2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program. If not, see <http://www.gnu.org/licenses/>. *
18 ***************************************************************************/
25 #include <helper/time_support.h>
26 #include "target_type.h"
28 #include "arm_opcodes.h"
31 * For information about the ARM920T, see ARM DDI 0151C especially
32 * Chapter 9 about debug support, which shows how to manipulate each
33 * of the different scan chains:
35 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
36 * 1 ... debugging; watchpoint and breakpoint status, etc; also
37 * MMU and cache access in conjunction with scan chain 15
39 * 3 ... external boundary scan (SoC-specific, unused here)
40 * 4 ... access to cache tag RAM
42 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
43 * "interpreted" works with a few actual MRC/MCR instructions
44 * "physical" provides register-like behaviors. Section 9.6.7
45 * covers these details.
47 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
51 #define _DEBUG_INSTRUCTION_EXECUTION_
54 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
55 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
56 * JTAG scan, while reads use two.
58 * Table 9-9 lists the thirteen registers which support physical access.
59 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
60 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
66 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
68 /* Registers supporting physical Read access (from table 9-9) */
69 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
70 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
71 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
72 /* NOTE: several more registers support only physical read access */
74 /* Registers supporting physical Read/Write access (from table 9-9) */
75 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
76 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
77 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
78 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
79 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
81 static int arm920t_read_cp15_physical(struct target
*target
,
82 int reg_addr
, uint32_t *value
)
84 struct arm920t_common
*arm920t
= target_to_arm920(target
);
85 struct arm_jtag
*jtag_info
;
86 struct scan_field fields
[4];
87 uint8_t access_type_buf
= 1;
88 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
92 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
94 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
95 if (retval
!= ERROR_OK
)
97 retval
= arm_jtag_set_instr(jtag_info
->tap
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
98 if (retval
!= ERROR_OK
)
101 fields
[0].num_bits
= 1;
102 fields
[0].out_value
= &access_type_buf
;
103 fields
[0].in_value
= NULL
;
105 fields
[1].num_bits
= 32;
106 fields
[1].out_value
= NULL
;
107 fields
[1].in_value
= NULL
;
109 fields
[2].num_bits
= 6;
110 fields
[2].out_value
= ®_addr_buf
;
111 fields
[2].in_value
= NULL
;
113 fields
[3].num_bits
= 1;
114 fields
[3].out_value
= &nr_w_buf
;
115 fields
[3].in_value
= NULL
;
117 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
119 fields
[1].in_value
= (uint8_t *)value
;
121 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
123 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
125 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
126 jtag_execute_queue();
127 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
133 static int arm920t_write_cp15_physical(struct target
*target
,
134 int reg_addr
, uint32_t value
)
136 struct arm920t_common
*arm920t
= target_to_arm920(target
);
137 struct arm_jtag
*jtag_info
;
138 struct scan_field fields
[4];
139 uint8_t access_type_buf
= 1;
140 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
141 uint8_t nr_w_buf
= 1;
142 uint8_t value_buf
[4];
145 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
147 buf_set_u32(value_buf
, 0, 32, value
);
149 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
150 if (retval
!= ERROR_OK
)
152 retval
= arm_jtag_set_instr(jtag_info
->tap
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
153 if (retval
!= ERROR_OK
)
156 fields
[0].num_bits
= 1;
157 fields
[0].out_value
= &access_type_buf
;
158 fields
[0].in_value
= NULL
;
160 fields
[1].num_bits
= 32;
161 fields
[1].out_value
= value_buf
;
162 fields
[1].in_value
= NULL
;
164 fields
[2].num_bits
= 6;
165 fields
[2].out_value
= ®_addr_buf
;
166 fields
[2].in_value
= NULL
;
168 fields
[3].num_bits
= 1;
169 fields
[3].out_value
= &nr_w_buf
;
170 fields
[3].in_value
= NULL
;
172 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
174 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
175 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
181 /* See table 9-10 for scan chain 15 format during interpreted access mode.
182 * If the TESTSTATE register is set for interpreted access, certain CP15
183 * MRC and MCR instructions may be executed through scan chain 15.
185 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
186 * executed using scan chain 15 interpreted mode.
