Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Fix usage of timeval_ms()
[openocd.git] / src / target / arm920t.c
1
2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
18 ***************************************************************************/
19
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include <helper/time_support.h>
26 #include "target_type.h"
27 #include "register.h"
28 #include "arm_opcodes.h"
29
30 /*
31 * For information about the ARM920T, see ARM DDI 0151C especially
32 * Chapter 9 about debug support, which shows how to manipulate each
33 * of the different scan chains:
34 *
35 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
36 * 1 ... debugging; watchpoint and breakpoint status, etc; also
37 * MMU and cache access in conjunction with scan chain 15
38 * 2 ... EmbeddedICE
39 * 3 ... external boundary scan (SoC-specific, unused here)
40 * 4 ... access to cache tag RAM
41 * 6 ... ETM9
42 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
43 * "interpreted" works with a few actual MRC/MCR instructions
44 * "physical" provides register-like behaviors. Section 9.6.7
45 * covers these details.
46 *
47 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
48 */
49
50 #if 0
51 #define _DEBUG_INSTRUCTION_EXECUTION_
52 #endif
53
54 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
55 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
56 * JTAG scan, while reads use two.
57 *
58 * Table 9-9 lists the thirteen registers which support physical access.
59 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
60 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
61 *
62 * x == bit[38]
63 * y == bits[37:34]
64 * z == bit[33]
65 */
66 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
67
68 /* Registers supporting physical Read access (from table 9-9) */
69 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
70 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
71 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
72 /* NOTE: several more registers support only physical read access */
73
74 /* Registers supporting physical Read/Write access (from table 9-9) */
75 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
76 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
77 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
78 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
79 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
80
81 static int arm920t_read_cp15_physical(struct target *target,
82 int reg_addr, uint32_t *value)
83 {
84 struct arm920t_common *arm920t = target_to_arm920(target);
85 struct arm_jtag *jtag_info;
86 struct scan_field fields[4];
87 uint8_t access_type_buf = 1;
88 uint8_t reg_addr_buf = reg_addr & 0x3f;
89 uint8_t nr_w_buf = 0;
90 int retval;
91
92 jtag_info = &arm920t->arm7_9_common.jtag_info;
93
94 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
95 if (retval != ERROR_OK)
96 return retval;
97 retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
98 if (retval != ERROR_OK)
99 return retval;
100
101 fields[0].num_bits = 1;
102 fields[0].out_value = &access_type_buf;
103 fields[0].in_value = NULL;
104
105 fields[1].num_bits = 32;
106 fields[1].out_value = NULL;
107 fields[1].in_value = NULL;
108
109 fields[2].num_bits = 6;
110 fields[2].out_value = &reg_addr_buf;
111 fields[2].in_value = NULL;
112
113 fields[3].num_bits = 1;
114 fields[3].out_value = &nr_w_buf;
115 fields[3].in_value = NULL;
116
117 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
118
119 fields[1].in_value = (uint8_t *)value;
120
121 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
122
123 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
124
125 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
126 jtag_execute_queue();
127 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
128 #endif
129
130 return ERROR_OK;
131 }
132
133 static int arm920t_write_cp15_physical(struct target *target,
134 int reg_addr, uint32_t value)
135 {
136 struct arm920t_common *arm920t = target_to_arm920(target);
137 struct arm_jtag *jtag_info;
138 struct scan_field fields[4];
139 uint8_t access_type_buf = 1;
140 uint8_t reg_addr_buf = reg_addr & 0x3f;
141 uint8_t nr_w_buf = 1;
142 uint8_t value_buf[4];
143 int retval;
144
145 jtag_info = &arm920t->arm7_9_common.jtag_info;
146
147 buf_set_u32(value_buf, 0, 32, value);
148
149 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
150 if (retval != ERROR_OK)
151 return retval;
152 retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
153 if (retval != ERROR_OK)
154 return retval;
155
156 fields[0].num_bits = 1;
157 fields[0].out_value = &access_type_buf;
158 fields[0].in_value = NULL;
159
160 fields[1].num_bits = 32;
161 fields[1].out_value = value_buf;
162 fields[1].in_value = NULL;
163
164 fields[2].num_bits = 6;
165 fields[2].out_value = &reg_addr_buf;
166 fields[2].in_value = NULL;
167
168 fields[3].num_bits = 1;
169 fields[3].out_value = &nr_w_buf;
170 fields[3].in_value = NULL;
171
172 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
173
174 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
175 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
176 #endif
177
178 return ERROR_OK;
179 }
180
181 /* See table 9-10 for scan chain 15 format during interpreted access mode.
182 * If the TESTSTATE register is set for interpreted access, certain CP15
183 * MRC and MCR instructions may be executed through scan chain 15.
184 *
185 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
186 * executed using scan chain 15 interpreted mode.
