Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
- Work on fixing erase check. Many implementations are plain broken.
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include "jtag.h"
26 #include "log.h"
27
28 #include <stdlib.h>
29 #include <string.h>
30
31 #if 0
32 #define _DEBUG_INSTRUCTION_EXECUTION_
33 #endif
34
35 /* cli handling */
36 int arm920t_register_commands(struct command_context_s *cmd_ctx);
37
38 int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
39 int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
40 int arm920t_handle_virt2phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
41 int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
42 int arm920t_handle_md_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
43 int arm920t_handle_mw_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
44
45 int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
46 int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
47
48 /* forward declarations */
49 int arm920t_target_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct target_s *target);
50 int arm920t_init_target(struct command_context_s *cmd_ctx, struct target_s *target);
51 int arm920t_quit();
52 int arm920t_arch_state(struct target_s *target);
53 int arm920t_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
54 int arm920t_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
55 int arm920t_soft_reset_halt(struct target_s *target);
56
57 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
58
59 target_type_t arm920t_target =
60 {
61 .name = "arm920t",
62
63 .poll = arm7_9_poll,
64 .arch_state = arm920t_arch_state,
65
66 .target_request_data = arm7_9_target_request_data,
67
68 .halt = arm7_9_halt,
69 .resume = arm7_9_resume,
70 .step = arm7_9_step,
71
72 .assert_reset = arm7_9_assert_reset,
73 .deassert_reset = arm7_9_deassert_reset,
74 .soft_reset_halt = arm920t_soft_reset_halt,
75
76 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
77
78 .read_memory = arm920t_read_memory,
79 .write_memory = arm920t_write_memory,
80 .bulk_write_memory = arm7_9_bulk_write_memory,
81 .checksum_memory = arm7_9_checksum_memory,
82
83 .run_algorithm = armv4_5_run_algorithm,
84
85 .add_breakpoint = arm7_9_add_breakpoint,
86 .remove_breakpoint = arm7_9_remove_breakpoint,
87 .add_watchpoint = arm7_9_add_watchpoint,
88 .remove_watchpoint = arm7_9_remove_watchpoint,
89
90 .register_commands = arm920t_register_commands,
91 .target_command = arm920t_target_command,
92 .init_target = arm920t_init_target,
93 .quit = arm920t_quit
94 };
95
96 int arm920t_read_cp15_physical(target_t *target, int reg_addr, u32 *value)
97 {
98 armv4_5_common_t *armv4_5 = target->arch_info;
99 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
100 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
101 scan_field_t fields[4];
102 u8 access_type_buf = 1;
103 u8 reg_addr_buf = reg_addr & 0x3f;
104 u8 nr_w_buf = 0;
105
106 jtag_add_end_state(TAP_RTI);
107 arm_jtag_scann(jtag_info, 0xf);
108 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
109
110 fields[0].device = jtag_info->chain_pos;
111 fields[0].num_bits = 1;
112 fields[0].out_value = &access_type_buf;
113 fields[0].out_mask = NULL;
114 fields[0].in_value = NULL;
115 fields[0].in_check_value = NULL;
116 fields[0].in_check_mask = NULL;
117 fields[0].in_handler = NULL;
118 fields[0].in_handler_priv = NULL;
119
120 fields[1].device = jtag_info->chain_pos;
121 fields[1].num_bits = 32;
122 fields[1].out_value = NULL;
123 fields[1].out_mask = NULL;
124 fields[1].in_value = NULL;
125 fields[1].in_check_value = NULL;
126 fields[1].in_check_mask = NULL;
127 fields[1].in_handler = NULL;
128 fields[1].in_handler_priv = NULL;
129
130 fields[2].device = jtag_info->chain_pos;
131 fields[2].num_bits = 6;
132 fields[2].out_value = &reg_addr_buf;
133 fields[2].out_mask = NULL;
134 fields[2].in_value = NULL;
135 fields[2].in_check_value = NULL;
136 fields[2].in_check_mask = NULL;
137 fields[2].in_handler = NULL;
138 fields[2].in_handler_priv = NULL;
139
140 fields[3].device = jtag_info->chain_pos;
141 fields[3].num_bits = 1;
142 fields[3].out_value = &nr_w_buf;
143 fields[3].out_mask = NULL;
144 fields[3].in_value = NULL;
145 fields[3].in_check_value = NULL;
146 fields[3].in_check_mask = NULL;
147 fields[3].in_handler = NULL;
148 fields[3].in_handler_priv = NULL;
149
150 jtag_add_dr_scan(4, fields, -1);
151
152 fields[1].in_handler_priv = value;
153 fields[1].in_handler = arm_jtag_buf_to_u32;
154
155 jtag_add_dr_scan(4, fields, -1);
156
157 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
158 jtag_execute_queue();
159 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
160 #endif
161
162 return ERROR_OK;
163 }
164
165 int arm920t_write_cp15_physical(target_t *target, int reg_addr, u32 value)
166 {
167 armv4_5_common_t *armv4_5 = target->arch_info;
168 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
169 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
170 scan_field_t fields[4];
171 u8 access_type_buf = 1;
172 u8 reg_addr_buf = reg_addr & 0x3f;
173 u8 nr_w_buf = 1;
174 u8 value_buf[4];
175
176 buf_set_u32(value_buf, 0, 32, value);
177
178 jtag_add_end_state(TAP_RTI);
179 arm_jtag_scann(jtag_info, 0xf);
180 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
181
182 fields[0].device = jtag_info->chain_pos;
183 fields[0].num_bits = 1;
184 fields[0].out_value = &access_type_buf;
185 fields[0].out_mask = NULL;
186 fields[0].in_value = NULL;
187 fields[0].in_check_value = NULL;
188 fields[0].in_check_mask = NULL;
189 fields[0].in_handler = NULL;
190 fields[0].in_handler_priv = NULL;
191
192 fields[1].device = jtag_info->chain_pos;
193 fields[1].num_bits = 32;
194 fields[1].out_value = value_buf;
195 fields[1].out_mask = NULL;
196 fields[1].in_value = NULL;
