Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
ARM: arm_set_cpsr() handles T and J bits
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include "time_support.h"
26 #include "target_type.h"
27 #include "register.h"
28
29
30 /*
31 * For information about the ARM920T, see ARM DDI 0151C especially
32 * Chapter 9 about debug support, which shows how to manipulate each
33 * of the different scan chains:
34 *
35 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
36 * 1 ... debugging; watchpoint and breakpoint status, etc; also
37 * MMU and cache access in conjunction with scan chain 15
38 * 2 ... EmbeddedICE
39 * 3 ... external boundary scan (SoC-specific, unused here)
40 * 4 ... access to cache tag RAM
41 * 6 ... ETM9
42 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
43 * "interpreted" works with a few actual MRC/MCR instructions
44 * "physical" provides register-like behaviors.
45 *
46 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
47 */
48
49 #if 0
50 #define _DEBUG_INSTRUCTION_EXECUTION_
51 #endif
52
53 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
54
55 static int arm920t_read_cp15_physical(struct target *target,
56 int reg_addr, uint32_t *value)
57 {
58 struct arm920t_common *arm920t = target_to_arm920(target);
59 struct arm_jtag *jtag_info;
60 struct scan_field fields[4];
61 uint8_t access_type_buf = 1;
62 uint8_t reg_addr_buf = reg_addr & 0x3f;
63 uint8_t nr_w_buf = 0;
64
65 jtag_info = &arm920t->arm7_9_common.jtag_info;
66
67 jtag_set_end_state(TAP_IDLE);
68 arm_jtag_scann(jtag_info, 0xf);
69 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
70
71 fields[0].tap = jtag_info->tap;
72 fields[0].num_bits = 1;
73 fields[0].out_value = &access_type_buf;
74 fields[0].in_value = NULL;
75
76 fields[1].tap = jtag_info->tap;
77 fields[1].num_bits = 32;
78 fields[1].out_value = NULL;
79 fields[1].in_value = NULL;
80
81 fields[2].tap = jtag_info->tap;
82 fields[2].num_bits = 6;
83 fields[2].out_value = &reg_addr_buf;
84 fields[2].in_value = NULL;
85
86 fields[3].tap = jtag_info->tap;
87 fields[3].num_bits = 1;
88 fields[3].out_value = &nr_w_buf;
89 fields[3].in_value = NULL;
90
91 jtag_add_dr_scan(4, fields, jtag_get_end_state());
92
93 fields[1].in_value = (uint8_t *)value;
94
95 jtag_add_dr_scan(4, fields, jtag_get_end_state());
96
97 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
98
99 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
100 jtag_execute_queue();
101 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
102 #endif
103
104 return ERROR_OK;
105 }
106
107 static int arm920t_write_cp15_physical(struct target *target,
108 int reg_addr, uint32_t value)
109 {
110 struct arm920t_common *arm920t = target_to_arm920(target);
111 struct arm_jtag *jtag_info;
112 struct scan_field fields[4];
113 uint8_t access_type_buf = 1;
114 uint8_t reg_addr_buf = reg_addr & 0x3f;
115 uint8_t nr_w_buf = 1;
116 uint8_t value_buf[4];
117
118 jtag_info = &arm920t->arm7_9_common.jtag_info;
119
120 buf_set_u32(value_buf, 0, 32, value);
121
122 jtag_set_end_state(TAP_IDLE);
123 arm_jtag_scann(jtag_info, 0xf);
124 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
125
126 fields[0].tap = jtag_info->tap;
127 fields[0].num_bits = 1;
128 fields[0].out_value = &access_type_buf;
129 fields[0].in_value = NULL;
130
131 fields[1].tap = jtag_info->tap;
132 fields[1].num_bits = 32;
133 fields[1].out_value = value_buf;
134 fields[1].in_value = NULL;
135
136 fields[2].tap = jtag_info->tap;
137 fields[2].num_bits = 6;
138 fields[2].out_value = &reg_addr_buf;
139 fields[2].in_value = NULL;
140
141 fields[3].tap = jtag_info->tap;
142 fields[3].num_bits = 1;
143 fields[3].out_value = &nr_w_buf;
144 fields[3].in_value = NULL;
145
146 jtag_add_dr_scan(4, fields, jtag_get_end_state());
147
148 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
149 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
150 #endif
151
152 return ERROR_OK;
153 }
154
155 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
156 uint32_t arm_opcode)
157 {
158 int retval;
159 struct arm920t_common *arm920t = target_to_arm920(target);
160 struct arm_jtag *jtag_info;
161 struct scan_field fields[4];
162 uint8_t access_type_buf = 0; /* interpreted access */
163 uint8_t reg_addr_buf = 0x0;
164 uint8_t nr_w_buf = 0;
165 uint8_t cp15_opcode_buf[4];
166
167 jtag_info = &arm920t->arm7_9_common.jtag_info;
168
169 jtag_set_end_state(TAP_IDLE);
170 arm_jtag_scann(jtag_info, 0xf);
171 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
172
173 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
174
175 fields[0].tap = jtag_info->tap;
176 fields[0].num_bits = 1;
177 fields[0].out_value = &access_type_buf;
178 fields[0].in_value = NULL;
179
180 fields[1].tap = jtag_info->tap;
181 fields[1].num_bits = 32;
182 fields[1].out_value = cp15_opcode_buf;
183 fields[1].in_value = NULL;
184
185 fields[2].tap = jtag_info->tap;
186 fields[2].num_bits = 6;
187 fields[2].out_value = &reg_addr_buf;
188 fields[2].in_value = NULL;
189
190 fields[3].tap = jtag_info->tap;
191 fields[3].num_bits = 1;
192 fields[3].out_value = &nr_w_buf;
193 fields[3].in_value = NULL;
194
195 jtag_add_dr_scan(4, fields, jtag_get_end_state());
196
197 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
198 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
