Code Review / openocd.git / blob
? search:


1c633271a2391bc75f93cf0683e24974fa585981
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include "time_support.h"
26 #include "target_type.h"
27
28
29 /*
30 * For information about the ARM920T, see ARM DDI 0151C especially
31 * Chapter 9 about debug support, which shows how to manipulate each
32 * of the different scan chains:
33 *
34 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
35 * 1 ... debugging; watchpoint and breakpoint status, etc; also
36 * MMU and cache access in conjunction with scan chain 15
37 * 2 ... EmbeddedICE
38 * 3 ... external boundary scan (SoC-specific, unused here)
39 * 4 ... access to cache tag RAM
40 * 6 ... ETM9
41 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
42 * "interpreted" works with a few actual MRC/MCR instructions
43 * "physical" provides register-like behaviors.
44 *
45 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
46 */
47
48 #if 0
49 #define _DEBUG_INSTRUCTION_EXECUTION_
50 #endif
51
52 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
53
54 static int arm920t_read_cp15_physical(target_t *target,
55 int reg_addr, uint32_t *value)
56 {
57 armv4_5_common_t *armv4_5 = target->arch_info;
58 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
59 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
60 scan_field_t fields[4];
61 uint8_t access_type_buf = 1;
62 uint8_t reg_addr_buf = reg_addr & 0x3f;
63 uint8_t nr_w_buf = 0;
64
65 jtag_set_end_state(TAP_IDLE);
66 arm_jtag_scann(jtag_info, 0xf);
67 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
68
69 fields[0].tap = jtag_info->tap;
70 fields[0].num_bits = 1;
71 fields[0].out_value = &access_type_buf;
72 fields[0].in_value = NULL;
73
74 fields[1].tap = jtag_info->tap;
75 fields[1].num_bits = 32;
76 fields[1].out_value = NULL;
77 fields[1].in_value = NULL;
78
79 fields[2].tap = jtag_info->tap;
80 fields[2].num_bits = 6;
81 fields[2].out_value = &reg_addr_buf;
82 fields[2].in_value = NULL;
83
84 fields[3].tap = jtag_info->tap;
85 fields[3].num_bits = 1;
86 fields[3].out_value = &nr_w_buf;
87 fields[3].in_value = NULL;
88
89 jtag_add_dr_scan(4, fields, jtag_get_end_state());
90
91 fields[1].in_value = (uint8_t *)value;
92
93 jtag_add_dr_scan(4, fields, jtag_get_end_state());
94
95 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
96
97 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
98 jtag_execute_queue();
99 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
100 #endif
101
102 return ERROR_OK;
103 }
104
105 static int arm920t_write_cp15_physical(target_t *target,
106 int reg_addr, uint32_t value)
107 {
108 armv4_5_common_t *armv4_5 = target->arch_info;
109 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
110 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
111 scan_field_t fields[4];
112 uint8_t access_type_buf = 1;
113 uint8_t reg_addr_buf = reg_addr & 0x3f;
114 uint8_t nr_w_buf = 1;
115 uint8_t value_buf[4];
116
117 buf_set_u32(value_buf, 0, 32, value);
118
119 jtag_set_end_state(TAP_IDLE);
120 arm_jtag_scann(jtag_info, 0xf);
121 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
122
123 fields[0].tap = jtag_info->tap;
124 fields[0].num_bits = 1;
125 fields[0].out_value = &access_type_buf;
126 fields[0].in_value = NULL;
127
128 fields[1].tap = jtag_info->tap;
129 fields[1].num_bits = 32;
130 fields[1].out_value = value_buf;
131 fields[1].in_value = NULL;
132
133 fields[2].tap = jtag_info->tap;
134 fields[2].num_bits = 6;
135 fields[2].out_value = &reg_addr_buf;
136 fields[2].in_value = NULL;
137
138 fields[3].tap = jtag_info->tap;
139 fields[3].num_bits = 1;
140 fields[3].out_value = &nr_w_buf;
141 fields[3].in_value = NULL;
142
143 jtag_add_dr_scan(4, fields, jtag_get_end_state());
144
145 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
146 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
147 #endif
148
149 return ERROR_OK;
150 }
151
152 static int arm920t_execute_cp15(target_t *target, uint32_t cp15_opcode,
153 uint32_t arm_opcode)
154 {
155 int retval;
156 armv4_5_common_t *armv4_5 = target->arch_info;
157 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
158 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
159 scan_field_t fields[4];
160 uint8_t access_type_buf = 0; /* interpreted access */
161 uint8_t reg_addr_buf = 0x0;
162 uint8_t nr_w_buf = 0;
163 uint8_t cp15_opcode_buf[4];
164
165 jtag_set_end_state(TAP_IDLE);
166 arm_jtag_scann(jtag_info, 0xf);
167 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
168
169 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
170
171 fields[0].tap = jtag_info->tap;
172 fields[0].num_bits = 1;
173 fields[0].out_value = &access_type_buf;
174 fields[0].in_value = NULL;
175
176 fields[1].tap = jtag_info->tap;
177 fields[1].num_bits = 32;
178 fields[1].out_value = cp15_opcode_buf;
179 fields[1].in_value = NULL;
180
181 fields[2].tap = jtag_info->tap;
182 fields[2].num_bits = 6;
183 fields[2].out_value = &reg_addr_buf;
184 fields[2].in_value = NULL;
185
186 fields[3].tap = jtag_info->tap;
187 fields[3].num_bits = 1;
188 fields[3].out_value = &nr_w_buf;
189 fields[3].in_value = NULL;
190
191 jtag_add_dr_scan(4, fields, jtag_get_end_state());
192
193 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
194 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
195 retval = arm7_9_execute_sys_speed(target);
196 if (retval != ERROR_OK)
197 return retval;
198
199 if ((retval = jtag_execute_queue()) != ERROR_OK)
200 {
201 LOG_ERROR("failed executing JTAG queue, exiting");
