Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
arm920t: -Wshadow warning fixes
[openocd.git] / src / target / arm920t.c
1
2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
21 #ifdef HAVE_CONFIG_H
22 #include "config.h"
23 #endif
24
25 #include "arm920t.h"
26 #include <helper/time_support.h>
27 #include "target_type.h"
28 #include "register.h"
29 #include "arm_opcodes.h"
30
31
32 /*
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
36 *
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
40 * 2 ... EmbeddedICE
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
43 * 6 ... ETM9
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
48 *
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
50 */
51
52 #if 0
53 #define _DEBUG_INSTRUCTION_EXECUTION_
54 #endif
55
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
59 *
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
63 *
64 * x == bit[38]
65 * y == bits[37:34]
66 * z == bit[33]
67 */
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
69
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
75
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
82
83 static int arm920t_read_cp15_physical(struct target *target,
84 int reg_addr, uint32_t *value)
85 {
86 struct arm920t_common *arm920t = target_to_arm920(target);
87 struct arm_jtag *jtag_info;
88 struct scan_field fields[4];
89 uint8_t access_type_buf = 1;
90 uint8_t reg_addr_buf = reg_addr & 0x3f;
91 uint8_t nr_w_buf = 0;
92
93 jtag_info = &arm920t->arm7_9_common.jtag_info;
94
95 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
96 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
97
98 fields[0].num_bits = 1;
99 fields[0].out_value = &access_type_buf;
100 fields[0].in_value = NULL;
101
102 fields[1].num_bits = 32;
103 fields[1].out_value = NULL;
104 fields[1].in_value = NULL;
105
106 fields[2].num_bits = 6;
107 fields[2].out_value = &reg_addr_buf;
108 fields[2].in_value = NULL;
109
110 fields[3].num_bits = 1;
111 fields[3].out_value = &nr_w_buf;
112 fields[3].in_value = NULL;
113
114 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
115
116 fields[1].in_value = (uint8_t *)value;
117
118 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
119
120 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
121
122 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
123 jtag_execute_queue();
124 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
125 #endif
126
127 return ERROR_OK;
128 }
129
130 static int arm920t_write_cp15_physical(struct target *target,
131 int reg_addr, uint32_t value)
132 {
133 struct arm920t_common *arm920t = target_to_arm920(target);
134 struct arm_jtag *jtag_info;
135 struct scan_field fields[4];
136 uint8_t access_type_buf = 1;
137 uint8_t reg_addr_buf = reg_addr & 0x3f;
138 uint8_t nr_w_buf = 1;
139 uint8_t value_buf[4];
140
141 jtag_info = &arm920t->arm7_9_common.jtag_info;
142
143 buf_set_u32(value_buf, 0, 32, value);
144
145 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
146 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
147
148 fields[0].num_bits = 1;
149 fields[0].out_value = &access_type_buf;
150 fields[0].in_value = NULL;
151
152 fields[1].num_bits = 32;
153 fields[1].out_value = value_buf;
154 fields[1].in_value = NULL;
155
156 fields[2].num_bits = 6;
157 fields[2].out_value = &reg_addr_buf;
158 fields[2].in_value = NULL;
159
160 fields[3].num_bits = 1;
161 fields[3].out_value = &nr_w_buf;
162 fields[3].in_value = NULL;
163
164 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
165
166 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
167 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
168 #endif
169
170 return ERROR_OK;
171 }
172
173 /* See table 9-10 for scan chain 15 format during interpreted access mode.
174 * If the TESTSTATE register is set for interpreted access, certain CP15
175 * MRC and MCR instructions may be executed through scan chain 15.
176 *
177 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
178 * executed using scan chain 15 interpreted mode.
179 */
180 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
181 uint32_t arm_opcode)
182 {
183 int retval;
184 struct arm920t_common *arm920t = target_to_arm920(target);
185 struct arm_jtag *jtag_info;
186 struct scan_field fields[4];
187 uint8_t access_type_buf = 0; /* interpreted access */
188 uint8_t reg_addr_buf = 0x0;
189 uint8_t nr_w_buf = 0;
190 uint8_t cp15_opcode_buf[4];
191
192 jtag_info = &arm920t->arm7_9_common.jtag_info;
193
194 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
195 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
196
197 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
198
199 fields[0].num_bits = 1;
200 fields[0].out_value = &access_type_buf;
201 fields[0].in_value = NULL;
202
203 fields[1].num_bits = 32;
204 fields[1].out_value = cp15_opcode_buf;
205 fields[1].in_value = NULL;
206
207 fields[2].num_bits = 6;
208 fields[2].out_value = &reg_addr_buf;
209 fields[2].in_value = NULL;
210
211 fields[3].num_bits = 1;
212 fields[3].out_value = &nr_w_buf;
213 fields[3].in_value = NULL;
214
215 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
216
217 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
218 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
219 retval = arm7_9_execute_sys_speed(target);
220 if (retval != ERROR_OK)
221 return retval;
222
223 if ((retval = jtag_execute_queue()) != ERROR_OK)
224 {
225 LOG_ERROR("failed executing JTAG queue");
226 return retval;
227 }
228
229 return ERROR_OK;
230 }
231
232 static int arm920t_read_cp15_interpreted(struct target *target,
233 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
234 {
235 struct arm *armv4_5 = target_to_arm(target);
236 uint32_t* regs_p[1];
237 uint32_t regs[2];
238 uint32_t cp15c15 = 0x0;
239 struct reg *r = armv4_5->core_cache->reg_list;
240
241 /* load address into R1 */
242 regs[1] = address;
243 arm9tdmi_write_core_regs(target, 0x2, regs);
244
245 /* read-modify-write CP15 test state register
246 * to enable interpreted access mode */
247 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
248 jtag_execute_queue();
249 cp15c15 |= 1; /* set interpret mode */
