2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
26 #include <helper/time_support.h>
27 #include "target_type.h"
29 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target
*target
,
84 int reg_addr
, uint32_t *value
)
86 struct arm920t_common
*arm920t
= target_to_arm920(target
);
87 struct arm_jtag
*jtag_info
;
88 struct scan_field fields
[4];
89 uint8_t access_type_buf
= 1;
90 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
93 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
95 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
96 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
98 fields
[0].num_bits
= 1;
99 fields
[0].out_value
= &access_type_buf
;
100 fields
[0].in_value
= NULL
;
102 fields
[1].num_bits
= 32;
103 fields
[1].out_value
= NULL
;
104 fields
[1].in_value
= NULL
;
106 fields
[2].num_bits
= 6;
107 fields
[2].out_value
= ®_addr_buf
;
108 fields
[2].in_value
= NULL
;
110 fields
[3].num_bits
= 1;
111 fields
[3].out_value
= &nr_w_buf
;
112 fields
[3].in_value
= NULL
;
114 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
116 fields
[1].in_value
= (uint8_t *)value
;
118 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
120 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
122 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
123 jtag_execute_queue();
124 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
130 static int arm920t_write_cp15_physical(struct target
*target
,
131 int reg_addr
, uint32_t value
)
133 struct arm920t_common
*arm920t
= target_to_arm920(target
);
134 struct arm_jtag
*jtag_info
;
135 struct scan_field fields
[4];
136 uint8_t access_type_buf
= 1;
137 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
138 uint8_t nr_w_buf
= 1;
139 uint8_t value_buf
[4];
141 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
143 buf_set_u32(value_buf
, 0, 32, value
);
145 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
146 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
148 fields
[0].num_bits
= 1;
149 fields
[0].out_value
= &access_type_buf
;
150 fields
[0].in_value
= NULL
;
152 fields
[1].num_bits
= 32;
153 fields
[1].out_value
= value_buf
;
154 fields
[1].in_value
= NULL
;
156 fields
[2].num_bits
= 6;
157 fields
[2].out_value
= ®_addr_buf
;
158 fields
[2].in_value
= NULL
;
160 fields
[3].num_bits
= 1;
161 fields
[3].out_value
= &nr_w_buf
;
162 fields
[3].in_value
= NULL
;
164 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
166 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
167 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
173 /* See table 9-10 for scan chain 15 format during interpreted access mode.
174 * If the TESTSTATE register is set for interpreted access, certain CP15
175 * MRC and MCR instructions may be executed through scan chain 15.
177 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
178 * executed using scan chain 15 interpreted mode.
180 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
184 struct arm920t_common
*arm920t
= target_to_arm920(target
);
185 struct arm_jtag
*jtag_info
;
186 struct scan_field fields
[4];
187 uint8_t access_type_buf
= 0; /* interpreted access */
188 uint8_t reg_addr_buf
= 0x0;
189 uint8_t nr_w_buf
= 0;
190 uint8_t cp15_opcode_buf
[4];
192 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
194 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
195 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
197 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
199 fields
[0].num_bits
= 1;
200 fields
[0].out_value
= &access_type_buf
;
201 fields
[0].in_value
= NULL
;
203 fields
[1].num_bits
= 32;
204 fields
[1].out_value
= cp15_opcode_buf
;
205 fields
[1].in_value
= NULL
;
207 fields
[2].num_bits
= 6;
208 fields
[2].out_value
= ®_addr_buf
;
209 fields
[2].in_value
= NULL
;
211 fields
[3].num_bits
= 1;
212 fields
[3].out_value
= &nr_w_buf
;
213 fields
[3].in_value
= NULL
;
215 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
217 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
218 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
219 retval
= arm7_9_execute_sys_speed(target
);
220 if (retval
!= ERROR_OK
)
223 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
225 LOG_ERROR("failed executing JTAG queue");
232 static int arm920t_read_cp15_interpreted(struct target
*target
,
233 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
235 struct arm
*armv4_5
= target_to_arm(target
);
238 uint32_t cp15c15
= 0x0;
239 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
241 /* load address into R1 */
243 arm9tdmi_write_core_regs(target
, 0x2, regs
);
245 /* read-modify-write CP15 test state register
246 * to enable interpreted access mode */
247 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
248 jtag_execute_queue();
249 cp15c15
|= 1; /* set interpret mode */
250 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
252 /* execute CP15 instruction and ARM load (reading from coprocessor) */
253 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
255 /* disable interpreted access mode */
256 cp15c15
