Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
arm920t_common_t -> struct arm920t_common
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include "time_support.h"
26 #include "target_type.h"
27
28
29 /*
30 * For information about the ARM920T, see ARM DDI 0151C especially
31 * Chapter 9 about debug support, which shows how to manipulate each
32 * of the different scan chains:
33 *
34 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
35 * 1 ... debugging; watchpoint and breakpoint status, etc; also
36 * MMU and cache access in conjunction with scan chain 15
37 * 2 ... EmbeddedICE
38 * 3 ... external boundary scan (SoC-specific, unused here)
39 * 4 ... access to cache tag RAM
40 * 6 ... ETM9
41 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
42 * "interpreted" works with a few actual MRC/MCR instructions
43 * "physical" provides register-like behaviors.
44 *
45 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
46 */
47
48 #if 0
49 #define _DEBUG_INSTRUCTION_EXECUTION_
50 #endif
51
52 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
53
54 static int arm920t_read_cp15_physical(target_t *target,
55 int reg_addr, uint32_t *value)
56 {
57 struct arm920t_common *arm920t = target_to_arm920(target);
58 arm_jtag_t *jtag_info;
59 struct scan_field fields[4];
60 uint8_t access_type_buf = 1;
61 uint8_t reg_addr_buf = reg_addr & 0x3f;
62 uint8_t nr_w_buf = 0;
63
64 jtag_info = &arm920t->arm9tdmi_common.arm7_9_common.jtag_info;
65
66 jtag_set_end_state(TAP_IDLE);
67 arm_jtag_scann(jtag_info, 0xf);
68 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
69
70 fields[0].tap = jtag_info->tap;
71 fields[0].num_bits = 1;
72 fields[0].out_value = &access_type_buf;
73 fields[0].in_value = NULL;
74
75 fields[1].tap = jtag_info->tap;
76 fields[1].num_bits = 32;
77 fields[1].out_value = NULL;
78 fields[1].in_value = NULL;
79
80 fields[2].tap = jtag_info->tap;
81 fields[2].num_bits = 6;
82 fields[2].out_value = &reg_addr_buf;
83 fields[2].in_value = NULL;
84
85 fields[3].tap = jtag_info->tap;
86 fields[3].num_bits = 1;
87 fields[3].out_value = &nr_w_buf;
88 fields[3].in_value = NULL;
89
90 jtag_add_dr_scan(4, fields, jtag_get_end_state());
91
92 fields[1].in_value = (uint8_t *)value;
93
94 jtag_add_dr_scan(4, fields, jtag_get_end_state());
95
96 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
97
98 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
99 jtag_execute_queue();
100 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
101 #endif
102
103 return ERROR_OK;
104 }
105
106 static int arm920t_write_cp15_physical(target_t *target,
107 int reg_addr, uint32_t value)
108 {
109 struct arm920t_common *arm920t = target_to_arm920(target);
110 arm_jtag_t *jtag_info;
111 struct scan_field fields[4];
112 uint8_t access_type_buf = 1;
113 uint8_t reg_addr_buf = reg_addr & 0x3f;
114 uint8_t nr_w_buf = 1;
115 uint8_t value_buf[4];
116
117 jtag_info = &arm920t->arm9tdmi_common.arm7_9_common.jtag_info;
118
119 buf_set_u32(value_buf, 0, 32, value);
120
121 jtag_set_end_state(TAP_IDLE);
122 arm_jtag_scann(jtag_info, 0xf);
123 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
124
125 fields[0].tap = jtag_info->tap;
126 fields[0].num_bits = 1;
127 fields[0].out_value = &access_type_buf;
128 fields[0].in_value = NULL;
129
130 fields[1].tap = jtag_info->tap;
131 fields[1].num_bits = 32;
132 fields[1].out_value = value_buf;
133 fields[1].in_value = NULL;
134
135 fields[2].tap = jtag_info->tap;
136 fields[2].num_bits = 6;
137 fields[2].out_value = &reg_addr_buf;
138 fields[2].in_value = NULL;
139
140 fields[3].tap = jtag_info->tap;
141 fields[3].num_bits = 1;
142 fields[3].out_value = &nr_w_buf;
143 fields[3].in_value = NULL;
144
145 jtag_add_dr_scan(4, fields, jtag_get_end_state());
146
147 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
148 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
149 #endif
150
151 return ERROR_OK;
152 }
153
154 static int arm920t_execute_cp15(target_t *target, uint32_t cp15_opcode,
155 uint32_t arm_opcode)
156 {
157 int retval;
158 struct arm920t_common *arm920t = target_to_arm920(target);
159 arm_jtag_t *jtag_info;
160 struct scan_field fields[4];
161 uint8_t access_type_buf = 0; /* interpreted access */
162 uint8_t reg_addr_buf = 0x0;
163 uint8_t nr_w_buf = 0;
164 uint8_t cp15_opcode_buf[4];
165
166 jtag_info = &arm920t->arm9tdmi_common.arm7_9_common.jtag_info;
167
168 jtag_set_end_state(TAP_IDLE);
169 arm_jtag_scann(jtag_info, 0xf);
170 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
171
172 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
173
174 fields[0].tap = jtag_info->tap;
175 fields[0].num_bits = 1;
176 fields[0].out_value = &access_type_buf;
177 fields[0].in_value = NULL;
178
179 fields[1].tap = jtag_info->tap;
180 fields[1].num_bits = 32;
181 fields[1].out_value = cp15_opcode_buf;
182 fields[1].in_value = NULL;
183
184 fields[2].tap = jtag_info->tap;
185 fields[2].num_bits = 6;
186 fields[2].out_value = &reg_addr_buf;
187 fields[2].in_value = NULL;
188
189 fields[3].tap = jtag_info->tap;
190 fields[3].num_bits = 1;
191 fields[3].out_value = &nr_w_buf;
192 fields[3].in_value = NULL;
193
194 jtag_add_dr_scan(4, fields, jtag_get_end_state());
195
196 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
197 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