187 */
188 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
189 uint32_t arm_opcode)
190 {
191 int retval;
192 struct arm920t_common *arm920t = target_to_arm920(target);
193 struct arm_jtag *jtag_info;
194 struct scan_field fields[4];
195 uint8_t access_type_buf = 0; /* interpreted access */
196 uint8_t reg_addr_buf = 0x0;
197 uint8_t nr_w_buf = 0;
198 uint8_t cp15_opcode_buf[4];
199
200 jtag_info = &arm920t->arm7_9_common.jtag_info;
201
202 retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
203 if (retval != ERROR_OK)
204 return retval;
205 retval = arm_jtag_set_instr(jtag_info->tap, jtag_info->intest_instr, NULL, TAP_IDLE);
206 if (retval != ERROR_OK)
207 return retval;
208
209 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
210
211 fields[0].num_bits = 1;
212 fields[0].out_value = &access_type_buf;
213 fields[0].in_value = NULL;
214
215 fields[1].num_bits = 32;
216 fields[1].out_value = cp15_opcode_buf;
217 fields[1].in_value = NULL;
218
219 fields[2].num_bits = 6;
220 fields[2].out_value = &reg_addr_buf;
221 fields[2].in_value = NULL;
222
223 fields[3].num_bits = 1;
224 fields[3].out_value = &nr_w_buf;
225 fields[3].in_value = NULL;
226
227 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
228
229 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
230 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
231 retval = arm7_9_execute_sys_speed(target);
232 if (retval != ERROR_OK)
233 return retval;
234
235 retval = jtag_execute_queue();
236 if (retval != ERROR_OK) {
237 LOG_ERROR("failed executing JTAG queue");
238 return retval;
239 }
240
241 return ERROR_OK;
242 }
243
244 static int arm920t_read_cp15_interpreted(struct target *target,
245 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
246 {
247 struct arm *arm = target_to_arm(target);
248 uint32_t *regs_p[1];
249 uint32_t regs[2];
250 uint32_t cp15c15 = 0x0;
251 struct reg *r = arm->core_cache->reg_list;
252
253 /* load address into R1 */
254 regs[1] = address;
255 arm9tdmi_write_core_regs(target, 0x2, regs);
256
257 /* read-modify-write CP15 test state register
258 * to enable interpreted access mode */
259 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
260 jtag_execute_queue();
261 cp15c15 |= 1; /* set interpret mode */
262 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
263
264 /* execute CP15 instruction and ARM load (reading from coprocessor) */
265 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
266
267 /* disable interpreted access mode */
268 cp15c15 &= ~1U; /* clear interpret mode */
269 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
270
271 /* retrieve value from R0 */
272 regs_p[0] = value;
273 arm9tdmi_read_core_regs(target, 0x1, regs_p);
274 jtag_execute_queue();
275
276 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
277 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
278 cp15_opcode, address, *value);
279 #endif
280
281 if (!is_arm_mode(arm->core_mode)) {
282 LOG_ERROR("not a valid arm core mode - communication failure?");
283 return ERROR_FAIL;
284 }
285
286 r[0].dirty = 1;
287 r[1].dirty = 1;
288
289 return ERROR_OK;
290 }
291
292 static
293 int arm920t_write_cp15_interpreted(struct target *target,
294 uint32_t cp15_opcode, uint32_t value, uint32_t address)
295 {
296 uint32_t cp15c15 = 0x0;
297 struct arm *arm = target_to_arm(target);
298 uint32_t regs[2];
299 struct reg *r = arm->core_cache->reg_list;
300
301 /* load value, address into R0, R1 */
302 regs[0] = value;
303 regs[1] = address;
304 arm9tdmi_write_core_regs(target, 0x3, regs);
305
306 /* read-modify-write CP15 test state register
307 * to enable interpreted access mode */
308 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
309 jtag_execute_queue();
310 cp15c15 |= 1; /* set interpret mode */
311 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
312
313 /* execute CP15 instruction and ARM store (writing to coprocessor) */
314 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
315
316 /* disable interpreted access mode */
317 cp15c15 &= ~1U; /* set interpret mode */
318 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
319
320 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
321 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
322 cp15_opcode, value, address);
323 #endif
324
325 if (!is_arm_mode(arm->core_mode)) {
326 LOG_ERROR("not a valid arm core mode - communication failure?");
327 return ERROR_FAIL;
328 }
329
330 r[0].dirty = 1;
331 r[1].dirty = 1;
332
333 return ERROR_OK;
334 }
335
336 /* EXPORTED to FA256 */
337 int arm920t_get_ttb(struct target *target, uint32_t *result)
338 {
339 int retval;
340 uint32_t ttb = 0x0;
341
342 retval = arm920t_read_cp15_interpreted(target,
343 /* FIXME use opcode macro */
344 0xeebf0f51, 0x0, &ttb);
345 if (retval != ERROR_OK)
346 return retval;
347
348 *result = ttb;
349 return ERROR_OK;
350 }
351
352 /* EXPORTED to FA256 */
353 int arm920t_disable_mmu_caches(struct target *target, int mmu,
354 int d_u_cache, int i_cache)
355 {
356 uint32_t cp15_control;
357 int retval;
358
359 /* read cp15 control register */
360 retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
361 if (retval != ERROR_OK)
362 return retval;
363 retval = jtag_execute_queue();
364 if (retval != ERROR_OK)
365 return retval;
366
367 if (mmu)
368 cp15_control &= ~0x1U;
369
370 if (d_u_cache)
371 cp15_control &= ~0x4U;
372
373 if (i_cache)
374 cp15_control &= ~0x1000U;
375
376 retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
377 return retval;
378 }
379
380 /* EXPORTED to FA256 */
381 int arm920t_enable_mmu_caches(struct target *target, int mmu,
382 int d_u_cache, int i_cache)
383 {
384 uint32_t cp15_control;
385 int retval;
386
387 /* read cp15 control register */
388 retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
389 if (retval != ERROR_OK)
390 return retval;
391 retval = jtag_execute_queue();
392 if (retval != ERROR_OK)
393 return retval;
394
395 if (mmu)
396 cp15_control |= 0x1U;
397
398 if (d_u_cache)
399 cp15_control |= 0x4U;
400
401 if (i_cache)
402 cp15_control |= 0x1000U;
403
404 retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
405 return retval;
406 }
407
408 /* EXPORTED to FA256 */
409 int arm920t_post_debug_entry(struct target *target)
410 {
411 uint32_t cp15c15;
412 struct arm920t_common *arm920t = target_to_arm920(target);
413 int retval;
414
415 /* examine cp15 control reg */
416 retval = arm920t_read_cp15_physical(target,
417 CP15PHYS_CTRL, &arm920t->cp15_control_reg);
418 if (retval != ERROR_OK)
419 return retval;
420 retval = jtag_execute_queue();
421 if (retval != ERROR_OK)
422 return retval;
423 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, arm920t->cp15_control_reg);
424
425 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1) {
426 uint32_t cache_type_reg;
427 /* identify caches */
428 retval = arm920t_read_cp15_physical(target,
429 CP15PHYS_CACHETYPE, &cache_type_reg);
430 if (retval != ERROR_OK)
431 return retval;
432 retval = jtag_execute_queue();
433 if (retval != ERROR_OK)
434 return retval;
435 armv4_5_identify_cache(cache_type_reg,
436 &arm920t->armv4_5_mmu.armv4_5_cache);
437 }
438
439 arm920t->armv4_5_mmu.mmu_enabled =
440 (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
441 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
442 (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
443 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
444 (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
445
446 /* save i/d fault status and address register
