2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
26 #include <helper/time_support.h>
27 #include "target_type.h"
29 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target
*target
,
84 int reg_addr
, uint32_t *value
)
86 struct arm920t_common
*arm920t
= target_to_arm920(target
);
87 struct arm_jtag
*jtag_info
;
88 struct scan_field fields
[4];
89 uint8_t access_type_buf
= 1;
90 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
94 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
96 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
97 if (retval
!= ERROR_OK
)
99 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
100 if (retval
!= ERROR_OK
)
103 fields
[0].num_bits
= 1;
104 fields
[0].out_value
= &access_type_buf
;
105 fields
[0].in_value
= NULL
;
107 fields
[1].num_bits
= 32;
108 fields
[1].out_value
= NULL
;
109 fields
[1].in_value
= NULL
;
111 fields
[2].num_bits
= 6;
112 fields
[2].out_value
= ®_addr_buf
;
113 fields
[2].in_value
= NULL
;
115 fields
[3].num_bits
= 1;
116 fields
[3].out_value
= &nr_w_buf
;
117 fields
[3].in_value
= NULL
;
119 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
121 fields
[1].in_value
= (uint8_t *)value
;
123 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
125 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
127 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
128 jtag_execute_queue();
129 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
135 static int arm920t_write_cp15_physical(struct target
*target
,
136 int reg_addr
, uint32_t value
)
138 struct arm920t_common
*arm920t
= target_to_arm920(target
);
139 struct arm_jtag
*jtag_info
;
140 struct scan_field fields
[4];
141 uint8_t access_type_buf
= 1;
142 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
143 uint8_t nr_w_buf
= 1;
144 uint8_t value_buf
[4];
147 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
149 buf_set_u32(value_buf
, 0, 32, value
);
151 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
152 if (retval
!= ERROR_OK
)
154 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
155 if (retval
!= ERROR_OK
)
158 fields
[0].num_bits
= 1;
159 fields
[0].out_value
= &access_type_buf
;
160 fields
[0].in_value
= NULL
;
162 fields
[1].num_bits
= 32;
163 fields
[1].out_value
= value_buf
;
164 fields
[1].in_value
= NULL
;
166 fields
[2].num_bits
= 6;
167 fields
[2].out_value
= ®_addr_buf
;
168 fields
[2].in_value
= NULL
;
170 fields
[3].num_bits
= 1;
171 fields
[3].out_value
= &nr_w_buf
;
172 fields
[3].in_value
= NULL
;
174 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
176 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
177 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
183 /* See table 9-10 for scan chain 15 format during interpreted access mode.
184 * If the TESTSTATE register is set for interpreted access, certain CP15
185 * MRC and MCR instructions may be executed through scan chain 15.
187 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
188 * executed using scan chain 15 interpreted mode.
190 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
194 struct arm920t_common
*arm920t
= target_to_arm920(target
);
195 struct arm_jtag
*jtag_info
;
196 struct scan_field fields
[4];
197 uint8_t access_type_buf
= 0; /* interpreted access */
198 uint8_t reg_addr_buf
= 0x0;
199 uint8_t nr_w_buf
= 0;
200 uint8_t cp15_opcode_buf
[4];
202 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
204 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
205 if (retval
!= ERROR_OK
)
207 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
208 if (retval
!= ERROR_OK
)
211 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
213 fields
[0].num_bits
= 1;
214 fields
[0].out_value
= &access_type_buf
;
215 fields
[0].in_value
= NULL
;
217 fields
[1].num_bits
= 32;
218 fields
[1].out_value
= cp15_opcode_buf
;
219 fields
[1].in_value
= NULL
;
221 fields
[2].num_bits
= 6;
222 fields
[2].out_value
= ®_addr_buf
;
223 fields
[2].in_value
= NULL
;
225 fields
[3].num_bits
= 1;
226 fields
[3].out_value
= &nr_w_buf
;
227 fields
[3].in_value
= NULL
;
229 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
231 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
232 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
233 retval
= arm7_9_execute_sys_speed(target
);
234 if (retval
!= ERROR_OK
)
237 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
239 LOG_ERROR("failed executing JTAG queue");
246 static int arm920t_read_cp15_interpreted(struct target
*target
,
247 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
249 struct arm
*arm
= target_to_arm(target
);
252 uint32_t cp15c15
= 0x0;
253 struct reg
*r
= arm
->core_cache
->reg_list
;
255 /* load address into R1 */
257 arm9tdmi_write_core_regs(target
, 0x2, regs
);
259 /* read-modify-write CP15 test state register
260 * to enable interpreted access mode */
261 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
262 jtag_execute_queue();
263 cp15c15
|= 1; /* set interpret mode */
264 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
266 /* execute CP15 instruction and ARM load (reading from coprocessor) */
