2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
26 #include <helper/time_support.h>
27 #include "target_type.h"
29 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target
*target
,
84 int reg_addr
, uint32_t *value
)
86 struct arm920t_common
*arm920t
= target_to_arm920(target
);
87 struct arm_jtag
*jtag_info
;
88 struct scan_field fields
[4];
89 uint8_t access_type_buf
= 1;
90 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
94 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
96 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
97 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
98 if (retval
!= ERROR_OK
)
101 fields
[0].num_bits
= 1;
102 fields
[0].out_value
= &access_type_buf
;
103 fields
[0].in_value
= NULL
;
105 fields
[1].num_bits
= 32;
106 fields
[1].out_value
= NULL
;
107 fields
[1].in_value
= NULL
;
109 fields
[2].num_bits
= 6;
110 fields
[2].out_value
= ®_addr_buf
;
111 fields
[2].in_value
= NULL
;
113 fields
[3].num_bits
= 1;
114 fields
[3].out_value
= &nr_w_buf
;
115 fields
[3].in_value
= NULL
;
117 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
119 fields
[1].in_value
= (uint8_t *)value
;
121 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
123 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
125 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
126 jtag_execute_queue();
127 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
133 static int arm920t_write_cp15_physical(struct target
*target
,
134 int reg_addr
, uint32_t value
)
136 struct arm920t_common
*arm920t
= target_to_arm920(target
);
137 struct arm_jtag
*jtag_info
;
138 struct scan_field fields
[4];
139 uint8_t access_type_buf
= 1;
140 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
141 uint8_t nr_w_buf
= 1;
142 uint8_t value_buf
[4];
145 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
147 buf_set_u32(value_buf
, 0, 32, value
);
149 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
150 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
151 if (retval
!= ERROR_OK
)
154 fields
[0].num_bits
= 1;
155 fields
[0].out_value
= &access_type_buf
;
156 fields
[0].in_value
= NULL
;
158 fields
[1].num_bits
= 32;
159 fields
[1].out_value
= value_buf
;
160 fields
[1].in_value
= NULL
;
162 fields
[2].num_bits
= 6;
163 fields
[2].out_value
= ®_addr_buf
;
164 fields
[2].in_value
= NULL
;
166 fields
[3].num_bits
= 1;
167 fields
[3].out_value
= &nr_w_buf
;
168 fields
[3].in_value
= NULL
;
170 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
172 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
173 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
179 /* See table 9-10 for scan chain 15 format during interpreted access mode.
180 * If the TESTSTATE register is set for interpreted access, certain CP15
181 * MRC and MCR instructions may be executed through scan chain 15.
183 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
184 * executed using scan chain 15 interpreted mode.
186 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
190 struct arm920t_common
*arm920t
= target_to_arm920(target
);
191 struct arm_jtag
*jtag_info
;
192 struct scan_field fields
[4];
193 uint8_t access_type_buf
= 0; /* interpreted access */
194 uint8_t reg_addr_buf
= 0x0;
195 uint8_t nr_w_buf
= 0;
196 uint8_t cp15_opcode_buf
[4];
198 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
200 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
201 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
202 if (retval
!= ERROR_OK
)
205 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
207 fields
[0].num_bits
= 1;
208 fields
[0].out_value
= &access_type_buf
;
209 fields
[0].in_value
= NULL
;
211 fields
[1].num_bits
= 32;
212 fields
[1].out_value
= cp15_opcode_buf
;
213 fields
[1].in_value
= NULL
;
215 fields
[2].num_bits
= 6;
216 fields
[2].out_value
= ®_addr_buf
;
217 fields
[2].in_value
= NULL
;
219 fields
[3].num_bits
= 1;
220 fields
[3].out_value
= &nr_w_buf
;
221 fields
[3].in_value
= NULL
;
223 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
225 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
226 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
227 retval
= arm7_9_execute_sys_speed(target
);
228 if (retval
!= ERROR_OK
)
231 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
233 LOG_ERROR("failed executing JTAG queue");
240 static int arm920t_read_cp15_interpreted(struct target
*target
,
241 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
243 struct arm
*armv4_5
= target_to_arm(target
);
246 uint32_t cp15c15
= 0x0;
247 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
249 /* load address into R1 */
251 arm9tdmi_write_core_regs(target
, 0x2, regs
);
253 /* read-modify-write CP15 test state register
254 * to enable interpreted access mode */
255 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
256 jtag_execute_queue();
257 cp15c15
|= 1; /* set interpret mode */
258 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
260 /* execute CP15 instruction and ARM load (reading from coprocessor) */
261 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