250 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
251
252 /* execute CP15 instruction and ARM load (reading from coprocessor) */
253 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
254
255 /* disable interpreted access mode */
256 cp15c15 &= ~1U; /* clear interpret mode */
257 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
258
259 /* retrieve value from R0 */
260 regs_p[0] = value;
261 arm9tdmi_read_core_regs(target, 0x1, regs_p);
262 jtag_execute_queue();
263
264 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
265 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
266 cp15_opcode, address, *value);
267 #endif
268
269 if (!is_arm_mode(armv4_5->core_mode))
270 return ERROR_FAIL;
271
272 r[0].dirty = 1;
273 r[1].dirty = 1;
274
275 return ERROR_OK;
276 }
277
278 static
279 int arm920t_write_cp15_interpreted(struct target *target,
280 uint32_t cp15_opcode, uint32_t value, uint32_t address)
281 {
282 uint32_t cp15c15 = 0x0;
283 struct arm *armv4_5 = target_to_arm(target);
284 uint32_t regs[2];
285 struct reg *r = armv4_5->core_cache->reg_list;
286
287 /* load value, address into R0, R1 */
288 regs[0] = value;
289 regs[1] = address;
290 arm9tdmi_write_core_regs(target, 0x3, regs);
291
292 /* read-modify-write CP15 test state register
293 * to enable interpreted access mode */
294 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
295 jtag_execute_queue();
296 cp15c15 |= 1; /* set interpret mode */
297 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
298
299 /* execute CP15 instruction and ARM store (writing to coprocessor) */
300 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
301
302 /* disable interpreted access mode */
303 cp15c15 &= ~1U; /* set interpret mode */
304 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
305
306 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
307 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
308 cp15_opcode, value, address);
309 #endif
310
311 if (!is_arm_mode(armv4_5->core_mode))
312 return ERROR_FAIL;
313
314 r[0].dirty = 1;
315 r[1].dirty = 1;
316
317 return ERROR_OK;
318 }
319
320 // EXPORTED to FA256
321 uint32_t arm920t_get_ttb(struct target *target)
322 {
323 int retval;
324 uint32_t ttb = 0x0;
325
326 if ((retval = arm920t_read_cp15_interpreted(target,
327 /* FIXME use opcode macro */
328 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
329 return retval;
330
331 return ttb;
332 }
333
334 // EXPORTED to FA256
335 void arm920t_disable_mmu_caches(struct target *target, int mmu,
336 int d_u_cache, int i_cache)
337 {
338 uint32_t cp15_control;
339
340 /* read cp15 control register */
341 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
342 jtag_execute_queue();
343
344 if (mmu)
345 cp15_control &= ~0x1U;
346
347 if (d_u_cache)
348 cp15_control &= ~0x4U;
349
350 if (i_cache)
351 cp15_control &= ~0x1000U;
352
353 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
354 }
355
356 // EXPORTED to FA256
357 void arm920t_enable_mmu_caches(struct target *target, int mmu,
358 int d_u_cache, int i_cache)
359 {
360 uint32_t cp15_control;
361
362 /* read cp15 control register */
363 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
364 jtag_execute_queue();
365
366 if (mmu)
367 cp15_control |= 0x1U;
368
369 if (d_u_cache)
370 cp15_control |= 0x4U;
371
372 if (i_cache)
373 cp15_control |= 0x1000U;
374
375 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
376 }
377
378 // EXPORTED to FA256
379 void arm920t_post_debug_entry(struct target *target)
380 {
381 uint32_t cp15c15;
382 struct arm920t_common *arm920t = target_to_arm920(target);
383
384 /* examine cp15 control reg */
385 arm920t_read_cp15_physical(target,
386 CP15PHYS_CTRL, &arm920t->cp15_control_reg);
387 jtag_execute_queue();
388 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, arm920t->cp15_control_reg);
389
390 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
391 {
392 uint32_t cache_type_reg;
393 /* identify caches */
394 arm920t_read_cp15_physical(target,
395 CP15PHYS_CACHETYPE, &cache_type_reg);
396 jtag_execute_queue();
397 armv4_5_identify_cache(cache_type_reg,
398 &arm920t->armv4_5_mmu.armv4_5_cache);
399 }
400
401 arm920t->armv4_5_mmu.mmu_enabled =
402 (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
403 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
404 (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
405 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
406 (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
407
408 /* save i/d fault status and address register */
409 /* FIXME use opcode macros */
410 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
411 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
412 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
413 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
414
415 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32
416 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32,
417 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
418
419 if (arm920t->preserve_cache)
420 {
421 /* read-modify-write CP15 test state register
422 * to disable I/D-cache linefills */
423 arm920t_read_cp15_physical(target,
424 CP15PHYS_TESTSTATE, &cp15c15);
425 jtag_execute_queue();
426 cp15c15 |= 0x600;
427 arm920t_write_cp15_physical(target,
428 CP15PHYS_TESTSTATE, cp15c15);
429 }
430 }
431
432 // EXPORTED to FA256
433 void arm920t_pre_restore_context(struct target *target)
434 {
435 uint32_t cp15c15;
436 struct arm920t_common *arm920t = target_to_arm920(target);
437
438 /* restore i/d fault status and address register */
439 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
440 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
441 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
442 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
443
444 /* read-modify-write CP15 test state register
445 * to reenable I/D-cache linefills */
446 if (arm920t->preserve_cache)
447 {
448 arm920t_read_cp15_physical(target,
449 CP15PHYS_TESTSTATE, &cp15c15);
450 jtag_execute_queue();
451 cp15c15 &= ~0x600U;
452 arm920t_write_cp15_physical(target,
453 CP15PHYS_TESTSTATE, cp15c15);
454 }
455 }
