;
463 /* read cp15 control register */
464 arm926ejs
->read_cp15(target
, 0, 0, 1, 0, &cp15_control
);
465 jtag_execute_queue();
468 cp15_control
|= 0x1U
;
471 cp15_control
|= 0x4U
;
474 cp15_control
|= 0x1000U
;
476 arm926ejs
->write_cp15(target
, 0, 0, 1, 0, cp15_control
);
479 void arm926ejs_post_debug_entry(target_t
*target
)
481 armv4_5_common_t
*armv4_5
= target
->arch_info
;
482 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
483 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
484 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
486 /* examine cp15 control reg */
487 arm926ejs
->read_cp15(target
, 0, 0, 1, 0, &arm926ejs
->cp15_control_reg
);
488 jtag_execute_queue();
489 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
"", arm926ejs
->cp15_control_reg
);
491 if (arm926ejs
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
493 uint32_t cache_type_reg
;
494 /* identify caches */
495 arm926ejs
->read_cp15(target
, 0, 1, 0, 0, &cache_type_reg
);
496 jtag_execute_queue();
497 armv4_5_identify_cache(cache_type_reg
, &arm926ejs
->armv4_5_mmu
.armv4_5_cache
);
500 arm926ejs
->armv4_5_mmu
.mmu_enabled
= (arm926ejs
->cp15_control_reg
& 0x1U
) ? 1 : 0;
501 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= (arm926ejs
->cp15_control_reg
& 0x4U
) ? 1 : 0;
502 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= (arm926ejs
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
504 /* save i/d fault status and address register */
505 arm926ejs
->read_cp15(target
, 0, 0, 5, 0, &arm926ejs
->d_fsr
);
506 arm926ejs
->read_cp15(target
, 0, 1, 5, 0, &arm926ejs
->i_fsr
);
507 arm926ejs
->read_cp15(target
, 0, 0, 6, 0, &arm926ejs
->d_far
);
509 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
", I FSR: 0x%8.8" PRIx32
"",
510 arm926ejs
->d_fsr
, arm926ejs
->d_far
, arm926ejs
->i_fsr
);
512 uint32_t cache_dbg_ctrl
;
514 /* read-modify-write CP15 cache debug control register
515 * to disable I/D-cache linefills and force WT */
516 arm926ejs
->read_cp15(target
, 7, 0, 15, 0, &cache_dbg_ctrl
);
517 cache_dbg_ctrl
|= 0x7;
518 arm926ejs
->write_cp15(target
, 7, 0, 15, 0, cache_dbg_ctrl
);
521 void arm926ejs_pre_restore_context(target_t
*target
)
523 armv4_5_common_t
*armv4_5
= target
->arch_info
;
524 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
525 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
526 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
528 /* restore i/d fault status and address register */
529 arm926ejs
->write_cp15(target
, 0, 0, 5, 0, arm926ejs
->d_fsr
);
530 arm926ejs
->write_cp15(target
, 0, 1, 5, 0, arm926ejs
->i_fsr
);
531 arm926ejs
->write_cp15(target
, 0, 0, 6, 0, arm926ejs
->d_far
);
533 uint32_t cache_dbg_ctrl
;
535 /* read-modify-write CP15 cache debug control register
536 * to reenable I/D-cache linefills and disable WT */
537 arm926ejs
->read_cp15(target
, 7, 0, 15, 0, &cache_dbg_ctrl
);
538 cache_dbg_ctrl
&= ~0x7;
539 arm926ejs
->write_cp15(target
, 7, 0, 15, 0, cache_dbg_ctrl
);
542 int arm926ejs_get_arch_pointers(target_t
*target
, armv4_5_common_t
**armv4_5_p
, arm7_9_common_t
**arm7_9_p
, arm9tdmi_common_t
**arm9tdmi_p
, arm926ejs_common_t
**arm926ejs_p
)
544 armv4_5_common_t
*armv4_5
= target
->arch_info
;
545 arm7_9_common_t
*arm7_9
;
546 arm9tdmi_common_t
*arm9tdmi
;
547 arm926ejs_common_t
*arm926ejs
;
549 if (armv4_5
->common_magic
!= ARMV4_5_COMMON_MAGIC
)
554 arm7_9
= armv4_5
->arch_info
;
555 if (arm7_9
->common_magic
!= ARM7_9_COMMON_MAGIC
)
560 arm9tdmi
= arm7_9
->arch_info
;
561 if (arm9tdmi
->common_magic
!= ARM9TDMI_COMMON_MAGIC
)
566 arm926ejs
= arm9tdmi
->arch_info
;
567 if (arm926ejs
->common_magic
!= ARM926EJS_COMMON_MAGIC
