Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
MIPS: no exit() calls
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include "time_support.h"
26 #include "target_type.h"
27 #include "register.h"
28
29
30 /*
31 * For information about the ARM920T, see ARM DDI 0151C especially
32 * Chapter 9 about debug support, which shows how to manipulate each
33 * of the different scan chains:
34 *
35 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
36 * 1 ... debugging; watchpoint and breakpoint status, etc; also
37 * MMU and cache access in conjunction with scan chain 15
38 * 2 ... EmbeddedICE
39 * 3 ... external boundary scan (SoC-specific, unused here)
40 * 4 ... access to cache tag RAM
41 * 6 ... ETM9
42 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
43 * "interpreted" works with a few actual MRC/MCR instructions
44 * "physical" provides register-like behaviors.
45 *
46 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
47 */
48
49 #if 0
50 #define _DEBUG_INSTRUCTION_EXECUTION_
51 #endif
52
53 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
54
55 static int arm920t_read_cp15_physical(struct target *target,
56 int reg_addr, uint32_t *value)
57 {
58 struct arm920t_common *arm920t = target_to_arm920(target);
59 struct arm_jtag *jtag_info;
60 struct scan_field fields[4];
61 uint8_t access_type_buf = 1;
62 uint8_t reg_addr_buf = reg_addr & 0x3f;
63 uint8_t nr_w_buf = 0;
64
65 jtag_info = &arm920t->arm9tdmi_common.arm7_9_common.jtag_info;
66
67 jtag_set_end_state(TAP_IDLE);
68 arm_jtag_scann(jtag_info, 0xf);
69 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
70
71 fields[0].tap = jtag_info->tap;
72 fields[0].num_bits = 1;
73 fields[0].out_value = &access_type_buf;
74 fields[0].in_value = NULL;
75
76 fields[1].tap = jtag_info->tap;
77 fields[1].num_bits = 32;
78 fields[1].out_value = NULL;
79 fields[1].in_value = NULL;
80
81 fields[2].tap = jtag_info->tap;
82 fields[2].num_bits = 6;
83 fields[2].out_value = &reg_addr_buf;
84 fields[2].in_value = NULL;
85
86 fields[3].tap = jtag_info->tap;
87 fields[3].num_bits = 1;
88 fields[3].out_value = &nr_w_buf;
89 fields[3].in_value = NULL;
90
91 jtag_add_dr_scan(4, fields, jtag_get_end_state());
92
93 fields[1].in_value = (uint8_t *)value;
94
95 jtag_add_dr_scan(4, fields, jtag_get_end_state());
96
97 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
98
99 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
100 jtag_execute_queue();
101 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
102 #endif
103
104 return ERROR_OK;
105 }
106
107 static int arm920t_write_cp15_physical(struct target *target,
108 int reg_addr, uint32_t value)
109 {
110 struct arm920t_common *arm920t = target_to_arm920(target);
111 struct arm_jtag *jtag_info;
112 struct scan_field fields[4];
113 uint8_t access_type_buf = 1;
114 uint8_t reg_addr_buf = reg_addr & 0x3f;
115 uint8_t nr_w_buf = 1;
116 uint8_t value_buf[4];
117
118 jtag_info = &arm920t->arm9tdmi_common.arm7_9_common.jtag_info;
119
120 buf_set_u32(value_buf, 0, 32, value);
121
122 jtag_set_end_state(TAP_IDLE);
123 arm_jtag_scann(jtag_info, 0xf);
124 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
125
126 fields[0].tap = jtag_info->tap;
127 fields[0].num_bits = 1;
128 fields[0].out_value = &access_type_buf;
129 fields[0].in_value = NULL;
130
131 fields[1].tap = jtag_info->tap;
132 fields[1].num_bits = 32;
133 fields[1].out_value = value_buf;
134 fields[1].in_value = NULL;
135
136 fields[2].tap = jtag_info->tap;
137 fields[2].num_bits = 6;
138 fields[2].out_value = &reg_addr_buf;
139 fields[2].in_value = NULL;
140
141 fields[3].tap = jtag_info->tap;
142 fields[3].num_bits = 1;
143 fields[3].out_value = &nr_w_buf;
144 fields[3].in_value = NULL;
145
146 jtag_add_dr_scan(4, fields, jtag_get_end_state());
147
148 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
149 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
150 #endif
151
152 return ERROR_OK;
153 }
154
155 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
156 uint32_t arm_opcode)
157 {
158 int retval;
159 struct arm920t_common *arm920t = target_to_arm920(target);
160 struct arm_jtag *jtag_info;
161 struct scan_field fields[4];
162 uint8_t access_type_buf = 0; /* interpreted access */
163 uint8_t reg_addr_buf = 0x0;
164 uint8_t nr_w_buf = 0;
165 uint8_t cp15_opcode_buf[4];
166
167 jtag_info = &arm920t->arm9tdmi_common.arm7_9_common.jtag_info;
168
169 jtag_set_end_state(TAP_IDLE);
170 arm_jtag_scann(jtag_info, 0xf);
171 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
172
173 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
174
175 fields[0].tap = jtag_info->tap;
176 fields[0].num_bits = 1;
177 fields[0].out_value = &access_type_buf;
178 fields[0].in_value = NULL;
179
180 fields[1].tap = jtag_info->tap;
181 fields[1].num_bits = 32;
182 fields[1].out_value = cp15_opcode_buf;
183 fields[1].in_value = NULL;
184
185 fields[2].tap = jtag_info->tap;
186 fields[2].num_bits = 6;
187 fields[2].out_value = &reg_addr_buf;
188 fields[2].in_value = NULL;
189
190 fields[3].tap = jtag_info->tap;
191 fields[3].num_bits = 1;
192 fields[3].out_value = &nr_w_buf;
193 fields[3].in_value = NULL;
194
195 jtag_add_dr_scan(4, fields, jtag_get_end_state());
196
197 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
198 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
