Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge branch 'master' of ssh://gowinex@openocd.git.sourceforge.net/gitroot/openocd...
[openocd.git] / src / target / arm926ejs.c
1 /***************************************************************************
2 * Copyright (C) 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * Copyright (C) 2009 by Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
7 * *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
12 * *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
17 * *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
23 #ifdef HAVE_CONFIG_H
24 #include "config.h"
25 #endif
26
27 #include "arm926ejs.h"
28 #include "time_support.h"
29 #include "target_type.h"
30
31
32 #if 0
33 #define _DEBUG_INSTRUCTION_EXECUTION_
34 #endif
35
36 /* cli handling */
37 int arm926ejs_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
38 int arm926ejs_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
39 int arm926ejs_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
40 int arm926ejs_handle_md_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
41 int arm926ejs_handle_mw_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
42
43 int arm926ejs_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
44 int arm926ejs_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
45
46 /* forward declarations */
47 int arm926ejs_target_create(struct target_s *target, Jim_Interp *interp);
48 int arm926ejs_init_target(struct command_context_s *cmd_ctx, struct target_s *target);
49 int arm926ejs_quit(void);
50 int arm926ejs_read_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer);
51
52 static int arm926ejs_virt2phys(struct target_s *target, uint32_t virtual, uint32_t *physical);
53 static int arm926ejs_mmu(struct target_s *target, int *enabled);
54
55 target_type_t arm926ejs_target =
56 {
57 .name = "arm926ejs",
58
59 .poll = arm7_9_poll,
60 .arch_state = arm926ejs_arch_state,
61
62 .target_request_data = arm7_9_target_request_data,
63
64 .halt = arm7_9_halt,
65 .resume = arm7_9_resume,
66 .step = arm7_9_step,
67
68 .assert_reset = arm7_9_assert_reset,
69 .deassert_reset = arm7_9_deassert_reset,
70 .soft_reset_halt = arm926ejs_soft_reset_halt,
71
72 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
73
74 .read_memory = arm7_9_read_memory,
75 .write_memory = arm926ejs_write_memory,
76 .bulk_write_memory = arm7_9_bulk_write_memory,
77 .checksum_memory = arm7_9_checksum_memory,
78 .blank_check_memory = arm7_9_blank_check_memory,
79
80 .run_algorithm = armv4_5_run_algorithm,
81
82 .add_breakpoint = arm7_9_add_breakpoint,
83 .remove_breakpoint = arm7_9_remove_breakpoint,
84 .add_watchpoint = arm7_9_add_watchpoint,
85 .remove_watchpoint = arm7_9_remove_watchpoint,
86
87 .register_commands = arm926ejs_register_commands,
88 .target_create = arm926ejs_target_create,
89 .init_target = arm926ejs_init_target,
90 .examine = arm9tdmi_examine,
91 .quit = arm926ejs_quit,
92 .virt2phys = arm926ejs_virt2phys,
93 .mmu = arm926ejs_mmu
94 };
95
96 int arm926ejs_catch_broken_irscan(uint8_t *captured, void *priv, scan_field_t *field)
97 {
98 /* FIX!!!! this code should be reenabled. For now it does not check
99 * the queue...*/
100 return 0;
101 #if 0
102 /* The ARM926EJ-S' instruction register is 4 bits wide */
103 uint8_t t = *captured & 0xf;
104 uint8_t t2 = *field->in_check_value & 0xf;
105 if (t == t2)
106 {
107 return ERROR_OK;
108 }
109 else if ((t == 0x0f) || (t == 0x00))
110 {
111 LOG_DEBUG("caught ARM926EJ-S invalid Capture-IR result after CP15 access");
112 return ERROR_OK;
113 }
114 return ERROR_JTAG_QUEUE_FAILED;;
115 #endif
116 }
117
118 #define ARM926EJS_CP15_ADDR(opcode_1, opcode_2, CRn, CRm) ((opcode_1 << 11) | (opcode_2 << 8) | (CRn << 4) | (CRm << 0))