199 retval = arm7_9_execute_sys_speed(target);
200 if (retval != ERROR_OK)
201 return retval;
202
203 if ((retval = jtag_execute_queue()) != ERROR_OK)
204 {
205 LOG_ERROR("failed executing JTAG queue");
206 return retval;
207 }
208
209 return ERROR_OK;
210 }
211
212 static int arm920t_read_cp15_interpreted(struct target *target,
213 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
214 {
215 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
216 uint32_t* regs_p[1];
217 uint32_t regs[2];
218 uint32_t cp15c15 = 0x0;
219
220 /* load address into R1 */
221 regs[1] = address;
222 arm9tdmi_write_core_regs(target, 0x2, regs);
223
224 /* read-modify-write CP15 test state register
225 * to enable interpreted access mode */
226 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
227 jtag_execute_queue();
228 cp15c15 |= 1; /* set interpret mode */
229 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
230
231 /* execute CP15 instruction and ARM load (reading from coprocessor) */
232 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
233
234 /* disable interpreted access mode */
235 cp15c15 &= ~1U; /* clear interpret mode */
236 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
237
238 /* retrieve value from R0 */
239 regs_p[0] = value;
240 arm9tdmi_read_core_regs(target, 0x1, regs_p);
241 jtag_execute_queue();
242
243 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
244 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
245 #endif
246
247 if (!is_arm_mode(armv4_5->core_mode))
248 return ERROR_FAIL;
249
250 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
251 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
252
253 return ERROR_OK;
254 }
255
256 static
257 int arm920t_write_cp15_interpreted(struct target *target,
258 uint32_t cp15_opcode, uint32_t value, uint32_t address)
259 {
260 uint32_t cp15c15 = 0x0;
261 struct armv4_5_common_s *armv4_5 = target_to_armv4_5(target);
262 uint32_t regs[2];
263
264 /* load value, address into R0, R1 */
265 regs[0] = value;
266 regs[1] = address;
267 arm9tdmi_write_core_regs(target, 0x3, regs);
268
269 /* read-modify-write CP15 test state register
270 * to enable interpreted access mode */
271 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
272 jtag_execute_queue();
273 cp15c15 |= 1; /* set interpret mode */
274 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
275
276 /* execute CP15 instruction and ARM store (writing to coprocessor) */
277 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
278
279 /* disable interpreted access mode */
280 cp15c15 &= ~1U; /* set interpret mode */
281 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
282
283 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
284 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
285 #endif
286
287 if (!is_arm_mode(armv4_5->core_mode))
288 return ERROR_FAIL;
289
290 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
291 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
292
293 return ERROR_OK;
294 }
295
296 // EXPORTED to FA256
297 uint32_t arm920t_get_ttb(struct target *target)
298 {
299 int retval;
300 uint32_t ttb = 0x0;
301
302 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
303 return retval;
304
305 return ttb;
306 }
307
308 // EXPORTED to FA256
309 void arm920t_disable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
310 {
311 uint32_t cp15_control;
312
313 /* read cp15 control register */
314 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
315 jtag_execute_queue();
316
317 if (mmu)
318 cp15_control &= ~0x1U;
319
320 if (d_u_cache)
321 cp15_control &= ~0x4U;
322
323 if (i_cache)
324 cp15_control &= ~0x1000U;
325
326 arm920t_write_cp15_physical(target, 0x2, cp15_control);
327 }
328
329 // EXPORTED to FA256
330 void arm920t_enable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
331 {
332 uint32_t cp15_control;
333
334 /* read cp15 control register */
335 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
336 jtag_execute_queue();
337
338 if (mmu)
339 cp15_control |= 0x1U;
340
341 if (d_u_cache)
342 cp15_control |= 0x4U;
343
344 if (i_cache)
345 cp15_control |= 0x1000U;
346
347 arm920t_write_cp15_physical(target, 0x2, cp15_control);
348 }
349
350 // EXPORTED to FA256
351 void arm920t_post_debug_entry(struct target *target)
352 {
353 uint32_t cp15c15;
354 struct arm920t_common *arm920t = target_to_arm920(target);
355
356 /* examine cp15 control reg */
357 arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
358 jtag_execute_queue();
359 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm920t->cp15_control_reg);
360
361 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
362 {
363 uint32_t cache_type_reg;
364 /* identify caches */
365 arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
366 jtag_execute_queue();
367 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
368 }
369
370 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
371 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
372 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
373
374 /* save i/d fault status and address register */
375 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
376 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
377 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
378 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
