Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
arm920t: add mrcmcr interface fn's.
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include "time_support.h"
26 #include "target_type.h"
27
28
29 #if 0
30 #define _DEBUG_INSTRUCTION_EXECUTION_
31 #endif
32
33 /* cli handling */
34 int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
35 int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
36 int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
37 int arm920t_read_phys_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer);
38 int arm920t_write_phys_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer);
39
40 int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
41 int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
42
43 /* forward declarations */
44 int arm920t_target_create(struct target_s *target, Jim_Interp *interp);
45 int arm920t_init_target(struct command_context_s *cmd_ctx, struct target_s *target);
46
47 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
48
49 static int arm920t_mrc(target_t *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value);
50 static int arm920t_mcr(target_t *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value);
51
52
53 target_type_t arm920t_target =
54 {
55 .name = "arm920t",
56
57 .poll = arm7_9_poll,
58 .arch_state = arm920t_arch_state,
59
60 .target_request_data = arm7_9_target_request_data,
61
62 .halt = arm7_9_halt,
63 .resume = arm7_9_resume,
64 .step = arm7_9_step,
65
66 .assert_reset = arm7_9_assert_reset,
67 .deassert_reset = arm7_9_deassert_reset,
68 .soft_reset_halt = arm920t_soft_reset_halt,
69
70 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
71
72 .read_memory = arm920t_read_memory,
73 .write_memory = arm920t_write_memory,
74 .read_phys_memory = arm920t_read_phys_memory,
75 .write_phys_memory = arm920t_write_phys_memory,
76 .bulk_write_memory = arm7_9_bulk_write_memory,
77 .checksum_memory = arm7_9_checksum_memory,
78 .blank_check_memory = arm7_9_blank_check_memory,
79
80 .run_algorithm = armv4_5_run_algorithm,
81
82 .add_breakpoint = arm7_9_add_breakpoint,
83 .remove_breakpoint = arm7_9_remove_breakpoint,
84 .add_watchpoint = arm7_9_add_watchpoint,
85 .remove_watchpoint = arm7_9_remove_watchpoint,
86
87 .register_commands = arm920t_register_commands,
88 .target_create = arm920t_target_create,
89 .init_target = arm920t_init_target,
90 .examine = arm9tdmi_examine,
91 .mrc = arm920t_mrc,
92 .mcr = arm920t_mcr,
93 };
94
95 int arm920t_read_cp15_physical(target_t *target, int reg_addr, uint32_t *value)
96 {
97 armv4_5_common_t *armv4_5 = target->arch_info;
98 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
99 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
100 scan_field_t fields[4];
101 uint8_t access_type_buf = 1;
102 uint8_t reg_addr_buf = reg_addr & 0x3f;
103 uint8_t nr_w_buf = 0;
104
105 jtag_set_end_state(TAP_IDLE);
106 arm_jtag_scann(jtag_info, 0xf);
107 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
108
109 fields[0].tap = jtag_info->tap;
110 fields[0].num_bits = 1;
111 fields[0].out_value = &access_type_buf;
112 fields[0].in_value = NULL;
113
114 fields[1].tap = jtag_info->tap;
115 fields[1].num_bits = 32;
116 fields[1].out_value = NULL;
117 fields[1].in_value = NULL;
118
119 fields[2].tap = jtag_info->tap;
120 fields[2].num_bits = 6;
121 fields[2].out_value = &reg_addr_buf;
122 fields[2].in_value = NULL;
123
124 fields[3].tap = jtag_info->tap;
125 fields[3].num_bits = 1;
126 fields[3].out_value = &nr_w_buf;
127 fields[3].in_value = NULL;
128
129 jtag_add_dr_scan(4, fields, jtag_get_end_state());
130
131 fields[1].in_value = (uint8_t *)value;
132
133 jtag_add_dr_scan(4, fields, jtag_get_end_state());
134
135 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
136
137 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
138 jtag_execute_queue();
139 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
140 #endif
141
142 return ERROR_OK;
143 }
144
145 int arm920t_write_cp15_physical(target_t *target, int reg_addr, uint32_t value)
146 {
147 armv4_5_common_t *armv4_5 = target->arch_info;
148 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
149 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
150 scan_field_t fields[4];
151 uint8_t access_type_buf = 1;
152 uint8_t reg_addr_buf = reg_addr & 0x3f;
153 uint8_t nr_w_buf = 1;
154 uint8_t value_buf[4];
155
156 buf_set_u32(value_buf, 0, 32, value);
157
158 jtag_set_end_state(TAP_IDLE);
159 arm_jtag_scann(jtag_info, 0xf);
160 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
161
162 fields[0].tap = jtag_info->tap;
163 fields[0].num_bits = 1;
164 fields[0].out_value = &access_type_buf;
165 fields[0].in_value = NULL;
166
167 fields[1].tap = jtag_info->tap;
168 fields[1].num_bits = 32;
169 fields[1].out_value = value_buf;
170 fields[1].in_value = NULL;
171
172 fields[2].tap = jtag_info->tap;
173 fields[2].num_bits = 6;
174 fields[2].out_value = &reg_addr_buf;
175 fields[2].in_value = NULL;
176
177 fields[3].tap = jtag_info->tap;
178 fields[3].num_bits = 1;
179 fields[3].out_value = &nr_w_buf;
180 fields[3].in_value = NULL;
181
182 jtag_add_dr_scan(4, fields, jtag_get_end_state());
183
184 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
185 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
186 #endif
187
188 return ERROR_OK;
189 }
190
191 int arm920t_execute_cp15(target_t *target, uint32_t cp15_opcode, uint32_t arm_opcode)
192 {
