Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
target: remove legacy target events
[openocd.git] / src / target / arm920t.c
1
2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
21
22 #ifdef HAVE_CONFIG_H
23 #include "config.h"
24 #endif
25
26 #include "arm920t.h"
27 #include <helper/time_support.h>
28 #include "target_type.h"
29 #include "register.h"
30 #include "arm_opcodes.h"
31
32 /*
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
36 *
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
40 * 2 ... EmbeddedICE
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
43 * 6 ... ETM9
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
48 *
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
50 */
51
52 #if 0
53 #define _DEBUG_INSTRUCTION_EXECUTION_
54 #endif
55
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
59 *
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
63 *
64 * x == bit[38]
65 * y == bits[37:34]
66 * z == bit[33]
67 */
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
69
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
75
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
82
83 static int arm920t_read_cp15_physical(struct target *target,
84 int reg_addr, uint32_t *value)
85 {
86 struct arm920t_common *arm920t = target_to_arm920(target);
87 struct arm_jtag *jtag_info;
88 struct scan_field fields[4];
89 uint8_t access_type_buf = 1;
90 uint8_t reg_addr_buf = reg_addr & 0x3f;
91 uint8_t nr_w_buf = 0;
92 int retval;
93
94 jtag_info = &arm920t->arm7_9_common.jtag_info;
95
96 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
97 if (retval != ERROR_OK)
98 return retval;
99 retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
100 if (retval != ERROR_OK)
101 return retval;
102
103 fields[0].num_bits = 1;
104 fields[0].out_value = &access_type_buf;
105 fields[0].in_value = NULL;
106
107 fields[1].num_bits = 32;
108 fields[1].out_value = NULL;
109 fields[1].in_value = NULL;
110
111 fields[2].num_bits = 6;
112 fields[2].out_value = &reg_addr_buf;
113 fields[2].in_value = NULL;
114
115 fields[3].num_bits = 1;
116 fields[3].out_value = &nr_w_buf;
117 fields[3].in_value = NULL;
118
119 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
120
121 fields[1].in_value = (uint8_t *)value;
122
123 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
124
125 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
126
127 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
128 jtag_execute_queue();
129 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
130 #endif
131
132 return ERROR_OK;
133 }
134
135 static int arm920t_write_cp15_physical(struct target *target,
136 int reg_addr, uint32_t value)
137 {
138 struct arm920t_common *arm920t = target_to_arm920(target);
139 struct arm_jtag *jtag_info;
140 struct scan_field fields[4];
141 uint8_t access_type_buf = 1;
142 uint8_t reg_addr_buf = reg_addr & 0x3f;
143 uint8_t nr_w_buf = 1;
144 uint8_t value_buf[4];
145 int retval;
146
147 jtag_info = &arm920t->arm7_9_common.jtag_info;
148
149 buf_set_u32(value_buf, 0, 32, value);
150
151 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
152 if (retval != ERROR_OK)
153 return retval;
154 retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
155 if (retval != ERROR_OK)
156 return retval;
157
158 fields[0].num_bits = 1;
159 fields[0].out_value = &access_type_buf;
160 fields[0].in_value = NULL;
161
162 fields[1].num_bits = 32;
163 fields[1].out_value = value_buf;
164 fields[1].in_value = NULL;
165
166 fields[2].num_bits = 6;
167 fields[2].out_value = &reg_addr_buf;
168 fields[2].in_value = NULL;
169
170 fields[3].num_bits = 1;
171 fields[3].out_value = &nr_w_buf;
172 fields[3].in_value = NULL;
173
174 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
175
176 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
177 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
178 #endif
179
180 return ERROR_OK;
181 }
182
183 /* See table 9-10 for scan chain 15 format during interpreted access mode.
184 * If the TESTSTATE register is set for interpreted access, certain CP15
185 * MRC and MCR instructions may be executed through scan chain 15.
186 *
187 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
188 * executed using scan chain 15 interpreted mode.
189 */
190 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
191 uint32_t arm_opcode)
192 {
193 int retval;
194 struct arm920t_common *arm920t = target_to_arm920(target);
195 struct arm_jtag *jtag_info;
196 struct scan_field fields[4];
197 uint8_t access_type_buf = 0; /* interpreted access */
198 uint8_t reg_addr_buf = 0x0;
199 uint8_t nr_w_buf = 0;
200 uint8_t cp15_opcode_buf[4];
201
202 jtag_info = &arm920t->arm7_9_common.jtag_info;
203
204 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
205 if (retval != ERROR_OK)
206 return retval;
207 retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
208 if (retval != ERROR_OK)
209 return retval;
210
211 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
212
213 fields[0].num_bits = 1;
214 fields[0].out_value = &access_type_buf;
215 fields[0].in_value = NULL;
216
217 fields[1].num_bits = 32;
218 fields[1].out_value = cp15_opcode_buf;
219 fields[1].in_value = NULL;
220
221 fields[2].num_bits = 6;
222 fields[2].out_value = &reg_addr_buf;
223 fields[2].in_value = NULL;
224
225 fields[3].num_bits = 1;
226 fields[3].out_value = &nr_w_buf;
227 fields[3].in_value = NULL;
228
229 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
230
231 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
232 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
233 retval = arm7_9_execute_sys_speed(target);
234 if (retval != ERROR_OK)
235 return retval;
236
237 retval = jtag_execute_queue();
238 if (retval != ERROR_OK) {
239 LOG_ERROR("failed executing JTAG queue");
240 return retval;
241 }
242
243 return ERROR_OK;
244 }
245
246 static int arm920t_read_cp15_interpreted(struct target *target,
247 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
248 {
249 struct arm *arm = target_to_arm(target);
250 uint32_t *regs_p[1];
251 uint32_t regs[2];
252 uint32_t cp15c15 = 0x0;
253 struct reg *r = arm->core_cache->reg_list;
254
255 /* load address into R1 */
256 regs[1] = address;
257 arm9tdmi_write_core_regs(target, 0x2, regs);
258
259 /* read-modify-write CP15 test state register
260 * to enable interpreted access mode */