199 retval = arm7_9_execute_sys_speed(target);
200 if (retval != ERROR_OK)
201 return retval;
202
203 if ((retval = jtag_execute_queue()) != ERROR_OK)
204 {
205 LOG_ERROR("failed executing JTAG queue");
206 return retval;
207 }
208
209 return ERROR_OK;
210 }
211
212 static int arm920t_read_cp15_interpreted(struct target *target,
213 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
214 {
215 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
216 uint32_t* regs_p[1];
217 uint32_t regs[2];
218 uint32_t cp15c15 = 0x0;
219
220 /* load address into R1 */
221 regs[1] = address;
222 arm9tdmi_write_core_regs(target, 0x2, regs);
223
224 /* read-modify-write CP15 test state register
225 * to enable interpreted access mode */
226 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
227 jtag_execute_queue();
228 cp15c15 |= 1; /* set interpret mode */
229 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
230
231 /* execute CP15 instruction and ARM load (reading from coprocessor) */
232 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
233
234 /* disable interpreted access mode */
235 cp15c15 &= ~1U; /* clear interpret mode */
236 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
237
238 /* retrieve value from R0 */
239 regs_p[0] = value;
240 arm9tdmi_read_core_regs(target, 0x1, regs_p);
241 jtag_execute_queue();
242
243 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
244 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
245 #endif
246
247 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
248 return ERROR_FAIL;
249
250 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
251 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
252
253 return ERROR_OK;
254 }
255
256 static
257 int arm920t_write_cp15_interpreted(struct target *target,
258 uint32_t cp15_opcode, uint32_t value, uint32_t address)
259 {
260 uint32_t cp15c15 = 0x0;
261 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
262 uint32_t regs[2];
263
264 /* load value, address into R0, R1 */
265 regs[0] = value;
266 regs[1] = address;
267 arm9tdmi_write_core_regs(target, 0x3, regs);
268
269 /* read-modify-write CP15 test state register
270 * to enable interpreted access mode */
271 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
272 jtag_execute_queue();
273 cp15c15 |= 1; /* set interpret mode */
274 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
275
276 /* execute CP15 instruction and ARM store (writing to coprocessor) */
277 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
278
279 /* disable interpreted access mode */
280 cp15c15 &= ~1U; /* set interpret mode */
281 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
282
283 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
284 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
285 #endif
286
287 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
288 return ERROR_FAIL;
289
290 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
291 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
292
293 return ERROR_OK;
294 }
295
296 // EXPORTED to FA256
297 uint32_t arm920t_get_ttb(struct target *target)
298 {
299 int retval;
300 uint32_t ttb = 0x0;
301
302 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
303 return retval;
304
305 return ttb;
306 }
307
308 // EXPORTED to FA256
309 void arm920t_disable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
310 {
311 uint32_t cp15_control;
312
313 /* read cp15 control register */
314 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
315 jtag_execute_queue();
316
317 if (mmu)
318 cp15_control &= ~0x1U;
319
320 if (d_u_cache)
321 cp15_control &= ~0x4U;
322
323 if (i_cache)
324 cp15_control &= ~0x1000U;
325
326 arm920t_write_cp15_physical(target, 0x2, cp15_control);
327 }
328
329 // EXPORTED to FA256
330 void arm920t_enable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
331 {
332 uint32_t cp15_control;
333
334 /* read cp15 control register */
335 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
336 jtag_execute_queue();
337
338 if (mmu)
339 cp15_control |= 0x1U;
340
341 if (d_u_cache)
342 cp15_control |= 0x4U;
343
344 if (i_cache)
345 cp15_control |= 0x1000U;
346
347 arm920t_write_cp15_physical(target, 0x2, cp15_control);
348 }
349
350 // EXPORTED to FA256
351 void arm920t_post_debug_entry(struct target *target)
352 {
353 uint32_t cp15c15;
354 struct arm920t_common *arm920t = target_to_arm920(target);
355
356 /* examine cp15 control reg */
357 arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
358 jtag_execute_queue();
359 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm920t->cp15_control_reg);
360
361 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
362 {
363 uint32_t cache_type_reg;
364 /* identify caches */
365 arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
366 jtag_execute_queue();
367 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
368 }
369
370 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
371 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
372 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
373
374 /* save i/d fault status and address register */
375 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
376 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
377 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
