Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
ARM920T scanchain 15 comments/cleanup
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include <helper/time_support.h>
26 #include "target_type.h"
27 #include "register.h"
28 #include "arm_opcodes.h"
29
30
31 /*
32 * For information about the ARM920T, see ARM DDI 0151C especially
33 * Chapter 9 about debug support, which shows how to manipulate each
34 * of the different scan chains:
35 *
36 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
37 * 1 ... debugging; watchpoint and breakpoint status, etc; also
38 * MMU and cache access in conjunction with scan chain 15
39 * 2 ... EmbeddedICE
40 * 3 ... external boundary scan (SoC-specific, unused here)
41 * 4 ... access to cache tag RAM
42 * 6 ... ETM9
43 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
44 * "interpreted" works with a few actual MRC/MCR instructions
45 * "physical" provides register-like behaviors. Section 9.6.7
46 * covers these details.
47 *
48 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
49 */
50
51 #if 0
52 #define _DEBUG_INSTRUCTION_EXECUTION_
53 #endif
54
55 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
56 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
57 * JTAG scan, while reads use two.
58 *
59 * Table 9-9 lists the thirteen registers which support physical access.
60 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
61 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
62 *
63 * x == bit[38]
64 * y == bits[37:34]
65 * z == bit[33]
66 */
67 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
68
69 /* Registers supporting physical Read access (from table 9-9) */
70 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
71 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
72 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
73 /* NOTE: several more registers support only physical read access */
74
75 /* Registers supporting physical Read/Write access (from table 9-9) */
76 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
77 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
78 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
79 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
80 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
81
82 static int arm920t_read_cp15_physical(struct target *target,
83 int reg_addr, uint32_t *value)
84 {
85 struct arm920t_common *arm920t = target_to_arm920(target);
86 struct arm_jtag *jtag_info;
87 struct scan_field fields[4];
88 uint8_t access_type_buf = 1;
89 uint8_t reg_addr_buf = reg_addr & 0x3f;
90 uint8_t nr_w_buf = 0;
91
92 jtag_info = &arm920t->arm7_9_common.jtag_info;
93
94 jtag_set_end_state(TAP_IDLE);
95 arm_jtag_scann(jtag_info, 0xf);
96 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
97
98 fields[0].tap = jtag_info->tap;
99 fields[0].num_bits = 1;
100 fields[0].out_value = &access_type_buf;
101 fields[0].in_value = NULL;
102
103 fields[1].tap = jtag_info->tap;
104 fields[1].num_bits = 32;
105 fields[1].out_value = NULL;
106 fields[1].in_value = NULL;
107
108 fields[2].tap = jtag_info->tap;
109 fields[2].num_bits = 6;
110 fields[2].out_value = &reg_addr_buf;
111 fields[2].in_value = NULL;
112
113 fields[3].tap = jtag_info->tap;
114 fields[3].num_bits = 1;
115 fields[3].out_value = &nr_w_buf;
116 fields[3].in_value = NULL;
117
118 jtag_add_dr_scan(4, fields, jtag_get_end_state());
119
120 fields[1].in_value = (uint8_t *)value;
121
122 jtag_add_dr_scan(4, fields, jtag_get_end_state());
123
124 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
125
126 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
127 jtag_execute_queue();
128 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
129 #endif
130
131 return ERROR_OK;
132 }
133
134 static int arm920t_write_cp15_physical(struct target *target,
135 int reg_addr, uint32_t value)
136 {
137 struct arm920t_common *arm920t = target_to_arm920(target);
138 struct arm_jtag *jtag_info;
139 struct scan_field fields[4];
140 uint8_t access_type_buf = 1;
141 uint8_t reg_addr_buf = reg_addr & 0x3f;
142 uint8_t nr_w_buf = 1;
143 uint8_t value_buf[4];
144
145 jtag_info = &arm920t->arm7_9_common.jtag_info;
146
147 buf_set_u32(value_buf, 0, 32, value);
148
149 jtag_set_end_state(TAP_IDLE);
150 arm_jtag_scann(jtag_info, 0xf);
151 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
152
153 fields[0].tap = jtag_info->tap;
154 fields[0].num_bits = 1;
155 fields[0].out_value = &access_type_buf;
156 fields[0].in_value = NULL;
157
158 fields[1].tap = jtag_info->tap;
159 fields[1].num_bits = 32;
160 fields[1].out_value = value_buf;
161 fields[1].in_value = NULL;
162
163 fields[2].tap = jtag_info->tap;
164 fields[2].num_bits = 6;
165 fields[2].out_value = &reg_addr_buf;
166 fields[2].in_value = NULL;
167
168 fields[3].tap = jtag_info->tap;
169 fields[3].num_bits = 1;
170 fields[3].out_value = &nr_w_buf;
171 fields[3].in_value = NULL;
172
173 jtag_add_dr_scan(4, fields, jtag_get_end_state());
174
175 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
176 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
177 #endif
178
179 return ERROR_OK;
180 }
181
182 /* See table 9-10 for scan chain 15 format during interpreted access mode.
183 * If the TESTSTATE register is set for interpreted access, certain CP15
184 * MRC and MCR instructions may be executed through scan chain 15.
185 *
186 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
187 * executed using scan chain 15 interpreted mode.
