2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
26 #include <helper/time_support.h>
27 #include "target_type.h"
29 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target
*target
,
84 int reg_addr
, uint32_t *value
)
86 struct arm920t_common
*arm920t
= target_to_arm920(target
);
87 struct arm_jtag
*jtag_info
;
88 struct scan_field fields
[4];
89 uint8_t access_type_buf
= 1;
90 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
94 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
96 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
97 if (retval
!= ERROR_OK
)
99 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
100 if (retval
!= ERROR_OK
)
103 fields
[0].num_bits
= 1;
104 fields
[0].out_value
= &access_type_buf
;
105 fields
[0].in_value
= NULL
;
107 fields
[1].num_bits
= 32;
108 fields
[1].out_value
= NULL
;
109 fields
[1].in_value
= NULL
;
111 fields
[2].num_bits
= 6;
112 fields
[2].out_value
= ®_addr_buf
;
113 fields
[2].in_value
= NULL
;
115 fields
[3].num_bits
= 1;
116 fields
[3].out_value
= &nr_w_buf
;
117 fields
[3].in_value
= NULL
;
119 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
121 fields
[1].in_value
= (uint8_t *)value
;
123 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
125 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
127 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
128 jtag_execute_queue();
129 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
135 static int arm920t_write_cp15_physical(struct target
*target
,
136 int reg_addr
, uint32_t value
)
138 struct arm920t_common
*arm920t
= target_to_arm920(target
);
139 struct arm_jtag
*jtag_info
;
140 struct scan_field fields
[4];
141 uint8_t access_type_buf
= 1;
142 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
143 uint8_t nr_w_buf
= 1;
144 uint8_t value_buf
[4];
147 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
149 buf_set_u32(value_buf
, 0, 32, value
);
151 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
152 if (retval
!= ERROR_OK
)
154 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
155 if (retval
!= ERROR_OK
)
158 fields
[0].num_bits
= 1;
159 fields
[0].out_value
= &access_type_buf
;
160 fields
[0].in_value
= NULL
;
162 fields
[1].num_bits
= 32;
163 fields
[1].out_value
= value_buf
;
164 fields
[1].in_value
= NULL
;
166 fields
[2].num_bits
= 6;
167 fields
[2].out_value
= ®_addr_buf
;
168 fields
[2].in_value
= NULL
;
170 fields
[3].num_bits
= 1;
171 fields
[3].out_value
= &nr_w_buf
;
172 fields
[3].in_value
= NULL
;
174 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
176 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
177 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
183 /* See table 9-10 for scan chain 15 format during interpreted access mode.
184 * If the TESTSTATE register is set for interpreted access, certain CP15
185 * MRC and MCR instructions may be executed through scan chain 15.
187 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
188 * executed using scan chain 15 interpreted mode.
190 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
194 struct arm920t_common
*arm920t
= target_to_arm920(target
);
195 struct arm_jtag
*jtag_info
;
196 struct scan_field fields
[4];
197 uint8_t access_type_buf
= 0; /* interpreted access */
198 uint8_t reg_addr_buf
= 0x0;
199 uint8_t nr_w_buf
= 0;
200 uint8_t cp15_opcode_buf
[4];
202 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
204 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
205 if (retval
!= ERROR_OK
)
207 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
208 if (retval
!= ERROR_OK
)
211 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
213 fields
[0].num_bits
= 1;
214 fields
[0].out_value
= &access_type_buf
;
215 fields
[0].in_value
= NULL
;
217 fields
[1].num_bits
= 32;
218 fields
[1].out_value
= cp15_opcode_buf
;
219 fields
[1].in_value
= NULL
;
221 fields
[2].num_bits
= 6;
222 fields
[2].out_value
= ®_addr_buf
;
223 fields
[2].in_value
= NULL
;
225 fields
[3].num_bits
= 1;
226 fields
[3].out_value
= &nr_w_buf
;
227 fields
[3].in_value
= NULL
;
229 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
231 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
232 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
233 retval
= arm7_9_execute_sys_speed(target
);
234 if (retval
!= ERROR_OK
)
237 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
239 LOG_ERROR("failed executing JTAG queue");
246 static int arm920t_read_cp15_interpreted(struct target
*target
,
247 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
249 struct arm
*armv4_5
= target_to_arm(target
);
252 uint32_t cp15c15
= 0x0;
253 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
255 /* load address into R1 */
257 arm9tdmi_write_core_regs(target
, 0x2, regs
);
259 /* read-modify-write CP15 test state register
260 * to enable interpreted access mode */
261 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
262 jtag_execute_queue();
263 cp15c15
|= 1; /* set interpret mode */
264 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
266 /* execute CP15 instruction and ARM load (reading from coprocessor) */
267 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