202 return retval;
203 }
204
205 return ERROR_OK;
206 }
207
208 static int arm920t_read_cp15_interpreted(target_t *target,
209 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
210 {
211 armv4_5_common_t *armv4_5 = target->arch_info;
212 uint32_t* regs_p[1];
213 uint32_t regs[2];
214 uint32_t cp15c15 = 0x0;
215
216 /* load address into R1 */
217 regs[1] = address;
218 arm9tdmi_write_core_regs(target, 0x2, regs);
219
220 /* read-modify-write CP15 test state register
221 * to enable interpreted access mode */
222 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
223 jtag_execute_queue();
224 cp15c15 |= 1; /* set interpret mode */
225 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
226
227 /* execute CP15 instruction and ARM load (reading from coprocessor) */
228 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
229
230 /* disable interpreted access mode */
231 cp15c15 &= ~1U; /* clear interpret mode */
232 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
233
234 /* retrieve value from R0 */
235 regs_p[0] = value;
236 arm9tdmi_read_core_regs(target, 0x1, regs_p);
237 jtag_execute_queue();
238
239 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
240 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
241 #endif
242
243 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
244 return ERROR_FAIL;
245
246 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
247 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
248
249 return ERROR_OK;
250 }
251
252 static
253 int arm920t_write_cp15_interpreted(target_t *target,
254 uint32_t cp15_opcode, uint32_t value, uint32_t address)
255 {
256 uint32_t cp15c15 = 0x0;
257 armv4_5_common_t *armv4_5 = target->arch_info;
258 uint32_t regs[2];
259
260 /* load value, address into R0, R1 */
261 regs[0] = value;
262 regs[1] = address;
263 arm9tdmi_write_core_regs(target, 0x3, regs);
264
265 /* read-modify-write CP15 test state register
266 * to enable interpreted access mode */
267 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
268 jtag_execute_queue();
269 cp15c15 |= 1; /* set interpret mode */
270 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
271
272 /* execute CP15 instruction and ARM store (writing to coprocessor) */
273 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
274
275 /* disable interpreted access mode */
276 cp15c15 &= ~1U; /* set interpret mode */
277 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
278
279 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
280 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
281 #endif
282
283 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
284 return ERROR_FAIL;
285
286 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
287 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
288
289 return ERROR_OK;
290 }
291
292 // EXPORTED to FA256
293 uint32_t arm920t_get_ttb(target_t *target)
294 {
295 int retval;
296 uint32_t ttb = 0x0;
297
298 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
299 return retval;
300
301 return ttb;
302 }
303
304 // EXPORTED to FA256
305 void arm920t_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
306 {
307 uint32_t cp15_control;
308
309 /* read cp15 control register */
310 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
311 jtag_execute_queue();
312
313 if (mmu)
314 cp15_control &= ~0x1U;
315
316 if (d_u_cache)
317 cp15_control &= ~0x4U;
318
319 if (i_cache)
320 cp15_control &= ~0x1000U;
321
322 arm920t_write_cp15_physical(target, 0x2, cp15_control);
323 }
324
325 // EXPORTED to FA256
326 void arm920t_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
327 {
328 uint32_t cp15_control;
329
330 /* read cp15 control register */
331 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
332 jtag_execute_queue();
333
334 if (mmu)
335 cp15_control |= 0x1U;
336
337 if (d_u_cache)
338 cp15_control |= 0x4U;
339
340 if (i_cache)
341 cp15_control |= 0x1000U;
342
343 arm920t_write_cp15_physical(target, 0x2, cp15_control);
344 }
345
346 // EXPORTED to FA256
347 void arm920t_post_debug_entry(target_t *target)
348 {
349 uint32_t cp15c15;
350 armv4_5_common_t *armv4_5 = target->arch_info;
351 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
352 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
353 arm920t_common_t *arm920t = arm9tdmi->arch_info;
354
355 /* examine cp15 control reg */
356 arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
357 jtag_execute_queue();
358 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm920t->cp15_control_reg);
359
360 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
361 {
362 uint32_t cache_type_reg;
363 /* identify caches */
364 arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
365 jtag_execute_queue();
366 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
367 }
368
369 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
370 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
371 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
372
373 /* save i/d fault status and address register */
374 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
375 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
376 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
377 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
378
379 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32 "",
380 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
381
382 if (arm920t->preserve_cache)
383 {
384 /* read-modify-write CP15 test state register
385 * to disable I/D-cache linefills */