197 fields[1].in_check_value = NULL;
198 fields[1].in_check_mask = NULL;
199 fields[1].in_handler = NULL;
200 fields[1].in_handler_priv = NULL;
201
202 fields[2].device = jtag_info->chain_pos;
203 fields[2].num_bits = 6;
204 fields[2].out_value = &reg_addr_buf;
205 fields[2].out_mask = NULL;
206 fields[2].in_value = NULL;
207 fields[2].in_check_value = NULL;
208 fields[2].in_check_mask = NULL;
209 fields[2].in_handler = NULL;
210 fields[2].in_handler_priv = NULL;
211
212 fields[3].device = jtag_info->chain_pos;
213 fields[3].num_bits = 1;
214 fields[3].out_value = &nr_w_buf;
215 fields[3].out_mask = NULL;
216 fields[3].in_value = NULL;
217 fields[3].in_check_value = NULL;
218 fields[3].in_check_mask = NULL;
219 fields[3].in_handler = NULL;
220 fields[3].in_handler_priv = NULL;
221
222 jtag_add_dr_scan(4, fields, -1);
223
224 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
225 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
226 #endif
227
228 return ERROR_OK;
229 }
230
231 int arm920t_execute_cp15(target_t *target, u32 cp15_opcode, u32 arm_opcode)
232 {
233 armv4_5_common_t *armv4_5 = target->arch_info;
234 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
235 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
236 scan_field_t fields[4];
237 u8 access_type_buf = 0; /* interpreted access */
238 u8 reg_addr_buf = 0x0;
239 u8 nr_w_buf = 0;
240 u8 cp15_opcode_buf[4];
241
242 jtag_add_end_state(TAP_RTI);
243 arm_jtag_scann(jtag_info, 0xf);
244 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
245
246 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
247
248 fields[0].device = jtag_info->chain_pos;
249 fields[0].num_bits = 1;
250 fields[0].out_value = &access_type_buf;
251 fields[0].out_mask = NULL;
252 fields[0].in_value = NULL;
253 fields[0].in_check_value = NULL;
254 fields[0].in_check_mask = NULL;
255 fields[0].in_handler = NULL;
256 fields[0].in_handler_priv = NULL;
257
258 fields[1].device = jtag_info->chain_pos;
259 fields[1].num_bits = 32;
260 fields[1].out_value = cp15_opcode_buf;
261 fields[1].out_mask = NULL;
262 fields[1].in_value = NULL;
263 fields[1].in_check_value = NULL;
264 fields[1].in_check_mask = NULL;
265 fields[1].in_handler = NULL;
266 fields[1].in_handler_priv = NULL;
267
268 fields[2].device = jtag_info->chain_pos;
269 fields[2].num_bits = 6;
270 fields[2].out_value = &reg_addr_buf;
271 fields[2].out_mask = NULL;
272 fields[2].in_value = NULL;
273 fields[2].in_check_value = NULL;
274 fields[2].in_check_mask = NULL;
275 fields[2].in_handler = NULL;
276 fields[2].in_handler_priv = NULL;
277
278 fields[3].device = jtag_info->chain_pos;
279 fields[3].num_bits = 1;
280 fields[3].out_value = &nr_w_buf;
281 fields[3].out_mask = NULL;
282 fields[3].in_value = NULL;
283 fields[3].in_check_value = NULL;
284 fields[3].in_check_mask = NULL;
285 fields[3].in_handler = NULL;
286 fields[3].in_handler_priv = NULL;
287
288 jtag_add_dr_scan(4, fields, -1);
289
290 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
291 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
292 arm7_9_execute_sys_speed(target);
293
294 if (jtag_execute_queue() != ERROR_OK)
295 {
296 LOG_ERROR("failed executing JTAG queue, exiting");
297 exit(-1);
298 }
299
300 return ERROR_OK;
301 }
302
303 int arm920t_read_cp15_interpreted(target_t *target, u32 cp15_opcode, u32 address, u32 *value)
304 {
305 armv4_5_common_t *armv4_5 = target->arch_info;
306 u32* regs_p[1];
307 u32 regs[2];
308 u32 cp15c15 = 0x0;
309
310 /* load address into R1 */
311 regs[1] = address;
312 arm9tdmi_write_core_regs(target, 0x2, regs);
313
314 /* read-modify-write CP15 test state register
315 * to enable interpreted access mode */
316 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
317 jtag_execute_queue();
318 cp15c15 |= 1; /* set interpret mode */
319 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
320
321 /* execute CP15 instruction and ARM load (reading from coprocessor) */
322 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
323
324 /* disable interpreted access mode */
325 cp15c15 &= ~1U; /* clear interpret mode */
326 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
327
328 /* retrieve value from R0 */
329 regs_p[0] = value;
330 arm9tdmi_read_core_regs(target, 0x1, regs_p);
331 jtag_execute_queue();
332
333 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
334 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
335 #endif
336
337 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
338 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
339
340 return ERROR_OK;
341 }
342
343 int arm920t_write_cp15_interpreted(target_t *target, u32 cp15_opcode, u32 value, u32 address)
344 {
345 u32 cp15c15 = 0x0;
346 armv4_5_common_t *armv4_5 = target->arch_info;
347 u32 regs[2];
348
349 /* load value, address into R0, R1 */
350 regs[0] = value;
351 regs[1] = address;
352 arm9tdmi_write_core_regs(target, 0x3, regs);
353
354 /* read-modify-write CP15 test state register
355 * to enable interpreted access mode */
356 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
357 jtag_execute_queue();
358 cp15c15 |= 1; /* set interpret mode */
359 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
360
361 /* execute CP15 instruction and ARM store (writing to coprocessor) */
362 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
363
364 /* disable interpreted access mode */
365 cp15c15 &= ~1U; /* set interpret mode */
366 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
367
368 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
369 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
370 #endif
371
372 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
373 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
374
375 return ERROR_OK;
376 }
377
378 u32 arm920t_get_ttb(target_t *target)