378 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
379
380 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32 "",
381 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
382
383 if (arm920t->preserve_cache)
384 {
385 /* read-modify-write CP15 test state register
386 * to disable I/D-cache linefills */
387 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
388 jtag_execute_queue();
389 cp15c15 |= 0x600;
390 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
391 }
392 }
393
394 // EXPORTED to FA256
395 void arm920t_pre_restore_context(struct target *target)
396 {
397 uint32_t cp15c15;
398 struct arm920t_common *arm920t = target_to_arm920(target);
399
400 /* restore i/d fault status and address register */
401 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
402 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
403 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
404 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
405
406 /* read-modify-write CP15 test state register
407 * to reenable I/D-cache linefills */
408 if (arm920t->preserve_cache)
409 {
410 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
411 jtag_execute_queue();
412 cp15c15 &= ~0x600U;
413 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
414 }
415 }
416
417 static const char arm920_not[] = "target is not an ARM920";
418
419 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
420 struct arm920t_common *arm920t)
421 {
422 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
423 command_print(cmd_ctx, arm920_not);
424 return ERROR_TARGET_INVALID;
425 }
426
427 return ERROR_OK;
428 }
429
430 /** Logs summary of ARM920 state for a halted target. */
431 int arm920t_arch_state(struct target *target)
432 {
433 static const char *state[] =
434 {
435 "disabled", "enabled"
436 };
437
438 struct arm920t_common *arm920t = target_to_arm920(target);
439 struct armv4_5_common_s *armv4_5;
440
441 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
442 {
443 LOG_ERROR("BUG: %s", arm920_not);
444 return ERROR_TARGET_INVALID;
445 }
446
447 armv4_5 = &arm920t->arm9tdmi_common.arm7_9_common.armv4_5_common;
448
449 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
450 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
451 "MMU: %s, D-Cache: %s, I-Cache: %s",
452 armv4_5_state_strings[armv4_5->core_state],
453 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
454 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
455 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
456 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
457 state[arm920t->armv4_5_mmu.mmu_enabled],
458 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
459 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
460
461 return ERROR_OK;
462 }
463
464 static int arm920_mmu(struct target *target, int *enabled)
465 {
466 if (target->state != TARGET_HALTED) {
467 LOG_ERROR("%s: target not halted", __func__);
468 return ERROR_TARGET_INVALID;
469 }
470
471 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
472 return ERROR_OK;
473 }
474
475 static int arm920_virt2phys(struct target *target,
476 uint32_t virt, uint32_t *phys)
477 {
478 /** @todo Implement this! */
479 LOG_ERROR("%s: not implemented", __func__);
480 return ERROR_FAIL;
481 }
482
483 /** Reads a buffer, in the specified word size, with current MMU settings. */
484 int arm920t_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
485 {
486 int retval;
487
488 retval = arm7_9_read_memory(target, address, size, count, buffer);
489
490 return retval;
491 }
492
493
494 static int arm920t_read_phys_memory(struct target *target,
495 uint32_t address, uint32_t size,
496 uint32_t count, uint8_t *buffer)
497 {
498 struct arm920t_common *arm920t = target_to_arm920(target);
499
500 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
501 address, size, count, buffer);
502 }
503
504 static int arm920t_write_phys_memory(struct target *target,
505 uint32_t address, uint32_t size,
506 uint32_t count, uint8_t *buffer)
507 {
508 struct arm920t_common *arm920t = target_to_arm920(target);
509
510 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
511 address, size, count, buffer);
512 }
513
514
515 /** Writes a buffer, in the specified word size, with current MMU settings. */
516 int arm920t_write_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
517 {
518 int retval;
519
520 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
521 return retval;
522
523 /* This fn is used to write breakpoints, so we need to make sure
524 * that the data cache is flushed and the instruction cache is
525 * invalidated
526 */
527 if (((size == 4) || (size == 2)) && (count == 1))
528 {
529 struct arm920t_common *arm920t = target_to_arm920(target);
530
531 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
532 {
533 LOG_DEBUG("D-Cache enabled, flush and invalidate cache line");
534 /* MCR p15,0,Rd,c7,c10,2 */
535 retval = arm920t_write_cp15_interpreted(target, 0xee070f5e, 0x0, address);
536 if (retval != ERROR_OK)
537 return retval;
538 }
539
540 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
541 {
542 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
543 retval = arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
544 if (retval != ERROR_OK)
545 return retval;
546 }
547 }
548
549 return retval;
