Code Review / openocd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
arm920: add virt2phys fn
[openocd.git] / src / target / arm920t.c
1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
4 * *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
9 * *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
14 * *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "arm920t.h"
25 #include <helper/time_support.h>
26 #include "target_type.h"
27 #include "register.h"
28 #include "arm_opcodes.h"
29
30
31 /*
32 * For information about the ARM920T, see ARM DDI 0151C especially
33 * Chapter 9 about debug support, which shows how to manipulate each
34 * of the different scan chains:
35 *
36 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
37 * 1 ... debugging; watchpoint and breakpoint status, etc; also
38 * MMU and cache access in conjunction with scan chain 15
39 * 2 ... EmbeddedICE
40 * 3 ... external boundary scan (SoC-specific, unused here)
41 * 4 ... access to cache tag RAM
42 * 6 ... ETM9
43 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
44 * "interpreted" works with a few actual MRC/MCR instructions
45 * "physical" provides register-like behaviors.
46 *
47 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
48 */
49
50 #if 0
51 #define _DEBUG_INSTRUCTION_EXECUTION_
52 #endif
53
54 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
55
56 static int arm920t_read_cp15_physical(struct target *target,
57 int reg_addr, uint32_t *value)
58 {
59 struct arm920t_common *arm920t = target_to_arm920(target);
60 struct arm_jtag *jtag_info;
61 struct scan_field fields[4];
62 uint8_t access_type_buf = 1;
63 uint8_t reg_addr_buf = reg_addr & 0x3f;
64 uint8_t nr_w_buf = 0;
65
66 jtag_info = &arm920t->arm7_9_common.jtag_info;
67
68 jtag_set_end_state(TAP_IDLE);
69 arm_jtag_scann(jtag_info, 0xf);
70 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
71
72 fields[0].tap = jtag_info->tap;
73 fields[0].num_bits = 1;
74 fields[0].out_value = &access_type_buf;
75 fields[0].in_value = NULL;
76
77 fields[1].tap = jtag_info->tap;
78 fields[1].num_bits = 32;
79 fields[1].out_value = NULL;
80 fields[1].in_value = NULL;
81
82 fields[2].tap = jtag_info->tap;
83 fields[2].num_bits = 6;
84 fields[2].out_value = &reg_addr_buf;
85 fields[2].in_value = NULL;
86
87 fields[3].tap = jtag_info->tap;
88 fields[3].num_bits = 1;
89 fields[3].out_value = &nr_w_buf;
90 fields[3].in_value = NULL;
91
92 jtag_add_dr_scan(4, fields, jtag_get_end_state());
93
94 fields[1].in_value = (uint8_t *)value;
95
96 jtag_add_dr_scan(4, fields, jtag_get_end_state());
97
98 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
99
100 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
101 jtag_execute_queue();
102 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
103 #endif
104
105 return ERROR_OK;
106 }
107
108 static int arm920t_write_cp15_physical(struct target *target,
109 int reg_addr, uint32_t value)
110 {
111 struct arm920t_common *arm920t = target_to_arm920(target);
112 struct arm_jtag *jtag_info;
113 struct scan_field fields[4];
114 uint8_t access_type_buf = 1;
115 uint8_t reg_addr_buf = reg_addr & 0x3f;
116 uint8_t nr_w_buf = 1;
117 uint8_t value_buf[4];
118
119 jtag_info = &arm920t->arm7_9_common.jtag_info;
120
121 buf_set_u32(value_buf, 0, 32, value);
122
123 jtag_set_end_state(TAP_IDLE);
124 arm_jtag_scann(jtag_info, 0xf);
125 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
126
127 fields[0].tap = jtag_info->tap;
128 fields[0].num_bits = 1;
129 fields[0].out_value = &access_type_buf;
130 fields[0].in_value = NULL;
131
132 fields[1].tap = jtag_info->tap;
133 fields[1].num_bits = 32;
134 fields[1].out_value = value_buf;
135 fields[1].in_value = NULL;
136
137 fields[2].tap = jtag_info->tap;
138 fields[2].num_bits = 6;
139 fields[2].out_value = &reg_addr_buf;
140 fields[2].in_value = NULL;
141
142 fields[3].tap = jtag_info->tap;
143 fields[3].num_bits = 1;
144 fields[3].out_value = &nr_w_buf;
145 fields[3].in_value = NULL;
146
147 jtag_add_dr_scan(4, fields, jtag_get_end_state());
148
149 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
150 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
151 #endif
152
153 return ERROR_OK;
154 }
155
156 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
157 uint32_t arm_opcode)
158 {
159 int retval;
160 struct arm920t_common *arm920t = target_to_arm920(target);
161 struct arm_jtag *jtag_info;
162 struct scan_field fields[4];
163 uint8_t access_type_buf = 0; /* interpreted access */
164 uint8_t reg_addr_buf = 0x0;
165 uint8_t nr_w_buf = 0;
166 uint8_t cp15_opcode_buf[4];
167
168 jtag_info = &arm920t->arm7_9_common.jtag_info;
169
170 jtag_set_end_state(TAP_IDLE);
171 arm_jtag_scann(jtag_info, 0xf);
172 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
173
174 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
175
176 fields[0].tap = jtag_info->tap;
177 fields[0].num_bits = 1;
178 fields[0].out_value = &access_type_buf;
179 fields[0].in_value = NULL;
180
181 fields[1].tap = jtag_info->tap;
182 fields[1].num_bits = 32;
183 fields[1].out_value = cp15_opcode_buf;
184 fields[1].in_value = NULL;
185
186 fields[2].tap = jtag_info->tap;
187 fields[2].num_bits = 6;
188 fields[2].out_value = &reg_addr_buf;
189 fields[2].in_value = NULL;
190
191 fields[3].tap = jtag_info->tap;
192 fields[3].num_bits = 1;
193 fields[3].out_value = &nr_w_buf;
194 fields[3].in_value = NULL;
195