198 retval = arm7_9_execute_sys_speed(target);
199 if (retval != ERROR_OK)
200 return retval;
201
202 if ((retval = jtag_execute_queue()) != ERROR_OK)
203 {
204 LOG_ERROR("failed executing JTAG queue");
205 return retval;
206 }
207
208 return ERROR_OK;
209 }
210
211 static int arm920t_read_cp15_interpreted(target_t *target,
212 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
213 {
214 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
215 uint32_t* regs_p[1];
216 uint32_t regs[2];
217 uint32_t cp15c15 = 0x0;
218
219 /* load address into R1 */
220 regs[1] = address;
221 arm9tdmi_write_core_regs(target, 0x2, regs);
222
223 /* read-modify-write CP15 test state register
224 * to enable interpreted access mode */
225 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
226 jtag_execute_queue();
227 cp15c15 |= 1; /* set interpret mode */
228 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
229
230 /* execute CP15 instruction and ARM load (reading from coprocessor) */
231 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
232
233 /* disable interpreted access mode */
234 cp15c15 &= ~1U; /* clear interpret mode */
235 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
236
237 /* retrieve value from R0 */
238 regs_p[0] = value;
239 arm9tdmi_read_core_regs(target, 0x1, regs_p);
240 jtag_execute_queue();
241
242 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
243 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
244 #endif
245
246 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
247 return ERROR_FAIL;
248
249 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
250 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
251
252 return ERROR_OK;
253 }
254
255 static
256 int arm920t_write_cp15_interpreted(target_t *target,
257 uint32_t cp15_opcode, uint32_t value, uint32_t address)
258 {
259 uint32_t cp15c15 = 0x0;
260 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
261 uint32_t regs[2];
262
263 /* load value, address into R0, R1 */
264 regs[0] = value;
265 regs[1] = address;
266 arm9tdmi_write_core_regs(target, 0x3, regs);
267
268 /* read-modify-write CP15 test state register
269 * to enable interpreted access mode */
270 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
271 jtag_execute_queue();
272 cp15c15 |= 1; /* set interpret mode */
273 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
274
275 /* execute CP15 instruction and ARM store (writing to coprocessor) */
276 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
277
278 /* disable interpreted access mode */
279 cp15c15 &= ~1U; /* set interpret mode */
280 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
281
282 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
283 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
284 #endif
285
286 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
287 return ERROR_FAIL;
288
289 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
290 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
291
292 return ERROR_OK;
293 }
294
295 // EXPORTED to FA256
296 uint32_t arm920t_get_ttb(target_t *target)
297 {
298 int retval;
299 uint32_t ttb = 0x0;
300
301 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
302 return retval;
303
304 return ttb;
305 }
306
307 // EXPORTED to FA256
308 void arm920t_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
309 {
310 uint32_t cp15_control;
311
312 /* read cp15 control register */
313 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
314 jtag_execute_queue();
315
316 if (mmu)
317 cp15_control &= ~0x1U;
318
319 if (d_u_cache)
320 cp15_control &= ~0x4U;
321
322 if (i_cache)
323 cp15_control &= ~0x1000U;
324
325 arm920t_write_cp15_physical(target, 0x2, cp15_control);
326 }
327
328 // EXPORTED to FA256
329 void arm920t_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
330 {
331 uint32_t cp15_control;
332
333 /* read cp15 control register */
334 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
335 jtag_execute_queue();
336
337 if (mmu)
338 cp15_control |= 0x1U;
339
340 if (d_u_cache)
341 cp15_control |= 0x4U;
342
343 if (i_cache)
344 cp15_control |= 0x1000U;
345
346 arm920t_write_cp15_physical(target, 0x2, cp15_control);
347 }
348
349 // EXPORTED to FA256
350 void arm920t_post_debug_entry(target_t *target)
351 {
352 uint32_t cp15c15;
353 struct arm920t_common *arm920t = target_to_arm920(target);
354
355 /* examine cp15 control reg */
356 arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
357 jtag_execute_queue();
358 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm920t->cp15_control_reg);
359
360 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
361 {
362 uint32_t cache_type_reg;
363 /* identify caches */
364 arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
365 jtag_execute_queue();
366 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
367 }
368
369 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
370 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
371 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
372
373 /* save i/d fault status and address register */
374 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
375 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
376 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
377 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