447 * FIXME use opcode macros */
448 retval = arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
449 if (retval != ERROR_OK)
450 return retval;
451 retval = arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
452 if (retval != ERROR_OK)
453 return retval;
454 retval = arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
455 if (retval != ERROR_OK)
456 return retval;
457 retval = arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
458 if (retval != ERROR_OK)
459 return retval;
460
461 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32
462 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32,
463 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
464
465 if (arm920t->preserve_cache) {
466 /* read-modify-write CP15 test state register
467 * to disable I/D-cache linefills */
468 retval = arm920t_read_cp15_physical(target,
469 CP15PHYS_TESTSTATE, &cp15c15);
470 if (retval != ERROR_OK)
471 return retval;
472 retval = jtag_execute_queue();
473 if (retval != ERROR_OK)
474 return retval;
475 cp15c15 |= 0x600;
476 retval = arm920t_write_cp15_physical(target,
477 CP15PHYS_TESTSTATE, cp15c15);
478 if (retval != ERROR_OK)
479 return retval;
480 }
481 return ERROR_OK;
482 }
483
484 /* EXPORTED to FA256 */
485 void arm920t_pre_restore_context(struct target *target)
486 {
487 uint32_t cp15c15;
488 struct arm920t_common *arm920t = target_to_arm920(target);
489
490 /* restore i/d fault status and address register */
491 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
492 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
493 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
494 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
495
496 /* read-modify-write CP15 test state register
497 * to reenable I/D-cache linefills */
498 if (arm920t->preserve_cache) {
499 arm920t_read_cp15_physical(target,
500 CP15PHYS_TESTSTATE, &cp15c15);
501 jtag_execute_queue();
502 cp15c15 &= ~0x600U;
503 arm920t_write_cp15_physical(target,
504 CP15PHYS_TESTSTATE, cp15c15);
505 }
506 }
507
508 static const char arm920_not[] = "target is not an ARM920";
509
510 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
511 struct arm920t_common *arm920t)
512 {
513 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
514 command_print(cmd_ctx, arm920_not);
515 return ERROR_TARGET_INVALID;
516 }
517
518 return ERROR_OK;
519 }
520
521 /** Logs summary of ARM920 state for a halted target. */
522 int arm920t_arch_state(struct target *target)
523 {
524 static const char *state[] = {
525 "disabled", "enabled"
526 };
527
528 struct arm920t_common *arm920t = target_to_arm920(target);
529
530 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
531 LOG_ERROR("BUG: %s", arm920_not);
532 return ERROR_TARGET_INVALID;
533 }
534
535 arm_arch_state(target);
536 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
537 state[arm920t->armv4_5_mmu.mmu_enabled],
538 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
539 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
540
541 return ERROR_OK;
542 }
543
544 static int arm920_mmu(struct target *target, int *enabled)
545 {
546 if (target->state != TARGET_HALTED) {
547 LOG_ERROR("%s: target not halted", __func__);
548 return ERROR_TARGET_INVALID;
549 }
550
551 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
552 return ERROR_OK;
553 }
554
555 static int arm920_virt2phys(struct target *target,
556 uint32_t virt, uint32_t *phys)
557 {
558 uint32_t cb;
559 struct arm920t_common *arm920t = target_to_arm920(target);
560
561 uint32_t ret;
562 int retval = armv4_5_mmu_translate_va(target,
563 &arm920t->armv4_5_mmu, virt, &cb, &ret);
564 if (retval != ERROR_OK)
565 return retval;
566 *phys = ret;
567 return ERROR_OK;
568 }
569
570 /** Reads a buffer, in the specified word size, with current MMU settings. */
571 int arm920t_read_memory(struct target *target, uint32_t address,
572 uint32_t size, uint32_t count, uint8_t *buffer)
573 {
574 int retval;
575
576 retval = arm7_9_read_memory(target, address, size, count, buffer);
577
578 return retval;
579 }
580
581
582 static int arm920t_read_phys_memory(struct target *target,
583 uint32_t address, uint32_t size,
584 uint32_t count, uint8_t *buffer)
585 {
586 struct arm920t_common *arm920t = target_to_arm920(target);
587
588 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
589 address, size, count, buffer);
590 }
591
592 static int arm920t_write_phys_memory(struct target *target,
593 uint32_t address, uint32_t size,
594 uint32_t count, const uint8_t *buffer)
595 {
596 struct arm920t_common *arm920t = target_to_arm920(target);
597
598 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
599 address, size, count, buffer);
600 }
601
602 /** Writes a buffer, in the specified word size, with current MMU settings. */
603 int arm920t_write_memory(struct target *target, uint32_t address,
604 uint32_t size, uint32_t count, const uint8_t *buffer)
605 {
606 int retval;
607 const uint32_t cache_mask = ~0x1f; /* cache line size : 32 byte */
608 struct arm920t_common *arm920t = target_to_arm920(target);
609
610 /* FIX!!!! this should be cleaned up and made much more general. The
611 * plan is to write up and test on arm920t specifically and
612 * then generalize and clean up afterwards.
613 *
614 * Also it should be moved to the callbacks that handle breakpoints
615 * specifically and not the generic memory write fn's. See XScale code.
616 */
617 if (arm920t->armv4_5_mmu.mmu_enabled && (count == 1) &&
618 ((size == 2) || (size == 4))) {
619 /* special case the handling of single word writes to
620 * bypass MMU, to allow implementation of breakpoints
621 * in memory marked read only
622 * by MMU
623 */
624 uint32_t cb;
625 uint32_t pa;
626
627 /*
628 * We need physical address and cb
629 */
630 retval = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu,
631 address, &cb, &pa);
632 if (retval != ERROR_OK)
633 return retval;
634
635 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) {
636 if (cb & 0x1) {
637 LOG_DEBUG("D-Cache buffered, "
638 "drain write buffer");
639 /*
640 * Buffered ?
641 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
642 */
643
644 retval = arm920t_write_cp15_interpreted(target,
645 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
646 0x0, 0);
647 if (retval != ERROR_OK)
648 return retval;
649 }
650
651 if (cb == 0x3) {
652 /*
653 * Write back memory ? -> clean cache
654 *
655 * There is no way to clean cache lines using
656 * cp15 scan chain, so copy the full cache
657 * line from cache to physical memory.
658 */
659 uint8_t data[32];
660
661 LOG_DEBUG("D-Cache in 'write back' mode, "
662 "flush cache line");
663
664 retval = target_read_memory(target,
665 address & cache_mask, 1,
666 sizeof(data), &data[0]);
667 if (retval != ERROR_OK)
668 return retval;
669
670 retval = armv4_5_mmu_write_physical(target,
671 &arm920t->armv4_5_mmu,
672 pa & cache_mask, 1,
673 sizeof(data), &data[0]);
674 if (retval != ERROR_OK)
675 return retval;
676 }
677
678 /* Cached ? */
679 if (cb & 0x2) {
680 /*
681 * Cached ? -> Invalidate data cache using MVA
682 *
683 * MCR p15,0,Rd,c7,c6,1
684 */
685 LOG_DEBUG("D-Cache enabled, "
686 "invalidate cache line");
687
688 retval = arm920t_write_cp15_interpreted(target,
689 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
690 address & cache_mask);
691 if (retval != ERROR_OK)
692 return retval;
693 }
694 }
695
696 /* write directly to physical memory,
697 * bypassing any read only MMU bits, etc.