261 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
262 jtag_execute_queue();
263 cp15c15 |= 1; /* set interpret mode */
264 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
265
266 /* execute CP15 instruction and ARM load (reading from coprocessor) */
267 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
268
269 /* disable interpreted access mode */
270 cp15c15 &= ~1U; /* clear interpret mode */
271 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
272
273 /* retrieve value from R0 */
274 regs_p[0] = value;
275 arm9tdmi_read_core_regs(target, 0x1, regs_p);
276 jtag_execute_queue();
277
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
280 cp15_opcode, address, *value);
281 #endif
282
283 if (!is_arm_mode(arm->core_mode)) {
284 LOG_ERROR("not a valid arm core mode - communication failure?");
285 return ERROR_FAIL;
286 }
287
288 r[0].dirty = 1;
289 r[1].dirty = 1;
290
291 return ERROR_OK;
292 }
293
294 static
295 int arm920t_write_cp15_interpreted(struct target *target,
296 uint32_t cp15_opcode, uint32_t value, uint32_t address)
297 {
298 uint32_t cp15c15 = 0x0;
299 struct arm *arm = target_to_arm(target);
300 uint32_t regs[2];
301 struct reg *r = arm->core_cache->reg_list;
302
303 /* load value, address into R0, R1 */
304 regs[0] = value;
305 regs[1] = address;
306 arm9tdmi_write_core_regs(target, 0x3, regs);
307
308 /* read-modify-write CP15 test state register
309 * to enable interpreted access mode */
310 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
311 jtag_execute_queue();
312 cp15c15 |= 1; /* set interpret mode */
313 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
314
315 /* execute CP15 instruction and ARM store (writing to coprocessor) */
316 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
317
318 /* disable interpreted access mode */
319 cp15c15 &= ~1U; /* set interpret mode */
320 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
321
322 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
323 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
324 cp15_opcode, value, address);
325 #endif
326
327 if (!is_arm_mode(arm->core_mode)) {
328 LOG_ERROR("not a valid arm core mode - communication failure?");
329 return ERROR_FAIL;
330 }
331
332 r[0].dirty = 1;
333 r[1].dirty = 1;
334
335 return ERROR_OK;
336 }
337
338 /* EXPORTED to FA256 */
339 int arm920t_get_ttb(struct target *target, uint32_t *result)
340 {
341 int retval;
342 uint32_t ttb = 0x0;
343
344 retval = arm920t_read_cp15_interpreted(target,
345 /* FIXME use opcode macro */
346 0xeebf0f51, 0x0, &ttb);
347 if (retval != ERROR_OK)
348 return retval;
349
350 *result = ttb;
351 return ERROR_OK;
352 }
353
354 /* EXPORTED to FA256 */
355 int arm920t_disable_mmu_caches(struct target *target, int mmu,
356 int d_u_cache, int i_cache)
357 {
358 uint32_t cp15_control;
359 int retval;
360
361 /* read cp15 control register */
362 retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
363 if (retval != ERROR_OK)
364 return retval;
365 retval = jtag_execute_queue();
366 if (retval != ERROR_OK)
367 return retval;
368
369 if (mmu)
370 cp15_control &= ~0x1U;
371
372 if (d_u_cache)
373 cp15_control &= ~0x4U;
374
375 if (i_cache)
376 cp15_control &= ~0x1000U;
377
378 retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
379 return retval;
380 }
381
382 /* EXPORTED to FA256 */
383 int arm920t_enable_mmu_caches(struct target *target, int mmu,
384 int d_u_cache, int i_cache)
385 {
386 uint32_t cp15_control;
387 int retval;
388
389 /* read cp15 control register */
390 retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
391 if (retval != ERROR_OK)
392 return retval;
393 retval = jtag_execute_queue();
394 if (retval != ERROR_OK)
395 return retval;
396
397 if (mmu)
398 cp15_control |= 0x1U;
399
400 if (d_u_cache)
401 cp15_control |= 0x4U;
402
403 if (i_cache)
404 cp15_control |= 0x1000U;
405
406 retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
407 return retval;
408 }
409
410 /* EXPORTED to FA256 */
411 int arm920t_post_debug_entry(struct target *target)
412 {
413 uint32_t cp15c15;
414 struct arm920t_common *arm920t = target_to_arm920(target);
415 int retval;
416
417 /* examine cp15 control reg */
418 retval = arm920t_read_cp15_physical(target,
419 CP15PHYS_CTRL, &arm920t->cp15_control_reg);
420 if (retval != ERROR_OK)
421 return retval;
422 retval = jtag_execute_queue();
423 if (retval != ERROR_OK)
424 return retval;
425 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, arm920t->cp15_control_reg);
426
427 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1) {
428 uint32_t cache_type_reg;
429 /* identify caches */
430 retval = arm920t_read_cp15_physical(target,
431 CP15PHYS_CACHETYPE, &cache_type_reg);
432 if (retval != ERROR_OK)
433 return retval;
434 retval = jtag_execute_queue();
435 if (retval != ERROR_OK)
436 return retval;
437 armv4_5_identify_cache(cache_type_reg,
438 &arm920t->armv4_5_mmu.armv4_5_cache);
439 }
440
441 arm920t->armv4_5_mmu.mmu_enabled =
442 (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
443 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
444 (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
445 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
446 (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
447
448 /* save i/d fault status and address register
449 * FIXME use opcode macros */
450 retval = arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
451 if (retval != ERROR_OK)
452 return retval;
453 retval = arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
454 if (retval != ERROR_OK)
455 return retval;
456 retval = arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
457 if (retval != ERROR_OK)
458 return retval;
459 retval = arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
460 if (retval != ERROR_OK)
461 return retval;
462
463 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32
464 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32,
465 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
466
467 if (arm920t->preserve_cache) {
468 /* read-modify-write CP15 test state register
469 * to disable I/D-cache linefills */
470 retval = arm920t_read_cp15_physical(target,
471 CP15PHYS_TESTSTATE, &cp15c15);
472 if (retval != ERROR_OK)
473 return retval;
474 retval = jtag_execute_queue();
475 if (retval != ERROR_OK)
476 return retval;
477 cp15c15 |= 0x600;
478 retval = arm920t_write_cp15_physical(target,