196 jtag_add_dr_scan(4, fields, jtag_get_end_state());
197
198 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
199 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
200 retval = arm7_9_execute_sys_speed(target);
201 if (retval != ERROR_OK)
202 return retval;
203
204 if ((retval = jtag_execute_queue()) != ERROR_OK)
205 {
206 LOG_ERROR("failed executing JTAG queue");
207 return retval;
208 }
209
210 return ERROR_OK;
211 }
212
213 static int arm920t_read_cp15_interpreted(struct target *target,
214 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
215 {
216 struct arm *armv4_5 = target_to_arm(target);
217 uint32_t* regs_p[1];
218 uint32_t regs[2];
219 uint32_t cp15c15 = 0x0;
220 struct reg *r = armv4_5->core_cache->reg_list;
221
222 /* load address into R1 */
223 regs[1] = address;
224 arm9tdmi_write_core_regs(target, 0x2, regs);
225
226 /* read-modify-write CP15 test state register
227 * to enable interpreted access mode */
228 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
229 jtag_execute_queue();
230 cp15c15 |= 1; /* set interpret mode */
231 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
232
233 /* execute CP15 instruction and ARM load (reading from coprocessor) */
234 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
235
236 /* disable interpreted access mode */
237 cp15c15 &= ~1U; /* clear interpret mode */
238 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
239
240 /* retrieve value from R0 */
241 regs_p[0] = value;
242 arm9tdmi_read_core_regs(target, 0x1, regs_p);
243 jtag_execute_queue();
244
245 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
246 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
247 #endif
248
249 if (!is_arm_mode(armv4_5->core_mode))
250 return ERROR_FAIL;
251
252 r[0].dirty = 1;
253 r[1].dirty = 1;
254
255 return ERROR_OK;
256 }
257
258 static
259 int arm920t_write_cp15_interpreted(struct target *target,
260 uint32_t cp15_opcode, uint32_t value, uint32_t address)
261 {
262 uint32_t cp15c15 = 0x0;
263 struct arm *armv4_5 = target_to_arm(target);
264 uint32_t regs[2];
265 struct reg *r = armv4_5->core_cache->reg_list;
266
267 /* load value, address into R0, R1 */
268 regs[0] = value;
269 regs[1] = address;
270 arm9tdmi_write_core_regs(target, 0x3, regs);
271
272 /* read-modify-write CP15 test state register
273 * to enable interpreted access mode */
274 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
275 jtag_execute_queue();
276 cp15c15 |= 1; /* set interpret mode */
277 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
278
279 /* execute CP15 instruction and ARM store (writing to coprocessor) */
280 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
281
282 /* disable interpreted access mode */
283 cp15c15 &= ~1U; /* set interpret mode */
284 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
285
286 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
287 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
288 #endif
289
290 if (!is_arm_mode(armv4_5->core_mode))
291 return ERROR_FAIL;
292
293 r[0].dirty = 1;
294 r[1].dirty = 1;
295
296 return ERROR_OK;
297 }
298
299 // EXPORTED to FA256
300 uint32_t arm920t_get_ttb(struct target *target)
301 {
302 int retval;
303 uint32_t ttb = 0x0;
304
305 if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
306 return retval;
307
308 return ttb;
309 }
310
311 // EXPORTED to FA256
312 void arm920t_disable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
313 {
314 uint32_t cp15_control;
315
316 /* read cp15 control register */
317 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
318 jtag_execute_queue();
319
320 if (mmu)
321 cp15_control &= ~0x1U;
322
323 if (d_u_cache)
324 cp15_control &= ~0x4U;
325
326 if (i_cache)
327 cp15_control &= ~0x1000U;
328
329 arm920t_write_cp15_physical(target, 0x2, cp15_control);
330 }
331
332 // EXPORTED to FA256
333 void arm920t_enable_mmu_caches(struct target *target, int mmu, int d_u_cache, int i_cache)
334 {
335 uint32_t cp15_control;
336
337 /* read cp15 control register */
338 arm920t_read_cp15_physical(target, 0x2, &cp15_control);
339 jtag_execute_queue();
340
341 if (mmu)
342 cp15_control |= 0x1U;
343
344 if (d_u_cache)
345 cp15_control |= 0x4U;
346
347 if (i_cache)
348 cp15_control |= 0x1000U;
349
350 arm920t_write_cp15_physical(target, 0x2, cp15_control);
351 }
352
353 // EXPORTED to FA256
354 void arm920t_post_debug_entry(struct target *target)
355 {
356 uint32_t cp15c15;
357 struct arm920t_common *arm920t = target_to_arm920(target);
358
359 /* examine cp15 control reg */
360 arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
361 jtag_execute_queue();
362 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32 "", arm920t->cp15_control_reg);
363
364 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
365 {
366 uint32_t cache_type_reg;
367 /* identify caches */
368 arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
369 jtag_execute_queue();
370 armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
371 }
372
373 arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
374 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
375 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
376
377 /* save i/d fault status and address register */
378 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
379 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
380 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
381 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