193 int retval;
194 armv4_5_common_t *armv4_5 = target->arch_info;
195 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
196 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
197 scan_field_t fields[4];
198 uint8_t access_type_buf = 0; /* interpreted access */
199 uint8_t reg_addr_buf = 0x0;
200 uint8_t nr_w_buf = 0;
201 uint8_t cp15_opcode_buf[4];
202
203 jtag_set_end_state(TAP_IDLE);
204 arm_jtag_scann(jtag_info, 0xf);
205 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
206
207 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
208
209 fields[0].tap = jtag_info->tap;
210 fields[0].num_bits = 1;
211 fields[0].out_value = &access_type_buf;
212 fields[0].in_value = NULL;
213
214 fields[1].tap = jtag_info->tap;
215 fields[1].num_bits = 32;
216 fields[1].out_value = cp15_opcode_buf;
217 fields[1].in_value = NULL;
218
219 fields[2].tap = jtag_info->tap;
220 fields[2].num_bits = 6;
221 fields[2].out_value = &reg_addr_buf;
222 fields[2].in_value = NULL;
223
224 fields[3].tap = jtag_info->tap;
225 fields[3].num_bits = 1;
226 fields[3].out_value = &nr_w_buf;
227 fields[3].in_value = NULL;
228
229 jtag_add_dr_scan(4, fields, jtag_get_end_state());
230
231 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
232 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
233 retval = arm7_9_execute_sys_speed(target);
234 if (retval != ERROR_OK)
235 return retval;
236
237 if ((retval = jtag_execute_queue()) != ERROR_OK)
238 {
239 LOG_ERROR("failed executing JTAG queue, exiting");
240 return retval;
241 }
242
243 return ERROR_OK;
244 }
245
246 int arm920t_read_cp15_interpreted(target_t *target, uint32_t cp15_opcode, uint32_t address, uint32_t *value)
247 {
248 armv4_5_common_t *armv4_5 = target->arch_info;
249 uint32_t* regs_p[1];
250 uint32_t regs[2];
251 uint32_t cp15c15 = 0x0;
252
253 /* load address into R1 */
254 regs[1] = address;
255 arm9tdmi_write_core_regs(target, 0x2, regs);
256
257 /* read-modify-write CP15 test state register
258 * to enable interpreted access mode */
259 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
260 jtag_execute_queue();
261 cp15c15 |= 1; /* set interpret mode */
262 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
263
264 /* execute CP15 instruction and ARM load (reading from coprocessor) */
265 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
266
267 /* disable interpreted access mode */
268 cp15c15 &= ~1U; /* clear interpret mode */
269 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
270
271 /* retrieve value from R0 */
272 regs_p[0] = value;
273 arm9tdmi_read_core_regs(target, 0x1, regs_p);
274 jtag_execute_queue();
275
276 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
277 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
278 #endif
279
280 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
281 return ERROR_FAIL;
282
283 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
284 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
285
286 return ERROR_OK;
287 }
288
289 int arm920t_write_cp15_interpreted(target_t *target, uint32_t cp15_opcode, uint32_t value, uint32_t address)
290 {
291 uint32_t cp15c15 = 0x0;
292 armv4_5_common_t *armv4_5 = target->arch_info;
293 uint32_t regs[2];
294
295 /* load value, address into R0, R1 */
296 regs[0] = value;
297 regs[1] = address;
298 arm9tdmi_write_core_regs(target, 0x3, regs);
299
300 /* read-modify-write CP15 test state register
301 * to enable interpreted access mode */
302 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
303 jtag_execute_queue();
304 cp15c15 |= 1; /* set interpret mode */
305 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
306
307 /* execute CP15 instruction and ARM store (writing to coprocessor) */
308 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
309
310 /* disable interpreted access mode */
311 cp15c15 &= ~1U; /* set interpret mode */
312 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
313
314 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
315 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
316 #endif
317
318 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
319 return ERROR_FAIL;
320
321 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
322 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
323
324 return ERROR_OK;
325 }
326
327 uint32_t arm920t_get_ttb(target_t *target)
328 {
329 int retval;
330 uint32_t ttb = 0x0;
331
332 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
333 return retval;
334
335 return ttb;
336 }
337
338 void arm920t_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
339 {
340 uint32_t cp15_control;
341
342 /* read cp15 control register */
343 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
344 jtag_execute_queue();
345
346 if (mmu)
347 cp15_control &= ~0x1U;
348
349 if (d_u_cache)
350 cp15_control &= ~0x4U;
351
352 if (i_cache)
353 cp15_control &= ~0x1000U;
354
355 arm920t_write_cp15_physical(target, 0x2, cp15_control);
356 }
357
358 void arm920t_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
359 {
360 uint32_t cp15_control;
361
362 /* read cp15 control register */
363 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
364 jtag_execute_queue();
365
366 if (mmu)
367 cp15_control |= 0x1U;
368
369 if (d_u_cache)
370 cp15_control |= 0x4U;
371
372 if (i_cache)
373 cp15_control |= 0x1000U;
374
375 arm920t_write_cp15_physical(target, 0x2, cp15_control);
376 }
377
378 void arm920t_post_debug_entry(target_t *target)
