1 /***************************************************************************
2 * Copyright (C) 2007 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * Copyright (C) 2009 by Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * This program is free software; you can redistribute it and/or modify *
9 * it under the terms of the GNU General Public License as published by *
10 * the Free Software Foundation; either version 2 of the License, or *
11 * (at your option) any later version. *
13 * This program is distributed in the hope that it will be useful, *
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
16 * GNU General Public License for more details. *
18 * You should have received a copy of the GNU General Public License *
19 * along with this program; if not, write to the *
20 * Free Software Foundation, Inc., *
21 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
22 ***************************************************************************/
27 #include "arm926ejs.h"
28 #include "time_support.h"
29 #include "target_type.h"
33 #define _DEBUG_INSTRUCTION_EXECUTION_
37 int arm926ejs_handle_cp15_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
38 int arm926ejs_handle_cp15i_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
39 int arm926ejs_handle_cache_info_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
40 int arm926ejs_handle_md_phys_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
41 int arm926ejs_handle_mw_phys_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
43 int arm926ejs_handle_read_cache_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
44 int arm926ejs_handle_read_mmu_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
);
46 /* forward declarations */
47 int arm926ejs_target_create(struct target_s
*target
, Jim_Interp
*interp
);
48 int arm926ejs_init_target(struct command_context_s
*cmd_ctx
, struct target_s
*target
);
49 int arm926ejs_quit(void);
51 int arm926ejs_read_phys_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
);
52 int arm926ejs_write_phys_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
);
54 static int arm926ejs_virt2phys(struct target_s
*target
, uint32_t virtual, uint32_t *physical
);
55 static int arm926ejs_mmu(struct target_s
*target
, int *enabled
);
57 target_type_t arm926ejs_target
=
62 .arch_state
= arm926ejs_arch_state
,
64 .target_request_data
= arm7_9_target_request_data
,
67 .resume
= arm7_9_resume
,
70 .assert_reset
= arm7_9_assert_reset
,
71 .deassert_reset
= arm7_9_deassert_reset
,
72 .soft_reset_halt
= arm926ejs_soft_reset_halt
,
74 .get_gdb_reg_list
= armv4_5_get_gdb_reg_list
,
76 .read_memory
= arm7_9_read_memory
,
77 .write_memory
= arm926ejs_write_memory
,
78 .bulk_write_memory
= arm7_9_bulk_write_memory
,
79 .checksum_memory
= arm7_9_checksum_memory
,
80 .blank_check_memory
= arm7_9_blank_check_memory
,
82 .run_algorithm
= armv4_5_run_algorithm
,
84 .add_breakpoint
= arm7_9_add_breakpoint
,
85 .remove_breakpoint
= arm7_9_remove_breakpoint
,
86 .add_watchpoint
= arm7_9_add_watchpoint
,
87 .remove_watchpoint
= arm7_9_remove_watchpoint
,
89 .register_commands
= arm926ejs_register_commands
,
90 .target_create
= arm926ejs_target_create
,
91 .init_target
= arm926ejs_init_target
,
92 .examine
= arm9tdmi_examine
,
93 .quit
= arm926ejs_quit
,
94 .virt2phys
= arm926ejs_virt2phys
,
97 .read_phys_memory
= arm926ejs_read_phys_memory
,
98 .write_phys_memory
= arm926ejs_write_phys_memory
,
101 int arm926ejs_catch_broken_irscan(uint8_t *captured
, void *priv
, scan_field_t
*field
)
103 /* FIX!!!! this code should be reenabled. For now it does not check
107 /* The ARM926EJ-S' instruction register is 4 bits wide */
108 uint8_t t
= *captured
& 0xf;
109 uint8_t t2
= *field
->in_check_value