269 /* disable interpreted access mode */
270 cp15c15
&= ~1U; /* clear interpret mode */
271 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
273 /* retrieve value from R0 */
275 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
276 jtag_execute_queue();
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
280 cp15_opcode
, address
, *value
);
283 if (!is_arm_mode(armv4_5
->core_mode
))
285 LOG_ERROR("not a valid arm core mode - communication failure?");
296 int arm920t_write_cp15_interpreted(struct target
*target
,
297 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
299 uint32_t cp15c15
= 0x0;
300 struct arm
*armv4_5
= target_to_arm(target
);
302 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
304 /* load value, address into R0, R1 */
307 arm9tdmi_write_core_regs(target
, 0x3, regs
);
309 /* read-modify-write CP15 test state register
310 * to enable interpreted access mode */
311 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
312 jtag_execute_queue();
313 cp15c15
|= 1; /* set interpret mode */
314 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
316 /* execute CP15 instruction and ARM store (writing to coprocessor) */
317 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
319 /* disable interpreted access mode */
320 cp15c15
&= ~1U; /* set interpret mode */
321 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
323 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
324 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
325 cp15_opcode
, value
, address
);
328 if (!is_arm_mode(armv4_5
->core_mode
))
330 LOG_ERROR("not a valid arm core mode - communication failure?");
341 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
346 if ((retval
= arm920t_read_cp15_interpreted(target
,
347 /* FIXME use opcode macro */
348 0xeebf0f51, 0x0, &ttb
)) != ERROR_OK
)
356 int arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
357 int d_u_cache
, int i_cache
)
359 uint32_t cp15_control
;
362 /* read cp15 control register */
363 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
364 if (retval
!= ERROR_OK
)
366 retval
= jtag_execute_queue();
367 if (retval
!= ERROR_OK
)
371 cp15_control
&= ~0x1U
;
374 cp15_control
&= ~0x4U
;
377 cp15_control
&= ~0x1000U
;
379 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
384 int arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
385 int d_u_cache
, int i_cache
)
387 uint32_t cp15_control
;
390 /* read cp15 control register */
391 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
392 if (retval
!= ERROR_OK
)
394 retval
= jtag_execute_queue();
395 if (retval
!= ERROR_OK
)
399 cp15_control
|= 0x1U
;
402 cp15_control
|= 0x4U
;
405 cp15_control
|= 0x1000U
;
407 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
412 int arm920t_post_debug_entry(struct target
*target
)
415 struct arm920t_common
*arm920t
= target_to_arm920(target
);
418 /* examine cp15 control reg */
419 retval
= arm920t_read_cp15_physical(target
,
420 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
421 if (retval
!= ERROR_OK
)
423 retval
= jtag_execute_queue();
424 if (retval
!= ERROR_OK
)
426 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
428 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
430 uint32_t cache_type_reg
;
431 /* identify caches */
432 retval
= arm920t_read_cp15_physical(target
,
433 CP15PHYS_CACHETYPE
, &cache_type_reg
);
434 if (retval
!= ERROR_OK
)
436 retval
= jtag_execute_queue();
437 if (retval
!= ERROR_OK
)
439 armv4_5_identify_cache(cache_type_reg
,
440 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
443 arm920t
->armv4_5_mmu
.mmu_enabled
=
444 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
445 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
446 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
447 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
448 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
450 /* save i/d fault status and address register */
451 /* FIXME use opcode macros */
452 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
453 if (retval
!= ERROR_OK
)
455 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
456 if (retval
!= ERROR_OK
)
458 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
459 if (retval
!= ERROR_OK
)
461 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
462 if (retval
!= ERROR_OK
)
465 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
466 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
467 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
469 if (arm920t
->preserve_cache
)
471 /* read-modify-write CP15 test state register
472 * to disable I/D-cache linefills */
473 retval
= arm920t_read_cp15_physical(target
,
474 CP15PHYS_TESTSTATE
, &cp15c15
);
475 if (retval
!= ERROR_OK
)
477 retval
= jtag_execute_queue();
478 if (retval
!= ERROR_OK
)
481 retval
= arm920t_write_cp15_physical(target
,
482 CP15PHYS_TESTSTATE
, cp15c15
);
483 if (retval
!= ERROR_OK
)
490 void arm920t_pre_restore_context(struct target
*target
)
493 struct arm920t_common
*arm920t
= target_to_arm920(target
);
495 /* restore i/d fault status and address register */