379
380 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32 "",
381 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
382
383 if (arm920t->preserve_cache)
384 {
385 /* read-modify-write CP15 test state register
386 * to disable I/D-cache linefills */
387 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
388 jtag_execute_queue();
389 cp15c15 |= 0x600;
390 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
391 }
392 }
393
394 // EXPORTED to FA256
395 void arm920t_pre_restore_context(struct target *target)
396 {
397 uint32_t cp15c15;
398 struct arm920t_common *arm920t = target_to_arm920(target);
399
400 /* restore i/d fault status and address register */
401 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
402 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
403 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
404 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
405
406 /* read-modify-write CP15 test state register
407 * to reenable I/D-cache linefills */
408 if (arm920t->preserve_cache)
409 {
410 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
411 jtag_execute_queue();
412 cp15c15 &= ~0x600U;
413 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
414 }
415 }
416
417 static const char arm920_not[] = "target is not an ARM920";
418
419 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
420 struct arm920t_common *arm920t)
421 {
422 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
423 command_print(cmd_ctx, arm920_not);
424 return ERROR_TARGET_INVALID;
425 }
426
427 return ERROR_OK;
428 }
429
430 /** Logs summary of ARM920 state for a halted target. */
431 int arm920t_arch_state(struct target *target)
432 {
433 static const char *state[] =
434 {
435 "disabled", "enabled"
436 };
437
438 struct arm920t_common *arm920t = target_to_arm920(target);
439 struct armv4_5_common_s *armv4_5;
440
441 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
442 {
443 LOG_ERROR("BUG: %s", arm920_not);
444 return ERROR_TARGET_INVALID;
445 }
446
447 armv4_5 = &arm920t->arm7_9_common.armv4_5_common;
448
449 LOG_USER("target halted in %s state due to %s, current mode: %s\n"
450 "cpsr: 0x%8.8" PRIx32 " pc: 0x%8.8" PRIx32 "\n"
451 "MMU: %s, D-Cache: %s, I-Cache: %s",
452 armv4_5_state_strings[armv4_5->core_state],
453 Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
454 arm_mode_name(armv4_5->core_mode),
455 buf_get_u32(armv4_5->cpsr->value, 0, 32),
456 buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
457 state[arm920t->armv4_5_mmu.mmu_enabled],
458 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
459 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
460
461 return ERROR_OK;
462 }
463
464 static int arm920_mmu(struct target *target, int *enabled)
465 {
466 if (target->state != TARGET_HALTED) {
467 LOG_ERROR("%s: target not halted", __func__);
468 return ERROR_TARGET_INVALID;
469 }
470
471 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
472 return ERROR_OK;
473 }
474
475 static int arm920_virt2phys(struct target *target,
476 uint32_t virt, uint32_t *phys)
477 {
478 /** @todo Implement this! */
479 LOG_ERROR("%s: not implemented", __func__);
480 return ERROR_FAIL;
481 }
482
483 /** Reads a buffer, in the specified word size, with current MMU settings. */
484 int arm920t_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
485 {
486 int retval;
487
488 retval = arm7_9_read_memory(target, address, size, count, buffer);
489
490 return retval;
491 }
492
493
494 static int arm920t_read_phys_memory(struct target *target,
495 uint32_t address, uint32_t size,
496 uint32_t count, uint8_t *buffer)
497 {
498 struct arm920t_common *arm920t = target_to_arm920(target);
499
500 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
501 address, size, count, buffer);
502 }
503
504 static int arm920t_write_phys_memory(struct target *target,
505 uint32_t address, uint32_t size,
506 uint32_t count, uint8_t *buffer)
507 {
508 struct arm920t_common *arm920t = target_to_arm920(target);
509
510 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
511 address, size, count, buffer);
512 }
513
514
515 /** Writes a buffer, in the specified word size, with current MMU settings. */
516 int arm920t_write_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
517 {
518 int retval;
519
520 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
521 return retval;
522
523 /* This fn is used to write breakpoints, so we need to make sure
524 * that the data cache is flushed and the instruction cache is
525 * invalidated
526 */
527 if (((size == 4) || (size == 2)) && (count == 1))
528 {
529 struct arm920t_common *arm920t = target_to_arm920(target);
530
531 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
532 {
533 LOG_DEBUG("D-Cache enabled, flush and invalidate cache line");
534 /* MCR p15,0,Rd,c7,c10,2 */
535 retval = arm920t_write_cp15_interpreted(target, 0xee070f5e, 0x0, address);
536 if (retval != ERROR_OK)
537 return retval;
538 }
539
540 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
541 {
542 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
543 retval = arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
544 if (retval != ERROR_OK)
545 return retval;
546 }
547 }
548
549 return retval;
550 }
551
552 // EXPORTED to FA256
553 int arm920t_soft_reset_halt(struct target *target)