188 */
189 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
190 uint32_t arm_opcode)
191 {
192 int retval;
193 struct arm920t_common *arm920t = target_to_arm920(target);
194 struct arm_jtag *jtag_info;
195 struct scan_field fields[4];
196 uint8_t access_type_buf = 0; /* interpreted access */
197 uint8_t reg_addr_buf = 0x0;
198 uint8_t nr_w_buf = 0;
199 uint8_t cp15_opcode_buf[4];
200
201 jtag_info = &arm920t->arm7_9_common.jtag_info;
202
203 jtag_set_end_state(TAP_IDLE);
204 arm_jtag_scann(jtag_info, 0xf);
205 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
206
207 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
208
209 fields[0].tap = jtag_info->tap;
210 fields[0].num_bits = 1;
211 fields[0].out_value = &access_type_buf;
212 fields[0].in_value = NULL;
213
214 fields[1].tap = jtag_info->tap;
215 fields[1].num_bits = 32;
216 fields[1].out_value = cp15_opcode_buf;
217 fields[1].in_value = NULL;
218
219 fields[2].tap = jtag_info->tap;
220 fields[2].num_bits = 6;
221 fields[2].out_value = &reg_addr_buf;
222 fields[2].in_value = NULL;
223
224 fields[3].tap = jtag_info->tap;
225 fields[3].num_bits = 1;
226 fields[3].out_value = &nr_w_buf;
227 fields[3].in_value = NULL;
228
229 jtag_add_dr_scan(4, fields, jtag_get_end_state());
230
231 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
232 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
233 retval = arm7_9_execute_sys_speed(target);
234 if (retval != ERROR_OK)
235 return retval;
236
237 if ((retval = jtag_execute_queue()) != ERROR_OK)
238 {
239 LOG_ERROR("failed executing JTAG queue");
240 return retval;
241 }
242
243 return ERROR_OK;
244 }
245
246 static int arm920t_read_cp15_interpreted(struct target *target,
247 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
248 {
249 struct arm *armv4_5 = target_to_arm(target);
250 uint32_t* regs_p[1];
251 uint32_t regs[2];
252 uint32_t cp15c15 = 0x0;
253 struct reg *r = armv4_5->core_cache->reg_list;
254
255 /* load address into R1 */
256 regs[1] = address;
257 arm9tdmi_write_core_regs(target, 0x2, regs);
258
259 /* read-modify-write CP15 test state register
260 * to enable interpreted access mode */
261 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
262 jtag_execute_queue();
263 cp15c15 |= 1; /* set interpret mode */
264 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
265
266 /* execute CP15 instruction and ARM load (reading from coprocessor) */
267 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
268
269 /* disable interpreted access mode */
270 cp15c15 &= ~1U; /* clear interpret mode */
271 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
272
273 /* retrieve value from R0 */
274 regs_p[0] = value;
275 arm9tdmi_read_core_regs(target, 0x1, regs_p);
276 jtag_execute_queue();
277
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
280 #endif
281
282 if (!is_arm_mode(armv4_5->core_mode))
283 return ERROR_FAIL;
284
285 r[0].dirty = 1;
286 r[1].dirty = 1;
287
288 return ERROR_OK;
289 }
290
291 static
292 int arm920t_write_cp15_interpreted(struct target *target,
293 uint32_t cp15_opcode, uint32_t value, uint32_t address)
294 {
295 uint32_t cp15c15 = 0x0;
296 struct arm *armv4_5 = target_to_arm(target);
297 uint32_t regs[2];
298 struct reg *r = armv4_5->core_cache->reg_list;
299
300 /* load value, address into R0, R1 */
301 regs[0] = value;
302 regs[1] = address;
303 arm9tdmi_write_core_regs(target, 0x3, regs);
304
305 /* read-modify-write CP15 test state register
306 * to enable interpreted access mode */
307 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
308 jtag_execute_queue();
309 cp15c15 |= 1; /* set interpret mode */
310 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
311
312 /* execute CP15 instruction and ARM store (writing to coprocessor) */
313 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
314
315 /* disable interpreted access mode */
316 cp15c15 &= ~1U; /* set interpret mode */
317 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
318
319 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
320 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
321 #endif
322
323 if (!is_arm_mode(armv4_5->core_mode))
324 return ERROR_FAIL;
325
326 r[0].dirty = 1;
327 r[1].dirty = 1;
328
329 return ERROR_OK;
330 }
331
332 // EXPORTED to FA256
333 uint32_t arm920t_get_ttb(struct target *target)
334 {
335 int retval;
336 uint32_t ttb = 0x0;
337
338 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
339 return retval;
340
341 return ttb;
342 }
343
344 // EXPORTED to FA256
345 void arm920t_disable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
346 {
347 uint32_t cp15_control;
348
349 /* read cp15 control register */
350 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
351 jtag_execute_queue();
352
353 if (mmu)
354 cp15_control &= ~0x1U;
355
356 if (d_u_cache)
357 cp15_control &= ~0x4U;
358
359 if (i_cache)
360 cp15_control &= ~0x1000U;
361
362 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
363 }
364
365 // EXPORTED to FA256
366 void arm920t_enable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
367 {
368 uint32_t cp15_control;
369
370 /* read cp15 control register */
371 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
372 jtag_execute_queue();
373
374 if (mmu)
375 cp15_control |= 0x1U;
376
377 if (d_u_cache)
378 cp15_control |= 0x4U;
379
380 if (i_cache)
381 cp15_control |= 0x1000U;
382
383 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
384 }
385
386 // EXPORTED to FA256
387 void arm920t_post_debug_entry(struct target *target)
388 {
389 uint32_t cp15c15;
390 struct arm920t_common *arm920t = target_to_arm920(target);
391