456
457 static const char arm920_not[] = "target is not an ARM920";
458
459 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
460 struct arm920t_common *arm920t)
461 {
462 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
463 command_print(cmd_ctx, arm920_not);
464 return ERROR_TARGET_INVALID;
465 }
466
467 return ERROR_OK;
468 }
469
470 /** Logs summary of ARM920 state for a halted target. */
471 int arm920t_arch_state(struct target *target)
472 {
473 static const char *state[] =
474 {
475 "disabled", "enabled"
476 };
477
478 struct arm920t_common *arm920t = target_to_arm920(target);
479 struct arm *armv4_5;
480
481 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
482 {
483 LOG_ERROR("BUG: %s", arm920_not);
484 return ERROR_TARGET_INVALID;
485 }
486
487 armv4_5 = &arm920t->arm7_9_common.armv4_5_common;
488
489 arm_arch_state(target);
490 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
491 state[arm920t->armv4_5_mmu.mmu_enabled],
492 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
493 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
494
495 return ERROR_OK;
496 }
497
498 static int arm920_mmu(struct target *target, int *enabled)
499 {
500 if (target->state != TARGET_HALTED) {
501 LOG_ERROR("%s: target not halted", __func__);
502 return ERROR_TARGET_INVALID;
503 }
504
505 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
506 return ERROR_OK;
507 }
508
509 static int arm920_virt2phys(struct target *target,
510 uint32_t virt, uint32_t *phys)
511 {
512 uint32_t cb;
513 struct arm920t_common *arm920t = target_to_arm920(target);
514
515 uint32_t ret;
516 int retval = armv4_5_mmu_translate_va(target,
517 &arm920t->armv4_5_mmu, virt, &cb, &ret);
518 if (retval != ERROR_OK)
519 return retval;
520 *phys = ret;
521 return ERROR_OK;
522 }
523
524 /** Reads a buffer, in the specified word size, with current MMU settings. */
525 int arm920t_read_memory(struct target *target, uint32_t address,
526 uint32_t size, uint32_t count, uint8_t *buffer)
527 {
528 int retval;
529
530 retval = arm7_9_read_memory(target, address, size, count, buffer);
531
532 return retval;
533 }
534
535
536 static int arm920t_read_phys_memory(struct target *target,
537 uint32_t address, uint32_t size,
538 uint32_t count, uint8_t *buffer)
539 {
540 struct arm920t_common *arm920t = target_to_arm920(target);
541
542 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
543 address, size, count, buffer);
544 }
545
546 static int arm920t_write_phys_memory(struct target *target,
547 uint32_t address, uint32_t size,
548 uint32_t count, uint8_t *buffer)
549 {
550 struct arm920t_common *arm920t = target_to_arm920(target);
551
552 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
553 address, size, count, buffer);
554 }
555
556
557 /** Writes a buffer, in the specified word size, with current MMU settings. */
558 int arm920t_write_memory(struct target *target, uint32_t address,
559 uint32_t size, uint32_t count, uint8_t *buffer)
560 {
561 int retval;
562 const uint32_t cache_mask = ~0x1f; /* cache line size : 32 byte */
563 struct arm920t_common *arm920t = target_to_arm920(target);
564
565 /* FIX!!!! this should be cleaned up and made much more general. The
566 * plan is to write up and test on arm920t specifically and
567 * then generalize and clean up afterwards.
568 *
569 * Also it should be moved to the callbacks that handle breakpoints
570 * specifically and not the generic memory write fn's. See XScale code.
571 */
572 if (arm920t->armv4_5_mmu.mmu_enabled && (count == 1) &&
573 ((size==2) || (size==4)))
574 {
575 /* special case the handling of single word writes to
576 * bypass MMU, to allow implementation of breakpoints
577 * in memory marked read only
578 * by MMU
579 */
580 uint32_t cb;
581 uint32_t pa;
582
583 /*
584 * We need physical address and cb
585 */
586 retval = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu,
587 address, &cb, &pa);
588 if (retval != ERROR_OK)
589 return retval;
590
591 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
592 {
593 if (cb & 0x1)
594 {
595 LOG_DEBUG("D-Cache buffered, "
596 "drain write buffer");
597 /*
598 * Buffered ?
599 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
600 */
601
602 retval = arm920t_write_cp15_interpreted(target,
603 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
604 0x0, 0);
605 if (retval != ERROR_OK)
606 return retval;
607 }
608
609 if (cb == 0x3)
610 {
611 /*
612 * Write back memory ? -> clean cache
613 *
614 * There is no way to clean cache lines using
615 * cp15 scan chain, so copy the full cache
616 * line from cache to physical memory.
617 */
618 uint8_t data[32];
619
620 LOG_DEBUG("D-Cache in 'write back' mode, "
621 "flush cache line");
622
623 retval = target_read_memory(target,
624 address & cache_mask, 1,
625 sizeof(data), &data[0]);
626 if (retval != ERROR_OK)
627 return retval;
628
629 retval = armv4_5_mmu_write_physical(target,
630 &arm920t->armv4_5_mmu,
631 pa & cache_mask, 1,
632 sizeof(data), &data[0]);
633 if (retval != ERROR_OK)
634 return retval;
635 }
636
637 /* Cached ? */
638 if (cb & 0x2)
639 {
640 /*
641 * Cached ? -> Invalidate data cache using MVA
642 *
643 * MCR p15,0,Rd,c7,c6,1
644 */
645 LOG_DEBUG("D-Cache enabled, "
646 "invalidate cache line");
647
648 retval = arm920t_write_cp15_interpreted(target,
649 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
650 address & cache_mask);
651 if (retval != ERROR_OK)
652 return retval;
653 }
654 }
655
656 /* write directly to physical memory,
657 * bypassing any read only MMU bits, etc.
658 */
659 retval = armv4_5_mmu_write_physical(target,
660 &arm920t->armv4_5_mmu, pa, size,
661 count, buffer);
662 if (retval != ERROR_OK)
663 return retval;
664 } else
665 {
666 if ((retval = arm7_9_write_memory(target, address,
667 size, count, buffer)) != ERROR_OK)
668 return retval;
669 }
670
671 /* If ICache is enabled, we have to invalidate affected ICache lines
672 * the DCache is forced to write-through,
673 * so we don't have to clean it here
674 */
675 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
676 {
677 if (count <= 1)
678 {
679 /* invalidate ICache single entry with MVA