496 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
497 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
498 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
499 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
501 /* read-modify-write CP15 test state register
502 * to reenable I/D-cache linefills */
503 if (arm920t
->preserve_cache
)
505 arm920t_read_cp15_physical(target
,
506 CP15PHYS_TESTSTATE
, &cp15c15
);
507 jtag_execute_queue();
509 arm920t_write_cp15_physical(target
,
510 CP15PHYS_TESTSTATE
, cp15c15
);
514 static const char arm920_not
[] = "target is not an ARM920";
516 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
517 struct arm920t_common
*arm920t
)
519 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
520 command_print(cmd_ctx
, arm920_not
);
521 return ERROR_TARGET_INVALID
;
527 /** Logs summary of ARM920 state for a halted target. */
528 int arm920t_arch_state(struct target
*target
)
530 static const char *state
[] =
532 "disabled", "enabled"
535 struct arm920t_common
*arm920t
= target_to_arm920(target
);
538 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
)
540 LOG_ERROR("BUG: %s", arm920_not
);
541 return ERROR_TARGET_INVALID
;
544 armv4_5
= &arm920t
->arm7_9_common
.armv4_5_common
;
546 arm_arch_state(target
);
547 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
548 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
549 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
550 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
555 static int arm920_mmu(struct target
*target
, int *enabled
)
557 if (target
->state
!= TARGET_HALTED
) {
558 LOG_ERROR("%s: target not halted", __func__
);
559 return ERROR_TARGET_INVALID
;
562 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
566 static int arm920_virt2phys(struct target
*target
,
567 uint32_t virt
, uint32_t *phys
)
570 struct arm920t_common
*arm920t
= target_to_arm920(target
);
573 int retval
= armv4_5_mmu_translate_va(target
,
574 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
575 if (retval
!= ERROR_OK
)
581 /** Reads a buffer, in the specified word size, with current MMU settings. */
582 int arm920t_read_memory(struct target
*target
, uint32_t address
,
583 uint32_t size
, uint32_t count
, uint8_t *buffer
)
587 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
593 static int arm920t_read_phys_memory(struct target
*target
,
594 uint32_t address
, uint32_t size
,
595 uint32_t count
, uint8_t *buffer
)
597 struct arm920t_common
*arm920t
= target_to_arm920(target
);
599 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
600 address
, size
, count
, buffer
);
603 static int arm920t_write_phys_memory(struct target
*target
,
604 uint32_t address
, uint32_t size
,
605 uint32_t count
, const uint8_t *buffer
)
607 struct arm920t_common
*arm920t
= target_to_arm920(target
);
609 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
610 address
, size
, count
, buffer
);
614 /** Writes a buffer, in the specified word size, with current MMU settings. */
615 int arm920t_write_memory(struct target
*target
, uint32_t address
,
616 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
619 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
620 struct arm920t_common
*arm920t
= target_to_arm920(target
);
622 /* FIX!!!! this should be cleaned up and made much more general. The
623 * plan is to write up and test on arm920t specifically and
624 * then generalize and clean up afterwards.
626 * Also it should be moved to the callbacks that handle breakpoints
627 * specifically and not the generic memory write fn's. See XScale code.
629 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
630 ((size
==2) || (size
==4)))
632 /* special case the handling of single word writes to
633 * bypass MMU, to allow implementation of breakpoints
634 * in memory marked read only
641 * We need physical address and cb
643 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
645 if (retval
!= ERROR_OK
)
648 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
652 LOG_DEBUG("D-Cache buffered, "
653 "drain write buffer");
656 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
659 retval
= arm920t_write_cp15_interpreted(target
,
660 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
662 if (retval
!= ERROR_OK
)
669 * Write back memory ? -> clean cache
671 * There is no way to clean cache lines using
672 * cp15 scan chain, so copy the full cache
673 * line from cache to physical memory.
677 LOG_DEBUG("D-Cache in 'write back' mode, "
680 retval
= target_read_memory(target
,
681 address
& cache_mask
, 1,
682 sizeof(data
), &data
[0]);
683 if (retval
!= ERROR_OK
)
686 retval
= armv4_5_mmu_write_physical(target
,
687 &arm920t
->armv4_5_mmu
,
689 sizeof(data
), &data
[0]);
690 if (retval
!= ERROR_OK
)
698 * Cached ? -> Invalidate data cache using MVA
700 * MCR p15,0,Rd,c7,c6,1
702 LOG_DEBUG("D-Cache enabled, "
703 "invalidate cache line");
705 retval
= arm920t_write_cp15_interpreted(target
,
706 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
707 address
& cache_mask
);
708 if (retval
!= ERROR_OK
)
713 /* write directly to physical memory,
714 * bypassing any read only MMU bits, etc.