379 {
380 int retval;
381 u32 ttb = 0x0;
382
383 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
384 return retval;
385
386 return ttb;
387 }
388
389 void arm920t_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
390 {
391 u32 cp15_control;
392
393 /* read cp15 control register */
394 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
395 jtag_execute_queue();
396
397 if (mmu)
398 cp15_control &= ~0x1U;
399
400 if (d_u_cache)
401 cp15_control &= ~0x4U;
402
403 if (i_cache)
404 cp15_control &= ~0x1000U;
405
406 arm920t_write_cp15_physical(target, 0x2, cp15_control);
407 }
408
409 void arm920t_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
410 {
411 u32 cp15_control;
412
413 /* read cp15 control register */
414 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
415 jtag_execute_queue();
416
417 if (mmu)
418 cp15_control |= 0x1U;
419
420 if (d_u_cache)
421 cp15_control |= 0x4U;
422
423 if (i_cache)
424 cp15_control |= 0x1000U;
425
426 arm920t_write_cp15_physical(target, 0x2, cp15_control);
427 }
428
429 void arm920t_post_debug_entry(target_t *target)
430 {
431 u32 cp15c15;
432 armv4_5_common_t *armv4_5 = target->arch_info;
433 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
434 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
435 arm920t_common_t *arm920t = arm9tdmi->arch_info;
436
437 /* examine cp15 control reg */
438 arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
439 jtag_execute_queue();
440 LOG_DEBUG("cp15_control_reg: %8.8x", arm920t->cp15_control_reg);
441
442 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
443 {
444 u32 cache_type_reg;
445 /* identify caches */
446 arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
447 jtag_execute_queue();
448 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
449 }
450
451 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
452 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
453 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
454
455 /* save i/d fault status and address register */
456 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
457 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
458 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
459 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
460
461 LOG_DEBUG("D FSR: 0x%8.8x, D FAR: 0x%8.8x, I FSR: 0x%8.8x, I FAR: 0x%8.8x",
462 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
463
464 if (arm920t->preserve_cache)
465 {
466 /* read-modify-write CP15 test state register
467 * to disable I/D-cache linefills */
468 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
469 jtag_execute_queue();
470 cp15c15 |= 0x600;
471 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
472 }
473 }
474
475 void arm920t_pre_restore_context(target_t *target)
476 {
477 u32 cp15c15;
478 armv4_5_common_t *armv4_5 = target->arch_info;
479 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
480 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
481 arm920t_common_t *arm920t = arm9tdmi->arch_info;
482
483 /* restore i/d fault status and address register */
484 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
485 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
486 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
487 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
488
489 /* read-modify-write CP15 test state register
490 * to reenable I/D-cache linefills */
491 if (arm920t->preserve_cache)
492 {
493 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
494 jtag_execute_queue();
495 cp15c15 &= ~0x600U;
496 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
497 }
498 }
499
500 int arm920t_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p, arm9tdmi_common_t **arm9tdmi_p, arm920t_common_t **arm920t_p)
501 {
502 armv4_5_common_t *armv4_5 = target->arch_info;
503 arm7_9_common_t *arm7_9;
504 arm9tdmi_common_t *arm9tdmi;
505 arm920t_common_t *arm920t;
506
507 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
508 {
509 return -1;
510 }
511
512 arm7_9 = armv4_5->arch_info;
513 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
514 {
515 return -1;
516 }
517
518 arm9tdmi = arm7_9->arch_info;
519 if (arm9tdmi->common_magic != ARM9TDMI_COMMON_MAGIC)
520 {
521 return -1;
522 }
523
524 arm920t = arm9tdmi->arch_info;
525 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
526 {
527 return -1;
528 }
529
530 *armv4_5_p = armv4_5;
531 *arm7_9_p = arm7_9;
532 *arm9tdmi_p = arm9tdmi;
533 *arm920t_p = arm920t;
534
535 return ERROR_OK;
536 }
537
538 int arm920t_arch_state(struct target_s *target)
539 {
540 armv4_5_common_t *armv4_5 = target->arch_info;
541 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
542 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
543 arm920t_common_t *arm920t = arm9tdmi->arch_info;
544
545 char *state[] =
546 {
547 "disabled", "enabled"
548 };
549
550 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
551 {
552 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
553 exit(-1);
554 }
555
556 LOG_USER( "target halted in %s state due to %s, current mode: %s\n"
557 "cpsr: 0x%8.8x pc: 0x%8.8x\n"
558 "MMU: %s, D-Cache: %s, I-Cache: %s",
559 armv4_5_state_strings[armv4_5->core_state],
560 target_debug_reason_strings[target->debug_reason],
561 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
562 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
563 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
564 state[arm920t->armv4_5_mmu.mmu_enabled],
565 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
566 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
567
568 return ERROR_OK;
569 }
570
571 int arm920t_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
572 {
573 int retval;
574
575 retval = arm7_9_read_memory(target, address, size, count, buffer);