379 {
380 uint32_t cp15c15;
381 armv4_5_common_t *armv4_5 = target->arch_info;
382 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
383 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
384 arm920t_common_t *arm920t = arm9tdmi->arch_info;
385
386 /* examine cp15 control reg */
387 arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
388 jtag_execute_queue();
389 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm920t->cp15_control_reg);
390
391 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
392 {
393 uint32_t cache_type_reg;
394 /* identify caches */
395 arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
396 jtag_execute_queue();
397 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
398 }
399
400 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
401 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
402 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
403
404 /* save i/d fault status and address register */
405 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
406 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
407 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
408 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
409
410 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32 "",
411 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
412
413 if (arm920t->preserve_cache)
414 {
415 /* read-modify-write CP15 test state register
416 * to disable I/D-cache linefills */
417 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
418 jtag_execute_queue();
419 cp15c15 |= 0x600;
420 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
421 }
422 }
423
424 void arm920t_pre_restore_context(target_t *target)
425 {
426 uint32_t cp15c15;
427 armv4_5_common_t *armv4_5 = target->arch_info;
428 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
429 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
430 arm920t_common_t *arm920t = arm9tdmi->arch_info;
431
432 /* restore i/d fault status and address register */
433 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
434 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
435 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
436 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
437
438 /* read-modify-write CP15 test state register
439 * to reenable I/D-cache linefills */
440 if (arm920t->preserve_cache)
441 {
442 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
443 jtag_execute_queue();
444 cp15c15 &= ~0x600U;
445 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
446 }
447 }
448
449 int arm920t_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p, arm9tdmi_common_t **arm9tdmi_p, arm920t_common_t **arm920t_p)
450 {
451 armv4_5_common_t *armv4_5 = target->arch_info;
452 arm7_9_common_t *arm7_9;
453 arm9tdmi_common_t *arm9tdmi;
454 arm920t_common_t *arm920t;
455
456 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
457 {
458 return -1;
459 }
460
461 arm7_9 = armv4_5->arch_info;
462 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
463 {
464 return -1;
465 }
466
467 arm9tdmi = arm7_9->arch_info;
468 if (arm9tdmi->common_magic != ARM9TDMI_COMMON_MAGIC)
469 {
470 return -1;
471 }
472
473 arm920t = arm9tdmi->arch_info;
474 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
475 {
476 return -1;
477 }
478
479 *armv4_5_p = armv4_5;
480 *arm7_9_p = arm7_9;
481 *arm9tdmi_p = arm9tdmi;
482 *arm920t_p = arm920t;
483
484 return ERROR_OK;
485 }
486
487 int arm920t_arch_state(struct target_s *target)
488 {
489 armv4_5_common_t *armv4_5 = target->arch_info;
490 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
491 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
492 arm920t_common_t *arm920t = arm9tdmi->arch_info;
493
494 char *state[] =
495 {
496 "disabled", "enabled"
497 };
498
499 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
500 {
501 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
502 exit(-1);
503 }
504
505 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
506 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
507 "MMU: %s, D-Cache: %s, I-Cache: %s",
508 armv4_5_state_strings[armv4_5->core_state],
509 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
510 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
511 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
512 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
513 state[arm920t->armv4_5_mmu.mmu_enabled],
514 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
515 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
516
517 return ERROR_OK;
518 }
519
520 int arm920t_read_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
521 {
522 int retval;
523
524 retval = arm7_9_read_memory(target, address, size, count, buffer);
525
526 return retval;
527 }
528
529
530 int arm920t_read_phys_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
531 {
532 armv4_5_common_t *armv4_5 = target->arch_info;
533 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
534 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
535 arm920t_common_t *arm920t = arm9tdmi->arch_info;
536
537 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu, address, size, count, buffer);
538 }
539
540 int arm920t_write_phys_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
541 {
542 armv4_5_common_t *armv4_5 = target->arch_info;
543 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