263 /* disable interpreted access mode */
264 cp15c15
&= ~1U; /* clear interpret mode */
265 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
267 /* retrieve value from R0 */
269 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
270 jtag_execute_queue();
272 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
273 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
274 cp15_opcode
, address
, *value
);
277 if (!is_arm_mode(armv4_5
->core_mode
))
287 int arm920t_write_cp15_interpreted(struct target
*target
,
288 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
290 uint32_t cp15c15
= 0x0;
291 struct arm
*armv4_5
= target_to_arm(target
);
293 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
295 /* load value, address into R0, R1 */
298 arm9tdmi_write_core_regs(target
, 0x3, regs
);
300 /* read-modify-write CP15 test state register
301 * to enable interpreted access mode */
302 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
303 jtag_execute_queue();
304 cp15c15
|= 1; /* set interpret mode */
305 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
307 /* execute CP15 instruction and ARM store (writing to coprocessor) */
308 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
310 /* disable interpreted access mode */
311 cp15c15
&= ~1U; /* set interpret mode */
312 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
314 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
315 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
316 cp15_opcode
, value
, address
);
319 if (!is_arm_mode(armv4_5
->core_mode
))
329 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
334 if ((retval
= arm920t_read_cp15_interpreted(target
,
335 /* FIXME use opcode macro */
336 0xeebf0f51, 0x0, &ttb
)) != ERROR_OK
)
344 int arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
345 int d_u_cache
, int i_cache
)
347 uint32_t cp15_control
;
350 /* read cp15 control register */
351 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
352 if (retval
!= ERROR_OK
)
354 retval
= jtag_execute_queue();
355 if (retval
!= ERROR_OK
)
359 cp15_control
&= ~0x1U
;
362 cp15_control
&= ~0x4U
;
365 cp15_control
&= ~0x1000U
;
367 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
372 int arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
373 int d_u_cache
, int i_cache
)
375 uint32_t cp15_control
;
378 /* read cp15 control register */
379 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
380 if (retval
!= ERROR_OK
)
382 retval
= jtag_execute_queue();
383 if (retval
!= ERROR_OK
)
387 cp15_control
|= 0x1U
;
390 cp15_control
|= 0x4U
;
393 cp15_control
|= 0x1000U
;
395 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
400 int arm920t_post_debug_entry(struct target
*target
)
403 struct arm920t_common
*arm920t
= target_to_arm920(target
);
406 /* examine cp15 control reg */
407 retval
= arm920t_read_cp15_physical(target
,
408 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
409 if (retval
!= ERROR_OK
)
411 retval
= jtag_execute_queue();
412 if (retval
!= ERROR_OK
)
414 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
416 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
418 uint32_t cache_type_reg
;
419 /* identify caches */
420 retval
= arm920t_read_cp15_physical(target
,
421 CP15PHYS_CACHETYPE
, &cache_type_reg
);
422 if (retval
!= ERROR_OK
)
424 retval
= jtag_execute_queue();
425 if (retval
!= ERROR_OK
)
427 armv4_5_identify_cache(cache_type_reg
,
428 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
431 arm920t
->armv4_5_mmu
.mmu_enabled
=
432 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
433 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
434 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
435 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
436 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
438 /* save i/d fault status and address register */
439 /* FIXME use opcode macros */
440 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
441 if (retval
!= ERROR_OK
)
443 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
444 if (retval
!= ERROR_OK
)
446 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
447 if (retval
!= ERROR_OK
)
449 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
450 if (retval
!= ERROR_OK
)
453 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
454 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
455 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
457 if (arm920t
->preserve_cache
)
459 /* read-modify-write CP15 test state register
460 * to disable I/D-cache linefills */
461 retval
= arm920t_read_cp15_physical(target
,
462 CP15PHYS_TESTSTATE
, &cp15c15
);
463 if (retval
!= ERROR_OK
)
465 retval
= jtag_execute_queue();
466 if (retval
!= ERROR_OK
)
469 retval
= arm920t_write_cp15_physical(target
,
470 CP15PHYS_TESTSTATE
, cp15c15
);
471 if (retval
!= ERROR_OK
)
478 void arm920t_pre_restore_context(struct target
*target
)
481 struct arm920t_common
*arm920t
= target_to_arm920(target
);
483 /* restore i/d fault status and address register */
484 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