&= ~1U; /* clear interpret mode */
257 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
259 /* retrieve value from R0 */
261 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
262 jtag_execute_queue();
264 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
265 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
266 cp15_opcode
, address
, *value
);
269 if (!is_arm_mode(armv4_5
->core_mode
))
279 int arm920t_write_cp15_interpreted(struct target
*target
,
280 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
282 uint32_t cp15c15
= 0x0;
283 struct arm
*armv4_5
= target_to_arm(target
);
285 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
287 /* load value, address into R0, R1 */
290 arm9tdmi_write_core_regs(target
, 0x3, regs
);
292 /* read-modify-write CP15 test state register
293 * to enable interpreted access mode */
294 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
295 jtag_execute_queue();
296 cp15c15
|= 1; /* set interpret mode */
297 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
299 /* execute CP15 instruction and ARM store (writing to coprocessor) */
300 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
302 /* disable interpreted access mode */
303 cp15c15
&= ~1U; /* set interpret mode */
304 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
306 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
307 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
308 cp15_opcode
, value
, address
);
311 if (!is_arm_mode(armv4_5
->core_mode
))
321 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
326 if ((retval
= arm920t_read_cp15_interpreted(target
,
327 /* FIXME use opcode macro */
328 0xeebf0f51, 0x0, &ttb
)) != ERROR_OK
)
336 int arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
337 int d_u_cache
, int i_cache
)
339 uint32_t cp15_control
;
342 /* read cp15 control register */
343 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
344 if (retval
!= ERROR_OK
)
346 retval
= jtag_execute_queue();
347 if (retval
!= ERROR_OK
)
351 cp15_control
&= ~0x1U
;
354 cp15_control
&= ~0x4U
;
357 cp15_control
&= ~0x1000U
;
359 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
364 int arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
365 int d_u_cache
, int i_cache
)
367 uint32_t cp15_control
;
370 /* read cp15 control register */
371 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
372 if (retval
!= ERROR_OK
)
374 retval
= jtag_execute_queue();
375 if (retval
!= ERROR_OK
)
379 cp15_control
|= 0x1U
;
382 cp15_control
|= 0x4U
;
385 cp15_control
|= 0x1000U
;
387 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
392 int arm920t_post_debug_entry(struct target
*target
)
395 struct arm920t_common
*arm920t
= target_to_arm920(target
);
398 /* examine cp15 control reg */
399 retval
= arm920t_read_cp15_physical(target
,
400 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
401 if (retval
!= ERROR_OK
)
403 retval
= jtag_execute_queue();
404 if (retval
!= ERROR_OK
)
406 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
408 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
410 uint32_t cache_type_reg
;
411 /* identify caches */
412 retval
= arm920t_read_cp15_physical(target
,
413 CP15PHYS_CACHETYPE
, &cache_type_reg
);
414 if (retval
!= ERROR_OK
)
416 retval
= jtag_execute_queue();
417 if (retval
!= ERROR_OK
)
419 armv4_5_identify_cache(cache_type_reg
,
420 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
423 arm920t
->armv4_5_mmu
.mmu_enabled
=
424 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
425 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
426 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
427 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
428 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
430 /* save i/d fault status and address register */
431 /* FIXME use opcode macros */
432 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
433 if (retval
!= ERROR_OK
)
435 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
436 if (retval
!= ERROR_OK
)
438 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
439 if (retval
!= ERROR_OK
)
441 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
442 if (retval
!= ERROR_OK
)
445 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
446 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
447 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
449 if (arm920t
->preserve_cache
)
451 /* read-modify-write CP15 test state register
452 * to disable I/D-cache linefills */
453 retval
= arm920t_read_cp15_physical(target
,
454 CP15PHYS_TESTSTATE
, &cp15c15
);
455 if (retval
!= ERROR_OK
)
457 retval
= jtag_execute_queue();
458 if (retval
!= ERROR_OK
)
461 retval
= arm920t_write_cp15_physical(target
,
462 CP15PHYS_TESTSTATE
, cp15c15
);
463 if (retval
!= ERROR_OK
)
470 void arm920t_pre_restore_context(struct target
*target
)
473 struct arm920t_common
*arm920t
= target_to_arm920(target
);
475 /* restore i/d fault status and address register */
476 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
477 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