119
120 int arm926ejs_cp15_read(target_t *target, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
121 {
122 int retval = ERROR_OK;
123 armv4_5_common_t *armv4_5 = target->arch_info;
124 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
125 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
126 uint32_t address = ARM926EJS_CP15_ADDR(op1, op2, CRn, CRm);
127 scan_field_t fields[4];
128 uint8_t address_buf[2];
129 uint8_t nr_w_buf = 0;
130 uint8_t access = 1;
131
132 buf_set_u32(address_buf, 0, 14, address);
133
134 jtag_set_end_state(TAP_IDLE);
135 if ((retval = arm_jtag_scann(jtag_info, 0xf)) != ERROR_OK)
136 {
137 return retval;
138 }
139 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
140
141 fields[0].tap = jtag_info->tap;
142 fields[0].num_bits = 32;
143 fields[0].out_value = NULL;
144 fields[0].in_value = (uint8_t *)value;
145
146
147 fields[1].tap = jtag_info->tap;
148 fields[1].num_bits = 1;
149 fields[1].out_value = &access;
150 fields[1].in_value = &access;
151
152 fields[2].tap = jtag_info->tap;
153 fields[2].num_bits = 14;
154 fields[2].out_value = address_buf;
155 fields[2].in_value = NULL;
156
157 fields[3].tap = jtag_info->tap;
158 fields[3].num_bits = 1;
159 fields[3].out_value = &nr_w_buf;
160 fields[3].in_value = NULL;
161
162 jtag_add_dr_scan(4, fields, jtag_get_end_state());
163
164 long long then = timeval_ms();
165
166 for (;;)
167 {
168 /* rescan with NOP, to wait for the access to complete */
169 access = 0;
170 nr_w_buf = 0;
171 jtag_add_dr_scan(4, fields, jtag_get_end_state());
172
173 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
174
175 if ((retval = jtag_execute_queue()) != ERROR_OK)
176 {
177 return retval;
178 }
179
180 if (buf_get_u32(&access, 0, 1) == 1)
181 {
182 break;
183 }
184
185 /* 10ms timeout */
186 if ((timeval_ms()-then)>10)
187 {
188 LOG_ERROR("cp15 read operation timed out");
189 return ERROR_FAIL;
190 }
191 }
192
193 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
194 LOG_DEBUG("addr: 0x%x value: %8.8x", address, *value);
195 #endif
196
197 arm_jtag_set_instr(jtag_info, 0xc, &arm926ejs_catch_broken_irscan);
198
199 return ERROR_OK;
200 }
201
202 int arm926ejs_cp15_write(target_t *target, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
203 {
204 int retval = ERROR_OK;
205 armv4_5_common_t *armv4_5 = target->arch_info;
206 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
207 arm_jtag_t *jtag_info = &arm7_9->jtag_info;
208 uint32_t address = ARM926EJS_CP15_ADDR(op1, op2, CRn, CRm);
209 scan_field_t fields[4];
210 uint8_t value_buf[4];
211 uint8_t address_buf[2];
212 uint8_t nr_w_buf = 1;
213 uint8_t access = 1;
214
215 buf_set_u32(address_buf, 0, 14, address);
216 buf_set_u32(value_buf, 0, 32, value);
217
218 jtag_set_end_state(TAP_IDLE);
219 if ((retval = arm_jtag_scann(jtag_info, 0xf)) != ERROR_OK)
220 {
221 return retval;
222 }
223 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
224
225 fields[0].tap = jtag_info->tap;
226 fields[0].num_bits = 32;
227 fields[0].out_value = value_buf;
228 fields[0].in_value = NULL;
229
230 fields[1].tap = jtag_info->tap;
231 fields[1].num_bits = 1;
232 fields[1].out_value = &access;
233 fields[1].in_value = &access;
234
235 fields[2].tap = jtag_info->tap;
236 fields[2].num_bits = 14;
237 fields[2].out_value = address_buf;
238 fields[2].in_value = NULL;
239
240 fields[3].tap = jtag_info->tap;
241 fields[3].num_bits = 1;
242 fields[3].out_value = &nr_w_buf;
243 fields[3].in_value = NULL;
244
245 jtag_add_dr_scan(4, fields, jtag_get_end_state());
246
247 long long then = timeval_ms();
248
249 for (;;)
250 {
251 /* rescan with NOP, to wait for the access to complete */