554 {
555 int retval = ERROR_OK;
556 struct arm920t_common *arm920t = target_to_arm920(target);
557 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
558 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
559 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
560
561 if ((retval = target_halt(target)) != ERROR_OK)
562 {
563 return retval;
564 }
565
566 long long then = timeval_ms();
567 int timeout;
568 while (!(timeout = ((timeval_ms()-then) > 1000)))
569 {
570 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
571 {
572 embeddedice_read_reg(dbg_stat);
573 if ((retval = jtag_execute_queue()) != ERROR_OK)
574 {
575 return retval;
576 }
577 } else
578 {
579 break;
580 }
581 if (debug_level >= 3)
582 {
583 /* do not eat all CPU, time out after 1 se*/
584 alive_sleep(100);
585 } else
586 {
587 keep_alive();
588 }
589 }
590 if (timeout)
591 {
592 LOG_ERROR("Failed to halt CPU after 1 sec");
593 return ERROR_TARGET_TIMEOUT;
594 }
595
596 target->state = TARGET_HALTED;
597
598 /* SVC, ARM state, IRQ and FIQ disabled */
599 uint32_t cpsr;
600
601 cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 32);
602 cpsr &= ~0xff;
603 cpsr |= 0xd3;
604 arm_set_cpsr(armv4_5, cpsr);
605 armv4_5->cpsr->dirty = 1;
606
607 /* start fetching from 0x0 */
608 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
609 armv4_5->core_cache->reg_list[15].dirty = 1;
610 armv4_5->core_cache->reg_list[15].valid = 1;
611
612 arm920t_disable_mmu_caches(target, 1, 1, 1);
613 arm920t->armv4_5_mmu.mmu_enabled = 0;
614 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
615 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
616
617 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
618 {
619 return retval;
620 }
621
622 return ERROR_OK;
623 }
624
625 int arm920t_init_arch_info(struct target *target, struct arm920t_common *arm920t, struct jtag_tap *tap)
626 {
627 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
628
629 /* initialize arm7/arm9 specific info (including armv4_5) */
630 arm9tdmi_init_arch_info(target, arm7_9, tap);
631
632 arm920t->common_magic = ARM920T_COMMON_MAGIC;
633
634 arm7_9->post_debug_entry = arm920t_post_debug_entry;
635 arm7_9->pre_restore_context = arm920t_pre_restore_context;
636
637 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
638 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
639 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
640 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
641 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
642 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
643 arm920t->armv4_5_mmu.has_tiny_pages = 1;
644 arm920t->armv4_5_mmu.mmu_enabled = 0;
645
646 /* disabling linefills leads to lockups, so keep them enabled for now
647 * this doesn't affect correctness, but might affect timing issues, if
648 * important data is evicted from the cache during the debug session
649 * */
650 arm920t->preserve_cache = 0;
651
652 /* override hw single-step capability from ARM9TDMI */
653 arm7_9->has_single_step = 1;
654
655 return ERROR_OK;
656 }
657
658 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
659 {
660 struct arm920t_common *arm920t = calloc(1,sizeof(struct arm920t_common));
661
662 return arm920t_init_arch_info(target, arm920t, target->tap);
663 }
664
665 COMMAND_HANDLER(arm920t_handle_read_cache_command)
666 {
667 int retval = ERROR_OK;
668 struct target *target = get_current_target(CMD_CTX);
669 struct arm920t_common *arm920t = target_to_arm920(target);
670 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
671 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
672 uint32_t cp15c15;
673 uint32_t cp15_ctrl, cp15_ctrl_saved;
674 uint32_t regs[16];
675 uint32_t *regs_p[16];
676 uint32_t C15_C_D_Ind, C15_C_I_Ind;
677 int i;
678 FILE *output;
679 struct arm920t_cache_line d_cache[8][64], i_cache[8][64];
680 int segment, index;
681
682 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
683 if (retval != ERROR_OK)
684 return retval;
685
686 if (CMD_ARGC != 1)
687 {
688 command_print(CMD_CTX, "usage: arm920t read_cache <filename>");
689 return ERROR_OK;
690 }
691
692 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
693 {
694 LOG_DEBUG("error opening cache content file");
695 return ERROR_OK;
696 }
697
698 for (i = 0; i < 16; i++)
699 regs_p[i] = &regs[i];
700
701 /* disable MMU and Caches */
702 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
703 if ((retval = jtag_execute_queue()) != ERROR_OK)
704 {
705 return retval;
706 }
707 cp15_ctrl_saved = cp15_ctrl;
708 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
709 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
710
711 /* read CP15 test state register */
712 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
713 jtag_execute_queue();
714
715 /* read DCache content */
716 fprintf(output, "DCache:\n");
717
718 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
719 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
720 {
721 fprintf(output, "\nsegment: %i\n----------", segment);
722
723 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
724 regs[0] = 0x0 | (segment << 5);
725 arm9tdmi_write_core_regs(target, 0x1, regs);
726
727 /* set interpret mode */
728 cp15c15 |= 0x1;
729 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