188 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
192 struct arm920t_common
*arm920t
= target_to_arm920(target
);
193 struct arm_jtag
*jtag_info
;
194 struct scan_field fields
[4];
195 uint8_t access_type_buf
= 0; /* interpreted access */
196 uint8_t reg_addr_buf
= 0x0;
197 uint8_t nr_w_buf
= 0;
198 uint8_t cp15_opcode_buf
[4];
200 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
202 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
203 if (retval
!= ERROR_OK
)
205 retval
= arm_jtag_set_instr(jtag_info
->tap
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
206 if (retval
!= ERROR_OK
)
209 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
211 fields
[0].num_bits
= 1;
212 fields
[0].out_value
= &access_type_buf
;
213 fields
[0].in_value
= NULL
;
215 fields
[1].num_bits
= 32;
216 fields
[1].out_value
= cp15_opcode_buf
;
217 fields
[1].in_value
= NULL
;
219 fields
[2].num_bits
= 6;
220 fields
[2].out_value
= ®_addr_buf
;
221 fields
[2].in_value
= NULL
;
223 fields
[3].num_bits
= 1;
224 fields
[3].out_value
= &nr_w_buf
;
225 fields
[3].in_value
= NULL
;
227 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
229 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
230 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
231 retval
= arm7_9_execute_sys_speed(target
);
232 if (retval
!= ERROR_OK
)
235 retval
= jtag_execute_queue();
236 if (retval
!= ERROR_OK
) {
237 LOG_ERROR("failed executing JTAG queue");
244 static int arm920t_read_cp15_interpreted(struct target
*target
,
245 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
247 struct arm
*arm
= target_to_arm(target
);
250 uint32_t cp15c15
= 0x0;
251 struct reg
*r
= arm
->core_cache
->reg_list
;
253 /* load address into R1 */
255 arm9tdmi_write_core_regs(target
, 0x2, regs
);
257 /* read-modify-write CP15 test state register
258 * to enable interpreted access mode */
259 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
260 jtag_execute_queue();
261 cp15c15
|= 1; /* set interpret mode */
262 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
264 /* execute CP15 instruction and ARM load (reading from coprocessor) */
265 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
267 /* disable interpreted access mode */
268 cp15c15
&= ~1U; /* clear interpret mode */
269 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
271 /* retrieve value from R0 */
273 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
274 jtag_execute_queue();
276 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
277 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
278 cp15_opcode
, address
, *value
);
281 if (!is_arm_mode(arm
->core_mode
)) {
282 LOG_ERROR("not a valid arm core mode - communication failure?");
293 int arm920t_write_cp15_interpreted(struct target
*target
,
294 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
296 uint32_t cp15c15
= 0x0;
297 struct arm
*arm
= target_to_arm(target
);
299 struct reg
*r
= arm
->core_cache
->reg_list
;
301 /* load value, address into R0, R1 */
304 arm9tdmi_write_core_regs(target
, 0x3, regs
);
306 /* read-modify-write CP15 test state register
307 * to enable interpreted access mode */
308 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
309 jtag_execute_queue();
310 cp15c15
|= 1; /* set interpret mode */
311 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
313 /* execute CP15 instruction and ARM store (writing to coprocessor) */
314 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
316 /* disable interpreted access mode */
317 cp15c15
&= ~1U; /* set interpret mode */
318 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
320 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
321 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
322 cp15_opcode
, value
, address
);
325 if (!is_arm_mode(arm
->core_mode
)) {
326 LOG_ERROR("not a valid arm core mode - communication failure?");
336 /* EXPORTED to FA256 */
337 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
342 retval
= arm920t_read_cp15_interpreted(target
,
343 /* FIXME use opcode macro */
344 0xeebf0f51, 0x0, &ttb
);
345 if (retval
!= ERROR_OK
)
352 /* EXPORTED to FA256 */
353 int arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
354 int d_u_cache
, int i_cache
)
356 uint32_t cp15_control
;
359 /* read cp15 control register */
360 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
361 if (retval
!= ERROR_OK
)
363 retval
= jtag_execute_queue();
364 if (retval
!= ERROR_OK
)
368 cp15_control
&= ~0x1U
;
371 cp15_control
&= ~0x4U
;
374 cp15_control
&= ~0x1000U
;
376 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
380 /* EXPORTED to FA256 */
381 int arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
382 int d_u_cache
, int i_cache
)
384 uint32_t cp15_control
;
387 /* read cp15 control register */
388 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
389 if (retval
!= ERROR_OK
)
391 retval
= jtag_execute_queue();
392 if (retval
!= ERROR_OK
)
396 cp15_control
|= 0x1U
;
399 cp15_control
|= 0x4U
;
402 cp15_control
|= 0x1000U
;
404 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
408 /* EXPORTED to FA256 */
409 int arm920t_post_debug_entry(struct target
*target
)
412 struct arm920t_common
*arm920t
= target_to_arm920(target
);
415 /* examine cp15 control reg */
416 retval
= arm920t_read_cp15_physical(target
,
417 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
418 if (retval
!= ERROR_OK
)
420 retval
= jtag_execute_queue();
421 if (retval
!= ERROR_OK
)
423 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
425 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1) {
426 uint32_t cache_type_reg
;
427 /* identify caches */
428 retval
= arm920t_read_cp15_physical(target
,
429 CP15PHYS_CACHETYPE
, &cache_type_reg
);
430 if (retval
!= ERROR_OK
)
432 retval
= jtag_execute_queue();
433 if (retval
!= ERROR_OK
)
435 armv4_5_identify_cache(cache_type_reg
,
436 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
439 arm920t
->armv4_5_mmu
.mmu_enabled
=
440 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
441 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
442 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
443 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
444 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
446 /* save i/d fault status and address register
447 * FIXME use opcode macros */