544 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
545 arm920t_common_t *arm920t = arm9tdmi->arch_info;
546
547 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu, address, size, count, buffer);
548 }
549
550
551 int arm920t_write_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
552 {
553 int retval;
554 armv4_5_common_t *armv4_5 = target->arch_info;
555 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
556 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
557 arm920t_common_t *arm920t = arm9tdmi->arch_info;
558
559 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
560 return retval;
561
562 /* This fn is used to write breakpoints, so we need to make sure that the
563 * datacache is flushed and the instruction cache is invalidated */
564 if (((size == 4) || (size == 2)) && (count == 1))
565 {
566 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
567 {
568 LOG_DEBUG("D-Cache enabled, flush and invalidate cache line");
569 /* MCR p15,0,Rd,c7,c10,2 */
570 retval = arm920t_write_cp15_interpreted(target, 0xee070f5e, 0x0, address);
571 if (retval != ERROR_OK)
572 return retval;
573 }
574
575 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
576 {
577 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
578 retval = arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
579 if (retval != ERROR_OK)
580 return retval;
581 }
582 }
583
584 return retval;
585 }
586
587 int arm920t_soft_reset_halt(struct target_s *target)
588 {
589 int retval = ERROR_OK;
590 armv4_5_common_t *armv4_5 = target->arch_info;
591 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
592 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
593 arm920t_common_t *arm920t = arm9tdmi->arch_info;
594 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
595
596 if ((retval = target_halt(target)) != ERROR_OK)
597 {
598 return retval;
599 }
600
601 long long then = timeval_ms();
602 int timeout;
603 while (!(timeout = ((timeval_ms()-then) > 1000)))
604 {
605 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
606 {
607 embeddedice_read_reg(dbg_stat);
608 if ((retval = jtag_execute_queue()) != ERROR_OK)
609 {
610 return retval;
611 }
612 } else
613 {
614 break;
615 }
616 if (debug_level >= 3)
617 {
618 /* do not eat all CPU, time out after 1 se*/
619 alive_sleep(100);
620 } else
621 {
622 keep_alive();
623 }
624 }
625 if (timeout)
626 {
627 LOG_ERROR("Failed to halt CPU after 1 sec");
628 return ERROR_TARGET_TIMEOUT;
629 }
630
631 target->state = TARGET_HALTED;
632
633 /* SVC, ARM state, IRQ and FIQ disabled */
634 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
635 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
636 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
637
638 /* start fetching from 0x0 */
639 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
640 armv4_5->core_cache->reg_list[15].dirty = 1;
641 armv4_5->core_cache->reg_list[15].valid = 1;
642
643 armv4_5->core_mode = ARMV4_5_MODE_SVC;
644 armv4_5->core_state = ARMV4_5_STATE_ARM;
645
646 arm920t_disable_mmu_caches(target, 1, 1, 1);
647 arm920t->armv4_5_mmu.mmu_enabled = 0;
648 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
649 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
650
651 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
652 {
653 return retval;
654 }
655
656 return ERROR_OK;
657 }
658
659 int arm920t_init_target(struct command_context_s *cmd_ctx, struct target_s *target)
660 {
661 arm9tdmi_init_target(cmd_ctx, target);
662
663 return ERROR_OK;
664 }
665
666 int arm920t_init_arch_info(target_t *target, arm920t_common_t *arm920t, jtag_tap_t *tap)
667 {
668 arm9tdmi_common_t *arm9tdmi = &arm920t->arm9tdmi_common;
669 arm7_9_common_t *arm7_9 = &arm9tdmi->arm7_9_common;
670
671 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
672 */
673 arm9tdmi_init_arch_info(target, arm9tdmi, tap);
674
675 arm9tdmi->arch_info = arm920t;
676 arm920t->common_magic = ARM920T_COMMON_MAGIC;
677
678 arm7_9->post_debug_entry = arm920t_post_debug_entry;
679 arm7_9->pre_restore_context = arm920t_pre_restore_context;
680
681 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
682 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
683 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
684 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
685 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
686 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
687 arm920t->armv4_5_mmu.has_tiny_pages = 1;
688 arm920t->armv4_5_mmu.mmu_enabled = 0;
689
690 /* disabling linefills leads to lockups, so keep them enabled for now
691 * this doesn't affect correctness, but might affect timing issues, if
692 * important data is evicted from the cache during the debug session
693 * */
694 arm920t->preserve_cache = 0;
695
696 /* override hw single-step capability from ARM9TDMI */
697 arm7_9->has_single_step = 1;
698
699 return ERROR_OK;
700 }
701
702 int arm920t_target_create(struct target_s *target, Jim_Interp *interp)
703 {
704 arm920t_common_t *arm920t = calloc(1,sizeof(arm920t_common_t));
705
706 arm920t_init_arch_info(target, arm920t, target->tap);
707
708 return ERROR_OK;
709 }
710
711 int arm920t_register_commands(struct command_context_s *cmd_ctx)
712 {
713 int retval;
714 command_t *arm920t_cmd;
715
716
717 retval = arm9tdmi_register_commands(cmd_ctx);
718
719 arm920t_cmd = register_command(cmd_ctx, NULL, "arm920t", NULL, COMMAND_ANY, "arm920t specific commands");