386 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
387 jtag_execute_queue();
388 cp15c15 |= 0x600;
389 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
390 }
391 }
392
393 // EXPORTED to FA256
394 void arm920t_pre_restore_context(target_t *target)
395 {
396 uint32_t cp15c15;
397 armv4_5_common_t *armv4_5 = target->arch_info;
398 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
399 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
400 arm920t_common_t *arm920t = arm9tdmi->arch_info;
401
402 /* restore i/d fault status and address register */
403 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
404 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
405 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
406 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
407
408 /* read-modify-write CP15 test state register
409 * to reenable I/D-cache linefills */
410 if (arm920t->preserve_cache)
411 {
412 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
413 jtag_execute_queue();
414 cp15c15 &= ~0x600U;
415 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
416 }
417 }
418
419 static int arm920t_get_arch_pointers(target_t *target,
420 armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p,
421 arm9tdmi_common_t **arm9tdmi_p, arm920t_common_t **arm920t_p)
422 {
423 armv4_5_common_t *armv4_5 = target->arch_info;
424 arm7_9_common_t *arm7_9;
425 arm9tdmi_common_t *arm9tdmi;
426 arm920t_common_t *arm920t;
427
428 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
429 {
430 return -1;
431 }
432
433 arm7_9 = armv4_5->arch_info;
434 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
435 {
436 return -1;
437 }
438
439 arm9tdmi = arm7_9->arch_info;
440 if (arm9tdmi->common_magic != ARM9TDMI_COMMON_MAGIC)
441 {
442 return -1;
443 }
444
445 arm920t = arm9tdmi->arch_info;
446 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
447 {
448 return -1;
449 }
450
451 *armv4_5_p = armv4_5;
452 *arm7_9_p = arm7_9;
453 *arm9tdmi_p = arm9tdmi;
454 *arm920t_p = arm920t;
455
456 return ERROR_OK;
457 }
458
459 /** Logs summary of ARM920 state for a halted target. */
460 int arm920t_arch_state(struct target_s *target)
461 {
462 armv4_5_common_t *armv4_5 = target->arch_info;
463 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
464 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
465 arm920t_common_t *arm920t = arm9tdmi->arch_info;
466
467 char *state[] =
468 {
469 "disabled", "enabled"
470 };
471
472 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
473 {
474 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
475 exit(-1);
476 }
477
478 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
479 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
480 "MMU: %s, D-Cache: %s, I-Cache: %s",
481 armv4_5_state_strings[armv4_5->core_state],
482 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
483 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
484 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
485 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
486 state[arm920t->armv4_5_mmu.mmu_enabled],
487 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
488 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
489
490 return ERROR_OK;
491 }
492
493 /** Reads a buffer, in the specified word size, with current MMU settings. */
494 int arm920t_read_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
495 {
496 int retval;
497
498 retval = arm7_9_read_memory(target, address, size, count, buffer);
499
500 return retval;
501 }
502
503
504 static int arm920t_read_phys_memory(struct target_s *target,
505 uint32_t address, uint32_t size,
506 uint32_t count, uint8_t *buffer)
507 {
508 armv4_5_common_t *armv4_5 = target->arch_info;
509 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
510 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
511 arm920t_common_t *arm920t = arm9tdmi->arch_info;
512
513 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
514 address, size, count, buffer);
515 }
516
517 static int arm920t_write_phys_memory(struct target_s *target,
518 uint32_t address, uint32_t size,
519 uint32_t count, uint8_t *buffer)
520 {
521 armv4_5_common_t *armv4_5 = target->arch_info;
522 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
523 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
524 arm920t_common_t *arm920t = arm9tdmi->arch_info;
525
526 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
527 address, size, count, buffer);
528 }
529
530
531 /** Writes a buffer, in the specified word size, with current MMU settings. */
532 int arm920t_write_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
533 {
534 int retval;
535 armv4_5_common_t *armv4_5 = target->arch_info;
536 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
537 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
538 arm920t_common_t *arm920t = arm9tdmi->arch_info;
539
540 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
541 return retval;
542
543 /* This fn is used to write breakpoints, so we need to make sure that the
544 * datacache is flushed and the instruction cache is invalidated */
545 if (((size == 4) || (size == 2)) && (count == 1))
546 {
547 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
548 {
549 LOG_DEBUG("D-Cache enabled, flush and invalidate cache line");
550 /* MCR p15,0,Rd,c7,c10,2 */
551 retval = arm920t_write_cp15_interpreted(target, 0xee070f5e, 0x0, address);
552 if (retval != ERROR_OK)
553 return retval;
554 }
555
556 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