478 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
479 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
481 /* read-modify-write CP15 test state register
482 * to reenable I/D-cache linefills */
483 if (arm920t
->preserve_cache
)
485 arm920t_read_cp15_physical(target
,
486 CP15PHYS_TESTSTATE
, &cp15c15
);
487 jtag_execute_queue();
489 arm920t_write_cp15_physical(target
,
490 CP15PHYS_TESTSTATE
, cp15c15
);
494 static const char arm920_not
[] = "target is not an ARM920";
496 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
497 struct arm920t_common
*arm920t
)
499 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
500 command_print(cmd_ctx
, arm920_not
);
501 return ERROR_TARGET_INVALID
;
507 /** Logs summary of ARM920 state for a halted target. */
508 int arm920t_arch_state(struct target
*target
)
510 static const char *state
[] =
512 "disabled", "enabled"
515 struct arm920t_common
*arm920t
= target_to_arm920(target
);
518 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
)
520 LOG_ERROR("BUG: %s", arm920_not
);
521 return ERROR_TARGET_INVALID
;
524 armv4_5
= &arm920t
->arm7_9_common
.armv4_5_common
;
526 arm_arch_state(target
);
527 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
528 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
529 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
530 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
535 static int arm920_mmu(struct target
*target
, int *enabled
)
537 if (target
->state
!= TARGET_HALTED
) {
538 LOG_ERROR("%s: target not halted", __func__
);
539 return ERROR_TARGET_INVALID
;
542 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
546 static int arm920_virt2phys(struct target
*target
,
547 uint32_t virt
, uint32_t *phys
)
550 struct arm920t_common
*arm920t
= target_to_arm920(target
);
553 int retval
= armv4_5_mmu_translate_va(target
,
554 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
555 if (retval
!= ERROR_OK
)
561 /** Reads a buffer, in the specified word size, with current MMU settings. */
562 int arm920t_read_memory(struct target
*target
, uint32_t address
,
563 uint32_t size
, uint32_t count
, uint8_t *buffer
)
567 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
573 static int arm920t_read_phys_memory(struct target
*target
,
574 uint32_t address
, uint32_t size
,
575 uint32_t count
, uint8_t *buffer
)
577 struct arm920t_common
*arm920t
= target_to_arm920(target
);
579 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
580 address
, size
, count
, buffer
);
583 static int arm920t_write_phys_memory(struct target
*target
,
584 uint32_t address
, uint32_t size
,
585 uint32_t count
, uint8_t *buffer
)
587 struct arm920t_common
*arm920t
= target_to_arm920(target
);
589 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
590 address
, size
, count
, buffer
);
594 /** Writes a buffer, in the specified word size, with current MMU settings. */
595 int arm920t_write_memory(struct target
*target
, uint32_t address
,
596 uint32_t size
, uint32_t count
, uint8_t *buffer
)
599 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
600 struct arm920t_common
*arm920t
= target_to_arm920(target
);
602 /* FIX!!!! this should be cleaned up and made much more general. The
603 * plan is to write up and test on arm920t specifically and
604 * then generalize and clean up afterwards.
606 * Also it should be moved to the callbacks that handle breakpoints
607 * specifically and not the generic memory write fn's. See XScale code.
609 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
610 ((size
==2) || (size
==4)))
612 /* special case the handling of single word writes to
613 * bypass MMU, to allow implementation of breakpoints
614 * in memory marked read only
621 * We need physical address and cb
623 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
625 if (retval
!= ERROR_OK
)
628 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
632 LOG_DEBUG("D-Cache buffered, "
633 "drain write buffer");
636 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
639 retval
= arm920t_write_cp15_interpreted(target
,
640 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
642 if (retval
!= ERROR_OK
)
649 * Write back memory ? -> clean cache
651 * There is no way to clean cache lines using
652 * cp15 scan chain, so copy the full cache
653 * line from cache to physical memory.
657 LOG_DEBUG("D-Cache in 'write back' mode, "
660 retval
= target_read_memory(target
,
661 address
& cache_mask
, 1,
662 sizeof(data
), &data
[0]);
663 if (retval
!= ERROR_OK
)
666 retval
= armv4_5_mmu_write_physical(target
,
667 &arm920t
->armv4_5_mmu
,
669 sizeof(data
), &data
[0]);
670 if (retval
!= ERROR_OK
)
678 * Cached ? -> Invalidate data cache using MVA
680 * MCR p15,0,Rd,c7,c6,1
682 LOG_DEBUG("D-Cache enabled, "
683 "invalidate cache line");
685 retval
= arm920t_write_cp15_interpreted(target
,
686 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
687 address
& cache_mask
);
688 if (retval
!= ERROR_OK
)
693 /* write directly to physical memory,
694 * bypassing any read only MMU bits, etc.