485 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
486 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
487 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
489 /* read-modify-write CP15 test state register
490 * to reenable I/D-cache linefills */
491 if (arm920t
->preserve_cache
)
493 arm920t_read_cp15_physical(target
,
494 CP15PHYS_TESTSTATE
, &cp15c15
);
495 jtag_execute_queue();
497 arm920t_write_cp15_physical(target
,
498 CP15PHYS_TESTSTATE
, cp15c15
);
502 static const char arm920_not
[] = "target is not an ARM920";
504 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
505 struct arm920t_common
*arm920t
)
507 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
508 command_print(cmd_ctx
, arm920_not
);
509 return ERROR_TARGET_INVALID
;
515 /** Logs summary of ARM920 state for a halted target. */
516 int arm920t_arch_state(struct target
*target
)
518 static const char *state
[] =
520 "disabled", "enabled"
523 struct arm920t_common
*arm920t
= target_to_arm920(target
);
526 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
)
528 LOG_ERROR("BUG: %s", arm920_not
);
529 return ERROR_TARGET_INVALID
;
532 armv4_5
= &arm920t
->arm7_9_common
.armv4_5_common
;
534 arm_arch_state(target
);
535 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
536 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
537 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
538 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
543 static int arm920_mmu(struct target
*target
, int *enabled
)
545 if (target
->state
!= TARGET_HALTED
) {
546 LOG_ERROR("%s: target not halted", __func__
);
547 return ERROR_TARGET_INVALID
;
550 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
554 static int arm920_virt2phys(struct target
*target
,
555 uint32_t virt
, uint32_t *phys
)
558 struct arm920t_common
*arm920t
= target_to_arm920(target
);
561 int retval
= armv4_5_mmu_translate_va(target
,
562 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
563 if (retval
!= ERROR_OK
)
569 /** Reads a buffer, in the specified word size, with current MMU settings. */
570 int arm920t_read_memory(struct target
*target
, uint32_t address
,
571 uint32_t size
, uint32_t count
, uint8_t *buffer
)
575 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
581 static int arm920t_read_phys_memory(struct target
*target
,
582 uint32_t address
, uint32_t size
,
583 uint32_t count
, uint8_t *buffer
)
585 struct arm920t_common
*arm920t
= target_to_arm920(target
);
587 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
588 address
, size
, count
, buffer
);
591 static int arm920t_write_phys_memory(struct target
*target
,
592 uint32_t address
, uint32_t size
,
593 uint32_t count
, uint8_t *buffer
)
595 struct arm920t_common
*arm920t
= target_to_arm920(target
);
597 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
598 address
, size
, count
, buffer
);
602 /** Writes a buffer, in the specified word size, with current MMU settings. */
603 int arm920t_write_memory(struct target
*target
, uint32_t address
,
604 uint32_t size
, uint32_t count
, uint8_t *buffer
)
607 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
608 struct arm920t_common
*arm920t
= target_to_arm920(target
);
610 /* FIX!!!! this should be cleaned up and made much more general. The
611 * plan is to write up and test on arm920t specifically and
612 * then generalize and clean up afterwards.
614 * Also it should be moved to the callbacks that handle breakpoints
615 * specifically and not the generic memory write fn's. See XScale code.
617 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
618 ((size
==2) || (size
==4)))
620 /* special case the handling of single word writes to
621 * bypass MMU, to allow implementation of breakpoints
622 * in memory marked read only
629 * We need physical address and cb
631 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
633 if (retval
!= ERROR_OK
)
636 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
640 LOG_DEBUG("D-Cache buffered, "
641 "drain write buffer");
644 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
647 retval
= arm920t_write_cp15_interpreted(target
,
648 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
650 if (retval
!= ERROR_OK
)
657 * Write back memory ? -> clean cache
659 * There is no way to clean cache lines using
660 * cp15 scan chain, so copy the full cache
661 * line from cache to physical memory.
665 LOG_DEBUG("D-Cache in 'write back' mode, "
668 retval
= target_read_memory(target
,
669 address
& cache_mask
, 1,
670 sizeof(data
), &data
[0]);
671 if (retval
!= ERROR_OK
)
674 retval
= armv4_5_mmu_write_physical(target
,
675 &arm920t
->armv4_5_mmu
,
677 sizeof(data
), &data
[0]);
678 if (retval
!= ERROR_OK
)
686 * Cached ? -> Invalidate data cache using MVA
688 * MCR p15,0,Rd,c7,c6,1
690 LOG_DEBUG("D-Cache enabled, "
691 "invalidate cache line");
693 retval
= arm920t_write_cp15_interpreted(target
,
694 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
695 address
& cache_mask
);
696 if (retval
!= ERROR_OK
)
701 /* write directly to physical memory,
702 * bypassing any read only MMU bits, etc.