716 retval
= armv4_5_mmu_write_physical(target
,
717 &arm920t
->armv4_5_mmu
, pa
, size
,
719 if (retval
!= ERROR_OK
)
723 if ((retval
= arm7_9_write_memory(target
, address
,
724 size
, count
, buffer
)) != ERROR_OK
)
728 /* If ICache is enabled, we have to invalidate affected ICache lines
729 * the DCache is forced to write-through,
730 * so we don't have to clean it here
732 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
736 /* invalidate ICache single entry with MVA
737 * mcr 15, 0, r0, cr7, cr5, {1}
739 LOG_DEBUG("I-Cache enabled, "
740 "invalidating affected I-Cache line");
741 retval
= arm920t_write_cp15_interpreted(target
,
742 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
743 0x0, address
& cache_mask
);
744 if (retval
!= ERROR_OK
)
750 * mcr 15, 0, r0, cr7, cr5, {0}
752 retval
= arm920t_write_cp15_interpreted(target
,
753 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
755 if (retval
!= ERROR_OK
)
764 int arm920t_soft_reset_halt(struct target
*target
)
766 int retval
= ERROR_OK
;
767 struct arm920t_common
*arm920t
= target_to_arm920(target
);
768 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
769 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
770 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
772 if ((retval
= target_halt(target
)) != ERROR_OK
)
777 long long then
= timeval_ms();
779 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
781 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1)
784 embeddedice_read_reg(dbg_stat
);
785 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
793 if (debug_level
>= 3)
795 /* do not eat all CPU, time out after 1 se*/
804 LOG_ERROR("Failed to halt CPU after 1 sec");
805 return ERROR_TARGET_TIMEOUT
;
808 target
->state
= TARGET_HALTED
;
810 /* SVC, ARM state, IRQ and FIQ disabled */
813 cpsr
= buf_get_u32(armv4_5
->cpsr
->value
, 0, 32);
816 arm_set_cpsr(armv4_5
, cpsr
);
817 armv4_5
->cpsr
->dirty
= 1;
819 /* start fetching from 0x0 */
820 buf_set_u32(armv4_5
->pc
->value
, 0, 32, 0x0);
821 armv4_5
->pc
->dirty
= 1;
822 armv4_5
->pc
->valid
= 1;
824 arm920t_disable_mmu_caches(target
, 1, 1, 1);
825 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
826 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
827 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
829 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
832 /* FIXME remove forward decls */
833 static int arm920t_mrc(struct target
*target
, int cpnum
,
834 uint32_t op1
, uint32_t op2
,
835 uint32_t CRn
, uint32_t CRm
,
837 static int arm920t_mcr(struct target
*target
, int cpnum
,
838 uint32_t op1
, uint32_t op2
,
839 uint32_t CRn
, uint32_t CRm
,
842 static int arm920t_init_arch_info(struct target
*target
,
843 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
845 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
847 arm7_9
->armv4_5_common
.mrc
= arm920t_mrc
;
848 arm7_9
->armv4_5_common
.mcr
= arm920t_mcr
;
850 /* initialize arm7/arm9 specific info (including armv4_5) */
851 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
853 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
855 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
856 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
858 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
859 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
860 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
861 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
862 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
863 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
864 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
865 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
867 /* disabling linefills leads to lockups, so keep them enabled for now
868 * this doesn't affect correctness, but might affect timing issues, if
869 * important data is evicted from the cache during the debug session
871 arm920t
->preserve_cache
= 0;
873 /* override hw single-step capability from ARM9TDMI */
874 arm7_9
->has_single_step
= 1;
879 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
881 struct arm920t_common
*arm920t
;
883 arm920t
= calloc(1,sizeof(struct arm920t_common
));
884 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
887 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
889 int retval
= ERROR_OK
;
890 struct target
*target
= get_current_target(CMD_CTX
);
891 struct arm920t_common
*arm920t
= target_to_arm920(target
);
892 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
893 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
895 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
897 uint32_t *regs_p
[16];
898 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
901 struct arm920t_cache_line d_cache
[8][64], i_cache
[8][64];
902 int segment
, index_t
;
905 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
906 if (retval
!= ERROR_OK
)
911 command_print(CMD_CTX
, "usage: arm920t read_cache <filename>");
915 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
917 LOG_DEBUG("error opening cache content file");
921 for (i
= 0; i
< 16; i
++)
922 regs_p
[i
] = ®s
[i
];
924 /* disable MMU and Caches */
925 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
926 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
930 cp15_ctrl_saved
= cp15_ctrl
;
931 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
932 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
933 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