392 /* examine cp15 control reg */
393 arm920t_read_cp15_physical(target,
394 CP15PHYS_CTRL, &arm920t->cp15_control_reg);
395 jtag_execute_queue();
396 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm920t->cp15_control_reg);
397
398 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
399 {
400 uint32_t cache_type_reg;
401 /* identify caches */
402 arm920t_read_cp15_physical(target,
403 CP15PHYS_CACHETYPE, &cache_type_reg);
404 jtag_execute_queue();
405 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
406 }
407
408 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
409 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
410 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
411
412 /* save i/d fault status and address register */
413 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
414 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
415 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
416 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
417
418 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32 "",
419 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
420
421 if (arm920t->preserve_cache)
422 {
423 /* read-modify-write CP15 test state register
424 * to disable I/D-cache linefills */
425 arm920t_read_cp15_physical(target,
426 CP15PHYS_TESTSTATE, &cp15c15);
427 jtag_execute_queue();
428 cp15c15 |= 0x600;
429 arm920t_write_cp15_physical(target,
430 CP15PHYS_TESTSTATE, cp15c15);
431 }
432 }
433
434 // EXPORTED to FA256
435 void arm920t_pre_restore_context(struct target *target)
436 {
437 uint32_t cp15c15;
438 struct arm920t_common *arm920t = target_to_arm920(target);
439
440 /* restore i/d fault status and address register */
441 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
442 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
443 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
444 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
445
446 /* read-modify-write CP15 test state register
447 * to reenable I/D-cache linefills */
448 if (arm920t->preserve_cache)
449 {
450 arm920t_read_cp15_physical(target,
451 CP15PHYS_TESTSTATE, &cp15c15);
452 jtag_execute_queue();
453 cp15c15 &= ~0x600U;
454 arm920t_write_cp15_physical(target,
455 CP15PHYS_TESTSTATE, cp15c15);
456 }
457 }
458
459 static const char arm920_not[] = "target is not an ARM920";
460
461 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
462 struct arm920t_common *arm920t)
463 {
464 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
465 command_print(cmd_ctx, arm920_not);
466 return ERROR_TARGET_INVALID;
467 }
468
469 return ERROR_OK;
470 }
471
472 /** Logs summary of ARM920 state for a halted target. */
473 int arm920t_arch_state(struct target *target)
474 {
475 static const char *state[] =
476 {
477 "disabled", "enabled"
478 };
479
480 struct arm920t_common *arm920t = target_to_arm920(target);
481 struct arm *armv4_5;
482
483 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
484 {
485 LOG_ERROR("BUG: %s", arm920_not);
486 return ERROR_TARGET_INVALID;
487 }
488
489 armv4_5 = &arm920t->arm7_9_common.armv4_5_common;
490
491 arm_arch_state(target);
492 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
493 state[arm920t->armv4_5_mmu.mmu_enabled],
494 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
495 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
496
497 return ERROR_OK;
498 }
499
500 static int arm920_mmu(struct target *target, int *enabled)
501 {
502 if (target->state != TARGET_HALTED) {
503 LOG_ERROR("%s: target not halted", __func__);
504 return ERROR_TARGET_INVALID;
505 }
506
507 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
508 return ERROR_OK;
509 }
510
511 static int arm920_virt2phys(struct target *target,
512 uint32_t virt, uint32_t *phys)
513 {
514 int type;
515 uint32_t cb;
516 int domain;
517 uint32_t ap;
518 struct arm920t_common *arm920t = target_to_arm920(target);
519
520 uint32_t ret = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu, virt, &type, &cb, &domain, &ap);
521 if (type == -1)
522 {
523 return ret;
524 }
525 *phys = ret;
526 return ERROR_OK;
527 }
528
529 /** Reads a buffer, in the specified word size, with current MMU settings. */
530 int arm920t_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
531 {
532 int retval;
533
534 retval = arm7_9_read_memory(target, address, size, count, buffer);
535
536 return retval;
537 }
538
539
540 static int arm920t_read_phys_memory(struct target *target,
541 uint32_t address, uint32_t size,
542 uint32_t count, uint8_t *buffer)
543 {
544 struct arm920t_common *arm920t = target_to_arm920(target);
545
546 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
547 address, size, count, buffer);
548 }
549
550 static int arm920t_write_phys_memory(struct target *target,
551 uint32_t address, uint32_t size,
552 uint32_t count, uint8_t *buffer)
553 {
554 struct arm920t_common *arm920t = target_to_arm920(target);
555
556 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
557 address, size, count, buffer);
558 }
559
560
561 /** Writes a buffer, in the specified word size, with current MMU settings. */
562 int arm920t_write_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
563 {
564 int retval;
565
566 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
567 return retval;
568
569 /* This fn is used to write breakpoints, so we need to make sure
570 * that the data cache is flushed and the instruction cache is
571 * invalidated
572 */
573 if (((size == 4) || (size == 2)) && (count == 1))
574 {
575 struct arm920t_common *arm920t = target_to_arm920(target);
576
577 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