382
383 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32 "",
384 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
385
386 if (arm920t->preserve_cache)
387 {
388 /* read-modify-write CP15 test state register
389 * to disable I/D-cache linefills */
390 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
391 jtag_execute_queue();
392 cp15c15 |= 0x600;
393 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
394 }
395 }
396
397 // EXPORTED to FA256
398 void arm920t_pre_restore_context(struct target *target)
399 {
400 uint32_t cp15c15;
401 struct arm920t_common *arm920t = target_to_arm920(target);
402
403 /* restore i/d fault status and address register */
404 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
405 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
406 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
407 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
408
409 /* read-modify-write CP15 test state register
410 * to reenable I/D-cache linefills */
411 if (arm920t->preserve_cache)
412 {
413 arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
414 jtag_execute_queue();
415 cp15c15 &= ~0x600U;
416 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
417 }
418 }
419
420 static const char arm920_not[] = "target is not an ARM920";
421
422 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
423 struct arm920t_common *arm920t)
424 {
425 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
426 command_print(cmd_ctx, arm920_not);
427 return ERROR_TARGET_INVALID;
428 }
429
430 return ERROR_OK;
431 }
432
433 /** Logs summary of ARM920 state for a halted target. */
434 int arm920t_arch_state(struct target *target)
435 {
436 static const char *state[] =
437 {
438 "disabled", "enabled"
439 };
440
441 struct arm920t_common *arm920t = target_to_arm920(target);
442 struct arm *armv4_5;
443
444 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
445 {
446 LOG_ERROR("BUG: %s", arm920_not);
447 return ERROR_TARGET_INVALID;
448 }
449
450 armv4_5 = &arm920t->arm7_9_common.armv4_5_common;
451
452 arm_arch_state(target);
453 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
454 state[arm920t->armv4_5_mmu.mmu_enabled],
455 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
456 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
457
458 return ERROR_OK;
459 }
460
461 static int arm920_mmu(struct target *target, int *enabled)
462 {
463 if (target->state != TARGET_HALTED) {
464 LOG_ERROR("%s: target not halted", __func__);
465 return ERROR_TARGET_INVALID;
466 }
467
468 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
469 return ERROR_OK;
470 }
471
472 static int arm920_virt2phys(struct target *target,
473 uint32_t virt, uint32_t *phys)
474 {
475 int type;
476 uint32_t cb;
477 int domain;
478 uint32_t ap;
479 struct arm920t_common *arm920t = target_to_arm920(target);
480
481 uint32_t ret = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu, virt, &type, &cb, &domain, &ap);
482 if (type == -1)
483 {
484 return ret;
485 }
486 *phys = ret;
487 return ERROR_OK;
488 }
489
490 /** Reads a buffer, in the specified word size, with current MMU settings. */
491 int arm920t_read_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
492 {
493 int retval;
494
495 retval = arm7_9_read_memory(target, address, size, count, buffer);
496
497 return retval;
498 }
499
500
501 static int arm920t_read_phys_memory(struct target *target,
502 uint32_t address, uint32_t size,
503 uint32_t count, uint8_t *buffer)
504 {
505 struct arm920t_common *arm920t = target_to_arm920(target);
506
507 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
508 address, size, count, buffer);
509 }
510
511 static int arm920t_write_phys_memory(struct target *target,
512 uint32_t address, uint32_t size,
513 uint32_t count, uint8_t *buffer)
514 {
515 struct arm920t_common *arm920t = target_to_arm920(target);
516
517 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
518 address, size, count, buffer);
519 }
520
521
522 /** Writes a buffer, in the specified word size, with current MMU settings. */
523 int arm920t_write_memory(struct target *target, uint32_t address, uint32_t size, uint32_t count, uint8_t *buffer)
524 {
525 int retval;
526
527 if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
528 return retval;
529
530 /* This fn is used to write breakpoints, so we need to make sure
531 * that the data cache is flushed and the instruction cache is
532 * invalidated
533 */
534 if (((size == 4) || (size == 2)) && (count == 1))
535 {
536 struct arm920t_common *arm920t = target_to_arm920(target);
537
538 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
539 {
540 LOG_DEBUG("D-Cache enabled, flush and invalidate cache line");
541 /* MCR p15,0,Rd,c7,c10,2 */
542 retval = arm920t_write_cp15_interpreted(target, 0xee070f5e, 0x0, address);
543 if (retval != ERROR_OK)
544 return retval;
545 }
546
547 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
548 {
549 LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
550 retval = arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
551 if (retval != ERROR_OK)
552 return retval;
553 }
554 }
555
556 return retval;
557 }
558
559 // EXPORTED to FA256
560 int arm920t_soft_reset_halt(struct target *target)
561 {
562 int retval = ERROR_OK;
563 struct arm920t_common *arm920t = target_to_arm920(target);
564 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
