Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
arm: error propagation of arm_jtag_set_instr
[openocd.git] / src / target / arm920t.c
1
2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
21 #ifdef HAVE_CONFIG_H
22 #include "config.h"
23 #endif
24
25 #include "arm920t.h"
26 #include <helper/time_support.h>
27 #include "target_type.h"
28 #include "register.h"
29 #include "arm_opcodes.h"
30
31
32 /*
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
36 *
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
40 * 2 ... EmbeddedICE
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
43 * 6 ... ETM9
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
48 *
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
50 */
51
52 #if 0
53 #define _DEBUG_INSTRUCTION_EXECUTION_
54 #endif
55
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
59 *
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
63 *
64 * x == bit[38]
65 * y == bits[37:34]
66 * z == bit[33]
67 */
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
69
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
75
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
82
83 static int arm920t_read_cp15_physical(struct target *target,
84 int reg_addr, uint32_t *value)
85 {
86 struct arm920t_common *arm920t = target_to_arm920(target);
87 struct arm_jtag *jtag_info;
88 struct scan_field fields[4];
89 uint8_t access_type_buf = 1;
90 uint8_t reg_addr_buf = reg_addr & 0x3f;
91 uint8_t nr_w_buf = 0;
92 int retval;
93
94 jtag_info = &arm920t->arm7_9_common.jtag_info;
95
96 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
97 retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
98 if (retval != ERROR_OK)
99 return retval;
100
101 fields[0].num_bits = 1;
102 fields[0].out_value = &access_type_buf;
103 fields[0].in_value = NULL;
104
105 fields[1].num_bits = 32;
106 fields[1].out_value = NULL;
107 fields[1].in_value = NULL;
108
109 fields[2].num_bits = 6;
110 fields[2].out_value = &reg_addr_buf;
111 fields[2].in_value = NULL;
112
113 fields[3].num_bits = 1;
114 fields[3].out_value = &nr_w_buf;
115 fields[3].in_value = NULL;
116
117 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
118
119 fields[1].in_value = (uint8_t *)value;
120
121 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
122
123 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
124
125 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
126 jtag_execute_queue();
127 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
128 #endif
129
130 return ERROR_OK;
131 }
132
133 static int arm920t_write_cp15_physical(struct target *target,
134 int reg_addr, uint32_t value)
135 {
136 struct arm920t_common *arm920t = target_to_arm920(target);
137 struct arm_jtag *jtag_info;
138 struct scan_field fields[4];
139 uint8_t access_type_buf = 1;
140 uint8_t reg_addr_buf = reg_addr & 0x3f;
141 uint8_t nr_w_buf = 1;
142 uint8_t value_buf[4];
143 int retval;
144
145 jtag_info = &arm920t->arm7_9_common.jtag_info;
146
147 buf_set_u32(value_buf, 0, 32, value);
148
149 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
150 retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
151 if (retval != ERROR_OK)
152 return retval;
153
154 fields[0].num_bits = 1;
155 fields[0].out_value = &access_type_buf;
156 fields[0].in_value = NULL;
157
158 fields[1].num_bits = 32;
159 fields[1].out_value = value_buf;
160 fields[1].in_value = NULL;
161
162 fields[2].num_bits = 6;
163 fields[2].out_value = &reg_addr_buf;
164 fields[2].in_value = NULL;
165
166 fields[3].num_bits = 1;
167 fields[3].out_value = &nr_w_buf;
168 fields[3].in_value = NULL;
169
170 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
171
172 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
173 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
174 #endif
175
176 return ERROR_OK;
177 }
178
179 /* See table 9-10 for scan chain 15 format during interpreted access mode.
180 * If the TESTSTATE register is set for interpreted access, certain CP15
181 * MRC and MCR instructions may be executed through scan chain 15.
182 *
183 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
184 * executed using scan chain 15 interpreted mode.
185 */
186 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
187 uint32_t arm_opcode)
188 {
189 int retval;
190 struct arm920t_common *arm920t = target_to_arm920(target);
191 struct arm_jtag *jtag_info;
192 struct scan_field fields[4];
193 uint8_t access_type_buf = 0; /* interpreted access */
194 uint8_t reg_addr_buf = 0x0;
195 uint8_t nr_w_buf = 0;
196 uint8_t cp15_opcode_buf[4];
197
198 jtag_info = &arm920t->arm7_9_common.jtag_info;
199
200 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
201 retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
202 if (retval != ERROR_OK)
203 return retval;
204
205 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
206
207 fields[0].num_bits = 1;
208 fields[0].out_value = &access_type_buf;
209 fields[0].in_value = NULL;
210
211 fields[1].num_bits = 32;
212 fields[1].out_value = cp15_opcode_buf;
213 fields[1].in_value = NULL;
214
215 fields[2].num_bits = 6;
216 fields[2].out_value = &reg_addr_buf;
217 fields[2].in_value = NULL;
218
219 fields[3].num_bits = 1;
220 fields[3].out_value = &nr_w_buf;
221 fields[3].in_value = NULL;
222
223 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
224
225 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
226 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
227 retval = arm7_9_execute_sys_speed(target);
228 if (retval != ERROR_OK)
229 return retval;
230
231 if ((retval = jtag_execute_queue()) != ERROR_OK)
232 {
233 LOG_ERROR("failed executing JTAG queue");
234 return retval;
235 }
236
237 return ERROR_OK;
238 }
239
240 static int arm920t_read_cp15_interpreted(struct target *target,
241 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
242 {
243 struct arm *armv4_5 = target_to_arm(target);
244 uint32_t* regs_p[1];
245 uint32_t regs[2];
246 uint32_t cp15c15 = 0x0;
247 struct reg *r = armv4_5->core_cache->reg_list;
248
249 /* load address into R1 */
250 regs[1] = address;
251 arm9tdmi_write_core_regs(target, 0x2, regs);
252
253 /* read-modify-write CP15 test state register
254 * to enable interpreted access mode */
255 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
256 jtag_execute_queue();
257 cp15c15 |= 1; /* set interpret mode */