252 access = 0;
253 nr_w_buf = 0;
254 jtag_add_dr_scan(4, fields, jtag_get_end_state());
255 if ((retval = jtag_execute_queue()) != ERROR_OK)
256 {
257 return retval;
258 }
259
260 if (buf_get_u32(&access, 0, 1) == 1)
261 {
262 break;
263 }
264
265 /* 10ms timeout */
266 if ((timeval_ms()-then)>10)
267 {
268 LOG_ERROR("cp15 write operation timed out");
269 return ERROR_FAIL;
270 }
271 }
272
273 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
274 LOG_DEBUG("addr: 0x%x value: %8.8x", address, value);
275 #endif
276
277 arm_jtag_set_instr(jtag_info, 0xf, &arm926ejs_catch_broken_irscan);
278
279 return ERROR_OK;
280 }
281
282 static int arm926ejs_examine_debug_reason(target_t *target)
283 {
284 armv4_5_common_t *armv4_5 = target->arch_info;
285 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
286 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
287 int debug_reason;
288 int retval;
289
290 embeddedice_read_reg(dbg_stat);
291 if ((retval = jtag_execute_queue()) != ERROR_OK)
292 return retval;
293
294 /* Method-Of-Entry (MOE) field */
295 debug_reason = buf_get_u32(dbg_stat->value, 6, 4);
296
297 switch (debug_reason)
298 {
299 case 0:
300 LOG_DEBUG("no *NEW* debug entry (?missed one?)");
301 /* ... since last restart or debug reset ... */
302 target->debug_reason = DBG_REASON_DBGRQ;
303 break;
304 case 1:
305 LOG_DEBUG("breakpoint from EICE unit 0");
306 target->debug_reason = DBG_REASON_BREAKPOINT;
307 break;
308 case 2:
309 LOG_DEBUG("breakpoint from EICE unit 1");
310 target->debug_reason = DBG_REASON_BREAKPOINT;
311 break;
312 case 3:
313 LOG_DEBUG("soft breakpoint (BKPT instruction)");
314 target->debug_reason = DBG_REASON_BREAKPOINT;
315 break;
316 case 4:
317 LOG_DEBUG("vector catch breakpoint");
318 target->debug_reason = DBG_REASON_BREAKPOINT;
319 break;
320 case 5:
321 LOG_DEBUG("external breakpoint");
322 target->debug_reason = DBG_REASON_BREAKPOINT;
323 break;
324 case 6:
325 LOG_DEBUG("watchpoint from EICE unit 0");
326 target->debug_reason = DBG_REASON_WATCHPOINT;
327 break;
328 case 7:
329 LOG_DEBUG("watchpoint from EICE unit 1");
330 target->debug_reason = DBG_REASON_WATCHPOINT;
331 break;
332 case 8:
333 LOG_DEBUG("external watchpoint");
334 target->debug_reason = DBG_REASON_WATCHPOINT;
335 break;
336 case 9:
337 LOG_DEBUG("internal debug request");
338 target->debug_reason = DBG_REASON_DBGRQ;
339 break;
340 case 10:
341 LOG_DEBUG("external debug request");
342 target->debug_reason = DBG_REASON_DBGRQ;
343 break;
344 case 11:
345 LOG_DEBUG("debug re-entry from system speed access");
346 /* This is normal when connecting to something that's
347 * already halted, or in some related code paths, but
348 * otherwise is surprising (and presumably wrong).
349 */
350 switch (target->debug_reason) {
351 case DBG_REASON_DBGRQ:
352 break;
353 default:
354 LOG_ERROR("unexpected -- debug re-entry");
355 /* FALLTHROUGH */
356 case DBG_REASON_UNDEFINED:
357 target->debug_reason = DBG_REASON_DBGRQ;
358 break;
359 }
360 break;
361 case 12:
362 /* FIX!!!! here be dragons!!! We need to fail here so
363 * the target will interpreted as halted but we won't
364 * try to talk to it right now... a resume + halt seems
365 * to sync things up again. Please send an email to
366 * openocd development mailing list if you have hardware
367 * to donate to look into this problem....
368 */
369 LOG_WARNING("WARNING: mystery debug reason MOE = 0xc. Try issuing a resume + halt.");
370 target->debug_reason = DBG_REASON_DBGRQ;
371 break;
372 default:
373 LOG_WARNING("WARNING: unknown debug reason: 0x%x", debug_reason);
374 /* Oh agony! should we interpret this as a halt request or
375 * that the target stopped on it's own accord?