565 struct arm *armv4_5 = &arm7_9->armv4_5_common;
566 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
567
568 if ((retval = target_halt(target)) != ERROR_OK)
569 {
570 return retval;
571 }
572
573 long long then = timeval_ms();
574 int timeout;
575 while (!(timeout = ((timeval_ms()-then) > 1000)))
576 {
577 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
578 {
579 embeddedice_read_reg(dbg_stat);
580 if ((retval = jtag_execute_queue()) != ERROR_OK)
581 {
582 return retval;
583 }
584 } else
585 {
586 break;
587 }
588 if (debug_level >= 3)
589 {
590 /* do not eat all CPU, time out after 1 se*/
591 alive_sleep(100);
592 } else
593 {
594 keep_alive();
595 }
596 }
597 if (timeout)
598 {
599 LOG_ERROR("Failed to halt CPU after 1 sec");
600 return ERROR_TARGET_TIMEOUT;
601 }
602
603 target->state = TARGET_HALTED;
604
605 /* SVC, ARM state, IRQ and FIQ disabled */
606 uint32_t cpsr;
607
608 cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 32);
609 cpsr &= ~0xff;
610 cpsr |= 0xd3;
611 arm_set_cpsr(armv4_5, cpsr);
612 armv4_5->cpsr->dirty = 1;
613
614 /* start fetching from 0x0 */
615 buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
616 armv4_5->core_cache->reg_list[15].dirty = 1;
617 armv4_5->core_cache->reg_list[15].valid = 1;
618
619 arm920t_disable_mmu_caches(target, 1, 1, 1);
620 arm920t->armv4_5_mmu.mmu_enabled = 0;
621 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
622 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
623
624 if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
625 {
626 return retval;
627 }
628
629 return ERROR_OK;
630 }
631
632 /* FIXME remove forward decls */
633 static int arm920t_mrc(struct target *target, int cpnum,
634 uint32_t op1, uint32_t op2,
635 uint32_t CRn, uint32_t CRm,
636 uint32_t *value);
637 static int arm920t_mcr(struct target *target, int cpnum,
638 uint32_t op1, uint32_t op2,
639 uint32_t CRn, uint32_t CRm,
640 uint32_t value);
641
642 int arm920t_init_arch_info(struct target *target, struct arm920t_common *arm920t, struct jtag_tap *tap)
643 {
644 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
645
646 arm7_9->armv4_5_common.mrc = arm920t_mrc;
647 arm7_9->armv4_5_common.mcr = arm920t_mcr;
648
649 /* initialize arm7/arm9 specific info (including armv4_5) */
650 arm9tdmi_init_arch_info(target, arm7_9, tap);
651
652 arm920t->common_magic = ARM920T_COMMON_MAGIC;
653
654 arm7_9->post_debug_entry = arm920t_post_debug_entry;
655 arm7_9->pre_restore_context = arm920t_pre_restore_context;
656
657 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
658 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
659 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
660 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
661 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
662 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
663 arm920t->armv4_5_mmu.has_tiny_pages = 1;
664 arm920t->armv4_5_mmu.mmu_enabled = 0;
665
666 /* disabling linefills leads to lockups, so keep them enabled for now
667 * this doesn't affect correctness, but might affect timing issues, if
668 * important data is evicted from the cache during the debug session
669 * */
670 arm920t->preserve_cache = 0;
671
672 /* override hw single-step capability from ARM9TDMI */
673 arm7_9->has_single_step = 1;
674
675 return ERROR_OK;
676 }
677
678 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
679 {
680 struct arm920t_common *arm920t = calloc(1,sizeof(struct arm920t_common));
681
682 return arm920t_init_arch_info(target, arm920t, target->tap);
683 }
684
685 COMMAND_HANDLER(arm920t_handle_read_cache_command)
686 {
687 int retval = ERROR_OK;
688 struct target *target = get_current_target(CMD_CTX);
689 struct arm920t_common *arm920t = target_to_arm920(target);
690 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
691 struct arm *armv4_5 = &arm7_9->armv4_5_common;
692 uint32_t cp15c15;
693 uint32_t cp15_ctrl, cp15_ctrl_saved;
694 uint32_t regs[16];
695 uint32_t *regs_p[16];
696 uint32_t C15_C_D_Ind, C15_C_I_Ind;
697 int i;
698 FILE *output;
699 struct arm920t_cache_line d_cache[8][64], i_cache[8][64];
700 int segment, index;
701 struct reg *r;
702
703 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
704 if (retval != ERROR_OK)
705 return retval;
706
707 if (CMD_ARGC != 1)
708 {
709 command_print(CMD_CTX, "usage: arm920t read_cache <filename>");
710 return ERROR_OK;
711 }
712
713 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
714 {
715 LOG_DEBUG("error opening cache content file");
716 return ERROR_OK;
717 }
718
719 for (i = 0; i < 16; i++)
720 regs_p[i] = &regs[i];
721
722 /* disable MMU and Caches */
723 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
724 if ((retval = jtag_execute_queue()) != ERROR_OK)
725 {
726 return retval;
727 }
728 cp15_ctrl_saved = cp15_ctrl;
729 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
730 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
731
732 /* read CP15 test state register */
733 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
734 jtag_execute_queue();
735
736 /* read DCache content */
737 fprintf(output, "DCache:\n");
738
739 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
740 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
741 {
742 fprintf(output, "\nsegment: %i\n----------", segment);
743
744 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
745 regs[0] = 0x0 | (segment << 5);
746 arm9tdmi_write_core_regs(target, 0x1, regs);