267 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
269 /* disable interpreted access mode */
270 cp15c15
&= ~1U; /* clear interpret mode */
271 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
273 /* retrieve value from R0 */
275 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
276 jtag_execute_queue();
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
280 cp15_opcode
, address
, *value
);
283 if (!is_arm_mode(arm
->core_mode
))
285 LOG_ERROR("not a valid arm core mode - communication failure?");
296 int arm920t_write_cp15_interpreted(struct target
*target
,
297 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
299 uint32_t cp15c15
= 0x0;
300 struct arm
*arm
= target_to_arm(target
);
302 struct reg
*r
= arm
->core_cache
->reg_list
;
304 /* load value, address into R0, R1 */
307 arm9tdmi_write_core_regs(target
, 0x3, regs
);
309 /* read-modify-write CP15 test state register
310 * to enable interpreted access mode */
311 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
312 jtag_execute_queue();
313 cp15c15
|= 1; /* set interpret mode */
314 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
316 /* execute CP15 instruction and ARM store (writing to coprocessor) */
317 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
319 /* disable interpreted access mode */
320 cp15c15
&= ~1U; /* set interpret mode */
321 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
323 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
324 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
325 cp15_opcode
, value
, address
);
328 if (!is_arm_mode(arm
->core_mode
))
330 LOG_ERROR("not a valid arm core mode - communication failure?");
341 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
346 if ((retval
= arm920t_read_cp15_interpreted(target
,
347 /* FIXME use opcode macro */
348 0xeebf0f51, 0x0, &ttb
)) != ERROR_OK
)
356 int arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
357 int d_u_cache
, int i_cache
)
359 uint32_t cp15_control
;
362 /* read cp15 control register */
363 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
364 if (retval
!= ERROR_OK
)
366 retval
= jtag_execute_queue();
367 if (retval
!= ERROR_OK
)
371 cp15_control
&= ~0x1U
;
374 cp15_control
&= ~0x4U
;
377 cp15_control
&= ~0x1000U
;
379 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
384 int arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
385 int d_u_cache
, int i_cache
)
387 uint32_t cp15_control
;
390 /* read cp15 control register */
391 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
392 if (retval
!= ERROR_OK
)
394 retval
= jtag_execute_queue();
395 if (retval
!= ERROR_OK
)
399 cp15_control
|= 0x1U
;
402 cp15_control
|= 0x4U
;
405 cp15_control
|= 0x1000U
;
407 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
412 int arm920t_post_debug_entry(struct target
*target
)
415 struct arm920t_common
*arm920t
= target_to_arm920(target
);
418 /* examine cp15 control reg */
419 retval
= arm920t_read_cp15_physical(target
,
420 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
421 if (retval
!= ERROR_OK
)
423 retval
= jtag_execute_queue();
424 if (retval
!= ERROR_OK
)
426 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
428 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
430 uint32_t cache_type_reg
;
431 /* identify caches */
432 retval
= arm920t_read_cp15_physical(target
,
433 CP15PHYS_CACHETYPE
, &cache_type_reg
);
434 if (retval
!= ERROR_OK
)
436 retval
= jtag_execute_queue();
437 if (retval
!= ERROR_OK
)
439 armv4_5_identify_cache(cache_type_reg
,
440 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
443 arm920t
->armv4_5_mmu
.mmu_enabled
=
444 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
445 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
446 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
447 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
448 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
450 /* save i/d fault status and address register */
451 /* FIXME use opcode macros */
452 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
453 if (retval
!= ERROR_OK
)
455 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
456 if (retval
!= ERROR_OK
)
458 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
459 if (retval
!= ERROR_OK
)
461 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
462 if (retval
!= ERROR_OK
)
465 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
466 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
467 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
469 if (arm920t
->preserve_cache
)
471 /* read-modify-write CP15 test state register
472 * to disable I/D-cache linefills */
473 retval
= arm920t_read_cp15_physical(target
,
474 CP15PHYS_TESTSTATE
, &cp15c15
);
475 if (retval
!= ERROR_OK
)
477 retval
= jtag_execute_queue();
478 if (retval
!= ERROR_OK
)
481 retval
= arm920t_write_cp15_physical(target
,
482 CP15PHYS_TESTSTATE
, cp15c15
);
483 if (retval
!= ERROR_OK
)
490 void arm920t_pre_restore_context(struct target
*target
)
493 struct arm920t_common
*arm920t
= target_to_arm920(target
);
495 /* restore i/d fault status and address register */