258 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
259
260 /* execute CP15 instruction and ARM load (reading from coprocessor) */
261 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
262
263 /* disable interpreted access mode */
264 cp15c15 &= ~1U; /* clear interpret mode */
265 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
266
267 /* retrieve value from R0 */
268 regs_p[0] = value;
269 arm9tdmi_read_core_regs(target, 0x1, regs_p);
270 jtag_execute_queue();
271
272 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
273 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
274 cp15_opcode, address, *value);
275 #endif
276
277 if (!is_arm_mode(armv4_5->core_mode))
278 return ERROR_FAIL;
279
280 r[0].dirty = 1;
281 r[1].dirty = 1;
282
283 return ERROR_OK;
284 }
285
286 static
287 int arm920t_write_cp15_interpreted(struct target *target,
288 uint32_t cp15_opcode, uint32_t value, uint32_t address)
289 {
290 uint32_t cp15c15 = 0x0;
291 struct arm *armv4_5 = target_to_arm(target);
292 uint32_t regs[2];
293 struct reg *r = armv4_5->core_cache->reg_list;
294
295 /* load value, address into R0, R1 */
296 regs[0] = value;
297 regs[1] = address;
298 arm9tdmi_write_core_regs(target, 0x3, regs);
299
300 /* read-modify-write CP15 test state register
301 * to enable interpreted access mode */
302 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
303 jtag_execute_queue();
304 cp15c15 |= 1; /* set interpret mode */
305 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
306
307 /* execute CP15 instruction and ARM store (writing to coprocessor) */
308 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
309
310 /* disable interpreted access mode */
311 cp15c15 &= ~1U; /* set interpret mode */
312 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
313
314 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
315 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
316 cp15_opcode, value, address);
317 #endif
318
319 if (!is_arm_mode(armv4_5->core_mode))
320 return ERROR_FAIL;
321
322 r[0].dirty = 1;
323 r[1].dirty = 1;
324
325 return ERROR_OK;
326 }
327
328 // EXPORTED to FA256
329 int arm920t_get_ttb(struct target *target, uint32_t *result)
330 {
331 int retval;
332 uint32_t ttb = 0x0;
333
334 if ((retval = arm920t_read_cp15_interpreted(target,
335 /* FIXME use opcode macro */
336 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
337 return retval;
338
339 *result = ttb;
340 return ERROR_OK;
341 }
342
343 // EXPORTED to FA256
344 int arm920t_disable_mmu_caches(struct target *target, int mmu,
345 int d_u_cache, int i_cache)
346 {
347 uint32_t cp15_control;
348 int retval;
349
350 /* read cp15 control register */
351 retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
352 if (retval != ERROR_OK)
353 return retval;
354 retval = jtag_execute_queue();
355 if (retval != ERROR_OK)
356 return retval;
357
358 if (mmu)
359 cp15_control &= ~0x1U;
360
361 if (d_u_cache)
362 cp15_control &= ~0x4U;
363
364 if (i_cache)
365 cp15_control &= ~0x1000U;
366
367 retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
368 return retval;
369 }
370
371 // EXPORTED to FA256
372 int arm920t_enable_mmu_caches(struct target *target, int mmu,
373 int d_u_cache, int i_cache)
374 {
375 uint32_t cp15_control;
376 int retval;
377
378 /* read cp15 control register */
379 retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
380 if (retval != ERROR_OK)
381 return retval;
382 retval = jtag_execute_queue();
383 if (retval != ERROR_OK)
384 return retval;
385
386 if (mmu)
387 cp15_control |= 0x1U;
388
389 if (d_u_cache)
390 cp15_control |= 0x4U;
391
392 if (i_cache)
393 cp15_control |= 0x1000U;
394
395 retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
396 return retval;
397 }
398
399 // EXPORTED to FA256
400 int arm920t_post_debug_entry(struct target *target)
401 {
402 uint32_t cp15c15;
403 struct arm920t_common *arm920t = target_to_arm920(target);
404 int retval;
405
406 /* examine cp15 control reg */
407 retval = arm920t_read_cp15_physical(target,
408 CP15PHYS_CTRL, &arm920t->cp15_control_reg);
409 if (retval != ERROR_OK)
410 return retval;
411 retval = jtag_execute_queue();
412 if (retval != ERROR_OK)
413 return retval;
414 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, arm920t->cp15_control_reg);
415
416 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
417 {
418 uint32_t cache_type_reg;
419 /* identify caches */
420 retval = arm920t_read_cp15_physical(target,
421 CP15PHYS_CACHETYPE, &cache_type_reg);
422 if (retval != ERROR_OK)
423 return retval;
424 retval = jtag_execute_queue();
425 if (retval != ERROR_OK)
426 return retval;
427 armv4_5_identify_cache(cache_type_reg,
428 &arm920t->armv4_5_mmu.armv4_5_cache);
429 }
430
431 arm920t->armv4_5_mmu.mmu_enabled =
432 (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
433 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
434 (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
435 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
436 (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
437
438 /* save i/d fault status and address register */
439 /* FIXME use opcode macros */
440 retval = arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
441 if (retval != ERROR_OK)
442 return retval;
443 retval = arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
444 if (retval != ERROR_OK)
445 return retval;
446 retval = arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
447 if (retval != ERROR_OK)
448 return retval;
449 retval = arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
450 if (retval != ERROR_OK)
451 return retval;
452
453 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32
454 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32,
455 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
456
457 if (arm920t->preserve_cache)
458 {
459 /* read-modify-write CP15 test state register
460 * to disable I/D-cache linefills */
461 retval = arm920t_read_cp15_physical(target,
462 CP15PHYS_TESTSTATE, &cp15c15);
463 if (retval != ERROR_OK)
464 return retval;
465 retval = jtag_execute_queue();
466 if (retval != ERROR_OK)
467 return retval;
468 cp15c15 |= 0x600;
469 retval = arm920t_write_cp15_physical(target,
470 CP15PHYS_TESTSTATE, cp15c15);
471 if (retval != ERROR_OK)
472 return retval;
473 }
474 return ERROR_OK;
475 }
476