448 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
449 if (retval
!= ERROR_OK
)
451 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
452 if (retval
!= ERROR_OK
)
454 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
455 if (retval
!= ERROR_OK
)
457 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
458 if (retval
!= ERROR_OK
)
461 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
462 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
463 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
465 if (arm920t
->preserve_cache
) {
466 /* read-modify-write CP15 test state register
467 * to disable I/D-cache linefills */
468 retval
= arm920t_read_cp15_physical(target
,
469 CP15PHYS_TESTSTATE
, &cp15c15
);
470 if (retval
!= ERROR_OK
)
472 retval
= jtag_execute_queue();
473 if (retval
!= ERROR_OK
)
476 retval
= arm920t_write_cp15_physical(target
,
477 CP15PHYS_TESTSTATE
, cp15c15
);
478 if (retval
!= ERROR_OK
)
484 /* EXPORTED to FA256 */
485 void arm920t_pre_restore_context(struct target
*target
)
487 uint32_t cp15c15
= 0;
488 struct arm920t_common
*arm920t
= target_to_arm920(target
);
490 /* restore i/d fault status and address register */
491 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
492 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
493 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
494 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
496 /* read-modify-write CP15 test state register
497 * to reenable I/D-cache linefills */
498 if (arm920t
->preserve_cache
) {
499 arm920t_read_cp15_physical(target
,
500 CP15PHYS_TESTSTATE
, &cp15c15
);
501 jtag_execute_queue();
503 arm920t_write_cp15_physical(target
,
504 CP15PHYS_TESTSTATE
, cp15c15
);
508 static const char arm920_not
[] = "target is not an ARM920";
510 static int arm920t_verify_pointer(struct command_invocation
*cmd
,
511 struct arm920t_common
*arm920t
)
513 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
514 command_print(cmd
, arm920_not
);
515 return ERROR_TARGET_INVALID
;
521 /** Logs summary of ARM920 state for a halted target. */
522 int arm920t_arch_state(struct target
*target
)
524 static const char *state
[] = {
525 "disabled", "enabled"
528 struct arm920t_common
*arm920t
= target_to_arm920(target
);
530 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
531 LOG_ERROR("BUG: %s", arm920_not
);
532 return ERROR_TARGET_INVALID
;
535 arm_arch_state(target
);
536 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
537 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
538 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
539 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
544 static int arm920_mmu(struct target
*target
, int *enabled
)
546 if (target
->state
!= TARGET_HALTED
) {
547 LOG_ERROR("%s: target not halted", __func__
);
548 return ERROR_TARGET_INVALID
;
551 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
555 static int arm920_virt2phys(struct target
*target
,
556 target_addr_t virt
, target_addr_t
*phys
)
559 struct arm920t_common
*arm920t
= target_to_arm920(target
);
562 int retval
= armv4_5_mmu_translate_va(target
,
563 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
564 if (retval
!= ERROR_OK
)
570 /** Reads a buffer, in the specified word size, with current MMU settings. */
571 int arm920t_read_memory(struct target
*target
, target_addr_t address
,
572 uint32_t size
, uint32_t count
, uint8_t *buffer
)
576 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
582 static int arm920t_read_phys_memory(struct target
*target
,
583 target_addr_t address
, uint32_t size
,
584 uint32_t count
, uint8_t *buffer
)
586 struct arm920t_common
*arm920t
= target_to_arm920(target
);
588 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
589 address
, size
, count
, buffer
);
592 static int arm920t_write_phys_memory(struct target
*target
,
593 target_addr_t address
, uint32_t size
,
594 uint32_t count
, const uint8_t *buffer
)
596 struct arm920t_common
*arm920t
= target_to_arm920(target
);
598 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
599 address
, size
, count
, buffer
);
602 /** Writes a buffer, in the specified word size, with current MMU settings. */
603 int arm920t_write_memory(struct target
*target
, target_addr_t address
,
604 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
607 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
608 struct arm920t_common
*arm920t
= target_to_arm920(target
);
610 /* FIX!!!! this should be cleaned up and made much more general. The
611 * plan is to write up and test on arm920t specifically and
612 * then generalize and clean up afterwards.
614 * Also it should be moved to the callbacks that handle breakpoints
615 * specifically and not the generic memory write fn's. See XScale code.
617 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
618 ((size
== 2) || (size
== 4))) {
619 /* special case the handling of single word writes to
620 * bypass MMU, to allow implementation of breakpoints
621 * in memory marked read only
628 * We need physical address and cb
630 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
632 if (retval
!= ERROR_OK
)
635 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
) {
637 LOG_DEBUG("D-Cache buffered, "
638 "drain write buffer");
641 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
644 retval
= arm920t_write_cp15_interpreted(target
,
645 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
647 if (retval
!= ERROR_OK
)
653 * Write back memory ? -> clean cache
655 * There is no way to clean cache lines using
656 * cp15 scan chain, so copy the full cache
657 * line from cache to physical memory.
661 LOG_DEBUG("D-Cache in 'write back' mode, "
664 retval
= target_read_memory(target
,
665 address
& cache_mask
, 1,
666 sizeof(data
), &data
[0]);
667 if (retval
!= ERROR_OK
)
670 retval
= armv4_5_mmu_write_physical(target
,
671 &arm920t
->armv4_5_mmu
,
673 sizeof(data
), &data
[0]);
674 if (retval
!= ERROR_OK
)
681 * Cached ? -> Invalidate data cache using MVA
683 * MCR p15,0,Rd,c7,c6,1
685 LOG_DEBUG("D-Cache enabled, "
686 "invalidate cache line");
688 retval
= arm920t_write_cp15_interpreted(target
,
689 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
690 address
& cache_mask
);
691 if (retval
!= ERROR_OK
)
696 /* write directly to physical memory,
697 * bypassing any read only MMU bits, etc.