479 CP15PHYS_TESTSTATE, cp15c15);
480 if (retval != ERROR_OK)
481 return retval;
482 }
483 return ERROR_OK;
484 }
485
486 /* EXPORTED to FA256 */
487 void arm920t_pre_restore_context(struct target *target)
488 {
489 uint32_t cp15c15;
490 struct arm920t_common *arm920t = target_to_arm920(target);
491
492 /* restore i/d fault status and address register */
493 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
494 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
495 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
496 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
497
498 /* read-modify-write CP15 test state register
499 * to reenable I/D-cache linefills */
500 if (arm920t->preserve_cache) {
501 arm920t_read_cp15_physical(target,
502 CP15PHYS_TESTSTATE, &cp15c15);
503 jtag_execute_queue();
504 cp15c15 &= ~0x600U;
505 arm920t_write_cp15_physical(target,
506 CP15PHYS_TESTSTATE, cp15c15);
507 }
508 }
509
510 static const char arm920_not[] = "target is not an ARM920";
511
512 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
513 struct arm920t_common *arm920t)
514 {
515 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
516 command_print(cmd_ctx, arm920_not);
517 return ERROR_TARGET_INVALID;
518 }
519
520 return ERROR_OK;
521 }
522
523 /** Logs summary of ARM920 state for a halted target. */
524 int arm920t_arch_state(struct target *target)
525 {
526 static const char *state[] = {
527 "disabled", "enabled"
528 };
529
530 struct arm920t_common *arm920t = target_to_arm920(target);
531
532 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
533 LOG_ERROR("BUG: %s", arm920_not);
534 return ERROR_TARGET_INVALID;
535 }
536
537 arm_arch_state(target);
538 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
539 state[arm920t->armv4_5_mmu.mmu_enabled],
540 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
541 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
542
543 return ERROR_OK;
544 }
545
546 static int arm920_mmu(struct target *target, int *enabled)
547 {
548 if (target->state != TARGET_HALTED) {
549 LOG_ERROR("%s: target not halted", __func__);
550 return ERROR_TARGET_INVALID;
551 }
552
553 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
554 return ERROR_OK;
555 }
556
557 static int arm920_virt2phys(struct target *target,
558 uint32_t virt, uint32_t *phys)
559 {
560 uint32_t cb;
561 struct arm920t_common *arm920t = target_to_arm920(target);
562
563 uint32_t ret;
564 int retval = armv4_5_mmu_translate_va(target,
565 &arm920t->armv4_5_mmu, virt, &cb, &ret);
566 if (retval != ERROR_OK)
567 return retval;
568 *phys = ret;
569 return ERROR_OK;
570 }
571
572 /** Reads a buffer, in the specified word size, with current MMU settings. */
573 int arm920t_read_memory(struct target *target, uint32_t address,
574 uint32_t size, uint32_t count, uint8_t *buffer)
575 {
576 int retval;
577
578 retval = arm7_9_read_memory(target, address, size, count, buffer);
579
580 return retval;
581 }
582
583
584 static int arm920t_read_phys_memory(struct target *target,
585 uint32_t address, uint32_t size,
586 uint32_t count, uint8_t *buffer)
587 {
588 struct arm920t_common *arm920t = target_to_arm920(target);
589
590 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
591 address, size, count, buffer);
592 }
593
594 static int arm920t_write_phys_memory(struct target *target,
595 uint32_t address, uint32_t size,
596 uint32_t count, const uint8_t *buffer)
597 {
598 struct arm920t_common *arm920t = target_to_arm920(target);
599
600 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
601 address, size, count, buffer);
602 }
603
604 /** Writes a buffer, in the specified word size, with current MMU settings. */
605 int arm920t_write_memory(struct target *target, uint32_t address,
606 uint32_t size, uint32_t count, const uint8_t *buffer)
607 {
608 int retval;
609 const uint32_t cache_mask = ~0x1f; /* cache line size : 32 byte */
610 struct arm920t_common *arm920t = target_to_arm920(target);
611
612 /* FIX!!!! this should be cleaned up and made much more general. The
613 * plan is to write up and test on arm920t specifically and
614 * then generalize and clean up afterwards.
615 *
616 * Also it should be moved to the callbacks that handle breakpoints
617 * specifically and not the generic memory write fn's. See XScale code.
618 */
619 if (arm920t->armv4_5_mmu.mmu_enabled && (count == 1) &&
620 ((size == 2) || (size == 4))) {
621 /* special case the handling of single word writes to
622 * bypass MMU, to allow implementation of breakpoints
623 * in memory marked read only
624 * by MMU
625 */
626 uint32_t cb;
627 uint32_t pa;
628
629 /*
630 * We need physical address and cb
631 */
632 retval = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu,
633 address, &cb, &pa);
634 if (retval != ERROR_OK)
635 return retval;
636
637 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) {
638 if (cb & 0x1) {
639 LOG_DEBUG("D-Cache buffered, "
640 "drain write buffer");
641 /*
642 * Buffered ?
643 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
644 */
645
646 retval = arm920t_write_cp15_interpreted(target,
647 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
648 0x0, 0);
649 if (retval != ERROR_OK)
650 return retval;
651 }
652
653 if (cb == 0x3) {
654 /*
655 * Write back memory ? -> clean cache
656 *
657 * There is no way to clean cache lines using
658 * cp15 scan chain, so copy the full cache
659 * line from cache to physical memory.
660 */
661 uint8_t data[32];
662
663 LOG_DEBUG("D-Cache in 'write back' mode, "
664 "flush cache line");
665
666 retval = target_read_memory(target,
667 address & cache_mask, 1,
668 sizeof(data), &data[0]);
669 if (retval != ERROR_OK)
670 return retval;
671
672 retval = armv4_5_mmu_write_physical(target,
673 &arm920t->armv4_5_mmu,
674 pa & cache_mask, 1,
675 sizeof(data), &data[0]);
676 if (retval != ERROR_OK)
677 return retval;
678 }
679
680 /* Cached ? */
681 if (cb & 0x2) {
682 /*
683 * Cached ? -> Invalidate data cache using MVA
684 *
685 * MCR p15,0,Rd,c7,c6,1
686 */
687 LOG_DEBUG("D-Cache enabled, "
688 "invalidate cache line");
689
690 retval = arm920t_write_cp15_interpreted(target,
691 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
692 address & cache_mask);
693 if (retval != ERROR_OK)
694 return retval;
695 }
696 }
697
698 /* write directly to physical memory,
699 * bypassing any read only MMU bits, etc.