704 retval
= armv4_5_mmu_write_physical(target
,
705 &arm920t
->armv4_5_mmu
, pa
, size
,
707 if (retval
!= ERROR_OK
)
711 if ((retval
= arm7_9_write_memory(target
, address
,
712 size
, count
, buffer
)) != ERROR_OK
)
716 /* If ICache is enabled, we have to invalidate affected ICache lines
717 * the DCache is forced to write-through,
718 * so we don't have to clean it here
720 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
724 /* invalidate ICache single entry with MVA
725 * mcr 15, 0, r0, cr7, cr5, {1}
727 LOG_DEBUG("I-Cache enabled, "
728 "invalidating affected I-Cache line");
729 retval
= arm920t_write_cp15_interpreted(target
,
730 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
731 0x0, address
& cache_mask
);
732 if (retval
!= ERROR_OK
)
738 * mcr 15, 0, r0, cr7, cr5, {0}
740 retval
= arm920t_write_cp15_interpreted(target
,
741 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
743 if (retval
!= ERROR_OK
)
752 int arm920t_soft_reset_halt(struct target
*target
)
754 int retval
= ERROR_OK
;
755 struct arm920t_common
*arm920t
= target_to_arm920(target
);
756 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
757 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
758 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
760 if ((retval
= target_halt(target
)) != ERROR_OK
)
765 long long then
= timeval_ms();
767 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
769 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1)
772 embeddedice_read_reg(dbg_stat
);
773 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
781 if (debug_level
>= 3)
783 /* do not eat all CPU, time out after 1 se*/
792 LOG_ERROR("Failed to halt CPU after 1 sec");
793 return ERROR_TARGET_TIMEOUT
;
796 target
->state
= TARGET_HALTED
;
798 /* SVC, ARM state, IRQ and FIQ disabled */
801 cpsr
= buf_get_u32(armv4_5
->cpsr
->value
, 0, 32);
804 arm_set_cpsr(armv4_5
, cpsr
);
805 armv4_5
->cpsr
->dirty
= 1;
807 /* start fetching from 0x0 */
808 buf_set_u32(armv4_5
->pc
->value
, 0, 32, 0x0);
809 armv4_5
->pc
->dirty
= 1;
810 armv4_5
->pc
->valid
= 1;
812 arm920t_disable_mmu_caches(target
, 1, 1, 1);
813 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
814 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
815 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
817 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
820 /* FIXME remove forward decls */
821 static int arm920t_mrc(struct target
*target
, int cpnum
,
822 uint32_t op1
, uint32_t op2
,
823 uint32_t CRn
, uint32_t CRm
,
825 static int arm920t_mcr(struct target
*target
, int cpnum
,
826 uint32_t op1
, uint32_t op2
,
827 uint32_t CRn
, uint32_t CRm
,
830 static int arm920t_init_arch_info(struct target
*target
,
831 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
833 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
835 arm7_9
->armv4_5_common
.mrc
= arm920t_mrc
;
836 arm7_9
->armv4_5_common
.mcr
= arm920t_mcr
;
838 /* initialize arm7/arm9 specific info (including armv4_5) */
839 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
841 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
843 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
844 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
846 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
847 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
848 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
849 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
850 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
851 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
852 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
853 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
855 /* disabling linefills leads to lockups, so keep them enabled for now
856 * this doesn't affect correctness, but might affect timing issues, if
857 * important data is evicted from the cache during the debug session
859 arm920t
->preserve_cache
= 0;
861 /* override hw single-step capability from ARM9TDMI */
862 arm7_9
->has_single_step
= 1;
867 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
869 struct arm920t_common
*arm920t
;
871 arm920t
= calloc(1,sizeof(struct arm920t_common
));
872 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
875 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
877 int retval
= ERROR_OK
;
878 struct target
*target
= get_current_target(CMD_CTX
);
879 struct arm920t_common
*arm920t
= target_to_arm920(target
);
880 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
881 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
883 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
885 uint32_t *regs_p
[16];
886 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
889 struct arm920t_cache_line d_cache
[8][64], i_cache
[8][64];
890 int segment
, index_t
;
893 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
894 if (retval
!= ERROR_OK
)
899 command_print(CMD_CTX
, "usage: arm920t read_cache <filename>");
903 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
905 LOG_DEBUG("error opening cache content file");
909 for (i
= 0; i
< 16; i
++)
910 regs_p
[i
] = ®s
[i
];
912 /* disable MMU and Caches */
913 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
914 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
918 cp15_ctrl_saved
= cp15_ctrl
;
919 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
920 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