699 retval
= armv4_5_mmu_write_physical(target
,
700 &arm920t
->armv4_5_mmu
, pa
, size
,
702 if (retval
!= ERROR_OK
)
705 retval
= arm7_9_write_memory(target
, address
, size
, count
, buffer
);
706 if (retval
!= ERROR_OK
)
710 /* If ICache is enabled, we have to invalidate affected ICache lines
711 * the DCache is forced to write-through,
712 * so we don't have to clean it here
714 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
) {
716 /* invalidate ICache single entry with MVA
717 * mcr 15, 0, r0, cr7, cr5, {1}
719 LOG_DEBUG("I-Cache enabled, "
720 "invalidating affected I-Cache line");
721 retval
= arm920t_write_cp15_interpreted(target
,
722 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
723 0x0, address
& cache_mask
);
724 if (retval
!= ERROR_OK
)
728 * mcr 15, 0, r0, cr7, cr5, {0}
730 retval
= arm920t_write_cp15_interpreted(target
,
731 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
733 if (retval
!= ERROR_OK
)
741 /* EXPORTED to FA256 */
742 int arm920t_soft_reset_halt(struct target
*target
)
744 int retval
= ERROR_OK
;
745 struct arm920t_common
*arm920t
= target_to_arm920(target
);
746 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
747 struct arm
*arm
= &arm7_9
->arm
;
748 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
750 retval
= target_halt(target
);
751 if (retval
!= ERROR_OK
)
754 int64_t then
= timeval_ms();
756 while (!(timeout
= ((timeval_ms()-then
) > 1000))) {
757 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1) == 0) {
758 embeddedice_read_reg(dbg_stat
);
759 retval
= jtag_execute_queue();
760 if (retval
!= ERROR_OK
)
764 if (debug_level
>= 3) {
765 /* do not eat all CPU, time out after 1 se*/
771 LOG_ERROR("Failed to halt CPU after 1 sec");
772 return ERROR_TARGET_TIMEOUT
;
775 target
->state
= TARGET_HALTED
;
777 /* SVC, ARM state, IRQ and FIQ disabled */
780 cpsr
= buf_get_u32(arm
->cpsr
->value
, 0, 32);
783 arm_set_cpsr(arm
, cpsr
);
784 arm
->cpsr
->dirty
= true;
786 /* start fetching from 0x0 */
787 buf_set_u32(arm
->pc
->value
, 0, 32, 0x0);
788 arm
->pc
->dirty
= true;
789 arm
->pc
->valid
= true;
791 arm920t_disable_mmu_caches(target
, 1, 1, 1);
792 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
793 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
794 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
796 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
799 /* FIXME remove forward decls */
800 static int arm920t_mrc(struct target
*target
, int cpnum
,
801 uint32_t op1
, uint32_t op2
,
802 uint32_t CRn
, uint32_t CRm
,
804 static int arm920t_mcr(struct target
*target
, int cpnum
,
805 uint32_t op1
, uint32_t op2
,
806 uint32_t CRn
, uint32_t CRm
,
809 static int arm920t_init_arch_info(struct target
*target
,
810 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
812 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
814 arm7_9
->arm
.mrc
= arm920t_mrc
;
815 arm7_9
->arm
.mcr
= arm920t_mcr
;
817 /* initialize arm7/arm9 specific info (including armv4_5) */
818 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
820 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
822 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
823 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
824 arm7_9
->write_memory
= arm920t_write_memory
;
826 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
827 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
828 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
829 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
830 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
831 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
832 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
833 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
835 /* disabling linefills leads to lockups, so keep them enabled for now
836 * this doesn't affect correctness, but might affect timing issues, if
837 * important data is evicted from the cache during the debug session
839 arm920t
->preserve_cache
= 0;
841 /* override hw single-step capability from ARM9TDMI */
842 arm7_9
->has_single_step
= 1;
847 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
849 struct arm920t_common
*arm920t
;
851 arm920t
= calloc(1, sizeof(struct arm920t_common
));
852 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
855 static void arm920t_deinit_target(struct target
*target
)
857 struct arm
*arm
= target_to_arm(target
);
858 struct arm920t_common
*arm920t
= target_to_arm920(target
);
860 arm7_9_deinit(target
);
861 arm_free_reg_cache(arm
);
865 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
867 int retval
= ERROR_OK
;
868 struct target
*target
= get_current_target(CMD_CTX
);
869 struct arm920t_common
*arm920t
= target_to_arm920(target
);
870 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
871 struct arm
*arm
= &arm7_9
->arm
;
873 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
875 uint32_t *regs_p
[16];
876 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
879 int segment
, index_t
;
882 retval
= arm920t_verify_pointer(CMD
, arm920t
);
883 if (retval
!= ERROR_OK
)
887 return ERROR_COMMAND_SYNTAX_ERROR
;
889 output
= fopen(CMD_ARGV
[0], "w");
890 if (output
== NULL
) {
891 LOG_DEBUG("error opening cache content file");
895 for (i
= 0; i
< 16; i
++)
896 regs_p
[i
] = ®s
[i
];
898 /* disable MMU and Caches */
899 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
900 retval
= jtag_execute_queue();
901 if (retval
!= ERROR_OK
)
903 cp15_ctrl_saved