)
572 *armv4_5_p
= armv4_5
;
574 *arm9tdmi_p
= arm9tdmi
;
575 *arm926ejs_p
= arm926ejs
;
580 int arm926ejs_arch_state(struct target_s
*target
)
582 armv4_5_common_t
*armv4_5
= target
->arch_info
;
583 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
584 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
585 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
589 "disabled", "enabled"
592 if (armv4_5
->common_magic
!= ARMV4_5_COMMON_MAGIC
)
594 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
599 "target halted in %s state due to %s, current mode: %s\n"
600 "cpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"\n"
601 "MMU: %s, D-Cache: %s, I-Cache: %s",
602 armv4_5_state_strings
[armv4_5
->core_state
],
603 Jim_Nvp_value2name_simple(nvp_target_debug_reason
,target
->debug_reason
)->name
,
604 armv4_5_mode_strings
[armv4_5_mode_to_number(armv4_5
->core_mode
)],
605 buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32),
606 buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32),
607 state
[arm926ejs
->armv4_5_mmu
.mmu_enabled
],
608 state
[arm926ejs
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
609 state
[arm926ejs
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
614 int arm926ejs_soft_reset_halt(struct target_s
*target
)
616 int retval
= ERROR_OK
;
617 armv4_5_common_t
*armv4_5
= target
->arch_info
;
618 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
619 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
620 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
621 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
623 if ((retval
= target_halt(target
)) != ERROR_OK
)
628 long long then
= timeval_ms();
630 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
632 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1) == 0)
634 embeddedice_read_reg(dbg_stat
);
635 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
643 if (debug_level
>= 1)
645 /* do not eat all CPU, time out after 1 se*/
654 LOG_ERROR("Failed to halt CPU after 1 sec");
655 return ERROR_TARGET_TIMEOUT
;
658 target
->state
= TARGET_HALTED
;
660 /* SVC, ARM state, IRQ and FIQ disabled */
661 buf_set_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8, 0xd3);
662 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 1;
663 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
665 /* start fetching from 0x0 */
666 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, 0x0);
667 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
668 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
670 armv4_5
->core_mode
= ARMV4_5_MODE_SVC
;
671 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
673 arm926ejs_disable_mmu_caches(target
, 1, 1, 1);
674 arm926ejs
->armv4_5_mmu
.mmu_enabled
= 0;
675 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
676 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
678 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
681 int arm926ejs_write_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
684 armv4_5_common_t
*armv4_5
= target
->arch_info
;
685 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
686 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
687 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
689 /* FIX!!!! this should be cleaned up and made much more general. The
690 * plan is to write up and test on arm926ejs specifically and
691 * then generalize and clean up afterwards. */
692 if ((count
== 1) && ((size
==2) || (size
==4)))
694 /* special case the handling of single word writes to bypass MMU
695 * to allow implementation of breakpoints in memory marked read only
697 if (arm926ejs