376 */
377 target->debug_reason = DBG_REASON_DBGRQ;
378 /* if we fail here, we won't talk to the target and it will
379 * be reported to be in the halted state */
380 break;
381 }
382
383 return ERROR_OK;
384 }
385
386 uint32_t arm926ejs_get_ttb(target_t *target)
387 {
388 armv4_5_common_t *armv4_5 = target->arch_info;
389 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
390 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
391 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
392 int retval;
393 uint32_t ttb = 0x0;
394
395 if ((retval = arm926ejs->read_cp15(target, 0, 0, 2, 0, &ttb)) != ERROR_OK)
396 return retval;
397
398 return ttb;
399 }
400
401 void arm926ejs_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
402 {
403 armv4_5_common_t *armv4_5 = target->arch_info;
404 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
405 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
406 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
407 uint32_t cp15_control;
408
409 /* read cp15 control register */
410 arm926ejs->read_cp15(target, 0, 0, 1, 0, &cp15_control);
411 jtag_execute_queue();
412
413 if (mmu)
414 {
415 /* invalidate TLB */
416 arm926ejs->write_cp15(target, 0, 0, 8, 7, 0x0);
417
418 cp15_control &= ~0x1U;
419 }
420
421 if (d_u_cache)
422 {
423 uint32_t debug_override;
424 /* read-modify-write CP15 debug override register
425 * to enable "test and clean all" */
426 arm926ejs->read_cp15(target, 0, 0, 15, 0, &debug_override);
427 debug_override |= 0x80000;
428 arm926ejs->write_cp15(target, 0, 0, 15, 0, debug_override);
429
430 /* clean and invalidate DCache */
431 arm926ejs->write_cp15(target, 0, 0, 7, 5, 0x0);
432
433 /* write CP15 debug override register
434 * to disable "test and clean all" */
435 debug_override &= ~0x80000;
436 arm926ejs->write_cp15(target, 0, 0, 15, 0, debug_override);
437
438 cp15_control &= ~0x4U;
439 }
440
441 if (i_cache)
442 {
443 /* invalidate ICache */
444 arm926ejs->write_cp15(target, 0, 0, 7, 5, 0x0);
445
446 cp15_control &= ~0x1000U;
447 }
448
449 arm926ejs->write_cp15(target, 0, 0, 1, 0, cp15_control);
450 }
451
452 void arm926ejs_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
453 {
454 armv4_5_common_t *armv4_5 = target->arch_info;
455 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
456 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
457 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
458 uint32_t cp15_control;
459
460 /* read cp15 control register */
461 arm926ejs->read_cp15(target, 0, 0, 1, 0, &cp15_control);
462 jtag_execute_queue();
463
464 if (mmu)
465 cp15_control |= 0x1U;
466
467 if (d_u_cache)
468 cp15_control |= 0x4U;
469
470 if (i_cache)
471 cp15_control |= 0x1000U;
472
473 arm926ejs->write_cp15(target, 0, 0, 1, 0, cp15_control);
474 }
475
476 void arm926ejs_post_debug_entry(target_t *target)
477 {
478 armv4_5_common_t *armv4_5 = target->arch_info;
479 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
480 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
481 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
482
483 /* examine cp15 control reg */
484 arm926ejs->read_cp15(target, 0, 0, 1, 0, &arm926ejs->cp15_control_reg);
485 jtag_execute_queue();
486 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm926ejs->cp15_control_reg);
487
488 if (arm926ejs->armv4_5_mmu.armv4_5_cache.ctype == -1)
489 {
490 uint32_t cache_type_reg;
491 /* identify caches */
492 arm926ejs->read_cp15(target, 0, 1, 0, 0, &cache_type_reg);
493 jtag_execute_queue();
494 armv4_5_identify_cache(cache_type_reg, &arm926ejs->armv4_5_mmu.armv4_5_cache);
495 }
496
497 arm926ejs->armv4_5_mmu.mmu_enabled = (arm926ejs->cp15_control_reg & 0x1U) ? 1 : 0;
498 arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm926ejs->cp15_control_reg & 0x4U) ? 1 : 0;
499 arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm926ejs->cp15_control_reg & 0x1000U) ? 1 : 0;
500
501 /* save i/d fault status and address register */
502 arm926ejs->read_cp15(target, 0, 0, 5, 0, &arm926ejs->d_fsr);