378
379 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32 "",
380 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
381
382 if (arm920t->preserve_cache)
383 {
384 /* read-modify-write CP15 test state register
385 * to disable I/D-cache linefills */
386 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
387 jtag_execute_queue();
388 cp15c15 |= 0x600;
389 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
390 }
391 }
392
393 // EXPORTED to FA256
394 void arm920t_pre_restore_context(target_t *target)
395 {
396 uint32_t cp15c15;
397 struct arm920t_common *arm920t = target_to_arm920(target);
398
399 /* restore i/d fault status and address register */
400 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
401 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
402 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
403 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
404
405 /* read-modify-write CP15 test state register
406 * to reenable I/D-cache linefills */
407 if (arm920t->preserve_cache)
408 {
409 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
410 jtag_execute_queue();
411 cp15c15 &= ~0x600U;
412 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
413 }
414 }
415
416 static const char arm920_not[] = "target is not an ARM920";
417
418 static int arm920t_verify_pointer(struct command_context_s *cmd_ctx,
419 struct arm920t_common *arm920t)
420 {
421 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
422 command_print(cmd_ctx, arm920_not);
423 return ERROR_TARGET_INVALID;
424 }
425
426 return ERROR_OK;
427 }
428
429 /** Logs summary of ARM920 state for a halted target. */
430 int arm920t_arch_state(struct target_s *target)
431 {
432 static const char *state[] =
433 {
434 "disabled", "enabled"
435 };
436
437 struct arm920t_common *arm920t = target_to_arm920(target);
438 struct armv4_5_common_s *armv4_5;
439
440 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
441 {
442 LOG_ERROR("BUG: %s", arm920_not);
443 return ERROR_TARGET_INVALID;
444 }
445
446 armv4_5 = &arm920t->arm9tdmi_common.arm7_9_common.armv4_5_common;
447
448 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
449 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
450 "MMU: %s, D-Cache: %s, I-Cache: %s",
451 armv4_5_state_strings[armv4_5->core_state],
452 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
453 armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
454 buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
455 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
456 state[arm920t->armv4_5_mmu.mmu_enabled],
457 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
458 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
459
460 return ERROR_OK;
461 }
462
463 static int arm920_mmu(struct target_s *target, int *enabled)
464 {
465 if (target->state != TARGET_HALTED) {
466 LOG_ERROR("%s: target not halted", __func__);
467 return ERROR_TARGET_INVALID;
468 }
469
470 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
471 return ERROR_OK;
472 }
473
474 static int arm920_virt2phys(struct target_s *target,
475 uint32_t virt, uint32_t *phys)
476 {
477 /** @todo Implement this! */
478 LOG_ERROR("%s: not implemented", __func__);
479 return ERROR_FAIL;
480 }
481
482 /** Reads a buffer, in the specified word size, with current MMU settings. */
483 int arm920t_read_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
484 {
485 int retval;
486
487 retval = arm7_9_read_memory(target, address, size, count, buffer);
488
489 return retval;
490 }
491
492
493 static int arm920t_read_phys_memory(struct target_s *target,
494 uint32_t address, uint32_t size,
495 uint32_t count, uint8_t *buffer)
496 {
497 struct arm920t_common *arm920t = target_to_arm920(target);
498
499 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
500 address, size, count, buffer);
501 }
502
503 static int arm920t_write_phys_memory(struct target_s *target,
504 uint32_t address, uint32_t size,
505 uint32_t count, uint8_t *buffer)
506 {
507 struct arm920t_common *arm920t = target_to_arm920(target);
508
509 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
510 address, size, count, buffer);
511 }
512
513
514 /** Writes a buffer, in the specified word size, with current MMU settings. */
515 int arm920t_write_memory(struct target_s *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
516 {
517 int retval;
518
519 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
520 return retval;
521
522 /* This fn is used to write breakpoints, so we need to make sure
523 * that the data cache is flushed and the instruction cache is
524 * invalidated
525 */
526 if (((size == 4) || (size == 2)) && (count == 1))
527 {
528 struct arm920t_common *arm920t = target_to_arm920(target);
529
530 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
531 {
532 LOG_DEBUG("D-Cache enabled, flush and invalidate cache line");
533 /* MCR p15,0,Rd,c7,c10,2 */
534 retval = arm920t_write_cp15_interpreted(target, 0xee070f5e, 0x0, address);
535 if (retval != ERROR_OK)
536 return retval;
537 }
538
539 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
540 {
541 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
542 retval = arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
543 if (retval != ERROR_OK)
544 return retval;
545 }
546 }
547
548 return retval;
