Code Review / openocd.git / blob
? search:


d5ea0823b525dbef30e057cd3af583858f0d7429
[openocd.git] / src / target / arm926ejs.c
1 /***************************************************************************
2 * Copyright (C) 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2009 by Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
12 * *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
17 * *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
23 #ifdef HAVE_CONFIG_H
24 #include "config.h"
25 #endif
26
27 #include "arm926ejs.h"
28 #include "time_support.h"
29 #include "target_type.h"
30
31
32 #if 0
33 #define _DEBUG_INSTRUCTION_EXECUTION_
34 #endif
35
36 /* cli handling */
37 int arm926ejs_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
38 int arm926ejs_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
39 int arm926ejs_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
40 int arm926ejs_handle_md_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
41 int arm926ejs_handle_mw_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
42
43 int arm926ejs_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
44 int arm926ejs_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
45
46 /* forward declarations */
47 int arm926ejs_target_create(struct target_s *target, Jim_Interp *interp);
48 int arm926ejs_init_target(struct command_context_s *cmd_ctx, struct target_s *target);
49 int arm926ejs_quit(void);
50
51 int arm926ejs_read_phys_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer);
52 int arm926ejs_write_phys_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer);
53
54 static int arm926ejs_virt2phys(struct target_s *target, uint32_t virtual, uint32_t *physical);
55 static int arm926ejs_mmu(struct target_s *target, int *enabled);
56
57 target_type_t arm926ejs_target =
58 {
59 .name = "arm926ejs",
60
61 .poll = arm7_9_poll,
62 .arch_state = arm926ejs_arch_state,
63
64 .target_request_data = arm7_9_target_request_data,
65
66 .halt = arm7_9_halt,
67 .resume = arm7_9_resume,
68 .step = arm7_9_step,
69
70 .assert_reset = arm7_9_assert_reset,
71 .deassert_reset = arm7_9_deassert_reset,
72 .soft_reset_halt = arm926ejs_soft_reset_halt,
73
74 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
75
76 .read_memory = arm7_9_read_memory,
77 .write_memory = arm926ejs_write_memory,
78 .bulk_write_memory = arm7_9_bulk_write_memory,
79 .checksum_memory = arm7_9_checksum_memory,
80 .blank_check_memory = arm7_9_blank_check_memory,
81
82 .run_algorithm = armv4_5_run_algorithm,
83
84 .add_breakpoint = arm7_9_add_breakpoint,
85 .remove_breakpoint = arm7_9_remove_breakpoint,
86 .add_watchpoint = arm7_9_add_watchpoint,
87 .remove_watchpoint = arm7_9_remove_watchpoint,
88
89 .register_commands = arm926ejs_register_commands,
90 .target_create = arm926ejs_target_create,
91 .init_target = arm926ejs_init_target,
92 .examine = arm9tdmi_examine,
93 .quit = arm926ejs_quit,
94 .virt2phys = arm926ejs_virt2phys,
95 .mmu = arm926ejs_mmu,
96
97 .read_phys_memory = arm926ejs_read_phys_memory,
98 .write_phys_memory = arm926ejs_write_phys_memory,
99 };
100
101 int arm926ejs_catch_broken_irscan(uint8_t *captured, void *priv, scan_field_t *field)
102 {
103 /* FIX!!!! this code should be reenabled. For now it does not check
104 * the queue...*/
105 return 0;
106 #if 0
107 /* The ARM926EJ-S' instruction register is 4 bits wide */
108 uint8_t t = *captured & 0xf;
109 uint8_t t2 = *field->in_check_value & 0xf;
110 if (t == t2)
111 {
112 return ERROR_OK;
113 }
114 else if ((t == 0x0f) || (t == 0x00))
115 {
116 LOG_DEBUG("caught ARM926EJ-S invalid Capture-IR result after CP15 access");
117 return ERROR_OK;
118 }
119 return ERROR_JTAG_QUEUE_FAILED;;
120 #endif
121 }
122