& 0xf;
114 else if ((t
== 0x0f) || (t
== 0x00))
116 LOG_DEBUG("caught ARM926EJ-S invalid Capture-IR result after CP15 access");
119 return ERROR_JTAG_QUEUE_FAILED
;;
123 #define ARM926EJS_CP15_ADDR(opcode_1, opcode_2, CRn, CRm) ((opcode_1 << 11) | (opcode_2 << 8) | (CRn << 4) | (CRm << 0))
125 int arm926ejs_cp15_read(target_t
*target
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t *value
)
127 int retval
= ERROR_OK
;
128 armv4_5_common_t
*armv4_5
= target
->arch_info
;
129 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
130 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
131 uint32_t address
= ARM926EJS_CP15_ADDR(op1
, op2
, CRn
, CRm
);
132 scan_field_t fields
[4];
133 uint8_t address_buf
[2];
134 uint8_t nr_w_buf
= 0;
137 buf_set_u32(address_buf
, 0, 14, address
);
139 jtag_set_end_state(TAP_IDLE
);
140 if ((retval
= arm_jtag_scann(jtag_info
, 0xf)) != ERROR_OK
)
144 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
146 fields
[0].tap
= jtag_info
->tap
;
147 fields
[0].num_bits
= 32;
148 fields
[0].out_value
= NULL
;
149 fields
[0].in_value
= (uint8_t *)value
;
152 fields
[1].tap
= jtag_info
->tap
;
153 fields
[1].num_bits
= 1;
154 fields
[1].out_value
= &access
;
155 fields
[1].in_value
= &access
;
157 fields
[2].tap
= jtag_info
->tap
;
158 fields
[2].num_bits
= 14;
159 fields
[2].out_value
= address_buf
;
160 fields
[2].in_value
= NULL
;
162 fields
[3].tap
= jtag_info
->tap
;
163 fields
[3].num_bits
= 1;
164 fields
[3].out_value
= &nr_w_buf
;
165 fields
[3].in_value
= NULL
;
167 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
169 long long then
= timeval_ms();
173 /* rescan with NOP, to wait for the access to complete */
176 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
178 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
180 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
185 if (buf_get_u32(&access
, 0, 1) == 1)
191 if ((timeval_ms()-then
)>10)
193 LOG_ERROR("cp15 read operation timed out");
198 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
199 LOG_DEBUG("addr: 0x%x value: %8.8x", address
, *value
);
202 arm_jtag_set_instr(jtag_info
, 0xc, &arm926ejs_catch_broken_irscan
);
207 int arm926ejs_cp15_write(target_t
*target
, uint32_t op1
, uint32_t op2
, uint32_t CRn
, uint32_t CRm
, uint32_t value
)
209 int retval
= ERROR_OK
;
210 armv4_5_common_t
*armv4_5
= target
->arch_info
;
211 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
212 arm_jtag_t
*jtag_info
= &arm7_9
->jtag_info
;
213 uint32_t address
= ARM926EJS_CP15_ADDR(op1
, op2
, CRn
, CRm
);
214 scan_field_t fields
[4];
215 uint8_t value_buf
[4];
216 uint8_t address_buf
[2];
217 uint8_t nr_w_buf
= 1;
220 buf_set_u32(address_buf
, 0, 14, address
);
221 buf_set_u32(value_buf
, 0, 32, value
);
223 jtag_set_end_state(TAP_IDLE
);
224 if ((retval
= arm_jtag_scann(jtag_info
, 0xf)) != ERROR_OK
)
228 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
230 fields
[0].tap
= jtag_info
->tap
;
231 fields
[0].num_bits
= 32;
232 fields
[0].out_value
= value_buf
;
233 fields
[0].in_value
= NULL
;
235 fields
[1].tap
= jtag_info
->tap
;
236 fields
[1].num_bits
= 1;
237 fields
[1].out_value
= &access
;
238 fields
[1].in_value
= &access
;
240 fields
[2].tap
= jtag_info
->tap
;
241 fields
[2].num_bits
= 14;
242 fields
[2].out_value
= address_buf
;
243 fields
[2].in_value
= NULL
;
245 fields
[3].tap
= jtag_info
->tap
;
246 fields
[3].num_bits
= 1;
247 fields
[3].out_value
= &nr_w_buf
;
248 fields
[3].in_value
= NULL
;
250 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
252 long long then
= timeval_ms();
256 /* rescan with NOP, to wait for the access to complete */
259 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
260 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