680 * mcr 15, 0, r0, cr7, cr5, {1}
681 */
682 LOG_DEBUG("I-Cache enabled, "
683 "invalidating affected I-Cache line");
684 retval = arm920t_write_cp15_interpreted(target,
685 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
686 0x0, address & cache_mask);
687 if (retval != ERROR_OK)
688 return retval;
689 }
690 else
691 {
692 /* invalidate ICache
693 * mcr 15, 0, r0, cr7, cr5, {0}
694 */
695 retval = arm920t_write_cp15_interpreted(target,
696 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
697 0x0, 0x0);
698 if (retval != ERROR_OK)
699 return retval;
700 }
701 }
702
703 return ERROR_OK;
704 }
705
706 // EXPORTED to FA256
707 int arm920t_soft_reset_halt(struct target *target)
708 {
709 int retval = ERROR_OK;
710 struct arm920t_common *arm920t = target_to_arm920(target);
711 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
712 struct arm *armv4_5 = &arm7_9->armv4_5_common;
713 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
714
715 if ((retval = target_halt(target)) != ERROR_OK)
716 {
717 return retval;
718 }
719
720 long long then = timeval_ms();
721 int timeout;
722 while (!(timeout = ((timeval_ms()-then) > 1000)))
723 {
724 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1)
725 == 0)
726 {
727 embeddedice_read_reg(dbg_stat);
728 if ((retval = jtag_execute_queue()) != ERROR_OK)
729 {
730 return retval;
731 }
732 } else
733 {
734 break;
735 }
736 if (debug_level >= 3)
737 {
738 /* do not eat all CPU, time out after 1 se*/
739 alive_sleep(100);
740 } else
741 {
742 keep_alive();
743 }
744 }
745 if (timeout)
746 {
747 LOG_ERROR("Failed to halt CPU after 1 sec");
748 return ERROR_TARGET_TIMEOUT;
749 }
750
751 target->state = TARGET_HALTED;
752
753 /* SVC, ARM state, IRQ and FIQ disabled */
754 uint32_t cpsr;
755
756 cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 32);
757 cpsr &= ~0xff;
758 cpsr |= 0xd3;
759 arm_set_cpsr(armv4_5, cpsr);
760 armv4_5->cpsr->dirty = 1;
761
762 /* start fetching from 0x0 */
763 buf_set_u32(armv4_5->pc->value, 0, 32, 0x0);
764 armv4_5->pc->dirty = 1;
765 armv4_5->pc->valid = 1;
766
767 arm920t_disable_mmu_caches(target, 1, 1, 1);
768 arm920t->armv4_5_mmu.mmu_enabled = 0;
769 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
770 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
771
772 return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
773 }
774
775 /* FIXME remove forward decls */
776 static int arm920t_mrc(struct target *target, int cpnum,
777 uint32_t op1, uint32_t op2,
778 uint32_t CRn, uint32_t CRm,
779 uint32_t *value);
780 static int arm920t_mcr(struct target *target, int cpnum,
781 uint32_t op1, uint32_t op2,
782 uint32_t CRn, uint32_t CRm,
783 uint32_t value);
784
785 static int arm920t_init_arch_info(struct target *target,
786 struct arm920t_common *arm920t, struct jtag_tap *tap)
787 {
788 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
789
790 arm7_9->armv4_5_common.mrc = arm920t_mrc;
791 arm7_9->armv4_5_common.mcr = arm920t_mcr;
792
793 /* initialize arm7/arm9 specific info (including armv4_5) */
794 arm9tdmi_init_arch_info(target, arm7_9, tap);
795
796 arm920t->common_magic = ARM920T_COMMON_MAGIC;
797
798 arm7_9->post_debug_entry = arm920t_post_debug_entry;
799 arm7_9->pre_restore_context = arm920t_pre_restore_context;
800
801 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
802 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
803 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
804 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
805 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
806 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
807 arm920t->armv4_5_mmu.has_tiny_pages = 1;
808 arm920t->armv4_5_mmu.mmu_enabled = 0;
809
810 /* disabling linefills leads to lockups, so keep them enabled for now
811 * this doesn't affect correctness, but might affect timing issues, if
812 * important data is evicted from the cache during the debug session
813 * */
814 arm920t->preserve_cache = 0;
815
816 /* override hw single-step capability from ARM9TDMI */
817 arm7_9->has_single_step = 1;
818
819 return ERROR_OK;
820 }
821
822 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
823 {
824 struct arm920t_common *arm920t;
825
826 arm920t = calloc(1,sizeof(struct arm920t_common));
827 return arm920t_init_arch_info(target, arm920t, target->tap);
828 }
829
830 COMMAND_HANDLER(arm920t_handle_read_cache_command)
831 {
832 int retval = ERROR_OK;
833 struct target *target = get_current_target(CMD_CTX);
834 struct arm920t_common *arm920t = target_to_arm920(target);
835 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
836 struct arm *armv4_5 = &arm7_9->armv4_5_common;
837 uint32_t cp15c15;
838 uint32_t cp15_ctrl, cp15_ctrl_saved;
839 uint32_t regs[16];
840 uint32_t *regs_p[16];
841 uint32_t C15_C_D_Ind, C15_C_I_Ind;
842 int i;
843 FILE *output;
844 struct arm920t_cache_line d_cache[8][64], i_cache[8][64];
845 int segment, index_t;
846 struct reg *r;
847
848 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
849 if (retval != ERROR_OK)
850 return retval;
851
852 if (CMD_ARGC != 1)
853 {
854 command_print(CMD_CTX, "usage: arm920t read_cache <filename>");
855 return ERROR_OK;
856 }
857
858 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
859 {
860 LOG_DEBUG("error opening cache content file");
861 return ERROR_OK;
862 }
863
864 for (i = 0; i < 16; i++)
865 regs_p[i] = &regs[i];
866
867 /* disable MMU and Caches */
868 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
869 if ((retval = jtag_execute_queue()) != ERROR_OK)
870 {
871 return retval;
872 }
873 cp15_ctrl_saved = cp15_ctrl;
874 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
875 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
876 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
877
878 /* read CP15 test state register */
879 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
880 jtag_execute_queue();
881
882 /* read DCache content */
883 fprintf(output, "DCache:\n");
884
885 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
886 for (segment = 0;
887 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
888 segment++)
889 {
890 fprintf(output, "\nsegment: %i\n----------", segment);