123 #define ARM926EJS_CP15_ADDR(opcode_1, opcode_2, CRn, CRm) ((opcode_1 << 11) | (opcode_2 << 8) | (CRn << 4) | (CRm << 0))
124
125 int arm926ejs_cp15_read(target_t *target, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
126 {
127 int retval = ERROR_OK;
128 armv4_5_common_t *armv4_5 = target->arch_info;
129 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
130 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
131 uint32_t address = ARM926EJS_CP15_ADDR(op1, op2, CRn, CRm);
132 scan_field_t fields[4];
133 uint8_t address_buf[2];
134 uint8_t nr_w_buf = 0;
135 uint8_t access = 1;
136
137 buf_set_u32(address_buf, 0, 14, address);
138
139 jtag_set_end_state(TAP_IDLE);
140 if ((retval = arm_jtag_scann(jtag_info, 0xf)) != ERROR_OK)
141 {
142 return retval;
143 }
144 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
145
146 fields[0].tap = jtag_info->tap;
147 fields[0].num_bits = 32;
148 fields[0].out_value = NULL;
149 fields[0].in_value = (uint8_t *)value;
150
151
152 fields[1].tap = jtag_info->tap;
153 fields[1].num_bits = 1;
154 fields[1].out_value = &access;
155 fields[1].in_value = &access;
156
157 fields[2].tap = jtag_info->tap;
158 fields[2].num_bits = 14;
159 fields[2].out_value = address_buf;
160 fields[2].in_value = NULL;
161
162 fields[3].tap = jtag_info->tap;
163 fields[3].num_bits = 1;
164 fields[3].out_value = &nr_w_buf;
165 fields[3].in_value = NULL;
166
167 jtag_add_dr_scan(4, fields, jtag_get_end_state());
168
169 long long then = timeval_ms();
170
171 for (;;)
172 {
173 /* rescan with NOP, to wait for the access to complete */
174 access = 0;
175 nr_w_buf = 0;
176 jtag_add_dr_scan(4, fields, jtag_get_end_state());
177
178 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
179
180 if ((retval = jtag_execute_queue()) != ERROR_OK)
181 {
182 return retval;
183 }
184
185 if (buf_get_u32(&access, 0, 1) == 1)
186 {
187 break;
188 }
189
190 /* 10ms timeout */
191 if ((timeval_ms()-then)>10)
192 {
193 LOG_ERROR("cp15 read operation timed out");
194 return ERROR_FAIL;
195 }
196 }
197
198 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
199 LOG_DEBUG("addr: 0x%x value: %8.8x", address, *value);
200 #endif
201
202 arm_jtag_set_instr(jtag_info, 0xc, &arm926ejs_catch_broken_irscan);
203
204 return ERROR_OK;
205 }
206
207 int arm926ejs_cp15_write(target_t *target, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
208 {
209 int retval = ERROR_OK;
210 armv4_5_common_t *armv4_5 = target->arch_info;
211 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
212 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
213 uint32_t address = ARM926EJS_CP15_ADDR(op1, op2, CRn, CRm);
214 scan_field_t fields[4];
215 uint8_t value_buf[4];
216 uint8_t address_buf[2];
217 uint8_t nr_w_buf = 1;
218 uint8_t access = 1;
219
220 buf_set_u32(address_buf, 0, 14, address);
221 buf_set_u32(value_buf, 0, 32, value);
222
223 jtag_set_end_state(TAP_IDLE);
224 if ((retval = arm_jtag_scann(jtag_info, 0xf)) != ERROR_OK)
225 {
226 return retval;
227 }
228 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
229
230 fields[0].tap = jtag_info->tap;
231 fields[0].num_bits = 32;
232 fields[0].out_value = value_buf;
233 fields[0].in_value = NULL;
234
235 fields[1].tap = jtag_info->tap;
236 fields[1].num_bits = 1;
237 fields[1].out_value = &access;
238 fields[1].in_value = &access;
239
240 fields[2].tap = jtag_info->tap;
241 fields[2].num_bits = 14;
242 fields[2].out_value = address_buf;
243 fields[2].in_value = NULL;
244
245 fields[3].tap = jtag_info->tap;
246 fields[3].num_bits = 1;
247 fields[3].out_value = &nr_w_buf;
248 fields[3].in_value = NULL;
249
250 jtag_add_dr_scan(4, fields, jtag_get_end_state());
251
252 long long then = timeval_ms();
253
254 for (;;)
255 {