747
748 /* set interpret mode */
749 cp15c15 |= 0x1;
750 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
751
752 /* D CAM Read, loads current victim into C15.C.D.Ind */
753 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
754
755 /* read current victim */
756 arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
757
758 /* clear interpret mode */
759 cp15c15 &= ~0x1;
760 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
761
762 for (index = 0; index < 64; index++)
763 {
764 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
765 regs[0] = 0x0 | (segment << 5) | (index << 26);
766 arm9tdmi_write_core_regs(target, 0x1, regs);
767
768 /* set interpret mode */
769 cp15c15 |= 0x1;
770 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
771
772 /* Write DCache victim */
773 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
774
775 /* Read D RAM */
776 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
777
778 /* Read D CAM */
779 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
780
781 /* clear interpret mode */
782 cp15c15 &= ~0x1;
783 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
784
785 /* read D RAM and CAM content */
786 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
787 if ((retval = jtag_execute_queue()) != ERROR_OK)
788 {
789 return retval;
790 }
791
792 d_cache[segment][index].cam = regs[9];
793
794 /* mask LFSR[6] */
795 regs[9] &= 0xfffffffe;
796 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
797
798 for (i = 1; i < 9; i++)
799 {
800 d_cache[segment][index].data[i] = regs[i];
801 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
802 }
803
804 }
805
806 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
807 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
808 arm9tdmi_write_core_regs(target, 0x1, regs);
809
810 /* set interpret mode */
811 cp15c15 |= 0x1;
812 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
813
814 /* Write DCache victim */
815 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
816
817 /* clear interpret mode */
818 cp15c15 &= ~0x1;
819 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
820 }
821
822 /* read ICache content */
823 fprintf(output, "ICache:\n");
824
825 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
826 for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
827 {
828 fprintf(output, "segment: %i\n----------", segment);
829
830 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
831 regs[0] = 0x0 | (segment << 5);
832 arm9tdmi_write_core_regs(target, 0x1, regs);
833
834 /* set interpret mode */
835 cp15c15 |= 0x1;
836 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
837
838 /* I CAM Read, loads current victim into C15.C.I.Ind */
839 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
840
841 /* read current victim */
842 arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
843
844 /* clear interpret mode */
845 cp15c15 &= ~0x1;
846 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
847
848 for (index = 0; index < 64; index++)
849 {
850 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
851 regs[0] = 0x0 | (segment << 5) | (index << 26);
852 arm9tdmi_write_core_regs(target, 0x1, regs);
853
854 /* set interpret mode */
855 cp15c15 |= 0x1;
856 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
857
858 /* Write ICache victim */
859 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
860
861 /* Read I RAM */
862 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
863
864 /* Read I CAM */
865 arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
866
867 /* clear interpret mode */
868 cp15c15 &= ~0x1;
869 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
870
871 /* read I RAM and CAM content */
872 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
873 if ((retval = jtag_execute_queue()) != ERROR_OK)
874 {
875 return retval;
876 }
877
878 i_cache[segment][index].cam = regs[9];
879
880 /* mask LFSR[6] */
881 regs[9] &= 0xfffffffe;
882 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8" PRIx32 ", content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
883
884 for (i = 1; i < 9; i++)
885 {
886 i_cache[segment][index].data[i] = regs[i];
887 fprintf(output, "%i: 0x%8.8" PRIx32 "\n", i-1, regs[i]);
888 }
889 }
890
891 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
892 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
893 arm9tdmi_write_core_regs(target, 0x1, regs);
894
895 /* set interpret mode */
896 cp15c15 |= 0x1;
897 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
898
899 /* Write ICache victim */
900 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
901
902 /* clear interpret mode */
903 cp15c15 &= ~0x1;
904 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
905 }
906
907 /* restore CP15 MMU and Cache settings */
908 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
909
910 command_print(CMD_CTX, "cache content successfully output to %s", CMD_ARGV[0]);
911
912 fclose(output);
913
914 if (!is_arm_mode(armv4_5->core_mode))
915 return ERROR_FAIL;
916
917 /* force writeback of the valid data */
918 r = armv4_5->core_cache->reg_list;
919 r[0].dirty = r[0].valid;
920 r[1].dirty = r[1].valid;
921 r[2].dirty = r[2].valid;
922 r[3].dirty = r[3].valid;
923 r[4].dirty = r[4].valid;
924 r[5].dirty = r[5].valid;
925 r[6].dirty = r[6].valid;
926 r[7].dirty = r[7].valid;
927
928 r = arm_reg_current(armv4_5, 8);
929 r->dirty = r->valid;
930