550 }
551
552 // EXPORTED to FA256
553 int arm920t_soft_reset_halt(struct target *target)
554 {
555 int retval = ERROR_OK;
556 struct arm920t_common *arm920t = target_to_arm920(target);
557 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
558 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
559 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
560
561 if ((retval = target_halt(target)) != ERROR_OK)
562 {
563 return retval;
564 }
565
566 long long then = timeval_ms();
567 int timeout;
568 while (!(timeout = ((timeval_ms()-then) > 1000)))
569 {
570 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
571 {
572 embeddedice_read_reg(dbg_stat);
573 if ((retval = jtag_execute_queue()) != ERROR_OK)
574 {
575 return retval;
576 }
577 } else
578 {
579 break;
580 }
581 if (debug_level >= 3)
582 {
583 /* do not eat all CPU, time out after 1 se*/
584 alive_sleep(100);
585 } else
586 {
587 keep_alive();
588 }
589 }
590 if (timeout)
591 {
592 LOG_ERROR("Failed to halt CPU after 1 sec");
593 return ERROR_TARGET_TIMEOUT;
594 }
595
596 target->state = TARGET_HALTED;
597
598 /* SVC, ARM state, IRQ and FIQ disabled */
599 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
600 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
601 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
602
603 /* start fetching from 0x0 */
604 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
605 armv4_5->core_cache->reg_list[15].dirty = 1;
606 armv4_5->core_cache->reg_list[15].valid = 1;
607
608 armv4_5->core_mode = ARMV4_5_MODE_SVC;
609 armv4_5->core_state = ARMV4_5_STATE_ARM;
610
611 arm920t_disable_mmu_caches(target, 1, 1, 1);
612 arm920t->armv4_5_mmu.mmu_enabled = 0;
613 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
614 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
615
616 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
617 {
618 return retval;
619 }
620
621 return ERROR_OK;
622 }
623
624 int arm920t_init_arch_info(struct target *target, struct arm920t_common *arm920t, struct jtag_tap *tap)
625 {
626 struct arm9tdmi_common *arm9tdmi = &arm920t->arm9tdmi_common;
627 struct arm7_9_common *arm7_9 = &arm9tdmi->arm7_9_common;
628
629 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
630 */
631 arm9tdmi_init_arch_info(target, arm9tdmi, tap);
632
633 arm920t->common_magic = ARM920T_COMMON_MAGIC;
634
635 arm7_9->post_debug_entry = arm920t_post_debug_entry;
636 arm7_9->pre_restore_context = arm920t_pre_restore_context;
637
638 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
639 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
640 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
641 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
642 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
643 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
644 arm920t->armv4_5_mmu.has_tiny_pages = 1;
645 arm920t->armv4_5_mmu.mmu_enabled = 0;
646
647 /* disabling linefills leads to lockups, so keep them enabled for now
648 * this doesn't affect correctness, but might affect timing issues, if
649 * important data is evicted from the cache during the debug session
650 * */
651 arm920t->preserve_cache = 0;
652
653 /* override hw single-step capability from ARM9TDMI */
654 arm7_9->has_single_step = 1;
655
656 return ERROR_OK;
657 }
658
659 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
660 {
661 struct arm920t_common *arm920t = calloc(1,sizeof(struct arm920t_common));
662
663 return arm920t_init_arch_info(target, arm920t, target->tap);
664 }
665
666 COMMAND_HANDLER(arm920t_handle_read_cache_command)
667 {
668 int retval = ERROR_OK;
669 struct target *target = get_current_target(cmd_ctx);
670 struct arm920t_common *arm920t = target_to_arm920(target);
671 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
672 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
673 uint32_t cp15c15;
674 uint32_t cp15_ctrl, cp15_ctrl_saved;
675 uint32_t regs[16];
676 uint32_t *regs_p[16];
677 uint32_t C15_C_D_Ind, C15_C_I_Ind;
678 int i;
679 FILE *output;
680 struct arm920t_cache_line d_cache[8][64], i_cache[8][64];
681 int segment, index;
682
683 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
684 if (retval != ERROR_OK)
685 return retval;
686
687 if (argc != 1)
688 {
689 command_print(cmd_ctx, "usage: arm920t read_cache <filename>");
690 return ERROR_OK;
691 }
692
693 if ((output = fopen(args[0], "w")) == NULL)
694 {
695 LOG_DEBUG("error opening cache content file");
696 return ERROR_OK;
697 }
698
699 for (i = 0; i < 16; i++)
700 regs_p[i] = &regs[i];
701
702 /* disable MMU and Caches */
703 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
704 if ((retval = jtag_execute_queue()) != ERROR_OK)
705 {
706 return retval;
707 }
708 cp15_ctrl_saved = cp15_ctrl;
709 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
710 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
711
712 /* read CP15 test state register */
713 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
714 jtag_execute_queue();
715
716 /* read DCache content */
717 fprintf(output, "DCache:\n");
718
719 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
720 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
721 {
722 fprintf(output, "\nsegment: %i\n----------", segment);
723
724 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
