1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
25 #include <helper/time_support.h>
26 #include "target_type.h"
28 #include "arm_opcodes.h"
32 * For information about the ARM920T, see ARM DDI 0151C especially
33 * Chapter 9 about debug support, which shows how to manipulate each
34 * of the different scan chains:
36 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
37 * 1 ... debugging; watchpoint and breakpoint status, etc; also
38 * MMU and cache access in conjunction with scan chain 15
40 * 3 ... external boundary scan (SoC-specific, unused here)
41 * 4 ... access to cache tag RAM
43 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
44 * "interpreted" works with a few actual MRC/MCR instructions
45 * "physical" provides register-like behaviors. Section 9.6.7
46 * covers these details.
48 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
52 #define _DEBUG_INSTRUCTION_EXECUTION_
55 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
56 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
57 * JTAG scan, while reads use two.
59 * Table 9-9 lists the thirteen registers which support physical access.
60 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
61 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
67 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
69 /* Registers supporting physical Read access (from table 9-9) */
70 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
71 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
72 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
73 /* NOTE: several more registers support only physical read access */
75 /* Registers supporting physical Read/Write access (from table 9-9) */
76 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
77 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
78 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
79 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
80 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
82 static int arm920t_read_cp15_physical(struct target
*target
,
83 int reg_addr
, uint32_t *value
)
85 struct arm920t_common
*arm920t
= target_to_arm920(target
);
86 struct arm_jtag
*jtag_info
;
87 struct scan_field fields
[4];
88 uint8_t access_type_buf
= 1;
89 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
92 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
94 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
95 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
97 fields
[0].num_bits
= 1;
98 fields
[0].out_value
= &access_type_buf
;
99 fields
[0].in_value
= NULL
;
101 fields
[1].num_bits
= 32;
102 fields
[1].out_value
= NULL
;
103 fields
[1].in_value
= NULL
;
105 fields
[2].num_bits
= 6;
106 fields
[2].out_value
= ®_addr_buf
;
107 fields
[2].in_value
= NULL
;
109 fields
[3].num_bits
= 1;
110 fields
[3].out_value
= &nr_w_buf
;
111 fields
[3].in_value
= NULL
;
113 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
115 fields
[1].in_value
= (uint8_t *)value
;
117 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
119 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
121 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
122 jtag_execute_queue();
123 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
129 static int arm920t_write_cp15_physical(struct target
*target
,
130 int reg_addr
, uint32_t value
)
132 struct arm920t_common
*arm920t
= target_to_arm920(target
);
133 struct arm_jtag
*jtag_info
;
134 struct scan_field fields
[4];
135 uint8_t access_type_buf
= 1;
136 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
137 uint8_t nr_w_buf
= 1;
138 uint8_t value_buf
[4];
140 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
142 buf_set_u32(value_buf
, 0, 32, value
);
144 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
145 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
147 fields
[0].num_bits
= 1;
148 fields
[0].out_value
= &access_type_buf
;
149 fields
[0].in_value
= NULL
;
151 fields
[1].num_bits
= 32;
152 fields
[1].out_value
= value_buf
;
153 fields
[1].in_value
= NULL
;
155 fields
[2].num_bits
= 6;
156 fields
[2].out_value
= ®_addr_buf
;
157 fields
[2].in_value
= NULL
;
159 fields
[3].num_bits
= 1;
160 fields
[3].out_value
= &nr_w_buf
;
161 fields
[3].in_value
= NULL
;
163 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
165 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
166 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
172 /* See table 9-10 for scan chain 15 format during interpreted access mode.
173 * If the TESTSTATE register is set for interpreted access, certain CP15
174 * MRC and MCR instructions may be executed through scan chain 15.
176 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
177 * executed using scan chain 15 interpreted mode.