557 {
558 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
559 retval = arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
560 if (retval != ERROR_OK)
561 return retval;
562 }
563 }
564
565 return retval;
566 }
567
568 // EXPORTED to FA256
569 int arm920t_soft_reset_halt(struct target_s *target)
570 {
571 int retval = ERROR_OK;
572 armv4_5_common_t *armv4_5 = target->arch_info;
573 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
574 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
575 arm920t_common_t *arm920t = arm9tdmi->arch_info;
576 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
577
578 if ((retval = target_halt(target)) != ERROR_OK)
579 {
580 return retval;
581 }
582
583 long long then = timeval_ms();
584 int timeout;
585 while (!(timeout = ((timeval_ms()-then) > 1000)))
586 {
587 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
588 {
589 embeddedice_read_reg(dbg_stat);
590 if ((retval = jtag_execute_queue()) != ERROR_OK)
591 {
592 return retval;
593 }
594 } else
595 {
596 break;
597 }
598 if (debug_level >= 3)
599 {
600 /* do not eat all CPU, time out after 1 se*/
601 alive_sleep(100);
602 } else
603 {
604 keep_alive();
605 }
606 }
607 if (timeout)
608 {
609 LOG_ERROR("Failed to halt CPU after 1 sec");
610 return ERROR_TARGET_TIMEOUT;
611 }
612
613 target->state = TARGET_HALTED;
614
615 /* SVC, ARM state, IRQ and FIQ disabled */
616 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
617 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
618 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
619
620 /* start fetching from 0x0 */
621 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
622 armv4_5->core_cache->reg_list[15].dirty = 1;
623 armv4_5->core_cache->reg_list[15].valid = 1;
624
625 armv4_5->core_mode = ARMV4_5_MODE_SVC;
626 armv4_5->core_state = ARMV4_5_STATE_ARM;
627
628 arm920t_disable_mmu_caches(target, 1, 1, 1);
629 arm920t->armv4_5_mmu.mmu_enabled = 0;
630 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
631 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
632
633 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
634 {
635 return retval;
636 }
637
638 return ERROR_OK;
639 }
640
641 int arm920t_init_arch_info(target_t *target, arm920t_common_t *arm920t, jtag_tap_t *tap)
642 {
643 arm9tdmi_common_t *arm9tdmi = &arm920t->arm9tdmi_common;
644 arm7_9_common_t *arm7_9 = &arm9tdmi->arm7_9_common;
645
646 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
647 */
648 arm9tdmi_init_arch_info(target, arm9tdmi, tap);
649
650 arm9tdmi->arch_info = arm920t;
651 arm920t->common_magic = ARM920T_COMMON_MAGIC;
652
653 arm7_9->post_debug_entry = arm920t_post_debug_entry;
654 arm7_9->pre_restore_context = arm920t_pre_restore_context;
655
656 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
657 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
658 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
659 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
660 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
661 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
662 arm920t->armv4_5_mmu.has_tiny_pages = 1;
663 arm920t->armv4_5_mmu.mmu_enabled = 0;
664
665 /* disabling linefills leads to lockups, so keep them enabled for now
666 * this doesn't affect correctness, but might affect timing issues, if
667 * important data is evicted from the cache during the debug session
668 * */
669 arm920t->preserve_cache = 0;
670
671 /* override hw single-step capability from ARM9TDMI */
672 arm7_9->has_single_step = 1;
673
674 return ERROR_OK;
675 }
676
677 static int arm920t_target_create(struct target_s *target, Jim_Interp *interp)
678 {
679 arm920t_common_t *arm920t = calloc(1,sizeof(arm920t_common_t));
680
681 return arm920t_init_arch_info(target, arm920t, target->tap);
682 }
683
684 static int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx,
685 char *cmd, char **args, int argc)
686 {
687 int retval = ERROR_OK;
688 target_t *target = get_current_target(cmd_ctx);
689 armv4_5_common_t *armv4_5;
690 arm7_9_common_t *arm7_9;
691 arm9tdmi_common_t *arm9tdmi;
692 arm920t_common_t *arm920t;
693 arm_jtag_t *jtag_info;
694 uint32_t cp15c15;
695 uint32_t cp15_ctrl, cp15_ctrl_saved;
696 uint32_t regs[16];
697 uint32_t *regs_p[16];
698 uint32_t C15_C_D_Ind, C15_C_I_Ind;
699 int i;
700 FILE *output;
701 arm920t_cache_line_t d_cache[8][64], i_cache[8][64];
702 int segment, index;
703
704 if (argc != 1)
705 {
706 command_print(cmd_ctx, "usage: arm920t read_cache <filename>");
707 return ERROR_OK;
708 }
709
710 if ((output = fopen(args[0], "w")) == NULL)
711 {
712 LOG_DEBUG("error opening cache content file");
713 return ERROR_OK;
714 }
715
716 for (i = 0; i < 16; i++)
717 regs_p[i] = &regs[i];
718
719 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
720 {
721 command_print(cmd_ctx, "current target isn't an ARM920t target");
722 return ERROR_OK;
723 }
724
725 jtag_info = &arm7_9->jtag_info;
726
727 /* disable MMU and Caches */
728 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
729 if ((retval = jtag_execute_queue()) != ERROR_OK)
730 {
731 return retval;
732 }
733 cp15_ctrl_saved = cp15_ctrl;
734 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
735 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
736
737 /* read CP15 test state register */
738 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
739 jtag_execute_queue();
740
741 /* read DCache content */
742 fprintf(output, "DCache:\n");
743
744 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