477 // EXPORTED to FA256
478 void arm920t_pre_restore_context(struct target *target)
479 {
480 uint32_t cp15c15;
481 struct arm920t_common *arm920t = target_to_arm920(target);
482
483 /* restore i/d fault status and address register */
484 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
485 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
486 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
487 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
488
489 /* read-modify-write CP15 test state register
490 * to reenable I/D-cache linefills */
491 if (arm920t->preserve_cache)
492 {
493 arm920t_read_cp15_physical(target,
494 CP15PHYS_TESTSTATE, &cp15c15);
495 jtag_execute_queue();
496 cp15c15 &= ~0x600U;
497 arm920t_write_cp15_physical(target,
498 CP15PHYS_TESTSTATE, cp15c15);
499 }
500 }
501
502 static const char arm920_not[] = "target is not an ARM920";
503
504 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
505 struct arm920t_common *arm920t)
506 {
507 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
508 command_print(cmd_ctx, arm920_not);
509 return ERROR_TARGET_INVALID;
510 }
511
512 return ERROR_OK;
513 }
514
515 /** Logs summary of ARM920 state for a halted target. */
516 int arm920t_arch_state(struct target *target)
517 {
518 static const char *state[] =
519 {
520 "disabled", "enabled"
521 };
522
523 struct arm920t_common *arm920t = target_to_arm920(target);
524 struct arm *armv4_5;
525
526 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
527 {
528 LOG_ERROR("BUG: %s", arm920_not);
529 return ERROR_TARGET_INVALID;
530 }
531
532 armv4_5 = &arm920t->arm7_9_common.armv4_5_common;
533
534 arm_arch_state(target);
535 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
536 state[arm920t->armv4_5_mmu.mmu_enabled],
537 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
538 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
539
540 return ERROR_OK;
541 }
542
543 static int arm920_mmu(struct target *target, int *enabled)
544 {
545 if (target->state != TARGET_HALTED) {
546 LOG_ERROR("%s: target not halted", __func__);
547 return ERROR_TARGET_INVALID;
548 }
549
550 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
551 return ERROR_OK;
552 }
553
554 static int arm920_virt2phys(struct target *target,
555 uint32_t virt, uint32_t *phys)
556 {
557 uint32_t cb;
558 struct arm920t_common *arm920t = target_to_arm920(target);
559
560 uint32_t ret;
561 int retval = armv4_5_mmu_translate_va(target,
562 &arm920t->armv4_5_mmu, virt, &cb, &ret);
563 if (retval != ERROR_OK)
564 return retval;
565 *phys = ret;
566 return ERROR_OK;
567 }
568
569 /** Reads a buffer, in the specified word size, with current MMU settings. */
570 int arm920t_read_memory(struct target *target, uint32_t address,
571 uint32_t size, uint32_t count, uint8_t *buffer)
572 {
573 int retval;
574
575 retval = arm7_9_read_memory(target, address, size, count, buffer);
576
577 return retval;
578 }
579
580
581 static int arm920t_read_phys_memory(struct target *target,
582 uint32_t address, uint32_t size,
583 uint32_t count, uint8_t *buffer)
584 {
585 struct arm920t_common *arm920t = target_to_arm920(target);
586
587 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
588 address, size, count, buffer);
589 }
590
591 static int arm920t_write_phys_memory(struct target *target,
592 uint32_t address, uint32_t size,
593 uint32_t count, uint8_t *buffer)
594 {
595 struct arm920t_common *arm920t = target_to_arm920(target);
596
597 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
598 address, size, count, buffer);
599 }
600
601
602 /** Writes a buffer, in the specified word size, with current MMU settings. */
603 int arm920t_write_memory(struct target *target, uint32_t address,
604 uint32_t size, uint32_t count, uint8_t *buffer)
605 {
606 int retval;
607 const uint32_t cache_mask = ~0x1f; /* cache line size : 32 byte */
608 struct arm920t_common *arm920t = target_to_arm920(target);
609
610 /* FIX!!!! this should be cleaned up and made much more general. The
611 * plan is to write up and test on arm920t specifically and
612 * then generalize and clean up afterwards.
613 *
614 * Also it should be moved to the callbacks that handle breakpoints
615 * specifically and not the generic memory write fn's. See XScale code.
616 */
617 if (arm920t->armv4_5_mmu.mmu_enabled && (count == 1) &&
618 ((size==2) || (size==4)))
619 {
620 /* special case the handling of single word writes to
621 * bypass MMU, to allow implementation of breakpoints
622 * in memory marked read only
623 * by MMU
624 */
625 uint32_t cb;
626 uint32_t pa;
627
628 /*
629 * We need physical address and cb
630 */
631 retval = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu,
632 address, &cb, &pa);
633 if (retval != ERROR_OK)
634 return retval;
635
636 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
637 {
638 if (cb & 0x1)
639 {
640 LOG_DEBUG("D-Cache buffered, "
641 "drain write buffer");
642 /*
643 * Buffered ?
644 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
645 */
646
647 retval = arm920t_write_cp15_interpreted(target,
648 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
649 0x0, 0);
650 if (retval != ERROR_OK)
651 return retval;
652 }
653
654 if (cb == 0x3)
655 {
656 /*
657 * Write back memory ? -> clean cache
658 *
659 * There is no way to clean cache lines using
660 * cp15 scan chain, so copy the full cache
661 * line from cache to physical memory.
662 */
663 uint8_t data[32];
664
665 LOG_DEBUG("D-Cache in 'write back' mode, "
666 "flush cache line");
667
668 retval = target_read_memory(target,
669 address & cache_mask, 1,
670 sizeof(data), &data[0]);
671 if (retval != ERROR_OK)
672 return retval;
673
674 retval = armv4_5_mmu_write_physical(target,
675 &arm920t->armv4_5_mmu,
676 pa & cache_mask, 1,
677 sizeof(data), &data[0]);
678 if (retval != ERROR_OK)
679 return retval;
680 }
681
682 /* Cached ? */
683 if (cb & 0x2)
684 {
685 /*
686 * Cached ? -> Invalidate data cache using MVA
687 *
688 * MCR p15,0,Rd,c7,c6,1
689 */
690 LOG_DEBUG("D-Cache enabled, "
691 "invalidate cache line");
692
693 retval = arm920t_write_cp15_interpreted(target,
694 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
695 address & cache_mask);
696 if (retval != ERROR_OK)
697 return retval;
698 }
699 }
700
701 /* write directly to physical memory,
702 * bypassing any read only MMU bits, etc.