935 /* read CP15 test state register */
936 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
937 jtag_execute_queue();
939 /* read DCache content */
940 fprintf(output
, "DCache:\n");
942 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
944 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
947 fprintf(output
, "\nsegment: %i\n----------", segment
);
949 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
950 regs
[0] = 0x0 | (segment
<< 5);
951 arm9tdmi_write_core_regs(target
, 0x1, regs
);
953 /* set interpret mode */
955 arm920t_write_cp15_physical(target
,
956 CP15PHYS_TESTSTATE
, cp15c15
);
958 /* D CAM Read, loads current victim into C15.C.D.Ind */
959 arm920t_execute_cp15(target
,
960 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
962 /* read current victim */
963 arm920t_read_cp15_physical(target
,
964 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
966 /* clear interpret mode */
968 arm920t_write_cp15_physical(target
,
969 CP15PHYS_TESTSTATE
, cp15c15
);
971 for (index_t
= 0; index_t
< 64; index_t
++)
974 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
976 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
977 arm9tdmi_write_core_regs(target
, 0x1, regs
);
979 /* set interpret mode */
981 arm920t_write_cp15_physical(target
,
982 CP15PHYS_TESTSTATE
, cp15c15
);
984 /* Write DCache victim */
985 arm920t_execute_cp15(target
,
986 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
989 arm920t_execute_cp15(target
,
990 ARMV4_5_MCR(15,2,0,15,10,2),
991 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
994 arm920t_execute_cp15(target
,
995 ARMV4_5_MCR(15,2,0,15,6,2),
998 /* clear interpret mode */
1000 arm920t_write_cp15_physical(target
,
1001 CP15PHYS_TESTSTATE
, cp15c15
);
1003 /* read D RAM and CAM content */
1004 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1005 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1010 d_cache
[segment
][index_t
].cam
= regs
[9];
1013 regs
[9] &= 0xfffffffe;
1014 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
1015 PRIx32
", content (%s):\n",
1016 segment
, index_t
, regs
[9],
1017 (regs
[9] & 0x10) ? "valid" : "invalid");
1019 for (i
= 1; i
< 9; i
++)
1021 d_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1022 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1028 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1029 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1030 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1032 /* set interpret mode */
1034 arm920t_write_cp15_physical(target
,
1035 CP15PHYS_TESTSTATE
, cp15c15
);
1037 /* Write DCache victim */
1038 arm920t_execute_cp15(target
,
1039 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
1041 /* clear interpret mode */
1043 arm920t_write_cp15_physical(target
,
1044 CP15PHYS_TESTSTATE
, cp15c15
);
1047 /* read ICache content */
1048 fprintf(output
, "ICache:\n");
1050 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1052 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1055 fprintf(output
, "segment: %i\n----------", segment
);
1057 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1058 regs
[0] = 0x0 | (segment
<< 5);
1059 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1061 /* set interpret mode */
1063 arm920t_write_cp15_physical(target
,
1064 CP15PHYS_TESTSTATE
, cp15c15
);
1066 /* I CAM Read, loads current victim into C15.C.I.Ind */
1067 arm920t_execute_cp15(target
,
1068 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1070 /* read current victim */
1071 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1074 /* clear interpret mode */
1076 arm920t_write_cp15_physical(target
,
1077 CP15PHYS_TESTSTATE
, cp15c15
);
1079 for (index_t
= 0; index_t
< 64; index_t
++)
1082 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1084 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1085 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1087 /* set interpret mode */
1089 arm920t_write_cp15_physical(target
,
1090 CP15PHYS_TESTSTATE
, cp15c15
);
1092 /* Write ICache victim */
1093 arm920t_execute_cp15(target
,
1094 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1097 arm920t_execute_cp15(target
,
1098 ARMV4_5_MCR(15,2,0,15,9,2),
1099 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1102 arm920t_execute_cp15(target
,
1103 ARMV4_5_MCR(15,2,0,15,5,2),
1106 /* clear interpret mode */
1108 arm920t_write_cp15_physical(target
,
1109 CP15PHYS_TESTSTATE
, cp15c15
);
1111 /* read I RAM and CAM content */
1112 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1113 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1118 i_cache
[segment
][index_t
].cam
= regs
[9];
1121 regs
[9] &= 0xfffffffe;
1122 fprintf(output
, "\nsegment: %i, index: %i, "
1123 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1124 segment
, index_t
, regs
[9],
1125 (regs
[9] & 0x10) ? "valid" : "invalid");
1127 for (i
= 1; i
< 9; i
++)
1129 i_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1130 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1135 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1136 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1137 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1139 /* set interpret mode */
1141 arm920t_write_cp15_physical(target
,
1142 CP15PHYS_TESTSTATE
, cp15c15
);
1144 /* Write ICache victim */
1145 arm920t_execute_cp15(target
,
1146 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1148 /* clear interpret mode */
1150 arm920t_write_cp15_physical(target