931 r = arm_reg_current(armv4_5, 9);
932 r->dirty = r->valid;
933
934 return ERROR_OK;
935 }
936
937 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
938 {
939 int retval = ERROR_OK;
940 struct target *target = get_current_target(CMD_CTX);
941 struct arm920t_common *arm920t = target_to_arm920(target);
942 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
943 struct arm *armv4_5 = &arm7_9->armv4_5_common;
944 uint32_t cp15c15;
945 uint32_t cp15_ctrl, cp15_ctrl_saved;
946 uint32_t regs[16];
947 uint32_t *regs_p[16];
948 int i;
949 FILE *output;
950 uint32_t Dlockdown, Ilockdown;
951 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
952 int victim;
953 struct reg *r;
954
955 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
956 if (retval != ERROR_OK)
957 return retval;
958
959 if (CMD_ARGC != 1)
960 {
961 command_print(CMD_CTX, "usage: arm920t read_mmu <filename>");
962 return ERROR_OK;
963 }
964
965 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
966 {
967 LOG_DEBUG("error opening mmu content file");
968 return ERROR_OK;
969 }
970
971 for (i = 0; i < 16; i++)
972 regs_p[i] = &regs[i];
973
974 /* disable MMU and Caches */
975 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
976 if ((retval = jtag_execute_queue()) != ERROR_OK)
977 {
978 return retval;
979 }
980 cp15_ctrl_saved = cp15_ctrl;
981 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
982 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
983
984 /* read CP15 test state register */
985 arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
986 if ((retval = jtag_execute_queue()) != ERROR_OK)
987 {
988 return retval;
989 }
990
991 /* prepare reading D TLB content
992 * */
993
994 /* set interpret mode */
995 cp15c15 |= 0x1;
996 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
997
998 /* Read D TLB lockdown */
999 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1000
1001 /* clear interpret mode */
1002 cp15c15 &= ~0x1;
1003 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1004
1005 /* read D TLB lockdown stored to r1 */
1006 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1007 if ((retval = jtag_execute_queue()) != ERROR_OK)
1008 {
1009 return retval;
1010 }
1011 Dlockdown = regs[1];
1012
1013 for (victim = 0; victim < 64; victim += 8)
1014 {
1015 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1016 * base remains unchanged, victim goes through entries 0 to 63 */
1017 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1018 arm9tdmi_write_core_regs(target, 0x2, regs);
1019
1020 /* set interpret mode */
1021 cp15c15 |= 0x1;
1022 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1023
1024 /* Write D TLB lockdown */
1025 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1026
1027 /* Read D TLB CAM */
1028 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1029
1030 /* clear interpret mode */
1031 cp15c15 &= ~0x1;
1032 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1033
1034 /* read D TLB CAM content stored to r2-r9 */
1035 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1036 if ((retval = jtag_execute_queue()) != ERROR_OK)
1037 {
1038 return retval;
1039 }
1040
1041 for (i = 0; i < 8; i++)
1042 d_tlb[victim + i].cam = regs[i + 2];
1043 }
1044
1045 for (victim = 0; victim < 64; victim++)
1046 {
1047 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1048 * base remains unchanged, victim goes through entries 0 to 63 */
1049 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1050 arm9tdmi_write_core_regs(target, 0x2, regs);
1051
1052 /* set interpret mode */
1053 cp15c15 |= 0x1;
1054 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1055
1056 /* Write D TLB lockdown */
1057 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1058
1059 /* Read D TLB RAM1 */
1060 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1061
1062 /* Read D TLB RAM2 */
1063 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1064
1065 /* clear interpret mode */
1066 cp15c15 &= ~0x1;
1067 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1068
1069 /* read D TLB RAM content stored to r2 and r3 */
1070 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1071 if ((retval = jtag_execute_queue()) != ERROR_OK)
1072 {
1073 return retval;
1074 }
1075
1076 d_tlb[victim].ram1 = regs[2];
1077 d_tlb[victim].ram2 = regs[3];
1078 }
1079
1080 /* restore D TLB lockdown */
1081 regs[1] = Dlockdown;
1082 arm9tdmi_write_core_regs(target, 0x2, regs);
1083
1084 /* Write D TLB lockdown */
1085 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1086
1087 /* prepare reading I TLB content
1088 * */
1089
1090 /* set interpret mode */
1091 cp15c15 |= 0x1;
1092 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1093
1094 /* Read I TLB lockdown */
1095 arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1096
1097 /* clear interpret mode */
1098 cp15c15 &= ~0x1;
1099 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1100
1101 /* read I TLB lockdown stored to r1 */
1102 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1103 if ((retval = jtag_execute_queue()) != ERROR_OK)
1104 {
1105 return retval;
1106 }
1107 Ilockdown = regs[1];
1108
1109 for (victim = 0; victim < 64; victim += 8)
1110 {
1111 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1112 * base remains unchanged, victim goes through entries 0 to 63 */
1113 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1114 arm9tdmi_write_core_regs(target, 0x2, regs);
1115