549 }
550
551 // EXPORTED to FA256
552 int arm920t_soft_reset_halt(struct target_s *target)
553 {
554 int retval = ERROR_OK;
555 struct arm920t_common *arm920t = target_to_arm920(target);
556 struct arm7_9_common_s *arm7_9 = target_to_arm7_9(target);
557 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
558 reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
559
560 if ((retval = target_halt(target)) != ERROR_OK)
561 {
562 return retval;
563 }
564
565 long long then = timeval_ms();
566 int timeout;
567 while (!(timeout = ((timeval_ms()-then) > 1000)))
568 {
569 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
570 {
571 embeddedice_read_reg(dbg_stat);
572 if ((retval = jtag_execute_queue()) != ERROR_OK)
573 {
574 return retval;
575 }
576 } else
577 {
578 break;
579 }
580 if (debug_level >= 3)
581 {
582 /* do not eat all CPU, time out after 1 se*/
583 alive_sleep(100);
584 } else
585 {
586 keep_alive();
587 }
588 }
589 if (timeout)
590 {
591 LOG_ERROR("Failed to halt CPU after 1 sec");
592 return ERROR_TARGET_TIMEOUT;
593 }
594
595 target->state = TARGET_HALTED;
596
597 /* SVC, ARM state, IRQ and FIQ disabled */
598 buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
599 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
600 armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
601
602 /* start fetching from 0x0 */
603 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
604 armv4_5->core_cache->reg_list[15].dirty = 1;
605 armv4_5->core_cache->reg_list[15].valid = 1;
606
607 armv4_5->core_mode = ARMV4_5_MODE_SVC;
608 armv4_5->core_state = ARMV4_5_STATE_ARM;
609
610 arm920t_disable_mmu_caches(target, 1, 1, 1);
611 arm920t->armv4_5_mmu.mmu_enabled = 0;
612 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
613 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
614
615 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
616 {
617 return retval;
618 }
619
620 return ERROR_OK;
621 }
622
623 int arm920t_init_arch_info(target_t *target, struct arm920t_common *arm920t, struct jtag_tap *tap)
624 {
625 arm9tdmi_common_t *arm9tdmi = &arm920t->arm9tdmi_common;
626 arm7_9_common_t *arm7_9 = &arm9tdmi->arm7_9_common;
627
628 /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
629 */
630 arm9tdmi_init_arch_info(target, arm9tdmi, tap);
631
632 arm920t->common_magic = ARM920T_COMMON_MAGIC;
633
634 arm7_9->post_debug_entry = arm920t_post_debug_entry;
635 arm7_9->pre_restore_context = arm920t_pre_restore_context;
636
637 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
638 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
639 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
640 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
641 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
642 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
643 arm920t->armv4_5_mmu.has_tiny_pages = 1;
644 arm920t->armv4_5_mmu.mmu_enabled = 0;
645
646 /* disabling linefills leads to lockups, so keep them enabled for now
647 * this doesn't affect correctness, but might affect timing issues, if
648 * important data is evicted from the cache during the debug session
649 * */
650 arm920t->preserve_cache = 0;
651
652 /* override hw single-step capability from ARM9TDMI */
653 arm7_9->has_single_step = 1;
654
655 return ERROR_OK;
656 }
657
658 static int arm920t_target_create(struct target_s *target, Jim_Interp *interp)
659 {
660 struct arm920t_common *arm920t = calloc(1,sizeof(struct arm920t_common));
661
662 return arm920t_init_arch_info(target, arm920t, target->tap);
663 }
664
665 COMMAND_HANDLER(arm920t_handle_read_cache_command)
666 {
667 int retval = ERROR_OK;
668 target_t *target = get_current_target(cmd_ctx);
669 struct arm920t_common *arm920t = target_to_arm920(target);
670 struct arm7_9_common_s *arm7_9 = target_to_arm7_9(target);
671 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
672 uint32_t cp15c15;
673 uint32_t cp15_ctrl, cp15_ctrl_saved;
674 uint32_t regs[16];
675 uint32_t *regs_p[16];
676 uint32_t C15_C_D_Ind, C15_C_I_Ind;
677 int i;
678 FILE *output;
679 arm920t_cache_line_t d_cache[8][64], i_cache[8][64];
680 int segment, index;
681
682 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
683 if (retval != ERROR_OK)
684 return retval;
685
686 if (argc != 1)
687 {
688 command_print(cmd_ctx, "usage: arm920t read_cache <filename>");
689 return ERROR_OK;
690 }
691
692 if ((output = fopen(args[0], "w")) == NULL)
693 {
694 LOG_DEBUG("error opening cache content file");
695 return ERROR_OK;
696 }
697
698 for (i = 0; i < 16; i++)
699 regs_p[i] = &regs[i];
700
701 /* disable MMU and Caches */
702 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
703 if ((retval = jtag_execute_queue()) != ERROR_OK)
704 {
705 return retval;
706 }
707 cp15_ctrl_saved = cp15_ctrl;
708 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
709 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
710
711 /* read CP15 test state register */
712 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
713 jtag_execute_queue();
714
715 /* read DCache content */
716 fprintf(output, "DCache:\n");
717
718 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
719 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
720 {
721 fprintf(output, "\nsegment: %i\n----------", segment);
722
723 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