265 if (buf_get_u32(&access
, 0, 1) == 1)
271 if ((timeval_ms()-then
)>10)
273 LOG_ERROR("cp15 write operation timed out");
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("addr: 0x%x value: %8.8x", address
, value
);
282 arm_jtag_set_instr(jtag_info
, 0xf, &arm926ejs_catch_broken_irscan
);
287 static int arm926ejs_examine_debug_reason(target_t
*target
)
289 armv4_5_common_t
*armv4_5
= target
->arch_info
;
290 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
291 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
295 embeddedice_read_reg(dbg_stat
);
296 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
299 /* Method-Of-Entry (MOE) field */
300 debug_reason
= buf_get_u32(dbg_stat
->value
, 6, 4);
302 switch (debug_reason
)
305 LOG_DEBUG("no *NEW* debug entry (?missed one?)");
306 /* ... since last restart or debug reset ... */
307 target
->debug_reason
= DBG_REASON_DBGRQ
;
310 LOG_DEBUG("breakpoint from EICE unit 0");
311 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
314 LOG_DEBUG("breakpoint from EICE unit 1");
315 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
318 LOG_DEBUG("soft breakpoint (BKPT instruction)");
319 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
322 LOG_DEBUG("vector catch breakpoint");
323 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
326 LOG_DEBUG("external breakpoint");
327 target
->debug_reason
= DBG_REASON_BREAKPOINT
;
330 LOG_DEBUG("watchpoint from EICE unit 0");
331 target
->debug_reason
= DBG_REASON_WATCHPOINT
;
334 LOG_DEBUG("watchpoint from EICE unit 1");
335 target
->debug_reason
= DBG_REASON_WATCHPOINT
;
338 LOG_DEBUG("external watchpoint");
339 target
->debug_reason
= DBG_REASON_WATCHPOINT
;
342 LOG_DEBUG("internal debug request");
343 target
->debug_reason
= DBG_REASON_DBGRQ
;
346 LOG_DEBUG("external debug request");
347 target
->debug_reason
= DBG_REASON_DBGRQ
;
350 LOG_DEBUG("debug re-entry from system speed access");
351 /* This is normal when connecting to something that's
352 * already halted, or in some related code paths, but
353 * otherwise is surprising (and presumably wrong).
355 switch (target
->debug_reason
) {
356 case DBG_REASON_DBGRQ
:
359 LOG_ERROR("unexpected -- debug re-entry");
361 case DBG_REASON_UNDEFINED
:
362 target
->debug_reason
= DBG_REASON_DBGRQ
;
367 /* FIX!!!! here be dragons!!! We need to fail here so
368 * the target will interpreted as halted but we won't
369 * try to talk to it right now... a resume + halt seems
370 * to sync things up again. Please send an email to
371 * openocd development mailing list if you have hardware
372 * to donate to look into this problem....
374 LOG_WARNING("WARNING: mystery debug reason MOE = 0xc. Try issuing a resume + halt.");
375 target
->debug_reason
= DBG_REASON_DBGRQ
;
378 LOG_WARNING("WARNING: unknown debug reason: 0x%x", debug_reason
);
379 /* Oh agony! should we interpret this as a halt request or
380 * that the target stopped on it's own accord?
382 target
->debug_reason
= DBG_REASON_DBGRQ
;
383 /* if we fail here, we won't talk to the target and it will
384 * be reported to be in the halted state */
391 uint32_t arm926ejs_get_ttb(target_t
*target
)
393 armv4_5_common_t
*armv4_5
= target
->arch_info
;
394 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
395 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
396 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
400 if ((retval
= arm926ejs
->read_cp15(target
, 0, 0, 2, 0, &ttb
)) != ERROR_OK
)
406 void arm926ejs_disable_mmu_caches(target_t
*target
, int mmu
, int d_u_cache
, int i_cache
)
408 armv4_5_common_t
*armv4_5
= target
->arch_info
;
409 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
410 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