696 retval
= armv4_5_mmu_write_physical(target
,
697 &arm920t
->armv4_5_mmu
, pa
, size
,
699 if (retval
!= ERROR_OK
)
703 if ((retval
= arm7_9_write_memory(target
, address
,
704 size
, count
, buffer
)) != ERROR_OK
)
708 /* If ICache is enabled, we have to invalidate affected ICache lines
709 * the DCache is forced to write-through,
710 * so we don't have to clean it here
712 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
716 /* invalidate ICache single entry with MVA
717 * mcr 15, 0, r0, cr7, cr5, {1}
719 LOG_DEBUG("I-Cache enabled, "
720 "invalidating affected I-Cache line");
721 retval
= arm920t_write_cp15_interpreted(target
,
722 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
723 0x0, address
& cache_mask
);
724 if (retval
!= ERROR_OK
)
730 * mcr 15, 0, r0, cr7, cr5, {0}
732 retval
= arm920t_write_cp15_interpreted(target
,
733 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
735 if (retval
!= ERROR_OK
)
744 int arm920t_soft_reset_halt(struct target
*target
)
746 int retval
= ERROR_OK
;
747 struct arm920t_common
*arm920t
= target_to_arm920(target
);
748 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
749 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
750 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
752 if ((retval
= target_halt(target
)) != ERROR_OK
)
757 long long then
= timeval_ms();
759 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
761 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1)
764 embeddedice_read_reg(dbg_stat
);
765 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
773 if (debug_level
>= 3)
775 /* do not eat all CPU, time out after 1 se*/
784 LOG_ERROR("Failed to halt CPU after 1 sec");
785 return ERROR_TARGET_TIMEOUT
;
788 target
->state
= TARGET_HALTED
;
790 /* SVC, ARM state, IRQ and FIQ disabled */
793 cpsr
= buf_get_u32(armv4_5
->cpsr
->value
, 0, 32);
796 arm_set_cpsr(armv4_5
, cpsr
);
797 armv4_5
->cpsr
->dirty
= 1;
799 /* start fetching from 0x0 */
800 buf_set_u32(armv4_5
->pc
->value
, 0, 32, 0x0);
801 armv4_5
->pc
->dirty
= 1;
802 armv4_5
->pc
->valid
= 1;
804 arm920t_disable_mmu_caches(target
, 1, 1, 1);
805 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
806 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
807 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
809 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
812 /* FIXME remove forward decls */
813 static int arm920t_mrc(struct target
*target
, int cpnum
,
814 uint32_t op1
, uint32_t op2
,
815 uint32_t CRn
, uint32_t CRm
,
817 static int arm920t_mcr(struct target
*target
, int cpnum
,
818 uint32_t op1
, uint32_t op2
,
819 uint32_t CRn
, uint32_t CRm
,
822 static int arm920t_init_arch_info(struct target
*target
,
823 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
825 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
827 arm7_9
->armv4_5_common
.mrc
= arm920t_mrc
;
828 arm7_9
->armv4_5_common
.mcr
= arm920t_mcr
;
830 /* initialize arm7/arm9 specific info (including armv4_5) */
831 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
833 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
835 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
836 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
838 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
839 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
840 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
841 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
842 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
843 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
844 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
845 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
847 /* disabling linefills leads to lockups, so keep them enabled for now
848 * this doesn't affect correctness, but might affect timing issues, if
849 * important data is evicted from the cache during the debug session
851 arm920t
->preserve_cache
= 0;
853 /* override hw single-step capability from ARM9TDMI */
854 arm7_9
->has_single_step
= 1;
859 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
861 struct arm920t_common
*arm920t
;
863 arm920t
= calloc(1,sizeof(struct arm920t_common
));
864 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
867 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
869 int retval
= ERROR_OK
;
870 struct target
*target
= get_current_target(CMD_CTX
);
871 struct arm920t_common
*arm920t
= target_to_arm920(target
);
872 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
873 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
875 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
877 uint32_t *regs_p
[16];
878 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
881 struct arm920t_cache_line d_cache
[8][64], i_cache
[8][64];
882 int segment
, index_t
;
885 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
886 if (retval
!= ERROR_OK
)
891 command_print(CMD_CTX
, "usage: arm920t read_cache <filename>");
895 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
897 LOG_DEBUG("error opening cache content file");
901 for (i
= 0; i
< 16; i
++)
902 regs_p
[i
] = ®s
[i
];
904 /* disable MMU and Caches */
905 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
906 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
910 cp15_ctrl_saved
= cp15_ctrl
;
911 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
912 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