496 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
497 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
498 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
499 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
501 /* read-modify-write CP15 test state register
502 * to reenable I/D-cache linefills */
503 if (arm920t
->preserve_cache
)
505 arm920t_read_cp15_physical(target
,
506 CP15PHYS_TESTSTATE
, &cp15c15
);
507 jtag_execute_queue();
509 arm920t_write_cp15_physical(target
,
510 CP15PHYS_TESTSTATE
, cp15c15
);
514 static const char arm920_not
[] = "target is not an ARM920";
516 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
517 struct arm920t_common
*arm920t
)
519 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
520 command_print(cmd_ctx
, arm920_not
);
521 return ERROR_TARGET_INVALID
;
527 /** Logs summary of ARM920 state for a halted target. */
528 int arm920t_arch_state(struct target
*target
)
530 static const char *state
[] =
532 "disabled", "enabled"
535 struct arm920t_common
*arm920t
= target_to_arm920(target
);
537 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
)
539 LOG_ERROR("BUG: %s", arm920_not
);
540 return ERROR_TARGET_INVALID
;
543 arm_arch_state(target
);
544 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
545 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
546 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
547 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
552 static int arm920_mmu(struct target
*target
, int *enabled
)
554 if (target
->state
!= TARGET_HALTED
) {
555 LOG_ERROR("%s: target not halted", __func__
);
556 return ERROR_TARGET_INVALID
;
559 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
563 static int arm920_virt2phys(struct target
*target
,
564 uint32_t virt
, uint32_t *phys
)
567 struct arm920t_common
*arm920t
= target_to_arm920(target
);
570 int retval
= armv4_5_mmu_translate_va(target
,
571 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
572 if (retval
!= ERROR_OK
)
578 /** Reads a buffer, in the specified word size, with current MMU settings. */
579 int arm920t_read_memory(struct target
*target
, uint32_t address
,
580 uint32_t size
, uint32_t count
, uint8_t *buffer
)
584 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
590 static int arm920t_read_phys_memory(struct target
*target
,
591 uint32_t address
, uint32_t size
,
592 uint32_t count
, uint8_t *buffer
)
594 struct arm920t_common
*arm920t
= target_to_arm920(target
);
596 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
597 address
, size
, count
, buffer
);
600 static int arm920t_write_phys_memory(struct target
*target
,
601 uint32_t address
, uint32_t size
,
602 uint32_t count
, const uint8_t *buffer
)
604 struct arm920t_common
*arm920t
= target_to_arm920(target
);
606 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
607 address
, size
, count
, buffer
);
611 /** Writes a buffer, in the specified word size, with current MMU settings. */
612 int arm920t_write_memory(struct target
*target
, uint32_t address
,
613 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
616 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
617 struct arm920t_common
*arm920t
= target_to_arm920(target
);
619 /* FIX!!!! this should be cleaned up and made much more general. The
620 * plan is to write up and test on arm920t specifically and
621 * then generalize and clean up afterwards.
623 * Also it should be moved to the callbacks that handle breakpoints
624 * specifically and not the generic memory write fn's. See XScale code.
626 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
627 ((size
==2) || (size
==4)))
629 /* special case the handling of single word writes to
630 * bypass MMU, to allow implementation of breakpoints
631 * in memory marked read only
638 * We need physical address and cb
640 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
642 if (retval
!= ERROR_OK
)
645 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
649 LOG_DEBUG("D-Cache buffered, "
650 "drain write buffer");
653 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
656 retval
= arm920t_write_cp15_interpreted(target
,
657 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
659 if (retval
!= ERROR_OK
)
666 * Write back memory ? -> clean cache
668 * There is no way to clean cache lines using
669 * cp15 scan chain, so copy the full cache
670 * line from cache to physical memory.
674 LOG_DEBUG("D-Cache in 'write back' mode, "
677 retval
= target_read_memory(target
,
678 address
& cache_mask
, 1,
679 sizeof(data
), &data
[0]);
680 if (retval
!= ERROR_OK
)
683 retval
= armv4_5_mmu_write_physical(target
,
684 &arm920t
->armv4_5_mmu
,
686 sizeof(data
), &data
[0]);
687 if (retval
!= ERROR_OK
)
695 * Cached ? -> Invalidate data cache using MVA
697 * MCR p15,0,Rd,c7,c6,1
699 LOG_DEBUG("D-Cache enabled, "
700 "invalidate cache line");
702 retval
= arm920t_write_cp15_interpreted(target
,
703 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
704 address
& cache_mask
);
705 if (retval
!= ERROR_OK
)
710 /* write directly to physical memory,
711 * bypassing any read only MMU bits, etc.