724 regs[0] = 0x0 | (segment << 5);
725 arm9tdmi_write_core_regs(target, 0x1, regs);
726
727 /* set interpret mode */
728 cp15c15 |= 0x1;
729 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
730
731 /* D CAM Read, loads current victim into C15.C.D.Ind */
732 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
733
734 /* read current victim */
735 arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
736
737 /* clear interpret mode */
738 cp15c15 &= ~0x1;
739 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
740
741 for (index = 0; index < 64; index++)
742 {
743 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
744 regs[0] = 0x0 | (segment << 5) | (index << 26);
745 arm9tdmi_write_core_regs(target, 0x1, regs);
746
747 /* set interpret mode */
748 cp15c15 |= 0x1;
749 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
750
751 /* Write DCache victim */
752 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
753
754 /* Read D RAM */
755 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
756
757 /* Read D CAM */
758 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
759
760 /* clear interpret mode */
761 cp15c15 &= ~0x1;
762 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
763
764 /* read D RAM and CAM content */
765 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
766 if ((retval = jtag_execute_queue()) != ERROR_OK)
767 {
768 return retval;
769 }
770
771 d_cache[segment][index].cam = regs[9];
772
773 /* mask LFSR[6] */
774 regs[9] &= 0xfffffffe;
775 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
776
777 for (i = 1; i < 9; i++)
778 {
779 d_cache[segment][index].data[i] = regs[i];
780 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
781 }
782
783 }
784
785 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
786 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
787 arm9tdmi_write_core_regs(target, 0x1, regs);
788
789 /* set interpret mode */
790 cp15c15 |= 0x1;
791 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
792
793 /* Write DCache victim */
794 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
795
796 /* clear interpret mode */
797 cp15c15 &= ~0x1;
798 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
799 }
800
801 /* read ICache content */
802 fprintf(output, "ICache:\n");
803
804 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
805 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
806 {
807 fprintf(output, "segment: %i\n----------", segment);
808
809 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
810 regs[0] = 0x0 | (segment << 5);
811 arm9tdmi_write_core_regs(target, 0x1, regs);
812
813 /* set interpret mode */
814 cp15c15 |= 0x1;
815 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
816
817 /* I CAM Read, loads current victim into C15.C.I.Ind */
818 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
819
820 /* read current victim */
821 arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
822
823 /* clear interpret mode */
824 cp15c15 &= ~0x1;
825 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
826
827 for (index = 0; index < 64; index++)
828 {
829 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
830 regs[0] = 0x0 | (segment << 5) | (index << 26);
831 arm9tdmi_write_core_regs(target, 0x1, regs);
832
833 /* set interpret mode */
834 cp15c15 |= 0x1;
835 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
836
837 /* Write ICache victim */
838 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
839
840 /* Read I RAM */
841 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
842
843 /* Read I CAM */
844 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
845
846 /* clear interpret mode */
847 cp15c15 &= ~0x1;
848 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
849
850 /* read I RAM and CAM content */
851 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
852 if ((retval = jtag_execute_queue()) != ERROR_OK)
853 {
854 return retval;
855 }
856
857 i_cache[segment][index].cam = regs[9];
858
859 /* mask LFSR[6] */
860 regs[9] &= 0xfffffffe;
861 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
862
863 for (i = 1; i < 9; i++)
864 {
865 i_cache[segment][index].data[i] = regs[i];
866 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
867 }
868 }
869
870 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
871 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
872 arm9tdmi_write_core_regs(target, 0x1, regs);
873
874 /* set interpret mode */
875 cp15c15 |= 0x1;
876 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
877
878 /* Write ICache victim */
879 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
880
881 /* clear interpret mode */
882 cp15c15 &= ~0x1;
883 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
884 }
885
886 /* restore CP15 MMU and Cache settings */
887 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
888
889 command_print(cmd_ctx, "cache content successfully output to %s", args[0]);
890
891 fclose(output);
892
893 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
894 return ERROR_FAIL;
895
896 /* mark registers dirty. */
897 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
898 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
899 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
900 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