913 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
915 /* read CP15 test state register */
916 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
917 jtag_execute_queue();
919 /* read DCache content */
920 fprintf(output
, "DCache:\n");
922 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
924 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
927 fprintf(output
, "\nsegment: %i\n----------", segment
);
929 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
930 regs
[0] = 0x0 | (segment
<< 5);
931 arm9tdmi_write_core_regs(target
, 0x1, regs
);
933 /* set interpret mode */
935 arm920t_write_cp15_physical(target
,
936 CP15PHYS_TESTSTATE
, cp15c15
);
938 /* D CAM Read, loads current victim into C15.C.D.Ind */
939 arm920t_execute_cp15(target
,
940 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
942 /* read current victim */
943 arm920t_read_cp15_physical(target
,
944 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
946 /* clear interpret mode */
948 arm920t_write_cp15_physical(target
,
949 CP15PHYS_TESTSTATE
, cp15c15
);
951 for (index_t
= 0; index_t
< 64; index_t
++)
954 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
956 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
957 arm9tdmi_write_core_regs(target
, 0x1, regs
);
959 /* set interpret mode */
961 arm920t_write_cp15_physical(target
,
962 CP15PHYS_TESTSTATE
, cp15c15
);
964 /* Write DCache victim */
965 arm920t_execute_cp15(target
,
966 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
969 arm920t_execute_cp15(target
,
970 ARMV4_5_MCR(15,2,0,15,10,2),
971 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
974 arm920t_execute_cp15(target
,
975 ARMV4_5_MCR(15,2,0,15,6,2),
978 /* clear interpret mode */
980 arm920t_write_cp15_physical(target
,
981 CP15PHYS_TESTSTATE
, cp15c15
);
983 /* read D RAM and CAM content */
984 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
985 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
990 d_cache
[segment
][index_t
].cam
= regs
[9];
993 regs
[9] &= 0xfffffffe;
994 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
995 PRIx32
", content (%s):\n",
996 segment
, index_t
, regs
[9],
997 (regs
[9] & 0x10) ? "valid" : "invalid");
999 for (i
= 1; i
< 9; i
++)
1001 d_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1002 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1008 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1009 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1010 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1012 /* set interpret mode */
1014 arm920t_write_cp15_physical(target
,
1015 CP15PHYS_TESTSTATE
, cp15c15
);
1017 /* Write DCache victim */
1018 arm920t_execute_cp15(target
,
1019 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
1021 /* clear interpret mode */
1023 arm920t_write_cp15_physical(target
,
1024 CP15PHYS_TESTSTATE
, cp15c15
);
1027 /* read ICache content */
1028 fprintf(output
, "ICache:\n");
1030 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1032 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1035 fprintf(output
, "segment: %i\n----------", segment
);
1037 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1038 regs
[0] = 0x0 | (segment
<< 5);
1039 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1041 /* set interpret mode */
1043 arm920t_write_cp15_physical(target
,
1044 CP15PHYS_TESTSTATE
, cp15c15
);
1046 /* I CAM Read, loads current victim into C15.C.I.Ind */
1047 arm920t_execute_cp15(target
,
1048 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1050 /* read current victim */
1051 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1054 /* clear interpret mode */
1056 arm920t_write_cp15_physical(target
,
1057 CP15PHYS_TESTSTATE
, cp15c15
);
1059 for (index_t
= 0; index_t
< 64; index_t
++)
1062 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1064 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1065 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1067 /* set interpret mode */
1069 arm920t_write_cp15_physical(target
,
1070 CP15PHYS_TESTSTATE
, cp15c15
);
1072 /* Write ICache victim */
1073 arm920t_execute_cp15(target
,
1074 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1077 arm920t_execute_cp15(target
,
1078 ARMV4_5_MCR(15,2,0,15,9,2),
1079 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1082 arm920t_execute_cp15(target
,
1083 ARMV4_5_MCR(15,2,0,15,5,2),
1086 /* clear interpret mode */
1088 arm920t_write_cp15_physical(target
,
1089 CP15PHYS_TESTSTATE
, cp15c15
);
1091 /* read I RAM and CAM content */
1092 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1093 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1098 i_cache
[segment
][index_t
].cam
= regs
[9];
1101 regs
[9] &= 0xfffffffe;
1102 fprintf(output
, "\nsegment: %i, index: %i, "
1103 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1104 segment
, index_t
, regs
[9],
1105 (regs
[9] & 0x10) ? "valid" : "invalid");
1107 for (i
= 1; i
< 9; i
++)
1109 i_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1110 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1115 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1116 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1117 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1119 /* set interpret mode */
1121 arm920t_write_cp15_physical(target
,
1122 CP15PHYS_TESTSTATE
, cp15c15
);
1124 /* Write ICache victim */
1125 arm920t_execute_cp15(target
,
1126 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1128 /* clear interpret mode */