713 retval
= armv4_5_mmu_write_physical(target
,
714 &arm920t
->armv4_5_mmu
, pa
, size
,
716 if (retval
!= ERROR_OK
)
720 if ((retval
= arm7_9_write_memory(target
, address
,
721 size
, count
, buffer
)) != ERROR_OK
)
725 /* If ICache is enabled, we have to invalidate affected ICache lines
726 * the DCache is forced to write-through,
727 * so we don't have to clean it here
729 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
733 /* invalidate ICache single entry with MVA
734 * mcr 15, 0, r0, cr7, cr5, {1}
736 LOG_DEBUG("I-Cache enabled, "
737 "invalidating affected I-Cache line");
738 retval
= arm920t_write_cp15_interpreted(target
,
739 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
740 0x0, address
& cache_mask
);
741 if (retval
!= ERROR_OK
)
747 * mcr 15, 0, r0, cr7, cr5, {0}
749 retval
= arm920t_write_cp15_interpreted(target
,
750 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
752 if (retval
!= ERROR_OK
)
761 int arm920t_soft_reset_halt(struct target
*target
)
763 int retval
= ERROR_OK
;
764 struct arm920t_common
*arm920t
= target_to_arm920(target
);
765 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
766 struct arm
*arm
= &arm7_9
->arm
;
767 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
769 if ((retval
= target_halt(target
)) != ERROR_OK
)
774 long long then
= timeval_ms();
776 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
778 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1)
781 embeddedice_read_reg(dbg_stat
);
782 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
790 if (debug_level
>= 3)
792 /* do not eat all CPU, time out after 1 se*/
801 LOG_ERROR("Failed to halt CPU after 1 sec");
802 return ERROR_TARGET_TIMEOUT
;
805 target
->state
= TARGET_HALTED
;
807 /* SVC, ARM state, IRQ and FIQ disabled */
810 cpsr
= buf_get_u32(arm
->cpsr
->value
, 0, 32);
813 arm_set_cpsr(arm
, cpsr
);
814 arm
->cpsr
->dirty
= 1;
816 /* start fetching from 0x0 */
817 buf_set_u32(arm
->pc
->value
, 0, 32, 0x0);
821 arm920t_disable_mmu_caches(target
, 1, 1, 1);
822 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
823 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
824 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
826 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
829 /* FIXME remove forward decls */
830 static int arm920t_mrc(struct target
*target
, int cpnum
,
831 uint32_t op1
, uint32_t op2
,
832 uint32_t CRn
, uint32_t CRm
,
834 static int arm920t_mcr(struct target
*target
, int cpnum
,
835 uint32_t op1
, uint32_t op2
,
836 uint32_t CRn
, uint32_t CRm
,
839 static int arm920t_init_arch_info(struct target
*target
,
840 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
842 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
844 arm7_9
->arm
.mrc
= arm920t_mrc
;
845 arm7_9
->arm
.mcr
= arm920t_mcr
;
847 /* initialize arm7/arm9 specific info (including armv4_5) */
848 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
850 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
852 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
853 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
855 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
856 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
857 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
858 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
859 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
860 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
861 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
862 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
864 /* disabling linefills leads to lockups, so keep them enabled for now
865 * this doesn't affect correctness, but might affect timing issues, if
866 * important data is evicted from the cache during the debug session
868 arm920t
->preserve_cache
= 0;
870 /* override hw single-step capability from ARM9TDMI */
871 arm7_9
->has_single_step
= 1;
876 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
878 struct arm920t_common
*arm920t
;
880 arm920t
= calloc(1,sizeof(struct arm920t_common
));
881 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
884 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
886 int retval
= ERROR_OK
;
887 struct target
*target
= get_current_target(CMD_CTX
);
888 struct arm920t_common
*arm920t
= target_to_arm920(target
);
889 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
890 struct arm
*arm
= &arm7_9
->arm
;
892 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
894 uint32_t *regs_p
[16];
895 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
898 int segment
, index_t
;
901 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
902 if (retval
!= ERROR_OK
)
907 return ERROR_COMMAND_SYNTAX_ERROR
;
910 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
912 LOG_DEBUG("error opening cache content file");
916 for (i
= 0; i
< 16; i
++)
917 regs_p
[i
] = ®s
[i
];
919 /* disable MMU and Caches */
920 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
921 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
925 cp15_ctrl_saved
= cp15_ctrl
;
926 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
927 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
928 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
930 /* read CP15 test state register */
931 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