576
577 return retval;
578 }
579
580 int arm920t_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
581 {
582 int retval;
583 armv4_5_common_t *armv4_5 = target->arch_info;
584 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
585 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
586 arm920t_common_t *arm920t = arm9tdmi->arch_info;
587
588 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
589 return retval;
590
591 if (((size == 4) || (size == 2)) && (count == 1))
592 {
593 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
594 {
595 LOG_DEBUG("D-Cache enabled, writing through to main memory");
596 u32 pa, cb, ap;
597 int type, domain;
598
599 pa = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu, address, &type, &cb, &domain, &ap);
600 if (type == -1)
601 return ERROR_OK;
602 /* cacheable & bufferable means write-back region */
603 if (cb == 3)
604 armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu, pa, size, count, buffer);
605 }
606
607 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
608 {
609 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
610 arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
611 }
612 }
613
614 return retval;
615 }
616
617 int arm920t_soft_reset_halt(struct target_s *target)
618 {
619 armv4_5_common_t *armv4_5 = target->arch_info;
620 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
621 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
622 arm920t_common_t *arm920t = arm9tdmi->arch_info;
623 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
624 int i;
625
626 target->type->halt(target);
627
628 for (i=0; i<10; i++)
629 {
630 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
631 {
632 embeddedice_read_reg(dbg_stat);
633 jtag_execute_queue();
634 } else
635 {
636 break;
637 }
638 /* do not eat all CPU, time out after 1 se*/
639 usleep(100*1000);
640 }
641 if (i==10)
642 {
643 LOG_ERROR("Failed to halt CPU after 1 sec");
644 return ERROR_TARGET_TIMEOUT;
645 }
646
647 target->state = TARGET_HALTED;
648
649 /* SVC, ARM state, IRQ and FIQ disabled */
650 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
651 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
652 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
653
654 /* start fetching from 0x0 */
655 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
656 armv4_5->core_cache->reg_list[15].dirty = 1;
657 armv4_5->core_cache->reg_list[15].valid = 1;
658
659 armv4_5->core_mode = ARMV4_5_MODE_SVC;
660 armv4_5->core_state = ARMV4_5_STATE_ARM;
661
662 arm920t_disable_mmu_caches(target, 1, 1, 1);
663 arm920t->armv4_5_mmu.mmu_enabled = 0;
664 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
665 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
666
667 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
668
669 return ERROR_OK;
670 }
671
672 int arm920t_init_target(struct command_context_s *cmd_ctx, struct target_s *target)
673 {
674 arm9tdmi_init_target(cmd_ctx, target);
675
676 return ERROR_OK;
677
678 }
679
680 int arm920t_quit()
681 {
682
683 return ERROR_OK;
684 }
685
686 int arm920t_init_arch_info(target_t *target, arm920t_common_t *arm920t, int chain_pos, char *variant)
687 {
688 arm9tdmi_common_t *arm9tdmi = &arm920t->arm9tdmi_common;
689 arm7_9_common_t *arm7_9 = &arm9tdmi->arm7_9_common;
690
691 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
692 */
693 arm9tdmi_init_arch_info(target, arm9tdmi, chain_pos, variant);
694
695 arm9tdmi->arch_info = arm920t;
696 arm920t->common_magic = ARM920T_COMMON_MAGIC;
697
698 arm7_9->post_debug_entry = arm920t_post_debug_entry;
699 arm7_9->pre_restore_context = arm920t_pre_restore_context;
700
701 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
702 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
703 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
704 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
705 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
706 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
707 arm920t->armv4_5_mmu.has_tiny_pages = 1;
708 arm920t->armv4_5_mmu.mmu_enabled = 0;
709
710 /* disabling linefills leads to lockups, so keep them enabled for now
711 * this doesn't affect correctness, but might affect timing issues, if
712 * important data is evicted from the cache during the debug session
713 * */
714 arm920t->preserve_cache = 0;
715
716 /* override hw single-step capability from ARM9TDMI */
717 arm7_9->has_single_step = 1;
718
719 return ERROR_OK;
720 }
721
722 int arm920t_target_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc, struct target_s *target)
723 {
724 int chain_pos;
725 char *variant = NULL;
726 arm920t_common_t *arm920t = malloc(sizeof(arm920t_common_t));
727 memset(arm920t, 0, sizeof(*arm920t));
728
729 if (argc < 4)
730 {
731 LOG_ERROR("'target arm920t' requires at least one additional argument");
732 exit(-1);
733 }
734
735 chain_pos = strtoul(args[3], NULL, 0);
736
737 if (argc >= 5)
738 variant = args[4];
739
740 LOG_DEBUG("chain_pos: %i, variant: %s", chain_pos, variant);
741
742 arm920t_init_arch_info(target, arm920t, chain_pos, variant);
743
744 return ERROR_OK;
745 }
746
747 int arm920t_register_commands(struct command_context_s *cmd_ctx)
748 {
749 int retval;
750 command_t *arm920t_cmd;
751
752
753 retval = arm9tdmi_register_commands(cmd_ctx);
754
755 arm920t_cmd = register_command(cmd_ctx, NULL, "arm920t", NULL, COMMAND_ANY, "arm920t specific commands");
756
757 register_command(cmd_ctx, arm920t_cmd, "cp15", arm920t_handle_cp15_command, COMMAND_EXEC, "display/modify cp15 register <num> [value]");
758 register_command(cmd_ctx, arm920t_cmd, "cp15i", arm920t_handle_cp15i_command, COMMAND_EXEC, "display/modify cp15 (interpreted access) <opcode> [value] [address]");