= cp15_ctrl
;
904 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
905 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
906 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
908 /* read CP15 test state register */
909 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
910 jtag_execute_queue();
912 /* read DCache content */
913 fprintf(output
, "DCache:\n");
915 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
917 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
919 fprintf(output
, "\nsegment: %i\n----------", segment
);
921 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
922 regs
[0] = 0x0 | (segment
<< 5);
923 arm9tdmi_write_core_regs(target
, 0x1, regs
);
925 /* set interpret mode */
927 arm920t_write_cp15_physical(target
,
928 CP15PHYS_TESTSTATE
, cp15c15
);
930 /* D CAM Read, loads current victim into C15.C.D.Ind */
931 arm920t_execute_cp15(target
,
932 ARMV4_5_MCR(15, 2, 0, 15, 6, 2), ARMV4_5_LDR(1, 0));
934 /* read current victim */
935 arm920t_read_cp15_physical(target
,
936 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
938 /* clear interpret mode */
940 arm920t_write_cp15_physical(target
,
941 CP15PHYS_TESTSTATE
, cp15c15
);
943 for (index_t
= 0; index_t
< 64; index_t
++) {
945 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
947 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
948 arm9tdmi_write_core_regs(target
, 0x1, regs
);
950 /* set interpret mode */
952 arm920t_write_cp15_physical(target
,
953 CP15PHYS_TESTSTATE
, cp15c15
);
955 /* Write DCache victim */
956 arm920t_execute_cp15(target
,
957 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
960 arm920t_execute_cp15(target
,
961 ARMV4_5_MCR(15, 2, 0, 15, 10, 2),
962 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
965 arm920t_execute_cp15(target
,
966 ARMV4_5_MCR(15, 2, 0, 15, 6, 2),
969 /* clear interpret mode */
971 arm920t_write_cp15_physical(target
,
972 CP15PHYS_TESTSTATE
, cp15c15
);
974 /* read D RAM and CAM content */
975 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
976 retval
= jtag_execute_queue();
977 if (retval
!= ERROR_OK
)
981 regs
[9] &= 0xfffffffe;
982 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
983 PRIx32
", content (%s):\n",
984 segment
, index_t
, regs
[9],
985 (regs
[9] & 0x10) ? "valid" : "invalid");
987 for (i
= 1; i
< 9; i
++) {
988 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
994 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
995 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
996 arm9tdmi_write_core_regs(target
, 0x1, regs
);
998 /* set interpret mode */
1000 arm920t_write_cp15_physical(target
,
1001 CP15PHYS_TESTSTATE
, cp15c15
);
1003 /* Write DCache victim */
1004 arm920t_execute_cp15(target
,
1005 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
1007 /* clear interpret mode */
1009 arm920t_write_cp15_physical(target
,
1010 CP15PHYS_TESTSTATE
, cp15c15
);
1013 /* read ICache content */
1014 fprintf(output
, "ICache:\n");
1016 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1018 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1020 fprintf(output
, "segment: %i\n----------", segment
);
1022 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1023 regs
[0] = 0x0 | (segment
<< 5);
1024 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1026 /* set interpret mode */
1028 arm920t_write_cp15_physical(target
,
1029 CP15PHYS_TESTSTATE
, cp15c15
);
1031 /* I CAM Read, loads current victim into C15.C.I.Ind */
1032 arm920t_execute_cp15(target
,
1033 ARMV4_5_MCR(15, 2, 0, 15, 5, 2), ARMV4_5_LDR(1, 0));
1035 /* read current victim */
1036 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1039 /* clear interpret mode */
1041 arm920t_write_cp15_physical(target
,
1042 CP15PHYS_TESTSTATE
, cp15c15
);
1044 for (index_t
= 0; index_t
< 64; index_t
++) {
1046 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1048 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1049 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1051 /* set interpret mode */
1053 arm920t_write_cp15_physical(target
,
1054 CP15PHYS_TESTSTATE
, cp15c15
);
1056 /* Write ICache victim */
1057 arm920t_execute_cp15(target
,
1058 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1061 arm920t_execute_cp15(target
,
1062 ARMV4_5_MCR(15, 2, 0, 15, 9, 2),
1063 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1066 arm920t_execute_cp15(target
,
1067 ARMV4_5_MCR(15, 2, 0, 15, 5, 2),
1070 /* clear interpret mode */
1072 arm920t_write_cp15_physical(target
,
1073 CP15PHYS_TESTSTATE
, cp15c15
);
1075 /* read I RAM and CAM content */
1076 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1077 retval
= jtag_execute_queue();
1078 if (retval
!= ERROR_OK
)
1082 regs
[9] &= 0xfffffffe;
1083 fprintf(output
, "\nsegment: %i, index: %i, "
1084 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1085 segment
, index_t
, regs
[9],
1086 (regs
[9] & 0x10) ? "valid" : "invalid");
1088 for (i
= 1; i
< 9; i
++) {
1089 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1094 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1095 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1096 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1098 /* set interpret mode */
1100 arm920t_write_cp15_physical(target
,
1101 CP15PHYS_TESTSTATE
, cp15c15
);
1103 /* Write ICache victim */
1104 arm920t_execute_cp15(target
,
1105 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1107 /* clear interpret mode */
1109 arm920t_write_cp15_physical(target