921 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
923 /* read CP15 test state register */
924 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
925 jtag_execute_queue();
927 /* read DCache content */
928 fprintf(output
, "DCache:\n");
930 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
932 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
935 fprintf(output
, "\nsegment: %i\n----------", segment
);
937 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
938 regs
[0] = 0x0 | (segment
<< 5);
939 arm9tdmi_write_core_regs(target
, 0x1, regs
);
941 /* set interpret mode */
943 arm920t_write_cp15_physical(target
,
944 CP15PHYS_TESTSTATE
, cp15c15
);
946 /* D CAM Read, loads current victim into C15.C.D.Ind */
947 arm920t_execute_cp15(target
,
948 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
950 /* read current victim */
951 arm920t_read_cp15_physical(target
,
952 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
954 /* clear interpret mode */
956 arm920t_write_cp15_physical(target
,
957 CP15PHYS_TESTSTATE
, cp15c15
);
959 for (index_t
= 0; index_t
< 64; index_t
++)
962 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
964 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
965 arm9tdmi_write_core_regs(target
, 0x1, regs
);
967 /* set interpret mode */
969 arm920t_write_cp15_physical(target
,
970 CP15PHYS_TESTSTATE
, cp15c15
);
972 /* Write DCache victim */
973 arm920t_execute_cp15(target
,
974 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
977 arm920t_execute_cp15(target
,
978 ARMV4_5_MCR(15,2,0,15,10,2),
979 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
982 arm920t_execute_cp15(target
,
983 ARMV4_5_MCR(15,2,0,15,6,2),
986 /* clear interpret mode */
988 arm920t_write_cp15_physical(target
,
989 CP15PHYS_TESTSTATE
, cp15c15
);
991 /* read D RAM and CAM content */
992 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
993 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
998 d_cache
[segment
][index_t
].cam
= regs
[9];
1001 regs
[9] &= 0xfffffffe;
1002 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
1003 PRIx32
", content (%s):\n",
1004 segment
, index_t
, regs
[9],
1005 (regs
[9] & 0x10) ? "valid" : "invalid");
1007 for (i
= 1; i
< 9; i
++)
1009 d_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1010 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1016 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1017 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1018 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1020 /* set interpret mode */
1022 arm920t_write_cp15_physical(target
,
1023 CP15PHYS_TESTSTATE
, cp15c15
);
1025 /* Write DCache victim */
1026 arm920t_execute_cp15(target
,
1027 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
1029 /* clear interpret mode */
1031 arm920t_write_cp15_physical(target
,
1032 CP15PHYS_TESTSTATE
, cp15c15
);
1035 /* read ICache content */
1036 fprintf(output
, "ICache:\n");
1038 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1040 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1043 fprintf(output
, "segment: %i\n----------", segment
);
1045 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1046 regs
[0] = 0x0 | (segment
<< 5);
1047 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1049 /* set interpret mode */
1051 arm920t_write_cp15_physical(target
,
1052 CP15PHYS_TESTSTATE
, cp15c15
);
1054 /* I CAM Read, loads current victim into C15.C.I.Ind */
1055 arm920t_execute_cp15(target
,
1056 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1058 /* read current victim */
1059 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1062 /* clear interpret mode */
1064 arm920t_write_cp15_physical(target
,
1065 CP15PHYS_TESTSTATE
, cp15c15
);
1067 for (index_t
= 0; index_t
< 64; index_t
++)
1070 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1072 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1073 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1075 /* set interpret mode */
1077 arm920t_write_cp15_physical(target
,
1078 CP15PHYS_TESTSTATE
, cp15c15
);
1080 /* Write ICache victim */
1081 arm920t_execute_cp15(target
,
1082 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1085 arm920t_execute_cp15(target
,
1086 ARMV4_5_MCR(15,2,0,15,9,2),
1087 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1090 arm920t_execute_cp15(target
,
1091 ARMV4_5_MCR(15,2,0,15,5,2),
1094 /* clear interpret mode */
1096 arm920t_write_cp15_physical(target
,
1097 CP15PHYS_TESTSTATE
, cp15c15
);
1099 /* read I RAM and CAM content */
1100 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1101 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1106 i_cache
[segment
][index_t
].cam
= regs
[9];
1109 regs
[9] &= 0xfffffffe;
1110 fprintf(output
, "\nsegment: %i, index: %i, "
1111 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1112 segment
, index_t
, regs
[9],
1113 (regs
[9] & 0x10) ? "valid" : "invalid");
1115 for (i
= 1; i
< 9; i
++)
1117 i_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1118 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1123 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1124 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1125 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1127 /* set interpret mode */
1129 arm920t_write_cp15_physical(target
,
1130 CP15PHYS_TESTSTATE
, cp15c15
);
1132 /* Write ICache victim */
1133 arm920t_execute_cp15(target
,
1134 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1136 /* clear interpret mode */