,
1151 CP15PHYS_TESTSTATE
, cp15c15
);
1154 /* restore CP15 MMU and Cache settings */
1155 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1157 command_print(CMD_CTX
, "cache content successfully output to %s",
1162 if (!is_arm_mode(armv4_5
->core_mode
))
1164 LOG_ERROR("not a valid arm core mode - communication failure?");
1168 /* force writeback of the valid data */
1169 r
= armv4_5
->core_cache
->reg_list
;
1170 r
[0].dirty
= r
[0].valid
;
1171 r
[1].dirty
= r
[1].valid
;
1172 r
[2].dirty
= r
[2].valid
;
1173 r
[3].dirty
= r
[3].valid
;
1174 r
[4].dirty
= r
[4].valid
;
1175 r
[5].dirty
= r
[5].valid
;
1176 r
[6].dirty
= r
[6].valid
;
1177 r
[7].dirty
= r
[7].valid
;
1179 r
= arm_reg_current(armv4_5
, 8);
1180 r
->dirty
= r
->valid
;
1182 r
= arm_reg_current(armv4_5
, 9);
1183 r
->dirty
= r
->valid
;
1188 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1190 int retval
= ERROR_OK
;
1191 struct target
*target
= get_current_target(CMD_CTX
);
1192 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1193 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1194 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
1196 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1198 uint32_t *regs_p
[16];
1201 uint32_t Dlockdown
, Ilockdown
;
1202 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1206 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1207 if (retval
!= ERROR_OK
)
1212 command_print(CMD_CTX
, "usage: arm920t read_mmu <filename>");
1216 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
1218 LOG_DEBUG("error opening mmu content file");
1222 for (i
= 0; i
< 16; i
++)
1223 regs_p
[i
] = ®s
[i
];
1225 /* disable MMU and Caches */
1226 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1227 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1231 cp15_ctrl_saved
= cp15_ctrl
;
1232 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1233 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1234 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1236 /* read CP15 test state register */
1237 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1238 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1243 /* prepare reading D TLB content
1246 /* set interpret mode */
1248 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1250 /* Read D TLB lockdown */
1251 arm920t_execute_cp15(target
,
1252 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1254 /* clear interpret mode */
1256 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1258 /* read D TLB lockdown stored to r1 */
1259 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1260 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1264 Dlockdown
= regs
[1];
1266 for (victim
= 0; victim
< 64; victim
+= 8)
1268 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1269 * base remains unchanged, victim goes through entries 0 to 63
1271 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1272 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1274 /* set interpret mode */
1276 arm920t_write_cp15_physical(target
,
1277 CP15PHYS_TESTSTATE
, cp15c15
);
1279 /* Write D TLB lockdown */
1280 arm920t_execute_cp15(target
,
1281 ARMV4_5_MCR(15,0,0,10,0,0),
1284 /* Read D TLB CAM */
1285 arm920t_execute_cp15(target
,
1286 ARMV4_5_MCR(15,4,0,15,6,4),
1287 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1289 /* clear interpret mode */
1291 arm920t_write_cp15_physical(target
,
1292 CP15PHYS_TESTSTATE
, cp15c15
);
1294 /* read D TLB CAM content stored to r2-r9 */
1295 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1296 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1301 for (i
= 0; i
< 8; i
++)
1302 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1305 for (victim
= 0; victim
< 64; victim
++)
1307 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1308 * base remains unchanged, victim goes through entries 0 to 63
1310 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1311 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1313 /* set interpret mode */
1315 arm920t_write_cp15_physical(target
,
1316 CP15PHYS_TESTSTATE
, cp15c15
);
1318 /* Write D TLB lockdown */
1319 arm920t_execute_cp15(target
,
1320 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1322 /* Read D TLB RAM1 */
1323 arm920t_execute_cp15(target
,
1324 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1326 /* Read D TLB RAM2 */
1327 arm920t_execute_cp15(target
,
1328 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1330 /* clear interpret mode */
1332 arm920t_write_cp15_physical(target
,
1333 CP15PHYS_TESTSTATE
, cp15c15
);
1335 /* read D TLB RAM content stored to r2 and r3 */
1336 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1337 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1342 d_tlb
[victim
].ram1
= regs
[2];
1343 d_tlb
[victim
].ram2
= regs
[3];
1346 /* restore D TLB lockdown */
1347 regs
[1] = Dlockdown
;
1348 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1350 /* Write D TLB lockdown */
1351 arm920t_execute_cp15(target
,
1352 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1354 /* prepare reading I TLB content
1357 /* set interpret mode */
1359 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1361 /* Read I TLB lockdown */
1362 arm920t_execute_cp15(target
,
1363 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1365 /* clear interpret mode */
1367 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1369 /* read I TLB lockdown stored to r1 */