503 arm926ejs->read_cp15(target, 0, 1, 5, 0, &arm926ejs->i_fsr);
504 arm926ejs->read_cp15(target, 0, 0, 6, 0, &arm926ejs->d_far);
505
506 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 "",
507 arm926ejs->d_fsr, arm926ejs->d_far, arm926ejs->i_fsr);
508
509 uint32_t cache_dbg_ctrl;
510
511 /* read-modify-write CP15 cache debug control register
512 * to disable I/D-cache linefills and force WT */
513 arm926ejs->read_cp15(target, 7, 0, 15, 0, &cache_dbg_ctrl);
514 cache_dbg_ctrl |= 0x7;
515 arm926ejs->write_cp15(target, 7, 0, 15, 0, cache_dbg_ctrl);
516 }
517
518 void arm926ejs_pre_restore_context(target_t *target)
519 {
520 armv4_5_common_t *armv4_5 = target->arch_info;
521 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
522 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
523 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
524
525 /* restore i/d fault status and address register */
526 arm926ejs->write_cp15(target, 0, 0, 5, 0, arm926ejs->d_fsr);
527 arm926ejs->write_cp15(target, 0, 1, 5, 0, arm926ejs->i_fsr);
528 arm926ejs->write_cp15(target, 0, 0, 6, 0, arm926ejs->d_far);
529
530 uint32_t cache_dbg_ctrl;
531
532 /* read-modify-write CP15 cache debug control register
533 * to reenable I/D-cache linefills and disable WT */
534 arm926ejs->read_cp15(target, 7, 0, 15, 0, &cache_dbg_ctrl);
535 cache_dbg_ctrl &= ~0x7;
536 arm926ejs->write_cp15(target, 7, 0, 15, 0, cache_dbg_ctrl);
537 }
538
539 int arm926ejs_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p, arm9tdmi_common_t **arm9tdmi_p, arm926ejs_common_t **arm926ejs_p)
540 {
541 armv4_5_common_t *armv4_5 = target->arch_info;
542 arm7_9_common_t *arm7_9;
543 arm9tdmi_common_t *arm9tdmi;
544 arm926ejs_common_t *arm926ejs;
545
546 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
547 {
548 return -1;
549 }
550
551 arm7_9 = armv4_5->arch_info;
552 if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
553 {
554 return -1;
555 }
556
557 arm9tdmi = arm7_9->arch_info;
558 if (arm9tdmi->common_magic != ARM9TDMI_COMMON_MAGIC)
559 {
560 return -1;
561 }
562
563 arm926ejs = arm9tdmi->arch_info;
564 if (arm926ejs->common_magic != ARM926EJS_COMMON_MAGIC)
565 {
566 return -1;
567 }
568
569 *armv4_5_p = armv4_5;
570 *arm7_9_p = arm7_9;
571 *arm9tdmi_p = arm9tdmi;
572 *arm926ejs_p = arm926ejs;
573
574 return ERROR_OK;
575 }
576
577 int arm926ejs_arch_state(struct target_s *target)
578 {
579 armv4_5_common_t *armv4_5 = target->arch_info;
580 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
581 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
582 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
583
584 char *state[] =
585 {
586 "disabled", "enabled"
587 };
588
589 if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
590 {
591 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
592 exit(-1);
593 }
594
595 LOG_USER(
596 "target halted in %s state due to %s, current mode: %s\n"
597 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
598 "MMU: %s, D-Cache: %s, I-Cache: %s",
599 armv4_5_state_strings[armv4_5->core_state],
600 Jim_Nvp_value2name_simple(nvp_target_debug_reason,target->debug_reason)->name,
601 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
602 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
603 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
604 state[arm926ejs->armv4_5_mmu.mmu_enabled],
605 state[arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
606 state[arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
607
608 return ERROR_OK;
609 }
610
611 int arm926ejs_soft_reset_halt(struct target_s *target)
612 {
613 int retval = ERROR_OK;
614 armv4_5_common_t *armv4_5 = target->arch_info;
615 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
616 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
617 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
618 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
619
620 if ((retval = target_halt(target)) != ERROR_OK)
621 {
622 return retval;
623 }
624
625 long long then = timeval_ms();