932 jtag_execute_queue();
934 /* read DCache content */
935 fprintf(output
, "DCache:\n");
937 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
939 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
942 fprintf(output
, "\nsegment: %i\n----------", segment
);
944 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
945 regs
[0] = 0x0 | (segment
<< 5);
946 arm9tdmi_write_core_regs(target
, 0x1, regs
);
948 /* set interpret mode */
950 arm920t_write_cp15_physical(target
,
951 CP15PHYS_TESTSTATE
, cp15c15
);
953 /* D CAM Read, loads current victim into C15.C.D.Ind */
954 arm920t_execute_cp15(target
,
955 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
957 /* read current victim */
958 arm920t_read_cp15_physical(target
,
959 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
961 /* clear interpret mode */
963 arm920t_write_cp15_physical(target
,
964 CP15PHYS_TESTSTATE
, cp15c15
);
966 for (index_t
= 0; index_t
< 64; index_t
++)
969 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
971 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
972 arm9tdmi_write_core_regs(target
, 0x1, regs
);
974 /* set interpret mode */
976 arm920t_write_cp15_physical(target
,
977 CP15PHYS_TESTSTATE
, cp15c15
);
979 /* Write DCache victim */
980 arm920t_execute_cp15(target
,
981 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
984 arm920t_execute_cp15(target
,
985 ARMV4_5_MCR(15,2,0,15,10,2),
986 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
989 arm920t_execute_cp15(target
,
990 ARMV4_5_MCR(15,2,0,15,6,2),
993 /* clear interpret mode */
995 arm920t_write_cp15_physical(target
,
996 CP15PHYS_TESTSTATE
, cp15c15
);
998 /* read D RAM and CAM content */
999 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1000 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1006 regs
[9] &= 0xfffffffe;
1007 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
1008 PRIx32
", content (%s):\n",
1009 segment
, index_t
, regs
[9],
1010 (regs
[9] & 0x10) ? "valid" : "invalid");
1012 for (i
= 1; i
< 9; i
++)
1014 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1020 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1021 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1022 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1024 /* set interpret mode */
1026 arm920t_write_cp15_physical(target
,
1027 CP15PHYS_TESTSTATE
, cp15c15
);
1029 /* Write DCache victim */
1030 arm920t_execute_cp15(target
,
1031 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
1033 /* clear interpret mode */
1035 arm920t_write_cp15_physical(target
,
1036 CP15PHYS_TESTSTATE
, cp15c15
);
1039 /* read ICache content */
1040 fprintf(output
, "ICache:\n");
1042 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1044 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1047 fprintf(output
, "segment: %i\n----------", segment
);
1049 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1050 regs
[0] = 0x0 | (segment
<< 5);
1051 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1053 /* set interpret mode */
1055 arm920t_write_cp15_physical(target
,
1056 CP15PHYS_TESTSTATE
, cp15c15
);
1058 /* I CAM Read, loads current victim into C15.C.I.Ind */
1059 arm920t_execute_cp15(target
,
1060 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1062 /* read current victim */
1063 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1066 /* clear interpret mode */
1068 arm920t_write_cp15_physical(target
,
1069 CP15PHYS_TESTSTATE
, cp15c15
);
1071 for (index_t
= 0; index_t
< 64; index_t
++)
1074 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1076 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1077 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1079 /* set interpret mode */
1081 arm920t_write_cp15_physical(target
,
1082 CP15PHYS_TESTSTATE
, cp15c15
);
1084 /* Write ICache victim */
1085 arm920t_execute_cp15(target
,
1086 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1089 arm920t_execute_cp15(target
,
1090 ARMV4_5_MCR(15,2,0,15,9,2),
1091 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1094 arm920t_execute_cp15(target
,
1095 ARMV4_5_MCR(15,2,0,15,5,2),
1098 /* clear interpret mode */
1100 arm920t_write_cp15_physical(target
,
1101 CP15PHYS_TESTSTATE
, cp15c15
);
1103 /* read I RAM and CAM content */
1104 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1105 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1111 regs
[9] &= 0xfffffffe;
1112 fprintf(output
, "\nsegment: %i, index: %i, "
1113 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1114 segment
, index_t
, regs
[9],
1115 (regs
[9] & 0x10) ? "valid" : "invalid");
1117 for (i
= 1; i
< 9; i
++)
1119 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1124 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1125 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1126 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1128 /* set interpret mode */
1130 arm920t_write_cp15_physical(target
,
1131 CP15PHYS_TESTSTATE
, cp15c15
);
1133 /* Write ICache victim */
1134 arm920t_execute_cp15(target
,
1135 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1137 /* clear interpret mode */
1139 arm920t_write_cp15_physical(target
,
1140 CP15PHYS_TESTSTATE
, cp15c15
);
1143 /* restore CP15 MMU and Cache settings */
1144 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1146 command_print(CMD_CTX