891
892 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
893 regs[0] = 0x0 | (segment << 5);
894 arm9tdmi_write_core_regs(target, 0x1, regs);
895
896 /* set interpret mode */
897 cp15c15 |= 0x1;
898 arm920t_write_cp15_physical(target,
899 CP15PHYS_TESTSTATE, cp15c15);
900
901 /* D CAM Read, loads current victim into C15.C.D.Ind */
902 arm920t_execute_cp15(target,
903 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
904
905 /* read current victim */
906 arm920t_read_cp15_physical(target,
907 CP15PHYS_DCACHE_IDX, &C15_C_D_Ind);
908
909 /* clear interpret mode */
910 cp15c15 &= ~0x1;
911 arm920t_write_cp15_physical(target,
912 CP15PHYS_TESTSTATE, cp15c15);
913
914 for (index_t = 0; index_t < 64; index_t++)
915 {
916 /* Ra:
917 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
918 */
919 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
920 arm9tdmi_write_core_regs(target, 0x1, regs);
921
922 /* set interpret mode */
923 cp15c15 |= 0x1;
924 arm920t_write_cp15_physical(target,
925 CP15PHYS_TESTSTATE, cp15c15);
926
927 /* Write DCache victim */
928 arm920t_execute_cp15(target,
929 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
930
931 /* Read D RAM */
932 arm920t_execute_cp15(target,
933 ARMV4_5_MCR(15,2,0,15,10,2),
934 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
935
936 /* Read D CAM */
937 arm920t_execute_cp15(target,
938 ARMV4_5_MCR(15,2,0,15,6,2),
939 ARMV4_5_LDR(9, 0));
940
941 /* clear interpret mode */
942 cp15c15 &= ~0x1;
943 arm920t_write_cp15_physical(target,
944 CP15PHYS_TESTSTATE, cp15c15);
945
946 /* read D RAM and CAM content */
947 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
948 if ((retval = jtag_execute_queue()) != ERROR_OK)
949 {
950 return retval;
951 }
952
953 d_cache[segment][index_t].cam = regs[9];
954
955 /* mask LFSR[6] */
956 regs[9] &= 0xfffffffe;
957 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8"
958 PRIx32 ", content (%s):\n",
959 segment, index_t, regs[9],
960 (regs[9] & 0x10) ? "valid" : "invalid");
961
962 for (i = 1; i < 9; i++)
963 {
964 d_cache[segment][index_t].data[i] = regs[i];
965 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
966 i-1, regs[i]);
967 }
968
969 }
970
971 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
972 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
973 arm9tdmi_write_core_regs(target, 0x1, regs);
974
975 /* set interpret mode */
976 cp15c15 |= 0x1;
977 arm920t_write_cp15_physical(target,
978 CP15PHYS_TESTSTATE, cp15c15);
979
980 /* Write DCache victim */
981 arm920t_execute_cp15(target,
982 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
983
984 /* clear interpret mode */
985 cp15c15 &= ~0x1;
986 arm920t_write_cp15_physical(target,
987 CP15PHYS_TESTSTATE, cp15c15);
988 }
989
990 /* read ICache content */
991 fprintf(output, "ICache:\n");
992
993 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
994 for (segment = 0;
995 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
996 segment++)
997 {
998 fprintf(output, "segment: %i\n----------", segment);
999
1000 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1001 regs[0] = 0x0 | (segment << 5);
1002 arm9tdmi_write_core_regs(target, 0x1, regs);
1003
1004 /* set interpret mode */
1005 cp15c15 |= 0x1;
1006 arm920t_write_cp15_physical(target,
1007 CP15PHYS_TESTSTATE, cp15c15);
1008
1009 /* I CAM Read, loads current victim into C15.C.I.Ind */
1010 arm920t_execute_cp15(target,
1011 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1012
1013 /* read current victim */
1014 arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,
1015 &C15_C_I_Ind);
1016
1017 /* clear interpret mode */
1018 cp15c15 &= ~0x1;
1019 arm920t_write_cp15_physical(target,
1020 CP15PHYS_TESTSTATE, cp15c15);
1021
1022 for (index_t = 0; index_t < 64; index_t++)
1023 {
1024 /* Ra:
1025 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1026 */
1027 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
1028 arm9tdmi_write_core_regs(target, 0x1, regs);
1029
1030 /* set interpret mode */
1031 cp15c15 |= 0x1;
1032 arm920t_write_cp15_physical(target,
1033 CP15PHYS_TESTSTATE, cp15c15);
1034
1035 /* Write ICache victim */
1036 arm920t_execute_cp15(target,
1037 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1038
1039 /* Read I RAM */
1040 arm920t_execute_cp15(target,
1041 ARMV4_5_MCR(15,2,0,15,9,2),
1042 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1043
1044 /* Read I CAM */
1045 arm920t_execute_cp15(target,
1046 ARMV4_5_MCR(15,2,0,15,5,2),
1047 ARMV4_5_LDR(9, 0));
1048
1049 /* clear interpret mode */
1050 cp15c15 &= ~0x1;
1051 arm920t_write_cp15_physical(target,
1052 CP15PHYS_TESTSTATE, cp15c15);
1053
1054 /* read I RAM and CAM content */
1055 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
1056 if ((retval = jtag_execute_queue()) != ERROR_OK)
1057 {
1058 return retval;
1059 }
1060
1061 i_cache[segment][index_t].cam = regs[9];
1062
1063 /* mask LFSR[6] */
1064 regs[9] &= 0xfffffffe;
1065 fprintf(output, "\nsegment: %i, index: %i, "
1066 "CAM: 0x%8.8" PRIx32 ", content (%s):\n",
1067 segment, index_t, regs[9],
1068 (regs[9] & 0x10) ? "valid" : "invalid");
1069
1070 for (i = 1; i < 9; i++)
1071 {
1072 i_cache[segment][index_t].data[i] = regs[i];
1073 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
1074 i-1, regs[i]);
1075 }
1076 }
1077
1078 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1079 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
1080 arm9tdmi_write_core_regs(target, 0x1, regs);
1081
1082 /* set interpret mode */
1083 cp15c15 |= 0x1;
1084 arm920t_write_cp15_physical(target,
1085 CP15PHYS_TESTSTATE, cp15c15);
1086
1087 /* Write ICache victim */
1088 arm920t_execute_cp15(target,
1089 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1090
1091 /* clear interpret mode */
1092 cp15c15 &= ~0x1;
1093 arm920t_write_cp15_physical(target,
1094 CP15PHYS_TESTSTATE, cp15c15);
1095 }
1096
1097 /* restore CP15 MMU and Cache settings */
1098 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1099
1100 command_print(CMD_CTX, "cache content successfully output to %s",
1101 CMD_ARGV[0]);
1102
1103 fclose(output);
1104
1105 if (!is_arm_mode(armv4_5->core_mode))