1130 arm920t_write_cp15_physical(target
,
1131 CP15PHYS_TESTSTATE
, cp15c15
);
1134 /* restore CP15 MMU and Cache settings */
1135 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1137 command_print(CMD_CTX
, "cache content successfully output to %s",
1142 if (!is_arm_mode(armv4_5
->core_mode
))
1145 /* force writeback of the valid data */
1146 r
= armv4_5
->core_cache
->reg_list
;
1147 r
[0].dirty
= r
[0].valid
;
1148 r
[1].dirty
= r
[1].valid
;
1149 r
[2].dirty
= r
[2].valid
;
1150 r
[3].dirty
= r
[3].valid
;
1151 r
[4].dirty
= r
[4].valid
;
1152 r
[5].dirty
= r
[5].valid
;
1153 r
[6].dirty
= r
[6].valid
;
1154 r
[7].dirty
= r
[7].valid
;
1156 r
= arm_reg_current(armv4_5
, 8);
1157 r
->dirty
= r
->valid
;
1159 r
= arm_reg_current(armv4_5
, 9);
1160 r
->dirty
= r
->valid
;
1165 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1167 int retval
= ERROR_OK
;
1168 struct target
*target
= get_current_target(CMD_CTX
);
1169 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1170 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1171 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
1173 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1175 uint32_t *regs_p
[16];
1178 uint32_t Dlockdown
, Ilockdown
;
1179 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1183 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1184 if (retval
!= ERROR_OK
)
1189 command_print(CMD_CTX
, "usage: arm920t read_mmu <filename>");
1193 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
1195 LOG_DEBUG("error opening mmu content file");
1199 for (i
= 0; i
< 16; i
++)
1200 regs_p
[i
] = ®s
[i
];
1202 /* disable MMU and Caches */
1203 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1204 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1208 cp15_ctrl_saved
= cp15_ctrl
;
1209 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1210 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1211 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1213 /* read CP15 test state register */
1214 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1215 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1220 /* prepare reading D TLB content
1223 /* set interpret mode */
1225 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1227 /* Read D TLB lockdown */
1228 arm920t_execute_cp15(target
,
1229 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1231 /* clear interpret mode */
1233 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1235 /* read D TLB lockdown stored to r1 */
1236 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1237 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1241 Dlockdown
= regs
[1];
1243 for (victim
= 0; victim
< 64; victim
+= 8)
1245 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1246 * base remains unchanged, victim goes through entries 0 to 63
1248 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1249 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1251 /* set interpret mode */
1253 arm920t_write_cp15_physical(target
,
1254 CP15PHYS_TESTSTATE
, cp15c15
);
1256 /* Write D TLB lockdown */
1257 arm920t_execute_cp15(target
,
1258 ARMV4_5_MCR(15,0,0,10,0,0),
1261 /* Read D TLB CAM */
1262 arm920t_execute_cp15(target
,
1263 ARMV4_5_MCR(15,4,0,15,6,4),
1264 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1266 /* clear interpret mode */
1268 arm920t_write_cp15_physical(target
,
1269 CP15PHYS_TESTSTATE
, cp15c15
);
1271 /* read D TLB CAM content stored to r2-r9 */
1272 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1273 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1278 for (i
= 0; i
< 8; i
++)
1279 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1282 for (victim
= 0; victim
< 64; victim
++)
1284 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1285 * base remains unchanged, victim goes through entries 0 to 63
1287 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1288 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1290 /* set interpret mode */
1292 arm920t_write_cp15_physical(target
,
1293 CP15PHYS_TESTSTATE
, cp15c15
);
1295 /* Write D TLB lockdown */
1296 arm920t_execute_cp15(target
,
1297 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1299 /* Read D TLB RAM1 */
1300 arm920t_execute_cp15(target
,
1301 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1303 /* Read D TLB RAM2 */
1304 arm920t_execute_cp15(target
,
1305 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1307 /* clear interpret mode */
1309 arm920t_write_cp15_physical(target
,
1310 CP15PHYS_TESTSTATE
, cp15c15
);
1312 /* read D TLB RAM content stored to r2 and r3 */
1313 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1314 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1319 d_tlb
[victim
].ram1
= regs
[2];
1320 d_tlb
[victim
].ram2
= regs
[3];
1323 /* restore D TLB lockdown */
1324 regs
[1] = Dlockdown
;
1325 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1327 /* Write D TLB lockdown */
1328 arm920t_execute_cp15(target
,
1329 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1331 /* prepare reading I TLB content
1334 /* set interpret mode */
1336 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1338 /* Read I TLB lockdown */
1339 arm920t_execute_cp15(target
,
1340 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1342 /* clear interpret mode */
1344 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1346 /* read I TLB lockdown stored to r1 */