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
699 /* flush and invalidate data cache
701 * MCR p15,0,p,c7,c10,1 - clean cache line using virtual address
704 retval
= arm926ejs
->write_cp15(target
, 0, 1, 7, 10, address
&~0x3);
705 if (retval
!= ERROR_OK
)
710 retval
= target
->type
->virt2phys(target
, address
, &pa
);
711 if (retval
!= ERROR_OK
)
714 /* write directly to physical memory bypassing any read only MMU bits, etc. */
715 retval
= armv4_5_mmu_write_physical(target
, &arm926ejs
->armv4_5_mmu
, pa
, size
, count
, buffer
);
716 if (retval
!= ERROR_OK
)
720 if ((retval
= arm7_9_write_memory(target
, address
, size
, count
, buffer
)) != ERROR_OK
)
724 /* If ICache is enabled, we have to invalidate affected ICache lines
725 * the DCache is forced to write-through, so we don't have to clean it here
727 if (arm926ejs
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
731 /* invalidate ICache single entry with MVA */
732 arm926ejs
->write_cp15(target
, 0, 1, 7, 5, address
);
736 /* invalidate ICache */
737 arm926ejs
->write_cp15(target
, 0, 0, 7, 5, address
);
744 int arm926ejs_write_phys_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
746 armv4_5_common_t
*armv4_5
= target
->arch_info
;
747 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
748 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
749 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
751 return armv4_5_mmu_write_physical(target
, &arm926ejs
->armv4_5_mmu
, address
, size
, count
, buffer
);
754 int arm926ejs_read_phys_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
756 armv4_5_common_t
*armv4_5
= target
->arch_info
;
757 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
758 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
759 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
761 return armv4_5_mmu_read_physical(target
, &arm926ejs
->armv4_5_mmu
, address
, size
, count
, buffer
);
764 int arm926ejs_init_target(struct command_context_s
*cmd_ctx
, struct target_s
*target
)
766 arm9tdmi_init_target(cmd_ctx
, target
);
771 int arm926ejs_quit(void)
776 int arm926ejs_init_arch_info(target_t
*target
, arm926ejs_common_t
*arm926ejs
, jtag_tap_t
*tap
)
778 arm9tdmi_common_t
*arm9tdmi
= &arm926ejs
->arm9tdmi_common
;
779 arm7_9_common_t
*arm7_9
= &arm9tdmi
->arm7_9_common
;
781 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
783 arm9tdmi_init_arch_info(target
, arm9tdmi
, tap
);
785 arm9tdmi
->arch_info
= arm926ejs
;
786 arm926ejs
->common_magic
= ARM926EJS_COMMON_MAGIC
;
788 arm7_9
->post_debug_entry
= arm926ejs_post_debug_entry
;
789 arm7_9
->pre_restore_context
= arm926ejs_pre_restore_context
;
791 arm926ejs
->read_cp15
= arm926ejs_cp15_read
;
792 arm926ejs
->write_cp15
= arm926ejs_cp15_write
;
793 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
794 arm926ejs
->armv4_5_mmu
.get_ttb
= arm926ejs_get_ttb
;
795 arm926ejs
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
796 arm926ejs
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
797 arm926ejs
->armv4_5_mmu
.disable_mmu_caches
= arm926ejs_disable_mmu_caches
;
798 arm926ejs
->armv4_5_mmu
.enable_mmu_caches
= arm926ejs_enable_mmu_caches
;
799 arm926ejs
->armv4_5_mmu
.has_tiny_pages
= 1;
800 arm926ejs
->armv4_5_mmu
.mmu_enabled
= 0;
802 arm7_9
->examine_debug_reason
= arm926ejs_examine_debug_reason
;
804 /* The ARM926EJ-S implements the ARMv5TE architecture which
805 * has the BKPT instruction, so we don't have to use a watchpoint comparator
807 arm7_9
->arm_bkpt
= ARMV5_BKPT(0x0);
808 arm7_9
->thumb_bkpt
= ARMV5_T_BKPT(0x0) & 0xffff;
813 int arm926ejs_target_create(struct target_s
*target
, Jim_Interp
*interp
)
815 arm926ejs_common_t