1138 arm920t_write_cp15_physical(target
,
1139 CP15PHYS_TESTSTATE
, cp15c15
);
1142 /* restore CP15 MMU and Cache settings */
1143 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1145 command_print(CMD_CTX
, "cache content successfully output to %s",
1150 if (!is_arm_mode(armv4_5
->core_mode
))
1153 /* force writeback of the valid data */
1154 r
= armv4_5
->core_cache
->reg_list
;
1155 r
[0].dirty
= r
[0].valid
;
1156 r
[1].dirty
= r
[1].valid
;
1157 r
[2].dirty
= r
[2].valid
;
1158 r
[3].dirty
= r
[3].valid
;
1159 r
[4].dirty
= r
[4].valid
;
1160 r
[5].dirty
= r
[5].valid
;
1161 r
[6].dirty
= r
[6].valid
;
1162 r
[7].dirty
= r
[7].valid
;
1164 r
= arm_reg_current(armv4_5
, 8);
1165 r
->dirty
= r
->valid
;
1167 r
= arm_reg_current(armv4_5
, 9);
1168 r
->dirty
= r
->valid
;
1173 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1175 int retval
= ERROR_OK
;
1176 struct target
*target
= get_current_target(CMD_CTX
);
1177 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1178 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1179 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
1181 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1183 uint32_t *regs_p
[16];
1186 uint32_t Dlockdown
, Ilockdown
;
1187 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1191 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1192 if (retval
!= ERROR_OK
)
1197 command_print(CMD_CTX
, "usage: arm920t read_mmu <filename>");
1201 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
1203 LOG_DEBUG("error opening mmu content file");
1207 for (i
= 0; i
< 16; i
++)
1208 regs_p
[i
] = ®s
[i
];
1210 /* disable MMU and Caches */
1211 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1212 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1216 cp15_ctrl_saved
= cp15_ctrl
;
1217 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1218 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1219 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1221 /* read CP15 test state register */
1222 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1223 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1228 /* prepare reading D TLB content
1231 /* set interpret mode */
1233 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1235 /* Read D TLB lockdown */
1236 arm920t_execute_cp15(target
,
1237 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1239 /* clear interpret mode */
1241 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1243 /* read D TLB lockdown stored to r1 */
1244 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1245 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1249 Dlockdown
= regs
[1];
1251 for (victim
= 0; victim
< 64; victim
+= 8)
1253 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1254 * base remains unchanged, victim goes through entries 0 to 63
1256 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1257 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1259 /* set interpret mode */
1261 arm920t_write_cp15_physical(target
,
1262 CP15PHYS_TESTSTATE
, cp15c15
);
1264 /* Write D TLB lockdown */
1265 arm920t_execute_cp15(target
,
1266 ARMV4_5_MCR(15,0,0,10,0,0),
1269 /* Read D TLB CAM */
1270 arm920t_execute_cp15(target
,
1271 ARMV4_5_MCR(15,4,0,15,6,4),
1272 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1274 /* clear interpret mode */
1276 arm920t_write_cp15_physical(target
,
1277 CP15PHYS_TESTSTATE
, cp15c15
);
1279 /* read D TLB CAM content stored to r2-r9 */
1280 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1281 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1286 for (i
= 0; i
< 8; i
++)
1287 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1290 for (victim
= 0; victim
< 64; victim
++)
1292 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1293 * base remains unchanged, victim goes through entries 0 to 63
1295 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1296 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1298 /* set interpret mode */
1300 arm920t_write_cp15_physical(target
,
1301 CP15PHYS_TESTSTATE
, cp15c15
);
1303 /* Write D TLB lockdown */
1304 arm920t_execute_cp15(target
,
1305 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1307 /* Read D TLB RAM1 */
1308 arm920t_execute_cp15(target
,
1309 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1311 /* Read D TLB RAM2 */
1312 arm920t_execute_cp15(target
,
1313 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1315 /* clear interpret mode */
1317 arm920t_write_cp15_physical(target
,
1318 CP15PHYS_TESTSTATE
, cp15c15
);
1320 /* read D TLB RAM content stored to r2 and r3 */
1321 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1322 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1327 d_tlb
[victim
].ram1
= regs
[2];
1328 d_tlb
[victim
].ram2
= regs
[3];
1331 /* restore D TLB lockdown */
1332 regs
[1] = Dlockdown
;
1333 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1335 /* Write D TLB lockdown */
1336 arm920t_execute_cp15(target
,
1337 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1339 /* prepare reading I TLB content
1342 /* set interpret mode */
1344 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1346 /* Read I TLB lockdown */
1347 arm920t_execute_cp15(target
,
1348 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1350 /* clear interpret mode */
1352 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1354 /* read I TLB lockdown stored to r1 */