411 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
412 uint32_t cp15_control
;
414 /* read cp15 control register */
415 arm926ejs
->read_cp15(target
, 0, 0, 1, 0, &cp15_control
);
416 jtag_execute_queue();
421 arm926ejs
->write_cp15(target
, 0, 0, 8, 7, 0x0);
423 cp15_control
&= ~0x1U
;
428 uint32_t debug_override
;
429 /* read-modify-write CP15 debug override register
430 * to enable "test and clean all" */
431 arm926ejs
->read_cp15(target
, 0, 0, 15, 0, &debug_override
);
432 debug_override
|= 0x80000;
433 arm926ejs
->write_cp15(target
, 0, 0, 15, 0, debug_override
);
435 /* clean and invalidate DCache */
436 arm926ejs
->write_cp15(target
, 0, 0, 7, 5, 0x0);
438 /* write CP15 debug override register
439 * to disable "test and clean all" */
440 debug_override
&= ~0x80000;
441 arm926ejs
->write_cp15(target
, 0, 0, 15, 0, debug_override
);
443 cp15_control
&= ~0x4U
;
448 /* invalidate ICache */
449 arm926ejs
->write_cp15(target
, 0, 0, 7, 5, 0x0);
451 cp15_control
&= ~0x1000U
;
454 arm926ejs
->write_cp15(target
, 0, 0, 1, 0, cp15_control
);
457 void arm926ejs_enable_mmu_caches(target_t
*target
, int mmu
, int d_u_cache
, int i_cache
)
459 armv4_5_common_t
*armv4_5
= target
->arch_info
;
460 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
461 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
462 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
463 uint32_t cp15_control
;
465 /* read cp15 control register */
466 arm926ejs
->read_cp15(target
, 0, 0, 1, 0, &cp15_control
);
467 jtag_execute_queue();
470 cp15_control
|= 0x1U
;
473 cp15_control
|= 0x4U
;
476 cp15_control
|= 0x1000U
;
478 arm926ejs
->write_cp15(target
, 0, 0, 1, 0, cp15_control
);
481 void arm926ejs_post_debug_entry(target_t
*target
)
483 armv4_5_common_t
*armv4_5
= target
->arch_info
;
484 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
485 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
486 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
488 /* examine cp15 control reg */
489 arm926ejs
->read_cp15(target
, 0, 0, 1, 0, &arm926ejs
->cp15_control_reg
);
490 jtag_execute_queue();
491 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
"", arm926ejs
->cp15_control_reg
);
493 if (arm926ejs
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
495 uint32_t cache_type_reg
;
496 /* identify caches */
497 arm926ejs
->read_cp15(target
, 0, 1, 0, 0, &cache_type_reg
);
498 jtag_execute_queue();
499 armv4_5_identify_cache(cache_type_reg
, &arm926ejs
->armv4_5_mmu
.armv4_5_cache
);
502 arm926ejs
->armv4_5_mmu
.mmu_enabled
= (arm926ejs
->cp15_control_reg
& 0x1U
) ? 1 : 0;
503 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= (arm926ejs
->cp15_control_reg
& 0x4U
) ? 1 : 0;
504 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= (arm926ejs
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
506 /* save i/d fault status and address register */
507 arm926ejs
->read_cp15(target
, 0, 0, 5, 0, &arm926ejs
->d_fsr
);
508 arm926ejs
->read_cp15(target
, 0, 1, 5, 0, &arm926ejs
->i_fsr
);
509 arm926ejs
->read_cp15(target
, 0, 0, 6, 0, &arm926ejs
->d_far
);
511 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
", I FSR: 0x%8.8" PRIx32
"",
512 arm926ejs
->d_fsr
, arm926ejs
->d_far
, arm926ejs
->i_fsr
);
514 uint32_t cache_dbg_ctrl
;
516 /* read-modify-write CP15 cache debug control register
517 * to disable I/D-cache linefills and force WT */
518 arm926ejs
->read_cp15(target
, 7, 0, 15, 0, &cache_dbg_ctrl
);
519 cache_dbg_ctrl
|= 0x7;
520 arm926ejs
->write_cp15(target
, 7, 0, 15, 0, cache_dbg_ctrl
);
523 void arm926ejs_pre_restore_context(target_t
*target
)
525 armv4_5_common_t
*armv4_5
= target
->arch_info
;
526 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