700 */
701 retval = armv4_5_mmu_write_physical(target,
702 &arm920t->armv4_5_mmu, pa, size,
703 count, buffer);
704 if (retval != ERROR_OK)
705 return retval;
706 } else {
707 retval = arm7_9_write_memory(target, address, size, count, buffer);
708 if (retval != ERROR_OK)
709 return retval;
710 }
711
712 /* If ICache is enabled, we have to invalidate affected ICache lines
713 * the DCache is forced to write-through,
714 * so we don't have to clean it here
715 */
716 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled) {
717 if (count <= 1) {
718 /* invalidate ICache single entry with MVA
719 * mcr 15, 0, r0, cr7, cr5, {1}
720 */
721 LOG_DEBUG("I-Cache enabled, "
722 "invalidating affected I-Cache line");
723 retval = arm920t_write_cp15_interpreted(target,
724 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
725 0x0, address & cache_mask);
726 if (retval != ERROR_OK)
727 return retval;
728 } else {
729 /* invalidate ICache
730 * mcr 15, 0, r0, cr7, cr5, {0}
731 */
732 retval = arm920t_write_cp15_interpreted(target,
733 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
734 0x0, 0x0);
735 if (retval != ERROR_OK)
736 return retval;
737 }
738 }
739
740 return ERROR_OK;
741 }
742
743 /* EXPORTED to FA256 */
744 int arm920t_soft_reset_halt(struct target *target)
745 {
746 int retval = ERROR_OK;
747 struct arm920t_common *arm920t = target_to_arm920(target);
748 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
749 struct arm *arm = &arm7_9->arm;
750 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
751
752 retval = target_halt(target);
753 if (retval != ERROR_OK)
754 return retval;
755
756 long long then = timeval_ms();
757 int timeout;
758 while (!(timeout = ((timeval_ms()-then) > 1000))) {
759 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0) {
760 embeddedice_read_reg(dbg_stat);
761 retval = jtag_execute_queue();
762 if (retval != ERROR_OK)
763 return retval;
764 } else
765 break;
766 if (debug_level >= 3) {
767 /* do not eat all CPU, time out after 1 se*/
768 alive_sleep(100);
769 } else
770 keep_alive();
771 }
772 if (timeout) {
773 LOG_ERROR("Failed to halt CPU after 1 sec");
774 return ERROR_TARGET_TIMEOUT;
775 }
776
777 target->state = TARGET_HALTED;
778
779 /* SVC, ARM state, IRQ and FIQ disabled */
780 uint32_t cpsr;
781
782 cpsr = buf_get_u32(arm->cpsr->value, 0, 32);
783 cpsr &= ~0xff;
784 cpsr |= 0xd3;
785 arm_set_cpsr(arm, cpsr);
786 arm->cpsr->dirty = 1;
787
788 /* start fetching from 0x0 */
789 buf_set_u32(arm->pc->value, 0, 32, 0x0);
790 arm->pc->dirty = 1;
791 arm->pc->valid = 1;
792
793 arm920t_disable_mmu_caches(target, 1, 1, 1);
794 arm920t->armv4_5_mmu.mmu_enabled = 0;
795 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
796 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
797
798 return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
799 }
800
801 /* FIXME remove forward decls */
802 static int arm920t_mrc(struct target *target, int cpnum,
803 uint32_t op1, uint32_t op2,
804 uint32_t CRn, uint32_t CRm,
805 uint32_t *value);
806 static int arm920t_mcr(struct target *target, int cpnum,
807 uint32_t op1, uint32_t op2,
808 uint32_t CRn, uint32_t CRm,
809 uint32_t value);
810
811 static int arm920t_init_arch_info(struct target *target,
812 struct arm920t_common *arm920t, struct jtag_tap *tap)
813 {
814 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
815
816 arm7_9->arm.mrc = arm920t_mrc;
817 arm7_9->arm.mcr = arm920t_mcr;
818
819 /* initialize arm7/arm9 specific info (including armv4_5) */
820 arm9tdmi_init_arch_info(target, arm7_9, tap);
821
822 arm920t->common_magic = ARM920T_COMMON_MAGIC;
823
824 arm7_9->post_debug_entry = arm920t_post_debug_entry;
825 arm7_9->pre_restore_context = arm920t_pre_restore_context;
826
827 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
828 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
829 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
830 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
831 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
832 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
833 arm920t->armv4_5_mmu.has_tiny_pages = 1;
834 arm920t->armv4_5_mmu.mmu_enabled = 0;
835
836 /* disabling linefills leads to lockups, so keep them enabled for now
837 * this doesn't affect correctness, but might affect timing issues, if
838 * important data is evicted from the cache during the debug session
839 * */
840 arm920t->preserve_cache = 0;
841
842 /* override hw single-step capability from ARM9TDMI */
843 arm7_9->has_single_step = 1;
844
845 return ERROR_OK;
846 }
847
848 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
849 {
850 struct arm920t_common *arm920t;
851
852 arm920t = calloc(1, sizeof(struct arm920t_common));
853 return arm920t_init_arch_info(target, arm920t, target->tap);
854 }
855
856 COMMAND_HANDLER(arm920t_handle_read_cache_command)
857 {
858 int retval = ERROR_OK;
859 struct target *target = get_current_target(CMD_CTX);
860 struct arm920t_common *arm920t = target_to_arm920(target);
861 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
862 struct arm *arm = &arm7_9->arm;
863 uint32_t cp15c15;
864 uint32_t cp15_ctrl, cp15_ctrl_saved;
865 uint32_t regs[16];
866 uint32_t *regs_p[16];
867 uint32_t C15_C_D_Ind, C15_C_I_Ind;
868 int i;
869 FILE *output;
870 int segment, index_t;
871 struct reg *r;
872
873 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
874 if (retval != ERROR_OK)
875 return retval;
876
877 if (CMD_ARGC != 1)
878 return ERROR_COMMAND_SYNTAX_ERROR;
879
880 output = fopen(CMD_ARGV[0], "w");
881 if (output == NULL) {
882 LOG_DEBUG("error opening cache content file");
883 return ERROR_OK;
884 }
885
886 for (i = 0; i < 16; i++)
887 regs_p[i] = &regs[i];
888
889 /* disable MMU and Caches */
890 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
891 retval = jtag_execute_queue();
892 if (retval != ERROR_OK)
893 return retval;
894 cp15_ctrl_saved = cp15_ctrl;
895 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
896 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
897 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
898
899 /* read CP15 test state register */
900 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