256 /* rescan with NOP, to wait for the access to complete */
257 access = 0;
258 nr_w_buf = 0;
259 jtag_add_dr_scan(4, fields, jtag_get_end_state());
260 if ((retval = jtag_execute_queue()) != ERROR_OK)
261 {
262 return retval;
263 }
264
265 if (buf_get_u32(&access, 0, 1) == 1)
266 {
267 break;
268 }
269
270 /* 10ms timeout */
271 if ((timeval_ms()-then)>10)
272 {
273 LOG_ERROR("cp15 write operation timed out");
274 return ERROR_FAIL;
275 }
276 }
277
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("addr: 0x%x value: %8.8x", address, value);
280 #endif
281
282 arm_jtag_set_instr(jtag_info, 0xf, &arm926ejs_catch_broken_irscan);
283
284 return ERROR_OK;
285 }
286
287 static int arm926ejs_examine_debug_reason(target_t *target)
288 {
289 armv4_5_common_t *armv4_5 = target->arch_info;
290 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
291 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
292 int debug_reason;
293 int retval;
294
295 embeddedice_read_reg(dbg_stat);
296 if ((retval = jtag_execute_queue()) != ERROR_OK)
297 return retval;
298
299 /* Method-Of-Entry (MOE) field */
300 debug_reason = buf_get_u32(dbg_stat->value, 6, 4);
301
302 switch (debug_reason)
303 {
304 case 0:
305 LOG_DEBUG("no *NEW* debug entry (?missed one?)");
306 /* ... since last restart or debug reset ... */
307 target->debug_reason = DBG_REASON_DBGRQ;
308 break;
309 case 1:
310 LOG_DEBUG("breakpoint from EICE unit 0");
311 target->debug_reason = DBG_REASON_BREAKPOINT;
312 break;
313 case 2:
314 LOG_DEBUG("breakpoint from EICE unit 1");
315 target->debug_reason = DBG_REASON_BREAKPOINT;
316 break;
317 case 3:
318 LOG_DEBUG("soft breakpoint (BKPT instruction)");
319 target->debug_reason = DBG_REASON_BREAKPOINT;
320 break;
321 case 4:
322 LOG_DEBUG("vector catch breakpoint");
323 target->debug_reason = DBG_REASON_BREAKPOINT;
324 break;
325 case 5:
326 LOG_DEBUG("external breakpoint");
327 target->debug_reason = DBG_REASON_BREAKPOINT;
328 break;
329 case 6:
330 LOG_DEBUG("watchpoint from EICE unit 0");
331 target->debug_reason = DBG_REASON_WATCHPOINT;
332 break;
333 case 7:
334 LOG_DEBUG("watchpoint from EICE unit 1");
335 target->debug_reason = DBG_REASON_WATCHPOINT;
336 break;
337 case 8:
338 LOG_DEBUG("external watchpoint");
339 target->debug_reason = DBG_REASON_WATCHPOINT;
340 break;
341 case 9:
342 LOG_DEBUG("internal debug request");
343 target->debug_reason = DBG_REASON_DBGRQ;
344 break;
345 case 10:
346 LOG_DEBUG("external debug request");
347 target->debug_reason = DBG_REASON_DBGRQ;
348 break;
349 case 11:
350 LOG_DEBUG("debug re-entry from system speed access");
351 /* This is normal when connecting to something that's
352 * already halted, or in some related code paths, but
353 * otherwise is surprising (and presumably wrong).
354 */
355 switch (target->debug_reason) {
356 case DBG_REASON_DBGRQ:
357 break;
358 default:
359 LOG_ERROR("unexpected -- debug re-entry");
360 /* FALLTHROUGH */
361 case DBG_REASON_UNDEFINED:
362 target->debug_reason = DBG_REASON_DBGRQ;
363 break;
364 }
365 break;
366 case 12:
367 /* FIX!!!! here be dragons!!! We need to fail here so
368 * the target will interpreted as halted but we won't
369 * try to talk to it right now... a resume + halt seems
370 * to sync things up again. Please send an email to
371 * openocd development mailing list if you have hardware
372 * to donate to look into this problem....
373 */
374 LOG_WARNING("WARNING: mystery debug reason MOE = 0xc. Try issuing a resume + halt.");
375 target->debug_reason = DBG_REASON_DBGRQ;
376 break;
377 default:
378 LOG_WARNING("WARNING: unknown debug reason: 0x%x", debug_reason);
379 /* Oh agony! should we interpret this as a halt request or
380 * that the target stopped on it's own accord?