179 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
183 struct arm920t_common
*arm920t
= target_to_arm920(target
);
184 struct arm_jtag
*jtag_info
;
185 struct scan_field fields
[4];
186 uint8_t access_type_buf
= 0; /* interpreted access */
187 uint8_t reg_addr_buf
= 0x0;
188 uint8_t nr_w_buf
= 0;
189 uint8_t cp15_opcode_buf
[4];
191 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
193 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
194 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
196 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
198 fields
[0].num_bits
= 1;
199 fields
[0].out_value
= &access_type_buf
;
200 fields
[0].in_value
= NULL
;
202 fields
[1].num_bits
= 32;
203 fields
[1].out_value
= cp15_opcode_buf
;
204 fields
[1].in_value
= NULL
;
206 fields
[2].num_bits
= 6;
207 fields
[2].out_value
= ®_addr_buf
;
208 fields
[2].in_value
= NULL
;
210 fields
[3].num_bits
= 1;
211 fields
[3].out_value
= &nr_w_buf
;
212 fields
[3].in_value
= NULL
;
214 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
216 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
217 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
218 retval
= arm7_9_execute_sys_speed(target
);
219 if (retval
!= ERROR_OK
)
222 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
224 LOG_ERROR("failed executing JTAG queue");
231 static int arm920t_read_cp15_interpreted(struct target
*target
,
232 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
234 struct arm
*armv4_5
= target_to_arm(target
);
237 uint32_t cp15c15
= 0x0;
238 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
240 /* load address into R1 */
242 arm9tdmi_write_core_regs(target
, 0x2, regs
);
244 /* read-modify-write CP15 test state register
245 * to enable interpreted access mode */
246 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
247 jtag_execute_queue();
248 cp15c15
|= 1; /* set interpret mode */
249 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
251 /* execute CP15 instruction and ARM load (reading from coprocessor) */
252 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
254 /* disable interpreted access mode */
255 cp15c15
&= ~1U; /* clear interpret mode */
256 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
258 /* retrieve value from R0 */
260 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
261 jtag_execute_queue();
263 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
264 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
265 cp15_opcode
, address
, *value
);
268 if (!is_arm_mode(armv4_5
->core_mode
))
278 int arm920t_write_cp15_interpreted(struct target
*target
,
279 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
281 uint32_t cp15c15
= 0x0;
282 struct arm
*armv4_5
= target_to_arm(target
);
284 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
286 /* load value, address into R0, R1 */
289 arm9tdmi_write_core_regs(target
, 0x3, regs
);
291 /* read-modify-write CP15 test state register
292 * to enable interpreted access mode */
293 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
294 jtag_execute_queue();
295 cp15c15
|= 1; /* set interpret mode */
296 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
298 /* execute CP15 instruction and ARM store (writing to coprocessor) */
299 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
301 /* disable interpreted access mode */
302 cp15c15
&= ~1U; /* set interpret mode */
303 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
305 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
306 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
307 cp15_opcode
, value
, address
);
310 if (!is_arm_mode(armv4_5
->core_mode
))
320 uint32_t arm920t_get_ttb(struct target
*target
)
325 if ((retval
= arm920t_read_cp15_interpreted(target
,
326 /* FIXME use opcode macro */
327 0xeebf0f51, 0x0, &ttb
)) != ERROR_OK
)
334 void arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
335 int d_u_cache
, int i_cache
)
337 uint32_t cp15_control
;
339 /* read cp15 control register */
340 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
341 jtag_execute_queue();
344 cp15_control
&= ~0x1U
;
347 cp15_control
&= ~0x4U
;
350 cp15_control
&= ~0x1000U
;
352 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
356 void arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
357 int d_u_cache
, int i_cache
)
359 uint32_t cp15_control
;
361 /* read cp15 control register */
362 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
363 jtag_execute_queue();
366 cp15_control
|= 0x1U
;
369 cp15_control
|= 0x4U
;
372 cp15_control
|= 0x1000U
;
374 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
378 void arm920t_post_debug_entry(struct target
*target
)
381 struct arm920t_common
*arm920t
= target_to_arm920(target
);
383 /* examine cp15 control reg */
384 arm920t_read_cp15_physical(target
,
385 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
386 jtag_execute_queue();
387 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
389 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
391 uint32_t cache_type_reg
;
392 /* identify caches */
393 arm920t_read_cp15_physical(target
,
394 CP15PHYS_CACHETYPE
, &cache_type_reg
);
395 jtag_execute_queue();
396 armv4_5_identify_cache(cache_type_reg
,
397 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
400 arm920t
->armv4_5_mmu
.mmu_enabled
=
401 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
402 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
403 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
404 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
405 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
407 /* save i/d fault status and address register */
408 /* FIXME use opcode macros */
409 arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
410 arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
411 arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