1106 return ERROR_FAIL;
1107
1108 /* force writeback of the valid data */
1109 r = armv4_5->core_cache->reg_list;
1110 r[0].dirty = r[0].valid;
1111 r[1].dirty = r[1].valid;
1112 r[2].dirty = r[2].valid;
1113 r[3].dirty = r[3].valid;
1114 r[4].dirty = r[4].valid;
1115 r[5].dirty = r[5].valid;
1116 r[6].dirty = r[6].valid;
1117 r[7].dirty = r[7].valid;
1118
1119 r = arm_reg_current(armv4_5, 8);
1120 r->dirty = r->valid;
1121
1122 r = arm_reg_current(armv4_5, 9);
1123 r->dirty = r->valid;
1124
1125 return ERROR_OK;
1126 }
1127
1128 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
1129 {
1130 int retval = ERROR_OK;
1131 struct target *target = get_current_target(CMD_CTX);
1132 struct arm920t_common *arm920t = target_to_arm920(target);
1133 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1134 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1135 uint32_t cp15c15;
1136 uint32_t cp15_ctrl, cp15_ctrl_saved;
1137 uint32_t regs[16];
1138 uint32_t *regs_p[16];
1139 int i;
1140 FILE *output;
1141 uint32_t Dlockdown, Ilockdown;
1142 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
1143 int victim;
1144 struct reg *r;
1145
1146 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1147 if (retval != ERROR_OK)
1148 return retval;
1149
1150 if (CMD_ARGC != 1)
1151 {
1152 command_print(CMD_CTX, "usage: arm920t read_mmu <filename>");
1153 return ERROR_OK;
1154 }
1155
1156 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
1157 {
1158 LOG_DEBUG("error opening mmu content file");
1159 return ERROR_OK;
1160 }
1161
1162 for (i = 0; i < 16; i++)
1163 regs_p[i] = &regs[i];
1164
1165 /* disable MMU and Caches */
1166 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
1167 if ((retval = jtag_execute_queue()) != ERROR_OK)
1168 {
1169 return retval;
1170 }
1171 cp15_ctrl_saved = cp15_ctrl;
1172 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
1173 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1174 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
1175
1176 /* read CP15 test state register */
1177 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
1178 if ((retval = jtag_execute_queue()) != ERROR_OK)
1179 {
1180 return retval;
1181 }
1182
1183 /* prepare reading D TLB content
1184 * */
1185
1186 /* set interpret mode */
1187 cp15c15 |= 0x1;
1188 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1189
1190 /* Read D TLB lockdown */
1191 arm920t_execute_cp15(target,
1192 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1193
1194 /* clear interpret mode */
1195 cp15c15 &= ~0x1;
1196 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1197
1198 /* read D TLB lockdown stored to r1 */
1199 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1200 if ((retval = jtag_execute_queue()) != ERROR_OK)
1201 {
1202 return retval;
1203 }
1204 Dlockdown = regs[1];
1205
1206 for (victim = 0; victim < 64; victim += 8)
1207 {
1208 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1209 * base remains unchanged, victim goes through entries 0 to 63
1210 */
1211 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1212 arm9tdmi_write_core_regs(target, 0x2, regs);
1213
1214 /* set interpret mode */
1215 cp15c15 |= 0x1;
1216 arm920t_write_cp15_physical(target,
1217 CP15PHYS_TESTSTATE, cp15c15);
1218
1219 /* Write D TLB lockdown */
1220 arm920t_execute_cp15(target,
1221 ARMV4_5_MCR(15,0,0,10,0,0),
1222 ARMV4_5_STR(1, 0));
1223
1224 /* Read D TLB CAM */
1225 arm920t_execute_cp15(target,
1226 ARMV4_5_MCR(15,4,0,15,6,4),
1227 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1228
1229 /* clear interpret mode */
1230 cp15c15 &= ~0x1;
1231 arm920t_write_cp15_physical(target,
1232 CP15PHYS_TESTSTATE, cp15c15);
1233
1234 /* read D TLB CAM content stored to r2-r9 */
1235 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1236 if ((retval = jtag_execute_queue()) != ERROR_OK)
1237 {
1238 return retval;
1239 }
1240
1241 for (i = 0; i < 8; i++)
1242 d_tlb[victim + i].cam = regs[i + 2];
1243 }
1244
1245 for (victim = 0; victim < 64; victim++)
1246 {
1247 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1248 * base remains unchanged, victim goes through entries 0 to 63
1249 */
1250 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1251 arm9tdmi_write_core_regs(target, 0x2, regs);
1252
1253 /* set interpret mode */
1254 cp15c15 |= 0x1;
1255 arm920t_write_cp15_physical(target,
1256 CP15PHYS_TESTSTATE, cp15c15);
1257
1258 /* Write D TLB lockdown */
1259 arm920t_execute_cp15(target,
1260 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1261
1262 /* Read D TLB RAM1 */
1263 arm920t_execute_cp15(target,
1264 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1265
1266 /* Read D TLB RAM2 */
1267 arm920t_execute_cp15(target,
1268 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1269
1270 /* clear interpret mode */
1271 cp15c15 &= ~0x1;
1272 arm920t_write_cp15_physical(target,
1273 CP15PHYS_TESTSTATE, cp15c15);
1274
1275 /* read D TLB RAM content stored to r2 and r3 */
1276 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1277 if ((retval = jtag_execute_queue()) != ERROR_OK)
1278 {
1279 return retval;
1280 }
1281
1282 d_tlb[victim].ram1 = regs[2];
1283 d_tlb[victim].ram2 = regs[3];
1284 }
1285
1286 /* restore D TLB lockdown */
1287 regs[1] = Dlockdown;
1288 arm9tdmi_write_core_regs(target, 0x2, regs);
1289
1290 /* Write D TLB lockdown */
1291 arm920t_execute_cp15(target,
1292 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1293
1294 /* prepare reading I TLB content
1295 * */
1296
1297 /* set interpret mode */
1298 cp15c15 |= 0x1;
1299 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1300
1301 /* Read I TLB lockdown */
1302 arm920t_execute_cp15(target,
1303 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1304
1305 /* clear interpret mode */
1306 cp15c15 &= ~0x1;
1307 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1308
1309 /* read I TLB lockdown stored to r1 */
1310 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1311 if ((retval = jtag_execute_queue()) != ERROR_OK)
1312 {
1313 return retval;
1314 }
1315 Ilockdown = regs[1];
1316
1317 for (victim = 0; victim < 64; victim += 8)
1318 {