901 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
902 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
903 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
904 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
905 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
906 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
907
908 return ERROR_OK;
909 }
910
911 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
912 {
913 int retval = ERROR_OK;
914 target_t *target = get_current_target(cmd_ctx);
915 struct arm920t_common *arm920t = target_to_arm920(target);
916 struct arm7_9_common_s *arm7_9 = target_to_arm7_9(target);
917 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
918 uint32_t cp15c15;
919 uint32_t cp15_ctrl, cp15_ctrl_saved;
920 uint32_t regs[16];
921 uint32_t *regs_p[16];
922 int i;
923 FILE *output;
924 uint32_t Dlockdown, Ilockdown;
925 arm920t_tlb_entry_t d_tlb[64], i_tlb[64];
926 int victim;
927
928 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
929 if (retval != ERROR_OK)
930 return retval;
931
932 if (argc != 1)
933 {
934 command_print(cmd_ctx, "usage: arm920t read_mmu <filename>");
935 return ERROR_OK;
936 }
937
938 if ((output = fopen(args[0], "w")) == NULL)
939 {
940 LOG_DEBUG("error opening mmu content file");
941 return ERROR_OK;
942 }
943
944 for (i = 0; i < 16; i++)
945 regs_p[i] = &regs[i];
946
947 /* disable MMU and Caches */
948 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
949 if ((retval = jtag_execute_queue()) != ERROR_OK)
950 {
951 return retval;
952 }
953 cp15_ctrl_saved = cp15_ctrl;
954 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
955 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
956
957 /* read CP15 test state register */
958 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
959 if ((retval = jtag_execute_queue()) != ERROR_OK)
960 {
961 return retval;
962 }
963
964 /* prepare reading D TLB content
965 * */
966
967 /* set interpret mode */
968 cp15c15 |= 0x1;
969 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
970
971 /* Read D TLB lockdown */
972 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
973
974 /* clear interpret mode */
975 cp15c15 &= ~0x1;
976 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
977
978 /* read D TLB lockdown stored to r1 */
979 arm9tdmi_read_core_regs(target, 0x2, regs_p);
980 if ((retval = jtag_execute_queue()) != ERROR_OK)
981 {
982 return retval;
983 }
984 Dlockdown = regs[1];
985
986 for (victim = 0; victim < 64; victim += 8)
987 {
988 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
989 * base remains unchanged, victim goes through entries 0 to 63 */
990 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
991 arm9tdmi_write_core_regs(target, 0x2, regs);
992
993 /* set interpret mode */
994 cp15c15 |= 0x1;
995 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
996
997 /* Write D TLB lockdown */
998 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
999
1000 /* Read D TLB CAM */
1001 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1002
1003 /* clear interpret mode */
1004 cp15c15 &= ~0x1;
1005 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1006
1007 /* read D TLB CAM content stored to r2-r9 */
1008 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1009 if ((retval = jtag_execute_queue()) != ERROR_OK)
1010 {
1011 return retval;
1012 }
1013
1014 for (i = 0; i < 8; i++)
1015 d_tlb[victim + i].cam = regs[i + 2];
1016 }
1017
1018 for (victim = 0; victim < 64; victim++)
1019 {
1020 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1021 * base remains unchanged, victim goes through entries 0 to 63 */
1022 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1023 arm9tdmi_write_core_regs(target, 0x2, regs);
1024
1025 /* set interpret mode */
1026 cp15c15 |= 0x1;
1027 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1028
1029 /* Write D TLB lockdown */
1030 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1031
1032 /* Read D TLB RAM1 */
1033 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1034
1035 /* Read D TLB RAM2 */
1036 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1037
1038 /* clear interpret mode */
1039 cp15c15 &= ~0x1;
1040 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1041
1042 /* read D TLB RAM content stored to r2 and r3 */
1043 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1044 if ((retval = jtag_execute_queue()) != ERROR_OK)
1045 {
1046 return retval;
1047 }
1048
1049 d_tlb[victim].ram1 = regs[2];
1050 d_tlb[victim].ram2 = regs[3];
1051 }
1052
1053 /* restore D TLB lockdown */
1054 regs[1] = Dlockdown;
1055 arm9tdmi_write_core_regs(target, 0x2, regs);
1056
1057 /* Write D TLB lockdown */
1058 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1059
1060 /* prepare reading I TLB content
1061 * */
1062
1063 /* set interpret mode */
1064 cp15c15 |= 0x1;
1065 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1066
1067 /* Read I TLB lockdown */
1068 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1069
1070 /* clear interpret mode */
1071 cp15c15 &= ~0x1;
1072 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1073
1074 /* read I TLB lockdown stored to r1 */
1075 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1076 if ((retval = jtag_execute_queue()) != ERROR_OK)
1077 {
1078 return retval;