759 register_command(cmd_ctx, arm920t_cmd, "cache_info", arm920t_handle_cache_info_command, COMMAND_EXEC, "display information about target caches");
760 register_command(cmd_ctx, arm920t_cmd, "virt2phys", arm920t_handle_virt2phys_command, COMMAND_EXEC, "translate va to pa <va>");
761
762 register_command(cmd_ctx, arm920t_cmd, "mdw_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory words <physical addr> [count]");
763 register_command(cmd_ctx, arm920t_cmd, "mdh_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory half-words <physical addr> [count]");
764 register_command(cmd_ctx, arm920t_cmd, "mdb_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory bytes <physical addr> [count]");
765
766 register_command(cmd_ctx, arm920t_cmd, "mww_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory word <physical addr> <value>");
767 register_command(cmd_ctx, arm920t_cmd, "mwh_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory half-word <physical addr> <value>");
768 register_command(cmd_ctx, arm920t_cmd, "mwb_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory byte <physical addr> <value>");
769
770 register_command(cmd_ctx, arm920t_cmd, "read_cache", arm920t_handle_read_cache_command, COMMAND_EXEC, "display I/D cache content");
771 register_command(cmd_ctx, arm920t_cmd, "read_mmu", arm920t_handle_read_mmu_command, COMMAND_EXEC, "display I/D mmu content");
772
773 return ERROR_OK;
774 }
775
776 int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
777 {
778 target_t *target = get_current_target(cmd_ctx);
779 armv4_5_common_t *armv4_5;
780 arm7_9_common_t *arm7_9;
781 arm9tdmi_common_t *arm9tdmi;
782 arm920t_common_t *arm920t;
783 arm_jtag_t *jtag_info;
784 u32 cp15c15;
785 u32 cp15_ctrl, cp15_ctrl_saved;
786 u32 regs[16];
787 u32 *regs_p[16];
788 u32 C15_C_D_Ind, C15_C_I_Ind;
789 int i;
790 FILE *output;
791 arm920t_cache_line_t d_cache[8][64], i_cache[8][64];
792 int segment, index;
793
794 if (argc != 1)
795 {
796 command_print(cmd_ctx, "usage: arm920t read_cache <filename>");
797 return ERROR_OK;
798 }
799
800 if ((output = fopen(args[0], "w")) == NULL)
801 {
802 LOG_DEBUG("error opening cache content file");
803 return ERROR_OK;
804 }
805
806 for (i = 0; i < 16; i++)
807 regs_p[i] = &regs[i];
808
809 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
810 {
811 command_print(cmd_ctx, "current target isn't an ARM920t target");
812 return ERROR_OK;
813 }
814
815 jtag_info = &arm7_9->jtag_info;
816
817 /* disable MMU and Caches */
818 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
819 jtag_execute_queue();
820 cp15_ctrl_saved = cp15_ctrl;
821 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
822 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
823
824 /* read CP15 test state register */
825 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
826 jtag_execute_queue();
827
828 /* read DCache content */
829 fprintf(output, "DCache:\n");
830
831 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
832 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
833 {
834 fprintf(output, "\nsegment: %i\n----------", segment);
835
836 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
837 regs[0] = 0x0 | (segment << 5);
838 arm9tdmi_write_core_regs(target, 0x1, regs);
839
840 /* set interpret mode */
841 cp15c15 |= 0x1;
842 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
843
844 /* D CAM Read, loads current victim into C15.C.D.Ind */
845 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
846
847 /* read current victim */
848 arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
849
850 /* clear interpret mode */
851 cp15c15 &= ~0x1;
852 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
853
854 for (index = 0; index < 64; index++)
855 {
856 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
857 regs[0] = 0x0 | (segment << 5) | (index << 26);
858 arm9tdmi_write_core_regs(target, 0x1, regs);
859
860 /* set interpret mode */
861 cp15c15 |= 0x1;
862 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
863
864 /* Write DCache victim */
865 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
866
867 /* Read D RAM */
868 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
869
870 /* Read D CAM */
871 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
872
873 /* clear interpret mode */
874 cp15c15 &= ~0x1;
875 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
876
877 /* read D RAM and CAM content */
878 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
879 jtag_execute_queue();
880
881 d_cache[segment][index].cam = regs[9];
882
883 /* mask LFSR[6] */
884 regs[9] &= 0xfffffffe;
885 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8x, content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
886
887 for (i = 1; i < 9; i++)
888 {
889 d_cache[segment][index].data[i] = regs[i];
890 fprintf(output, "%i: 0x%8.8x\n", i-1, regs[i]);
891 }
892
893 }
894
895 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
896 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
897 arm9tdmi_write_core_regs(target, 0x1, regs);
898
899 /* set interpret mode */
900 cp15c15 |= 0x1;
901 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
902
903 /* Write DCache victim */
904 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
905
906 /* clear interpret mode */
907 cp15c15 &= ~0x1;
908 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
909 }
910
911 /* read ICache content */
912 fprintf(output, "ICache:\n");
913
914 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
915 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
916 {
917 fprintf(output, "segment: %i\n----------", segment);
918
919 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
920 regs[0] = 0x0 | (segment << 5);
921 arm9tdmi_write_core_regs(target, 0x1, regs);
922
923 /* set interpret mode */