412 arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
414 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
415 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
416 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
418 if (arm920t
->preserve_cache
)
420 /* read-modify-write CP15 test state register
421 * to disable I/D-cache linefills */
422 arm920t_read_cp15_physical(target
,
423 CP15PHYS_TESTSTATE
, &cp15c15
);
424 jtag_execute_queue();
426 arm920t_write_cp15_physical(target
,
427 CP15PHYS_TESTSTATE
, cp15c15
);
432 void arm920t_pre_restore_context(struct target
*target
)
435 struct arm920t_common
*arm920t
= target_to_arm920(target
);
437 /* restore i/d fault status and address register */
438 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
439 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
440 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
441 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
443 /* read-modify-write CP15 test state register
444 * to reenable I/D-cache linefills */
445 if (arm920t
->preserve_cache
)
447 arm920t_read_cp15_physical(target
,
448 CP15PHYS_TESTSTATE
, &cp15c15
);
449 jtag_execute_queue();
451 arm920t_write_cp15_physical(target
,
452 CP15PHYS_TESTSTATE
, cp15c15
);
456 static const char arm920_not
[] = "target is not an ARM920";
458 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
459 struct arm920t_common
*arm920t
)
461 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
462 command_print(cmd_ctx
, arm920_not
);
463 return ERROR_TARGET_INVALID
;
469 /** Logs summary of ARM920 state for a halted target. */
470 int arm920t_arch_state(struct target
*target
)
472 static const char *state
[] =
474 "disabled", "enabled"
477 struct arm920t_common
*arm920t
= target_to_arm920(target
);
480 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
)
482 LOG_ERROR("BUG: %s", arm920_not
);
483 return ERROR_TARGET_INVALID
;
486 armv4_5
= &arm920t
->arm7_9_common
.armv4_5_common
;
488 arm_arch_state(target
);
489 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
490 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
491 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
492 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
497 static int arm920_mmu(struct target
*target
, int *enabled
)
499 if (target
->state
!= TARGET_HALTED
) {
500 LOG_ERROR("%s: target not halted", __func__
);
501 return ERROR_TARGET_INVALID
;
504 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
508 static int arm920_virt2phys(struct target
*target
,
509 uint32_t virt
, uint32_t *phys
)
512 struct arm920t_common
*arm920t
= target_to_arm920(target
);
515 int retval
= armv4_5_mmu_translate_va(target
,
516 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
517 if (retval
!= ERROR_OK
)
523 /** Reads a buffer, in the specified word size, with current MMU settings. */
524 int arm920t_read_memory(struct target
*target
, uint32_t address
,
525 uint32_t size
, uint32_t count
, uint8_t *buffer
)
529 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
535 static int arm920t_read_phys_memory(struct target
*target
,
536 uint32_t address
, uint32_t size
,
537 uint32_t count
, uint8_t *buffer
)
539 struct arm920t_common
*arm920t
= target_to_arm920(target
);
541 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
542 address
, size
, count
, buffer
);
545 static int arm920t_write_phys_memory(struct target
*target
,
546 uint32_t address
, uint32_t size
,
547 uint32_t count
, uint8_t *buffer
)
549 struct arm920t_common
*arm920t
= target_to_arm920(target
);
551 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
552 address
, size
, count
, buffer
);
556 /** Writes a buffer, in the specified word size, with current MMU settings. */
557 int arm920t_write_memory(struct target
*target
, uint32_t address
,
558 uint32_t size
, uint32_t count
, uint8_t *buffer
)
561 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
562 struct arm920t_common
*arm920t
= target_to_arm920(target
);
564 /* FIX!!!! this should be cleaned up and made much more general. The
565 * plan is to write up and test on arm920t specifically and
566 * then generalize and clean up afterwards.
568 * Also it should be moved to the callbacks that handle breakpoints
569 * specifically and not the generic memory write fn's. See XScale code.
571 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
572 ((size
==2) || (size
==4)))
574 /* special case the handling of single word writes to
575 * bypass MMU, to allow implementation of breakpoints
576 * in memory marked read only
583 * We need physical address and cb
585 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
587 if (retval
!= ERROR_OK
)
590 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
594 LOG_DEBUG("D-Cache buffered, "
595 "drain write buffer");
598 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
601 retval
= arm920t_write_cp15_interpreted(target
,
602 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
604 if (retval
!= ERROR_OK
)
611 * Write back memory ? -> clean cache
613 * There is no way to clean cache lines using
614 * cp15 scan chain, so copy the full cache
615 * line from cache to physical memory.
619 LOG_DEBUG("D-Cache in 'write back' mode, "
622 retval
= target_read_memory(target
,
623 address
& cache_mask
, 1,
624 sizeof(data
), &data
[0]);
625 if (retval
!= ERROR_OK
)
628 retval
= armv4_5_mmu_write_physical(target
,
629 &arm920t
->armv4_5_mmu
,
631 sizeof(data
), &data
[0]);
632 if (retval
!= ERROR_OK
)
640 * Cached ? -> Invalidate data cache using MVA
642 * MCR p15,0,Rd,c7,c6,1
644 LOG_DEBUG("D-Cache enabled, "
645 "invalidate cache line");
647 retval
= arm920t_write_cp15_interpreted(target
,
648 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
649 address
& cache_mask
);
650 if (retval
!= ERROR_OK
)
655 /* write directly to physical memory,
656 * bypassing any read only MMU bits, etc.