1079 }
1080 Ilockdown = regs[1];
1081
1082 for (victim = 0; victim < 64; victim += 8)
1083 {
1084 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1085 * base remains unchanged, victim goes through entries 0 to 63 */
1086 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1087 arm9tdmi_write_core_regs(target, 0x2, regs);
1088
1089 /* set interpret mode */
1090 cp15c15 |= 0x1;
1091 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1092
1093 /* Write I TLB lockdown */
1094 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1095
1096 /* Read I TLB CAM */
1097 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1098
1099 /* clear interpret mode */
1100 cp15c15 &= ~0x1;
1101 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1102
1103 /* read I TLB CAM content stored to r2-r9 */
1104 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1105 if ((retval = jtag_execute_queue()) != ERROR_OK)
1106 {
1107 return retval;
1108 }
1109
1110 for (i = 0; i < 8; i++)
1111 i_tlb[i + victim].cam = regs[i + 2];
1112 }
1113
1114 for (victim = 0; victim < 64; victim++)
1115 {
1116 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1117 * base remains unchanged, victim goes through entries 0 to 63 */
1118 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1119 arm9tdmi_write_core_regs(target, 0x2, regs);
1120
1121 /* set interpret mode */
1122 cp15c15 |= 0x1;
1123 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1124
1125 /* Write I TLB lockdown */
1126 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1127
1128 /* Read I TLB RAM1 */
1129 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1130
1131 /* Read I TLB RAM2 */
1132 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1133
1134 /* clear interpret mode */
1135 cp15c15 &= ~0x1;
1136 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1137
1138 /* read I TLB RAM content stored to r2 and r3 */
1139 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1140 if ((retval = jtag_execute_queue()) != ERROR_OK)
1141 {
1142 return retval;
1143 }
1144
1145 i_tlb[victim].ram1 = regs[2];
1146 i_tlb[victim].ram2 = regs[3];
1147 }
1148
1149 /* restore I TLB lockdown */
1150 regs[1] = Ilockdown;
1151 arm9tdmi_write_core_regs(target, 0x2, regs);
1152
1153 /* Write I TLB lockdown */
1154 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1155
1156 /* restore CP15 MMU and Cache settings */
1157 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1158
1159 /* output data to file */
1160 fprintf(output, "D TLB content:\n");
1161 for (i = 0; i < 64; i++)
1162 {
1163 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1164 }
1165
1166 fprintf(output, "\n\nI TLB content:\n");
1167 for (i = 0; i < 64; i++)
1168 {
1169 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1170 }
1171
1172 command_print(cmd_ctx, "mmu content successfully output to %s", args[0]);
1173
1174 fclose(output);
1175
1176 if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
1177 return ERROR_FAIL;
1178
1179 /* mark registers dirty */
1180 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1181 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1182 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1183 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1184 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1185 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1186 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1187 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1188 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1189 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1190
1191 return ERROR_OK;
1192 }
1193
1194 COMMAND_HANDLER(arm920t_handle_cp15_command)
1195 {
1196 int retval;
1197 target_t *target = get_current_target(cmd_ctx);
1198 struct arm920t_common *arm920t = target_to_arm920(target);
1199
1200 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
1201 if (retval != ERROR_OK)
1202 return retval;
1203
1204 if (target->state != TARGET_HALTED)
1205 {
1206 command_print(cmd_ctx, "target must be stopped for \"%s\" command", CMD_NAME);
1207 return ERROR_OK;
1208 }
1209
1210 /* one or more argument, access a single register (write if second argument is given */
1211 if (argc >= 1)
1212 {
1213 int address;
1214 COMMAND_PARSE_NUMBER(int, args[0], address);
1215
1216 if (argc == 1)
1217 {
1218 uint32_t value;
1219 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1220 {
1221 command_print(cmd_ctx, "couldn't access reg %i", address);
1222 return ERROR_OK;
1223 }
1224 if ((retval = jtag_execute_queue()) != ERROR_OK)
1225 {
1226 return retval;
1227 }
1228
1229 command_print(cmd_ctx, "%i: %8.8" PRIx32 "", address, value);
1230 }
1231 else if (argc == 2)
1232 {
1233 uint32_t value;
1234 COMMAND_PARSE_NUMBER(u32, args[1], value);
1235 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1236 {
1237 command_print(cmd_ctx, "couldn't access reg %i", address);
1238 return ERROR_OK;
1239 }
1240 command_print(cmd_ctx, "%i: %8.8" PRIx32 "", address, value);
1241 }
1242 }
1243
1244 return ERROR_OK;
1245 }
1246
1247 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1248 {
1249 int retval;
1250 target_t *target = get_current_target(cmd_ctx);
1251 struct arm920t_common *arm920t = target_to_arm920(target);
1252
1253 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