,
1110 CP15PHYS_TESTSTATE
, cp15c15
);
1113 /* restore CP15 MMU and Cache settings */
1114 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1116 command_print(CMD
, "cache content successfully output to %s",
1121 if (!is_arm_mode(arm
->core_mode
)) {
1122 LOG_ERROR("not a valid arm core mode - communication failure?");
1126 /* force writeback of the valid data */
1127 r
= arm
->core_cache
->reg_list
;
1128 r
[0].dirty
= r
[0].valid
;
1129 r
[1].dirty
= r
[1].valid
;
1130 r
[2].dirty
= r
[2].valid
;
1131 r
[3].dirty
= r
[3].valid
;
1132 r
[4].dirty
= r
[4].valid
;
1133 r
[5].dirty
= r
[5].valid
;
1134 r
[6].dirty
= r
[6].valid
;
1135 r
[7].dirty
= r
[7].valid
;
1137 r
= arm_reg_current(arm
, 8);
1138 r
->dirty
= r
->valid
;
1140 r
= arm_reg_current(arm
, 9);
1141 r
->dirty
= r
->valid
;
1146 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1148 int retval
= ERROR_OK
;
1149 struct target
*target
= get_current_target(CMD_CTX
);
1150 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1151 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1152 struct arm
*arm
= &arm7_9
->arm
;
1154 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1156 uint32_t *regs_p
[16];
1159 uint32_t Dlockdown
, Ilockdown
;
1160 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1164 retval
= arm920t_verify_pointer(CMD
, arm920t
);
1165 if (retval
!= ERROR_OK
)
1169 return ERROR_COMMAND_SYNTAX_ERROR
;
1171 output
= fopen(CMD_ARGV
[0], "w");
1172 if (output
== NULL
) {
1173 LOG_DEBUG("error opening mmu content file");
1177 for (i
= 0; i
< 16; i
++)
1178 regs_p
[i
] = ®s
[i
];
1180 /* disable MMU and Caches */
1181 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1182 retval
= jtag_execute_queue();
1183 if (retval
!= ERROR_OK
)
1185 cp15_ctrl_saved
= cp15_ctrl
;
1186 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1187 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1188 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1190 /* read CP15 test state register */
1191 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1192 retval
= jtag_execute_queue();
1193 if (retval
!= ERROR_OK
)
1196 /* prepare reading D TLB content
1199 /* set interpret mode */
1201 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1203 /* Read D TLB lockdown */
1204 arm920t_execute_cp15(target
,
1205 ARMV4_5_MRC(15, 0, 0, 10, 0, 0), ARMV4_5_LDR(1, 0));
1207 /* clear interpret mode */
1209 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1211 /* read D TLB lockdown stored to r1 */
1212 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1213 retval
= jtag_execute_queue();
1214 if (retval
!= ERROR_OK
)
1216 Dlockdown
= regs
[1];
1218 for (victim
= 0; victim
< 64; victim
+= 8) {
1219 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1220 * base remains unchanged, victim goes through entries 0 to 63
1222 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1223 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1225 /* set interpret mode */
1227 arm920t_write_cp15_physical(target
,
1228 CP15PHYS_TESTSTATE
, cp15c15
);
1230 /* Write D TLB lockdown */
1231 arm920t_execute_cp15(target
,
1232 ARMV4_5_MCR(15, 0, 0, 10, 0, 0),
1235 /* Read D TLB CAM */
1236 arm920t_execute_cp15(target
,
1237 ARMV4_5_MCR(15, 4, 0, 15, 6, 4),
1238 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1240 /* clear interpret mode */
1242 arm920t_write_cp15_physical(target
,
1243 CP15PHYS_TESTSTATE
, cp15c15
);
1245 /* read D TLB CAM content stored to r2-r9 */
1246 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1247 retval
= jtag_execute_queue();
1248 if (retval
!= ERROR_OK
)
1251 for (i
= 0; i
< 8; i
++)
1252 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1255 for (victim
= 0; victim
< 64; victim
++) {
1256 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1257 * base remains unchanged, victim goes through entries 0 to 63
1259 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1260 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1262 /* set interpret mode */
1264 arm920t_write_cp15_physical(target
,
1265 CP15PHYS_TESTSTATE
, cp15c15
);
1267 /* Write D TLB lockdown */
1268 arm920t_execute_cp15(target
,
1269 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1271 /* Read D TLB RAM1 */
1272 arm920t_execute_cp15(target
,
1273 ARMV4_5_MCR(15, 4, 0, 15, 10, 4), ARMV4_5_LDR(2, 0));
1275 /* Read D TLB RAM2 */
1276 arm920t_execute_cp15(target
,
1277 ARMV4_5_MCR(15, 4, 0, 15, 2, 5), ARMV4_5_LDR(3, 0));
1279 /* clear interpret mode */
1281 arm920t_write_cp15_physical(target
,
1282 CP15PHYS_TESTSTATE
, cp15c15
);
1284 /* read D TLB RAM content stored to r2 and r3 */
1285 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1286 retval
= jtag_execute_queue();
1287 if (retval
!= ERROR_OK
)
1290 d_tlb
[victim
].ram1
= regs
[2];
1291 d_tlb
[victim
].ram2
= regs
[3];
1294 /* restore D TLB lockdown */
1295 regs
[1] = Dlockdown
;
1296 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1298 /* Write D TLB lockdown */
1299 arm920t_execute_cp15(target
,
1300 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1302 /* prepare reading I TLB content
1305 /* set interpret mode */
1307 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1309 /* Read I TLB lockdown */
1310 arm920t_execute_cp15(target
,
1311 ARMV4_5_MRC(15, 0, 0, 10, 0, 1), ARMV4_5_LDR(1, 0));
1313 /* clear interpret mode */
1315 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1317 /* read I TLB lockdown stored to r1 */