626 int timeout;
627 while (!(timeout = ((timeval_ms()-then) > 1000)))
628 {
629 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
630 {
631 embeddedice_read_reg(dbg_stat);
632 if ((retval = jtag_execute_queue()) != ERROR_OK)
633 {
634 return retval;
635 }
636 } else
637 {
638 break;
639 }
640 if (debug_level >= 1)
641 {
642 /* do not eat all CPU, time out after 1 se*/
643 alive_sleep(100);
644 } else
645 {
646 keep_alive();
647 }
648 }
649 if (timeout)
650 {
651 LOG_ERROR("Failed to halt CPU after 1 sec");
652 return ERROR_TARGET_TIMEOUT;
653 }
654
655 target->state = TARGET_HALTED;
656
657 /* SVC, ARM state, IRQ and FIQ disabled */
658 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
659 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
660 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
661
662 /* start fetching from 0x0 */
663 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
664 armv4_5->core_cache->reg_list[15].dirty = 1;
665 armv4_5->core_cache->reg_list[15].valid = 1;
666
667 armv4_5->core_mode = ARMV4_5_MODE_SVC;
668 armv4_5->core_state = ARMV4_5_STATE_ARM;
669
670 arm926ejs_disable_mmu_caches(target, 1, 1, 1);
671 arm926ejs->armv4_5_mmu.mmu_enabled = 0;
672 arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
673 arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
674
675 return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
676 }
677
678 int arm926ejs_write_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
679 {
680 int retval;
681 armv4_5_common_t *armv4_5 = target->arch_info;
682 arm7_9_common_t *arm7_9 = armv4_5->arch_info;
683 arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
684 arm926ejs_common_t *arm926ejs = arm9tdmi->arch_info;
685
686 /* FIX!!!! this should be cleaned up and made much more general. The
687 * plan is to write up and test on arm926ejs specifically and
688 * then generalize and clean up afterwards. */
689 if ((count == 1) && ((size==2) || (size==4)))
690 {
691 /* special case the handling of single word writes to bypass MMU
692 * to allow implementation of breakpoints in memory marked read only
693 * by MMU */
694 if (arm926ejs->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
695 {
696 /* flush and invalidate data cache
697 *
698 * MCR p15,0,p,c7,c10,1 - clean cache line using virtual address
699 *
700 */
701 retval = arm926ejs->write_cp15(target, 0, 1, 7, 10, address&~0x3);
702 if (retval != ERROR_OK)
703 return retval;
704 }
705
706 uint32_t pa;
707 retval = target->type->virt2phys(target, address, &pa);
708 if (retval != ERROR_OK)
709 return retval;
710
711 /* write directly to physical memory bypassing any read only MMU bits, etc. */
712 retval = armv4_5_mmu_write_physical(target, &arm926ejs->armv4_5_mmu, pa, size, count, buffer);
713 if (retval != ERROR_OK)
714 return retval;
715 } else
716 {
717 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
718 return retval;
719 }
720
721 /* If ICache is enabled, we have to invalidate affected ICache lines
722 * the DCache is forced to write-through, so we don't have to clean it here
723 */
724 if (arm926ejs->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
725 {
726 if (count <= 1)
727 {
728 /* invalidate ICache single entry with MVA */
729 arm926ejs->write_cp15(target, 0, 1, 7, 5, address);
730 }
731 else
732 {
733 /* invalidate ICache */
734 arm926ejs->write_cp15(target, 0, 0, 7, 5, address);
735 }
736 }
737
738 return retval;
739 }
740
741 int arm926ejs_init_target(struct command_context_s *cmd_ctx, struct target_s *target)
742 {
743 arm9tdmi_init_target(cmd_ctx, target);
744
745 return ERROR_OK;
746 }
747
748 int arm926ejs_quit(void)
749 {
750 return ERROR_OK;
751 }
752
753 int arm926ejs_init_arch_info(target_t *target, arm926ejs_common_t *arm926ejs, jtag_tap_t *tap)
754 {
755 arm9tdmi_common_t *arm9tdmi = &arm926ejs->arm9tdmi_common;
756 arm7_9_common_t *arm7_9 = &arm9tdmi->arm7_9_common;
757
758 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
759 */
760 arm9tdmi_init_arch_info(target, arm9tdmi, tap);
761