703 */
704 retval = armv4_5_mmu_write_physical(target,
705 &arm920t->armv4_5_mmu, pa, size,
706 count, buffer);
707 if (retval != ERROR_OK)
708 return retval;
709 } else
710 {
711 if ((retval = arm7_9_write_memory(target, address,
712 size, count, buffer)) != ERROR_OK)
713 return retval;
714 }
715
716 /* If ICache is enabled, we have to invalidate affected ICache lines
717 * the DCache is forced to write-through,
718 * so we don't have to clean it here
719 */
720 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
721 {
722 if (count <= 1)
723 {
724 /* invalidate ICache single entry with MVA
725 * mcr 15, 0, r0, cr7, cr5, {1}
726 */
727 LOG_DEBUG("I-Cache enabled, "
728 "invalidating affected I-Cache line");
729 retval = arm920t_write_cp15_interpreted(target,
730 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
731 0x0, address & cache_mask);
732 if (retval != ERROR_OK)
733 return retval;
734 }
735 else
736 {
737 /* invalidate ICache
738 * mcr 15, 0, r0, cr7, cr5, {0}
739 */
740 retval = arm920t_write_cp15_interpreted(target,
741 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
742 0x0, 0x0);
743 if (retval != ERROR_OK)
744 return retval;
745 }
746 }
747
748 return ERROR_OK;
749 }
750
751 // EXPORTED to FA256
752 int arm920t_soft_reset_halt(struct target *target)
753 {
754 int retval = ERROR_OK;
755 struct arm920t_common *arm920t = target_to_arm920(target);
756 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
757 struct arm *armv4_5 = &arm7_9->armv4_5_common;
758 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
759
760 if ((retval = target_halt(target)) != ERROR_OK)
761 {
762 return retval;
763 }
764
765 long long then = timeval_ms();
766 int timeout;
767 while (!(timeout = ((timeval_ms()-then) > 1000)))
768 {
769 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1)
770 == 0)
771 {
772 embeddedice_read_reg(dbg_stat);
773 if ((retval = jtag_execute_queue()) != ERROR_OK)
774 {
775 return retval;
776 }
777 } else
778 {
779 break;
780 }
781 if (debug_level >= 3)
782 {
783 /* do not eat all CPU, time out after 1 se*/
784 alive_sleep(100);
785 } else
786 {
787 keep_alive();
788 }
789 }
790 if (timeout)
791 {
792 LOG_ERROR("Failed to halt CPU after 1 sec");
793 return ERROR_TARGET_TIMEOUT;
794 }
795
796 target->state = TARGET_HALTED;
797
798 /* SVC, ARM state, IRQ and FIQ disabled */
799 uint32_t cpsr;
800
801 cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 32);
802 cpsr &= ~0xff;
803 cpsr |= 0xd3;
804 arm_set_cpsr(armv4_5, cpsr);
805 armv4_5->cpsr->dirty = 1;
806
807 /* start fetching from 0x0 */
808 buf_set_u32(armv4_5->pc->value, 0, 32, 0x0);
809 armv4_5->pc->dirty = 1;
810 armv4_5->pc->valid = 1;
811
812 arm920t_disable_mmu_caches(target, 1, 1, 1);
813 arm920t->armv4_5_mmu.mmu_enabled = 0;
814 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
815 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
816
817 return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
818 }
819
820 /* FIXME remove forward decls */
821 static int arm920t_mrc(struct target *target, int cpnum,
822 uint32_t op1, uint32_t op2,
823 uint32_t CRn, uint32_t CRm,
824 uint32_t *value);
825 static int arm920t_mcr(struct target *target, int cpnum,
826 uint32_t op1, uint32_t op2,
827 uint32_t CRn, uint32_t CRm,
828 uint32_t value);
829
830 static int arm920t_init_arch_info(struct target *target,
831 struct arm920t_common *arm920t, struct jtag_tap *tap)
832 {
833 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
834
835 arm7_9->armv4_5_common.mrc = arm920t_mrc;
836 arm7_9->armv4_5_common.mcr = arm920t_mcr;
837
838 /* initialize arm7/arm9 specific info (including armv4_5) */
839 arm9tdmi_init_arch_info(target, arm7_9, tap);
840
841 arm920t->common_magic = ARM920T_COMMON_MAGIC;
842
843 arm7_9->post_debug_entry = arm920t_post_debug_entry;
844 arm7_9->pre_restore_context = arm920t_pre_restore_context;
845
846 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
847 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
848 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
849 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
850 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
851 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
852 arm920t->armv4_5_mmu.has_tiny_pages = 1;
853 arm920t->armv4_5_mmu.mmu_enabled = 0;
854
855 /* disabling linefills leads to lockups, so keep them enabled for now
856 * this doesn't affect correctness, but might affect timing issues, if
857 * important data is evicted from the cache during the debug session
858 * */
859 arm920t->preserve_cache = 0;
860
861 /* override hw single-step capability from ARM9TDMI */
862 arm7_9->has_single_step = 1;
863
864 return ERROR_OK;
865 }
866
867 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
868 {
869 struct arm920t_common *arm920t;
870
871 arm920t = calloc(1,sizeof(struct arm920t_common));
872 return arm920t_init_arch_info(target, arm920t, target->tap);
873 }
874
875 COMMAND_HANDLER(arm920t_handle_read_cache_command)
876 {
877 int retval = ERROR_OK;
878 struct target *target = get_current_target(CMD_CTX);
879 struct arm920t_common *arm920t = target_to_arm920(target);
880 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
881 struct arm *armv4_5 = &arm7_9->armv4_5_common;
882 uint32_t cp15c15;
883 uint32_t cp15_ctrl, cp15_ctrl_saved;
884 uint32_t regs[16];
885 uint32_t *regs_p[16];
886 uint32_t C15_C_D_Ind, C15_C_I_Ind;
887 int i;
888 FILE *output;
889 struct arm920t_cache_line d_cache[8][64], i_cache[8][64];
890 int segment, index_t;
891 struct reg *r;
892
893 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
894 if (retval != ERROR_OK)
895 return retval;
896
897 if (CMD_ARGC != 1)
898 {
899 command_print(CMD_CTX, "usage: arm920t read_cache <filename>");
900 return ERROR_OK;
901 }
902
903 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
904 {
905 LOG_DEBUG("error opening cache content file");
906 return ERROR_OK;
907 }
908
909 for (i = 0; i < 16; i++)
910 regs_p[i] = &regs[i];
911
912 /* disable MMU and Caches */
913 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
914 if ((retval = jtag_execute_queue()) != ERROR_OK)
915 {
916 return retval;
917 }
918 cp15_ctrl_saved = cp15_ctrl;
919 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
920 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