698 */
699 retval = armv4_5_mmu_write_physical(target,
700 &arm920t->armv4_5_mmu, pa, size,
701 count, buffer);
702 if (retval != ERROR_OK)
703 return retval;
704 } else {
705 retval = arm7_9_write_memory(target, address, size, count, buffer);
706 if (retval != ERROR_OK)
707 return retval;
708 }
709
710 /* If ICache is enabled, we have to invalidate affected ICache lines
711 * the DCache is forced to write-through,
712 * so we don't have to clean it here
713 */
714 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled) {
715 if (count <= 1) {
716 /* invalidate ICache single entry with MVA
717 * mcr 15, 0, r0, cr7, cr5, {1}
718 */
719 LOG_DEBUG("I-Cache enabled, "
720 "invalidating affected I-Cache line");
721 retval = arm920t_write_cp15_interpreted(target,
722 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
723 0x0, address & cache_mask);
724 if (retval != ERROR_OK)
725 return retval;
726 } else {
727 /* invalidate ICache
728 * mcr 15, 0, r0, cr7, cr5, {0}
729 */
730 retval = arm920t_write_cp15_interpreted(target,
731 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
732 0x0, 0x0);
733 if (retval != ERROR_OK)
734 return retval;
735 }
736 }
737
738 return ERROR_OK;
739 }
740
741 /* EXPORTED to FA256 */
742 int arm920t_soft_reset_halt(struct target *target)
743 {
744 int retval = ERROR_OK;
745 struct arm920t_common *arm920t = target_to_arm920(target);
746 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
747 struct arm *arm = &arm7_9->arm;
748 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
749
750 retval = target_halt(target);
751 if (retval != ERROR_OK)
752 return retval;
753
754 int64_t then = timeval_ms();
755 bool timeout;
756 while (!(timeout = ((timeval_ms()-then) > 1000))) {
757 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0) {
758 embeddedice_read_reg(dbg_stat);
759 retval = jtag_execute_queue();
760 if (retval != ERROR_OK)
761 return retval;
762 } else
763 break;
764 if (debug_level >= 3) {
765 /* do not eat all CPU, time out after 1 se*/
766 alive_sleep(100);
767 } else
768 keep_alive();
769 }
770 if (timeout) {
771 LOG_ERROR("Failed to halt CPU after 1 sec");
772 return ERROR_TARGET_TIMEOUT;
773 }
774
775 target->state = TARGET_HALTED;
776
777 /* SVC, ARM state, IRQ and FIQ disabled */
778 uint32_t cpsr;
779
780 cpsr = buf_get_u32(arm->cpsr->value, 0, 32);
781 cpsr &= ~0xff;
782 cpsr |= 0xd3;
783 arm_set_cpsr(arm, cpsr);
784 arm->cpsr->dirty = 1;
785
786 /* start fetching from 0x0 */
787 buf_set_u32(arm->pc->value, 0, 32, 0x0);
788 arm->pc->dirty = 1;
789 arm->pc->valid = 1;
790
791 arm920t_disable_mmu_caches(target, 1, 1, 1);
792 arm920t->armv4_5_mmu.mmu_enabled = 0;
793 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
794 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
795
796 return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
797 }
798
799 /* FIXME remove forward decls */
800 static int arm920t_mrc(struct target *target, int cpnum,
801 uint32_t op1, uint32_t op2,
802 uint32_t CRn, uint32_t CRm,
803 uint32_t *value);
804 static int arm920t_mcr(struct target *target, int cpnum,
805 uint32_t op1, uint32_t op2,
806 uint32_t CRn, uint32_t CRm,
807 uint32_t value);
808
809 static int arm920t_init_arch_info(struct target *target,
810 struct arm920t_common *arm920t, struct jtag_tap *tap)
811 {
812 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
813
814 arm7_9->arm.mrc = arm920t_mrc;
815 arm7_9->arm.mcr = arm920t_mcr;
816
817 /* initialize arm7/arm9 specific info (including armv4_5) */
818 arm9tdmi_init_arch_info(target, arm7_9, tap);
819
820 arm920t->common_magic = ARM920T_COMMON_MAGIC;
821
822 arm7_9->post_debug_entry = arm920t_post_debug_entry;
823 arm7_9->pre_restore_context = arm920t_pre_restore_context;
824 arm7_9->write_memory = arm920t_write_memory;
825
826 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
827 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
828 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
829 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
830 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
831 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
832 arm920t->armv4_5_mmu.has_tiny_pages = 1;
833 arm920t->armv4_5_mmu.mmu_enabled = 0;
834
835 /* disabling linefills leads to lockups, so keep them enabled for now
836 * this doesn't affect correctness, but might affect timing issues, if
837 * important data is evicted from the cache during the debug session
838 * */
839 arm920t->preserve_cache = 0;
840
841 /* override hw single-step capability from ARM9TDMI */
842 arm7_9->has_single_step = 1;
843
844 return ERROR_OK;
845 }
846
847 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
848 {
849 struct arm920t_common *arm920t;
850
851 arm920t = calloc(1, sizeof(struct arm920t_common));
852 return arm920t_init_arch_info(target, arm920t, target->tap);
853 }
854
855 COMMAND_HANDLER(arm920t_handle_read_cache_command)
856 {
857 int retval = ERROR_OK;
858 struct target *target = get_current_target(CMD_CTX);
859 struct arm920t_common *arm920t = target_to_arm920(target);
860 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
861 struct arm *arm = &arm7_9->arm;
862 uint32_t cp15c15;
863 uint32_t cp15_ctrl, cp15_ctrl_saved;
864 uint32_t regs[16];
865 uint32_t *regs_p[16];
866 uint32_t C15_C_D_Ind, C15_C_I_Ind;
867 int i;
868 FILE *output;
869 int segment, index_t;
870 struct reg *r;
871
872 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
873 if (retval != ERROR_OK)
874 return retval;
875
876 if (CMD_ARGC != 1)
877 return ERROR_COMMAND_SYNTAX_ERROR;
878
879 output = fopen(CMD_ARGV[0], "w");
880 if (output == NULL) {
881 LOG_DEBUG("error opening cache content file");
882 return ERROR_OK;
883 }
884
885 for (i = 0; i < 16; i++)
886 regs_p[i] = &regs[i];
887
888 /* disable MMU and Caches */
889 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
890 retval = jtag_execute_queue();
891 if (retval != ERROR_OK)
892 return retval;
893 cp15_ctrl_saved = cp15_ctrl;
894 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
895 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
896 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
897
898 /* read CP15 test state register */