730
731 /* D CAM Read, loads current victim into C15.C.D.Ind */
732 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
733
734 /* read current victim */
735 arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
736
737 /* clear interpret mode */
738 cp15c15 &= ~0x1;
739 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
740
741 for (index = 0; index < 64; index++)
742 {
743 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
744 regs[0] = 0x0 | (segment << 5) | (index << 26);
745 arm9tdmi_write_core_regs(target, 0x1, regs);
746
747 /* set interpret mode */
748 cp15c15 |= 0x1;
749 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
750
751 /* Write DCache victim */
752 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
753
754 /* Read D RAM */
755 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
756
757 /* Read D CAM */
758 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
759
760 /* clear interpret mode */
761 cp15c15 &= ~0x1;
762 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
763
764 /* read D RAM and CAM content */
765 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
766 if ((retval = jtag_execute_queue()) != ERROR_OK)
767 {
768 return retval;
769 }
770
771 d_cache[segment][index].cam = regs[9];
772
773 /* mask LFSR[6] */
774 regs[9] &= 0xfffffffe;
775 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
776
777 for (i = 1; i < 9; i++)
778 {
779 d_cache[segment][index].data[i] = regs[i];
780 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
781 }
782
783 }
784
785 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
786 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
787 arm9tdmi_write_core_regs(target, 0x1, regs);
788
789 /* set interpret mode */
790 cp15c15 |= 0x1;
791 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
792
793 /* Write DCache victim */
794 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
795
796 /* clear interpret mode */
797 cp15c15 &= ~0x1;
798 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
799 }
800
801 /* read ICache content */
802 fprintf(output, "ICache:\n");
803
804 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
805 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
806 {
807 fprintf(output, "segment: %i\n----------", segment);
808
809 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
810 regs[0] = 0x0 | (segment << 5);
811 arm9tdmi_write_core_regs(target, 0x1, regs);
812
813 /* set interpret mode */
814 cp15c15 |= 0x1;
815 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
816
817 /* I CAM Read, loads current victim into C15.C.I.Ind */
818 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
819
820 /* read current victim */
821 arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
822
823 /* clear interpret mode */
824 cp15c15 &= ~0x1;
825 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
826
827 for (index = 0; index < 64; index++)
828 {
829 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
830 regs[0] = 0x0 | (segment << 5) | (index << 26);
831 arm9tdmi_write_core_regs(target, 0x1, regs);
832
833 /* set interpret mode */
834 cp15c15 |= 0x1;
835 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
836
837 /* Write ICache victim */
838 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
839
840 /* Read I RAM */
841 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
842
843 /* Read I CAM */
844 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
845
846 /* clear interpret mode */
847 cp15c15 &= ~0x1;
848 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
849
850 /* read I RAM and CAM content */
851 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
852 if ((retval = jtag_execute_queue()) != ERROR_OK)
853 {
854 return retval;
855 }
856
857 i_cache[segment][index].cam = regs[9];
858
859 /* mask LFSR[6] */
860 regs[9] &= 0xfffffffe;
861 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
862
863 for (i = 1; i < 9; i++)
864 {
865 i_cache[segment][index].data[i] = regs[i];
866 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
867 }
868 }
869
870 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
871 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
872 arm9tdmi_write_core_regs(target, 0x1, regs);
873
874 /* set interpret mode */
875 cp15c15 |= 0x1;
876 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
877
878 /* Write ICache victim */
879 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
880
881 /* clear interpret mode */
882 cp15c15 &= ~0x1;
883 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
884 }
885
886 /* restore CP15 MMU and Cache settings */
887 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
888
889 command_print(CMD_CTX, "cache content successfully output to %s", CMD_ARGV[0]);
890
891 fclose(output);
892
893 if (!is_arm_mode(armv4_5->core_mode))
894 return ERROR_FAIL;
895
896 /* mark registers dirty. */
897 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
898 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
899 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
900 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
901 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
902 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
903 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
904 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