658 retval
= armv4_5_mmu_write_physical(target
,
659 &arm920t
->armv4_5_mmu
, pa
, size
,
661 if (retval
!= ERROR_OK
)
665 if ((retval
= arm7_9_write_memory(target
, address
,
666 size
, count
, buffer
)) != ERROR_OK
)
670 /* If ICache is enabled, we have to invalidate affected ICache lines
671 * the DCache is forced to write-through,
672 * so we don't have to clean it here
674 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
678 /* invalidate ICache single entry with MVA
679 * mcr 15, 0, r0, cr7, cr5, {1}
681 LOG_DEBUG("I-Cache enabled, "
682 "invalidating affected I-Cache line");
683 retval
= arm920t_write_cp15_interpreted(target
,
684 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
685 0x0, address
& cache_mask
);
686 if (retval
!= ERROR_OK
)
692 * mcr 15, 0, r0, cr7, cr5, {0}
694 retval
= arm920t_write_cp15_interpreted(target
,
695 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
697 if (retval
!= ERROR_OK
)
706 int arm920t_soft_reset_halt(struct target
*target
)
708 int retval
= ERROR_OK
;
709 struct arm920t_common
*arm920t
= target_to_arm920(target
);
710 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
711 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
712 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
714 if ((retval
= target_halt(target
)) != ERROR_OK
)
719 long long then
= timeval_ms();
721 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
723 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1)
726 embeddedice_read_reg(dbg_stat
);
727 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
735 if (debug_level
>= 3)
737 /* do not eat all CPU, time out after 1 se*/
746 LOG_ERROR("Failed to halt CPU after 1 sec");
747 return ERROR_TARGET_TIMEOUT
;
750 target
->state
= TARGET_HALTED
;
752 /* SVC, ARM state, IRQ and FIQ disabled */
755 cpsr
= buf_get_u32(armv4_5
->cpsr
->value
, 0, 32);
758 arm_set_cpsr(armv4_5
, cpsr
);
759 armv4_5
->cpsr
->dirty
= 1;
761 /* start fetching from 0x0 */
762 buf_set_u32(armv4_5
->pc
->value
, 0, 32, 0x0);
763 armv4_5
->pc
->dirty
= 1;
764 armv4_5
->pc
->valid
= 1;
766 arm920t_disable_mmu_caches(target
, 1, 1, 1);
767 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
768 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
769 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
771 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
774 /* FIXME remove forward decls */
775 static int arm920t_mrc(struct target
*target
, int cpnum
,
776 uint32_t op1
, uint32_t op2
,
777 uint32_t CRn
, uint32_t CRm
,
779 static int arm920t_mcr(struct target
*target
, int cpnum
,
780 uint32_t op1
, uint32_t op2
,
781 uint32_t CRn
, uint32_t CRm
,
784 static int arm920t_init_arch_info(struct target
*target
,
785 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
787 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
789 arm7_9
->armv4_5_common
.mrc
= arm920t_mrc
;
790 arm7_9
->armv4_5_common
.mcr
= arm920t_mcr
;
792 /* initialize arm7/arm9 specific info (including armv4_5) */
793 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
795 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
797 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
798 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
800 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
801 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
802 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
803 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
804 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
805 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
806 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
807 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
809 /* disabling linefills leads to lockups, so keep them enabled for now
810 * this doesn't affect correctness, but might affect timing issues, if
811 * important data is evicted from the cache during the debug session
813 arm920t
->preserve_cache
= 0;
815 /* override hw single-step capability from ARM9TDMI */
816 arm7_9
->has_single_step
= 1;
821 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
823 struct arm920t_common
*arm920t
;
825 arm920t
= calloc(1,sizeof(struct arm920t_common
));
826 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
829 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
831 int retval
= ERROR_OK
;
832 struct target
*target
= get_current_target(CMD_CTX
);
833 struct arm920t_common
*arm920t
= target_to_arm920(target
);
834 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
835 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
837 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
839 uint32_t *regs_p
[16];
840 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
843 struct arm920t_cache_line d_cache
[8][64], i_cache
[8][64];
847 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
848 if (retval
!= ERROR_OK
)
853 command_print(CMD_CTX
, "usage: arm920t read_cache <filename>");
857 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
859 LOG_DEBUG("error opening cache content file");
863 for (i
= 0; i
< 16; i
++)
864 regs_p
[i
] = ®s
[i
];
866 /* disable MMU and Caches */
867 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
868 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
872 cp15_ctrl_saved
= cp15_ctrl
;
873 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
874 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