381 */
382 target->debug_reason = DBG_REASON_DBGRQ;
383 /* if we fail here, we won't talk to the target and it will
384 * be reported to be in the halted state */
385 break;
386 }
387
388 return ERROR_OK;
389 }
390
391 uint32_t arm926ejs_get_ttb(target_t *target)
392 {
393 armv4_5_common_t *armv4_5 = target->arch_info;
394 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
395 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
396 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
397 int retval;
398 uint32_t ttb = 0x0;
399
400 if ((retval = arm926ejs->read_cp15(target, 0, 0, 2, 0, &ttb)) != ERROR_OK)
401 return retval;
402
403 return ttb;
404 }
405
406 void arm926ejs_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
407 {
408 armv4_5_common_t *armv4_5 = target->arch_info;
409 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
410 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
411 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
412 uint32_t cp15_control;
413
414 /* read cp15 control register */
415 arm926ejs->read_cp15(target, 0, 0, 1, 0, &cp15_control);
416 jtag_execute_queue();
417
418 if (mmu)
419 {
420 /* invalidate TLB */
421 arm926ejs->write_cp15(target, 0, 0, 8, 7, 0x0);
422
423 cp15_control &= ~0x1U;
424 }
425
426 if (d_u_cache)
427 {
428 uint32_t debug_override;
429 /* read-modify-write CP15 debug override register
430 * to enable "test and clean all" */
431 arm926ejs->read_cp15(target, 0, 0, 15, 0, &debug_override);
432 debug_override |= 0x80000;
433 arm926ejs->write_cp15(target, 0, 0, 15, 0, debug_override);
434
435 /* clean and invalidate DCache */
436 arm926ejs->write_cp15(target, 0, 0, 7, 5, 0x0);
437
438 /* write CP15 debug override register
439 * to disable "test and clean all" */
440 debug_override &= ~0x80000;
441 arm926ejs->write_cp15(target, 0, 0, 15, 0, debug_override);
442
443 cp15_control &= ~0x4U;
444 }
445
446 if (i_cache)
447 {
448 /* invalidate ICache */
449 arm926ejs->write_cp15(target, 0, 0, 7, 5, 0x0);
450
451 cp15_control &= ~0x1000U;
452 }
453
454 arm926ejs->write_cp15(target, 0, 0, 1, 0, cp15_control);
455 }
456
457 void arm926ejs_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
458 {
459 armv4_5_common_t *armv4_5 = target->arch_info;
460 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
461 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
462 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
463 uint32_t cp15_control;
464
465 /* read cp15 control register */
466 arm926ejs->read_cp15(target, 0, 0, 1, 0, &cp15_control);
467 jtag_execute_queue();
468
469 if (mmu)
470 cp15_control |= 0x1U;
471
472 if (d_u_cache)
473 cp15_control |= 0x4U;
474
475 if (i_cache)
476 cp15_control |= 0x1000U;
477
478 arm926ejs->write_cp15(target, 0, 0, 1, 0, cp15_control);
479 }
480
481 void arm926ejs_post_debug_entry(target_t *target)
482 {
483 armv4_5_common_t *armv4_5 = target->arch_info;
484 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
485 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
486 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
487
488 /* examine cp15 control reg */
489 arm926ejs->read_cp15(target, 0, 0, 1, 0, &arm926ejs->cp15_control_reg);
490 jtag_execute_queue();
491 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm926ejs->cp15_control_reg);
492
493 if (arm926ejs->armv4_5_mmu.armv4_5_cache.ctype == -1)
494 {
495 uint32_t cache_type_reg;
496 /* identify caches */
497 arm926ejs->read_cp15(target, 0, 1, 0, 0, &cache_type_reg);
498 jtag_execute_queue();
499 armv4_5_identify_cache(cache_type_reg, &arm926ejs->armv4_5_mmu.armv4_5_cache);
500 }
501
502 arm926ejs->armv4_5_mmu.mmu_enabled = (arm926ejs->cp15_control_reg & 0x1U) ? 1 : 0;
503 arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm926ejs->cp15_control_reg & 0x4U) ? 1 : 0;
504 arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm926ejs->cp15_control_reg & 0x1000U) ? 1 : 0;
505
506 /* save i/d fault status and address register */
507 arm926ejs->read_cp15(target, 0, 0, 5, 0, &arm926ejs->d_fsr);
508 arm926ejs->read_cp15(target, 0, 1, 5, 0, &arm926ejs->i_fsr);
509 arm926ejs->read_cp15(target, 0, 0, 6, 0, &arm926ejs->d_far);
510
511 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 "",