1319 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1320 * base remains unchanged, victim goes through entries 0 to 63
1321 */
1322 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1323 arm9tdmi_write_core_regs(target, 0x2, regs);
1324
1325 /* set interpret mode */
1326 cp15c15 |= 0x1;
1327 arm920t_write_cp15_physical(target,
1328 CP15PHYS_TESTSTATE, cp15c15);
1329
1330 /* Write I TLB lockdown */
1331 arm920t_execute_cp15(target,
1332 ARMV4_5_MCR(15,0,0,10,0,1),
1333 ARMV4_5_STR(1, 0));
1334
1335 /* Read I TLB CAM */
1336 arm920t_execute_cp15(target,
1337 ARMV4_5_MCR(15,4,0,15,5,4),
1338 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1339
1340 /* clear interpret mode */
1341 cp15c15 &= ~0x1;
1342 arm920t_write_cp15_physical(target,
1343 CP15PHYS_TESTSTATE, cp15c15);
1344
1345 /* read I TLB CAM content stored to r2-r9 */
1346 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1347 if ((retval = jtag_execute_queue()) != ERROR_OK)
1348 {
1349 return retval;
1350 }
1351
1352 for (i = 0; i < 8; i++)
1353 i_tlb[i + victim].cam = regs[i + 2];
1354 }
1355
1356 for (victim = 0; victim < 64; victim++)
1357 {
1358 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1359 * base remains unchanged, victim goes through entries 0 to 63
1360 */
1361 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1362 arm9tdmi_write_core_regs(target, 0x2, regs);
1363
1364 /* set interpret mode */
1365 cp15c15 |= 0x1;
1366 arm920t_write_cp15_physical(target,
1367 CP15PHYS_TESTSTATE, cp15c15);
1368
1369 /* Write I TLB lockdown */
1370 arm920t_execute_cp15(target,
1371 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1372
1373 /* Read I TLB RAM1 */
1374 arm920t_execute_cp15(target,
1375 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1376
1377 /* Read I TLB RAM2 */
1378 arm920t_execute_cp15(target,
1379 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1380
1381 /* clear interpret mode */
1382 cp15c15 &= ~0x1;
1383 arm920t_write_cp15_physical(target,
1384 CP15PHYS_TESTSTATE, cp15c15);
1385
1386 /* read I TLB RAM content stored to r2 and r3 */
1387 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1388 if ((retval = jtag_execute_queue()) != ERROR_OK)
1389 {
1390 return retval;
1391 }
1392
1393 i_tlb[victim].ram1 = regs[2];
1394 i_tlb[victim].ram2 = regs[3];
1395 }
1396
1397 /* restore I TLB lockdown */
1398 regs[1] = Ilockdown;
1399 arm9tdmi_write_core_regs(target, 0x2, regs);
1400
1401 /* Write I TLB lockdown */
1402 arm920t_execute_cp15(target,
1403 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1404
1405 /* restore CP15 MMU and Cache settings */
1406 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1407
1408 /* output data to file */
1409 fprintf(output, "D TLB content:\n");
1410 for (i = 0; i < 64; i++)
1411 {
1412 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1413 " 0x%8.8" PRIx32 " %s\n",
1414 i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2,
1415 (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1416 }
1417
1418 fprintf(output, "\n\nI TLB content:\n");
1419 for (i = 0; i < 64; i++)
1420 {
1421 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1422 " 0x%8.8" PRIx32 " %s\n",
1423 i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2,
1424 (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1425 }
1426
1427 command_print(CMD_CTX, "mmu content successfully output to %s",
1428 CMD_ARGV[0]);
1429
1430 fclose(output);
1431
1432 if (!is_arm_mode(armv4_5->core_mode))
1433 return ERROR_FAIL;
1434
1435 /* force writeback of the valid data */
1436 r = armv4_5->core_cache->reg_list;
1437 r[0].dirty = r[0].valid;
1438 r[1].dirty = r[1].valid;
1439 r[2].dirty = r[2].valid;
1440 r[3].dirty = r[3].valid;
1441 r[4].dirty = r[4].valid;
1442 r[5].dirty = r[5].valid;
1443 r[6].dirty = r[6].valid;
1444 r[7].dirty = r[7].valid;
1445
1446 r = arm_reg_current(armv4_5, 8);
1447 r->dirty = r->valid;
1448
1449 r = arm_reg_current(armv4_5, 9);
1450 r->dirty = r->valid;
1451
1452 return ERROR_OK;
1453 }
1454
1455 COMMAND_HANDLER(arm920t_handle_cp15_command)
1456 {
1457 int retval;
1458 struct target *target = get_current_target(CMD_CTX);
1459 struct arm920t_common *arm920t = target_to_arm920(target);
1460
1461 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1462 if (retval != ERROR_OK)
1463 return retval;
1464
1465 if (target->state != TARGET_HALTED)
1466 {
1467 command_print(CMD_CTX, "target must be stopped for "
1468 "\"%s\" command", CMD_NAME);
1469 return ERROR_OK;
1470 }
1471
1472 /* one argument, read a register.
1473 * two arguments, write it.
1474 */
1475 if (CMD_ARGC >= 1)
1476 {
1477 int address;
1478 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1479
1480 if (CMD_ARGC == 1)
1481 {
1482 uint32_t value;
1483 if ((retval = arm920t_read_cp15_physical(target,
1484 address, &value)) != ERROR_OK)
1485 {
1486 command_print(CMD_CTX,
1487 "couldn't access reg %i", address);
1488 return ERROR_OK;
1489 }
1490 if ((retval = jtag_execute_queue()) != ERROR_OK)
1491 {
1492 return retval;
1493 }
1494
1495 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1496 address, value);
1497 }
1498 else if (CMD_ARGC == 2)
1499 {
1500 uint32_t value;
1501 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1502 retval = arm920t_write_cp15_physical(target,
1503 address, value);
1504 if (retval != ERROR_OK)
1505 {
1506 command_print(CMD_CTX,
1507 "couldn't access reg %i", address);
1508 /* REVISIT why lie? "return retval"? */
1509 return ERROR_OK;
1510 }
1511 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1512 address, value);
1513 }
1514 }
1515
1516 return ERROR_OK;
1517 }
1518
1519 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1520 {
1521 int retval;
1522 struct target *target = get_current_target(CMD_CTX);
1523 struct arm920t_common *arm920t = target_to_arm920(target);
1524
1525 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1526 if (retval != ERROR_OK)
1527 return retval;
1528
1529
1530 if (target->state != TARGET_HALTED)
1531 {
1532 command_print(CMD_CTX, "target must be stopped for "
1533 "\"%s\" command", CMD_NAME);
1534 return ERROR_OK;
1535 }
1536
1537 /* one argument, read a register.
1538 * two arguments, write it.