725 regs[0] = 0x0 | (segment << 5);
726 arm9tdmi_write_core_regs(target, 0x1, regs);
727
728 /* set interpret mode */
729 cp15c15 |= 0x1;
730 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
731
732 /* D CAM Read, loads current victim into C15.C.D.Ind */
733 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
734
735 /* read current victim */
736 arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
737
738 /* clear interpret mode */
739 cp15c15 &= ~0x1;
740 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
741
742 for (index = 0; index < 64; index++)
743 {
744 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
745 regs[0] = 0x0 | (segment << 5) | (index << 26);
746 arm9tdmi_write_core_regs(target, 0x1, regs);
747
748 /* set interpret mode */
749 cp15c15 |= 0x1;
750 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
751
752 /* Write DCache victim */
753 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
754
755 /* Read D RAM */
756 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
757
758 /* Read D CAM */
759 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
760
761 /* clear interpret mode */
762 cp15c15 &= ~0x1;
763 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
764
765 /* read D RAM and CAM content */
766 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
767 if ((retval = jtag_execute_queue()) != ERROR_OK)
768 {
769 return retval;
770 }
771
772 d_cache[segment][index].cam = regs[9];
773
774 /* mask LFSR[6] */
775 regs[9] &= 0xfffffffe;
776 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
777
778 for (i = 1; i < 9; i++)
779 {
780 d_cache[segment][index].data[i] = regs[i];
781 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
782 }
783
784 }
785
786 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
787 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
788 arm9tdmi_write_core_regs(target, 0x1, regs);
789
790 /* set interpret mode */
791 cp15c15 |= 0x1;
792 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
793
794 /* Write DCache victim */
795 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
796
797 /* clear interpret mode */
798 cp15c15 &= ~0x1;
799 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
800 }
801
802 /* read ICache content */
803 fprintf(output, "ICache:\n");
804
805 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
806 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
807 {
808 fprintf(output, "segment: %i\n----------", segment);
809
810 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
811 regs[0] = 0x0 | (segment << 5);
812 arm9tdmi_write_core_regs(target, 0x1, regs);
813
814 /* set interpret mode */
815 cp15c15 |= 0x1;
816 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
817
818 /* I CAM Read, loads current victim into C15.C.I.Ind */
819 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
820
821 /* read current victim */
822 arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
823
824 /* clear interpret mode */
825 cp15c15 &= ~0x1;
826 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
827
828 for (index = 0; index < 64; index++)
829 {
830 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
831 regs[0] = 0x0 | (segment << 5) | (index << 26);
832 arm9tdmi_write_core_regs(target, 0x1, regs);
833
834 /* set interpret mode */
835 cp15c15 |= 0x1;
836 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
837
838 /* Write ICache victim */
839 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
840
841 /* Read I RAM */
842 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
843
844 /* Read I CAM */
845 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
846
847 /* clear interpret mode */
848 cp15c15 &= ~0x1;
849 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
850
851 /* read I RAM and CAM content */
852 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
853 if ((retval = jtag_execute_queue()) != ERROR_OK)
854 {
855 return retval;
856 }
857
858 i_cache[segment][index].cam = regs[9];
859
860 /* mask LFSR[6] */
861 regs[9] &= 0xfffffffe;
862 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
863
864 for (i = 1; i < 9; i++)
865 {
866 i_cache[segment][index].data[i] = regs[i];
867 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
868 }
869 }
870
871 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
872 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
873 arm9tdmi_write_core_regs(target, 0x1, regs);
874
875 /* set interpret mode */
876 cp15c15 |= 0x1;
877 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
878
879 /* Write ICache victim */
880 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
881
882 /* clear interpret mode */
883 cp15c15 &= ~0x1;
884 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
885 }
886
887 /* restore CP15 MMU and Cache settings */
888 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
889
890 command_print(cmd_ctx, "cache content successfully output to %s", args[0]);
891
892 fclose(output);
893
894 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
895 return ERROR_FAIL;
896
897 /* mark registers dirty. */
898 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
899 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
900 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
901 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