512 arm926ejs->d_fsr, arm926ejs->d_far, arm926ejs->i_fsr);
513
514 uint32_t cache_dbg_ctrl;
515
516 /* read-modify-write CP15 cache debug control register
517 * to disable I/D-cache linefills and force WT */
518 arm926ejs->read_cp15(target, 7, 0, 15, 0, &cache_dbg_ctrl);
519 cache_dbg_ctrl |= 0x7;
520 arm926ejs->write_cp15(target, 7, 0, 15, 0, cache_dbg_ctrl);
521 }
522
523 void arm926ejs_pre_restore_context(target_t *target)
524 {
525 armv4_5_common_t *armv4_5 = target->arch_info;
526 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
527 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
528 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
529
530 /* restore i/d fault status and address register */
531 arm926ejs->write_cp15(target, 0, 0, 5, 0, arm926ejs->d_fsr);
532 arm926ejs->write_cp15(target, 0, 1, 5, 0, arm926ejs->i_fsr);
533 arm926ejs->write_cp15(target, 0, 0, 6, 0, arm926ejs->d_far);
534
535 uint32_t cache_dbg_ctrl;
536
537 /* read-modify-write CP15 cache debug control register
538 * to reenable I/D-cache linefills and disable WT */
539 arm926ejs->read_cp15(target, 7, 0, 15, 0, &cache_dbg_ctrl);
540 cache_dbg_ctrl &= ~0x7;
541 arm926ejs->write_cp15(target, 7, 0, 15, 0, cache_dbg_ctrl);
542 }
543
544 int arm926ejs_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p, arm9tdmi_common_t **arm9tdmi_p, arm926ejs_common_t **arm926ejs_p)
545 {
546 armv4_5_common_t *armv4_5 = target->arch_info;
547 arm7_9_common_t *arm7_9;
548 arm9tdmi_common_t *arm9tdmi;
549 arm926ejs_common_t *arm926ejs;
550
551 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
552 {
553 return -1;
554 }
555
556 arm7_9 = armv4_5->arch_info;
557 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
558 {
559 return -1;
560 }
561
562 arm9tdmi = arm7_9->arch_info;
563 if (arm9tdmi->common_magic != ARM9TDMI_COMMON_MAGIC)
564 {
565 return -1;
566 }
567
568 arm926ejs = arm9tdmi->arch_info;
569 if (arm926ejs->common_magic != ARM926EJS_COMMON_MAGIC)
570 {
571 return -1;
572 }
573
574 *armv4_5_p = armv4_5;
575 *arm7_9_p = arm7_9;
576 *arm9tdmi_p = arm9tdmi;
577 *arm926ejs_p = arm926ejs;
578
579 return ERROR_OK;
580 }
581
582 int arm926ejs_arch_state(struct target_s *target)
583 {
584 armv4_5_common_t *armv4_5 = target->arch_info;
585 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
586 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
587 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
588
589 char *state[] =
590 {
591 "disabled", "enabled"
592 };
593
594 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
595 {
596 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
597 exit(-1);
598 }
599
600 LOG_USER(
601 "target halted in %s state due to %s, current mode: %s\n"
602 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
603 "MMU: %s, D-Cache: %s, I-Cache: %s",
604 armv4_5_state_strings[armv4_5->core_state],
605 Jim_Nvp_value2name_simple(nvp_target_debug_reason,target->debug_reason)->name,
606 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
607 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
608 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
609 state[arm926ejs->armv4_5_mmu.mmu_enabled],
610 state[arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
611 state[arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
612
613 return ERROR_OK;
614 }
615
616 int arm926ejs_soft_reset_halt(struct target_s *target)
617 {
618 int retval = ERROR_OK;
619 armv4_5_common_t *armv4_5 = target->arch_info;
620 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
621 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
622 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
623 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
624
625 if ((retval = target_halt(target)) != ERROR_OK)
626 {
627 return retval;
628 }
629
630 long long then = timeval_ms();
631 int timeout;
632 while (!(timeout = ((timeval_ms()-then) > 1000)))
633 {
634 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
635 {
636 embeddedice_read_reg(dbg_stat);
637 if ((retval = jtag_execute_queue()) != ERROR_OK)
638 {
639 return retval;
640 }
641 } else
642 {
643 break;
644 }
645 if (debug_level >= 1)
646 {