762 arm9tdmi->arch_info = arm926ejs;
763 arm926ejs->common_magic = ARM926EJS_COMMON_MAGIC;
764
765 arm7_9->post_debug_entry = arm926ejs_post_debug_entry;
766 arm7_9->pre_restore_context = arm926ejs_pre_restore_context;
767
768 arm926ejs->read_cp15 = arm926ejs_cp15_read;
769 arm926ejs->write_cp15 = arm926ejs_cp15_write;
770 arm926ejs->armv4_5_mmu.armv4_5_cache.ctype = -1;
771 arm926ejs->armv4_5_mmu.get_ttb = arm926ejs_get_ttb;
772 arm926ejs->armv4_5_mmu.read_memory = arm7_9_read_memory;
773 arm926ejs->armv4_5_mmu.write_memory = arm7_9_write_memory;
774 arm926ejs->armv4_5_mmu.disable_mmu_caches = arm926ejs_disable_mmu_caches;
775 arm926ejs->armv4_5_mmu.enable_mmu_caches = arm926ejs_enable_mmu_caches;
776 arm926ejs->armv4_5_mmu.has_tiny_pages = 1;
777 arm926ejs->armv4_5_mmu.mmu_enabled = 0;
778
779 arm7_9->examine_debug_reason = arm926ejs_examine_debug_reason;
780
781 /* The ARM926EJ-S implements the ARMv5TE architecture which
782 * has the BKPT instruction, so we don't have to use a watchpoint comparator
783 */
784 arm7_9->arm_bkpt = ARMV5_BKPT(0x0);
785 arm7_9->thumb_bkpt = ARMV5_T_BKPT(0x0) & 0xffff;
786
787 return ERROR_OK;
788 }
789
790 int arm926ejs_target_create(struct target_s *target, Jim_Interp *interp)
791 {
792 arm926ejs_common_t *arm926ejs = calloc(1,sizeof(arm926ejs_common_t));
793
794 arm926ejs_init_arch_info(target, arm926ejs, target->tap);
795
796 return ERROR_OK;
797 }
798
799 int arm926ejs_register_commands(struct command_context_s *cmd_ctx)
800 {
801 int retval;
802 command_t *arm926ejs_cmd;
803
804
805 retval = arm9tdmi_register_commands(cmd_ctx);
806
807 arm926ejs_cmd = register_command(cmd_ctx, NULL, "arm926ejs", NULL, COMMAND_ANY, "arm926ejs specific commands");
808
809 register_command(cmd_ctx, arm926ejs_cmd, "cp15", arm926ejs_handle_cp15_command, COMMAND_EXEC, "display/modify cp15 register <opcode_1> <opcode_2> <CRn> <CRm> [value]");
810
811 register_command(cmd_ctx, arm926ejs_cmd, "cache_info", arm926ejs_handle_cache_info_command, COMMAND_EXEC, "display information about target caches");
812
813 register_command(cmd_ctx, arm926ejs_cmd, "mdw_phys", arm926ejs_handle_md_phys_command, COMMAND_EXEC, "display memory words <physical addr> [count]");
814 register_command(cmd_ctx, arm926ejs_cmd, "mdh_phys", arm926ejs_handle_md_phys_command, COMMAND_EXEC, "display memory half-words <physical addr> [count]");
815 register_command(cmd_ctx, arm926ejs_cmd, "mdb_phys", arm926ejs_handle_md_phys_command, COMMAND_EXEC, "display memory bytes <physical addr> [count]");
816
817 register_command(cmd_ctx, arm926ejs_cmd, "mww_phys", arm926ejs_handle_mw_phys_command, COMMAND_EXEC, "write memory word <physical addr> <value>");
818 register_command(cmd_ctx, arm926ejs_cmd, "mwh_phys", arm926ejs_handle_mw_phys_command, COMMAND_EXEC, "write memory half-word <physical addr> <value>");
819 register_command(cmd_ctx, arm926ejs_cmd, "mwb_phys", arm926ejs_handle_mw_phys_command, COMMAND_EXEC, "write memory byte <physical addr> <value>");
820
821 return retval;
822 }
823
824 int arm926ejs_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
825 {
826 int retval;
827 target_t *target = get_current_target(cmd_ctx);
828 armv4_5_common_t *armv4_5;
829 arm7_9_common_t *arm7_9;
830 arm9tdmi_common_t *arm9tdmi;
831 arm926ejs_common_t *arm926ejs;
832 int opcode_1;
833 int opcode_2;
834 int CRn;
835 int CRm;
836
837 if ((argc < 4) || (argc > 5))
838 {
839 command_print(cmd_ctx, "usage: arm926ejs cp15 <opcode_1> <opcode_2> <CRn> <CRm> [value]");
840 return ERROR_OK;
841 }
842
843 opcode_1 = strtoul(args[0], NULL, 0);
844 opcode_2 = strtoul(args[1], NULL, 0);
845 CRn = strtoul(args[2], NULL, 0);
846 CRm = strtoul(args[3], NULL, 0);
847
848 if (arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs) != ERROR_OK)
849 {
850 command_print(cmd_ctx, "current target isn't an ARM926EJ-S target");
851 return ERROR_OK;
852 }
853
854 if (target->state != TARGET_HALTED)
855 {
856 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
857 return ERROR_OK;
858 }
859
860 if (argc == 4)