905 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
906 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
907
908 return ERROR_OK;
909 }
910
911 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
912 {
913 int retval = ERROR_OK;
914 struct target *target = get_current_target(CMD_CTX);
915 struct arm920t_common *arm920t = target_to_arm920(target);
916 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
917 struct armv4_5_common_s *armv4_5 = &arm7_9->armv4_5_common;
918 uint32_t cp15c15;
919 uint32_t cp15_ctrl, cp15_ctrl_saved;
920 uint32_t regs[16];
921 uint32_t *regs_p[16];
922 int i;
923 FILE *output;
924 uint32_t Dlockdown, Ilockdown;
925 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
926 int victim;
927
928 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
929 if (retval != ERROR_OK)
930 return retval;
931
932 if (CMD_ARGC != 1)
933 {
934 command_print(CMD_CTX, "usage: arm920t read_mmu <filename>");
935 return ERROR_OK;
936 }
937
938 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
939 {
940 LOG_DEBUG("error opening mmu content file");
941 return ERROR_OK;
942 }
943
944 for (i = 0; i < 16; i++)
945 regs_p[i] = &regs[i];
946
947 /* disable MMU and Caches */
948 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
949 if ((retval = jtag_execute_queue()) != ERROR_OK)
950 {
951 return retval;
952 }
953 cp15_ctrl_saved = cp15_ctrl;
954 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
955 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
956
957 /* read CP15 test state register */
958 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
959 if ((retval = jtag_execute_queue()) != ERROR_OK)
960 {
961 return retval;
962 }
963
964 /* prepare reading D TLB content
965 * */
966
967 /* set interpret mode */
968 cp15c15 |= 0x1;
969 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
970
971 /* Read D TLB lockdown */
972 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
973
974 /* clear interpret mode */
975 cp15c15 &= ~0x1;
976 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
977
978 /* read D TLB lockdown stored to r1 */
979 arm9tdmi_read_core_regs(target, 0x2, regs_p);
980 if ((retval = jtag_execute_queue()) != ERROR_OK)
981 {
982 return retval;
983 }
984 Dlockdown = regs[1];
985
986 for (victim = 0; victim < 64; victim += 8)
987 {
988 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
989 * base remains unchanged, victim goes through entries 0 to 63 */
990 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
991 arm9tdmi_write_core_regs(target, 0x2, regs);
992
993 /* set interpret mode */
994 cp15c15 |= 0x1;
995 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
996
997 /* Write D TLB lockdown */
998 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
999
1000 /* Read D TLB CAM */
1001 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1002
1003 /* clear interpret mode */
1004 cp15c15 &= ~0x1;
1005 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1006
1007 /* read D TLB CAM content stored to r2-r9 */
1008 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1009 if ((retval = jtag_execute_queue()) != ERROR_OK)
1010 {
1011 return retval;
1012 }
1013
1014 for (i = 0; i < 8; i++)
1015 d_tlb[victim + i].cam = regs[i + 2];
1016 }
1017
1018 for (victim = 0; victim < 64; victim++)
1019 {
1020 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1021 * base remains unchanged, victim goes through entries 0 to 63 */
1022 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1023 arm9tdmi_write_core_regs(target, 0x2, regs);
1024
1025 /* set interpret mode */
1026 cp15c15 |= 0x1;
1027 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1028
1029 /* Write D TLB lockdown */
1030 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1031
1032 /* Read D TLB RAM1 */
1033 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1034
1035 /* Read D TLB RAM2 */
1036 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1037
1038 /* clear interpret mode */
1039 cp15c15 &= ~0x1;
1040 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1041
1042 /* read D TLB RAM content stored to r2 and r3 */
1043 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1044 if ((retval = jtag_execute_queue()) != ERROR_OK)
1045 {
1046 return retval;
1047 }
1048
1049 d_tlb[victim].ram1 = regs[2];
1050 d_tlb[victim].ram2 = regs[3];
1051 }
1052
1053 /* restore D TLB lockdown */
1054 regs[1] = Dlockdown;
1055 arm9tdmi_write_core_regs(target, 0x2, regs);
1056
1057 /* Write D TLB lockdown */
1058 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1059
1060 /* prepare reading I TLB content
1061 * */
1062
1063 /* set interpret mode */
1064 cp15c15 |= 0x1;
1065 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1066
1067 /* Read I TLB lockdown */
1068 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1069
1070 /* clear interpret mode */
1071 cp15c15 &= ~0x1;
1072 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1073
1074 /* read I TLB lockdown stored to r1 */
1075 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1076 if ((retval = jtag_execute_queue()) != ERROR_OK)
1077 {
1078 return retval;
1079 }
1080 Ilockdown = regs[1];
1081
1082 for (victim = 0; victim < 64; victim += 8)
1083 {
1084 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1085 * base remains unchanged, victim goes through entries 0 to 63 */