1318 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1319 retval
= jtag_execute_queue();
1320 if (retval
!= ERROR_OK
)
1322 Ilockdown
= regs
[1];
1324 for (victim
= 0; victim
< 64; victim
+= 8) {
1325 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1326 * base remains unchanged, victim goes through entries 0 to 63
1328 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1329 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1331 /* set interpret mode */
1333 arm920t_write_cp15_physical(target
,
1334 CP15PHYS_TESTSTATE
, cp15c15
);
1336 /* Write I TLB lockdown */
1337 arm920t_execute_cp15(target
,
1338 ARMV4_5_MCR(15, 0, 0, 10, 0, 1),
1341 /* Read I TLB CAM */
1342 arm920t_execute_cp15(target
,
1343 ARMV4_5_MCR(15, 4, 0, 15, 5, 4),
1344 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1346 /* clear interpret mode */
1348 arm920t_write_cp15_physical(target
,
1349 CP15PHYS_TESTSTATE
, cp15c15
);
1351 /* read I TLB CAM content stored to r2-r9 */
1352 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1353 retval
= jtag_execute_queue();
1354 if (retval
!= ERROR_OK
)
1357 for (i
= 0; i
< 8; i
++)
1358 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1361 for (victim
= 0; victim
< 64; victim
++) {
1362 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1363 * base remains unchanged, victim goes through entries 0 to 63
1365 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1366 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1368 /* set interpret mode */
1370 arm920t_write_cp15_physical(target
,
1371 CP15PHYS_TESTSTATE
, cp15c15
);
1373 /* Write I TLB lockdown */
1374 arm920t_execute_cp15(target
,
1375 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1377 /* Read I TLB RAM1 */
1378 arm920t_execute_cp15(target
,
1379 ARMV4_5_MCR(15, 4, 0, 15, 9, 4), ARMV4_5_LDR(2, 0));
1381 /* Read I TLB RAM2 */
1382 arm920t_execute_cp15(target
,
1383 ARMV4_5_MCR(15, 4, 0, 15, 1, 5), ARMV4_5_LDR(3, 0));
1385 /* clear interpret mode */
1387 arm920t_write_cp15_physical(target
,
1388 CP15PHYS_TESTSTATE
, cp15c15
);
1390 /* read I TLB RAM content stored to r2 and r3 */
1391 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1392 retval
= jtag_execute_queue();
1393 if (retval
!= ERROR_OK
)
1396 i_tlb
[victim
].ram1
= regs
[2];
1397 i_tlb
[victim
].ram2
= regs
[3];
1400 /* restore I TLB lockdown */
1401 regs
[1] = Ilockdown
;
1402 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1404 /* Write I TLB lockdown */
1405 arm920t_execute_cp15(target
,
1406 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1408 /* restore CP15 MMU and Cache settings */
1409 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1411 /* output data to file */
1412 fprintf(output
, "D TLB content:\n");
1413 for (i
= 0; i
< 64; i
++) {
1414 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1415 " 0x%8.8" PRIx32
" %s\n",
1416 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1417 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1420 fprintf(output
, "\n\nI TLB content:\n");
1421 for (i
= 0; i
< 64; i
++) {
1422 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1423 " 0x%8.8" PRIx32
" %s\n",
1424 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1425 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1428 command_print(CMD
, "mmu content successfully output to %s",
1433 if (!is_arm_mode(arm
->core_mode
)) {
1434 LOG_ERROR("not a valid arm core mode - communication failure?");
1438 /* force writeback of the valid data */
1439 r
= arm
->core_cache
->reg_list
;
1440 r
[0].dirty
= r
[0].valid
;
1441 r
[1].dirty
= r
[1].valid
;
1442 r
[2].dirty
= r
[2].valid
;
1443 r
[3].dirty
= r
[3].valid
;
1444 r
[4].dirty
= r
[4].valid
;
1445 r
[5].dirty
= r
[5].valid
;
1446 r
[6].dirty
= r
[6].valid
;
1447 r
[7].dirty
= r
[7].valid
;
1449 r
= arm_reg_current(arm
, 8);
1450 r
->dirty
= r
->valid
;
1452 r
= arm_reg_current(arm
, 9);
1453 r
->dirty
= r
->valid
;
1458 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1461 struct target
*target
= get_current_target(CMD_CTX
);
1462 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1464 retval
= arm920t_verify_pointer(CMD
, arm920t
);
1465 if (retval
!= ERROR_OK
)
1468 if (target
->state
!= TARGET_HALTED
) {
1469 command_print(CMD
, "target must be stopped for "
1470 "\"%s\" command", CMD_NAME
);
1474 /* one argument, read a register.
1475 * two arguments, write it.
1477 if (CMD_ARGC
>= 1) {
1479 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1481 if (CMD_ARGC
== 1) {
1483 retval
= arm920t_read_cp15_physical(target
, address
, &value
);
1484 if (retval
!= ERROR_OK
) {
1486 "couldn't access reg %i", address
);
1489 retval
= jtag_execute_queue();
1490 if (retval
!= ERROR_OK
)
1493 command_print(CMD
, "%i: %8.8" PRIx32
,
1495 } else if (CMD_ARGC
== 2) {
1497 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1498 retval
= arm920t_write_cp15_physical(target
,
1500 if (retval
!= ERROR_OK
) {
1502 "couldn't access reg %i", address
);
1503 /* REVISIT why lie? "return retval"? */
1506 command_print(CMD
, "%i: %8.8" PRIx32
,
1514 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1517 struct target
*target
= get_current_target(CMD_CTX
);
1518 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1520 retval
= arm920t_verify_pointer(CMD
, arm920t
);
1521 if (retval
!= ERROR_OK
)
1525 if (target
->state
!= TARGET_HALTED
) {
1526 command_print(CMD
, "target must be stopped for "
1527 "\"%s\" command", CMD_NAME
);
1531 /* one argument, read a register.
1532 * two arguments, write it.