578 {
579 LOG_DEBUG("D-Cache enabled, flush and invalidate cache line");
580 /* MCR p15,0,Rd,c7,c10,2 */
581 retval = arm920t_write_cp15_interpreted(target, 0xee070f5e, 0x0, address);
582 if (retval != ERROR_OK)
583 return retval;
584 }
585
586 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
587 {
588 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
589 retval = arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
590 if (retval != ERROR_OK)
591 return retval;
592 }
593 }
594
595 return retval;
596 }
597
598 // EXPORTED to FA256
599 int arm920t_soft_reset_halt(struct target *target)
600 {
601 int retval = ERROR_OK;
602 struct arm920t_common *arm920t = target_to_arm920(target);
603 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
604 struct arm *armv4_5 = &arm7_9->armv4_5_common;
605 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
606
607 if ((retval = target_halt(target)) != ERROR_OK)
608 {
609 return retval;
610 }
611
612 long long then = timeval_ms();
613 int timeout;
614 while (!(timeout = ((timeval_ms()-then) > 1000)))
615 {
616 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
617 {
618 embeddedice_read_reg(dbg_stat);
619 if ((retval = jtag_execute_queue()) != ERROR_OK)
620 {
621 return retval;
622 }
623 } else
624 {
625 break;
626 }
627 if (debug_level >= 3)
628 {
629 /* do not eat all CPU, time out after 1 se*/
630 alive_sleep(100);
631 } else
632 {
633 keep_alive();
634 }
635 }
636 if (timeout)
637 {
638 LOG_ERROR("Failed to halt CPU after 1 sec");
639 return ERROR_TARGET_TIMEOUT;
640 }
641
642 target->state = TARGET_HALTED;
643
644 /* SVC, ARM state, IRQ and FIQ disabled */
645 uint32_t cpsr;
646
647 cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 32);
648 cpsr &= ~0xff;
649 cpsr |= 0xd3;
650 arm_set_cpsr(armv4_5, cpsr);
651 armv4_5->cpsr->dirty = 1;
652
653 /* start fetching from 0x0 */
654 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
655 armv4_5->core_cache->reg_list[15].dirty = 1;
656 armv4_5->core_cache->reg_list[15].valid = 1;
657
658 arm920t_disable_mmu_caches(target, 1, 1, 1);
659 arm920t->armv4_5_mmu.mmu_enabled = 0;
660 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
661 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
662
663 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
664 {
665 return retval;
666 }
667
668 return ERROR_OK;
669 }
670
671 /* FIXME remove forward decls */
672 static int arm920t_mrc(struct target *target, int cpnum,
673 uint32_t op1, uint32_t op2,
674 uint32_t CRn, uint32_t CRm,
675 uint32_t *value);
676 static int arm920t_mcr(struct target *target, int cpnum,
677 uint32_t op1, uint32_t op2,
678 uint32_t CRn, uint32_t CRm,
679 uint32_t value);
680
681 int arm920t_init_arch_info(struct target *target, struct arm920t_common *arm920t, struct jtag_tap *tap)
682 {
683 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
684
685 arm7_9->armv4_5_common.mrc = arm920t_mrc;
686 arm7_9->armv4_5_common.mcr = arm920t_mcr;
687
688 /* initialize arm7/arm9 specific info (including armv4_5) */
689 arm9tdmi_init_arch_info(target, arm7_9, tap);
690
691 arm920t->common_magic = ARM920T_COMMON_MAGIC;
692
693 arm7_9->post_debug_entry = arm920t_post_debug_entry;
694 arm7_9->pre_restore_context = arm920t_pre_restore_context;
695
696 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
697 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
698 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
699 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
700 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
701 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
702 arm920t->armv4_5_mmu.has_tiny_pages = 1;
703 arm920t->armv4_5_mmu.mmu_enabled = 0;
704
705 /* disabling linefills leads to lockups, so keep them enabled for now
706 * this doesn't affect correctness, but might affect timing issues, if
707 * important data is evicted from the cache during the debug session
708 * */
709 arm920t->preserve_cache = 0;
710
711 /* override hw single-step capability from ARM9TDMI */
712 arm7_9->has_single_step = 1;
713
714 return ERROR_OK;
715 }
716
717 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
718 {
719 struct arm920t_common *arm920t = calloc(1,sizeof(struct arm920t_common));
720
721 return arm920t_init_arch_info(target, arm920t, target->tap);
722 }
723
724 COMMAND_HANDLER(arm920t_handle_read_cache_command)
725 {
726 int retval = ERROR_OK;
727 struct target *target = get_current_target(CMD_CTX);
728 struct arm920t_common *arm920t = target_to_arm920(target);
729 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
730 struct arm *armv4_5 = &arm7_9->armv4_5_common;
731 uint32_t cp15c15;
732 uint32_t cp15_ctrl, cp15_ctrl_saved;
733 uint32_t regs[16];
734 uint32_t *regs_p[16];
735 uint32_t C15_C_D_Ind, C15_C_I_Ind;
736 int i;
737 FILE *output;
738 struct arm920t_cache_line d_cache[8][64], i_cache[8][64];
739 int segment, index;
740 struct reg *r;
741
742 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
743 if (retval != ERROR_OK)
744 return retval;
745
746 if (CMD_ARGC != 1)
747 {
748 command_print(CMD_CTX, "usage: arm920t read_cache <filename>");
749 return ERROR_OK;
750 }
751
752 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
753 {
754 LOG_DEBUG("error opening cache content file");
755 return ERROR_OK;
756 }
757
758 for (i = 0; i < 16; i++)
759 regs_p[i] = &regs[i];
760
761 /* disable MMU and Caches */
762 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
763 if ((retval = jtag_execute_queue()) != ERROR_OK)
764 {
765 return retval;
766 }
767 cp15_ctrl_saved = cp15_ctrl;
768 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