921 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
922
923 /* read CP15 test state register */
924 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
925 jtag_execute_queue();
926
927 /* read DCache content */
928 fprintf(output, "DCache:\n");
929
930 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
931 for (segment = 0;
932 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
933 segment++)
934 {
935 fprintf(output, "\nsegment: %i\n----------", segment);
936
937 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
938 regs[0] = 0x0 | (segment << 5);
939 arm9tdmi_write_core_regs(target, 0x1, regs);
940
941 /* set interpret mode */
942 cp15c15 |= 0x1;
943 arm920t_write_cp15_physical(target,
944 CP15PHYS_TESTSTATE, cp15c15);
945
946 /* D CAM Read, loads current victim into C15.C.D.Ind */
947 arm920t_execute_cp15(target,
948 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
949
950 /* read current victim */
951 arm920t_read_cp15_physical(target,
952 CP15PHYS_DCACHE_IDX, &C15_C_D_Ind);
953
954 /* clear interpret mode */
955 cp15c15 &= ~0x1;
956 arm920t_write_cp15_physical(target,
957 CP15PHYS_TESTSTATE, cp15c15);
958
959 for (index_t = 0; index_t < 64; index_t++)
960 {
961 /* Ra:
962 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
963 */
964 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
965 arm9tdmi_write_core_regs(target, 0x1, regs);
966
967 /* set interpret mode */
968 cp15c15 |= 0x1;
969 arm920t_write_cp15_physical(target,
970 CP15PHYS_TESTSTATE, cp15c15);
971
972 /* Write DCache victim */
973 arm920t_execute_cp15(target,
974 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
975
976 /* Read D RAM */
977 arm920t_execute_cp15(target,
978 ARMV4_5_MCR(15,2,0,15,10,2),
979 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
980
981 /* Read D CAM */
982 arm920t_execute_cp15(target,
983 ARMV4_5_MCR(15,2,0,15,6,2),
984 ARMV4_5_LDR(9, 0));
985
986 /* clear interpret mode */
987 cp15c15 &= ~0x1;
988 arm920t_write_cp15_physical(target,
989 CP15PHYS_TESTSTATE, cp15c15);
990
991 /* read D RAM and CAM content */
992 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
993 if ((retval = jtag_execute_queue()) != ERROR_OK)
994 {
995 return retval;
996 }
997
998 d_cache[segment][index_t].cam = regs[9];
999
1000 /* mask LFSR[6] */
1001 regs[9] &= 0xfffffffe;
1002 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8"
1003 PRIx32 ", content (%s):\n",
1004 segment, index_t, regs[9],
1005 (regs[9] & 0x10) ? "valid" : "invalid");
1006
1007 for (i = 1; i < 9; i++)
1008 {
1009 d_cache[segment][index_t].data[i] = regs[i];
1010 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
1011 i-1, regs[i]);
1012 }
1013
1014 }
1015
1016 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1017 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
1018 arm9tdmi_write_core_regs(target, 0x1, regs);
1019
1020 /* set interpret mode */
1021 cp15c15 |= 0x1;
1022 arm920t_write_cp15_physical(target,
1023 CP15PHYS_TESTSTATE, cp15c15);
1024
1025 /* Write DCache victim */
1026 arm920t_execute_cp15(target,
1027 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
1028
1029 /* clear interpret mode */
1030 cp15c15 &= ~0x1;
1031 arm920t_write_cp15_physical(target,
1032 CP15PHYS_TESTSTATE, cp15c15);
1033 }
1034
1035 /* read ICache content */
1036 fprintf(output, "ICache:\n");
1037
1038 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1039 for (segment = 0;
1040 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
1041 segment++)
1042 {
1043 fprintf(output, "segment: %i\n----------", segment);
1044
1045 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1046 regs[0] = 0x0 | (segment << 5);
1047 arm9tdmi_write_core_regs(target, 0x1, regs);
1048
1049 /* set interpret mode */
1050 cp15c15 |= 0x1;
1051 arm920t_write_cp15_physical(target,
1052 CP15PHYS_TESTSTATE, cp15c15);
1053
1054 /* I CAM Read, loads current victim into C15.C.I.Ind */
1055 arm920t_execute_cp15(target,
1056 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1057
1058 /* read current victim */
1059 arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,
1060 &C15_C_I_Ind);
1061
1062 /* clear interpret mode */
1063 cp15c15 &= ~0x1;
1064 arm920t_write_cp15_physical(target,
1065 CP15PHYS_TESTSTATE, cp15c15);
1066
1067 for (index_t = 0; index_t < 64; index_t++)
1068 {
1069 /* Ra:
1070 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1071 */
1072 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
1073 arm9tdmi_write_core_regs(target, 0x1, regs);
1074
1075 /* set interpret mode */
1076 cp15c15 |= 0x1;
1077 arm920t_write_cp15_physical(target,
1078 CP15PHYS_TESTSTATE, cp15c15);
1079
1080 /* Write ICache victim */
1081 arm920t_execute_cp15(target,
1082 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1083
1084 /* Read I RAM */
1085 arm920t_execute_cp15(target,
1086 ARMV4_5_MCR(15,2,0,15,9,2),
1087 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1088
1089 /* Read I CAM */
1090 arm920t_execute_cp15(target,
1091 ARMV4_5_MCR(15,2,0,15,5,2),
1092 ARMV4_5_LDR(9, 0));
1093
1094 /* clear interpret mode */
1095 cp15c15 &= ~0x1;
1096 arm920t_write_cp15_physical(target,
1097 CP15PHYS_TESTSTATE, cp15c15);
1098
1099 /* read I RAM and CAM content */
1100 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
1101 if ((retval = jtag_execute_queue()) != ERROR_OK)
1102 {
1103 return retval;
1104 }
1105
1106 i_cache[segment][index_t].cam = regs[9];
1107
1108 /* mask LFSR[6] */
1109 regs[9] &= 0xfffffffe;
1110 fprintf(output, "\nsegment: %i, index: %i, "
1111 "CAM: 0x%8.8" PRIx32 ", content (%s):\n",
1112 segment, index_t, regs[9],
1113 (regs[9] & 0x10) ? "valid" : "invalid");
1114
1115 for (i = 1; i < 9; i++)
1116 {
1117 i_cache[segment][index_t].data[i] = regs[i];
1118 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
1119 i-1, regs[i]);
1120 }
1121 }
1122
1123 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1124 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
1125 arm9tdmi_write_core_regs(target, 0x1, regs);
1126
1127 /* set interpret mode */
1128 cp15c15 |= 0x1;
1129 arm920t_write_cp15_physical(target,
1130 CP15PHYS_TESTSTATE, cp15c15);
1131
1132 /* Write ICache victim */
1133 arm920t_execute_cp15(target,
1134 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1135
1136 /* clear interpret mode */
1137 cp15c15 &= ~0x1;