647 /* do not eat all CPU, time out after 1 se*/
648 alive_sleep(100);
649 } else
650 {
651 keep_alive();
652 }
653 }
654 if (timeout)
655 {
656 LOG_ERROR("Failed to halt CPU after 1 sec");
657 return ERROR_TARGET_TIMEOUT;
658 }
659
660 target->state = TARGET_HALTED;
661
662 /* SVC, ARM state, IRQ and FIQ disabled */
663 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
664 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
665 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
666
667 /* start fetching from 0x0 */
668 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
669 armv4_5->core_cache->reg_list[15].dirty = 1;
670 armv4_5->core_cache->reg_list[15].valid = 1;
671
672 armv4_5->core_mode = ARMV4_5_MODE_SVC;
673 armv4_5->core_state = ARMV4_5_STATE_ARM;
674
675 arm926ejs_disable_mmu_caches(target, 1, 1, 1);
676 arm926ejs->armv4_5_mmu.mmu_enabled = 0;
677 arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
678 arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
679
680 return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
681 }
682
683 int arm926ejs_write_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
684 {
685 int retval;
686 armv4_5_common_t *armv4_5 = target->arch_info;
687 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
688 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
689 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
690
691 /* FIX!!!! this should be cleaned up and made much more general. The
692 * plan is to write up and test on arm926ejs specifically and
693 * then generalize and clean up afterwards. */
694 if ((count == 1) && ((size==2) || (size==4)))
695 {
696 /* special case the handling of single word writes to bypass MMU
697 * to allow implementation of breakpoints in memory marked read only
698 * by MMU */
699 if (arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
700 {
701 /* flush and invalidate data cache
702 *
703 * MCR p15,0,p,c7,c10,1 - clean cache line using virtual address
704 *
705 */
706 retval = arm926ejs->write_cp15(target, 0, 1, 7, 10, address&~0x3);
707 if (retval != ERROR_OK)
708 return retval;
709 }
710
711 uint32_t pa;
712 retval = target->type->virt2phys(target, address, &pa);
713 if (retval != ERROR_OK)
714 return retval;
715
716 /* write directly to physical memory bypassing any read only MMU bits, etc. */
717 retval = armv4_5_mmu_write_physical(target, &arm926ejs->armv4_5_mmu, pa, size, count, buffer);
718 if (retval != ERROR_OK)
719 return retval;
720 } else
721 {
722 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
723 return retval;
724 }
725
726 /* If ICache is enabled, we have to invalidate affected ICache lines
727 * the DCache is forced to write-through, so we don't have to clean it here
728 */
729 if (arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
730 {
731 if (count <= 1)
732 {
733 /* invalidate ICache single entry with MVA */
734 arm926ejs->write_cp15(target, 0, 1, 7, 5, address);
735 }
736 else
737 {
738 /* invalidate ICache */
739 arm926ejs->write_cp15(target, 0, 0, 7, 5, address);
740 }
741 }
742
743 return retval;
744 }
745
746 int arm926ejs_write_phys_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
747 {
748 armv4_5_common_t *armv4_5 = target->arch_info;
749 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
750 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
751 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
752
753 return armv4_5_mmu_write_physical(target, &arm926ejs->armv4_5_mmu, address, size, count, buffer);
754 }
755
756 int arm926ejs_read_phys_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
757 {
758 armv4_5_common_t *armv4_5 = target->arch_info;
759 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
760 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
761 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
762
763 return armv4_5_mmu_read_physical(target, &arm926ejs->armv4_5_mmu, address, size, count, buffer);
764 }
765
766 int arm926ejs_init_target(struct command_context_s *cmd_ctx, struct target_s *target)
767 {
768 arm9tdmi_init_target(cmd_ctx, target);
769
770 return ERROR_OK;
771 }
772
773 int arm926ejs_quit(void)
774 {
775 return ERROR_OK;
776 }
777