1116 /* set interpret mode */
1117 cp15c15 |= 0x1;
1118 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1119
1120 /* Write I TLB lockdown */
1121 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1122
1123 /* Read I TLB CAM */
1124 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1125
1126 /* clear interpret mode */
1127 cp15c15 &= ~0x1;
1128 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1129
1130 /* read I TLB CAM content stored to r2-r9 */
1131 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1132 if ((retval = jtag_execute_queue()) != ERROR_OK)
1133 {
1134 return retval;
1135 }
1136
1137 for (i = 0; i < 8; i++)
1138 i_tlb[i + victim].cam = regs[i + 2];
1139 }
1140
1141 for (victim = 0; victim < 64; victim++)
1142 {
1143 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1144 * base remains unchanged, victim goes through entries 0 to 63 */
1145 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1146 arm9tdmi_write_core_regs(target, 0x2, regs);
1147
1148 /* set interpret mode */
1149 cp15c15 |= 0x1;
1150 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
1151
1152 /* Write I TLB lockdown */
1153 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1154
1155 /* Read I TLB RAM1 */
1156 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1157
1158 /* Read I TLB RAM2 */
1159 arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1160
1161 /* clear interpret mode */
1162 cp15c15 &= ~0x1;
1163 arm920t_write_cp15_physical(target, 0x1e, cp15c15);
1164
1165 /* read I TLB RAM content stored to r2 and r3 */
1166 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1167 if ((retval = jtag_execute_queue()) != ERROR_OK)
1168 {
1169 return retval;
1170 }
1171
1172 i_tlb[victim].ram1 = regs[2];
1173 i_tlb[victim].ram2 = regs[3];
1174 }
1175
1176 /* restore I TLB lockdown */
1177 regs[1] = Ilockdown;
1178 arm9tdmi_write_core_regs(target, 0x2, regs);
1179
1180 /* Write I TLB lockdown */
1181 arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1182
1183 /* restore CP15 MMU and Cache settings */
1184 arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
1185
1186 /* output data to file */
1187 fprintf(output, "D TLB content:\n");
1188 for (i = 0; i < 64; i++)
1189 {
1190 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1191 }
1192
1193 fprintf(output, "\n\nI TLB content:\n");
1194 for (i = 0; i < 64; i++)
1195 {
1196 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " 0x%8.8" PRIx32 " %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1197 }
1198
1199 command_print(CMD_CTX, "mmu content successfully output to %s", CMD_ARGV[0]);
1200
1201 fclose(output);
1202
1203 if (!is_arm_mode(armv4_5->core_mode))
1204 return ERROR_FAIL;
1205
1206 /* force writeback of the valid data */
1207 r = armv4_5->core_cache->reg_list;
1208 r[0].dirty = r[0].valid;
1209 r[1].dirty = r[1].valid;
1210 r[2].dirty = r[2].valid;
1211 r[3].dirty = r[3].valid;
1212 r[4].dirty = r[4].valid;
1213 r[5].dirty = r[5].valid;
1214 r[6].dirty = r[6].valid;
1215 r[7].dirty = r[7].valid;
1216
1217 r = arm_reg_current(armv4_5, 8);
1218 r->dirty = r->valid;
1219
1220 r = arm_reg_current(armv4_5, 9);
1221 r->dirty = r->valid;
1222
1223 return ERROR_OK;
1224 }
1225
1226 COMMAND_HANDLER(arm920t_handle_cp15_command)
1227 {
1228 int retval;
1229 struct target *target = get_current_target(CMD_CTX);
1230 struct arm920t_common *arm920t = target_to_arm920(target);
1231
1232 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1233 if (retval != ERROR_OK)
1234 return retval;
1235
1236 if (target->state != TARGET_HALTED)
1237 {
1238 command_print(CMD_CTX, "target must be stopped for \"%s\" command", CMD_NAME);
1239 return ERROR_OK;
1240 }
1241
1242 /* one or more argument, access a single register (write if second argument is given */
1243 if (CMD_ARGC >= 1)
1244 {
1245 int address;
1246 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1247
1248 if (CMD_ARGC == 1)
1249 {
1250 uint32_t value;
1251 if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
1252 {
1253 command_print(CMD_CTX, "couldn't access reg %i", address);
1254 return ERROR_OK;
1255 }
1256 if ((retval = jtag_execute_queue()) != ERROR_OK)
1257 {
1258 return retval;
1259 }
1260
1261 command_print(CMD_CTX, "%i: %8.8" PRIx32 "", address, value);
1262 }
1263 else if (CMD_ARGC == 2)
1264 {
1265 uint32_t value;
1266 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1267 if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
1268 {
1269 command_print(CMD_CTX, "couldn't access reg %i", address);
1270 return ERROR_OK;
1271 }
1272 command_print(CMD_CTX, "%i: %8.8" PRIx32 "", address, value);
1273 }
1274 }
1275
1276 return ERROR_OK;
1277 }
1278
1279 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1280 {
1281 int retval;
1282 struct target *target = get_current_target(CMD_CTX);
1283 struct arm920t_common *arm920t = target_to_arm920(target);
1284
1285 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1286 if (retval != ERROR_OK)
1287 return retval;
1288
1289
1290 if (target->state != TARGET_HALTED)
1291 {
1292 command_print(CMD_CTX, "target must be stopped for \"%s\" command", CMD_NAME);
1293 return ERROR_OK;
1294 }
1295
1296 /* one or more argument, access a single register (write if second argument is given */
1297 if (CMD_ARGC >= 1)
1298 {
1299 uint32_t opcode;
1300 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1301
1302 if (CMD_ARGC == 1)
1303 {
1304 uint32_t value;