1254 if (retval != ERROR_OK)
1255 return retval;
1256
1257
1258 if (target->state != TARGET_HALTED)
1259 {
1260 command_print(cmd_ctx, "target must be stopped for \"%s\" command", CMD_NAME);
1261 return ERROR_OK;
1262 }
1263
1264 /* one or more argument, access a single register (write if second argument is given */
1265 if (argc >= 1)
1266 {
1267 uint32_t opcode;
1268 COMMAND_PARSE_NUMBER(u32, args[0], opcode);
1269
1270 if (argc == 1)
1271 {
1272 uint32_t value;
1273 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1274 {
1275 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1276 return ERROR_OK;
1277 }
1278
1279 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1280 }
1281 else if (argc == 2)
1282 {
1283 uint32_t value;
1284 COMMAND_PARSE_NUMBER(u32, args[1], value);
1285 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1286 {
1287 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1288 return ERROR_OK;
1289 }
1290 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1291 }
1292 else if (argc == 3)
1293 {
1294 uint32_t value;
1295 COMMAND_PARSE_NUMBER(u32, args[1], value);
1296 uint32_t address;
1297 COMMAND_PARSE_NUMBER(u32, args[2], address);
1298 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1299 {
1300 command_print(cmd_ctx, "couldn't execute %8.8" PRIx32 "", opcode);
1301 return ERROR_OK;
1302 }
1303 command_print(cmd_ctx, "%8.8" PRIx32 ": %8.8" PRIx32 " %8.8" PRIx32 "", opcode, value, address);
1304 }
1305 }
1306 else
1307 {
1308 command_print(cmd_ctx, "usage: arm920t cp15i <opcode> [value] [address]");
1309 }
1310
1311 return ERROR_OK;
1312 }
1313
1314 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1315 {
1316 int retval;
1317 target_t *target = get_current_target(cmd_ctx);
1318 struct arm920t_common *arm920t = target_to_arm920(target);
1319
1320 retval = arm920t_verify_pointer(cmd_ctx, arm920t);
1321 if (retval != ERROR_OK)
1322 return retval;
1323
1324 return armv4_5_handle_cache_info_command(cmd_ctx, &arm920t->armv4_5_mmu.armv4_5_cache);
1325 }
1326
1327
1328 static int arm920t_mrc(target_t *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
1329 {
1330 if (cpnum!=15)
1331 {
1332 LOG_ERROR("Only cp15 is supported");
1333 return ERROR_FAIL;
1334 }
1335
1336 return arm920t_read_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1337 }
1338
1339 static int arm920t_mcr(target_t *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
1340 {
1341 if (cpnum!=15)
1342 {
1343 LOG_ERROR("Only cp15 is supported");
1344 return ERROR_FAIL;
1345 }
1346
1347 return arm920t_write_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1348 }
1349
1350 /** Registers commands to access coprocessor, cache, and MMU resources. */
1351 int arm920t_register_commands(struct command_context_s *cmd_ctx)
1352 {
1353 int retval;
1354 command_t *arm920t_cmd;
1355
1356 retval = arm9tdmi_register_commands(cmd_ctx);
1357
1358 arm920t_cmd = register_command(cmd_ctx, NULL, "arm920t",
1359 NULL, COMMAND_ANY,
1360 "arm920t specific commands");
1361
1362 register_command(cmd_ctx, arm920t_cmd, "cp15",
1363 arm920t_handle_cp15_command, COMMAND_EXEC,
1364 "display/modify cp15 register <num> [value]");
1365 register_command(cmd_ctx, arm920t_cmd, "cp15i",
1366 arm920t_handle_cp15i_command, COMMAND_EXEC,
1367 "display/modify cp15 (interpreted access) "
1368 "<opcode> [value] [address]");
1369 register_command(cmd_ctx, arm920t_cmd, "cache_info",
1370 arm920t_handle_cache_info_command, COMMAND_EXEC,
1371 "display information about target caches");
1372 register_command(cmd_ctx, arm920t_cmd, "read_cache",
1373 arm920t_handle_read_cache_command, COMMAND_EXEC,
1374 "display I/D cache content");
1375 register_command(cmd_ctx, arm920t_cmd, "read_mmu",
1376 arm920t_handle_read_mmu_command, COMMAND_EXEC,
1377 "display I/D mmu content");
1378
1379 return retval;
1380 }
1381
1382 /** Holds methods for ARM920 targets. */
1383 target_type_t arm920t_target =
1384 {
1385 .name = "arm920t",
1386
1387 .poll = arm7_9_poll,
1388 .arch_state = arm920t_arch_state,
1389
1390 .target_request_data = arm7_9_target_request_data,
1391
1392 .halt = arm7_9_halt,
1393 .resume = arm7_9_resume,
1394 .step = arm7_9_step,
1395
1396 .assert_reset = arm7_9_assert_reset,
1397 .deassert_reset = arm7_9_deassert_reset,
1398 .soft_reset_halt = arm920t_soft_reset_halt,
1399
1400 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
1401
1402 .read_memory = arm920t_read_memory,
1403 .write_memory = arm920t_write_memory,
1404 .read_phys_memory = arm920t_read_phys_memory,
1405 .write_phys_memory = arm920t_write_phys_memory,
1406 .mmu = arm920_mmu,
1407 .virt2phys = arm920_virt2phys,
1408
1409 .bulk_write_memory = arm7_9_bulk_write_memory,
1410 .checksum_memory = arm7_9_checksum_memory,
1411 .blank_check_memory = arm7_9_blank_check_memory,
1412
1413 .run_algorithm = armv4_5_run_algorithm,
1414
1415 .add_breakpoint = arm7_9_add_breakpoint,
1416 .remove_breakpoint = arm7_9_remove_breakpoint,
1417 .add_watchpoint = arm7_9_add_watchpoint,
1418 .remove_watchpoint = arm7_9_remove_watchpoint,
1419
1420 .register_commands = arm920t_register_commands,
1421 .target_create = arm920t_target_create,
1422 .init_target = arm9tdmi_init_target,
1423 .examine = arm9tdmi_examine,
1424 .mrc = arm920t_mrc,
1425 .mcr = arm920t_mcr,
1426 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)