875 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
877 /* read CP15 test state register */
878 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
879 jtag_execute_queue();
881 /* read DCache content */
882 fprintf(output
, "DCache:\n");
884 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
886 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
889 fprintf(output
, "\nsegment: %i\n----------", segment
);
891 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
892 regs
[0] = 0x0 | (segment
<< 5);
893 arm9tdmi_write_core_regs(target
, 0x1, regs
);
895 /* set interpret mode */
897 arm920t_write_cp15_physical(target
,
898 CP15PHYS_TESTSTATE
, cp15c15
);
900 /* D CAM Read, loads current victim into C15.C.D.Ind */
901 arm920t_execute_cp15(target
,
902 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
904 /* read current victim */
905 arm920t_read_cp15_physical(target
,
906 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
908 /* clear interpret mode */
910 arm920t_write_cp15_physical(target
,
911 CP15PHYS_TESTSTATE
, cp15c15
);
913 for (index
= 0; index
< 64; index
++)
916 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
918 regs
[0] = 0x0 | (segment
<< 5) | (index
<< 26);
919 arm9tdmi_write_core_regs(target
, 0x1, regs
);
921 /* set interpret mode */
923 arm920t_write_cp15_physical(target
,
924 CP15PHYS_TESTSTATE
, cp15c15
);
926 /* Write DCache victim */
927 arm920t_execute_cp15(target
,
928 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
931 arm920t_execute_cp15(target
,
932 ARMV4_5_MCR(15,2,0,15,10,2),
933 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
936 arm920t_execute_cp15(target
,
937 ARMV4_5_MCR(15,2,0,15,6,2),
940 /* clear interpret mode */
942 arm920t_write_cp15_physical(target
,
943 CP15PHYS_TESTSTATE
, cp15c15
);
945 /* read D RAM and CAM content */
946 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
947 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
952 d_cache
[segment
][index
].cam
= regs
[9];
955 regs
[9] &= 0xfffffffe;
956 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
957 PRIx32
", content (%s):\n",
958 segment
, index
, regs
[9],
959 (regs
[9] & 0x10) ? "valid" : "invalid");
961 for (i
= 1; i
< 9; i
++)
963 d_cache
[segment
][index
].data
[i
] = regs
[i
];
964 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
970 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
971 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
972 arm9tdmi_write_core_regs(target
, 0x1, regs
);
974 /* set interpret mode */
976 arm920t_write_cp15_physical(target
,
977 CP15PHYS_TESTSTATE
, cp15c15
);
979 /* Write DCache victim */
980 arm920t_execute_cp15(target
,
981 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
983 /* clear interpret mode */
985 arm920t_write_cp15_physical(target
,
986 CP15PHYS_TESTSTATE
, cp15c15
);
989 /* read ICache content */
990 fprintf(output
, "ICache:\n");
992 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
994 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
997 fprintf(output
, "segment: %i\n----------", segment
);
999 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1000 regs
[0] = 0x0 | (segment
<< 5);
1001 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1003 /* set interpret mode */
1005 arm920t_write_cp15_physical(target
,
1006 CP15PHYS_TESTSTATE
, cp15c15
);
1008 /* I CAM Read, loads current victim into C15.C.I.Ind */
1009 arm920t_execute_cp15(target
,
1010 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1012 /* read current victim */
1013 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1016 /* clear interpret mode */
1018 arm920t_write_cp15_physical(target
,
1019 CP15PHYS_TESTSTATE
, cp15c15
);
1021 for (index
= 0; index
< 64; index
++)
1024 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1026 regs
[0] = 0x0 | (segment
<< 5) | (index
<< 26);
1027 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1029 /* set interpret mode */
1031 arm920t_write_cp15_physical(target
,
1032 CP15PHYS_TESTSTATE
, cp15c15
);
1034 /* Write ICache victim */
1035 arm920t_execute_cp15(target
,
1036 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1039 arm920t_execute_cp15(target
,
1040 ARMV4_5_MCR(15,2,0,15,9,2),
1041 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1044 arm920t_execute_cp15(target
,
1045 ARMV4_5_MCR(15,2,0,15,5,2),
1048 /* clear interpret mode */
1050 arm920t_write_cp15_physical(target
,
1051 CP15PHYS_TESTSTATE
, cp15c15
);
1053 /* read I RAM and CAM content */
1054 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1055 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1060 i_cache
[segment
][index
].cam
= regs
[9];
1063 regs
[9] &= 0xfffffffe;
1064 fprintf(output
, "\nsegment: %i, index: %i, "
1065 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1066 segment
, index
, regs
[9],
1067 (regs
[9] & 0x10) ? "valid" : "invalid");
1069 for (i
= 1; i
< 9; i
++)
1071 i_cache
[segment
][index
].data
[i
] = regs
[i
];
1072 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1077 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1078 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1079 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1081 /* set interpret mode */
1083 arm920t_write_cp15_physical(target
,
1084 CP15PHYS_TESTSTATE
, cp15c15
);
1086 /* Write ICache victim */
1087 arm920t_execute_cp15(target
,
1088 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1090 /* clear interpret mode */