1355 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1356 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1360 Ilockdown
= regs
[1];
1362 for (victim
= 0; victim
< 64; victim
+= 8)
1364 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1365 * base remains unchanged, victim goes through entries 0 to 63
1367 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1368 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1370 /* set interpret mode */
1372 arm920t_write_cp15_physical(target
,
1373 CP15PHYS_TESTSTATE
, cp15c15
);
1375 /* Write I TLB lockdown */
1376 arm920t_execute_cp15(target
,
1377 ARMV4_5_MCR(15,0,0,10,0,1),
1380 /* Read I TLB CAM */
1381 arm920t_execute_cp15(target
,
1382 ARMV4_5_MCR(15,4,0,15,5,4),
1383 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1385 /* clear interpret mode */
1387 arm920t_write_cp15_physical(target
,
1388 CP15PHYS_TESTSTATE
, cp15c15
);
1390 /* read I TLB CAM content stored to r2-r9 */
1391 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1392 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1397 for (i
= 0; i
< 8; i
++)
1398 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1401 for (victim
= 0; victim
< 64; victim
++)
1403 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1404 * base remains unchanged, victim goes through entries 0 to 63
1406 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1407 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1409 /* set interpret mode */
1411 arm920t_write_cp15_physical(target
,
1412 CP15PHYS_TESTSTATE
, cp15c15
);
1414 /* Write I TLB lockdown */
1415 arm920t_execute_cp15(target
,
1416 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1418 /* Read I TLB RAM1 */
1419 arm920t_execute_cp15(target
,
1420 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1422 /* Read I TLB RAM2 */
1423 arm920t_execute_cp15(target
,
1424 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1426 /* clear interpret mode */
1428 arm920t_write_cp15_physical(target
,
1429 CP15PHYS_TESTSTATE
, cp15c15
);
1431 /* read I TLB RAM content stored to r2 and r3 */
1432 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1433 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1438 i_tlb
[victim
].ram1
= regs
[2];
1439 i_tlb
[victim
].ram2
= regs
[3];
1442 /* restore I TLB lockdown */
1443 regs
[1] = Ilockdown
;
1444 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1446 /* Write I TLB lockdown */
1447 arm920t_execute_cp15(target
,
1448 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1450 /* restore CP15 MMU and Cache settings */
1451 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1453 /* output data to file */
1454 fprintf(output
, "D TLB content:\n");
1455 for (i
= 0; i
< 64; i
++)
1457 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1458 " 0x%8.8" PRIx32
" %s\n",
1459 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1460 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1463 fprintf(output
, "\n\nI TLB content:\n");
1464 for (i
= 0; i
< 64; i
++)
1466 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1467 " 0x%8.8" PRIx32
" %s\n",
1468 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1469 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1472 command_print(CMD_CTX
, "mmu content successfully output to %s",
1477 if (!is_arm_mode(armv4_5
->core_mode
))
1480 /* force writeback of the valid data */
1481 r
= armv4_5
->core_cache
->reg_list
;
1482 r
[0].dirty
= r
[0].valid
;
1483 r
[1].dirty
= r
[1].valid
;
1484 r
[2].dirty
= r
[2].valid
;
1485 r
[3].dirty
= r
[3].valid
;
1486 r
[4].dirty
= r
[4].valid
;
1487 r
[5].dirty
= r
[5].valid
;
1488 r
[6].dirty
= r
[6].valid
;
1489 r
[7].dirty
= r
[7].valid
;
1491 r
= arm_reg_current(armv4_5
, 8);
1492 r
->dirty
= r
->valid
;
1494 r
= arm_reg_current(armv4_5
, 9);
1495 r
->dirty
= r
->valid
;
1500 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1503 struct target
*target
= get_current_target(CMD_CTX
);
1504 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1506 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1507 if (retval
!= ERROR_OK
)
1510 if (target
->state
!= TARGET_HALTED
)
1512 command_print(CMD_CTX
, "target must be stopped for "
1513 "\"%s\" command", CMD_NAME
);
1517 /* one argument, read a register.
1518 * two arguments, write it.
1523 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1528 if ((retval
= arm920t_read_cp15_physical(target
,
1529 address
, &value
)) != ERROR_OK
)
1531 command_print(CMD_CTX
,
1532 "couldn't access reg %i", address
);
1535 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1540 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1543 else if (CMD_ARGC
== 2)
1546 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1547 retval
= arm920t_write_cp15_physical(target
,
1549 if (retval
!= ERROR_OK
)
1551 command_print(CMD_CTX
,
1552 "couldn't access reg %i", address
);
1553 /* REVISIT why lie? "return retval"? */
1556 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1564 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1567 struct target
*target
= get_current_target(CMD_CTX
);
1568 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1570 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1571 if (retval
!= ERROR_OK
)
1575 if (target
->state
!= TARGET_HALTED
)
1577 command_print(CMD_CTX
, "target must be stopped for "
1578 "\"%s\" command", CMD_NAME
);
1582 /* one argument, read a register.
1583 * two arguments, write it.