, "cache content successfully output to %s",
1151 if (!is_arm_mode(arm
->core_mode
))
1153 LOG_ERROR("not a valid arm core mode - communication failure?");
1157 /* force writeback of the valid data */
1158 r
= arm
->core_cache
->reg_list
;
1159 r
[0].dirty
= r
[0].valid
;
1160 r
[1].dirty
= r
[1].valid
;
1161 r
[2].dirty
= r
[2].valid
;
1162 r
[3].dirty
= r
[3].valid
;
1163 r
[4].dirty
= r
[4].valid
;
1164 r
[5].dirty
= r
[5].valid
;
1165 r
[6].dirty
= r
[6].valid
;
1166 r
[7].dirty
= r
[7].valid
;
1168 r
= arm_reg_current(arm
, 8);
1169 r
->dirty
= r
->valid
;
1171 r
= arm_reg_current(arm
, 9);
1172 r
->dirty
= r
->valid
;
1177 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1179 int retval
= ERROR_OK
;
1180 struct target
*target
= get_current_target(CMD_CTX
);
1181 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1182 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1183 struct arm
*arm
= &arm7_9
->arm
;
1185 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1187 uint32_t *regs_p
[16];
1190 uint32_t Dlockdown
, Ilockdown
;
1191 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1195 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1196 if (retval
!= ERROR_OK
)
1201 return ERROR_COMMAND_SYNTAX_ERROR
;
1204 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
1206 LOG_DEBUG("error opening mmu content file");
1210 for (i
= 0; i
< 16; i
++)
1211 regs_p
[i
] = ®s
[i
];
1213 /* disable MMU and Caches */
1214 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1215 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1219 cp15_ctrl_saved
= cp15_ctrl
;
1220 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1221 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1222 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1224 /* read CP15 test state register */
1225 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1226 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1231 /* prepare reading D TLB content
1234 /* set interpret mode */
1236 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1238 /* Read D TLB lockdown */
1239 arm920t_execute_cp15(target
,
1240 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1242 /* clear interpret mode */
1244 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1246 /* read D TLB lockdown stored to r1 */
1247 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1248 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1252 Dlockdown
= regs
[1];
1254 for (victim
= 0; victim
< 64; victim
+= 8)
1256 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1257 * base remains unchanged, victim goes through entries 0 to 63
1259 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1260 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1262 /* set interpret mode */
1264 arm920t_write_cp15_physical(target
,
1265 CP15PHYS_TESTSTATE
, cp15c15
);
1267 /* Write D TLB lockdown */
1268 arm920t_execute_cp15(target
,
1269 ARMV4_5_MCR(15,0,0,10,0,0),
1272 /* Read D TLB CAM */
1273 arm920t_execute_cp15(target
,
1274 ARMV4_5_MCR(15,4,0,15,6,4),
1275 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1277 /* clear interpret mode */
1279 arm920t_write_cp15_physical(target
,
1280 CP15PHYS_TESTSTATE
, cp15c15
);
1282 /* read D TLB CAM content stored to r2-r9 */
1283 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1284 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1289 for (i
= 0; i
< 8; i
++)
1290 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1293 for (victim
= 0; victim
< 64; victim
++)
1295 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1296 * base remains unchanged, victim goes through entries 0 to 63
1298 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1299 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1301 /* set interpret mode */
1303 arm920t_write_cp15_physical(target
,
1304 CP15PHYS_TESTSTATE
, cp15c15
);
1306 /* Write D TLB lockdown */
1307 arm920t_execute_cp15(target
,
1308 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1310 /* Read D TLB RAM1 */
1311 arm920t_execute_cp15(target
,
1312 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1314 /* Read D TLB RAM2 */
1315 arm920t_execute_cp15(target
,
1316 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1318 /* clear interpret mode */
1320 arm920t_write_cp15_physical(target
,
1321 CP15PHYS_TESTSTATE
, cp15c15
);
1323 /* read D TLB RAM content stored to r2 and r3 */
1324 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1325 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1330 d_tlb
[victim
].ram1
= regs
[2];
1331 d_tlb
[victim
].ram2
= regs
[3];
1334 /* restore D TLB lockdown */
1335 regs
[1] = Dlockdown
;
1336 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1338 /* Write D TLB lockdown */
1339 arm920t_execute_cp15(target
,
1340 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1342 /* prepare reading I TLB content
1345 /* set interpret mode */
1347 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1349 /* Read I TLB lockdown */
1350 arm920t_execute_cp15(target
,
1351 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1353 /* clear interpret mode */
1355 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1357 /* read I TLB lockdown stored to r1 */
1358 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1359 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1363 Ilockdown
= regs
[1];