924 cp15c15 |= 0x1;
925 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
926
927 /* I CAM Read, loads current victim into C15.C.I.Ind */
928 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
929
930 /* read current victim */
931 arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
932
933 /* clear interpret mode */
934 cp15c15 &= ~0x1;
935 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
936
937 for (index = 0; index < 64; index++)
938 {
939 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
940 regs[0] = 0x0 | (segment << 5) | (index << 26);
941 arm9tdmi_write_core_regs(target, 0x1, regs);
942
943 /* set interpret mode */
944 cp15c15 |= 0x1;
945 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
946
947 /* Write ICache victim */
948 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
949
950 /* Read I RAM */
951 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
952
953 /* Read I CAM */
954 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
955
956 /* clear interpret mode */
957 cp15c15 &= ~0x1;
958 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
959
960 /* read I RAM and CAM content */
961 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
962 jtag_execute_queue();
963
964 i_cache[segment][index].cam = regs[9];
965
966 /* mask LFSR[6] */
967 regs[9] &= 0xfffffffe;
968 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8x, content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
969
970 for (i = 1; i < 9; i++)
971 {
972 i_cache[segment][index].data[i] = regs[i];
973 fprintf(output, "%i: 0x%8.8x\n", i-1, regs[i]);
974 }
975
976 }
977
978
979 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
980 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
981 arm9tdmi_write_core_regs(target, 0x1, regs);
982
983 /* set interpret mode */
984 cp15c15 |= 0x1;
985 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
986
987 /* Write ICache victim */
988 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
989
990 /* clear interpret mode */
991 cp15c15 &= ~0x1;
992 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
993 }
994
995 /* restore CP15 MMU and Cache settings */
996 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
997
998 command_print(cmd_ctx, "cache content successfully output to %s", args[0]);
999
1000 fclose(output);
1001
1002 /* mark registers dirty. */
1003 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1004 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1005 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1006 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1007 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1008 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1009 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1010 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1011 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1012 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1013
1014 return ERROR_OK;
1015 }
1016
1017 int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1018 {
1019 target_t *target = get_current_target(cmd_ctx);
1020 armv4_5_common_t *armv4_5;
1021 arm7_9_common_t *arm7_9;
1022 arm9tdmi_common_t *arm9tdmi;
1023 arm920t_common_t *arm920t;
1024 arm_jtag_t *jtag_info;
1025 u32 cp15c15;
1026 u32 cp15_ctrl, cp15_ctrl_saved;
1027 u32 regs[16];
1028 u32 *regs_p[16];
1029 int i;
1030 FILE *output;
1031 u32 Dlockdown, Ilockdown;
1032 arm920t_tlb_entry_t d_tlb[64], i_tlb[64];
1033 int victim;
1034
1035 if (argc != 1)
1036 {
1037 command_print(cmd_ctx, "usage: arm920t read_mmu <filename>");
1038 return ERROR_OK;
1039 }
1040
1041 if ((output = fopen(args[0], "w")) == NULL)
1042 {
1043 LOG_DEBUG("error opening mmu content file");
1044 return ERROR_OK;
1045 }
1046
1047 for (i = 0; i < 16; i++)
1048 regs_p[i] = &regs[i];
1049
1050 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1051 {
1052 command_print(cmd_ctx, "current target isn't an ARM920t target");
1053 return ERROR_OK;
1054 }
1055
1056 jtag_info = &arm7_9->jtag_info;
1057
1058 /* disable MMU and Caches */
1059 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
1060 jtag_execute_queue();
1061 cp15_ctrl_saved = cp15_ctrl;
1062 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1063 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
1064
1065 /* read CP15 test state register */
1066 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
1067 jtag_execute_queue();
1068
1069 /* prepare reading D TLB content
1070 * */
1071
1072 /* set interpret mode */
1073 cp15c15 |= 0x1;
1074 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1075
1076 /* Read D TLB lockdown */
1077 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1078
1079 /* clear interpret mode */
1080 cp15c15 &= ~0x1;
1081 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1082
1083 /* read D TLB lockdown stored to r1 */
1084 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1085 jtag_execute_queue();
1086 Dlockdown = regs[1];
1087
1088 for (victim = 0; victim < 64; victim += 8)
1089 {
1090 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1091 * base remains unchanged, victim goes through entries 0 to 63 */
1092 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1093 arm9tdmi_write_core_regs(target, 0x2, regs);
1094
1095 /* set interpret mode */
1096 cp15c15 |= 0x1;
1097 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1098
1099 /* Write D TLB lockdown */
1100 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1101
1102 /* Read D TLB CAM */
1103 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1104
1105 /* clear interpret mode */
1106 cp15c15 &= ~0x1;
1107 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1108
1109 /* read D TLB CAM content stored to r2-r9 */
1110 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1111 jtag_execute_queue();