1588 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1593 retval
= arm920t_read_cp15_interpreted(target
,
1594 opcode
, 0x0, &value
);
1595 if (retval
!= ERROR_OK
)
1597 command_print(CMD_CTX
,
1598 "couldn't execute %8.8" PRIx32
,
1600 /* REVISIT why lie? "return retval"? */
1604 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1607 else if (CMD_ARGC
== 2)
1610 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1611 retval
= arm920t_write_cp15_interpreted(target
,
1613 if (retval
!= ERROR_OK
)
1615 command_print(CMD_CTX
,
1616 "couldn't execute %8.8" PRIx32
,
1618 /* REVISIT why lie? "return retval"? */
1621 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1624 else if (CMD_ARGC
== 3)
1627 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1629 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1630 retval
= arm920t_write_cp15_interpreted(target
,
1631 opcode
, value
, address
);
1632 if (retval
!= ERROR_OK
)
1634 command_print(CMD_CTX
,
1635 "couldn't execute %8.8" PRIx32
, opcode
);
1636 /* REVISIT why lie? "return retval"? */
1639 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1640 " %8.8" PRIx32
, opcode
, value
, address
);
1645 command_print(CMD_CTX
,
1646 "usage: arm920t cp15i <opcode> [value] [address]");
1652 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1655 struct target
*target
= get_current_target(CMD_CTX
);
1656 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1658 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1659 if (retval
!= ERROR_OK
)
1662 return armv4_5_handle_cache_info_command(CMD_CTX
,
1663 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1667 static int arm920t_mrc(struct target
*target
, int cpnum
,
1668 uint32_t op1
, uint32_t op2
,
1669 uint32_t CRn
, uint32_t CRm
,
1674 LOG_ERROR("Only cp15 is supported");
1679 return arm920t_read_cp15_interpreted(target
,
1680 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1684 static int arm920t_mcr(struct target
*target
, int cpnum
,
1685 uint32_t op1
, uint32_t op2
,
1686 uint32_t CRn
, uint32_t CRm
,
1691 LOG_ERROR("Only cp15 is supported");
1695 /* write "from" r0 */
1696 return arm920t_write_cp15_interpreted(target
,
1697 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1701 static const struct command_registration arm920t_exec_command_handlers
[] = {
1704 .handler
= arm920t_handle_cp15_command
,
1705 .mode
= COMMAND_EXEC
,
1706 .help
= "display/modify cp15 register",
1707 .usage
= "regnum [value]",
1711 .handler
= arm920t_handle_cp15i_command
,
1712 .mode
= COMMAND_EXEC
,
1713 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1714 .help
= "display/modify cp15 register using ARM opcode"
1716 .usage
= "instruction [value [address]]",
1719 .name
= "cache_info",
1720 .handler
= arm920t_handle_cache_info_command
,
1721 .mode
= COMMAND_EXEC
,
1722 .help
= "display information about target caches",
1725 .name
= "read_cache",
1726 .handler
= arm920t_handle_read_cache_command
,
1727 .mode
= COMMAND_EXEC
,
1728 .help
= "dump I/D cache content to file",
1729 .usage
= "filename",
1733 .handler
= arm920t_handle_read_mmu_command
,
1734 .mode
= COMMAND_EXEC
,
1735 .help
= "dump I/D mmu content to file",
1736 .usage
= "filename",
1738 COMMAND_REGISTRATION_DONE
1740 const struct command_registration arm920t_command_handlers
[] = {
1742 .chain
= arm9tdmi_command_handlers
,
1746 .mode
= COMMAND_ANY
,
1747 .help
= "arm920t command group",
1748 .chain
= arm920t_exec_command_handlers
,
1750 COMMAND_REGISTRATION_DONE
1753 /** Holds methods for ARM920 targets. */
1754 struct target_type arm920t_target
=
1758 .poll
= arm7_9_poll
,
1759 .arch_state
= arm920t_arch_state
,
1761 .target_request_data
= arm7_9_target_request_data
,
1763 .halt
= arm7_9_halt
,
1764 .resume
= arm7_9_resume
,
1765 .step
= arm7_9_step
,
1767 .assert_reset
= arm7_9_assert_reset
,
1768 .deassert_reset
= arm7_9_deassert_reset
,
1769 .soft_reset_halt
= arm920t_soft_reset_halt
,
1771 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1773 .read_memory
= arm920t_read_memory
,
1774 .write_memory
= arm920t_write_memory
,
1775 .read_phys_memory
= arm920t_read_phys_memory
,
1776 .write_phys_memory
= arm920t_write_phys_memory
,
1778 .virt2phys
= arm920_virt2phys
,
1780 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1782 .checksum_memory
= arm_checksum_memory
,
1783 .blank_check_memory
= arm_blank_check_memory
,
1785 .run_algorithm
= armv4_5_run_algorithm
,
1787 .add_breakpoint
= arm7_9_add_breakpoint
,
1788 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1789 .add_watchpoint
= arm7_9_add_watchpoint
,
1790 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1792 .commands
= arm920t_command_handlers
,
1793 .target_create
= arm920t_target_create
,
1794 .init_target
= arm9tdmi_init_target
,
1795 .examine
= arm7_9_examine
,
1796 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)