1534 if (CMD_ARGC
>= 1) {
1536 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1538 if (CMD_ARGC
== 1) {
1540 retval
= arm920t_read_cp15_interpreted(target
,
1541 opcode
, 0x0, &value
);
1542 if (retval
!= ERROR_OK
) {
1544 "couldn't execute %8.8" PRIx32
,
1546 /* REVISIT why lie? "return retval"? */
1550 command_print(CMD
, "%8.8" PRIx32
": %8.8" PRIx32
,
1552 } else if (CMD_ARGC
== 2) {
1554 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1555 retval
= arm920t_write_cp15_interpreted(target
,
1557 if (retval
!= ERROR_OK
) {
1559 "couldn't execute %8.8" PRIx32
,
1561 /* REVISIT why lie? "return retval"? */
1564 command_print(CMD
, "%8.8" PRIx32
": %8.8" PRIx32
,
1566 } else if (CMD_ARGC
== 3) {
1568 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1570 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1571 retval
= arm920t_write_cp15_interpreted(target
,
1572 opcode
, value
, address
);
1573 if (retval
!= ERROR_OK
) {
1575 "couldn't execute %8.8" PRIx32
, opcode
);
1576 /* REVISIT why lie? "return retval"? */
1579 command_print(CMD
, "%8.8" PRIx32
": %8.8" PRIx32
1580 " %8.8" PRIx32
, opcode
, value
, address
);
1583 return ERROR_COMMAND_SYNTAX_ERROR
;
1588 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1591 struct target
*target
= get_current_target(CMD_CTX
);
1592 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1594 retval
= arm920t_verify_pointer(CMD
, arm920t
);
1595 if (retval
!= ERROR_OK
)
1598 return armv4_5_handle_cache_info_command(CMD
,
1599 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1603 static int arm920t_mrc(struct target
*target
, int cpnum
,
1604 uint32_t op1
, uint32_t op2
,
1605 uint32_t CRn
, uint32_t CRm
,
1609 LOG_ERROR("Only cp15 is supported");
1614 return arm920t_read_cp15_interpreted(target
,
1615 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1619 static int arm920t_mcr(struct target
*target
, int cpnum
,
1620 uint32_t op1
, uint32_t op2
,
1621 uint32_t CRn
, uint32_t CRm
,
1625 LOG_ERROR("Only cp15 is supported");
1629 /* write "from" r0 */
1630 return arm920t_write_cp15_interpreted(target
,
1631 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1635 static const struct command_registration arm920t_exec_command_handlers
[] = {
1638 .handler
= arm920t_handle_cp15_command
,
1639 .mode
= COMMAND_EXEC
,
1640 .help
= "display/modify cp15 register",
1641 .usage
= "regnum [value]",
1645 .handler
= arm920t_handle_cp15i_command
,
1646 .mode
= COMMAND_EXEC
,
1647 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1648 .help
= "display/modify cp15 register using ARM opcode"
1650 .usage
= "instruction [value [address]]",
1653 .name
= "cache_info",
1654 .handler
= arm920t_handle_cache_info_command
,
1655 .mode
= COMMAND_EXEC
,
1657 .help
= "display information about target caches",
1660 .name
= "read_cache",
1661 .handler
= arm920t_handle_read_cache_command
,
1662 .mode
= COMMAND_EXEC
,
1663 .help
= "dump I/D cache content to file",
1664 .usage
= "filename",
1668 .handler
= arm920t_handle_read_mmu_command
,
1669 .mode
= COMMAND_EXEC
,
1670 .help
= "dump I/D mmu content to file",
1671 .usage
= "filename",
1673 COMMAND_REGISTRATION_DONE
1675 const struct command_registration arm920t_command_handlers
[] = {
1677 .chain
= arm9tdmi_command_handlers
,
1681 .mode
= COMMAND_ANY
,
1682 .help
= "arm920t command group",
1684 .chain
= arm920t_exec_command_handlers
,
1686 COMMAND_REGISTRATION_DONE
1689 /** Holds methods for ARM920 targets. */
1690 struct target_type arm920t_target
= {
1693 .poll
= arm7_9_poll
,
1694 .arch_state
= arm920t_arch_state
,
1696 .target_request_data
= arm7_9_target_request_data
,
1698 .halt
= arm7_9_halt
,
1699 .resume
= arm7_9_resume
,
1700 .step
= arm7_9_step
,
1702 .assert_reset
= arm7_9_assert_reset
,
1703 .deassert_reset
= arm7_9_deassert_reset
,
1704 .soft_reset_halt
= arm920t_soft_reset_halt
,
1706 .get_gdb_arch
= arm_get_gdb_arch
,
1707 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1709 .read_memory
= arm920t_read_memory
,
1710 .write_memory
= arm7_9_write_memory_opt
,
1711 .read_phys_memory
= arm920t_read_phys_memory
,
1712 .write_phys_memory
= arm920t_write_phys_memory
,
1714 .virt2phys
= arm920_virt2phys
,
1716 .checksum_memory
= arm_checksum_memory
,
1717 .blank_check_memory
= arm_blank_check_memory
,
1719 .run_algorithm
= armv4_5_run_algorithm
,
1721 .add_breakpoint
= arm7_9_add_breakpoint
,
1722 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1723 .add_watchpoint
= arm7_9_add_watchpoint
,
1724 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1726 .commands
= arm920t_command_handlers
,
1727 .target_create
= arm920t_target_create
,
1728 .init_target
= arm9tdmi_init_target
,
1729 .deinit_target
= arm920t_deinit_target
,
1730 .examine
= arm7_9_examine
,
1731 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)