1365 for (victim
= 0; victim
< 64; victim
+= 8)
1367 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1368 * base remains unchanged, victim goes through entries 0 to 63
1370 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1371 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1373 /* set interpret mode */
1375 arm920t_write_cp15_physical(target
,
1376 CP15PHYS_TESTSTATE
, cp15c15
);
1378 /* Write I TLB lockdown */
1379 arm920t_execute_cp15(target
,
1380 ARMV4_5_MCR(15,0,0,10,0,1),
1383 /* Read I TLB CAM */
1384 arm920t_execute_cp15(target
,
1385 ARMV4_5_MCR(15,4,0,15,5,4),
1386 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1388 /* clear interpret mode */
1390 arm920t_write_cp15_physical(target
,
1391 CP15PHYS_TESTSTATE
, cp15c15
);
1393 /* read I TLB CAM content stored to r2-r9 */
1394 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1395 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1400 for (i
= 0; i
< 8; i
++)
1401 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1404 for (victim
= 0; victim
< 64; victim
++)
1406 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1407 * base remains unchanged, victim goes through entries 0 to 63
1409 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1410 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1412 /* set interpret mode */
1414 arm920t_write_cp15_physical(target
,
1415 CP15PHYS_TESTSTATE
, cp15c15
);
1417 /* Write I TLB lockdown */
1418 arm920t_execute_cp15(target
,
1419 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1421 /* Read I TLB RAM1 */
1422 arm920t_execute_cp15(target
,
1423 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1425 /* Read I TLB RAM2 */
1426 arm920t_execute_cp15(target
,
1427 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1429 /* clear interpret mode */
1431 arm920t_write_cp15_physical(target
,
1432 CP15PHYS_TESTSTATE
, cp15c15
);
1434 /* read I TLB RAM content stored to r2 and r3 */
1435 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1436 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1441 i_tlb
[victim
].ram1
= regs
[2];
1442 i_tlb
[victim
].ram2
= regs
[3];
1445 /* restore I TLB lockdown */
1446 regs
[1] = Ilockdown
;
1447 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1449 /* Write I TLB lockdown */
1450 arm920t_execute_cp15(target
,
1451 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1453 /* restore CP15 MMU and Cache settings */
1454 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1456 /* output data to file */
1457 fprintf(output
, "D TLB content:\n");
1458 for (i
= 0; i
< 64; i
++)
1460 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1461 " 0x%8.8" PRIx32
" %s\n",
1462 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1463 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1466 fprintf(output
, "\n\nI TLB content:\n");
1467 for (i
= 0; i
< 64; i
++)
1469 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1470 " 0x%8.8" PRIx32
" %s\n",
1471 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1472 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1475 command_print(CMD_CTX
, "mmu content successfully output to %s",
1480 if (!is_arm_mode(arm
->core_mode
))
1482 LOG_ERROR("not a valid arm core mode - communication failure?");
1486 /* force writeback of the valid data */
1487 r
= arm
->core_cache
->reg_list
;
1488 r
[0].dirty
= r
[0].valid
;
1489 r
[1].dirty
= r
[1].valid
;
1490 r
[2].dirty
= r
[2].valid
;
1491 r
[3].dirty
= r
[3].valid
;
1492 r
[4].dirty
= r
[4].valid
;
1493 r
[5].dirty
= r
[5].valid
;
1494 r
[6].dirty
= r
[6].valid
;
1495 r
[7].dirty
= r
[7].valid
;
1497 r
= arm_reg_current(arm
, 8);
1498 r
->dirty
= r
->valid
;
1500 r
= arm_reg_current(arm
, 9);
1501 r
->dirty
= r
->valid
;
1506 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1509 struct target
*target
= get_current_target(CMD_CTX
);
1510 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1512 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1513 if (retval
!= ERROR_OK
)
1516 if (target
->state
!= TARGET_HALTED
)
1518 command_print(CMD_CTX
, "target must be stopped for "
1519 "\"%s\" command", CMD_NAME
);
1523 /* one argument, read a register.
1524 * two arguments, write it.
1529 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1534 if ((retval
= arm920t_read_cp15_physical(target
,
1535 address
, &value
)) != ERROR_OK
)
1537 command_print(CMD_CTX
,
1538 "couldn't access reg %i", address
);
1541 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1546 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1549 else if (CMD_ARGC
== 2)
1552 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1553 retval
= arm920t_write_cp15_physical(target
,
1555 if (retval
!= ERROR_OK
)
1557 command_print(CMD_CTX
,
1558 "couldn't access reg %i", address
);
1559 /* REVISIT why lie? "return retval"? */
1562 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1570 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1573 struct target
*target
= get_current_target(CMD_CTX
);
1574 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1576 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1577 if (retval
!= ERROR_OK
)
1581 if (target
->state
!= TARGET_HALTED
)
1583 command_print(CMD_CTX
, "target must be stopped for "
1584 "\"%s\" command", CMD_NAME
);
1588 /* one argument, read a register.
1589 * two arguments, write it.