720
721 register_command(cmd_ctx, arm920t_cmd, "cp15", arm920t_handle_cp15_command, COMMAND_EXEC, "display/modify cp15 register <num> [value]");
722 register_command(cmd_ctx, arm920t_cmd, "cp15i", arm920t_handle_cp15i_command, COMMAND_EXEC, "display/modify cp15 (interpreted access) <opcode> [value] [address]");
723 register_command(cmd_ctx, arm920t_cmd, "cache_info", arm920t_handle_cache_info_command, COMMAND_EXEC, "display information about target caches");
724
725 register_command(cmd_ctx, arm920t_cmd, "read_cache", arm920t_handle_read_cache_command, COMMAND_EXEC, "display I/D cache content");
726 register_command(cmd_ctx, arm920t_cmd, "read_mmu", arm920t_handle_read_mmu_command, COMMAND_EXEC, "display I/D mmu content");
727
728 return retval;
729 }
730
731 int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
732 {
733 int retval = ERROR_OK;
734 target_t *target = get_current_target(cmd_ctx);
735 armv4_5_common_t *armv4_5;
736 arm7_9_common_t *arm7_9;
737 arm9tdmi_common_t *arm9tdmi;
738 arm920t_common_t *arm920t;
739 arm_jtag_t *jtag_info;
740 uint32_t cp15c15;
741 uint32_t cp15_ctrl, cp15_ctrl_saved;
742 uint32_t regs[16];
743 uint32_t *regs_p[16];
744 uint32_t C15_C_D_Ind, C15_C_I_Ind;
745 int i;
746 FILE *output;
747 arm920t_cache_line_t d_cache[8][64], i_cache[8][64];
748 int segment, index;
749
750 if (argc != 1)
751 {
752 command_print(cmd_ctx, "usage: arm920t read_cache <filename>");
753 return ERROR_OK;
754 }
755
756 if ((output = fopen(args[0], "w")) == NULL)
757 {
758 LOG_DEBUG("error opening cache content file");
759 return ERROR_OK;
760 }
761
762 for (i = 0; i < 16; i++)
763 regs_p[i] = &regs[i];
764
765 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
766 {
767 command_print(cmd_ctx, "current target isn't an ARM920t target");
768 return ERROR_OK;
769 }
770
771 jtag_info = &arm7_9->jtag_info;
772
773 /* disable MMU and Caches */
774 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
775 if ((retval = jtag_execute_queue()) != ERROR_OK)
776 {
777 return retval;
778 }
779 cp15_ctrl_saved = cp15_ctrl;
780 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
781 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
782
783 /* read CP15 test state register */
784 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
785 jtag_execute_queue();
786
787 /* read DCache content */
788 fprintf(output, "DCache:\n");
789
790 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
791 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
792 {
793 fprintf(output, "\nsegment: %i\n----------", segment);
794
795 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
796 regs[0] = 0x0 | (segment << 5);
797 arm9tdmi_write_core_regs(target, 0x1, regs);
798
799 /* set interpret mode */
800 cp15c15 |= 0x1;
801 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
802
803 /* D CAM Read, loads current victim into C15.C.D.Ind */
804 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
805
806 /* read current victim */
807 arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
808
809 /* clear interpret mode */
810 cp15c15 &= ~0x1;
811 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
812
813 for (index = 0; index < 64; index++)
814 {
815 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
816 regs[0] = 0x0 | (segment << 5) | (index << 26);
817 arm9tdmi_write_core_regs(target, 0x1, regs);
818
819 /* set interpret mode */
820 cp15c15 |= 0x1;
821 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
822
823 /* Write DCache victim */
824 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
825
826 /* Read D RAM */
827 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
828
829 /* Read D CAM */
830 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
831
832 /* clear interpret mode */
833 cp15c15 &= ~0x1;
834 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
835
836 /* read D RAM and CAM content */
837 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
838 if ((retval = jtag_execute_queue()) != ERROR_OK)
839 {
840 return retval;
841 }
842
843 d_cache[segment][index].cam = regs[9];
844
845 /* mask LFSR[6] */
846 regs[9] &= 0xfffffffe;
847 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
848
849 for (i = 1; i < 9; i++)
850 {
851 d_cache[segment][index].data[i] = regs[i];
852 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
853 }
854
855 }
856
857 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
858 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
859 arm9tdmi_write_core_regs(target, 0x1, regs);
860
861 /* set interpret mode */
862 cp15c15 |= 0x1;
863 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
864
865 /* Write DCache victim */
866 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
867
868 /* clear interpret mode */
869 cp15c15 &= ~0x1;
870 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
871 }
872
873 /* read ICache content */
874 fprintf(output, "ICache:\n");
875
876 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
877 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
878 {
879 fprintf(output, "segment: %i\n----------", segment);
880
881 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
882 regs[0] = 0x0 | (segment << 5);
883 arm9tdmi_write_core_regs(target, 0x1, regs);
884
885 /* set interpret mode */
886 cp15c15 |= 0x1;
887 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
888
889 /* I CAM Read, loads current victim into C15.C.I.Ind */