861 {
862 uint32_t value;
863 if ((retval = arm926ejs->read_cp15(target, opcode_1, opcode_2, CRn, CRm, &value)) != ERROR_OK)
864 {
865 command_print(cmd_ctx, "couldn't access register");
866 return ERROR_OK;
867 }
868 if ((retval = jtag_execute_queue()) != ERROR_OK)
869 {
870 return retval;
871 }
872
873 command_print(cmd_ctx, "%i %i %i %i: %8.8" PRIx32 "", opcode_1, opcode_2, CRn, CRm, value);
874 }
875 else
876 {
877 uint32_t value = strtoul(args[4], NULL, 0);
878 if ((retval = arm926ejs->write_cp15(target, opcode_1, opcode_2, CRn, CRm, value)) != ERROR_OK)
879 {
880 command_print(cmd_ctx, "couldn't access register");
881 return ERROR_OK;
882 }
883 command_print(cmd_ctx, "%i %i %i %i: %8.8" PRIx32 "", opcode_1, opcode_2, CRn, CRm, value);
884 }
885
886 return ERROR_OK;
887 }
888
889 int arm926ejs_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
890 {
891 target_t *target = get_current_target(cmd_ctx);
892 armv4_5_common_t *armv4_5;
893 arm7_9_common_t *arm7_9;
894 arm9tdmi_common_t *arm9tdmi;
895 arm926ejs_common_t *arm926ejs;
896
897 if (arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs) != ERROR_OK)
898 {
899 command_print(cmd_ctx, "current target isn't an ARM926EJ-S target");
900 return ERROR_OK;
901 }
902
903 return armv4_5_handle_cache_info_command(cmd_ctx, &arm926ejs->armv4_5_mmu.armv4_5_cache);
904 }
905
906 int arm926ejs_handle_md_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
907 {
908 target_t *target = get_current_target(cmd_ctx);
909 armv4_5_common_t *armv4_5;
910 arm7_9_common_t *arm7_9;
911 arm9tdmi_common_t *arm9tdmi;
912 arm926ejs_common_t *arm926ejs;
913 arm_jtag_t *jtag_info;
914
915 if (arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs) != ERROR_OK)
916 {
917 command_print(cmd_ctx, "current target isn't an ARM926EJ-S target");
918 return ERROR_OK;
919 }
920
921 jtag_info = &arm7_9->jtag_info;
922
923 if (target->state != TARGET_HALTED)
924 {
925 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
926 return ERROR_OK;
927 }
928
929 return armv4_5_mmu_handle_md_phys_command(cmd_ctx, cmd, args, argc, target, &arm926ejs->armv4_5_mmu);
930 }
931
932 int arm926ejs_handle_mw_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
933 {
934 target_t *target = get_current_target(cmd_ctx);
935 armv4_5_common_t *armv4_5;
936 arm7_9_common_t *arm7_9;
937 arm9tdmi_common_t *arm9tdmi;
938 arm926ejs_common_t *arm926ejs;
939 arm_jtag_t *jtag_info;
940
941 if (arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs) != ERROR_OK)
942 {
943 command_print(cmd_ctx, "current target isn't an ARM926EJ-S target");
944 return ERROR_OK;
945 }
946
947 jtag_info = &arm7_9->jtag_info;
948
949 if (target->state != TARGET_HALTED)
950 {
951 command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
952 return ERROR_OK;
953 }
954
955 return armv4_5_mmu_handle_mw_phys_command(cmd_ctx, cmd, args, argc, target, &arm926ejs->armv4_5_mmu);
956 }
957
958 static int arm926ejs_virt2phys(struct target_s *target, uint32_t virtual, uint32_t *physical)
959 {
960 int retval;
961 int type;
962 uint32_t cb;
963 int domain;
964 uint32_t ap;
965
966 armv4_5_common_t *armv4_5;
967 arm7_9_common_t *arm7_9;
968 arm9tdmi_common_t *arm9tdmi;
969 arm926ejs_common_t *arm926ejs;
970 retval= arm926ejs_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm926ejs);
971 if (retval != ERROR_OK)
972 {
973 return retval;
974 }
975 uint32_t ret = armv4_5_mmu_translate_va(target, &arm926ejs->armv4_5_mmu, virtual, &type, &cb, &domain, &ap);
976 if (type == -1)
977 {
978 return ret;
979 }
980 *physical = ret;
981 return ERROR_OK;
982 }
983
984 static int arm926ejs_mmu(struct target_s *target, int *enabled)
985 {
986 armv4_5_common_t *armv4_5 = target->arch_info;
987 arm926ejs_common_t *arm926ejs = armv4_5->arch_info;
988
989 if (target->state != TARGET_HALTED)
990 {
991 LOG_ERROR("Target not halted");
992 return ERROR_TARGET_INVALID;
993 }
994 *enabled = arm926ejs->armv4_5_mmu.mmu_enabled;
995 return ERROR_OK;
996 }
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)