1594 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1599 retval
= arm920t_read_cp15_interpreted(target
,
1600 opcode
, 0x0, &value
);
1601 if (retval
!= ERROR_OK
)
1603 command_print(CMD_CTX
,
1604 "couldn't execute %8.8" PRIx32
,
1606 /* REVISIT why lie? "return retval"? */
1610 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1613 else if (CMD_ARGC
== 2)
1616 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1617 retval
= arm920t_write_cp15_interpreted(target
,
1619 if (retval
!= ERROR_OK
)
1621 command_print(CMD_CTX
,
1622 "couldn't execute %8.8" PRIx32
,
1624 /* REVISIT why lie? "return retval"? */
1627 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1630 else if (CMD_ARGC
== 3)
1633 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1635 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1636 retval
= arm920t_write_cp15_interpreted(target
,
1637 opcode
, value
, address
);
1638 if (retval
!= ERROR_OK
)
1640 command_print(CMD_CTX
,
1641 "couldn't execute %8.8" PRIx32
, opcode
);
1642 /* REVISIT why lie? "return retval"? */
1645 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1646 " %8.8" PRIx32
, opcode
, value
, address
);
1651 return ERROR_COMMAND_SYNTAX_ERROR
;
1657 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1660 struct target
*target
= get_current_target(CMD_CTX
);
1661 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1663 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1664 if (retval
!= ERROR_OK
)
1667 return armv4_5_handle_cache_info_command(CMD_CTX
,
1668 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1672 static int arm920t_mrc(struct target
*target
, int cpnum
,
1673 uint32_t op1
, uint32_t op2
,
1674 uint32_t CRn
, uint32_t CRm
,
1679 LOG_ERROR("Only cp15 is supported");
1684 return arm920t_read_cp15_interpreted(target
,
1685 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1689 static int arm920t_mcr(struct target
*target
, int cpnum
,
1690 uint32_t op1
, uint32_t op2
,
1691 uint32_t CRn
, uint32_t CRm
,
1696 LOG_ERROR("Only cp15 is supported");
1700 /* write "from" r0 */
1701 return arm920t_write_cp15_interpreted(target
,
1702 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1706 static const struct command_registration arm920t_exec_command_handlers
[] = {
1709 .handler
= arm920t_handle_cp15_command
,
1710 .mode
= COMMAND_EXEC
,
1711 .help
= "display/modify cp15 register",
1712 .usage
= "regnum [value]",
1716 .handler
= arm920t_handle_cp15i_command
,
1717 .mode
= COMMAND_EXEC
,
1718 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1719 .help
= "display/modify cp15 register using ARM opcode"
1721 .usage
= "instruction [value [address]]",
1724 .name
= "cache_info",
1725 .handler
= arm920t_handle_cache_info_command
,
1726 .mode
= COMMAND_EXEC
,
1728 .help
= "display information about target caches",
1731 .name
= "read_cache",
1732 .handler
= arm920t_handle_read_cache_command
,
1733 .mode
= COMMAND_EXEC
,
1734 .help
= "dump I/D cache content to file",
1735 .usage
= "filename",
1739 .handler
= arm920t_handle_read_mmu_command
,
1740 .mode
= COMMAND_EXEC
,
1741 .help
= "dump I/D mmu content to file",
1742 .usage
= "filename",
1744 COMMAND_REGISTRATION_DONE
1746 const struct command_registration arm920t_command_handlers
[] = {
1748 .chain
= arm9tdmi_command_handlers
,
1752 .mode
= COMMAND_ANY
,
1753 .help
= "arm920t command group",
1755 .chain
= arm920t_exec_command_handlers
,
1757 COMMAND_REGISTRATION_DONE
1760 /** Holds methods for ARM920 targets. */
1761 struct target_type arm920t_target
=
1765 .poll
= arm7_9_poll
,
1766 .arch_state
= arm920t_arch_state
,
1768 .target_request_data
= arm7_9_target_request_data
,
1770 .halt
= arm7_9_halt
,
1771 .resume
= arm7_9_resume
,
1772 .step
= arm7_9_step
,
1774 .assert_reset
= arm7_9_assert_reset
,
1775 .deassert_reset
= arm7_9_deassert_reset
,
1776 .soft_reset_halt
= arm920t_soft_reset_halt
,
1778 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1780 .read_memory
= arm920t_read_memory
,
1781 .write_memory
= arm920t_write_memory
,
1782 .read_phys_memory
= arm920t_read_phys_memory
,
1783 .write_phys_memory
= arm920t_write_phys_memory
,
1785 .virt2phys
= arm920_virt2phys
,
1787 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1789 .checksum_memory
= arm_checksum_memory
,
1790 .blank_check_memory
= arm_blank_check_memory
,
1792 .run_algorithm
= armv4_5_run_algorithm
,
1794 .add_breakpoint
= arm7_9_add_breakpoint
,
1795 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1796 .add_watchpoint
= arm7_9_add_watchpoint
,
1797 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1799 .commands
= arm920t_command_handlers
,
1800 .target_create
= arm920t_target_create
,
1801 .init_target
= arm9tdmi_init_target
,
1802 .examine
= arm7_9_examine
,
1803 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)