890 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
891
892 /* read current victim */
893 arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
894
895 /* clear interpret mode */
896 cp15c15 &= ~0x1;
897 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
898
899 for (index = 0; index < 64; index++)
900 {
901 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
902 regs[0] = 0x0 | (segment << 5) | (index << 26);
903 arm9tdmi_write_core_regs(target, 0x1, regs);
904
905 /* set interpret mode */
906 cp15c15 |= 0x1;
907 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
908
909 /* Write ICache victim */
910 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
911
912 /* Read I RAM */
913 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
914
915 /* Read I CAM */
916 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
917
918 /* clear interpret mode */
919 cp15c15 &= ~0x1;
920 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
921
922 /* read I RAM and CAM content */
923 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
924 if ((retval = jtag_execute_queue()) != ERROR_OK)
925 {
926 return retval;
927 }
928
929 i_cache[segment][index].cam = regs[9];
930
931 /* mask LFSR[6] */
932 regs[9] &= 0xfffffffe;
933 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
934
935 for (i = 1; i < 9; i++)
936 {
937 i_cache[segment][index].data[i] = regs[i];
938 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
939 }
940 }
941
942 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
943 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
944 arm9tdmi_write_core_regs(target, 0x1, regs);
945
946 /* set interpret mode */
947 cp15c15 |= 0x1;
948 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
949
950 /* Write ICache victim */
951 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
952
953 /* clear interpret mode */
954 cp15c15 &= ~0x1;
955 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
956 }
957
958 /* restore CP15 MMU and Cache settings */
959 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
960
961 command_print(cmd_ctx, "cache content successfully output to %s", args[0]);
962
963 fclose(output);
964
965 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
966 return ERROR_FAIL;
967
968 /* mark registers dirty. */
969 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
970 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
971 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
972 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
973 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
974 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
975 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
976 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
977 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
978 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
979
980 return ERROR_OK;
981 }
982
983 int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
984 {
985 int retval = ERROR_OK;
986 target_t *target = get_current_target(cmd_ctx);
987 armv4_5_common_t *armv4_5;
988 arm7_9_common_t *arm7_9;
989 arm9tdmi_common_t *arm9tdmi;
990 arm920t_common_t *arm920t;
991 arm_jtag_t *jtag_info;
992 uint32_t cp15c15;
993 uint32_t cp15_ctrl, cp15_ctrl_saved;
994 uint32_t regs[16];
995 uint32_t *regs_p[16];
996 int i;
997 FILE *output;
998 uint32_t Dlockdown, Ilockdown;
999 arm920t_tlb_entry_t d_tlb[64], i_tlb[64];
1000 int victim;
1001
1002 if (argc != 1)
1003 {
1004 command_print(cmd_ctx, "usage: arm920t read_mmu <filename>");
1005 return ERROR_OK;
1006 }
1007
1008 if ((output = fopen(args[0], "w")) == NULL)
1009 {
1010 LOG_DEBUG("error opening mmu content file");
1011 return ERROR_OK;
1012 }
1013
1014 for (i = 0; i < 16; i++)
1015 regs_p[i] = &regs[i];
1016
1017 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1018 {
1019 command_print(cmd_ctx, "current target isn't an ARM920t target");
1020 return ERROR_OK;
1021 }
1022
1023 jtag_info = &arm7_9->jtag_info;
1024
1025 /* disable MMU and Caches */
1026 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
1027 if ((retval = jtag_execute_queue()) != ERROR_OK)
1028 {
1029 return retval;
1030 }
1031 cp15_ctrl_saved = cp15_ctrl;
1032 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1033 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
1034
1035 /* read CP15 test state register */
1036 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
1037 if ((retval = jtag_execute_queue()) != ERROR_OK)
1038 {
1039 return retval;
1040 }
1041
1042 /* prepare reading D TLB content
1043 * */
1044
1045 /* set interpret mode */
1046 cp15c15 |= 0x1;
1047 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1048
1049 /* Read D TLB lockdown */
1050 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1051
1052 /* clear interpret mode */
1053 cp15c15 &= ~0x1;
1054 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1055
1056 /* read D TLB lockdown stored to r1 */
1057 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1058 if ((retval = jtag_execute_queue()) != ERROR_OK)
1059 {
1060 return retval;
1061 }
1062 Dlockdown = regs[1];
1063
1064 for (victim = 0; victim < 64; victim += 8)
1065 {
1066 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1067 * base remains unchanged, victim goes through entries 0 to 63 */
1068 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1069 arm9tdmi_write_core_regs(target, 0x2, regs);
1070