1370 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1371 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1375 Ilockdown
= regs
[1];
1377 for (victim
= 0; victim
< 64; victim
+= 8)
1379 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1380 * base remains unchanged, victim goes through entries 0 to 63
1382 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1383 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1385 /* set interpret mode */
1387 arm920t_write_cp15_physical(target
,
1388 CP15PHYS_TESTSTATE
, cp15c15
);
1390 /* Write I TLB lockdown */
1391 arm920t_execute_cp15(target
,
1392 ARMV4_5_MCR(15,0,0,10,0,1),
1395 /* Read I TLB CAM */
1396 arm920t_execute_cp15(target
,
1397 ARMV4_5_MCR(15,4,0,15,5,4),
1398 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1400 /* clear interpret mode */
1402 arm920t_write_cp15_physical(target
,
1403 CP15PHYS_TESTSTATE
, cp15c15
);
1405 /* read I TLB CAM content stored to r2-r9 */
1406 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1407 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1412 for (i
= 0; i
< 8; i
++)
1413 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1416 for (victim
= 0; victim
< 64; victim
++)
1418 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1419 * base remains unchanged, victim goes through entries 0 to 63
1421 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1422 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1424 /* set interpret mode */
1426 arm920t_write_cp15_physical(target
,
1427 CP15PHYS_TESTSTATE
, cp15c15
);
1429 /* Write I TLB lockdown */
1430 arm920t_execute_cp15(target
,
1431 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1433 /* Read I TLB RAM1 */
1434 arm920t_execute_cp15(target
,
1435 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1437 /* Read I TLB RAM2 */
1438 arm920t_execute_cp15(target
,
1439 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1441 /* clear interpret mode */
1443 arm920t_write_cp15_physical(target
,
1444 CP15PHYS_TESTSTATE
, cp15c15
);
1446 /* read I TLB RAM content stored to r2 and r3 */
1447 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1448 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1453 i_tlb
[victim
].ram1
= regs
[2];
1454 i_tlb
[victim
].ram2
= regs
[3];
1457 /* restore I TLB lockdown */
1458 regs
[1] = Ilockdown
;
1459 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1461 /* Write I TLB lockdown */
1462 arm920t_execute_cp15(target
,
1463 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1465 /* restore CP15 MMU and Cache settings */
1466 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1468 /* output data to file */
1469 fprintf(output
, "D TLB content:\n");
1470 for (i
= 0; i
< 64; i
++)
1472 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1473 " 0x%8.8" PRIx32
" %s\n",
1474 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1475 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1478 fprintf(output
, "\n\nI TLB content:\n");
1479 for (i
= 0; i
< 64; i
++)
1481 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1482 " 0x%8.8" PRIx32
" %s\n",
1483 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1484 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1487 command_print(CMD_CTX
, "mmu content successfully output to %s",
1492 if (!is_arm_mode(armv4_5
->core_mode
))
1494 LOG_ERROR("not a valid arm core mode - communication failure?");
1498 /* force writeback of the valid data */
1499 r
= armv4_5
->core_cache
->reg_list
;
1500 r
[0].dirty
= r
[0].valid
;
1501 r
[1].dirty
= r
[1].valid
;
1502 r
[2].dirty
= r
[2].valid
;
1503 r
[3].dirty
= r
[3].valid
;
1504 r
[4].dirty
= r
[4].valid
;
1505 r
[5].dirty
= r
[5].valid
;
1506 r
[6].dirty
= r
[6].valid
;
1507 r
[7].dirty
= r
[7].valid
;
1509 r
= arm_reg_current(armv4_5
, 8);
1510 r
->dirty
= r
->valid
;
1512 r
= arm_reg_current(armv4_5
, 9);
1513 r
->dirty
= r
->valid
;
1518 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1521 struct target
*target
= get_current_target(CMD_CTX
);
1522 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1524 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1525 if (retval
!= ERROR_OK
)
1528 if (target
->state
!= TARGET_HALTED
)
1530 command_print(CMD_CTX
, "target must be stopped for "
1531 "\"%s\" command", CMD_NAME
);
1535 /* one argument, read a register.
1536 * two arguments, write it.
1541 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1546 if ((retval
= arm920t_read_cp15_physical(target
,
1547 address
, &value
)) != ERROR_OK
)
1549 command_print(CMD_CTX
,
1550 "couldn't access reg %i", address
);
1553 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1558 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1561 else if (CMD_ARGC
== 2)
1564 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1565 retval
= arm920t_write_cp15_physical(target
,
1567 if (retval
!= ERROR_OK
)
1569 command_print(CMD_CTX
,
1570 "couldn't access reg %i", address
);
1571 /* REVISIT why lie? "return retval"? */
1574 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1582 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1585 struct target
*target
= get_current_target(CMD_CTX
);
1586 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1588 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1589 if (retval
!= ERROR_OK
)
1593 if (target
->state
!= TARGET_HALTED
)
1595 command_print(CMD_CTX
, "target must be stopped for "
1596 "\"%s\" command", CMD_NAME
);
1600 /* one argument, read a register.
1601 * two arguments, write it.