745 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
746 {
747 fprintf(output, "\nsegment: %i\n----------", segment);
748
749 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
750 regs[0] = 0x0 | (segment << 5);
751 arm9tdmi_write_core_regs(target, 0x1, regs);
752
753 /* set interpret mode */
754 cp15c15 |= 0x1;
755 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
756
757 /* D CAM Read, loads current victim into C15.C.D.Ind */
758 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
759
760 /* read current victim */
761 arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
762
763 /* clear interpret mode */
764 cp15c15 &= ~0x1;
765 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
766
767 for (index = 0; index < 64; index++)
768 {
769 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
770 regs[0] = 0x0 | (segment << 5) | (index << 26);
771 arm9tdmi_write_core_regs(target, 0x1, regs);
772
773 /* set interpret mode */
774 cp15c15 |= 0x1;
775 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
776
777 /* Write DCache victim */
778 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
779
780 /* Read D RAM */
781 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
782
783 /* Read D CAM */
784 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
785
786 /* clear interpret mode */
787 cp15c15 &= ~0x1;
788 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
789
790 /* read D RAM and CAM content */
791 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
792 if ((retval = jtag_execute_queue()) != ERROR_OK)
793 {
794 return retval;
795 }
796
797 d_cache[segment][index].cam = regs[9];
798
799 /* mask LFSR[6] */
800 regs[9] &= 0xfffffffe;
801 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
802
803 for (i = 1; i < 9; i++)
804 {
805 d_cache[segment][index].data[i] = regs[i];
806 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
807 }
808
809 }
810
811 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
812 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
813 arm9tdmi_write_core_regs(target, 0x1, regs);
814
815 /* set interpret mode */
816 cp15c15 |= 0x1;
817 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
818
819 /* Write DCache victim */
820 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
821
822 /* clear interpret mode */
823 cp15c15 &= ~0x1;
824 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
825 }
826
827 /* read ICache content */
828 fprintf(output, "ICache:\n");
829
830 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
831 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
832 {
833 fprintf(output, "segment: %i\n----------", segment);
834
835 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
836 regs[0] = 0x0 | (segment << 5);
837 arm9tdmi_write_core_regs(target, 0x1, regs);
838
839 /* set interpret mode */
840 cp15c15 |= 0x1;
841 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
842
843 /* I CAM Read, loads current victim into C15.C.I.Ind */
844 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
845
846 /* read current victim */
847 arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
848
849 /* clear interpret mode */
850 cp15c15 &= ~0x1;
851 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
852
853 for (index = 0; index < 64; index++)
854 {
855 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
856 regs[0] = 0x0 | (segment << 5) | (index << 26);
857 arm9tdmi_write_core_regs(target, 0x1, regs);
858
859 /* set interpret mode */
860 cp15c15 |= 0x1;
861 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
862
863 /* Write ICache victim */
864 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
865
866 /* Read I RAM */
867 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
868
869 /* Read I CAM */
870 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
871
872 /* clear interpret mode */
873 cp15c15 &= ~0x1;
874 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
875
876 /* read I RAM and CAM content */
877 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
878 if ((retval = jtag_execute_queue()) != ERROR_OK)
879 {
880 return retval;
881 }
882
883 i_cache[segment][index].cam = regs[9];
884
885 /* mask LFSR[6] */
886 regs[9] &= 0xfffffffe;
887 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
888
889 for (i = 1; i < 9; i++)
890 {
891 i_cache[segment][index].data[i] = regs[i];
892 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
893 }
894 }
895
896 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
897 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
898 arm9tdmi_write_core_regs(target, 0x1, regs);
899
900 /* set interpret mode */
901 cp15c15 |= 0x1;
902 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
903
904 /* Write ICache victim */
905 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
906
907 /* clear interpret mode */
908 cp15c15 &= ~0x1;
909 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
910 }
911
912 /* restore CP15 MMU and Cache settings */
913 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
914
915 command_print(cmd_ctx, "cache content successfully output to %s", args[0]);
916
917 fclose(output);
918
919 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
920 return ERROR_FAIL;
921
922 /* mark registers dirty. */
923 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
924 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
925 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
926 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
927 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