1347 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1348 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1352 Ilockdown
= regs
[1];
1354 for (victim
= 0; victim
< 64; victim
+= 8)
1356 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1357 * base remains unchanged, victim goes through entries 0 to 63
1359 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1360 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1362 /* set interpret mode */
1364 arm920t_write_cp15_physical(target
,
1365 CP15PHYS_TESTSTATE
, cp15c15
);
1367 /* Write I TLB lockdown */
1368 arm920t_execute_cp15(target
,
1369 ARMV4_5_MCR(15,0,0,10,0,1),
1372 /* Read I TLB CAM */
1373 arm920t_execute_cp15(target
,
1374 ARMV4_5_MCR(15,4,0,15,5,4),
1375 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1377 /* clear interpret mode */
1379 arm920t_write_cp15_physical(target
,
1380 CP15PHYS_TESTSTATE
, cp15c15
);
1382 /* read I TLB CAM content stored to r2-r9 */
1383 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1384 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1389 for (i
= 0; i
< 8; i
++)
1390 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1393 for (victim
= 0; victim
< 64; victim
++)
1395 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1396 * base remains unchanged, victim goes through entries 0 to 63
1398 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1399 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1401 /* set interpret mode */
1403 arm920t_write_cp15_physical(target
,
1404 CP15PHYS_TESTSTATE
, cp15c15
);
1406 /* Write I TLB lockdown */
1407 arm920t_execute_cp15(target
,
1408 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1410 /* Read I TLB RAM1 */
1411 arm920t_execute_cp15(target
,
1412 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1414 /* Read I TLB RAM2 */
1415 arm920t_execute_cp15(target
,
1416 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1418 /* clear interpret mode */
1420 arm920t_write_cp15_physical(target
,
1421 CP15PHYS_TESTSTATE
, cp15c15
);
1423 /* read I TLB RAM content stored to r2 and r3 */
1424 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1425 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1430 i_tlb
[victim
].ram1
= regs
[2];
1431 i_tlb
[victim
].ram2
= regs
[3];
1434 /* restore I TLB lockdown */
1435 regs
[1] = Ilockdown
;
1436 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1438 /* Write I TLB lockdown */
1439 arm920t_execute_cp15(target
,
1440 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1442 /* restore CP15 MMU and Cache settings */
1443 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1445 /* output data to file */
1446 fprintf(output
, "D TLB content:\n");
1447 for (i
= 0; i
< 64; i
++)
1449 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1450 " 0x%8.8" PRIx32
" %s\n",
1451 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1452 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1455 fprintf(output
, "\n\nI TLB content:\n");
1456 for (i
= 0; i
< 64; i
++)
1458 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1459 " 0x%8.8" PRIx32
" %s\n",
1460 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1461 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1464 command_print(CMD_CTX
, "mmu content successfully output to %s",
1469 if (!is_arm_mode(armv4_5
->core_mode
))
1472 /* force writeback of the valid data */
1473 r
= armv4_5
->core_cache
->reg_list
;
1474 r
[0].dirty
= r
[0].valid
;
1475 r
[1].dirty
= r
[1].valid
;
1476 r
[2].dirty
= r
[2].valid
;
1477 r
[3].dirty
= r
[3].valid
;
1478 r
[4].dirty
= r
[4].valid
;
1479 r
[5].dirty
= r
[5].valid
;
1480 r
[6].dirty
= r
[6].valid
;
1481 r
[7].dirty
= r
[7].valid
;
1483 r
= arm_reg_current(armv4_5
, 8);
1484 r
->dirty
= r
->valid
;
1486 r
= arm_reg_current(armv4_5
, 9);
1487 r
->dirty
= r
->valid
;
1492 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1495 struct target
*target
= get_current_target(CMD_CTX
);
1496 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1498 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1499 if (retval
!= ERROR_OK
)
1502 if (target
->state
!= TARGET_HALTED
)
1504 command_print(CMD_CTX
, "target must be stopped for "
1505 "\"%s\" command", CMD_NAME
);
1509 /* one argument, read a register.
1510 * two arguments, write it.
1515 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1520 if ((retval
= arm920t_read_cp15_physical(target
,
1521 address
, &value
)) != ERROR_OK
)
1523 command_print(CMD_CTX
,
1524 "couldn't access reg %i", address
);
1527 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1532 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1535 else if (CMD_ARGC
== 2)
1538 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1539 retval
= arm920t_write_cp15_physical(target
,
1541 if (retval
!= ERROR_OK
)
1543 command_print(CMD_CTX
,
1544 "couldn't access reg %i", address
);
1545 /* REVISIT why lie? "return retval"? */
1548 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1556 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1559 struct target
*target
= get_current_target(CMD_CTX
);
1560 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1562 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1563 if (retval
!= ERROR_OK
)
1567 if (target
->state
!= TARGET_HALTED
)
1569 command_print(CMD_CTX
, "target must be stopped for "
1570 "\"%s\" command", CMD_NAME
);
1574 /* one argument, read a register.
1575 * two arguments, write it.