901 jtag_execute_queue();
902
903 /* read DCache content */
904 fprintf(output, "DCache:\n");
905
906 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
907 for (segment = 0;
908 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
909 segment++) {
910 fprintf(output, "\nsegment: %i\n----------", segment);
911
912 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
913 regs[0] = 0x0 | (segment << 5);
914 arm9tdmi_write_core_regs(target, 0x1, regs);
915
916 /* set interpret mode */
917 cp15c15 |= 0x1;
918 arm920t_write_cp15_physical(target,
919 CP15PHYS_TESTSTATE, cp15c15);
920
921 /* D CAM Read, loads current victim into C15.C.D.Ind */
922 arm920t_execute_cp15(target,
923 ARMV4_5_MCR(15, 2, 0, 15, 6, 2), ARMV4_5_LDR(1, 0));
924
925 /* read current victim */
926 arm920t_read_cp15_physical(target,
927 CP15PHYS_DCACHE_IDX, &C15_C_D_Ind);
928
929 /* clear interpret mode */
930 cp15c15 &= ~0x1;
931 arm920t_write_cp15_physical(target,
932 CP15PHYS_TESTSTATE, cp15c15);
933
934 for (index_t = 0; index_t < 64; index_t++) {
935 /* Ra:
936 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
937 */
938 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
939 arm9tdmi_write_core_regs(target, 0x1, regs);
940
941 /* set interpret mode */
942 cp15c15 |= 0x1;
943 arm920t_write_cp15_physical(target,
944 CP15PHYS_TESTSTATE, cp15c15);
945
946 /* Write DCache victim */
947 arm920t_execute_cp15(target,
948 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
949
950 /* Read D RAM */
951 arm920t_execute_cp15(target,
952 ARMV4_5_MCR(15, 2, 0, 15, 10, 2),
953 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
954
955 /* Read D CAM */
956 arm920t_execute_cp15(target,
957 ARMV4_5_MCR(15, 2, 0, 15, 6, 2),
958 ARMV4_5_LDR(9, 0));
959
960 /* clear interpret mode */
961 cp15c15 &= ~0x1;
962 arm920t_write_cp15_physical(target,
963 CP15PHYS_TESTSTATE, cp15c15);
964
965 /* read D RAM and CAM content */
966 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
967 retval = jtag_execute_queue();
968 if (retval != ERROR_OK)
969 return retval;
970
971 /* mask LFSR[6] */
972 regs[9] &= 0xfffffffe;
973 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8"
974 PRIx32 ", content (%s):\n",
975 segment, index_t, regs[9],
976 (regs[9] & 0x10) ? "valid" : "invalid");
977
978 for (i = 1; i < 9; i++) {
979 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
980 i-1, regs[i]);
981 }
982
983 }
984
985 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
986 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
987 arm9tdmi_write_core_regs(target, 0x1, regs);
988
989 /* set interpret mode */
990 cp15c15 |= 0x1;
991 arm920t_write_cp15_physical(target,
992 CP15PHYS_TESTSTATE, cp15c15);
993
994 /* Write DCache victim */
995 arm920t_execute_cp15(target,
996 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
997
998 /* clear interpret mode */
999 cp15c15 &= ~0x1;
1000 arm920t_write_cp15_physical(target,
1001 CP15PHYS_TESTSTATE, cp15c15);
1002 }
1003
1004 /* read ICache content */
1005 fprintf(output, "ICache:\n");
1006
1007 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1008 for (segment = 0;
1009 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
1010 segment++) {
1011 fprintf(output, "segment: %i\n----------", segment);
1012
1013 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1014 regs[0] = 0x0 | (segment << 5);
1015 arm9tdmi_write_core_regs(target, 0x1, regs);
1016
1017 /* set interpret mode */
1018 cp15c15 |= 0x1;
1019 arm920t_write_cp15_physical(target,
1020 CP15PHYS_TESTSTATE, cp15c15);
1021
1022 /* I CAM Read, loads current victim into C15.C.I.Ind */
1023 arm920t_execute_cp15(target,
1024 ARMV4_5_MCR(15, 2, 0, 15, 5, 2), ARMV4_5_LDR(1, 0));
1025
1026 /* read current victim */
1027 arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,
1028 &C15_C_I_Ind);
1029
1030 /* clear interpret mode */
1031 cp15c15 &= ~0x1;
1032 arm920t_write_cp15_physical(target,
1033 CP15PHYS_TESTSTATE, cp15c15);
1034
1035 for (index_t = 0; index_t < 64; index_t++) {
1036 /* Ra:
1037 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1038 */
1039 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
1040 arm9tdmi_write_core_regs(target, 0x1, regs);
1041
1042 /* set interpret mode */
1043 cp15c15 |= 0x1;
1044 arm920t_write_cp15_physical(target,
1045 CP15PHYS_TESTSTATE, cp15c15);
1046
1047 /* Write ICache victim */
1048 arm920t_execute_cp15(target,
1049 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1050
1051 /* Read I RAM */
1052 arm920t_execute_cp15(target,
1053 ARMV4_5_MCR(15, 2, 0, 15, 9, 2),
1054 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1055
1056 /* Read I CAM */
1057 arm920t_execute_cp15(target,
1058 ARMV4_5_MCR(15, 2, 0, 15, 5, 2),
1059 ARMV4_5_LDR(9, 0));
1060
1061 /* clear interpret mode */
1062 cp15c15 &= ~0x1;
1063 arm920t_write_cp15_physical(target,
1064 CP15PHYS_TESTSTATE, cp15c15);
1065
1066 /* read I RAM and CAM content */
1067 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
1068 retval = jtag_execute_queue();
1069 if (retval != ERROR_OK)
1070 return retval;
1071
1072 /* mask LFSR[6] */
1073 regs[9] &= 0xfffffffe;
1074 fprintf(output, "\nsegment: %i, index: %i, "
1075 "CAM: 0x%8.8" PRIx32 ", content (%s):\n",
1076 segment, index_t, regs[9],
1077 (regs[9] & 0x10) ? "valid" : "invalid");
1078
1079 for (i = 1; i < 9; i++) {
1080 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
1081 i-1, regs[i]);
1082 }
1083 }
1084
1085 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1086 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
1087 arm9tdmi_write_core_regs(target, 0x1, regs);
1088
1089 /* set interpret mode */
1090 cp15c15 |= 0x1;
1091 arm920t_write_cp15_physical(target,
1092 CP15PHYS_TESTSTATE, cp15c15);
1093
1094 /* Write ICache victim */
1095 arm920t_execute_cp15(target,
1096 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1097
1098 /* clear interpret mode */
1099 cp15c15 &= ~0x1;
1100 arm920t_write_cp15_physical(target,
1101 CP15PHYS_TESTSTATE, cp15c15);
1102 }
1103
1104 /* restore CP15 MMU and Cache settings */
1105 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1106
1107 command_print(CMD_CTX, "cache content successfully output to %s",