527 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
528 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
530 /* restore i/d fault status and address register */
531 arm926ejs
->write_cp15(target
, 0, 0, 5, 0, arm926ejs
->d_fsr
);
532 arm926ejs
->write_cp15(target
, 0, 1, 5, 0, arm926ejs
->i_fsr
);
533 arm926ejs
->write_cp15(target
, 0, 0, 6, 0, arm926ejs
->d_far
);
535 uint32_t cache_dbg_ctrl
;
537 /* read-modify-write CP15 cache debug control register
538 * to reenable I/D-cache linefills and disable WT */
539 arm926ejs
->read_cp15(target
, 7, 0, 15, 0, &cache_dbg_ctrl
);
540 cache_dbg_ctrl
&= ~0x7;
541 arm926ejs
->write_cp15(target
, 7, 0, 15, 0, cache_dbg_ctrl
);
544 int arm926ejs_get_arch_pointers(target_t
*target
, armv4_5_common_t
**armv4_5_p
, arm7_9_common_t
**arm7_9_p
, arm9tdmi_common_t
**arm9tdmi_p
, arm926ejs_common_t
**arm926ejs_p
)
546 armv4_5_common_t
*armv4_5
= target
->arch_info
;
547 arm7_9_common_t
*arm7_9
;
548 arm9tdmi_common_t
*arm9tdmi
;
549 arm926ejs_common_t
*arm926ejs
;
551 if (armv4_5
->common_magic
!= ARMV4_5_COMMON_MAGIC
)
556 arm7_9
= armv4_5
->arch_info
;
557 if (arm7_9
->common_magic
!= ARM7_9_COMMON_MAGIC
)
562 arm9tdmi
= arm7_9
->arch_info
;
563 if (arm9tdmi
->common_magic
!= ARM9TDMI_COMMON_MAGIC
)
568 arm926ejs
= arm9tdmi
->arch_info
;
569 if (arm926ejs
->common_magic
!= ARM926EJS_COMMON_MAGIC
)
574 *armv4_5_p
= armv4_5
;
576 *arm9tdmi_p
= arm9tdmi
;
577 *arm926ejs_p
= arm926ejs
;
582 int arm926ejs_arch_state(struct target_s
*target
)
584 armv4_5_common_t
*armv4_5
= target
->arch_info
;
585 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
586 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
587 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
591 "disabled", "enabled"
594 if (armv4_5
->common_magic
!= ARMV4_5_COMMON_MAGIC
)
596 LOG_ERROR("BUG: called for a non-ARMv4/5 target");
601 "target halted in %s state due to %s, current mode: %s\n"
602 "cpsr: 0x%8.8" PRIx32
" pc: 0x%8.8" PRIx32
"\n"
603 "MMU: %s, D-Cache: %s, I-Cache: %s",
604 armv4_5_state_strings
[armv4_5
->core_state
],
605 Jim_Nvp_value2name_simple(nvp_target_debug_reason
,target
->debug_reason
)->name
,
606 armv4_5_mode_strings
[armv4_5_mode_to_number(armv4_5
->core_mode
)],
607 buf_get_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 32),
608 buf_get_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32),
609 state
[arm926ejs
->armv4_5_mmu
.mmu_enabled
],
610 state
[arm926ejs
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
611 state
[arm926ejs
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
616 int arm926ejs_soft_reset_halt(struct target_s
*target
)
618 int retval
= ERROR_OK
;
619 armv4_5_common_t
*armv4_5
= target
->arch_info
;
620 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
621 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
622 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
623 reg_t
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
625 if ((retval
= target_halt(target
)) != ERROR_OK
)
630 long long then
= timeval_ms();
632 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
634 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1) == 0)
636 embeddedice_read_reg(dbg_stat
);
637 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
645 if (debug_level
>= 1)
647 /* do not eat all CPU, time out after 1 se*/
656 LOG_ERROR("Failed to halt CPU after 1 sec");
657 return ERROR_TARGET_TIMEOUT
;
660 target
->state
= TARGET_HALTED
;
662 /* SVC, ARM state, IRQ and FIQ disabled */
663 buf_set_u32(armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].value
, 0, 8, 0xd3);
664 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].dirty
= 1;
665 armv4_5
->core_cache
->reg_list
[ARMV4_5_CPSR