1580 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1585 retval
= arm920t_read_cp15_interpreted(target
,
1586 opcode
, 0x0, &value
);
1587 if (retval
!= ERROR_OK
)
1589 command_print(CMD_CTX
,
1590 "couldn't execute %8.8" PRIx32
,
1592 /* REVISIT why lie? "return retval"? */
1596 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1599 else if (CMD_ARGC
== 2)
1602 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1603 retval
= arm920t_write_cp15_interpreted(target
,
1605 if (retval
!= ERROR_OK
)
1607 command_print(CMD_CTX
,
1608 "couldn't execute %8.8" PRIx32
,
1610 /* REVISIT why lie? "return retval"? */
1613 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1616 else if (CMD_ARGC
== 3)
1619 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1621 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1622 retval
= arm920t_write_cp15_interpreted(target
,
1623 opcode
, value
, address
);
1624 if (retval
!= ERROR_OK
)
1626 command_print(CMD_CTX
,
1627 "couldn't execute %8.8" PRIx32
, opcode
);
1628 /* REVISIT why lie? "return retval"? */
1631 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1632 " %8.8" PRIx32
, opcode
, value
, address
);
1637 command_print(CMD_CTX
,
1638 "usage: arm920t cp15i <opcode> [value] [address]");
1644 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1647 struct target
*target
= get_current_target(CMD_CTX
);
1648 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1650 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1651 if (retval
!= ERROR_OK
)
1654 return armv4_5_handle_cache_info_command(CMD_CTX
,
1655 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1659 static int arm920t_mrc(struct target
*target
, int cpnum
,
1660 uint32_t op1
, uint32_t op2
,
1661 uint32_t CRn
, uint32_t CRm
,
1666 LOG_ERROR("Only cp15 is supported");
1671 return arm920t_read_cp15_interpreted(target
,
1672 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1676 static int arm920t_mcr(struct target
*target
, int cpnum
,
1677 uint32_t op1
, uint32_t op2
,
1678 uint32_t CRn
, uint32_t CRm
,
1683 LOG_ERROR("Only cp15 is supported");
1687 /* write "from" r0 */
1688 return arm920t_write_cp15_interpreted(target
,
1689 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1693 static const struct command_registration arm920t_exec_command_handlers
[] = {
1696 .handler
= arm920t_handle_cp15_command
,
1697 .mode
= COMMAND_EXEC
,
1698 .help
= "display/modify cp15 register",
1699 .usage
= "regnum [value]",
1703 .handler
= arm920t_handle_cp15i_command
,
1704 .mode
= COMMAND_EXEC
,
1705 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1706 .help
= "display/modify cp15 register using ARM opcode"
1708 .usage
= "instruction [value [address]]",
1711 .name
= "cache_info",
1712 .handler
= arm920t_handle_cache_info_command
,
1713 .mode
= COMMAND_EXEC
,
1714 .help
= "display information about target caches",
1717 .name
= "read_cache",
1718 .handler
= arm920t_handle_read_cache_command
,
1719 .mode
= COMMAND_EXEC
,
1720 .help
= "dump I/D cache content to file",
1721 .usage
= "filename",
1725 .handler
= arm920t_handle_read_mmu_command
,
1726 .mode
= COMMAND_EXEC
,
1727 .help
= "dump I/D mmu content to file",
1728 .usage
= "filename",
1730 COMMAND_REGISTRATION_DONE
1732 const struct command_registration arm920t_command_handlers
[] = {
1734 .chain
= arm9tdmi_command_handlers
,
1738 .mode
= COMMAND_ANY
,
1739 .help
= "arm920t command group",
1740 .chain
= arm920t_exec_command_handlers
,
1742 COMMAND_REGISTRATION_DONE
1745 /** Holds methods for ARM920 targets. */
1746 struct target_type arm920t_target
=
1750 .poll
= arm7_9_poll
,
1751 .arch_state
= arm920t_arch_state
,
1753 .target_request_data
= arm7_9_target_request_data
,
1755 .halt
= arm7_9_halt
,
1756 .resume
= arm7_9_resume
,
1757 .step
= arm7_9_step
,
1759 .assert_reset
= arm7_9_assert_reset
,
1760 .deassert_reset
= arm7_9_deassert_reset
,
1761 .soft_reset_halt
= arm920t_soft_reset_halt
,
1763 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1765 .read_memory
= arm920t_read_memory
,
1766 .write_memory
= arm920t_write_memory
,
1767 .read_phys_memory
= arm920t_read_phys_memory
,
1768 .write_phys_memory
= arm920t_write_phys_memory
,
1770 .virt2phys
= arm920_virt2phys
,
1772 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1774 .checksum_memory
= arm_checksum_memory
,
1775 .blank_check_memory
= arm_blank_check_memory
,
1777 .run_algorithm
= armv4_5_run_algorithm
,
1779 .add_breakpoint
= arm7_9_add_breakpoint
,
1780 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1781 .add_watchpoint
= arm7_9_add_watchpoint
,
1782 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1784 .commands
= arm920t_command_handlers
,
1785 .target_create
= arm920t_target_create
,
1786 .init_target
= arm9tdmi_init_target
,
1787 .examine
= arm7_9_examine
,
1788 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)