769 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
770
771 /* read CP15 test state register */
772 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
773 jtag_execute_queue();
774
775 /* read DCache content */
776 fprintf(output, "DCache:\n");
777
778 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
779 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
780 {
781 fprintf(output, "\nsegment: %i\n----------", segment);
782
783 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
784 regs[0] = 0x0 | (segment << 5);
785 arm9tdmi_write_core_regs(target, 0x1, regs);
786
787 /* set interpret mode */
788 cp15c15 |= 0x1;
789 arm920t_write_cp15_physical(target,
790 CP15PHYS_TESTSTATE, cp15c15);
791
792 /* D CAM Read, loads current victim into C15.C.D.Ind */
793 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
794
795 /* read current victim */
796 arm920t_read_cp15_physical(target,
797 CP15PHYS_DCACHE_IDX, &C15_C_D_Ind);
798
799 /* clear interpret mode */
800 cp15c15 &= ~0x1;
801 arm920t_write_cp15_physical(target,
802 CP15PHYS_TESTSTATE, cp15c15);
803
804 for (index = 0; index < 64; index++)
805 {
806 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
807 regs[0] = 0x0 | (segment << 5) | (index << 26);
808 arm9tdmi_write_core_regs(target, 0x1, regs);
809
810 /* set interpret mode */
811 cp15c15 |= 0x1;
812 arm920t_write_cp15_physical(target,
813 CP15PHYS_TESTSTATE, cp15c15);
814
815 /* Write DCache victim */
816 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
817
818 /* Read D RAM */
819 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
820
821 /* Read D CAM */
822 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
823
824 /* clear interpret mode */
825 cp15c15 &= ~0x1;
826 arm920t_write_cp15_physical(target,
827 CP15PHYS_TESTSTATE, cp15c15);
828
829 /* read D RAM and CAM content */
830 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
831 if ((retval = jtag_execute_queue()) != ERROR_OK)
832 {
833 return retval;
834 }
835
836 d_cache[segment][index].cam = regs[9];
837
838 /* mask LFSR[6] */
839 regs[9] &= 0xfffffffe;
840 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
841
842 for (i = 1; i < 9; i++)
843 {
844 d_cache[segment][index].data[i] = regs[i];
845 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
846 }
847
848 }
849
850 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
851 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
852 arm9tdmi_write_core_regs(target, 0x1, regs);
853
854 /* set interpret mode */
855 cp15c15 |= 0x1;
856 arm920t_write_cp15_physical(target,
857 CP15PHYS_TESTSTATE, cp15c15);
858
859 /* Write DCache victim */
860 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
861
862 /* clear interpret mode */
863 cp15c15 &= ~0x1;
864 arm920t_write_cp15_physical(target,
865 CP15PHYS_TESTSTATE, cp15c15);
866 }
867
868 /* read ICache content */
869 fprintf(output, "ICache:\n");
870
871 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
872 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
873 {
874 fprintf(output, "segment: %i\n----------", segment);
875
876 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
877 regs[0] = 0x0 | (segment << 5);
878 arm9tdmi_write_core_regs(target, 0x1, regs);
879
880 /* set interpret mode */
881 cp15c15 |= 0x1;
882 arm920t_write_cp15_physical(target,
883 CP15PHYS_TESTSTATE, cp15c15);
884
885 /* I CAM Read, loads current victim into C15.C.I.Ind */
886 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
887
888 /* read current victim */
889 arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,
890 &C15_C_I_Ind);
891
892 /* clear interpret mode */
893 cp15c15 &= ~0x1;
894 arm920t_write_cp15_physical(target,
895 CP15PHYS_TESTSTATE, cp15c15);
896
897 for (index = 0; index < 64; index++)
898 {
899 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
900 regs[0] = 0x0 | (segment << 5) | (index << 26);
901 arm9tdmi_write_core_regs(target, 0x1, regs);
902
903 /* set interpret mode */
904 cp15c15 |= 0x1;
905 arm920t_write_cp15_physical(target,
906 CP15PHYS_TESTSTATE, cp15c15);
907
908 /* Write ICache victim */
909 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
910
911 /* Read I RAM */
912 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
913
914 /* Read I CAM */
915 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
916
917 /* clear interpret mode */
918 cp15c15 &= ~0x1;
919 arm920t_write_cp15_physical(target,
920 CP15PHYS_TESTSTATE, cp15c15);
921
922 /* read I RAM and CAM content */
923 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
924 if ((retval = jtag_execute_queue()) != ERROR_OK)
925 {
926 return retval;
927 }
928
929 i_cache[segment][index].cam = regs[9];
930
931 /* mask LFSR[6] */
932 regs[9] &= 0xfffffffe;
933 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
934
935 for (i = 1; i < 9; i++)
936 {
937 i_cache[segment][index].data[i] = regs[i];
938 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
939 }
940 }
941
942 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
943 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
944 arm9tdmi_write_core_regs(target, 0x1, regs);
945
946 /* set interpret mode */
947 cp15c15 |= 0x1;
948 arm920t_write_cp15_physical(target,
949 CP15PHYS_TESTSTATE, cp15c15);
950
951 /* Write ICache victim */
952 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
953
954 /* clear interpret mode */
955 cp15c15 &= ~0x1;
956 arm920t_write_cp15_physical(target,
957 CP15PHYS_TESTSTATE, cp15c15);
958 }
959
960 /* restore CP15 MMU and Cache settings */
961 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
962