1108 CMD_ARGV[0]);
1109
1110 fclose(output);
1111
1112 if (!is_arm_mode(arm->core_mode)) {
1113 LOG_ERROR("not a valid arm core mode - communication failure?");
1114 return ERROR_FAIL;
1115 }
1116
1117 /* force writeback of the valid data */
1118 r = arm->core_cache->reg_list;
1119 r[0].dirty = r[0].valid;
1120 r[1].dirty = r[1].valid;
1121 r[2].dirty = r[2].valid;
1122 r[3].dirty = r[3].valid;
1123 r[4].dirty = r[4].valid;
1124 r[5].dirty = r[5].valid;
1125 r[6].dirty = r[6].valid;
1126 r[7].dirty = r[7].valid;
1127
1128 r = arm_reg_current(arm, 8);
1129 r->dirty = r->valid;
1130
1131 r = arm_reg_current(arm, 9);
1132 r->dirty = r->valid;
1133
1134 return ERROR_OK;
1135 }
1136
1137 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
1138 {
1139 int retval = ERROR_OK;
1140 struct target *target = get_current_target(CMD_CTX);
1141 struct arm920t_common *arm920t = target_to_arm920(target);
1142 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1143 struct arm *arm = &arm7_9->arm;
1144 uint32_t cp15c15;
1145 uint32_t cp15_ctrl, cp15_ctrl_saved;
1146 uint32_t regs[16];
1147 uint32_t *regs_p[16];
1148 int i;
1149 FILE *output;
1150 uint32_t Dlockdown, Ilockdown;
1151 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
1152 int victim;
1153 struct reg *r;
1154
1155 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1156 if (retval != ERROR_OK)
1157 return retval;
1158
1159 if (CMD_ARGC != 1)
1160 return ERROR_COMMAND_SYNTAX_ERROR;
1161
1162 output = fopen(CMD_ARGV[0], "w");
1163 if (output == NULL) {
1164 LOG_DEBUG("error opening mmu content file");
1165 return ERROR_OK;
1166 }
1167
1168 for (i = 0; i < 16; i++)
1169 regs_p[i] = &regs[i];
1170
1171 /* disable MMU and Caches */
1172 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
1173 retval = jtag_execute_queue();
1174 if (retval != ERROR_OK)
1175 return retval;
1176 cp15_ctrl_saved = cp15_ctrl;
1177 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
1178 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1179 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
1180
1181 /* read CP15 test state register */
1182 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
1183 retval = jtag_execute_queue();
1184 if (retval != ERROR_OK)
1185 return retval;
1186
1187 /* prepare reading D TLB content
1188 * */
1189
1190 /* set interpret mode */
1191 cp15c15 |= 0x1;
1192 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1193
1194 /* Read D TLB lockdown */
1195 arm920t_execute_cp15(target,
1196 ARMV4_5_MRC(15, 0, 0, 10, 0, 0), ARMV4_5_LDR(1, 0));
1197
1198 /* clear interpret mode */
1199 cp15c15 &= ~0x1;
1200 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1201
1202 /* read D TLB lockdown stored to r1 */
1203 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1204 retval = jtag_execute_queue();
1205 if (retval != ERROR_OK)
1206 return retval;
1207 Dlockdown = regs[1];
1208
1209 for (victim = 0; victim < 64; victim += 8) {
1210 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1211 * base remains unchanged, victim goes through entries 0 to 63
1212 */
1213 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1214 arm9tdmi_write_core_regs(target, 0x2, regs);
1215
1216 /* set interpret mode */
1217 cp15c15 |= 0x1;
1218 arm920t_write_cp15_physical(target,
1219 CP15PHYS_TESTSTATE, cp15c15);
1220
1221 /* Write D TLB lockdown */
1222 arm920t_execute_cp15(target,
1223 ARMV4_5_MCR(15, 0, 0, 10, 0, 0),
1224 ARMV4_5_STR(1, 0));
1225
1226 /* Read D TLB CAM */
1227 arm920t_execute_cp15(target,
1228 ARMV4_5_MCR(15, 4, 0, 15, 6, 4),
1229 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1230
1231 /* clear interpret mode */
1232 cp15c15 &= ~0x1;
1233 arm920t_write_cp15_physical(target,
1234 CP15PHYS_TESTSTATE, cp15c15);
1235
1236 /* read D TLB CAM content stored to r2-r9 */
1237 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1238 retval = jtag_execute_queue();
1239 if (retval != ERROR_OK)
1240 return retval;
1241
1242 for (i = 0; i < 8; i++)
1243 d_tlb[victim + i].cam = regs[i + 2];
1244 }
1245
1246 for (victim = 0; victim < 64; victim++) {
1247 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1248 * base remains unchanged, victim goes through entries 0 to 63
1249 */
1250 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1251 arm9tdmi_write_core_regs(target, 0x2, regs);
1252
1253 /* set interpret mode */
1254 cp15c15 |= 0x1;
1255 arm920t_write_cp15_physical(target,
1256 CP15PHYS_TESTSTATE, cp15c15);
1257
1258 /* Write D TLB lockdown */
1259 arm920t_execute_cp15(target,
1260 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1261
1262 /* Read D TLB RAM1 */
1263 arm920t_execute_cp15(target,
1264 ARMV4_5_MCR(15, 4, 0, 15, 10, 4), ARMV4_5_LDR(2, 0));
1265
1266 /* Read D TLB RAM2 */
1267 arm920t_execute_cp15(target,
1268 ARMV4_5_MCR(15, 4, 0, 15, 2, 5), ARMV4_5_LDR(3, 0));
1269
1270 /* clear interpret mode */
1271 cp15c15 &= ~0x1;
1272 arm920t_write_cp15_physical(target,
1273 CP15PHYS_TESTSTATE, cp15c15);
1274
1275 /* read D TLB RAM content stored to r2 and r3 */
1276 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1277 retval = jtag_execute_queue();
1278 if (retval != ERROR_OK)
1279 return retval;
1280
1281 d_tlb[victim].ram1 = regs[2];
1282 d_tlb[victim].ram2 = regs[3];
1283 }
1284
1285 /* restore D TLB lockdown */
1286 regs[1] = Dlockdown;
1287 arm9tdmi_write_core_regs(target, 0x2, regs);
1288
1289 /* Write D TLB lockdown */
1290 arm920t_execute_cp15(target,
1291 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1292
1293 /* prepare reading I TLB content
1294 * */
1295
1296 /* set interpret mode */
1297 cp15c15 |= 0x1;
1298 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1299
1300 /* Read I TLB lockdown */
1301 arm920t_execute_cp15(target,
1302 ARMV4_5_MRC(15, 0, 0, 10, 0, 1), ARMV4_5_LDR(1, 0));
1303
1304 /* clear interpret mode */
1305 cp15c15 &= ~0x1;
1306 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1307
1308 /* read I TLB lockdown stored to r1 */
1309 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1310 retval = jtag_execute_queue();
1311 if (retval != ERROR_OK)
1312 return retval;
1313 Ilockdown = regs[1];
1314
1315 for (victim = 0; victim < 64; victim += 8) {