902 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
903 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
904 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
905 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
906 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
907 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
908
909 return ERROR_OK;
910 }
911
912 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
913 {
914 int retval = ERROR_OK;
915 struct target *target = get_current_target(cmd_ctx);
916 struct arm920t_common *arm920t = target_to_arm920(target);
917 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
918 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
919 uint32_t cp15c15;
920 uint32_t cp15_ctrl, cp15_ctrl_saved;
921 uint32_t regs[16];
922 uint32_t *regs_p[16];
923 int i;
924 FILE *output;
925 uint32_t Dlockdown, Ilockdown;
926 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
927 int victim;
928
929 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
930 if (retval != ERROR_OK)
931 return retval;
932
933 if (argc != 1)
934 {
935 command_print(cmd_ctx, "usage: arm920t read_mmu <filename>");
936 return ERROR_OK;
937 }
938
939 if ((output = fopen(args[0], "w")) == NULL)
940 {
941 LOG_DEBUG("error opening mmu content file");
942 return ERROR_OK;
943 }
944
945 for (i = 0; i < 16; i++)
946 regs_p[i] = &regs[i];
947
948 /* disable MMU and Caches */
949 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
950 if ((retval = jtag_execute_queue()) != ERROR_OK)
951 {
952 return retval;
953 }
954 cp15_ctrl_saved = cp15_ctrl;
955 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
956 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
957
958 /* read CP15 test state register */
959 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
960 if ((retval = jtag_execute_queue()) != ERROR_OK)
961 {
962 return retval;
963 }
964
965 /* prepare reading D TLB content
966 * */
967
968 /* set interpret mode */
969 cp15c15 |= 0x1;
970 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
971
972 /* Read D TLB lockdown */
973 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
974
975 /* clear interpret mode */
976 cp15c15 &= ~0x1;
977 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
978
979 /* read D TLB lockdown stored to r1 */
980 arm9tdmi_read_core_regs(target, 0x2, regs_p);
981 if ((retval = jtag_execute_queue()) != ERROR_OK)
982 {
983 return retval;
984 }
985 Dlockdown = regs[1];
986
987 for (victim = 0; victim < 64; victim += 8)
988 {
989 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
990 * base remains unchanged, victim goes through entries 0 to 63 */
991 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
992 arm9tdmi_write_core_regs(target, 0x2, regs);
993
994 /* set interpret mode */
995 cp15c15 |= 0x1;
996 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
997
998 /* Write D TLB lockdown */
999 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1000
1001 /* Read D TLB CAM */
1002 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1003
1004 /* clear interpret mode */
1005 cp15c15 &= ~0x1;
1006 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1007
1008 /* read D TLB CAM content stored to r2-r9 */
1009 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1010 if ((retval = jtag_execute_queue()) != ERROR_OK)
1011 {
1012 return retval;
1013 }
1014
1015 for (i = 0; i < 8; i++)
1016 d_tlb[victim + i].cam = regs[i + 2];
1017 }
1018
1019 for (victim = 0; victim < 64; victim++)
1020 {
1021 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1022 * base remains unchanged, victim goes through entries 0 to 63 */
1023 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1024 arm9tdmi_write_core_regs(target, 0x2, regs);
1025
1026 /* set interpret mode */
1027 cp15c15 |= 0x1;
1028 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1029
1030 /* Write D TLB lockdown */
1031 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1032
1033 /* Read D TLB RAM1 */
1034 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1035
1036 /* Read D TLB RAM2 */
1037 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1038
1039 /* clear interpret mode */
1040 cp15c15 &= ~0x1;
1041 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1042
1043 /* read D TLB RAM content stored to r2 and r3 */
1044 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1045 if ((retval = jtag_execute_queue()) != ERROR_OK)
1046 {
1047 return retval;
1048 }
1049
1050 d_tlb[victim].ram1 = regs[2];
1051 d_tlb[victim].ram2 = regs[3];
1052 }
1053
1054 /* restore D TLB lockdown */
1055 regs[1] = Dlockdown;
1056 arm9tdmi_write_core_regs(target, 0x2, regs);
1057
1058 /* Write D TLB lockdown */
1059 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1060
1061 /* prepare reading I TLB content
1062 * */
1063
1064 /* set interpret mode */
1065 cp15c15 |= 0x1;
1066 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1067
1068 /* Read I TLB lockdown */
1069 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1070
1071 /* clear interpret mode */
1072 cp15c15 &= ~0x1;
1073 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1074
1075 /* read I TLB lockdown stored to r1 */
1076 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1077 if ((retval = jtag_execute_queue()) != ERROR_OK)
1078 {
1079 return retval;