1138 arm920t_write_cp15_physical(target,
1139 CP15PHYS_TESTSTATE, cp15c15);
1140 }
1141
1142 /* restore CP15 MMU and Cache settings */
1143 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1144
1145 command_print(CMD_CTX, "cache content successfully output to %s",
1146 CMD_ARGV[0]);
1147
1148 fclose(output);
1149
1150 if (!is_arm_mode(armv4_5->core_mode))
1151 return ERROR_FAIL;
1152
1153 /* force writeback of the valid data */
1154 r = armv4_5->core_cache->reg_list;
1155 r[0].dirty = r[0].valid;
1156 r[1].dirty = r[1].valid;
1157 r[2].dirty = r[2].valid;
1158 r[3].dirty = r[3].valid;
1159 r[4].dirty = r[4].valid;
1160 r[5].dirty = r[5].valid;
1161 r[6].dirty = r[6].valid;
1162 r[7].dirty = r[7].valid;
1163
1164 r = arm_reg_current(armv4_5, 8);
1165 r->dirty = r->valid;
1166
1167 r = arm_reg_current(armv4_5, 9);
1168 r->dirty = r->valid;
1169
1170 return ERROR_OK;
1171 }
1172
1173 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
1174 {
1175 int retval = ERROR_OK;
1176 struct target *target = get_current_target(CMD_CTX);
1177 struct arm920t_common *arm920t = target_to_arm920(target);
1178 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1179 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1180 uint32_t cp15c15;
1181 uint32_t cp15_ctrl, cp15_ctrl_saved;
1182 uint32_t regs[16];
1183 uint32_t *regs_p[16];
1184 int i;
1185 FILE *output;
1186 uint32_t Dlockdown, Ilockdown;
1187 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
1188 int victim;
1189 struct reg *r;
1190
1191 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1192 if (retval != ERROR_OK)
1193 return retval;
1194
1195 if (CMD_ARGC != 1)
1196 {
1197 command_print(CMD_CTX, "usage: arm920t read_mmu <filename>");
1198 return ERROR_OK;
1199 }
1200
1201 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
1202 {
1203 LOG_DEBUG("error opening mmu content file");
1204 return ERROR_OK;
1205 }
1206
1207 for (i = 0; i < 16; i++)
1208 regs_p[i] = &regs[i];
1209
1210 /* disable MMU and Caches */
1211 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
1212 if ((retval = jtag_execute_queue()) != ERROR_OK)
1213 {
1214 return retval;
1215 }
1216 cp15_ctrl_saved = cp15_ctrl;
1217 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
1218 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1219 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
1220
1221 /* read CP15 test state register */
1222 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
1223 if ((retval = jtag_execute_queue()) != ERROR_OK)
1224 {
1225 return retval;
1226 }
1227
1228 /* prepare reading D TLB content
1229 * */
1230
1231 /* set interpret mode */
1232 cp15c15 |= 0x1;
1233 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1234
1235 /* Read D TLB lockdown */
1236 arm920t_execute_cp15(target,
1237 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1238
1239 /* clear interpret mode */
1240 cp15c15 &= ~0x1;
1241 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1242
1243 /* read D TLB lockdown stored to r1 */
1244 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1245 if ((retval = jtag_execute_queue()) != ERROR_OK)
1246 {
1247 return retval;
1248 }
1249 Dlockdown = regs[1];
1250
1251 for (victim = 0; victim < 64; victim += 8)
1252 {
1253 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1254 * base remains unchanged, victim goes through entries 0 to 63
1255 */
1256 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1257 arm9tdmi_write_core_regs(target, 0x2, regs);
1258
1259 /* set interpret mode */
1260 cp15c15 |= 0x1;
1261 arm920t_write_cp15_physical(target,
1262 CP15PHYS_TESTSTATE, cp15c15);
1263
1264 /* Write D TLB lockdown */
1265 arm920t_execute_cp15(target,
1266 ARMV4_5_MCR(15,0,0,10,0,0),
1267 ARMV4_5_STR(1, 0));
1268
1269 /* Read D TLB CAM */
1270 arm920t_execute_cp15(target,
1271 ARMV4_5_MCR(15,4,0,15,6,4),
1272 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1273
1274 /* clear interpret mode */
1275 cp15c15 &= ~0x1;
1276 arm920t_write_cp15_physical(target,
1277 CP15PHYS_TESTSTATE, cp15c15);
1278
1279 /* read D TLB CAM content stored to r2-r9 */
1280 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1281 if ((retval = jtag_execute_queue()) != ERROR_OK)
1282 {
1283 return retval;
1284 }
1285
1286 for (i = 0; i < 8; i++)
1287 d_tlb[victim + i].cam = regs[i + 2];
1288 }
1289
1290 for (victim = 0; victim < 64; victim++)
1291 {
1292 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1293 * base remains unchanged, victim goes through entries 0 to 63
1294 */
1295 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1296 arm9tdmi_write_core_regs(target, 0x2, regs);
1297
1298 /* set interpret mode */
1299 cp15c15 |= 0x1;
1300 arm920t_write_cp15_physical(target,
1301 CP15PHYS_TESTSTATE, cp15c15);
1302
1303 /* Write D TLB lockdown */
1304 arm920t_execute_cp15(target,
1305 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1306
1307 /* Read D TLB RAM1 */
1308 arm920t_execute_cp15(target,
1309 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1310
1311 /* Read D TLB RAM2 */
1312 arm920t_execute_cp15(target,
1313 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1314
1315 /* clear interpret mode */
1316 cp15c15 &= ~0x1;
1317 arm920t_write_cp15_physical(target,
1318 CP15PHYS_TESTSTATE, cp15c15);
1319
1320 /* read D TLB RAM content stored to r2 and r3 */
1321 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1322 if ((retval = jtag_execute_queue()) != ERROR_OK)
1323 {
1324 return retval;
1325 }
1326
1327 d_tlb[victim].ram1 = regs[2];
1328 d_tlb[victim].ram2 = regs[3];
1329 }
1330
1331 /* restore D TLB lockdown */
1332 regs[1] = Dlockdown;
1333 arm9tdmi_write_core_regs(target, 0x2, regs);
1334
1335 /* Write D TLB lockdown */
1336 arm920t_execute_cp15(target,
1337 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1338
1339 /* prepare reading I TLB content
1340 * */
1341
1342 /* set interpret mode */
1343 cp15c15 |= 0x1;
1344 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1345
1346 /* Read I TLB lockdown */
1347 arm920t_execute_cp15(target,
1348 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1349
1350 /* clear interpret mode */
1351 cp15c15 &= ~0x1;
1352 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1353
1354 /* read I TLB lockdown stored to r1 */
1355 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1356 if ((retval = jtag_execute_queue()) != ERROR_OK)