963 command_print(CMD_CTX, "cache content successfully output to %s", CMD_ARGV[0]);
964
965 fclose(output);
966
967 if (!is_arm_mode(armv4_5->core_mode))
968 return ERROR_FAIL;
969
970 /* force writeback of the valid data */
971 r = armv4_5->core_cache->reg_list;
972 r[0].dirty = r[0].valid;
973 r[1].dirty = r[1].valid;
974 r[2].dirty = r[2].valid;
975 r[3].dirty = r[3].valid;
976 r[4].dirty = r[4].valid;
977 r[5].dirty = r[5].valid;
978 r[6].dirty = r[6].valid;
979 r[7].dirty = r[7].valid;
980
981 r = arm_reg_current(armv4_5, 8);
982 r->dirty = r->valid;
983
984 r = arm_reg_current(armv4_5, 9);
985 r->dirty = r->valid;
986
987 return ERROR_OK;
988 }
989
990 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
991 {
992 int retval = ERROR_OK;
993 struct target *target = get_current_target(CMD_CTX);
994 struct arm920t_common *arm920t = target_to_arm920(target);
995 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
996 struct arm *armv4_5 = &arm7_9->armv4_5_common;
997 uint32_t cp15c15;
998 uint32_t cp15_ctrl, cp15_ctrl_saved;
999 uint32_t regs[16];
1000 uint32_t *regs_p[16];
1001 int i;
1002 FILE *output;
1003 uint32_t Dlockdown, Ilockdown;
1004 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
1005 int victim;
1006 struct reg *r;
1007
1008 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1009 if (retval != ERROR_OK)
1010 return retval;
1011
1012 if (CMD_ARGC != 1)
1013 {
1014 command_print(CMD_CTX, "usage: arm920t read_mmu <filename>");
1015 return ERROR_OK;
1016 }
1017
1018 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
1019 {
1020 LOG_DEBUG("error opening mmu content file");
1021 return ERROR_OK;
1022 }
1023
1024 for (i = 0; i < 16; i++)
1025 regs_p[i] = &regs[i];
1026
1027 /* disable MMU and Caches */
1028 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
1029 if ((retval = jtag_execute_queue()) != ERROR_OK)
1030 {
1031 return retval;
1032 }
1033 cp15_ctrl_saved = cp15_ctrl;
1034 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1035 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
1036
1037 /* read CP15 test state register */
1038 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
1039 if ((retval = jtag_execute_queue()) != ERROR_OK)
1040 {
1041 return retval;
1042 }
1043
1044 /* prepare reading D TLB content
1045 * */
1046
1047 /* set interpret mode */
1048 cp15c15 |= 0x1;
1049 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1050
1051 /* Read D TLB lockdown */
1052 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1053
1054 /* clear interpret mode */
1055 cp15c15 &= ~0x1;
1056 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1057
1058 /* read D TLB lockdown stored to r1 */
1059 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1060 if ((retval = jtag_execute_queue()) != ERROR_OK)
1061 {
1062 return retval;
1063 }
1064 Dlockdown = regs[1];
1065
1066 for (victim = 0; victim < 64; victim += 8)
1067 {
1068 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1069 * base remains unchanged, victim goes through entries 0 to 63 */
1070 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1071 arm9tdmi_write_core_regs(target, 0x2, regs);
1072
1073 /* set interpret mode */
1074 cp15c15 |= 0x1;
1075 arm920t_write_cp15_physical(target,
1076 CP15PHYS_TESTSTATE, cp15c15);
1077
1078 /* Write D TLB lockdown */
1079 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1080
1081 /* Read D TLB CAM */
1082 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1083
1084 /* clear interpret mode */
1085 cp15c15 &= ~0x1;
1086 arm920t_write_cp15_physical(target,
1087 CP15PHYS_TESTSTATE, cp15c15);
1088
1089 /* read D TLB CAM content stored to r2-r9 */
1090 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1091 if ((retval = jtag_execute_queue()) != ERROR_OK)
1092 {
1093 return retval;
1094 }
1095
1096 for (i = 0; i < 8; i++)
1097 d_tlb[victim + i].cam = regs[i + 2];
1098 }
1099
1100 for (victim = 0; victim < 64; victim++)
1101 {
1102 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1103 * base remains unchanged, victim goes through entries 0 to 63 */
1104 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1105 arm9tdmi_write_core_regs(target, 0x2, regs);
1106
1107 /* set interpret mode */
1108 cp15c15 |= 0x1;
1109 arm920t_write_cp15_physical(target,
1110 CP15PHYS_TESTSTATE, cp15c15);
1111
1112 /* Write D TLB lockdown */
1113 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1114
1115 /* Read D TLB RAM1 */
1116 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1117
1118 /* Read D TLB RAM2 */
1119 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1120
1121 /* clear interpret mode */
1122 cp15c15 &= ~0x1;
1123 arm920t_write_cp15_physical(target,
1124 CP15PHYS_TESTSTATE, cp15c15);
1125
1126 /* read D TLB RAM content stored to r2 and r3 */
1127 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1128 if ((retval = jtag_execute_queue()) != ERROR_OK)
1129 {
1130 return retval;
1131 }
1132
1133 d_tlb[victim].ram1 = regs[2];
1134 d_tlb[victim].ram2 = regs[3];
1135 }
1136
1137 /* restore D TLB lockdown */
1138 regs[1] = Dlockdown;
1139 arm9tdmi_write_core_regs(target, 0x2, regs);
1140
1141 /* Write D TLB lockdown */
1142 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1143
1144 /* prepare reading I TLB content
1145 * */
1146
1147 /* set interpret mode */
1148 cp15c15 |= 0x1;
1149 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1150
1151 /* Read I TLB lockdown */
1152 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1153
1154 /* clear interpret mode */
1155 cp15c15 &= ~0x1;
1156 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1157
1158 /* read I TLB lockdown stored to r1 */