1606 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1611 retval
= arm920t_read_cp15_interpreted(target
,
1612 opcode
, 0x0, &value
);
1613 if (retval
!= ERROR_OK
)
1615 command_print(CMD_CTX
,
1616 "couldn't execute %8.8" PRIx32
,
1618 /* REVISIT why lie? "return retval"? */
1622 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1625 else if (CMD_ARGC
== 2)
1628 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1629 retval
= arm920t_write_cp15_interpreted(target
,
1631 if (retval
!= ERROR_OK
)
1633 command_print(CMD_CTX
,
1634 "couldn't execute %8.8" PRIx32
,
1636 /* REVISIT why lie? "return retval"? */
1639 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1642 else if (CMD_ARGC
== 3)
1645 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1647 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1648 retval
= arm920t_write_cp15_interpreted(target
,
1649 opcode
, value
, address
);
1650 if (retval
!= ERROR_OK
)
1652 command_print(CMD_CTX
,
1653 "couldn't execute %8.8" PRIx32
, opcode
);
1654 /* REVISIT why lie? "return retval"? */
1657 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1658 " %8.8" PRIx32
, opcode
, value
, address
);
1663 command_print(CMD_CTX
,
1664 "usage: arm920t cp15i <opcode> [value] [address]");
1670 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1673 struct target
*target
= get_current_target(CMD_CTX
);
1674 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1676 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1677 if (retval
!= ERROR_OK
)
1680 return armv4_5_handle_cache_info_command(CMD_CTX
,
1681 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1685 static int arm920t_mrc(struct target
*target
, int cpnum
,
1686 uint32_t op1
, uint32_t op2
,
1687 uint32_t CRn
, uint32_t CRm
,
1692 LOG_ERROR("Only cp15 is supported");
1697 return arm920t_read_cp15_interpreted(target
,
1698 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1702 static int arm920t_mcr(struct target
*target
, int cpnum
,
1703 uint32_t op1
, uint32_t op2
,
1704 uint32_t CRn
, uint32_t CRm
,
1709 LOG_ERROR("Only cp15 is supported");
1713 /* write "from" r0 */
1714 return arm920t_write_cp15_interpreted(target
,
1715 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1719 static const struct command_registration arm920t_exec_command_handlers
[] = {
1722 .handler
= arm920t_handle_cp15_command
,
1723 .mode
= COMMAND_EXEC
,
1724 .help
= "display/modify cp15 register",
1725 .usage
= "regnum [value]",
1729 .handler
= arm920t_handle_cp15i_command
,
1730 .mode
= COMMAND_EXEC
,
1731 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1732 .help
= "display/modify cp15 register using ARM opcode"
1734 .usage
= "instruction [value [address]]",
1737 .name
= "cache_info",
1738 .handler
= arm920t_handle_cache_info_command
,
1739 .mode
= COMMAND_EXEC
,
1740 .help
= "display information about target caches",
1743 .name
= "read_cache",
1744 .handler
= arm920t_handle_read_cache_command
,
1745 .mode
= COMMAND_EXEC
,
1746 .help
= "dump I/D cache content to file",
1747 .usage
= "filename",
1751 .handler
= arm920t_handle_read_mmu_command
,
1752 .mode
= COMMAND_EXEC
,
1753 .help
= "dump I/D mmu content to file",
1754 .usage
= "filename",
1756 COMMAND_REGISTRATION_DONE
1758 const struct command_registration arm920t_command_handlers
[] = {
1760 .chain
= arm9tdmi_command_handlers
,
1764 .mode
= COMMAND_ANY
,
1765 .help
= "arm920t command group",
1766 .chain
= arm920t_exec_command_handlers
,
1768 COMMAND_REGISTRATION_DONE
1771 /** Holds methods for ARM920 targets. */
1772 struct target_type arm920t_target
=
1776 .poll
= arm7_9_poll
,
1777 .arch_state
= arm920t_arch_state
,
1779 .target_request_data
= arm7_9_target_request_data
,
1781 .halt
= arm7_9_halt
,
1782 .resume
= arm7_9_resume
,
1783 .step
= arm7_9_step
,
1785 .assert_reset
= arm7_9_assert_reset
,
1786 .deassert_reset
= arm7_9_deassert_reset
,
1787 .soft_reset_halt
= arm920t_soft_reset_halt
,
1789 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1791 .read_memory
= arm920t_read_memory
,
1792 .write_memory
= arm920t_write_memory
,
1793 .read_phys_memory
= arm920t_read_phys_memory
,
1794 .write_phys_memory
= arm920t_write_phys_memory
,
1796 .virt2phys
= arm920_virt2phys
,
1798 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1800 .checksum_memory
= arm_checksum_memory
,
1801 .blank_check_memory
= arm_blank_check_memory
,
1803 .run_algorithm
= armv4_5_run_algorithm
,
1805 .add_breakpoint
= arm7_9_add_breakpoint
,
1806 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1807 .add_watchpoint
= arm7_9_add_watchpoint
,
1808 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1810 .commands
= arm920t_command_handlers
,
1811 .target_create
= arm920t_target_create
,
1812 .init_target
= arm9tdmi_init_target
,
1813 .examine
= arm7_9_examine
,
1814 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)