1357 {
1358 return retval;
1359 }
1360 Ilockdown = regs[1];
1361
1362 for (victim = 0; victim < 64; victim += 8)
1363 {
1364 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1365 * base remains unchanged, victim goes through entries 0 to 63
1366 */
1367 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1368 arm9tdmi_write_core_regs(target, 0x2, regs);
1369
1370 /* set interpret mode */
1371 cp15c15 |= 0x1;
1372 arm920t_write_cp15_physical(target,
1373 CP15PHYS_TESTSTATE, cp15c15);
1374
1375 /* Write I TLB lockdown */
1376 arm920t_execute_cp15(target,
1377 ARMV4_5_MCR(15,0,0,10,0,1),
1378 ARMV4_5_STR(1, 0));
1379
1380 /* Read I TLB CAM */
1381 arm920t_execute_cp15(target,
1382 ARMV4_5_MCR(15,4,0,15,5,4),
1383 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1384
1385 /* clear interpret mode */
1386 cp15c15 &= ~0x1;
1387 arm920t_write_cp15_physical(target,
1388 CP15PHYS_TESTSTATE, cp15c15);
1389
1390 /* read I TLB CAM content stored to r2-r9 */
1391 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1392 if ((retval = jtag_execute_queue()) != ERROR_OK)
1393 {
1394 return retval;
1395 }
1396
1397 for (i = 0; i < 8; i++)
1398 i_tlb[i + victim].cam = regs[i + 2];
1399 }
1400
1401 for (victim = 0; victim < 64; victim++)
1402 {
1403 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1404 * base remains unchanged, victim goes through entries 0 to 63
1405 */
1406 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1407 arm9tdmi_write_core_regs(target, 0x2, regs);
1408
1409 /* set interpret mode */
1410 cp15c15 |= 0x1;
1411 arm920t_write_cp15_physical(target,
1412 CP15PHYS_TESTSTATE, cp15c15);
1413
1414 /* Write I TLB lockdown */
1415 arm920t_execute_cp15(target,
1416 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1417
1418 /* Read I TLB RAM1 */
1419 arm920t_execute_cp15(target,
1420 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1421
1422 /* Read I TLB RAM2 */
1423 arm920t_execute_cp15(target,
1424 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1425
1426 /* clear interpret mode */
1427 cp15c15 &= ~0x1;
1428 arm920t_write_cp15_physical(target,
1429 CP15PHYS_TESTSTATE, cp15c15);
1430
1431 /* read I TLB RAM content stored to r2 and r3 */
1432 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1433 if ((retval = jtag_execute_queue()) != ERROR_OK)
1434 {
1435 return retval;
1436 }
1437
1438 i_tlb[victim].ram1 = regs[2];
1439 i_tlb[victim].ram2 = regs[3];
1440 }
1441
1442 /* restore I TLB lockdown */
1443 regs[1] = Ilockdown;
1444 arm9tdmi_write_core_regs(target, 0x2, regs);
1445
1446 /* Write I TLB lockdown */
1447 arm920t_execute_cp15(target,
1448 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1449
1450 /* restore CP15 MMU and Cache settings */
1451 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1452
1453 /* output data to file */
1454 fprintf(output, "D TLB content:\n");
1455 for (i = 0; i < 64; i++)
1456 {
1457 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1458 " 0x%8.8" PRIx32 " %s\n",
1459 i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2,
1460 (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1461 }
1462
1463 fprintf(output, "\n\nI TLB content:\n");
1464 for (i = 0; i < 64; i++)
1465 {
1466 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1467 " 0x%8.8" PRIx32 " %s\n",
1468 i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2,
1469 (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1470 }
1471
1472 command_print(CMD_CTX, "mmu content successfully output to %s",
1473 CMD_ARGV[0]);
1474
1475 fclose(output);
1476
1477 if (!is_arm_mode(armv4_5->core_mode))
1478 return ERROR_FAIL;
1479
1480 /* force writeback of the valid data */
1481 r = armv4_5->core_cache->reg_list;
1482 r[0].dirty = r[0].valid;
1483 r[1].dirty = r[1].valid;
1484 r[2].dirty = r[2].valid;
1485 r[3].dirty = r[3].valid;
1486 r[4].dirty = r[4].valid;
1487 r[5].dirty = r[5].valid;
1488 r[6].dirty = r[6].valid;
1489 r[7].dirty = r[7].valid;
1490
1491 r = arm_reg_current(armv4_5, 8);
1492 r->dirty = r->valid;
1493
1494 r = arm_reg_current(armv4_5, 9);
1495 r->dirty = r->valid;
1496
1497 return ERROR_OK;
1498 }
1499
1500 COMMAND_HANDLER(arm920t_handle_cp15_command)
1501 {
1502 int retval;
1503 struct target *target = get_current_target(CMD_CTX);
1504 struct arm920t_common *arm920t = target_to_arm920(target);
1505
1506 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1507 if (retval != ERROR_OK)
1508 return retval;
1509
1510 if (target->state != TARGET_HALTED)
1511 {
1512 command_print(CMD_CTX, "target must be stopped for "
1513 "\"%s\" command", CMD_NAME);
1514 return ERROR_OK;
1515 }
1516
1517 /* one argument, read a register.
1518 * two arguments, write it.
1519 */
1520 if (CMD_ARGC >= 1)
1521 {
1522 int address;
1523 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1524
1525 if (CMD_ARGC == 1)
1526 {
1527 uint32_t value;
1528 if ((retval = arm920t_read_cp15_physical(target,
1529 address, &value)) != ERROR_OK)
1530 {
1531 command_print(CMD_CTX,
1532 "couldn't access reg %i", address);
1533 return ERROR_OK;
1534 }
1535 if ((retval = jtag_execute_queue()) != ERROR_OK)
1536 {
1537 return retval;
1538 }
1539
1540 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1541 address, value);
1542 }
1543 else if (CMD_ARGC == 2)
1544 {
1545 uint32_t value;
1546 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1547 retval = arm920t_write_cp15_physical(target,
1548 address, value);
1549 if (retval != ERROR_OK)
1550 {
1551 command_print(CMD_CTX,
1552 "couldn't access reg %i", address);
1553 /* REVISIT why lie? "return retval"? */
1554 return ERROR_OK;
1555 }
1556 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1557 address, value);
1558 }
1559 }
1560
1561 return ERROR_OK;
1562 }
1563
1564 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1565 {
1566 int retval;
1567 struct target *target = get_current_target(CMD_CTX);
1568 struct arm920t_common *arm920t = target_to_arm920(target);
1569
1570 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1571 if (retval != ERROR_OK)
1572 return retval;
1573
1574
1575 if (target->state != TARGET_HALTED)
1576 {
1577 command_print(CMD_CTX, "target must be stopped for "
1578 "\"%s\" command", CMD_NAME);
1579 return ERROR_OK;
1580 }
1581
1582 /* one argument, read a register.
1583 * two arguments, write it.