778 int arm926ejs_init_arch_info(target_t *target, arm926ejs_common_t *arm926ejs, jtag_tap_t *tap)
779 {
780 arm9tdmi_common_t *arm9tdmi = &arm926ejs->arm9tdmi_common;
781 arm7_9_common_t *arm7_9 = &arm9tdmi->arm7_9_common;
782
783 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
784 */
785 arm9tdmi_init_arch_info(target, arm9tdmi, tap);
786
787 arm9tdmi->arch_info = arm926ejs;
788 arm926ejs->common_magic = ARM926EJS_COMMON_MAGIC;
789
790 arm7_9->post_debug_entry = arm926ejs_post_debug_entry;
791 arm7_9->pre_restore_context = arm926ejs_pre_restore_context;
792
793 arm926ejs->read_cp15 = arm926ejs_cp15_read;
794 arm926ejs->write_cp15 = arm926ejs_cp15_write;
795 arm926ejs->armv4_5_mmu.armv4_5_cache.ctype = -1;
796 arm926ejs->armv4_5_mmu.get_ttb = arm926ejs_get_ttb;
797 arm926ejs->armv4_5_mmu.read_memory = arm7_9_read_memory;
798 arm926ejs->armv4_5_mmu.write_memory = arm7_9_write_memory;
799 arm926ejs->armv4_5_mmu.disable_mmu_caches = arm926ejs_disable_mmu_caches;
800 arm926ejs->armv4_5_mmu.enable_mmu_caches = arm926ejs_enable_mmu_caches;
801 arm926ejs->armv4_5_mmu.has_tiny_pages = 1;
802 arm926ejs->armv4_5_mmu.mmu_enabled = 0;
803
804 arm7_9->examine_debug_reason = arm926ejs_examine_debug_reason;
805
806 /* The ARM926EJ-S implements the ARMv5TE architecture which
807 * has the BKPT instruction, so we don't have to use a watchpoint comparator
808 */
809 arm7_9->arm_bkpt = ARMV5_BKPT(0x0);
810 arm7_9->thumb_bkpt = ARMV5_T_BKPT(0x0) & 0xffff;
811
812 return ERROR_OK;
813 }
814
815 int arm926ejs_target_create(struct target_s *target, Jim_Interp *interp)
816 {
817 arm926ejs_common_t *arm926ejs = calloc(1,sizeof(arm926ejs_common_t));
818
819 arm926ejs_init_arch_info(target, arm926ejs, target->tap);
820
821 return ERROR_OK;
822 }
823
824 int arm926ejs_register_commands(struct command_context_s *cmd_ctx)
825 {
826 int retval;
827 command_t *arm926ejs_cmd;
828
829
830 retval = arm9tdmi_register_commands(cmd_ctx);
831
832 arm926ejs_cmd = register_command(cmd_ctx, NULL, "arm926ejs", NULL, COMMAND_ANY, "arm926ejs specific commands");
833
834 register_command(cmd_ctx, arm926ejs_cmd, "cp15", arm926ejs_handle_cp15_command, COMMAND_EXEC, "display/modify cp15 register <opcode_1> <opcode_2> <CRn> <CRm> [value]");
835
836 register_command(cmd_ctx, arm926ejs_cmd, "cache_info", arm926ejs_handle_cache_info_command, COMMAND_EXEC, "display information about target caches");
837
838 register_command(cmd_ctx, arm926ejs_cmd, "mdw_phys", arm926ejs_handle_md_phys_command, COMMAND_EXEC, "display memory words <physical addr> [count]");
839 register_command(cmd_ctx, arm926ejs_cmd, "mdh_phys", arm926ejs_handle_md_phys_command, COMMAND_EXEC, "display memory half-words <physical addr> [count]");
840 register_command(cmd_ctx, arm926ejs_cmd, "mdb_phys", arm926ejs_handle_md_phys_command, COMMAND_EXEC, "display memory bytes <physical addr> [count]");
841
842 register_command(cmd_ctx, arm926ejs_cmd, "mww_phys", arm926ejs_handle_mw_phys_command, COMMAND_EXEC, "write memory word <physical addr> <value>");
843 register_command(cmd_ctx, arm926ejs_cmd, "mwh_phys", arm926ejs_handle_mw_phys_command, COMMAND_EXEC, "write memory half-word <physical addr> <value>");
844 register_command(cmd_ctx, arm926ejs_cmd, "mwb_phys", arm926ejs_handle_mw_phys_command, COMMAND_EXEC, "write memory byte <physical addr> <value>");
845
846 return retval;
847 }
848
849 int arm926ejs_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
850 {
851 int retval;
852 target_t *target = get_current_target(cmd_ctx);
853 armv4_5_common_t *armv4_5;
854 arm7_9_common_t *arm7_9;
855 arm9tdmi_common_t *arm9tdmi;
856 arm926ejs_common_t *arm926ejs;
857 int opcode_1;
858 int opcode_2;
859 int CRn;
860 int CRm;
861
862 if ((argc < 4) || (argc > 5))
863 {
864 command_print(cmd_ctx, "usage: arm926ejs cp15 <opcode_1> <opcode_2> <CRn> <CRm> [value]");
865 return ERROR_OK;
866 }
867
868 opcode_1 = strtoul(args[0], NULL, 0);
869 opcode_2 = strtoul(args[1], NULL, 0);
870 CRn = strtoul(args[2], NULL, 0);
871 CRm = strtoul(args[3], NULL, 0);
872
873 if (arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs) != ERROR_OK)
874 {
875 command_print(cmd_ctx, "current target isn't an ARM926EJ-S target");
876 return ERROR_OK;