899 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
900 jtag_execute_queue();
901
902 /* read DCache content */
903 fprintf(output, "DCache:\n");
904
905 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
906 for (segment = 0;
907 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
908 segment++) {
909 fprintf(output, "\nsegment: %i\n----------", segment);
910
911 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
912 regs[0] = 0x0 | (segment << 5);
913 arm9tdmi_write_core_regs(target, 0x1, regs);
914
915 /* set interpret mode */
916 cp15c15 |= 0x1;
917 arm920t_write_cp15_physical(target,
918 CP15PHYS_TESTSTATE, cp15c15);
919
920 /* D CAM Read, loads current victim into C15.C.D.Ind */
921 arm920t_execute_cp15(target,
922 ARMV4_5_MCR(15, 2, 0, 15, 6, 2), ARMV4_5_LDR(1, 0));
923
924 /* read current victim */
925 arm920t_read_cp15_physical(target,
926 CP15PHYS_DCACHE_IDX, &C15_C_D_Ind);
927
928 /* clear interpret mode */
929 cp15c15 &= ~0x1;
930 arm920t_write_cp15_physical(target,
931 CP15PHYS_TESTSTATE, cp15c15);
932
933 for (index_t = 0; index_t < 64; index_t++) {
934 /* Ra:
935 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
936 */
937 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
938 arm9tdmi_write_core_regs(target, 0x1, regs);
939
940 /* set interpret mode */
941 cp15c15 |= 0x1;
942 arm920t_write_cp15_physical(target,
943 CP15PHYS_TESTSTATE, cp15c15);
944
945 /* Write DCache victim */
946 arm920t_execute_cp15(target,
947 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
948
949 /* Read D RAM */
950 arm920t_execute_cp15(target,
951 ARMV4_5_MCR(15, 2, 0, 15, 10, 2),
952 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
953
954 /* Read D CAM */
955 arm920t_execute_cp15(target,
956 ARMV4_5_MCR(15, 2, 0, 15, 6, 2),
957 ARMV4_5_LDR(9, 0));
958
959 /* clear interpret mode */
960 cp15c15 &= ~0x1;
961 arm920t_write_cp15_physical(target,
962 CP15PHYS_TESTSTATE, cp15c15);
963
964 /* read D RAM and CAM content */
965 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
966 retval = jtag_execute_queue();
967 if (retval != ERROR_OK)
968 return retval;
969
970 /* mask LFSR[6] */
971 regs[9] &= 0xfffffffe;
972 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8"
973 PRIx32 ", content (%s):\n",
974 segment, index_t, regs[9],
975 (regs[9] & 0x10) ? "valid" : "invalid");
976
977 for (i = 1; i < 9; i++) {
978 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
979 i-1, regs[i]);
980 }
981
982 }
983
984 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
985 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
986 arm9tdmi_write_core_regs(target, 0x1, regs);
987
988 /* set interpret mode */
989 cp15c15 |= 0x1;
990 arm920t_write_cp15_physical(target,
991 CP15PHYS_TESTSTATE, cp15c15);
992
993 /* Write DCache victim */
994 arm920t_execute_cp15(target,
995 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
996
997 /* clear interpret mode */
998 cp15c15 &= ~0x1;
999 arm920t_write_cp15_physical(target,
1000 CP15PHYS_TESTSTATE, cp15c15);
1001 }
1002
1003 /* read ICache content */
1004 fprintf(output, "ICache:\n");
1005
1006 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1007 for (segment = 0;
1008 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
1009 segment++) {
1010 fprintf(output, "segment: %i\n----------", segment);
1011
1012 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1013 regs[0] = 0x0 | (segment << 5);
1014 arm9tdmi_write_core_regs(target, 0x1, regs);
1015
1016 /* set interpret mode */
1017 cp15c15 |= 0x1;
1018 arm920t_write_cp15_physical(target,
1019 CP15PHYS_TESTSTATE, cp15c15);
1020
1021 /* I CAM Read, loads current victim into C15.C.I.Ind */
1022 arm920t_execute_cp15(target,
1023 ARMV4_5_MCR(15, 2, 0, 15, 5, 2), ARMV4_5_LDR(1, 0));
1024
1025 /* read current victim */
1026 arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,
1027 &C15_C_I_Ind);
1028
1029 /* clear interpret mode */
1030 cp15c15 &= ~0x1;
1031 arm920t_write_cp15_physical(target,
1032 CP15PHYS_TESTSTATE, cp15c15);
1033
1034 for (index_t = 0; index_t < 64; index_t++) {
1035 /* Ra:
1036 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1037 */
1038 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
1039 arm9tdmi_write_core_regs(target, 0x1, regs);
1040
1041 /* set interpret mode */
1042 cp15c15 |= 0x1;
1043 arm920t_write_cp15_physical(target,
1044 CP15PHYS_TESTSTATE, cp15c15);
1045
1046 /* Write ICache victim */
1047 arm920t_execute_cp15(target,
1048 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1049
1050 /* Read I RAM */
1051 arm920t_execute_cp15(target,
1052 ARMV4_5_MCR(15, 2, 0, 15, 9, 2),
1053 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1054
1055 /* Read I CAM */
1056 arm920t_execute_cp15(target,
1057 ARMV4_5_MCR(15, 2, 0, 15, 5, 2),
1058 ARMV4_5_LDR(9, 0));
1059
1060 /* clear interpret mode */
1061 cp15c15 &= ~0x1;
1062 arm920t_write_cp15_physical(target,
1063 CP15PHYS_TESTSTATE, cp15c15);
1064
1065 /* read I RAM and CAM content */
1066 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
1067 retval = jtag_execute_queue();
1068 if (retval != ERROR_OK)
1069 return retval;
1070
1071 /* mask LFSR[6] */
1072 regs[9] &= 0xfffffffe;
1073 fprintf(output, "\nsegment: %i, index: %i, "
1074 "CAM: 0x%8.8" PRIx32 ", content (%s):\n",
1075 segment, index_t, regs[9],
1076 (regs[9] & 0x10) ? "valid" : "invalid");
1077
1078 for (i = 1; i < 9; i++) {
1079 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
1080 i-1, regs[i]);
1081 }
1082 }
1083
1084 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1085 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
1086 arm9tdmi_write_core_regs(target, 0x1, regs);
1087
1088 /* set interpret mode */
1089 cp15c15 |= 0x1;
1090 arm920t_write_cp15_physical(target,
1091 CP15PHYS_TESTSTATE, cp15c15);
1092
1093 /* Write ICache victim */
1094 arm920t_execute_cp15(target,
1095 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1096
1097 /* clear interpret mode */
1098 cp15c15 &= ~0x1;
1099 arm920t_write_cp15_physical(target,
1100 CP15PHYS_TESTSTATE, cp15c15);
1101 }
1102
1103 /* restore CP15 MMU and Cache settings */
1104 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1105
1106 command_print(CMD_CTX, "cache content successfully output to %s",