1080 }
1081 Ilockdown = regs[1];
1082
1083 for (victim = 0; victim < 64; victim += 8)
1084 {
1085 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1086 * base remains unchanged, victim goes through entries 0 to 63 */
1087 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1088 arm9tdmi_write_core_regs(target, 0x2, regs);
1089
1090 /* set interpret mode */
1091 cp15c15 |= 0x1;
1092 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1093
1094 /* Write I TLB lockdown */
1095 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1096
1097 /* Read I TLB CAM */
1098 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1099
1100 /* clear interpret mode */
1101 cp15c15 &= ~0x1;
1102 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1103
1104 /* read I TLB CAM content stored to r2-r9 */
1105 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1106 if ((retval = jtag_execute_queue()) != ERROR_OK)
1107 {
1108 return retval;
1109 }
1110
1111 for (i = 0; i < 8; i++)
1112 i_tlb[i + victim].cam = regs[i + 2];
1113 }
1114
1115 for (victim = 0; victim < 64; victim++)
1116 {
1117 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1118 * base remains unchanged, victim goes through entries 0 to 63 */
1119 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1120 arm9tdmi_write_core_regs(target, 0x2, regs);
1121
1122 /* set interpret mode */
1123 cp15c15 |= 0x1;
1124 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1125
1126 /* Write I TLB lockdown */
1127 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1128
1129 /* Read I TLB RAM1 */
1130 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1131
1132 /* Read I TLB RAM2 */
1133 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1134
1135 /* clear interpret mode */
1136 cp15c15 &= ~0x1;
1137 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1138
1139 /* read I TLB RAM content stored to r2 and r3 */
1140 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1141 if ((retval = jtag_execute_queue()) != ERROR_OK)
1142 {
1143 return retval;
1144 }
1145
1146 i_tlb[victim].ram1 = regs[2];
1147 i_tlb[victim].ram2 = regs[3];
1148 }
1149
1150 /* restore I TLB lockdown */
1151 regs[1] = Ilockdown;
1152 arm9tdmi_write_core_regs(target, 0x2, regs);
1153
1154 /* Write I TLB lockdown */
1155 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1156
1157 /* restore CP15 MMU and Cache settings */
1158 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1159
1160 /* output data to file */
1161 fprintf(output, "D TLB content:\n");
1162 for (i = 0; i < 64; i++)
1163 {
1164 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1165 }
1166
1167 fprintf(output, "\n\nI TLB content:\n");
1168 for (i = 0; i < 64; i++)
1169 {
1170 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1171 }
1172
1173 command_print(cmd_ctx, "mmu content successfully output to %s", args[0]);
1174
1175 fclose(output);
1176
1177 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1178 return ERROR_FAIL;
1179
1180 /* mark registers dirty */
1181 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1182 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1183 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1184 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1185 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1186 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1187 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1188 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1189 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1190 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1191
1192 return ERROR_OK;
1193 }
1194
1195 COMMAND_HANDLER(arm920t_handle_cp15_command)
1196 {
1197 int retval;
1198 struct target *target = get_current_target(cmd_ctx);
1199 struct arm920t_common *arm920t = target_to_arm920(target);
1200
1201 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
1202 if (retval != ERROR_OK)
1203 return retval;
1204
1205 if (target->state != TARGET_HALTED)
1206 {
1207 command_print(cmd_ctx, "target must be stopped for \"%s\" command", CMD_NAME);
1208 return ERROR_OK;
1209 }
1210
1211 /* one or more argument, access a single register (write if second argument is given */
1212 if (argc >= 1)
1213 {
1214 int address;
1215 COMMAND_PARSE_NUMBER(int, args[0], address);
1216
1217 if (argc == 1)
1218 {
1219 uint32_t value;
1220 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1221 {
1222 command_print(cmd_ctx, "couldn't access reg %i", address);
1223 return ERROR_OK;
1224 }
1225 if ((retval = jtag_execute_queue()) != ERROR_OK)
1226 {
1227 return retval;
1228 }
1229
1230 command_print(cmd_ctx, "%i: %8.8" PRIx32 "", address, value);
1231 }
1232 else if (argc == 2)
1233 {
1234 uint32_t value;
1235 COMMAND_PARSE_NUMBER(u32, args[1], value);
1236 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1237 {
1238 command_print(cmd_ctx, "couldn't access reg %i", address);
1239 return ERROR_OK;
1240 }
1241 command_print(cmd_ctx, "%i: %8.8" PRIx32 "", address, value);
1242 }
1243 }
1244
1245 return ERROR_OK;
1246 }
1247
1248 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1249 {
1250 int retval;
1251 struct target *target = get_current_target(cmd_ctx);
1252 struct arm920t_common *arm920t = target_to_arm920(target);
1253
1254 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