1112
1113 for (i = 0; i < 8; i++)
1114 d_tlb[victim + i].cam = regs[i + 2];
1115 }
1116
1117 for (victim = 0; victim < 64; victim++)
1118 {
1119 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1120 * base remains unchanged, victim goes through entries 0 to 63 */
1121 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1122 arm9tdmi_write_core_regs(target, 0x2, regs);
1123
1124 /* set interpret mode */
1125 cp15c15 |= 0x1;
1126 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1127
1128 /* Write D TLB lockdown */
1129 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1130
1131 /* Read D TLB RAM1 */
1132 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1133
1134 /* Read D TLB RAM2 */
1135 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1136
1137 /* clear interpret mode */
1138 cp15c15 &= ~0x1;
1139 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1140
1141 /* read D TLB RAM content stored to r2 and r3 */
1142 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1143 jtag_execute_queue();
1144
1145 d_tlb[victim].ram1 = regs[2];
1146 d_tlb[victim].ram2 = regs[3];
1147 }
1148
1149 /* restore D TLB lockdown */
1150 regs[1] = Dlockdown;
1151 arm9tdmi_write_core_regs(target, 0x2, regs);
1152
1153 /* Write D TLB lockdown */
1154 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1155
1156 /* prepare reading I TLB content
1157 * */
1158
1159 /* set interpret mode */
1160 cp15c15 |= 0x1;
1161 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1162
1163 /* Read I TLB lockdown */
1164 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1165
1166 /* clear interpret mode */
1167 cp15c15 &= ~0x1;
1168 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1169
1170 /* read I TLB lockdown stored to r1 */
1171 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1172 jtag_execute_queue();
1173 Ilockdown = regs[1];
1174
1175 for (victim = 0; victim < 64; victim += 8)
1176 {
1177 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1178 * base remains unchanged, victim goes through entries 0 to 63 */
1179 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1180 arm9tdmi_write_core_regs(target, 0x2, regs);
1181
1182 /* set interpret mode */
1183 cp15c15 |= 0x1;
1184 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1185
1186 /* Write I TLB lockdown */
1187 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1188
1189 /* Read I TLB CAM */
1190 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1191
1192 /* clear interpret mode */
1193 cp15c15 &= ~0x1;
1194 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1195
1196 /* read I TLB CAM content stored to r2-r9 */
1197 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1198 jtag_execute_queue();
1199
1200 for (i = 0; i < 8; i++)
1201 i_tlb[i + victim].cam = regs[i + 2];
1202 }
1203
1204 for (victim = 0; victim < 64; victim++)
1205 {
1206 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1207 * base remains unchanged, victim goes through entries 0 to 63 */
1208 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1209 arm9tdmi_write_core_regs(target, 0x2, regs);
1210
1211 /* set interpret mode */
1212 cp15c15 |= 0x1;
1213 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1214
1215 /* Write I TLB lockdown */
1216 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1217
1218 /* Read I TLB RAM1 */
1219 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1220
1221 /* Read I TLB RAM2 */
1222 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1223
1224 /* clear interpret mode */
1225 cp15c15 &= ~0x1;
1226 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1227
1228 /* read I TLB RAM content stored to r2 and r3 */
1229 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1230 jtag_execute_queue();
1231
1232 i_tlb[victim].ram1 = regs[2];
1233 i_tlb[victim].ram2 = regs[3];
1234 }
1235
1236 /* restore I TLB lockdown */
1237 regs[1] = Ilockdown;
1238 arm9tdmi_write_core_regs(target, 0x2, regs);
1239
1240 /* Write I TLB lockdown */
1241 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1242
1243 /* restore CP15 MMU and Cache settings */
1244 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1245
1246 /* output data to file */
1247 fprintf(output, "D TLB content:\n");
1248 for (i = 0; i < 64; i++)
1249 {
1250 fprintf(output, "%i: 0x%8.8x 0x%8.8x 0x%8.8x %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1251 }
1252
1253 fprintf(output, "\n\nI TLB content:\n");
1254 for (i = 0; i < 64; i++)
1255 {
1256 fprintf(output, "%i: 0x%8.8x 0x%8.8x 0x%8.8x %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1257 }
1258
1259 command_print(cmd_ctx, "mmu content successfully output to %s", args[0]);
1260
1261 fclose(output);
1262
1263 /* mark registers dirty */
1264 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1265 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1266 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1267 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1268 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1269 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1270 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1271 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1272 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1273 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1274
1275 return ERROR_OK;
1276 }
1277 int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1278 {
1279 int retval;
1280 target_t *target = get_current_target(cmd_ctx);
1281 armv4_5_common_t *armv4_5;
1282 arm7_9_common_t *arm7_9;
1283 arm9tdmi_common_t *arm9tdmi;
1284 arm920t_common_t *arm920t;
1285 arm_jtag_t *jtag_info;
1286
1287 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1288 {
1289 command_print(cmd_ctx, "current target isn't an ARM920t target");