1086 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1087 arm9tdmi_write_core_regs(target, 0x2, regs);
1088
1089 /* set interpret mode */
1090 cp15c15 |= 0x1;
1091 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1092
1093 /* Write I TLB lockdown */
1094 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1095
1096 /* Read I TLB CAM */
1097 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1098
1099 /* clear interpret mode */
1100 cp15c15 &= ~0x1;
1101 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1102
1103 /* read I TLB CAM content stored to r2-r9 */
1104 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1105 if ((retval = jtag_execute_queue()) != ERROR_OK)
1106 {
1107 return retval;
1108 }
1109
1110 for (i = 0; i < 8; i++)
1111 i_tlb[i + victim].cam = regs[i + 2];
1112 }
1113
1114 for (victim = 0; victim < 64; victim++)
1115 {
1116 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1117 * base remains unchanged, victim goes through entries 0 to 63 */
1118 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1119 arm9tdmi_write_core_regs(target, 0x2, regs);
1120
1121 /* set interpret mode */
1122 cp15c15 |= 0x1;
1123 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1124
1125 /* Write I TLB lockdown */
1126 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1127
1128 /* Read I TLB RAM1 */
1129 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1130
1131 /* Read I TLB RAM2 */
1132 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1133
1134 /* clear interpret mode */
1135 cp15c15 &= ~0x1;
1136 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1137
1138 /* read I TLB RAM content stored to r2 and r3 */
1139 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1140 if ((retval = jtag_execute_queue()) != ERROR_OK)
1141 {
1142 return retval;
1143 }
1144
1145 i_tlb[victim].ram1 = regs[2];
1146 i_tlb[victim].ram2 = regs[3];
1147 }
1148
1149 /* restore I TLB lockdown */
1150 regs[1] = Ilockdown;
1151 arm9tdmi_write_core_regs(target, 0x2, regs);
1152
1153 /* Write I TLB lockdown */
1154 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1155
1156 /* restore CP15 MMU and Cache settings */
1157 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1158
1159 /* output data to file */
1160 fprintf(output, "D TLB content:\n");
1161 for (i = 0; i < 64; i++)
1162 {
1163 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1164 }
1165
1166 fprintf(output, "\n\nI TLB content:\n");
1167 for (i = 0; i < 64; i++)
1168 {
1169 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1170 }
1171
1172 command_print(CMD_CTX, "mmu content successfully output to %s", CMD_ARGV[0]);
1173
1174 fclose(output);
1175
1176 if (!is_arm_mode(armv4_5->core_mode))
1177 return ERROR_FAIL;
1178
1179 /* mark registers dirty */
1180 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
1181 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
1182 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
1183 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
1184 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
1185 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
1186 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
1187 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
1188 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
1189 ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
1190
1191 return ERROR_OK;
1192 }
1193
1194 COMMAND_HANDLER(arm920t_handle_cp15_command)
1195 {
1196 int retval;
1197 struct target *target = get_current_target(CMD_CTX);
1198 struct arm920t_common *arm920t = target_to_arm920(target);
1199
1200 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1201 if (retval != ERROR_OK)
1202 return retval;
1203
1204 if (target->state != TARGET_HALTED)
1205 {
1206 command_print(CMD_CTX, "target must be stopped for \"%s\" command", CMD_NAME);
1207 return ERROR_OK;
1208 }
1209
1210 /* one or more argument, access a single register (write if second argument is given */
1211 if (CMD_ARGC >= 1)
1212 {
1213 int address;
1214 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1215
1216 if (CMD_ARGC == 1)
1217 {
1218 uint32_t value;
1219 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1220 {
1221 command_print(CMD_CTX, "couldn't access reg %i", address);
1222 return ERROR_OK;
1223 }
1224 if ((retval = jtag_execute_queue()) != ERROR_OK)
1225 {
1226 return retval;
1227 }
1228
1229 command_print(CMD_CTX, "%i: %8.8" PRIx32 "", address, value);
1230 }
1231 else if (CMD_ARGC == 2)
1232 {
1233 uint32_t value;
1234 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1235 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1236 {
1237 command_print(CMD_CTX, "couldn't access reg %i", address);
1238 return ERROR_OK;
1239 }
1240 command_print(CMD_CTX, "%i: %8.8" PRIx32 "", address, value);
1241 }
1242 }
1243
1244 return ERROR_OK;
1245 }
1246
1247 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1248 {
1249 int retval;
1250 struct target *target = get_current_target(CMD_CTX);
1251 struct arm920t_common *arm920t = target_to_arm920(target);
1252
1253 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1254 if (retval != ERROR_OK)
1255 return retval;
1256
1257
1258 if (target->state != TARGET_HALTED)
1259 {