1159 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1160 if ((retval = jtag_execute_queue()) != ERROR_OK)
1161 {
1162 return retval;
1163 }
1164 Ilockdown = regs[1];
1165
1166 for (victim = 0; victim < 64; victim += 8)
1167 {
1168 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1169 * base remains unchanged, victim goes through entries 0 to 63 */
1170 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1171 arm9tdmi_write_core_regs(target, 0x2, regs);
1172
1173 /* set interpret mode */
1174 cp15c15 |= 0x1;
1175 arm920t_write_cp15_physical(target,
1176 CP15PHYS_TESTSTATE, cp15c15);
1177
1178 /* Write I TLB lockdown */
1179 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1180
1181 /* Read I TLB CAM */
1182 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1183
1184 /* clear interpret mode */
1185 cp15c15 &= ~0x1;
1186 arm920t_write_cp15_physical(target,
1187 CP15PHYS_TESTSTATE, cp15c15);
1188
1189 /* read I TLB CAM content stored to r2-r9 */
1190 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1191 if ((retval = jtag_execute_queue()) != ERROR_OK)
1192 {
1193 return retval;
1194 }
1195
1196 for (i = 0; i < 8; i++)
1197 i_tlb[i + victim].cam = regs[i + 2];
1198 }
1199
1200 for (victim = 0; victim < 64; victim++)
1201 {
1202 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1203 * base remains unchanged, victim goes through entries 0 to 63 */
1204 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1205 arm9tdmi_write_core_regs(target, 0x2, regs);
1206
1207 /* set interpret mode */
1208 cp15c15 |= 0x1;
1209 arm920t_write_cp15_physical(target,
1210 CP15PHYS_TESTSTATE, cp15c15);
1211
1212 /* Write I TLB lockdown */
1213 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1214
1215 /* Read I TLB RAM1 */
1216 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1217
1218 /* Read I TLB RAM2 */
1219 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1220
1221 /* clear interpret mode */
1222 cp15c15 &= ~0x1;
1223 arm920t_write_cp15_physical(target,
1224 CP15PHYS_TESTSTATE, cp15c15);
1225
1226 /* read I TLB RAM content stored to r2 and r3 */
1227 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1228 if ((retval = jtag_execute_queue()) != ERROR_OK)
1229 {
1230 return retval;
1231 }
1232
1233 i_tlb[victim].ram1 = regs[2];
1234 i_tlb[victim].ram2 = regs[3];
1235 }
1236
1237 /* restore I TLB lockdown */
1238 regs[1] = Ilockdown;
1239 arm9tdmi_write_core_regs(target, 0x2, regs);
1240
1241 /* Write I TLB lockdown */
1242 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1243
1244 /* restore CP15 MMU and Cache settings */
1245 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1246
1247 /* output data to file */
1248 fprintf(output, "D TLB content:\n");
1249 for (i = 0; i < 64; i++)
1250 {
1251 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1252 }
1253
1254 fprintf(output, "\n\nI TLB content:\n");
1255 for (i = 0; i < 64; i++)
1256 {
1257 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1258 }
1259
1260 command_print(CMD_CTX, "mmu content successfully output to %s", CMD_ARGV[0]);
1261
1262 fclose(output);
1263
1264 if (!is_arm_mode(armv4_5->core_mode))
1265 return ERROR_FAIL;
1266
1267 /* force writeback of the valid data */
1268 r = armv4_5->core_cache->reg_list;
1269 r[0].dirty = r[0].valid;
1270 r[1].dirty = r[1].valid;
1271 r[2].dirty = r[2].valid;
1272 r[3].dirty = r[3].valid;
1273 r[4].dirty = r[4].valid;
1274 r[5].dirty = r[5].valid;
1275 r[6].dirty = r[6].valid;
1276 r[7].dirty = r[7].valid;
1277
1278 r = arm_reg_current(armv4_5, 8);
1279 r->dirty = r->valid;
1280
1281 r = arm_reg_current(armv4_5, 9);
1282 r->dirty = r->valid;
1283
1284 return ERROR_OK;
1285 }
1286
1287 COMMAND_HANDLER(arm920t_handle_cp15_command)
1288 {
1289 int retval;
1290 struct target *target = get_current_target(CMD_CTX);
1291 struct arm920t_common *arm920t = target_to_arm920(target);
1292
1293 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1294 if (retval != ERROR_OK)
1295 return retval;
1296
1297 if (target->state != TARGET_HALTED)
1298 {
1299 command_print(CMD_CTX, "target must be stopped for \"%s\" command", CMD_NAME);
1300 return ERROR_OK;
1301 }
1302
1303 /* one or more argument, access a single register (write if second argument is given */
1304 if (CMD_ARGC >= 1)
1305 {
1306 int address;
1307 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1308
1309 if (CMD_ARGC == 1)
1310 {
1311 uint32_t value;
1312 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1313 {
1314 command_print(CMD_CTX, "couldn't access reg %i", address);
1315 return ERROR_OK;
1316 }
1317 if ((retval = jtag_execute_queue()) != ERROR_OK)
1318 {
1319 return retval;
1320 }
1321
1322 command_print(CMD_CTX, "%i: %8.8" PRIx32 "", address, value);
1323 }
1324 else if (CMD_ARGC == 2)
1325 {
1326 uint32_t value;
1327 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1328 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1329 {
1330 command_print(CMD_CTX, "couldn't access reg %i", address);
1331 return ERROR_OK;
1332 }
1333 command_print(CMD_CTX, "%i: %8.8" PRIx32 "", address, value);
1334 }
1335 }
1336
1337 return ERROR_OK;
1338 }
1339
1340 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1341 {
1342 int retval;
1343 struct target *target = get_current_target(CMD_CTX);
1344 struct arm920t_common *arm920t = target_to_arm920(target);
1345
1346 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1347 if (retval != ERROR_OK)
1348 return retval;
1349
1350
1351 if (target->state != TARGET_HALTED)
1352 {
1353 command_print(CMD_CTX, "target must be stopped for \"%s\" command", CMD_NAME);
1354 return ERROR_OK;
1355 }
1356