1255 if (retval != ERROR_OK)
1256 return retval;
1257
1258
1259 if (target->state != TARGET_HALTED)
1260 {
1261 command_print(cmd_ctx, "target must be stopped for \"%s\" command", CMD_NAME);
1262 return ERROR_OK;
1263 }
1264
1265 /* one or more argument, access a single register (write if second argument is given */
1266 if (argc >= 1)
1267 {
1268 uint32_t opcode;
1269 COMMAND_PARSE_NUMBER(u32, args[0], opcode);
1270
1271 if (argc == 1)
1272 {
1273 uint32_t value;
1274 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1275 {
1276 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1277 return ERROR_OK;
1278 }
1279
1280 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1281 }
1282 else if (argc == 2)
1283 {
1284 uint32_t value;
1285 COMMAND_PARSE_NUMBER(u32, args[1], value);
1286 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1287 {
1288 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1289 return ERROR_OK;
1290 }
1291 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1292 }
1293 else if (argc == 3)
1294 {
1295 uint32_t value;
1296 COMMAND_PARSE_NUMBER(u32, args[1], value);
1297 uint32_t address;
1298 COMMAND_PARSE_NUMBER(u32, args[2], address);
1299 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1300 {
1301 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1302 return ERROR_OK;
1303 }
1304 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 " %8.8" PRIx32 "", opcode, value, address);
1305 }
1306 }
1307 else
1308 {
1309 command_print(cmd_ctx, "usage: arm920t cp15i <opcode> [value] [address]");
1310 }
1311
1312 return ERROR_OK;
1313 }
1314
1315 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1316 {
1317 int retval;
1318 struct target *target = get_current_target(cmd_ctx);
1319 struct arm920t_common *arm920t = target_to_arm920(target);
1320
1321 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
1322 if (retval != ERROR_OK)
1323 return retval;
1324
1325 return armv4_5_handle_cache_info_command(cmd_ctx, &arm920t->armv4_5_mmu.armv4_5_cache);
1326 }
1327
1328
1329 static int arm920t_mrc(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
1330 {
1331 if (cpnum!=15)
1332 {
1333 LOG_ERROR("Only cp15 is supported");
1334 return ERROR_FAIL;
1335 }
1336
1337 return arm920t_read_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1338 }
1339
1340 static int arm920t_mcr(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
1341 {
1342 if (cpnum!=15)
1343 {
1344 LOG_ERROR("Only cp15 is supported");
1345 return ERROR_FAIL;
1346 }
1347
1348 return arm920t_write_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1349 }
1350
1351 /** Registers commands to access coprocessor, cache, and MMU resources. */
1352 int arm920t_register_commands(struct command_context *cmd_ctx)
1353 {
1354 int retval;
1355 struct command *arm920t_cmd;
1356
1357 retval = arm9tdmi_register_commands(cmd_ctx);
1358
1359 arm920t_cmd = register_command(cmd_ctx, NULL, "arm920t",
1360 NULL, COMMAND_ANY,
1361 "arm920t specific commands");
1362
1363 register_command(cmd_ctx, arm920t_cmd, "cp15",
1364 arm920t_handle_cp15_command, COMMAND_EXEC,
1365 "display/modify cp15 register <num> [value]");
1366 register_command(cmd_ctx, arm920t_cmd, "cp15i",
1367 arm920t_handle_cp15i_command, COMMAND_EXEC,
1368 "display/modify cp15 (interpreted access) "
1369 "<opcode> [value] [address]");
1370 register_command(cmd_ctx, arm920t_cmd, "cache_info",
1371 arm920t_handle_cache_info_command, COMMAND_EXEC,
1372 "display information about target caches");
1373 register_command(cmd_ctx, arm920t_cmd, "read_cache",
1374 arm920t_handle_read_cache_command, COMMAND_EXEC,
1375 "display I/D cache content");
1376 register_command(cmd_ctx, arm920t_cmd, "read_mmu",
1377 arm920t_handle_read_mmu_command, COMMAND_EXEC,
1378 "display I/D mmu content");
1379
1380 return retval;
1381 }
1382
1383 /** Holds methods for ARM920 targets. */
1384 struct target_type arm920t_target =
1385 {
1386 .name = "arm920t",
1387
1388 .poll = arm7_9_poll,
1389 .arch_state = arm920t_arch_state,
1390
1391 .target_request_data = arm7_9_target_request_data,
1392
1393 .halt = arm7_9_halt,
1394 .resume = arm7_9_resume,
1395 .step = arm7_9_step,
1396
1397 .assert_reset = arm7_9_assert_reset,
1398 .deassert_reset = arm7_9_deassert_reset,
1399 .soft_reset_halt = arm920t_soft_reset_halt,
1400
1401 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
1402
1403 .read_memory = arm920t_read_memory,
1404 .write_memory = arm920t_write_memory,
1405 .read_phys_memory = arm920t_read_phys_memory,
1406 .write_phys_memory = arm920t_write_phys_memory,
1407 .mmu = arm920_mmu,
1408 .virt2phys = arm920_virt2phys,
1409
1410 .bulk_write_memory = arm7_9_bulk_write_memory,
1411
1412 .checksum_memory = arm_checksum_memory,
1413 .blank_check_memory = arm_blank_check_memory,
1414
1415 .run_algorithm = armv4_5_run_algorithm,
1416
1417 .add_breakpoint = arm7_9_add_breakpoint,
1418 .remove_breakpoint = arm7_9_remove_breakpoint,
1419 .add_watchpoint = arm7_9_add_watchpoint,
1420 .remove_watchpoint = arm7_9_remove_watchpoint,
1421
1422 .register_commands = arm920t_register_commands,
1423 .target_create = arm920t_target_create,
1424 .init_target = arm9tdmi_init_target,
1425 .examine = arm7_9_examine,
1426 .mrc = arm920t_mrc,
1427 .mcr = arm920t_mcr,
1428 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)