1092 arm920t_write_cp15_physical(target
,
1093 CP15PHYS_TESTSTATE
, cp15c15
);
1096 /* restore CP15 MMU and Cache settings */
1097 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1099 command_print(CMD_CTX
, "cache content successfully output to %s",
1104 if (!is_arm_mode(armv4_5
->core_mode
))
1107 /* force writeback of the valid data */
1108 r
= armv4_5
->core_cache
->reg_list
;
1109 r
[0].dirty
= r
[0].valid
;
1110 r
[1].dirty
= r
[1].valid
;
1111 r
[2].dirty
= r
[2].valid
;
1112 r
[3].dirty
= r
[3].valid
;
1113 r
[4].dirty
= r
[4].valid
;
1114 r
[5].dirty
= r
[5].valid
;
1115 r
[6].dirty
= r
[6].valid
;
1116 r
[7].dirty
= r
[7].valid
;
1118 r
= arm_reg_current(armv4_5
, 8);
1119 r
->dirty
= r
->valid
;
1121 r
= arm_reg_current(armv4_5
, 9);
1122 r
->dirty
= r
->valid
;
1127 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1129 int retval
= ERROR_OK
;
1130 struct target
*target
= get_current_target(CMD_CTX
);
1131 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1132 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1133 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
1135 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1137 uint32_t *regs_p
[16];
1140 uint32_t Dlockdown
, Ilockdown
;
1141 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1145 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1146 if (retval
!= ERROR_OK
)
1151 command_print(CMD_CTX
, "usage: arm920t read_mmu <filename>");
1155 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
1157 LOG_DEBUG("error opening mmu content file");
1161 for (i
= 0; i
< 16; i
++)
1162 regs_p
[i
] = ®s
[i
];
1164 /* disable MMU and Caches */
1165 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1166 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1170 cp15_ctrl_saved
= cp15_ctrl
;
1171 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1172 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1173 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1175 /* read CP15 test state register */
1176 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1177 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1182 /* prepare reading D TLB content
1185 /* set interpret mode */
1187 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1189 /* Read D TLB lockdown */
1190 arm920t_execute_cp15(target
,
1191 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1193 /* clear interpret mode */
1195 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1197 /* read D TLB lockdown stored to r1 */
1198 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1199 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1203 Dlockdown
= regs
[1];
1205 for (victim
= 0; victim
< 64; victim
+= 8)
1207 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1208 * base remains unchanged, victim goes through entries 0 to 63
1210 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1211 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1213 /* set interpret mode */
1215 arm920t_write_cp15_physical(target
,
1216 CP15PHYS_TESTSTATE
, cp15c15
);
1218 /* Write D TLB lockdown */
1219 arm920t_execute_cp15(target
,
1220 ARMV4_5_MCR(15,0,0,10,0,0),
1223 /* Read D TLB CAM */
1224 arm920t_execute_cp15(target
,
1225 ARMV4_5_MCR(15,4,0,15,6,4),
1226 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1228 /* clear interpret mode */
1230 arm920t_write_cp15_physical(target
,
1231 CP15PHYS_TESTSTATE
, cp15c15
);
1233 /* read D TLB CAM content stored to r2-r9 */
1234 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1235 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1240 for (i
= 0; i
< 8; i
++)
1241 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1244 for (victim
= 0; victim
< 64; victim
++)
1246 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1247 * base remains unchanged, victim goes through entries 0 to 63
1249 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1250 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1252 /* set interpret mode */
1254 arm920t_write_cp15_physical(target
,
1255 CP15PHYS_TESTSTATE
, cp15c15
);
1257 /* Write D TLB lockdown */
1258 arm920t_execute_cp15(target
,
1259 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1261 /* Read D TLB RAM1 */
1262 arm920t_execute_cp15(target
,
1263 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1265 /* Read D TLB RAM2 */
1266 arm920t_execute_cp15(target
,
1267 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1269 /* clear interpret mode */
1271 arm920t_write_cp15_physical(target
,
1272 CP15PHYS_TESTSTATE
, cp15c15
);
1274 /* read D TLB RAM content stored to r2 and r3 */
1275 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1276 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1281 d_tlb
[victim
].ram1
= regs
[2];
1282 d_tlb
[victim
].ram2
= regs
[3];
1285 /* restore D TLB lockdown */
1286 regs
[1] = Dlockdown
;
1287 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1289 /* Write D TLB lockdown */
1290 arm920t_execute_cp15(target
,
1291 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1293 /* prepare reading I TLB content
1296 /* set interpret mode */
1298 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1300 /* Read I TLB lockdown */
1301 arm920t_execute_cp15(target
,
1302 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1304 /* clear interpret mode */
1306 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1308 /* read I TLB lockdown stored to r1 */