928 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
929 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
930 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
931 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
932 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
933
934 return ERROR_OK;
935 }
936
937 static int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx,
938 char *cmd, char **args, int argc)
939 {
940 int retval = ERROR_OK;
941 target_t *target = get_current_target(cmd_ctx);
942 armv4_5_common_t *armv4_5;
943 arm7_9_common_t *arm7_9;
944 arm9tdmi_common_t *arm9tdmi;
945 arm920t_common_t *arm920t;
946 arm_jtag_t *jtag_info;
947 uint32_t cp15c15;
948 uint32_t cp15_ctrl, cp15_ctrl_saved;
949 uint32_t regs[16];
950 uint32_t *regs_p[16];
951 int i;
952 FILE *output;
953 uint32_t Dlockdown, Ilockdown;
954 arm920t_tlb_entry_t d_tlb[64], i_tlb[64];
955 int victim;
956
957 if (argc != 1)
958 {
959 command_print(cmd_ctx, "usage: arm920t read_mmu <filename>");
960 return ERROR_OK;
961 }
962
963 if ((output = fopen(args[0], "w")) == NULL)
964 {
965 LOG_DEBUG("error opening mmu content file");
966 return ERROR_OK;
967 }
968
969 for (i = 0; i < 16; i++)
970 regs_p[i] = &regs[i];
971
972 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
973 {
974 command_print(cmd_ctx, "current target isn't an ARM920t target");
975 return ERROR_OK;
976 }
977
978 jtag_info = &arm7_9->jtag_info;
979
980 /* disable MMU and Caches */
981 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
982 if ((retval = jtag_execute_queue()) != ERROR_OK)
983 {
984 return retval;
985 }
986 cp15_ctrl_saved = cp15_ctrl;
987 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
988 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
989
990 /* read CP15 test state register */
991 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
992 if ((retval = jtag_execute_queue()) != ERROR_OK)
993 {
994 return retval;
995 }
996
997 /* prepare reading D TLB content
998 * */
999
1000 /* set interpret mode */
1001 cp15c15 |= 0x1;
1002 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1003
1004 /* Read D TLB lockdown */
1005 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1006
1007 /* clear interpret mode */
1008 cp15c15 &= ~0x1;
1009 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1010
1011 /* read D TLB lockdown stored to r1 */
1012 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1013 if ((retval = jtag_execute_queue()) != ERROR_OK)
1014 {
1015 return retval;
1016 }
1017 Dlockdown = regs[1];
1018
1019 for (victim = 0; victim < 64; victim += 8)
1020 {
1021 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1022 * base remains unchanged, victim goes through entries 0 to 63 */
1023 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1024 arm9tdmi_write_core_regs(target, 0x2, regs);
1025
1026 /* set interpret mode */
1027 cp15c15 |= 0x1;
1028 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1029
1030 /* Write D TLB lockdown */
1031 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1032
1033 /* Read D TLB CAM */
1034 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1035
1036 /* clear interpret mode */
1037 cp15c15 &= ~0x1;
1038 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1039
1040 /* read D TLB CAM content stored to r2-r9 */
1041 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1042 if ((retval = jtag_execute_queue()) != ERROR_OK)
1043 {
1044 return retval;
1045 }
1046
1047 for (i = 0; i < 8; i++)
1048 d_tlb[victim + i].cam = regs[i + 2];
1049 }
1050
1051 for (victim = 0; victim < 64; victim++)
1052 {
1053 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1054 * base remains unchanged, victim goes through entries 0 to 63 */
1055 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1056 arm9tdmi_write_core_regs(target, 0x2, regs);
1057
1058 /* set interpret mode */
1059 cp15c15 |= 0x1;
1060 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1061
1062 /* Write D TLB lockdown */
1063 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1064
1065 /* Read D TLB RAM1 */
1066 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1067
1068 /* Read D TLB RAM2 */
1069 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1070
1071 /* clear interpret mode */
1072 cp15c15 &= ~0x1;
1073 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1074
1075 /* read D TLB RAM content stored to r2 and r3 */
1076 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1077 if ((retval = jtag_execute_queue()) != ERROR_OK)
1078 {
1079 return retval;
1080 }
1081
1082 d_tlb[victim].ram1 = regs[2];
1083 d_tlb[victim].ram2 = regs[3];
1084 }
1085
1086 /* restore D TLB lockdown */
1087 regs[1] = Dlockdown;
1088 arm9tdmi_write_core_regs(target, 0x2, regs);
1089
1090 /* Write D TLB lockdown */
1091 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1092
1093 /* prepare reading I TLB content
1094 * */
1095
1096 /* set interpret mode */
1097 cp15c15 |= 0x1;
1098 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1099
1100 /* Read I TLB lockdown */
1101 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1102
1103 /* clear interpret mode */
1104 cp15c15 &= ~0x1;
1105 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1106
1107 /* read I TLB lockdown stored to r1 */
1108 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1109 if ((retval = jtag_execute_queue()) != ERROR_OK)
1110 {
1111 return retval;
1112 }
1113 Ilockdown = regs[1];
1114
1115 for (victim = 0; victim < 64; victim += 8)
1116 {