*arm926ejs
= calloc(1,sizeof(arm926ejs_common_t
));
817 arm926ejs_init_arch_info(target
, arm926ejs
, target
->tap
);
822 int arm926ejs_register_commands(struct command_context_s
*cmd_ctx
)
825 command_t
*arm926ejs_cmd
;
828 retval
= arm9tdmi_register_commands(cmd_ctx
);
830 arm926ejs_cmd
= register_command(cmd_ctx
, NULL
, "arm926ejs", NULL
, COMMAND_ANY
, "arm926ejs specific commands");
832 register_command(cmd_ctx
, arm926ejs_cmd
, "cp15", arm926ejs_handle_cp15_command
, COMMAND_EXEC
, "display/modify cp15 register <opcode_1> <opcode_2> <CRn> <CRm> [value]");
834 register_command(cmd_ctx
, arm926ejs_cmd
, "cache_info", arm926ejs_handle_cache_info_command
, COMMAND_EXEC
, "display information about target caches");
839 int arm926ejs_handle_cp15_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
842 target_t
*target
= get_current_target(cmd_ctx
);
843 armv4_5_common_t
*armv4_5
;
844 arm7_9_common_t
*arm7_9
;
845 arm9tdmi_common_t
*arm9tdmi
;
846 arm926ejs_common_t
*arm926ejs
;
852 if ((argc
< 4) || (argc
> 5))
854 command_print(cmd_ctx
, "usage: arm926ejs cp15 <opcode_1> <opcode_2> <CRn> <CRm> [value]");
858 opcode_1
= strtoul(args
[0], NULL
, 0);
859 opcode_2
= strtoul(args
[1], NULL
, 0);
860 CRn
= strtoul(args
[2], NULL
, 0);
861 CRm
= strtoul(args
[3], NULL
, 0);
863 if (arm926ejs_get_arch_pointers(target
, &armv4_5
, &arm7_9
, &arm9tdmi
, &arm926ejs
) != ERROR_OK
)
865 command_print(cmd_ctx
, "current target isn't an ARM926EJ-S target");
869 if (target
->state
!= TARGET_HALTED
)
871 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", cmd
);
878 if ((retval
= arm926ejs
->read_cp15(target
, opcode_1
, opcode_2
, CRn
, CRm
, &value
)) != ERROR_OK
)
880 command_print(cmd_ctx
, "couldn't access register");
883 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
888 command_print(cmd_ctx
, "%i %i %i %i: %8.8" PRIx32
"", opcode_1
, opcode_2
, CRn
, CRm
, value
);
892 uint32_t value
= strtoul(args
[4], NULL
, 0);
893 if ((retval
= arm926ejs
->write_cp15(target
, opcode_1
, opcode_2
, CRn
, CRm
, value
)) != ERROR_OK
)
895 command_print(cmd_ctx
, "couldn't access register");
898 command_print(cmd_ctx
, "%i %i %i %i: %8.8" PRIx32
"", opcode_1
, opcode_2
, CRn
, CRm
, value
);
904 int arm926ejs_handle_cache_info_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
906 target_t
*target
= get_current_target(cmd_ctx
);
907 armv4_5_common_t
*armv4_5
;
908 arm7_9_common_t
*arm7_9
;
909 arm9tdmi_common_t
*arm9tdmi
;
910 arm926ejs_common_t
*arm926ejs
;
912 if (arm926ejs_get_arch_pointers(target
, &armv4_5
, &arm7_9
, &arm9tdmi
, &arm926ejs
) != ERROR_OK
)
914 command_print(cmd_ctx
, "current target isn't an ARM926EJ-S target");
918 return armv4_5_handle_cache_info_command(cmd_ctx
, &arm926ejs
->armv4_5_mmu
.armv4_5_cache
);
921 static int arm926ejs_virt2phys(struct target_s
*target
, uint32_t virtual, uint32_t *physical
)
929 armv4_5_common_t
*armv4_5
;
930 arm7_9_common_t
*arm7_9
;
931 arm9tdmi_common_t
*arm9tdmi
;
932 arm926ejs_common_t
*arm926ejs
;
933 retval
= arm926ejs_get_arch_pointers(target
, &armv4_5
, &arm7_9
, &arm9tdmi
, &arm926ejs
);
934 if (retval
!= ERROR_OK
)
938 uint32_t ret
= armv4_5_mmu_translate_va(target
, &arm926ejs
->armv4_5_mmu
, virtual, &type
, &cb
, &domain
, &ap
);
947 static int arm926ejs_mmu(struct target_s
*target
, int *enabled
)
949 armv4_5_common_t
*armv4_5
= target
->arch_info
;
950 arm926ejs_common_t
*arm926ejs
= armv4_5
->arch_info
;
952 if (target
->state
!= TARGET_HALTED
)
954 LOG_ERROR("Target not halted");
955 return ERROR_TARGET_INVALID
;
957 *enabled
= arm926ejs
->armv4_5_mmu
.mmu_enabled
;
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)