1260 command_print(CMD_CTX, "target must be stopped for \"%s\" command", CMD_NAME);
1261 return ERROR_OK;
1262 }
1263
1264 /* one or more argument, access a single register (write if second argument is given */
1265 if (CMD_ARGC >= 1)
1266 {
1267 uint32_t opcode;
1268 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1269
1270 if (CMD_ARGC == 1)
1271 {
1272 uint32_t value;
1273 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1274 {
1275 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1276 return ERROR_OK;
1277 }
1278
1279 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1280 }
1281 else if (CMD_ARGC == 2)
1282 {
1283 uint32_t value;
1284 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1285 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1286 {
1287 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1288 return ERROR_OK;
1289 }
1290 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1291 }
1292 else if (CMD_ARGC == 3)
1293 {
1294 uint32_t value;
1295 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1296 uint32_t address;
1297 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1298 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1299 {
1300 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1301 return ERROR_OK;
1302 }
1303 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 " %8.8" PRIx32 "", opcode, value, address);
1304 }
1305 }
1306 else
1307 {
1308 command_print(CMD_CTX, "usage: arm920t cp15i <opcode> [value] [address]");
1309 }
1310
1311 return ERROR_OK;
1312 }
1313
1314 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1315 {
1316 int retval;
1317 struct target *target = get_current_target(CMD_CTX);
1318 struct arm920t_common *arm920t = target_to_arm920(target);
1319
1320 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1321 if (retval != ERROR_OK)
1322 return retval;
1323
1324 return armv4_5_handle_cache_info_command(CMD_CTX, &arm920t->armv4_5_mmu.armv4_5_cache);
1325 }
1326
1327
1328 static int arm920t_mrc(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t *value)
1329 {
1330 if (cpnum!=15)
1331 {
1332 LOG_ERROR("Only cp15 is supported");
1333 return ERROR_FAIL;
1334 }
1335
1336 return arm920t_read_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1337 }
1338
1339 static int arm920t_mcr(struct target *target, int cpnum, uint32_t op1, uint32_t op2, uint32_t CRn, uint32_t CRm, uint32_t value)
1340 {
1341 if (cpnum!=15)
1342 {
1343 LOG_ERROR("Only cp15 is supported");
1344 return ERROR_FAIL;
1345 }
1346
1347 return arm920t_write_cp15_interpreted(target, mrc_opcode(cpnum, op1, op2, CRn, CRm), 0, value);
1348 }
1349
1350 /** Registers commands to access coprocessor, cache, and MMU resources. */
1351 int arm920t_register_commands(struct command_context *cmd_ctx)
1352 {
1353 int retval;
1354 struct command *arm920t_cmd;
1355
1356 retval = arm9tdmi_register_commands(cmd_ctx);
1357
1358 arm920t_cmd = register_command(cmd_ctx, NULL, "arm920t",
1359 NULL, COMMAND_ANY,
1360 "arm920t specific commands");
1361
1362 register_command(cmd_ctx, arm920t_cmd, "cp15",
1363 arm920t_handle_cp15_command, COMMAND_EXEC,
1364 "display/modify cp15 register <num> [value]");
1365 register_command(cmd_ctx, arm920t_cmd, "cp15i",
1366 arm920t_handle_cp15i_command, COMMAND_EXEC,
1367 "display/modify cp15 (interpreted access) "
1368 "<opcode> [value] [address]");
1369 register_command(cmd_ctx, arm920t_cmd, "cache_info",
1370 arm920t_handle_cache_info_command, COMMAND_EXEC,
1371 "display information about target caches");
1372 register_command(cmd_ctx, arm920t_cmd, "read_cache",
1373 arm920t_handle_read_cache_command, COMMAND_EXEC,
1374 "display I/D cache content");
1375 register_command(cmd_ctx, arm920t_cmd, "read_mmu",
1376 arm920t_handle_read_mmu_command, COMMAND_EXEC,
1377 "display I/D mmu content");
1378
1379 return retval;
1380 }
1381
1382 /** Holds methods for ARM920 targets. */
1383 struct target_type arm920t_target =
1384 {
1385 .name = "arm920t",
1386
1387 .poll = arm7_9_poll,
1388 .arch_state = arm920t_arch_state,
1389
1390 .target_request_data = arm7_9_target_request_data,
1391
1392 .halt = arm7_9_halt,
1393 .resume = arm7_9_resume,
1394 .step = arm7_9_step,
1395
1396 .assert_reset = arm7_9_assert_reset,
1397 .deassert_reset = arm7_9_deassert_reset,
1398 .soft_reset_halt = arm920t_soft_reset_halt,
1399
1400 .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
1401
1402 .read_memory = arm920t_read_memory,
1403 .write_memory = arm920t_write_memory,
1404 .read_phys_memory = arm920t_read_phys_memory,
1405 .write_phys_memory = arm920t_write_phys_memory,
1406 .mmu = arm920_mmu,
1407 .virt2phys = arm920_virt2phys,
1408
1409 .bulk_write_memory = arm7_9_bulk_write_memory,
1410
1411 .checksum_memory = arm_checksum_memory,
1412 .blank_check_memory = arm_blank_check_memory,
1413
1414 .run_algorithm = armv4_5_run_algorithm,
1415
1416 .add_breakpoint = arm7_9_add_breakpoint,
1417 .remove_breakpoint = arm7_9_remove_breakpoint,
1418 .add_watchpoint = arm7_9_add_watchpoint,
1419 .remove_watchpoint = arm7_9_remove_watchpoint,
1420
1421 .register_commands = arm920t_register_commands,
1422 .target_create = arm920t_target_create,
1423 .init_target = arm9tdmi_init_target,
1424 .examine = arm7_9_examine,
1425 .mrc = arm920t_mrc,
1426 .mcr = arm920t_mcr,
1427 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)