1071 /* set interpret mode */
1072 cp15c15 |= 0x1;
1073 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1074
1075 /* Write D TLB lockdown */
1076 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1077
1078 /* Read D TLB CAM */
1079 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1080
1081 /* clear interpret mode */
1082 cp15c15 &= ~0x1;
1083 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1084
1085 /* read D TLB CAM content stored to r2-r9 */
1086 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1087 if ((retval = jtag_execute_queue()) != ERROR_OK)
1088 {
1089 return retval;
1090 }
1091
1092 for (i = 0; i < 8; i++)
1093 d_tlb[victim + i].cam = regs[i + 2];
1094 }
1095
1096 for (victim = 0; victim < 64; victim++)
1097 {
1098 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1099 * base remains unchanged, victim goes through entries 0 to 63 */
1100 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1101 arm9tdmi_write_core_regs(target, 0x2, regs);
1102
1103 /* set interpret mode */
1104 cp15c15 |= 0x1;
1105 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1106
1107 /* Write D TLB lockdown */
1108 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1109
1110 /* Read D TLB RAM1 */
1111 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1112
1113 /* Read D TLB RAM2 */
1114 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1115
1116 /* clear interpret mode */
1117 cp15c15 &= ~0x1;
1118 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1119
1120 /* read D TLB RAM content stored to r2 and r3 */
1121 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1122 if ((retval = jtag_execute_queue()) != ERROR_OK)
1123 {
1124 return retval;
1125 }
1126
1127 d_tlb[victim].ram1 = regs[2];
1128 d_tlb[victim].ram2 = regs[3];
1129 }
1130
1131 /* restore D TLB lockdown */
1132 regs[1] = Dlockdown;
1133 arm9tdmi_write_core_regs(target, 0x2, regs);
1134
1135 /* Write D TLB lockdown */
1136 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1137
1138 /* prepare reading I TLB content
1139 * */
1140
1141 /* set interpret mode */
1142 cp15c15 |= 0x1;
1143 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1144
1145 /* Read I TLB lockdown */
1146 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1147
1148 /* clear interpret mode */
1149 cp15c15 &= ~0x1;
1150 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1151
1152 /* read I TLB lockdown stored to r1 */
1153 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1154 if ((retval = jtag_execute_queue()) != ERROR_OK)
1155 {
1156 return retval;
1157 }
1158 Ilockdown = regs[1];
1159
1160 for (victim = 0; victim < 64; victim += 8)
1161 {
1162 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1163 * base remains unchanged, victim goes through entries 0 to 63 */
1164 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1165 arm9tdmi_write_core_regs(target, 0x2, regs);
1166
1167 /* set interpret mode */
1168 cp15c15 |= 0x1;
1169 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1170
1171 /* Write I TLB lockdown */
1172 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1173
1174 /* Read I TLB CAM */
1175 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1176
1177 /* clear interpret mode */
1178 cp15c15 &= ~0x1;
1179 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1180
1181 /* read I TLB CAM content stored to r2-r9 */
1182 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1183 if ((retval = jtag_execute_queue()) != ERROR_OK)
1184 {
1185 return retval;
1186 }
1187
1188 for (i = 0; i < 8; i++)
1189 i_tlb[i + victim].cam = regs[i + 2];
1190 }
1191
1192 for (victim = 0; victim < 64; victim++)
1193 {
1194 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1195 * base remains unchanged, victim goes through entries 0 to 63 */
1196 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1197 arm9tdmi_write_core_regs(target, 0x2, regs);
1198
1199 /* set interpret mode */
1200 cp15c15 |= 0x1;
1201 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1202
1203 /* Write I TLB lockdown */
1204 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1205
1206 /* Read I TLB RAM1 */
1207 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1208
1209 /* Read I TLB RAM2 */
1210 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1211
1212 /* clear interpret mode */
1213 cp15c15 &= ~0x1;
1214 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1215
1216 /* read I TLB RAM content stored to r2 and r3 */
1217 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1218 if ((retval = jtag_execute_queue()) != ERROR_OK)
1219 {
1220 return retval;
1221 }
1222
1223 i_tlb[victim].ram1 = regs[2];
1224 i_tlb[victim].ram2 = regs[3];
1225 }
1226
1227 /* restore I TLB lockdown */
1228 regs[1] = Ilockdown;
1229 arm9tdmi_write_core_regs(target, 0x2, regs);
1230
1231 /* Write I TLB lockdown */
1232 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1233
1234 /* restore CP15 MMU and Cache settings */
1235 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1236
1237 /* output data to file */
1238 fprintf(output, "D TLB content:\n");
1239 for (i = 0; i < 64; i++)
1240 {
1241 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1242 }
1243
1244 fprintf(output, "\n\nI TLB content:\n");
1245 for (i = 0; i < 64; i++)
1246 {
1247 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1248 }
1249
1250 command_print(cmd_ctx, "mmu content successfully output to %s", args[0]);
1251
1252 fclose(output);