].valid
= 1;
667 /* start fetching from 0x0 */
668 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, 0x0);
669 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
670 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
672 armv4_5
->core_mode
= ARMV4_5_MODE_SVC
;
673 armv4_5
->core_state
= ARMV4_5_STATE_ARM
;
675 arm926ejs_disable_mmu_caches(target
, 1, 1, 1);
676 arm926ejs
->armv4_5_mmu
.mmu_enabled
= 0;
677 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
678 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
680 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
683 int arm926ejs_write_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
686 armv4_5_common_t
*armv4_5
= target
->arch_info
;
687 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
688 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
689 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
691 /* FIX!!!! this should be cleaned up and made much more general. The
692 * plan is to write up and test on arm926ejs specifically and
693 * then generalize and clean up afterwards. */
694 if ((count
== 1) && ((size
==2) || (size
==4)))
696 /* special case the handling of single word writes to bypass MMU
697 * to allow implementation of breakpoints in memory marked read only
699 if (arm926ejs
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
701 /* flush and invalidate data cache
703 * MCR p15,0,p,c7,c10,1 - clean cache line using virtual address
706 retval
= arm926ejs
->write_cp15(target
, 0, 1, 7, 10, address
&~0x3);
707 if (retval
!= ERROR_OK
)
712 retval
= target
->type
->virt2phys(target
, address
, &pa
);
713 if (retval
!= ERROR_OK
)
716 /* write directly to physical memory bypassing any read only MMU bits, etc. */
717 retval
= armv4_5_mmu_write_physical(target
, &arm926ejs
->armv4_5_mmu
, pa
, size
, count
, buffer
);
718 if (retval
!= ERROR_OK
)
722 if ((retval
= arm7_9_write_memory(target
, address
, size
, count
, buffer
)) != ERROR_OK
)
726 /* If ICache is enabled, we have to invalidate affected ICache lines
727 * the DCache is forced to write-through, so we don't have to clean it here
729 if (arm926ejs
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
733 /* invalidate ICache single entry with MVA */
734 arm926ejs
->write_cp15(target
, 0, 1, 7, 5, address
);
738 /* invalidate ICache */
739 arm926ejs
->write_cp15(target
, 0, 0, 7, 5, address
);
746 int arm926ejs_write_phys_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
748 armv4_5_common_t
*armv4_5
= target
->arch_info
;
749 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
750 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
751 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
753 return armv4_5_mmu_write_physical(target
, &arm926ejs
->armv4_5_mmu
, address
, size
, count
, buffer
);
756 int arm926ejs_read_phys_memory(struct target_s
*target
, uint32_t address
, uint32_t size
, uint32_t count
, uint8_t *buffer
)
758 armv4_5_common_t
*armv4_5
= target
->arch_info
;
759 arm7_9_common_t
*arm7_9
= armv4_5
->arch_info
;
760 arm9tdmi_common_t
*arm9tdmi
= arm7_9
->arch_info
;
761 arm926ejs_common_t
*arm926ejs
= arm9tdmi
->arch_info
;
763 return armv4_5_mmu_read_physical(target
, &arm926ejs
->armv4_5_mmu
, address
, size
, count
, buffer
);
766 int arm926ejs_init_target(struct command_context_s
*cmd_ctx
, struct target_s
*target
)
768 arm9tdmi_init_target(cmd_ctx
, target
);
773 int arm926ejs_quit(void)
778 int arm926ejs_init_arch_info(target_t
*target
, arm926ejs_common_t
*arm926ejs
, jtag_tap_t
*tap
)
780 arm9tdmi_common_t
*arm9tdmi
= &arm926ejs
->arm9tdmi_common
;
781 arm7_9_common_t
*arm7_9
= &arm9tdmi
->arm7_9_common
;
783 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