1107 CMD_ARGV[0]);
1108
1109 fclose(output);
1110
1111 if (!is_arm_mode(arm->core_mode)) {
1112 LOG_ERROR("not a valid arm core mode - communication failure?");
1113 return ERROR_FAIL;
1114 }
1115
1116 /* force writeback of the valid data */
1117 r = arm->core_cache->reg_list;
1118 r[0].dirty = r[0].valid;
1119 r[1].dirty = r[1].valid;
1120 r[2].dirty = r[2].valid;
1121 r[3].dirty = r[3].valid;
1122 r[4].dirty = r[4].valid;
1123 r[5].dirty = r[5].valid;
1124 r[6].dirty = r[6].valid;
1125 r[7].dirty = r[7].valid;
1126
1127 r = arm_reg_current(arm, 8);
1128 r->dirty = r->valid;
1129
1130 r = arm_reg_current(arm, 9);
1131 r->dirty = r->valid;
1132
1133 return ERROR_OK;
1134 }
1135
1136 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
1137 {
1138 int retval = ERROR_OK;
1139 struct target *target = get_current_target(CMD_CTX);
1140 struct arm920t_common *arm920t = target_to_arm920(target);
1141 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1142 struct arm *arm = &arm7_9->arm;
1143 uint32_t cp15c15;
1144 uint32_t cp15_ctrl, cp15_ctrl_saved;
1145 uint32_t regs[16];
1146 uint32_t *regs_p[16];
1147 int i;
1148 FILE *output;
1149 uint32_t Dlockdown, Ilockdown;
1150 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
1151 int victim;
1152 struct reg *r;
1153
1154 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1155 if (retval != ERROR_OK)
1156 return retval;
1157
1158 if (CMD_ARGC != 1)
1159 return ERROR_COMMAND_SYNTAX_ERROR;
1160
1161 output = fopen(CMD_ARGV[0], "w");
1162 if (output == NULL) {
1163 LOG_DEBUG("error opening mmu content file");
1164 return ERROR_OK;
1165 }
1166
1167 for (i = 0; i < 16; i++)
1168 regs_p[i] = &regs[i];
1169
1170 /* disable MMU and Caches */
1171 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
1172 retval = jtag_execute_queue();
1173 if (retval != ERROR_OK)
1174 return retval;
1175 cp15_ctrl_saved = cp15_ctrl;
1176 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
1177 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1178 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
1179
1180 /* read CP15 test state register */
1181 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
1182 retval = jtag_execute_queue();
1183 if (retval != ERROR_OK)
1184 return retval;
1185
1186 /* prepare reading D TLB content
1187 * */
1188
1189 /* set interpret mode */
1190 cp15c15 |= 0x1;
1191 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1192
1193 /* Read D TLB lockdown */
1194 arm920t_execute_cp15(target,
1195 ARMV4_5_MRC(15, 0, 0, 10, 0, 0), ARMV4_5_LDR(1, 0));
1196
1197 /* clear interpret mode */
1198 cp15c15 &= ~0x1;
1199 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1200
1201 /* read D TLB lockdown stored to r1 */
1202 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1203 retval = jtag_execute_queue();
1204 if (retval != ERROR_OK)
1205 return retval;
1206 Dlockdown = regs[1];
1207
1208 for (victim = 0; victim < 64; victim += 8) {
1209 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1210 * base remains unchanged, victim goes through entries 0 to 63
1211 */
1212 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1213 arm9tdmi_write_core_regs(target, 0x2, regs);
1214
1215 /* set interpret mode */
1216 cp15c15 |= 0x1;
1217 arm920t_write_cp15_physical(target,
1218 CP15PHYS_TESTSTATE, cp15c15);
1219
1220 /* Write D TLB lockdown */
1221 arm920t_execute_cp15(target,
1222 ARMV4_5_MCR(15, 0, 0, 10, 0, 0),
1223 ARMV4_5_STR(1, 0));
1224
1225 /* Read D TLB CAM */
1226 arm920t_execute_cp15(target,
1227 ARMV4_5_MCR(15, 4, 0, 15, 6, 4),
1228 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1229
1230 /* clear interpret mode */
1231 cp15c15 &= ~0x1;
1232 arm920t_write_cp15_physical(target,
1233 CP15PHYS_TESTSTATE, cp15c15);
1234
1235 /* read D TLB CAM content stored to r2-r9 */
1236 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1237 retval = jtag_execute_queue();
1238 if (retval != ERROR_OK)
1239 return retval;
1240
1241 for (i = 0; i < 8; i++)
1242 d_tlb[victim + i].cam = regs[i + 2];
1243 }
1244
1245 for (victim = 0; victim < 64; victim++) {
1246 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1247 * base remains unchanged, victim goes through entries 0 to 63
1248 */
1249 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1250 arm9tdmi_write_core_regs(target, 0x2, regs);
1251
1252 /* set interpret mode */
1253 cp15c15 |= 0x1;
1254 arm920t_write_cp15_physical(target,
1255 CP15PHYS_TESTSTATE, cp15c15);
1256
1257 /* Write D TLB lockdown */
1258 arm920t_execute_cp15(target,
1259 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1260
1261 /* Read D TLB RAM1 */
1262 arm920t_execute_cp15(target,
1263 ARMV4_5_MCR(15, 4, 0, 15, 10, 4), ARMV4_5_LDR(2, 0));
1264
1265 /* Read D TLB RAM2 */
1266 arm920t_execute_cp15(target,
1267 ARMV4_5_MCR(15, 4, 0, 15, 2, 5), ARMV4_5_LDR(3, 0));
1268
1269 /* clear interpret mode */
1270 cp15c15 &= ~0x1;
1271 arm920t_write_cp15_physical(target,
1272 CP15PHYS_TESTSTATE, cp15c15);
1273
1274 /* read D TLB RAM content stored to r2 and r3 */
1275 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1276 retval = jtag_execute_queue();
1277 if (retval != ERROR_OK)
1278 return retval;
1279
1280 d_tlb[victim].ram1 = regs[2];
1281 d_tlb[victim].ram2 = regs[3];
1282 }
1283
1284 /* restore D TLB lockdown */
1285 regs[1] = Dlockdown;
1286 arm9tdmi_write_core_regs(target, 0x2, regs);
1287
1288 /* Write D TLB lockdown */
1289 arm920t_execute_cp15(target,
1290 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1291
1292 /* prepare reading I TLB content
1293 * */
1294
1295 /* set interpret mode */
1296 cp15c15 |= 0x1;
1297 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1298
1299 /* Read I TLB lockdown */
1300 arm920t_execute_cp15(target,
1301 ARMV4_5_MRC(15, 0, 0, 10, 0, 1), ARMV4_5_LDR(1, 0));
1302
1303 /* clear interpret mode */
1304 cp15c15 &= ~0x1;
1305 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1306
1307 /* read I TLB lockdown stored to r1 */
1308 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1309 retval = jtag_execute_queue();
1310 if (retval != ERROR_OK)
1311 return retval;
1312 Ilockdown = regs[1];
1313
1314 for (victim = 0; victim < 64; victim += 8) {