1290 return ERROR_OK;
1291 }
1292
1293 jtag_info = &arm7_9->jtag_info;
1294
1295 if (target->state != TARGET_HALTED)
1296 {
1297 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1298 return ERROR_OK;
1299 }
1300
1301 /* one or more argument, access a single register (write if second argument is given */
1302 if (argc >= 1)
1303 {
1304 int address = strtoul(args[0], NULL, 0);
1305
1306 if (argc == 1)
1307 {
1308 u32 value;
1309 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1310 {
1311 command_print(cmd_ctx, "couldn't access reg %i", address);
1312 return ERROR_OK;
1313 }
1314 jtag_execute_queue();
1315
1316 command_print(cmd_ctx, "%i: %8.8x", address, value);
1317 }
1318 else if (argc == 2)
1319 {
1320 u32 value = strtoul(args[1], NULL, 0);
1321 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1322 {
1323 command_print(cmd_ctx, "couldn't access reg %i", address);
1324 return ERROR_OK;
1325 }
1326 command_print(cmd_ctx, "%i: %8.8x", address, value);
1327 }
1328 }
1329
1330 return ERROR_OK;
1331 }
1332
1333 int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1334 {
1335 int retval;
1336 target_t *target = get_current_target(cmd_ctx);
1337 armv4_5_common_t *armv4_5;
1338 arm7_9_common_t *arm7_9;
1339 arm9tdmi_common_t *arm9tdmi;
1340 arm920t_common_t *arm920t;
1341 arm_jtag_t *jtag_info;
1342
1343 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1344 {
1345 command_print(cmd_ctx, "current target isn't an ARM920t target");
1346 return ERROR_OK;
1347 }
1348
1349 jtag_info = &arm7_9->jtag_info;
1350
1351 if (target->state != TARGET_HALTED)
1352 {
1353 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1354 return ERROR_OK;
1355 }
1356
1357 /* one or more argument, access a single register (write if second argument is given */
1358 if (argc >= 1)
1359 {
1360 u32 opcode = strtoul(args[0], NULL, 0);
1361
1362 if (argc == 1)
1363 {
1364 u32 value;
1365 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1366 {
1367 command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
1368 return ERROR_OK;
1369 }
1370
1371 command_print(cmd_ctx, "%8.8x: %8.8x", opcode, value);
1372 }
1373 else if (argc == 2)
1374 {
1375 u32 value = strtoul(args[1], NULL, 0);
1376 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1377 {
1378 command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
1379 return ERROR_OK;
1380 }
1381 command_print(cmd_ctx, "%8.8x: %8.8x", opcode, value);
1382 }
1383 else if (argc == 3)
1384 {
1385 u32 value = strtoul(args[1], NULL, 0);
1386 u32 address = strtoul(args[2], NULL, 0);
1387 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1388 {
1389 command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
1390 return ERROR_OK;
1391 }
1392 command_print(cmd_ctx, "%8.8x: %8.8x %8.8x", opcode, value, address);
1393 }
1394 }
1395 else
1396 {
1397 command_print(cmd_ctx, "usage: arm920t cp15i <opcode> [value] [address]");
1398 }
1399
1400 return ERROR_OK;
1401 }
1402
1403 int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1404 {
1405 target_t *target = get_current_target(cmd_ctx);
1406 armv4_5_common_t *armv4_5;
1407 arm7_9_common_t *arm7_9;
1408 arm9tdmi_common_t *arm9tdmi;
1409 arm920t_common_t *arm920t;
1410
1411 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1412 {
1413 command_print(cmd_ctx, "current target isn't an ARM920t target");
1414 return ERROR_OK;
1415 }
1416
1417 return armv4_5_handle_cache_info_command(cmd_ctx, &arm920t->armv4_5_mmu.armv4_5_cache);
1418 }
1419
1420 int arm920t_handle_virt2phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
1421 {
1422 target_t *target = get_current_target(cmd_ctx);
1423 armv4_5_common_t *armv4_5;
1424 arm7_9_common_t *arm7_9;
1425 arm9tdmi_common_t *arm9tdmi;
1426 arm920t_common_t *arm920t;
1427 arm_jtag_t *jtag_info;
1428
1429 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1430 {
1431 command_print(cmd_ctx, "current target isn't an ARM920t target");
1432 return ERROR_OK;
1433 }
1434
1435 jtag_info = &arm7_9->jtag_info;
1436
1437 if (target->state != TARGET_HALTED)
1438 {
1439 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1440 return ERROR_OK;
1441 }
1442
1443 return armv4_5_mmu_handle_virt2phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
1444 }
1445
1446 int arm920t_handle_md_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
1447 {
1448 target_t *target = get_current_target(cmd_ctx);
1449 armv4_5_common_t *armv4_5;
1450 arm7_9_common_t *arm7_9;
1451 arm9tdmi_common_t *arm9tdmi;
1452 arm920t_common_t *arm920t;
1453 arm_jtag_t *jtag_info;
1454
1455 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1456 {
1457 command_print(cmd_ctx, "current target isn't an ARM920t target");
1458 return ERROR_OK;
1459 }
1460
1461 jtag_info = &arm7_9->jtag_info;
1462
1463 if (target->state != TARGET_HALTED)
1464 {
1465 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1466 return ERROR_OK;
1467 }
1468
1469 return armv4_5_mmu_handle_md_phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
1470 }
1471
1472 int arm920t_handle_mw_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
1473 {
1474 target_t *target = get_current_target(cmd_ctx);
1475 armv4_5_common_t *armv4_5;
1476 arm7_9_common_t *arm7_9;
1477 arm9tdmi_common_t *arm9tdmi;
1478 arm920t_common_t *arm920t;
1479 arm_jtag_t *jtag_info;
1480
1481 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1482 {
1483 command_print(cmd_ctx, "current target isn't an ARM920t target");
1484 return ERROR_OK;
1485 }
1486
1487 jtag_info = &arm7_9->jtag_info;
1488
1489 if (target->state != TARGET_HALTED)
1490 {
1491 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1492 return ERROR_OK;
1493 }
1494
1495 return armv4_5_mmu_handle_mw_phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
1496 }
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)