1316 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1317 * base remains unchanged, victim goes through entries 0 to 63
1318 */
1319 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1320 arm9tdmi_write_core_regs(target, 0x2, regs);
1321
1322 /* set interpret mode */
1323 cp15c15 |= 0x1;
1324 arm920t_write_cp15_physical(target,
1325 CP15PHYS_TESTSTATE, cp15c15);
1326
1327 /* Write I TLB lockdown */
1328 arm920t_execute_cp15(target,
1329 ARMV4_5_MCR(15, 0, 0, 10, 0, 1),
1330 ARMV4_5_STR(1, 0));
1331
1332 /* Read I TLB CAM */
1333 arm920t_execute_cp15(target,
1334 ARMV4_5_MCR(15, 4, 0, 15, 5, 4),
1335 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1336
1337 /* clear interpret mode */
1338 cp15c15 &= ~0x1;
1339 arm920t_write_cp15_physical(target,
1340 CP15PHYS_TESTSTATE, cp15c15);
1341
1342 /* read I TLB CAM content stored to r2-r9 */
1343 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1344 retval = jtag_execute_queue();
1345 if (retval != ERROR_OK)
1346 return retval;
1347
1348 for (i = 0; i < 8; i++)
1349 i_tlb[i + victim].cam = regs[i + 2];
1350 }
1351
1352 for (victim = 0; victim < 64; victim++) {
1353 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1354 * base remains unchanged, victim goes through entries 0 to 63
1355 */
1356 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1357 arm9tdmi_write_core_regs(target, 0x2, regs);
1358
1359 /* set interpret mode */
1360 cp15c15 |= 0x1;
1361 arm920t_write_cp15_physical(target,
1362 CP15PHYS_TESTSTATE, cp15c15);
1363
1364 /* Write I TLB lockdown */
1365 arm920t_execute_cp15(target,
1366 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1367
1368 /* Read I TLB RAM1 */
1369 arm920t_execute_cp15(target,
1370 ARMV4_5_MCR(15, 4, 0, 15, 9, 4), ARMV4_5_LDR(2, 0));
1371
1372 /* Read I TLB RAM2 */
1373 arm920t_execute_cp15(target,
1374 ARMV4_5_MCR(15, 4, 0, 15, 1, 5), ARMV4_5_LDR(3, 0));
1375
1376 /* clear interpret mode */
1377 cp15c15 &= ~0x1;
1378 arm920t_write_cp15_physical(target,
1379 CP15PHYS_TESTSTATE, cp15c15);
1380
1381 /* read I TLB RAM content stored to r2 and r3 */
1382 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1383 retval = jtag_execute_queue();
1384 if (retval != ERROR_OK)
1385 return retval;
1386
1387 i_tlb[victim].ram1 = regs[2];
1388 i_tlb[victim].ram2 = regs[3];
1389 }
1390
1391 /* restore I TLB lockdown */
1392 regs[1] = Ilockdown;
1393 arm9tdmi_write_core_regs(target, 0x2, regs);
1394
1395 /* Write I TLB lockdown */
1396 arm920t_execute_cp15(target,
1397 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1398
1399 /* restore CP15 MMU and Cache settings */
1400 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1401
1402 /* output data to file */
1403 fprintf(output, "D TLB content:\n");
1404 for (i = 0; i < 64; i++) {
1405 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1406 " 0x%8.8" PRIx32 " %s\n",
1407 i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2,
1408 (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1409 }
1410
1411 fprintf(output, "\n\nI TLB content:\n");
1412 for (i = 0; i < 64; i++) {
1413 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1414 " 0x%8.8" PRIx32 " %s\n",
1415 i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2,
1416 (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1417 }
1418
1419 command_print(CMD_CTX, "mmu content successfully output to %s",
1420 CMD_ARGV[0]);
1421
1422 fclose(output);
1423
1424 if (!is_arm_mode(arm->core_mode)) {
1425 LOG_ERROR("not a valid arm core mode - communication failure?");
1426 return ERROR_FAIL;
1427 }
1428
1429 /* force writeback of the valid data */
1430 r = arm->core_cache->reg_list;
1431 r[0].dirty = r[0].valid;
1432 r[1].dirty = r[1].valid;
1433 r[2].dirty = r[2].valid;
1434 r[3].dirty = r[3].valid;
1435 r[4].dirty = r[4].valid;
1436 r[5].dirty = r[5].valid;
1437 r[6].dirty = r[6].valid;
1438 r[7].dirty = r[7].valid;
1439
1440 r = arm_reg_current(arm, 8);
1441 r->dirty = r->valid;
1442
1443 r = arm_reg_current(arm, 9);
1444 r->dirty = r->valid;
1445
1446 return ERROR_OK;
1447 }
1448
1449 COMMAND_HANDLER(arm920t_handle_cp15_command)
1450 {
1451 int retval;
1452 struct target *target = get_current_target(CMD_CTX);
1453 struct arm920t_common *arm920t = target_to_arm920(target);
1454
1455 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1456 if (retval != ERROR_OK)
1457 return retval;
1458
1459 if (target->state != TARGET_HALTED) {
1460 command_print(CMD_CTX, "target must be stopped for "
1461 "\"%s\" command", CMD_NAME);
1462 return ERROR_OK;
1463 }
1464
1465 /* one argument, read a register.
1466 * two arguments, write it.
1467 */
1468 if (CMD_ARGC >= 1) {
1469 int address;
1470 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1471
1472 if (CMD_ARGC == 1) {
1473 uint32_t value;
1474 retval = arm920t_read_cp15_physical(target, address, &value);
1475 if (retval != ERROR_OK) {
1476 command_print(CMD_CTX,
1477 "couldn't access reg %i", address);
1478 return ERROR_OK;
1479 }
1480 retval = jtag_execute_queue();
1481 if (retval != ERROR_OK)
1482 return retval;
1483
1484 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1485 address, value);
1486 } else if (CMD_ARGC == 2) {
1487 uint32_t value;
1488 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1489 retval = arm920t_write_cp15_physical(target,
1490 address, value);
1491 if (retval != ERROR_OK) {
1492 command_print(CMD_CTX,
1493 "couldn't access reg %i", address);
1494 /* REVISIT why lie? "return retval"? */
1495 return ERROR_OK;
1496 }
1497 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1498 address, value);
1499 }
1500 }
1501
1502 return ERROR_OK;
1503 }
1504
1505 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1506 {
1507 int retval;
1508 struct target *target = get_current_target(CMD_CTX);
1509 struct arm920t_common *arm920t = target_to_arm920(target);
1510
1511 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1512 if (retval != ERROR_OK)
1513 return retval;
1514
1515
1516 if (target->state != TARGET_HALTED) {
1517 command_print(CMD_CTX, "target must be stopped for "
1518 "\"%s\" command", CMD_NAME);
1519 return ERROR_OK;
1520 }
1521
1522 /* one argument, read a register.
1523 * two arguments, write it.