1315 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1316 * base remains unchanged, victim goes through entries 0 to 63
1317 */
1318 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1319 arm9tdmi_write_core_regs(target, 0x2, regs);
1320
1321 /* set interpret mode */
1322 cp15c15 |= 0x1;
1323 arm920t_write_cp15_physical(target,
1324 CP15PHYS_TESTSTATE, cp15c15);
1325
1326 /* Write I TLB lockdown */
1327 arm920t_execute_cp15(target,
1328 ARMV4_5_MCR(15, 0, 0, 10, 0, 1),
1329 ARMV4_5_STR(1, 0));
1330
1331 /* Read I TLB CAM */
1332 arm920t_execute_cp15(target,
1333 ARMV4_5_MCR(15, 4, 0, 15, 5, 4),
1334 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1335
1336 /* clear interpret mode */
1337 cp15c15 &= ~0x1;
1338 arm920t_write_cp15_physical(target,
1339 CP15PHYS_TESTSTATE, cp15c15);
1340
1341 /* read I TLB CAM content stored to r2-r9 */
1342 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1343 retval = jtag_execute_queue();
1344 if (retval != ERROR_OK)
1345 return retval;
1346
1347 for (i = 0; i < 8; i++)
1348 i_tlb[i + victim].cam = regs[i + 2];
1349 }
1350
1351 for (victim = 0; victim < 64; victim++) {
1352 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1353 * base remains unchanged, victim goes through entries 0 to 63
1354 */
1355 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1356 arm9tdmi_write_core_regs(target, 0x2, regs);
1357
1358 /* set interpret mode */
1359 cp15c15 |= 0x1;
1360 arm920t_write_cp15_physical(target,
1361 CP15PHYS_TESTSTATE, cp15c15);
1362
1363 /* Write I TLB lockdown */
1364 arm920t_execute_cp15(target,
1365 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1366
1367 /* Read I TLB RAM1 */
1368 arm920t_execute_cp15(target,
1369 ARMV4_5_MCR(15, 4, 0, 15, 9, 4), ARMV4_5_LDR(2, 0));
1370
1371 /* Read I TLB RAM2 */
1372 arm920t_execute_cp15(target,
1373 ARMV4_5_MCR(15, 4, 0, 15, 1, 5), ARMV4_5_LDR(3, 0));
1374
1375 /* clear interpret mode */
1376 cp15c15 &= ~0x1;
1377 arm920t_write_cp15_physical(target,
1378 CP15PHYS_TESTSTATE, cp15c15);
1379
1380 /* read I TLB RAM content stored to r2 and r3 */
1381 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1382 retval = jtag_execute_queue();
1383 if (retval != ERROR_OK)
1384 return retval;
1385
1386 i_tlb[victim].ram1 = regs[2];
1387 i_tlb[victim].ram2 = regs[3];
1388 }
1389
1390 /* restore I TLB lockdown */
1391 regs[1] = Ilockdown;
1392 arm9tdmi_write_core_regs(target, 0x2, regs);
1393
1394 /* Write I TLB lockdown */
1395 arm920t_execute_cp15(target,
1396 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1397
1398 /* restore CP15 MMU and Cache settings */
1399 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1400
1401 /* output data to file */
1402 fprintf(output, "D TLB content:\n");
1403 for (i = 0; i < 64; i++) {
1404 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1405 " 0x%8.8" PRIx32 " %s\n",
1406 i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2,
1407 (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1408 }
1409
1410 fprintf(output, "\n\nI TLB content:\n");
1411 for (i = 0; i < 64; i++) {
1412 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1413 " 0x%8.8" PRIx32 " %s\n",
1414 i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2,
1415 (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1416 }
1417
1418 command_print(CMD_CTX, "mmu content successfully output to %s",
1419 CMD_ARGV[0]);
1420
1421 fclose(output);
1422
1423 if (!is_arm_mode(arm->core_mode)) {
1424 LOG_ERROR("not a valid arm core mode - communication failure?");
1425 return ERROR_FAIL;
1426 }
1427
1428 /* force writeback of the valid data */
1429 r = arm->core_cache->reg_list;
1430 r[0].dirty = r[0].valid;
1431 r[1].dirty = r[1].valid;
1432 r[2].dirty = r[2].valid;
1433 r[3].dirty = r[3].valid;
1434 r[4].dirty = r[4].valid;
1435 r[5].dirty = r[5].valid;
1436 r[6].dirty = r[6].valid;
1437 r[7].dirty = r[7].valid;
1438
1439 r = arm_reg_current(arm, 8);
1440 r->dirty = r->valid;
1441
1442 r = arm_reg_current(arm, 9);
1443 r->dirty = r->valid;
1444
1445 return ERROR_OK;
1446 }
1447
1448 COMMAND_HANDLER(arm920t_handle_cp15_command)
1449 {
1450 int retval;
1451 struct target *target = get_current_target(CMD_CTX);
1452 struct arm920t_common *arm920t = target_to_arm920(target);
1453
1454 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1455 if (retval != ERROR_OK)
1456 return retval;
1457
1458 if (target->state != TARGET_HALTED) {
1459 command_print(CMD_CTX, "target must be stopped for "
1460 "\"%s\" command", CMD_NAME);
1461 return ERROR_OK;
1462 }
1463
1464 /* one argument, read a register.
1465 * two arguments, write it.
1466 */
1467 if (CMD_ARGC >= 1) {
1468 int address;
1469 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1470
1471 if (CMD_ARGC == 1) {
1472 uint32_t value;
1473 retval = arm920t_read_cp15_physical(target, address, &value);
1474 if (retval != ERROR_OK) {
1475 command_print(CMD_CTX,
1476 "couldn't access reg %i", address);
1477 return ERROR_OK;
1478 }
1479 retval = jtag_execute_queue();
1480 if (retval != ERROR_OK)
1481 return retval;
1482
1483 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1484 address, value);
1485 } else if (CMD_ARGC == 2) {
1486 uint32_t value;
1487 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1488 retval = arm920t_write_cp15_physical(target,
1489 address, value);
1490 if (retval != ERROR_OK) {
1491 command_print(CMD_CTX,
1492 "couldn't access reg %i", address);
1493 /* REVISIT why lie? "return retval"? */
1494 return ERROR_OK;
1495 }
1496 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1497 address, value);
1498 }
1499 }
1500
1501 return ERROR_OK;
1502 }
1503
1504 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1505 {
1506 int retval;
1507 struct target *target = get_current_target(CMD_CTX);
1508 struct arm920t_common *arm920t = target_to_arm920(target);
1509
1510 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1511 if (retval != ERROR_OK)
1512 return retval;
1513
1514
1515 if (target->state != TARGET_HALTED) {
1516 command_print(CMD_CTX, "target must be stopped for "
1517 "\"%s\" command", CMD_NAME);
1518 return ERROR_OK;
1519 }
1520
1521 /* one argument, read a register.
1522 * two arguments, write it.