1357 /* one or more argument, access a single register (write if second argument is given */
1358 if (CMD_ARGC >= 1)
1359 {
1360 uint32_t opcode;
1361 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1362
1363 if (CMD_ARGC == 1)
1364 {
1365 uint32_t value;
1366 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1367 {
1368 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1369 return ERROR_OK;
1370 }
1371
1372 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1373 }
1374 else if (CMD_ARGC == 2)
1375 {
1376 uint32_t value;
1377 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1378 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1379 {
1380 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1381 return ERROR_OK;
1382 }
1383 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1384 }
1385 else if (CMD_ARGC == 3)
1386 {
1387 uint32_t value;
1388 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1389 uint32_t address;
1390 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1391 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1392 {
1393 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1394 return ERROR_OK;
1395 }
1396 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 " %8.8" PRIx32 "", opcode, value, address);
1397 }
1398 }
1399 else
1400 {
1401 command_print(CMD_CTX, "usage: arm920t cp15i <opcode> [value] [address]");
1402 }
1403
1404 return ERROR_OK;
1405 }
1406
1407 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1408 {
1409 int retval;
1410 struct target *target = get_current_target(CMD_CTX);
1411 struct arm920t_common *arm920t = target_to_arm920(target);
1412
1413 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1414 if (retval != ERROR_OK)
1415 return retval;
1416
1417 return armv4_5_handle_cache_info_command(CMD_CTX, &arm920t->armv4_5_mmu.armv4_5_cache);
1418 }
1419
1420
1421 static int arm920t_mrc(struct target *target, int cpnum,
1422 uint32_t op1, uint32_t op2,
1423 uint32_t CRn, uint32_t CRm,
1424 uint32_t *value)
1425 {
1426 if (cpnum!=15)
1427 {
1428 LOG_ERROR("Only cp15 is supported");
1429 return ERROR_FAIL;
1430 }
1431
1432 /* read "to" r0 */
1433 return arm920t_read_cp15_interpreted(target,
1434 ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),
1435 0, value);
1436 }
1437
1438 static int arm920t_mcr(struct target *target, int cpnum,
1439 uint32_t op1, uint32_t op2,
1440 uint32_t CRn, uint32_t CRm,
1441 uint32_t value)
1442 {
1443 if (cpnum!=15)
1444 {
1445 LOG_ERROR("Only cp15 is supported");
1446 return ERROR_FAIL;
1447 }
1448
1449 /* write "from" r0 */
1450 return arm920t_write_cp15_interpreted(target,
1451 ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),
1452 0, value);
1453 }
1454
1455 static const struct command_registration arm920t_exec_command_handlers[] = {
1456 {
1457 .name = "cp15",
1458 .handler = arm920t_handle_cp15_command,
1459 .mode = COMMAND_EXEC,
1460 .help = "display/modify cp15 register",
1461 .usage = "regnum [value]",
1462 },
1463 {
1464 .name = "cp15i",
1465 .handler = arm920t_handle_cp15i_command,
1466 .mode = COMMAND_EXEC,
1467 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1468 .help = "display/modify cp15 register using ARM opcode"
1469 " (DEPRECATED)",
1470 .usage = "instruction [value [address]]",
1471 },
1472 {
1473 .name = "cache_info",
1474 .handler = arm920t_handle_cache_info_command,
1475 .mode = COMMAND_EXEC,
1476 .help = "display information about target caches",
1477 },
1478 {
1479 .name = "read_cache",
1480 .handler = arm920t_handle_read_cache_command,
1481 .mode = COMMAND_EXEC,
1482 .help = "dump I/D cache content to file",
1483 .usage = "filename",
1484 },
1485 {
1486 .name = "read_mmu",
1487 .handler = arm920t_handle_read_mmu_command,
1488 .mode = COMMAND_EXEC,
1489 .help = "dump I/D mmu content to file",
1490 .usage = "filename",
1491 },
1492 COMMAND_REGISTRATION_DONE
1493 };
1494 const struct command_registration arm920t_command_handlers[] = {
1495 {
1496 .chain = arm9tdmi_command_handlers,
1497 },
1498 {
1499 .name = "arm920t",
1500 .mode = COMMAND_ANY,
1501 .help = "arm920t command group",
1502 .chain = arm920t_exec_command_handlers,
1503 },
1504 COMMAND_REGISTRATION_DONE
1505 };
1506
1507 /** Holds methods for ARM920 targets. */
1508 struct target_type arm920t_target =
1509 {
1510 .name = "arm920t",
1511
1512 .poll = arm7_9_poll,
1513 .arch_state = arm920t_arch_state,
1514
1515 .target_request_data = arm7_9_target_request_data,
1516
1517 .halt = arm7_9_halt,
1518 .resume = arm7_9_resume,
1519 .step = arm7_9_step,
1520
1521 .assert_reset = arm7_9_assert_reset,
1522 .deassert_reset = arm7_9_deassert_reset,
1523 .soft_reset_halt = arm920t_soft_reset_halt,
1524
1525 .get_gdb_reg_list = arm_get_gdb_reg_list,
1526
1527 .read_memory = arm920t_read_memory,
1528 .write_memory = arm920t_write_memory,
1529 .read_phys_memory = arm920t_read_phys_memory,
1530 .write_phys_memory = arm920t_write_phys_memory,
1531 .mmu = arm920_mmu,
1532 .virt2phys = arm920_virt2phys,
1533
1534 .bulk_write_memory = arm7_9_bulk_write_memory,
1535
1536 .checksum_memory = arm_checksum_memory,
1537 .blank_check_memory = arm_blank_check_memory,
1538
1539 .run_algorithm = armv4_5_run_algorithm,
1540
1541 .add_breakpoint = arm7_9_add_breakpoint,
1542 .remove_breakpoint = arm7_9_remove_breakpoint,
1543 .add_watchpoint = arm7_9_add_watchpoint,
1544 .remove_watchpoint = arm7_9_remove_watchpoint,
1545
1546 .commands = arm920t_command_handlers,
1547 .target_create = arm920t_target_create,
1548 .init_target = arm9tdmi_init_target,
1549 .examine = arm7_9_examine,
1550 .check_reset = arm7_9_check_reset,
1551 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)