1117 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1118 * base remains unchanged, victim goes through entries 0 to 63 */
1119 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1120 arm9tdmi_write_core_regs(target, 0x2, regs);
1121
1122 /* set interpret mode */
1123 cp15c15 |= 0x1;
1124 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1125
1126 /* Write I TLB lockdown */
1127 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1128
1129 /* Read I TLB CAM */
1130 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1131
1132 /* clear interpret mode */
1133 cp15c15 &= ~0x1;
1134 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1135
1136 /* read I TLB CAM content stored to r2-r9 */
1137 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1138 if ((retval = jtag_execute_queue()) != ERROR_OK)
1139 {
1140 return retval;
1141 }
1142
1143 for (i = 0; i < 8; i++)
1144 i_tlb[i + victim].cam = regs[i + 2];
1145 }
1146
1147 for (victim = 0; victim < 64; victim++)
1148 {
1149 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1150 * base remains unchanged, victim goes through entries 0 to 63 */
1151 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1152 arm9tdmi_write_core_regs(target, 0x2, regs);
1153
1154 /* set interpret mode */
1155 cp15c15 |= 0x1;
1156 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1157
1158 /* Write I TLB lockdown */
1159 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1160
1161 /* Read I TLB RAM1 */
1162 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1163
1164 /* Read I TLB RAM2 */
1165 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1166
1167 /* clear interpret mode */
1168 cp15c15 &= ~0x1;
1169 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1170
1171 /* read I TLB RAM content stored to r2 and r3 */
1172 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1173 if ((retval = jtag_execute_queue()) != ERROR_OK)
1174 {
1175 return retval;
1176 }
1177
1178 i_tlb[victim].ram1 = regs[2];
1179 i_tlb[victim].ram2 = regs[3];
1180 }
1181
1182 /* restore I TLB lockdown */
1183 regs[1] = Ilockdown;
1184 arm9tdmi_write_core_regs(target, 0x2, regs);
1185
1186 /* Write I TLB lockdown */
1187 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1188
1189 /* restore CP15 MMU and Cache settings */
1190 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1191
1192 /* output data to file */
1193 fprintf(output, "D TLB content:\n");
1194 for (i = 0; i < 64; i++)
1195 {
1196 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1197 }
1198
1199 fprintf(output, "\n\nI TLB content:\n");
1200 for (i = 0; i < 64; i++)
1201 {
1202 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1203 }
1204
1205 command_print(cmd_ctx, "mmu content successfully output to %s", args[0]);
1206
1207 fclose(output);
1208
1209 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1210 return ERROR_FAIL;
1211
1212 /* mark registers dirty */
1213 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1214 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1215 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1216 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1217 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1218 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1219 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1220 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1221 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1222 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1223
1224 return ERROR_OK;
1225 }
1226
1227 static int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx,
1228 char *cmd, char **args, int argc)
1229 {
1230 int retval;
1231 target_t *target = get_current_target(cmd_ctx);
1232 armv4_5_common_t *armv4_5;
1233 arm7_9_common_t *arm7_9;
1234 arm9tdmi_common_t *arm9tdmi;
1235 arm920t_common_t *arm920t;
1236 arm_jtag_t *jtag_info;
1237
1238 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1239 {
1240 command_print(cmd_ctx, "current target isn't an ARM920t target");
1241 return ERROR_OK;
1242 }
1243
1244 jtag_info = &arm7_9->jtag_info;
1245
1246 if (target->state != TARGET_HALTED)
1247 {
1248 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1249 return ERROR_OK;
1250 }
1251
1252 /* one or more argument, access a single register (write if second argument is given */
1253 if (argc >= 1)
1254 {
1255 int address;
1256 COMMAND_PARSE_NUMBER(int, args[0], address);
1257
1258 if (argc == 1)
1259 {
1260 uint32_t value;
1261 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1262 {
1263 command_print(cmd_ctx, "couldn't access reg %i", address);
1264 return ERROR_OK;
1265 }
1266 if ((retval = jtag_execute_queue()) != ERROR_OK)
1267 {
1268 return retval;
1269 }
1270
1271 command_print(cmd_ctx, "%i: %8.8" PRIx32 "", address, value);
1272 }
1273 else if (argc == 2)
1274 {
1275 uint32_t value;
1276 COMMAND_PARSE_NUMBER(u32, args[1], value);
1277 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1278 {
1279 command_print(cmd_ctx, "couldn't access reg %i", address);
1280 return ERROR_OK;
1281 }
1282 command_print(cmd_ctx, "%i: %8.8" PRIx32 "", address, value);
1283 }
1284 }
1285
1286 return ERROR_OK;
1287 }
1288
1289 static int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx,
1290 char *cmd, char **args, int argc)
1291 {
1292 int retval;
1293 target_t *target = get_current_target(cmd_ctx);
1294 armv4_5_common_t *armv4_5;
1295 arm7_9_common_t *arm7_9;
1296 arm9tdmi_common_t *arm9tdmi;
1297 arm920t_common_t *arm920t;
1298 arm_jtag_t *jtag_info;
1299