1523 */
1524 if (CMD_ARGC >= 1) {
1525 uint32_t opcode;
1526 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1527
1528 if (CMD_ARGC == 1) {
1529 uint32_t value;
1530 retval = arm920t_read_cp15_interpreted(target,
1531 opcode, 0x0, &value);
1532 if (retval != ERROR_OK) {
1533 command_print(CMD_CTX,
1534 "couldn't execute %8.8" PRIx32,
1535 opcode);
1536 /* REVISIT why lie? "return retval"? */
1537 return ERROR_OK;
1538 }
1539
1540 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1541 opcode, value);
1542 } else if (CMD_ARGC == 2) {
1543 uint32_t value;
1544 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1545 retval = arm920t_write_cp15_interpreted(target,
1546 opcode, value, 0);
1547 if (retval != ERROR_OK) {
1548 command_print(CMD_CTX,
1549 "couldn't execute %8.8" PRIx32,
1550 opcode);
1551 /* REVISIT why lie? "return retval"? */
1552 return ERROR_OK;
1553 }
1554 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1555 opcode, value);
1556 } else if (CMD_ARGC == 3) {
1557 uint32_t value;
1558 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1559 uint32_t address;
1560 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1561 retval = arm920t_write_cp15_interpreted(target,
1562 opcode, value, address);
1563 if (retval != ERROR_OK) {
1564 command_print(CMD_CTX,
1565 "couldn't execute %8.8" PRIx32, opcode);
1566 /* REVISIT why lie? "return retval"? */
1567 return ERROR_OK;
1568 }
1569 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32
1570 " %8.8" PRIx32, opcode, value, address);
1571 }
1572 } else
1573 return ERROR_COMMAND_SYNTAX_ERROR;
1574
1575 return ERROR_OK;
1576 }
1577
1578 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1579 {
1580 int retval;
1581 struct target *target = get_current_target(CMD_CTX);
1582 struct arm920t_common *arm920t = target_to_arm920(target);
1583
1584 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1585 if (retval != ERROR_OK)
1586 return retval;
1587
1588 return armv4_5_handle_cache_info_command(CMD_CTX,
1589 &arm920t->armv4_5_mmu.armv4_5_cache);
1590 }
1591
1592
1593 static int arm920t_mrc(struct target *target, int cpnum,
1594 uint32_t op1, uint32_t op2,
1595 uint32_t CRn, uint32_t CRm,
1596 uint32_t *value)
1597 {
1598 if (cpnum != 15) {
1599 LOG_ERROR("Only cp15 is supported");
1600 return ERROR_FAIL;
1601 }
1602
1603 /* read "to" r0 */
1604 return arm920t_read_cp15_interpreted(target,
1605 ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),
1606 0, value);
1607 }
1608
1609 static int arm920t_mcr(struct target *target, int cpnum,
1610 uint32_t op1, uint32_t op2,
1611 uint32_t CRn, uint32_t CRm,
1612 uint32_t value)
1613 {
1614 if (cpnum != 15) {
1615 LOG_ERROR("Only cp15 is supported");
1616 return ERROR_FAIL;
1617 }
1618
1619 /* write "from" r0 */
1620 return arm920t_write_cp15_interpreted(target,
1621 ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),
1622 0, value);
1623 }
1624
1625 static const struct command_registration arm920t_exec_command_handlers[] = {
1626 {
1627 .name = "cp15",
1628 .handler = arm920t_handle_cp15_command,
1629 .mode = COMMAND_EXEC,
1630 .help = "display/modify cp15 register",
1631 .usage = "regnum [value]",
1632 },
1633 {
1634 .name = "cp15i",
1635 .handler = arm920t_handle_cp15i_command,
1636 .mode = COMMAND_EXEC,
1637 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1638 .help = "display/modify cp15 register using ARM opcode"
1639 " (DEPRECATED)",
1640 .usage = "instruction [value [address]]",
1641 },
1642 {
1643 .name = "cache_info",
1644 .handler = arm920t_handle_cache_info_command,
1645 .mode = COMMAND_EXEC,
1646 .usage = "",
1647 .help = "display information about target caches",
1648 },
1649 {
1650 .name = "read_cache",
1651 .handler = arm920t_handle_read_cache_command,
1652 .mode = COMMAND_EXEC,
1653 .help = "dump I/D cache content to file",
1654 .usage = "filename",
1655 },
1656 {
1657 .name = "read_mmu",
1658 .handler = arm920t_handle_read_mmu_command,
1659 .mode = COMMAND_EXEC,
1660 .help = "dump I/D mmu content to file",
1661 .usage = "filename",
1662 },
1663 COMMAND_REGISTRATION_DONE
1664 };
1665 const struct command_registration arm920t_command_handlers[] = {
1666 {
1667 .chain = arm9tdmi_command_handlers,
1668 },
1669 {
1670 .name = "arm920t",
1671 .mode = COMMAND_ANY,
1672 .help = "arm920t command group",
1673 .usage = "",
1674 .chain = arm920t_exec_command_handlers,
1675 },
1676 COMMAND_REGISTRATION_DONE
1677 };
1678
1679 /** Holds methods for ARM920 targets. */
1680 struct target_type arm920t_target = {
1681 .name = "arm920t",
1682
1683 .poll = arm7_9_poll,
1684 .arch_state = arm920t_arch_state,
1685
1686 .target_request_data = arm7_9_target_request_data,
1687
1688 .halt = arm7_9_halt,
1689 .resume = arm7_9_resume,
1690 .step = arm7_9_step,
1691
1692 .assert_reset = arm7_9_assert_reset,
1693 .deassert_reset = arm7_9_deassert_reset,
1694 .soft_reset_halt = arm920t_soft_reset_halt,
1695
1696 .get_gdb_reg_list = arm_get_gdb_reg_list,
1697
1698 .read_memory = arm920t_read_memory,
1699 .write_memory = arm7_9_write_memory_opt,
1700 .read_phys_memory = arm920t_read_phys_memory,
1701 .write_phys_memory = arm920t_write_phys_memory,
1702 .mmu = arm920_mmu,
1703 .virt2phys = arm920_virt2phys,
1704
1705 .checksum_memory = arm_checksum_memory,
1706 .blank_check_memory = arm_blank_check_memory,
1707
1708 .run_algorithm = armv4_5_run_algorithm,
1709
1710 .add_breakpoint = arm7_9_add_breakpoint,
1711 .remove_breakpoint = arm7_9_remove_breakpoint,
1712 .add_watchpoint = arm7_9_add_watchpoint,
1713 .remove_watchpoint = arm7_9_remove_watchpoint,
1714
1715 .commands = arm920t_command_handlers,
1716 .target_create = arm920t_target_create,
1717 .init_target = arm9tdmi_init_target,
1718 .examine = arm7_9_examine,
1719 .check_reset = arm7_9_check_reset,
1720 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)