1305 if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
1306 {
1307 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1308 return ERROR_OK;
1309 }
1310
1311 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1312 }
1313 else if (CMD_ARGC == 2)
1314 {
1315 uint32_t value;
1316 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1317 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
1318 {
1319 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1320 return ERROR_OK;
1321 }
1322 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 "", opcode, value);
1323 }
1324 else if (CMD_ARGC == 3)
1325 {
1326 uint32_t value;
1327 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1328 uint32_t address;
1329 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1330 if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
1331 {
1332 command_print(CMD_CTX, "couldn't execute %8.8" PRIx32 "", opcode);
1333 return ERROR_OK;
1334 }
1335 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32 " %8.8" PRIx32 "", opcode, value, address);
1336 }
1337 }
1338 else
1339 {
1340 command_print(CMD_CTX, "usage: arm920t cp15i <opcode> [value] [address]");
1341 }
1342
1343 return ERROR_OK;
1344 }
1345
1346 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1347 {
1348 int retval;
1349 struct target *target = get_current_target(CMD_CTX);
1350 struct arm920t_common *arm920t = target_to_arm920(target);
1351
1352 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1353 if (retval != ERROR_OK)
1354 return retval;
1355
1356 return armv4_5_handle_cache_info_command(CMD_CTX, &arm920t->armv4_5_mmu.armv4_5_cache);
1357 }
1358
1359
1360 static int arm920t_mrc(struct target *target, int cpnum,
1361 uint32_t op1, uint32_t op2,
1362 uint32_t CRn, uint32_t CRm,
1363 uint32_t *value)
1364 {
1365 if (cpnum!=15)
1366 {
1367 LOG_ERROR("Only cp15 is supported");
1368 return ERROR_FAIL;
1369 }
1370
1371 /* read "to" r0 */
1372 return arm920t_read_cp15_interpreted(target,
1373 ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),
1374 0, value);
1375 }
1376
1377 static int arm920t_mcr(struct target *target, int cpnum,
1378 uint32_t op1, uint32_t op2,
1379 uint32_t CRn, uint32_t CRm,
1380 uint32_t value)
1381 {
1382 if (cpnum!=15)
1383 {
1384 LOG_ERROR("Only cp15 is supported");
1385 return ERROR_FAIL;
1386 }
1387
1388 /* write "from" r0 */
1389 return arm920t_write_cp15_interpreted(target,
1390 ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),
1391 0, value);
1392 }
1393
1394 static const struct command_registration arm920t_exec_command_handlers[] = {
1395 {
1396 .name = "cp15",
1397 .handler = arm920t_handle_cp15_command,
1398 .mode = COMMAND_EXEC,
1399 .help = "display/modify cp15 register",
1400 .usage = "regnum [value]",
1401 },
1402 {
1403 .name = "cp15i",
1404 .handler = arm920t_handle_cp15i_command,
1405 .mode = COMMAND_EXEC,
1406 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1407 .help = "display/modify cp15 register using ARM opcode"
1408 " (DEPRECATED)",
1409 .usage = "instruction [value [address]]",
1410 },
1411 {
1412 .name = "cache_info",
1413 .handler = arm920t_handle_cache_info_command,
1414 .mode = COMMAND_EXEC,
1415 .help = "display information about target caches",
1416 },
1417 {
1418 .name = "read_cache",
1419 .handler = arm920t_handle_read_cache_command,
1420 .mode = COMMAND_EXEC,
1421 .help = "dump I/D cache content to file",
1422 .usage = "filename",
1423 },
1424 {
1425 .name = "read_mmu",
1426 .handler = arm920t_handle_read_mmu_command,
1427 .mode = COMMAND_EXEC,
1428 .help = "dump I/D mmu content to file",
1429 .usage = "filename",
1430 },
1431 COMMAND_REGISTRATION_DONE
1432 };
1433 const struct command_registration arm920t_command_handlers[] = {
1434 {
1435 .chain = arm9tdmi_command_handlers,
1436 },
1437 {
1438 .name = "arm920t",
1439 .mode = COMMAND_ANY,
1440 .help = "arm920t command group",
1441 .chain = arm920t_exec_command_handlers,
1442 },
1443 COMMAND_REGISTRATION_DONE
1444 };
1445
1446 /** Holds methods for ARM920 targets. */
1447 struct target_type arm920t_target =
1448 {
1449 .name = "arm920t",
1450
1451 .poll = arm7_9_poll,
1452 .arch_state = arm920t_arch_state,
1453
1454 .target_request_data = arm7_9_target_request_data,
1455
1456 .halt = arm7_9_halt,
1457 .resume = arm7_9_resume,
1458 .step = arm7_9_step,
1459
1460 .assert_reset = arm7_9_assert_reset,
1461 .deassert_reset = arm7_9_deassert_reset,
1462 .soft_reset_halt = arm920t_soft_reset_halt,
1463
1464 .get_gdb_reg_list = arm_get_gdb_reg_list,
1465
1466 .read_memory = arm920t_read_memory,
1467 .write_memory = arm920t_write_memory,
1468 .read_phys_memory = arm920t_read_phys_memory,
1469 .write_phys_memory = arm920t_write_phys_memory,
1470 .mmu = arm920_mmu,
1471 .virt2phys = arm920_virt2phys,
1472
1473 .bulk_write_memory = arm7_9_bulk_write_memory,
1474
1475 .checksum_memory = arm_checksum_memory,
1476 .blank_check_memory = arm_blank_check_memory,
1477
1478 .run_algorithm = armv4_5_run_algorithm,
1479
1480 .add_breakpoint = arm7_9_add_breakpoint,
1481 .remove_breakpoint = arm7_9_remove_breakpoint,
1482 .add_watchpoint = arm7_9_add_watchpoint,
1483 .remove_watchpoint = arm7_9_remove_watchpoint,
1484
1485 .commands = arm920t_command_handlers,
1486 .target_create = arm920t_target_create,
1487 .init_target = arm9tdmi_init_target,
1488 .examine = arm7_9_examine,
1489 .check_reset = arm7_9_check_reset,
1490 };
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)