1300 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1301 {
1302 command_print(cmd_ctx, "current target isn't an ARM920t target");
1303 return ERROR_OK;
1304 }
1305
1306 jtag_info = &arm7_9->jtag_info;
1307
1308 if (target->state != TARGET_HALTED)
1309 {
1310 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1311 return ERROR_OK;
1312 }
1313
1314 /* one or more argument, access a single register (write if second argument is given */
1315 if (argc >= 1)
1316 {
1317 uint32_t opcode;
1318 COMMAND_PARSE_NUMBER(u32, args[0], opcode);
1319
1320 if (argc == 1)
1321 {
1322 uint32_t value;
1323 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1324 {
1325 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1326 return ERROR_OK;
1327 }
1328
1329 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1330 }
1331 else if (argc == 2)
1332 {
1333 uint32_t value;
1334 COMMAND_PARSE_NUMBER(u32, args[1], value);
1335 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1336 {
1337 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1338 return ERROR_OK;
1339 }
1340 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1341 }
1342 else if (argc == 3)
1343 {
1344 uint32_t value;
1345 COMMAND_PARSE_NUMBER(u32, args[1], value);
1346 uint32_t address;
1347 COMMAND_PARSE_NUMBER(u32, args[2], address);
1348 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1349 {
1350 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1351 return ERROR_OK;
1352 }
1353 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 " %8.8" PRIx32 "", opcode, value, address);
1354 }
1355 }
1356 else
1357 {
1358 command_print(cmd_ctx, "usage: arm920t cp15i <opcode> [value] [address]");
1359 }
1360
1361 return ERROR_OK;
1362 }
1363
1364 static int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx,
1365 char *cmd, char **args, int argc)
1366 {
1367 target_t *target = get_current_target(cmd_ctx);
1368 armv4_5_common_t *armv4_5;
1369 arm7_9_common_t *arm7_9;
1370 arm9tdmi_common_t *arm9tdmi;
1371 arm920t_common_t *arm920t;
1372
1373 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1374 {
1375 command_print(cmd_ctx, "current target isn't an ARM920t target");
1376 return ERROR_OK;
1377 }
1378
1379 return armv4_5_handle_cache_info_command(cmd_ctx, &arm920t->armv4_5_mmu.armv4_5_cache);
1380 }
1381
1382
1383 static int arm920t_mrc(target_t *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
1384 {
1385 if (cpnum!=15)
1386 {
1387 LOG_ERROR("Only cp15 is supported");
1388 return ERROR_FAIL;
1389 }
1390
1391 return arm920t_read_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1392 }
1393
1394 static int arm920t_mcr(target_t *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
1395 {
1396 if (cpnum!=15)
1397 {
1398 LOG_ERROR("Only cp15 is supported");
1399 return ERROR_FAIL;
1400 }
1401
1402 return arm920t_write_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1403 }
1404
1405 /** Registers commands to access coprocessor, cache, and MMU resources. */
1406 int arm920t_register_commands(struct command_context_s *cmd_ctx)
1407 {
1408 int retval;
1409 command_t *arm920t_cmd;
1410
1411 retval = arm9tdmi_register_commands(cmd_ctx);
1412
1413 arm920t_cmd = register_command(cmd_ctx, NULL, "arm920t",
1414 NULL, COMMAND_ANY,
1415 "arm920t specific commands");
1416
1417 register_command(cmd_ctx, arm920t_cmd, "cp15",
1418 arm920t_handle_cp15_command, COMMAND_EXEC,
1419 "display/modify cp15 register <num> [value]");
1420 register_command(cmd_ctx, arm920t_cmd, "cp15i",
1421 arm920t_handle_cp15i_command, COMMAND_EXEC,
1422 "display/modify cp15 (interpreted access) "
1423 "<opcode> [value] [address]");
1424 register_command(cmd_ctx, arm920t_cmd, "cache_info",
1425 arm920t_handle_cache_info_command, COMMAND_EXEC,
1426 "display information about target caches");
1427 register_command(cmd_ctx, arm920t_cmd, "read_cache",
1428 arm920t_handle_read_cache_command, COMMAND_EXEC,
1429 "display I/D cache content");
1430 register_command(cmd_ctx, arm920t_cmd, "read_mmu",
1431 arm920t_handle_read_mmu_command, COMMAND_EXEC,
1432 "display I/D mmu content");
1433
1434 return retval;
1435 }
1436
1437 /** Holds methods for ARM920 targets. */
1438 target_type_t arm920t_target =
1439 {
1440 .name = "arm920t",
1441
1442 .poll = arm7_9_poll,
1443 .arch_state = arm920t_arch_state,
1444
1445 .target_request_data = arm7_9_target_request_data,
1446
1447 .halt = arm7_9_halt,
1448 .resume = arm7_9_resume,
1449 .step = arm7_9_step,
1450
1451 .assert_reset = arm7_9_assert_reset,
1452 .deassert_reset = arm7_9_deassert_reset,
1453 .soft_reset_halt = arm920t_soft_reset_halt,
1454
1455 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
1456
1457 .read_memory = arm920t_read_memory,
1458 .write_memory = arm920t_write_memory,
1459 .read_phys_memory = arm920t_read_phys_memory,
1460 .write_phys_memory = arm920t_write_phys_memory,
1461 .bulk_write_memory = arm7_9_bulk_write_memory,
1462 .checksum_memory = arm7_9_checksum_memory,
1463 .blank_check_memory = arm7_9_blank_check_memory,
1464
1465 .run_algorithm = armv4_5_run_algorithm,
1466
1467 .add_breakpoint = arm7_9_add_breakpoint,
1468 .remove_breakpoint = arm7_9_remove_breakpoint,
1469 .add_watchpoint = arm7_9_add_watchpoint,
1470 .remove_watchpoint = arm7_9_remove_watchpoint,
1471
1472 .register_commands = arm920t_register_commands,
1473 .target_create = arm920t_target_create,
1474 .init_target = arm9tdmi_init_target,
1475 .examine = arm9tdmi_examine,
1476 .mrc = arm920t_mrc,
1477 .mcr = arm920t_mcr,
1478 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)