1584 */
1585 if (CMD_ARGC >= 1)
1586 {
1587 uint32_t opcode;
1588 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1589
1590 if (CMD_ARGC == 1)
1591 {
1592 uint32_t value;
1593 retval = arm920t_read_cp15_interpreted(target,
1594 opcode, 0x0, &value);
1595 if (retval != ERROR_OK)
1596 {
1597 command_print(CMD_CTX,
1598 "couldn't execute %8.8" PRIx32,
1599 opcode);
1600 /* REVISIT why lie? "return retval"? */
1601 return ERROR_OK;
1602 }
1603
1604 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1605 opcode, value);
1606 }
1607 else if (CMD_ARGC == 2)
1608 {
1609 uint32_t value;
1610 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1611 retval = arm920t_write_cp15_interpreted(target,
1612 opcode, value, 0);
1613 if (retval != ERROR_OK)
1614 {
1615 command_print(CMD_CTX,
1616 "couldn't execute %8.8" PRIx32,
1617 opcode);
1618 /* REVISIT why lie? "return retval"? */
1619 return ERROR_OK;
1620 }
1621 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1622 opcode, value);
1623 }
1624 else if (CMD_ARGC == 3)
1625 {
1626 uint32_t value;
1627 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1628 uint32_t address;
1629 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1630 retval = arm920t_write_cp15_interpreted(target,
1631 opcode, value, address);
1632 if (retval != ERROR_OK)
1633 {
1634 command_print(CMD_CTX,
1635 "couldn't execute %8.8" PRIx32, opcode);
1636 /* REVISIT why lie? "return retval"? */
1637 return ERROR_OK;
1638 }
1639 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32
1640 " %8.8" PRIx32, opcode, value, address);
1641 }
1642 }
1643 else
1644 {
1645 command_print(CMD_CTX,
1646 "usage: arm920t cp15i <opcode> [value] [address]");
1647 }
1648
1649 return ERROR_OK;
1650 }
1651
1652 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1653 {
1654 int retval;
1655 struct target *target = get_current_target(CMD_CTX);
1656 struct arm920t_common *arm920t = target_to_arm920(target);
1657
1658 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1659 if (retval != ERROR_OK)
1660 return retval;
1661
1662 return armv4_5_handle_cache_info_command(CMD_CTX,
1663 &arm920t->armv4_5_mmu.armv4_5_cache);
1664 }
1665
1666
1667 static int arm920t_mrc(struct target *target, int cpnum,
1668 uint32_t op1, uint32_t op2,
1669 uint32_t CRn, uint32_t CRm,
1670 uint32_t *value)
1671 {
1672 if (cpnum!=15)
1673 {
1674 LOG_ERROR("Only cp15 is supported");
1675 return ERROR_FAIL;
1676 }
1677
1678 /* read "to" r0 */
1679 return arm920t_read_cp15_interpreted(target,
1680 ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),
1681 0, value);
1682 }
1683
1684 static int arm920t_mcr(struct target *target, int cpnum,
1685 uint32_t op1, uint32_t op2,
1686 uint32_t CRn, uint32_t CRm,
1687 uint32_t value)
1688 {
1689 if (cpnum!=15)
1690 {
1691 LOG_ERROR("Only cp15 is supported");
1692 return ERROR_FAIL;
1693 }
1694
1695 /* write "from" r0 */
1696 return arm920t_write_cp15_interpreted(target,
1697 ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),
1698 0, value);
1699 }
1700
1701 static const struct command_registration arm920t_exec_command_handlers[] = {
1702 {
1703 .name = "cp15",
1704 .handler = arm920t_handle_cp15_command,
1705 .mode = COMMAND_EXEC,
1706 .help = "display/modify cp15 register",
1707 .usage = "regnum [value]",
1708 },
1709 {
1710 .name = "cp15i",
1711 .handler = arm920t_handle_cp15i_command,
1712 .mode = COMMAND_EXEC,
1713 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1714 .help = "display/modify cp15 register using ARM opcode"
1715 " (DEPRECATED)",
1716 .usage = "instruction [value [address]]",
1717 },
1718 {
1719 .name = "cache_info",
1720 .handler = arm920t_handle_cache_info_command,
1721 .mode = COMMAND_EXEC,
1722 .help = "display information about target caches",
1723 },
1724 {
1725 .name = "read_cache",
1726 .handler = arm920t_handle_read_cache_command,
1727 .mode = COMMAND_EXEC,
1728 .help = "dump I/D cache content to file",
1729 .usage = "filename",
1730 },
1731 {
1732 .name = "read_mmu",
1733 .handler = arm920t_handle_read_mmu_command,
1734 .mode = COMMAND_EXEC,
1735 .help = "dump I/D mmu content to file",
1736 .usage = "filename",
1737 },
1738 COMMAND_REGISTRATION_DONE
1739 };
1740 const struct command_registration arm920t_command_handlers[] = {
1741 {
1742 .chain = arm9tdmi_command_handlers,
1743 },
1744 {
1745 .name = "arm920t",
1746 .mode = COMMAND_ANY,
1747 .help = "arm920t command group",
1748 .chain = arm920t_exec_command_handlers,
1749 },
1750 COMMAND_REGISTRATION_DONE
1751 };
1752
1753 /** Holds methods for ARM920 targets. */
1754 struct target_type arm920t_target =
1755 {
1756 .name = "arm920t",
1757
1758 .poll = arm7_9_poll,
1759 .arch_state = arm920t_arch_state,
1760
1761 .target_request_data = arm7_9_target_request_data,
1762
1763 .halt = arm7_9_halt,
1764 .resume = arm7_9_resume,
1765 .step = arm7_9_step,
1766
1767 .assert_reset = arm7_9_assert_reset,
1768 .deassert_reset = arm7_9_deassert_reset,
1769 .soft_reset_halt = arm920t_soft_reset_halt,
1770
1771 .get_gdb_reg_list = arm_get_gdb_reg_list,
1772
1773 .read_memory = arm920t_read_memory,
1774 .write_memory = arm920t_write_memory,
1775 .read_phys_memory = arm920t_read_phys_memory,
1776 .write_phys_memory = arm920t_write_phys_memory,
1777 .mmu = arm920_mmu,
1778 .virt2phys = arm920_virt2phys,
1779
1780 .bulk_write_memory = arm7_9_bulk_write_memory,
1781
1782 .checksum_memory = arm_checksum_memory,
1783 .blank_check_memory = arm_blank_check_memory,
1784
1785 .run_algorithm = armv4_5_run_algorithm,
1786
1787 .add_breakpoint = arm7_9_add_breakpoint,
1788 .remove_breakpoint = arm7_9_remove_breakpoint,
1789 .add_watchpoint = arm7_9_add_watchpoint,
1790 .remove_watchpoint = arm7_9_remove_watchpoint,
1791
1792 .commands = arm920t_command_handlers,
1793 .target_create = arm920t_target_create,
1794 .init_target = arm9tdmi_init_target,
1795 .examine = arm7_9_examine,
1796 .check_reset = arm7_9_check_reset,
1797 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)