785 arm9tdmi_init_arch_info(target
, arm9tdmi
, tap
);
787 arm9tdmi
->arch_info
= arm926ejs
;
788 arm926ejs
->common_magic
= ARM926EJS_COMMON_MAGIC
;
790 arm7_9
->post_debug_entry
= arm926ejs_post_debug_entry
;
791 arm7_9
->pre_restore_context
= arm926ejs_pre_restore_context
;
793 arm926ejs
->read_cp15
= arm926ejs_cp15_read
;
794 arm926ejs
->write_cp15
= arm926ejs_cp15_write
;
795 arm926ejs
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
796 arm926ejs
->armv4_5_mmu
.get_ttb
= arm926ejs_get_ttb
;
797 arm926ejs
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
798 arm926ejs
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
799 arm926ejs
->armv4_5_mmu
.disable_mmu_caches
= arm926ejs_disable_mmu_caches
;
800 arm926ejs
->armv4_5_mmu
.enable_mmu_caches
= arm926ejs_enable_mmu_caches
;
801 arm926ejs
->armv4_5_mmu
.has_tiny_pages
= 1;
802 arm926ejs
->armv4_5_mmu
.mmu_enabled
= 0;
804 arm7_9
->examine_debug_reason
= arm926ejs_examine_debug_reason
;
806 /* The ARM926EJ-S implements the ARMv5TE architecture which
807 * has the BKPT instruction, so we don't have to use a watchpoint comparator
809 arm7_9
->arm_bkpt
= ARMV5_BKPT(0x0);
810 arm7_9
->thumb_bkpt
= ARMV5_T_BKPT(0x0) & 0xffff;
815 int arm926ejs_target_create(struct target_s
*target
, Jim_Interp
*interp
)
817 arm926ejs_common_t
*arm926ejs
= calloc(1,sizeof(arm926ejs_common_t
));
819 arm926ejs_init_arch_info(target
, arm926ejs
, target
->tap
);
824 int arm926ejs_register_commands(struct command_context_s
*cmd_ctx
)
827 command_t
*arm926ejs_cmd
;
830 retval
= arm9tdmi_register_commands(cmd_ctx
);
832 arm926ejs_cmd
= register_command(cmd_ctx
, NULL
, "arm926ejs", NULL
, COMMAND_ANY
, "arm926ejs specific commands");
834 register_command(cmd_ctx
, arm926ejs_cmd
, "cp15", arm926ejs_handle_cp15_command
, COMMAND_EXEC
, "display/modify cp15 register <opcode_1> <opcode_2> <CRn> <CRm> [value]");
836 register_command(cmd_ctx
, arm926ejs_cmd
, "cache_info", arm926ejs_handle_cache_info_command
, COMMAND_EXEC
, "display information about target caches");
838 register_command(cmd_ctx
, arm926ejs_cmd
, "mdw_phys", arm926ejs_handle_md_phys_command
, COMMAND_EXEC
, "display memory words <physical addr> [count]");
839 register_command(cmd_ctx
, arm926ejs_cmd
, "mdh_phys", arm926ejs_handle_md_phys_command
, COMMAND_EXEC
, "display memory half-words <physical addr> [count]");
840 register_command(cmd_ctx
, arm926ejs_cmd
, "mdb_phys", arm926ejs_handle_md_phys_command
, COMMAND_EXEC
, "display memory bytes <physical addr> [count]");
842 register_command(cmd_ctx
, arm926ejs_cmd
, "mww_phys", arm926ejs_handle_mw_phys_command
, COMMAND_EXEC
, "write memory word <physical addr> <value>");
843 register_command(cmd_ctx
, arm926ejs_cmd
, "mwh_phys", arm926ejs_handle_mw_phys_command
, COMMAND_EXEC
, "write memory half-word <physical addr> <value>");
844 register_command(cmd_ctx
, arm926ejs_cmd
, "mwb_phys", arm926ejs_handle_mw_phys_command
, COMMAND_EXEC
, "write memory byte <physical addr> <value>");
849 int arm926ejs_handle_cp15_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
852 target_t
*target
= get_current_target(cmd_ctx
);
853 armv4_5_common_t
*armv4_5
;
854 arm7_9_common_t
*arm7_9
;
855 arm9tdmi_common_t
*arm9tdmi
;
856 arm926ejs_common_t
*arm926ejs
;
862 if ((argc
< 4) || (argc
> 5))
864 command_print(cmd_ctx
, "usage: arm926ejs cp15 <opcode_1> <opcode_2> <CRn> <CRm> [value]");
868 opcode_1
= strtoul(args
[0], NULL
, 0);
869 opcode_2
= strtoul(args
[1], NULL
, 0);
870 CRn
= strtoul(args
[2], NULL
, 0);
871 CRm
= strtoul(args
[3], NULL
, 0);
873 if (arm926ejs_get_arch_pointers(target
, &armv4_5
, &arm7_9
, &arm9tdmi
, &arm926ejs
) != ERROR_OK
)
875 command_print(cmd_ctx
, "current target isn't an ARM926EJ-S target");
879 if (target