1253
1254 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1255 return ERROR_FAIL;
1256
1257 /* mark registers dirty */
1258 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1259 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1260 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1261 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1262 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1263 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1264 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1265 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1266 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1267 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1268
1269 return ERROR_OK;
1270 }
1271 int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1272 {
1273 int retval;
1274 target_t *target = get_current_target(cmd_ctx);
1275 armv4_5_common_t *armv4_5;
1276 arm7_9_common_t *arm7_9;
1277 arm9tdmi_common_t *arm9tdmi;
1278 arm920t_common_t *arm920t;
1279 arm_jtag_t *jtag_info;
1280
1281 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1282 {
1283 command_print(cmd_ctx, "current target isn't an ARM920t target");
1284 return ERROR_OK;
1285 }
1286
1287 jtag_info = &arm7_9->jtag_info;
1288
1289 if (target->state != TARGET_HALTED)
1290 {
1291 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1292 return ERROR_OK;
1293 }
1294
1295 /* one or more argument, access a single register (write if second argument is given */
1296 if (argc >= 1)
1297 {
1298 int address = strtoul(args[0], NULL, 0);
1299
1300 if (argc == 1)
1301 {
1302 uint32_t value;
1303 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1304 {
1305 command_print(cmd_ctx, "couldn't access reg %i", address);
1306 return ERROR_OK;
1307 }
1308 if ((retval = jtag_execute_queue()) != ERROR_OK)
1309 {
1310 return retval;
1311 }
1312
1313 command_print(cmd_ctx, "%i: %8.8" PRIx32 "", address, value);
1314 }
1315 else if (argc == 2)
1316 {
1317 uint32_t value = strtoul(args[1], NULL, 0);
1318 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1319 {
1320 command_print(cmd_ctx, "couldn't access reg %i", address);
1321 return ERROR_OK;
1322 }
1323 command_print(cmd_ctx, "%i: %8.8" PRIx32 "", address, value);
1324 }
1325 }
1326
1327 return ERROR_OK;
1328 }
1329
1330 int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1331 {
1332 int retval;
1333 target_t *target = get_current_target(cmd_ctx);
1334 armv4_5_common_t *armv4_5;
1335 arm7_9_common_t *arm7_9;
1336 arm9tdmi_common_t *arm9tdmi;
1337 arm920t_common_t *arm920t;
1338 arm_jtag_t *jtag_info;
1339
1340 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1341 {
1342 command_print(cmd_ctx, "current target isn't an ARM920t target");
1343 return ERROR_OK;
1344 }
1345
1346 jtag_info = &arm7_9->jtag_info;
1347
1348 if (target->state != TARGET_HALTED)
1349 {
1350 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
1351 return ERROR_OK;
1352 }
1353
1354 /* one or more argument, access a single register (write if second argument is given */
1355 if (argc >= 1)
1356 {
1357 uint32_t opcode = strtoul(args[0], NULL, 0);
1358
1359 if (argc == 1)
1360 {
1361 uint32_t value;
1362 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1363 {
1364 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1365 return ERROR_OK;
1366 }
1367
1368 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1369 }
1370 else if (argc == 2)
1371 {
1372 uint32_t value = strtoul(args[1], NULL, 0);
1373 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1374 {
1375 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1376 return ERROR_OK;
1377 }
1378 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1379 }
1380 else if (argc == 3)
1381 {
1382 uint32_t value = strtoul(args[1], NULL, 0);
1383 uint32_t address = strtoul(args[2], NULL, 0);
1384 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1385 {
1386 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1387 return ERROR_OK;
1388 }
1389 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 " %8.8" PRIx32 "", opcode, value, address);
1390 }
1391 }
1392 else
1393 {
1394 command_print(cmd_ctx, "usage: arm920t cp15i <opcode> [value] [address]");
1395 }
1396
1397 return ERROR_OK;
1398 }
1399
1400 int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
1401 {
1402 target_t *target = get_current_target(cmd_ctx);
1403 armv4_5_common_t *armv4_5;
1404 arm7_9_common_t *arm7_9;
1405 arm9tdmi_common_t *arm9tdmi;
1406 arm920t_common_t *arm920t;
1407
1408 if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
1409 {
1410 command_print(cmd_ctx, "current target isn't an ARM920t target");
1411 return ERROR_OK;
1412 }
1413
1414 return armv4_5_handle_cache_info_command(cmd_ctx, &arm920t->armv4_5_mmu.armv4_5_cache);
1415 }
1416
1417
1418 static int arm920t_mrc(target_t *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
1419 {
1420 if (cpnum!=15)
1421 {
1422 LOG_ERROR("Only cp15 is supported");
1423 return ERROR_FAIL;
1424 }
1425
1426 return arm920t_read_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1427 }
1428
1429 static int arm920t_mcr(target_t *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
1430 {
1431 if (cpnum!=15)
1432 {
1433 LOG_ERROR("Only cp15 is supported");
1434 return ERROR_FAIL;
1435 }
1436
1437 return arm920t_write_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1438 }
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)