877 }
878
879 if (target->state != TARGET_HALTED)
880 {
881 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
882 return ERROR_OK;
883 }
884
885 if (argc == 4)
886 {
887 uint32_t value;
888 if ((retval = arm926ejs->read_cp15(target, opcode_1, opcode_2, CRn, CRm, &value)) != ERROR_OK)
889 {
890 command_print(cmd_ctx, "couldn't access register");
891 return ERROR_OK;
892 }
893 if ((retval = jtag_execute_queue()) != ERROR_OK)
894 {
895 return retval;
896 }
897
898 command_print(cmd_ctx, "%i %i %i %i: %8.8" PRIx32 "", opcode_1, opcode_2, CRn, CRm, value);
899 }
900 else
901 {
902 uint32_t value = strtoul(args[4], NULL, 0);
903 if ((retval = arm926ejs->write_cp15(target, opcode_1, opcode_2, CRn, CRm, value)) != ERROR_OK)
904 {
905 command_print(cmd_ctx, "couldn't access register");
906 return ERROR_OK;
907 }
908 command_print(cmd_ctx, "%i %i %i %i: %8.8" PRIx32 "", opcode_1, opcode_2, CRn, CRm, value);
909 }
910
911 return ERROR_OK;
912 }
913
914 int arm926ejs_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
915 {
916 target_t *target = get_current_target(cmd_ctx);
917 armv4_5_common_t *armv4_5;
918 arm7_9_common_t *arm7_9;
919 arm9tdmi_common_t *arm9tdmi;
920 arm926ejs_common_t *arm926ejs;
921
922 if (arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs) != ERROR_OK)
923 {
924 command_print(cmd_ctx, "current target isn't an ARM926EJ-S target");
925 return ERROR_OK;
926 }
927
928 return armv4_5_handle_cache_info_command(cmd_ctx, &arm926ejs->armv4_5_mmu.armv4_5_cache);
929 }
930
931 int arm926ejs_handle_md_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
932 {
933 target_t *target = get_current_target(cmd_ctx);
934 armv4_5_common_t *armv4_5;
935 arm7_9_common_t *arm7_9;
936 arm9tdmi_common_t *arm9tdmi;
937 arm926ejs_common_t *arm926ejs;
938 arm_jtag_t *jtag_info;
939
940 if (arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs) != ERROR_OK)
941 {
942 command_print(cmd_ctx, "current target isn't an ARM926EJ-S target");
943 return ERROR_OK;
944 }
945
946 jtag_info = &arm7_9->jtag_info;
947
948 if (target->state != TARGET_HALTED)
949 {
950 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
951 return ERROR_OK;
952 }
953
954 return armv4_5_mmu_handle_md_phys_command(cmd_ctx, cmd, args, argc, target, &arm926ejs->armv4_5_mmu);
955 }
956
957 int arm926ejs_handle_mw_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
958 {
959 target_t *target = get_current_target(cmd_ctx);
960 armv4_5_common_t *armv4_5;
961 arm7_9_common_t *arm7_9;
962 arm9tdmi_common_t *arm9tdmi;
963 arm926ejs_common_t *arm926ejs;
964 arm_jtag_t *jtag_info;
965
966 if (arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs) != ERROR_OK)
967 {
968 command_print(cmd_ctx, "current target isn't an ARM926EJ-S target");
969 return ERROR_OK;
970 }
971
972 jtag_info = &arm7_9->jtag_info;
973
974 if (target->state != TARGET_HALTED)
975 {
976 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
977 return ERROR_OK;
978 }
979
980 return armv4_5_mmu_handle_mw_phys_command(cmd_ctx, cmd, args, argc, target, &arm926ejs->armv4_5_mmu);
981 }
982
983 static int arm926ejs_virt2phys(struct target_s *target, uint32_t virtual, uint32_t *physical)
984 {
985 int retval;
986 int type;
987 uint32_t cb;
988 int domain;
989 uint32_t ap;
990
991 armv4_5_common_t *armv4_5;
992 arm7_9_common_t *arm7_9;
993 arm9tdmi_common_t *arm9tdmi;
994 arm926ejs_common_t *arm926ejs;
995 retval= arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs);
996 if (retval != ERROR_OK)
997 {
998 return retval;
999 }
1000 uint32_t ret = armv4_5_mmu_translate_va(target, &arm926ejs->armv4_5_mmu, virtual, &type, &cb, &domain, &ap);
1001 if (type == -1)
1002 {
1003 return ret;
1004 }
1005 *physical = ret;
1006 return ERROR_OK;
1007 }
1008
1009 static int arm926ejs_mmu(struct target_s *target, int *enabled)
1010 {
1011 armv4_5_common_t *armv4_5 = target->arch_info;
1012 arm926ejs_common_t *arm926ejs = armv4_5->arch_info;
1013
1014 if (target->state != TARGET_HALTED)
1015 {
1016 LOG_ERROR("Target not halted");
1017 return ERROR_TARGET_INVALID;
1018 }
1019 *enabled = arm926ejs->armv4_5_mmu.mmu_enabled;
1020 return ERROR_OK;
1021 }
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)