1309 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1310 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1314 Ilockdown
= regs
[1];
1316 for (victim
= 0; victim
< 64; victim
+= 8)
1318 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1319 * base remains unchanged, victim goes through entries 0 to 63
1321 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1322 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1324 /* set interpret mode */
1326 arm920t_write_cp15_physical(target
,
1327 CP15PHYS_TESTSTATE
, cp15c15
);
1329 /* Write I TLB lockdown */
1330 arm920t_execute_cp15(target
,
1331 ARMV4_5_MCR(15,0,0,10,0,1),
1334 /* Read I TLB CAM */
1335 arm920t_execute_cp15(target
,
1336 ARMV4_5_MCR(15,4,0,15,5,4),
1337 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1339 /* clear interpret mode */
1341 arm920t_write_cp15_physical(target
,
1342 CP15PHYS_TESTSTATE
, cp15c15
);
1344 /* read I TLB CAM content stored to r2-r9 */
1345 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1346 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1351 for (i
= 0; i
< 8; i
++)
1352 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1355 for (victim
= 0; victim
< 64; victim
++)
1357 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1358 * base remains unchanged, victim goes through entries 0 to 63
1360 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1361 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1363 /* set interpret mode */
1365 arm920t_write_cp15_physical(target
,
1366 CP15PHYS_TESTSTATE
, cp15c15
);
1368 /* Write I TLB lockdown */
1369 arm920t_execute_cp15(target
,
1370 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1372 /* Read I TLB RAM1 */
1373 arm920t_execute_cp15(target
,
1374 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1376 /* Read I TLB RAM2 */
1377 arm920t_execute_cp15(target
,
1378 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1380 /* clear interpret mode */
1382 arm920t_write_cp15_physical(target
,
1383 CP15PHYS_TESTSTATE
, cp15c15
);
1385 /* read I TLB RAM content stored to r2 and r3 */
1386 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1387 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1392 i_tlb
[victim
].ram1
= regs
[2];
1393 i_tlb
[victim
].ram2
= regs
[3];
1396 /* restore I TLB lockdown */
1397 regs
[1] = Ilockdown
;
1398 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1400 /* Write I TLB lockdown */
1401 arm920t_execute_cp15(target
,
1402 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1404 /* restore CP15 MMU and Cache settings */
1405 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1407 /* output data to file */
1408 fprintf(output
, "D TLB content:\n");
1409 for (i
= 0; i
< 64; i
++)
1411 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1412 " 0x%8.8" PRIx32
" %s\n",
1413 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1414 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1417 fprintf(output
, "\n\nI TLB content:\n");
1418 for (i
= 0; i
< 64; i
++)
1420 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1421 " 0x%8.8" PRIx32
" %s\n",
1422 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1423 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1426 command_print(CMD_CTX
, "mmu content successfully output to %s",
1431 if (!is_arm_mode(armv4_5
->core_mode
))
1434 /* force writeback of the valid data */
1435 r
= armv4_5
->core_cache
->reg_list
;
1436 r
[0].dirty
= r
[0].valid
;
1437 r
[1].dirty
= r
[1].valid
;
1438 r
[2].dirty
= r
[2].valid
;
1439 r
[3].dirty
= r
[3].valid
;
1440 r
[4].dirty
= r
[4].valid
;
1441 r
[5].dirty
= r
[5].valid
;
1442 r
[6].dirty
= r
[6].valid
;
1443 r
[7].dirty
= r
[7].valid
;
1445 r
= arm_reg_current(armv4_5
, 8);
1446 r
->dirty
= r
->valid
;
1448 r
= arm_reg_current(armv4_5
, 9);
1449 r
->dirty
= r
->valid
;
1454 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1457 struct target
*target
= get_current_target(CMD_CTX
);
1458 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1460 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1461 if (retval
!= ERROR_OK
)
1464 if (target
->state
!= TARGET_HALTED
)
1466 command_print(CMD_CTX
, "target must be stopped for "
1467 "\"%s\" command", CMD_NAME
);
1471 /* one argument, read a register.
1472 * two arguments, write it.
1477 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1482 if ((retval
= arm920t_read_cp15_physical(target
,
1483 address
, &value
)) != ERROR_OK
)
1485 command_print(CMD_CTX
,
1486 "couldn't access reg %i", address
);
1489 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1494 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1497 else if (CMD_ARGC
== 2)
1500 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1501 retval
= arm920t_write_cp15_physical(target
,
1503 if (retval
!= ERROR_OK
)
1505 command_print(CMD_CTX
,
1506 "couldn't access reg %i", address
);
1507 /* REVISIT why lie? "return retval"? */
1510 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1518 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1521 struct target
*target
= get_current_target(CMD_CTX
);
1522 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1524 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1525 if (retval
!= ERROR_OK
)
1529 if (target
->state
!= TARGET_HALTED
)
1531 command_print(CMD_CTX
, "target must be stopped for "
1532 "\"%s\" command", CMD_NAME
);
1536 /* one argument, read a register.
1537 * two arguments, write it.