->state
!= TARGET_HALTED
)
881 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", cmd
);
888 if ((retval
= arm926ejs
->read_cp15(target
, opcode_1
, opcode_2
, CRn
, CRm
, &value
)) != ERROR_OK
)
890 command_print(cmd_ctx
, "couldn't access register");
893 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
898 command_print(cmd_ctx
, "%i %i %i %i: %8.8" PRIx32
"", opcode_1
, opcode_2
, CRn
, CRm
, value
);
902 uint32_t value
= strtoul(args
[4], NULL
, 0);
903 if ((retval
= arm926ejs
->write_cp15(target
, opcode_1
, opcode_2
, CRn
, CRm
, value
)) != ERROR_OK
)
905 command_print(cmd_ctx
, "couldn't access register");
908 command_print(cmd_ctx
, "%i %i %i %i: %8.8" PRIx32
"", opcode_1
, opcode_2
, CRn
, CRm
, value
);
914 int arm926ejs_handle_cache_info_command(struct command_context_s
*cmd_ctx
, char *cmd
, char **args
, int argc
)
916 target_t
*target
= get_current_target(cmd_ctx
);
917 armv4_5_common_t
*armv4_5
;
918 arm7_9_common_t
*arm7_9
;
919 arm9tdmi_common_t
*arm9tdmi
;
920 arm926ejs_common_t
*arm926ejs
;
922 if (arm926ejs_get_arch_pointers(target
, &armv4_5
, &arm7_9
, &arm9tdmi
, &arm926ejs
) != ERROR_OK
)
924 command_print(cmd_ctx
, "current target isn't an ARM926EJ-S target");
928 return armv4_5_handle_cache_info_command(cmd_ctx
, &arm926ejs
->armv4_5_mmu
.armv4_5_cache
);
931 int arm926ejs_handle_md_phys_command(command_context_t
*cmd_ctx
, char *cmd
, char **args
, int argc
)
933 target_t
*target
= get_current_target(cmd_ctx
);
934 armv4_5_common_t
*armv4_5
;
935 arm7_9_common_t
*arm7_9
;
936 arm9tdmi_common_t
*arm9tdmi
;
937 arm926ejs_common_t
*arm926ejs
;
938 arm_jtag_t
*jtag_info
;
940 if (arm926ejs_get_arch_pointers(target
, &armv4_5
, &arm7_9
, &arm9tdmi
, &arm926ejs
) != ERROR_OK
)
942 command_print(cmd_ctx
, "current target isn't an ARM926EJ-S target");
946 jtag_info
= &arm7_9
->jtag_info
;
948 if (target
->state
!= TARGET_HALTED
)
950 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", cmd
);
954 return armv4_5_mmu_handle_md_phys_command(cmd_ctx
, cmd
, args
, argc
, target
, &arm926ejs
->armv4_5_mmu
);
957 int arm926ejs_handle_mw_phys_command(command_context_t
*cmd_ctx
, char *cmd
, char **args
, int argc
)
959 target_t
*target
= get_current_target(cmd_ctx
);
960 armv4_5_common_t
*armv4_5
;
961 arm7_9_common_t
*arm7_9
;
962 arm9tdmi_common_t
*arm9tdmi
;
963 arm926ejs_common_t
*arm926ejs
;
964 arm_jtag_t
*jtag_info
;
966 if (arm926ejs_get_arch_pointers(target
, &armv4_5
, &arm7_9
, &arm9tdmi
, &arm926ejs
) != ERROR_OK
)
968 command_print(cmd_ctx
, "current target isn't an ARM926EJ-S target");
972 jtag_info
= &arm7_9
->jtag_info
;
974 if (target
->state
!= TARGET_HALTED
)
976 command_print(cmd_ctx
, "target must be stopped for \"%s\" command", cmd
);
980 return armv4_5_mmu_handle_mw_phys_command(cmd_ctx
, cmd
, args
, argc
, target
, &arm926ejs
->armv4_5_mmu
);
983 static int arm926ejs_virt2phys(struct target_s
*target
, uint32_t virtual, uint32_t *physical
)
991 armv4_5_common_t
*armv4_5
;
992 arm7_9_common_t
*arm7_9
;
993 arm9tdmi_common_t
*arm9tdmi
;
994 arm926ejs_common_t
*arm926ejs
;
995 retval
= arm926ejs_get_arch_pointers(target
, &armv4_5
, &arm7_9
, &arm9tdmi
, &arm926ejs
);
996 if (retval
!= ERROR_OK
)
1000 uint32_t ret
= armv4_5_mmu_translate_va(target
, &arm926ejs
->armv4_5_mmu
, virtual, &type
, &cb
, &domain
, &ap
);
1009 static int arm926ejs_mmu(struct target_s
*target
, int *enabled
)
1011 armv4_5_common_t
*armv4_5
= target
->arch_info
;
1012 arm926ejs_common_t
*arm926ejs
= armv4_5
->arch_info
;
1014 if (target
->state
!= TARGET_HALTED
)
1016 LOG_ERROR("Target not halted");
1017 return ERROR_TARGET_INVALID
;
1019 *enabled
= arm926ejs
->armv4_5_mmu
.mmu_enabled
;
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)