1524 */
1525 if (CMD_ARGC >= 1) {
1526 uint32_t opcode;
1527 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1528
1529 if (CMD_ARGC == 1) {
1530 uint32_t value;
1531 retval = arm920t_read_cp15_interpreted(target,
1532 opcode, 0x0, &value);
1533 if (retval != ERROR_OK) {
1534 command_print(CMD_CTX,
1535 "couldn't execute %8.8" PRIx32,
1536 opcode);
1537 /* REVISIT why lie? "return retval"? */
1538 return ERROR_OK;
1539 }
1540
1541 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1542 opcode, value);
1543 } else if (CMD_ARGC == 2) {
1544 uint32_t value;
1545 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1546 retval = arm920t_write_cp15_interpreted(target,
1547 opcode, value, 0);
1548 if (retval != ERROR_OK) {
1549 command_print(CMD_CTX,
1550 "couldn't execute %8.8" PRIx32,
1551 opcode);
1552 /* REVISIT why lie? "return retval"? */
1553 return ERROR_OK;
1554 }
1555 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1556 opcode, value);
1557 } else if (CMD_ARGC == 3) {
1558 uint32_t value;
1559 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1560 uint32_t address;
1561 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1562 retval = arm920t_write_cp15_interpreted(target,
1563 opcode, value, address);
1564 if (retval != ERROR_OK) {
1565 command_print(CMD_CTX,
1566 "couldn't execute %8.8" PRIx32, opcode);
1567 /* REVISIT why lie? "return retval"? */
1568 return ERROR_OK;
1569 }
1570 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32
1571 " %8.8" PRIx32, opcode, value, address);
1572 }
1573 } else
1574 return ERROR_COMMAND_SYNTAX_ERROR;
1575
1576 return ERROR_OK;
1577 }
1578
1579 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1580 {
1581 int retval;
1582 struct target *target = get_current_target(CMD_CTX);
1583 struct arm920t_common *arm920t = target_to_arm920(target);
1584
1585 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1586 if (retval != ERROR_OK)
1587 return retval;
1588
1589 return armv4_5_handle_cache_info_command(CMD_CTX,
1590 &arm920t->armv4_5_mmu.armv4_5_cache);
1591 }
1592
1593
1594 static int arm920t_mrc(struct target *target, int cpnum,
1595 uint32_t op1, uint32_t op2,
1596 uint32_t CRn, uint32_t CRm,
1597 uint32_t *value)
1598 {
1599 if (cpnum != 15) {
1600 LOG_ERROR("Only cp15 is supported");
1601 return ERROR_FAIL;
1602 }
1603
1604 /* read "to" r0 */
1605 return arm920t_read_cp15_interpreted(target,
1606 ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),
1607 0, value);
1608 }
1609
1610 static int arm920t_mcr(struct target *target, int cpnum,
1611 uint32_t op1, uint32_t op2,
1612 uint32_t CRn, uint32_t CRm,
1613 uint32_t value)
1614 {
1615 if (cpnum != 15) {
1616 LOG_ERROR("Only cp15 is supported");
1617 return ERROR_FAIL;
1618 }
1619
1620 /* write "from" r0 */
1621 return arm920t_write_cp15_interpreted(target,
1622 ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),
1623 0, value);
1624 }
1625
1626 static const struct command_registration arm920t_exec_command_handlers[] = {
1627 {
1628 .name = "cp15",
1629 .handler = arm920t_handle_cp15_command,
1630 .mode = COMMAND_EXEC,
1631 .help = "display/modify cp15 register",
1632 .usage = "regnum [value]",
1633 },
1634 {
1635 .name = "cp15i",
1636 .handler = arm920t_handle_cp15i_command,
1637 .mode = COMMAND_EXEC,
1638 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1639 .help = "display/modify cp15 register using ARM opcode"
1640 " (DEPRECATED)",
1641 .usage = "instruction [value [address]]",
1642 },
1643 {
1644 .name = "cache_info",
1645 .handler = arm920t_handle_cache_info_command,
1646 .mode = COMMAND_EXEC,
1647 .usage = "",
1648 .help = "display information about target caches",
1649 },
1650 {
1651 .name = "read_cache",
1652 .handler = arm920t_handle_read_cache_command,
1653 .mode = COMMAND_EXEC,
1654 .help = "dump I/D cache content to file",
1655 .usage = "filename",
1656 },
1657 {
1658 .name = "read_mmu",
1659 .handler = arm920t_handle_read_mmu_command,
1660 .mode = COMMAND_EXEC,
1661 .help = "dump I/D mmu content to file",
1662 .usage = "filename",
1663 },
1664 COMMAND_REGISTRATION_DONE
1665 };
1666 const struct command_registration arm920t_command_handlers[] = {
1667 {
1668 .chain = arm9tdmi_command_handlers,
1669 },
1670 {
1671 .name = "arm920t",
1672 .mode = COMMAND_ANY,
1673 .help = "arm920t command group",
1674 .usage = "",
1675 .chain = arm920t_exec_command_handlers,
1676 },
1677 COMMAND_REGISTRATION_DONE
1678 };
1679
1680 /** Holds methods for ARM920 targets. */
1681 struct target_type arm920t_target = {
1682 .name = "arm920t",
1683
1684 .poll = arm7_9_poll,
1685 .arch_state = arm920t_arch_state,
1686
1687 .target_request_data = arm7_9_target_request_data,
1688
1689 .halt = arm7_9_halt,
1690 .resume = arm7_9_resume,
1691 .step = arm7_9_step,
1692
1693 .assert_reset = arm7_9_assert_reset,
1694 .deassert_reset = arm7_9_deassert_reset,
1695 .soft_reset_halt = arm920t_soft_reset_halt,
1696
1697 .get_gdb_reg_list = arm_get_gdb_reg_list,
1698
1699 .read_memory = arm920t_read_memory,
1700 .write_memory = arm920t_write_memory,
1701 .read_phys_memory = arm920t_read_phys_memory,
1702 .write_phys_memory = arm920t_write_phys_memory,
1703 .mmu = arm920_mmu,
1704 .virt2phys = arm920_virt2phys,
1705
1706 .bulk_write_memory = arm7_9_bulk_write_memory,
1707
1708 .checksum_memory = arm_checksum_memory,
1709 .blank_check_memory = arm_blank_check_memory,
1710
1711 .run_algorithm = armv4_5_run_algorithm,
1712
1713 .add_breakpoint = arm7_9_add_breakpoint,
1714 .remove_breakpoint = arm7_9_remove_breakpoint,
1715 .add_watchpoint = arm7_9_add_watchpoint,
1716 .remove_watchpoint = arm7_9_remove_watchpoint,
1717
1718 .commands = arm920t_command_handlers,
1719 .target_create = arm920t_target_create,
1720 .init_target = arm9tdmi_init_target,
1721 .examine = arm7_9_examine,
1722 .check_reset = arm7_9_check_reset,
1723 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)