1539 */
1540 if (CMD_ARGC >= 1)
1541 {
1542 uint32_t opcode;
1543 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1544
1545 if (CMD_ARGC == 1)
1546 {
1547 uint32_t value;
1548 retval = arm920t_read_cp15_interpreted(target,
1549 opcode, 0x0, &value);
1550 if (retval != ERROR_OK)
1551 {
1552 command_print(CMD_CTX,
1553 "couldn't execute %8.8" PRIx32,
1554 opcode);
1555 /* REVISIT why lie? "return retval"? */
1556 return ERROR_OK;
1557 }
1558
1559 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1560 opcode, value);
1561 }
1562 else if (CMD_ARGC == 2)
1563 {
1564 uint32_t value;
1565 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1566 retval = arm920t_write_cp15_interpreted(target,
1567 opcode, value, 0);
1568 if (retval != ERROR_OK)
1569 {
1570 command_print(CMD_CTX,
1571 "couldn't execute %8.8" PRIx32,
1572 opcode);
1573 /* REVISIT why lie? "return retval"? */
1574 return ERROR_OK;
1575 }
1576 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1577 opcode, value);
1578 }
1579 else if (CMD_ARGC == 3)
1580 {
1581 uint32_t value;
1582 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1583 uint32_t address;
1584 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1585 retval = arm920t_write_cp15_interpreted(target,
1586 opcode, value, address);
1587 if (retval != ERROR_OK)
1588 {
1589 command_print(CMD_CTX,
1590 "couldn't execute %8.8" PRIx32, opcode);
1591 /* REVISIT why lie? "return retval"? */
1592 return ERROR_OK;
1593 }
1594 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32
1595 " %8.8" PRIx32, opcode, value, address);
1596 }
1597 }
1598 else
1599 {
1600 command_print(CMD_CTX,
1601 "usage: arm920t cp15i <opcode> [value] [address]");
1602 }
1603
1604 return ERROR_OK;
1605 }
1606
1607 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1608 {
1609 int retval;
1610 struct target *target = get_current_target(CMD_CTX);
1611 struct arm920t_common *arm920t = target_to_arm920(target);
1612
1613 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1614 if (retval != ERROR_OK)
1615 return retval;
1616
1617 return armv4_5_handle_cache_info_command(CMD_CTX,
1618 &arm920t->armv4_5_mmu.armv4_5_cache);
1619 }
1620
1621
1622 static int arm920t_mrc(struct target *target, int cpnum,
1623 uint32_t op1, uint32_t op2,
1624 uint32_t CRn, uint32_t CRm,
1625 uint32_t *value)
1626 {
1627 if (cpnum!=15)
1628 {
1629 LOG_ERROR("Only cp15 is supported");
1630 return ERROR_FAIL;
1631 }
1632
1633 /* read "to" r0 */
1634 return arm920t_read_cp15_interpreted(target,
1635 ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),
1636 0, value);
1637 }
1638
1639 static int arm920t_mcr(struct target *target, int cpnum,
1640 uint32_t op1, uint32_t op2,
1641 uint32_t CRn, uint32_t CRm,
1642 uint32_t value)
1643 {
1644 if (cpnum!=15)
1645 {
1646 LOG_ERROR("Only cp15 is supported");
1647 return ERROR_FAIL;
1648 }
1649
1650 /* write "from" r0 */
1651 return arm920t_write_cp15_interpreted(target,
1652 ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),
1653 0, value);
1654 }
1655
1656 static const struct command_registration arm920t_exec_command_handlers[] = {
1657 {
1658 .name = "cp15",
1659 .handler = arm920t_handle_cp15_command,
1660 .mode = COMMAND_EXEC,
1661 .help = "display/modify cp15 register",
1662 .usage = "regnum [value]",
1663 },
1664 {
1665 .name = "cp15i",
1666 .handler = arm920t_handle_cp15i_command,
1667 .mode = COMMAND_EXEC,
1668 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1669 .help = "display/modify cp15 register using ARM opcode"
1670 " (DEPRECATED)",
1671 .usage = "instruction [value [address]]",
1672 },
1673 {
1674 .name = "cache_info",
1675 .handler = arm920t_handle_cache_info_command,
1676 .mode = COMMAND_EXEC,
1677 .help = "display information about target caches",
1678 },
1679 {
1680 .name = "read_cache",
1681 .handler = arm920t_handle_read_cache_command,
1682 .mode = COMMAND_EXEC,
1683 .help = "dump I/D cache content to file",
1684 .usage = "filename",
1685 },
1686 {
1687 .name = "read_mmu",
1688 .handler = arm920t_handle_read_mmu_command,
1689 .mode = COMMAND_EXEC,
1690 .help = "dump I/D mmu content to file",
1691 .usage = "filename",
1692 },
1693 COMMAND_REGISTRATION_DONE
1694 };
1695 const struct command_registration arm920t_command_handlers[] = {
1696 {
1697 .chain = arm9tdmi_command_handlers,
1698 },
1699 {
1700 .name = "arm920t",
1701 .mode = COMMAND_ANY,
1702 .help = "arm920t command group",
1703 .chain = arm920t_exec_command_handlers,
1704 },
1705 COMMAND_REGISTRATION_DONE
1706 };
1707
1708 /** Holds methods for ARM920 targets. */
1709 struct target_type arm920t_target =
1710 {
1711 .name = "arm920t",
1712
1713 .poll = arm7_9_poll,
1714 .arch_state = arm920t_arch_state,
1715
1716 .target_request_data = arm7_9_target_request_data,
1717
1718 .halt = arm7_9_halt,
1719 .resume = arm7_9_resume,
1720 .step = arm7_9_step,
1721
1722 .assert_reset = arm7_9_assert_reset,
1723 .deassert_reset = arm7_9_deassert_reset,
1724 .soft_reset_halt = arm920t_soft_reset_halt,
1725
1726 .get_gdb_reg_list = arm_get_gdb_reg_list,
1727
1728 .read_memory = arm920t_read_memory,
1729 .write_memory = arm920t_write_memory,
1730 .read_phys_memory = arm920t_read_phys_memory,
1731 .write_phys_memory = arm920t_write_phys_memory,
1732 .mmu = arm920_mmu,
1733 .virt2phys = arm920_virt2phys,
1734
1735 .bulk_write_memory = arm7_9_bulk_write_memory,
1736
1737 .checksum_memory = arm_checksum_memory,
1738 .blank_check_memory = arm_blank_check_memory,
1739
1740 .run_algorithm = armv4_5_run_algorithm,
1741
1742 .add_breakpoint = arm7_9_add_breakpoint,
1743 .remove_breakpoint = arm7_9_remove_breakpoint,
1744 .add_watchpoint = arm7_9_add_watchpoint,
1745 .remove_watchpoint = arm7_9_remove_watchpoint,
1746
1747 .commands = arm920t_command_handlers,
1748 .target_create = arm920t_target_create,
1749 .init_target = arm9tdmi_init_target,
1750 .examine = arm7_9_examine,
1751 .check_reset = arm7_9_check_reset,
1752 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)