1542 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1547 retval
= arm920t_read_cp15_interpreted(target
,
1548 opcode
, 0x0, &value
);
1549 if (retval
!= ERROR_OK
)
1551 command_print(CMD_CTX
,
1552 "couldn't execute %8.8" PRIx32
,
1554 /* REVISIT why lie? "return retval"? */
1558 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1561 else if (CMD_ARGC
== 2)
1564 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1565 retval
= arm920t_write_cp15_interpreted(target
,
1567 if (retval
!= ERROR_OK
)
1569 command_print(CMD_CTX
,
1570 "couldn't execute %8.8" PRIx32
,
1572 /* REVISIT why lie? "return retval"? */
1575 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1578 else if (CMD_ARGC
== 3)
1581 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1583 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1584 retval
= arm920t_write_cp15_interpreted(target
,
1585 opcode
, value
, address
);
1586 if (retval
!= ERROR_OK
)
1588 command_print(CMD_CTX
,
1589 "couldn't execute %8.8" PRIx32
, opcode
);
1590 /* REVISIT why lie? "return retval"? */
1593 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1594 " %8.8" PRIx32
, opcode
, value
, address
);
1599 command_print(CMD_CTX
,
1600 "usage: arm920t cp15i <opcode> [value] [address]");
1606 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1609 struct target
*target
= get_current_target(CMD_CTX
);
1610 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1612 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1613 if (retval
!= ERROR_OK
)
1616 return armv4_5_handle_cache_info_command(CMD_CTX
,
1617 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1621 static int arm920t_mrc(struct target
*target
, int cpnum
,
1622 uint32_t op1
, uint32_t op2
,
1623 uint32_t CRn
, uint32_t CRm
,
1628 LOG_ERROR("Only cp15 is supported");
1633 return arm920t_read_cp15_interpreted(target
,
1634 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1638 static int arm920t_mcr(struct target
*target
, int cpnum
,
1639 uint32_t op1
, uint32_t op2
,
1640 uint32_t CRn
, uint32_t CRm
,
1645 LOG_ERROR("Only cp15 is supported");
1649 /* write "from" r0 */
1650 return arm920t_write_cp15_interpreted(target
,
1651 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1655 static const struct command_registration arm920t_exec_command_handlers
[] = {
1658 .handler
= arm920t_handle_cp15_command
,
1659 .mode
= COMMAND_EXEC
,
1660 .help
= "display/modify cp15 register",
1661 .usage
= "regnum [value]",
1665 .handler
= arm920t_handle_cp15i_command
,
1666 .mode
= COMMAND_EXEC
,
1667 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1668 .help
= "display/modify cp15 register using ARM opcode"
1670 .usage
= "instruction [value [address]]",
1673 .name
= "cache_info",
1674 .handler
= arm920t_handle_cache_info_command
,
1675 .mode
= COMMAND_EXEC
,
1676 .help
= "display information about target caches",
1679 .name
= "read_cache",
1680 .handler
= arm920t_handle_read_cache_command
,
1681 .mode
= COMMAND_EXEC
,
1682 .help
= "dump I/D cache content to file",
1683 .usage
= "filename",
1687 .handler
= arm920t_handle_read_mmu_command
,
1688 .mode
= COMMAND_EXEC
,
1689 .help
= "dump I/D mmu content to file",
1690 .usage
= "filename",
1692 COMMAND_REGISTRATION_DONE
1694 const struct command_registration arm920t_command_handlers
[] = {
1696 .chain
= arm9tdmi_command_handlers
,
1700 .mode
= COMMAND_ANY
,
1701 .help
= "arm920t command group",
1702 .chain
= arm920t_exec_command_handlers
,
1704 COMMAND_REGISTRATION_DONE
1707 /** Holds methods for ARM920 targets. */
1708 struct target_type arm920t_target
=
1712 .poll
= arm7_9_poll
,
1713 .arch_state
= arm920t_arch_state
,
1715 .target_request_data
= arm7_9_target_request_data
,
1717 .halt
= arm7_9_halt
,
1718 .resume
= arm7_9_resume
,
1719 .step
= arm7_9_step
,
1721 .assert_reset
= arm7_9_assert_reset
,
1722 .deassert_reset
= arm7_9_deassert_reset
,
1723 .soft_reset_halt
= arm920t_soft_reset_halt
,
1725 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1727 .read_memory
= arm920t_read_memory
,
1728 .write_memory
= arm920t_write_memory
,
1729 .read_phys_memory
= arm920t_read_phys_memory
,
1730 .write_phys_memory
= arm920t_write_phys_memory
,
1732 .virt2phys
= arm920_virt2phys
,
1734 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1736 .checksum_memory
= arm_checksum_memory
,
1737 .blank_check_memory
= arm_blank_check_memory
,
1739 .run_algorithm
= armv4_5_run_algorithm
,
1741 .add_breakpoint
= arm7_9_add_breakpoint
,
1742 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1743 .add_watchpoint
= arm7_9_add_watchpoint
,
1744 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1746 .commands
= arm920t_command_handlers
,
1747 .target_create
= arm920t_target_create
,
1748 .init_target
= arm9tdmi_init_target
,
1749 .examine
= arm7_9_examine
,
1750 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)