2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
26 #include <helper/time_support.h>
27 #include "target_type.h"
29 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target
*target
,
84 int reg_addr
, uint32_t *value
)
86 struct arm920t_common
*arm920t
= target_to_arm920(target
);
87 struct arm_jtag
*jtag_info
;
88 struct scan_field fields
[4];
89 uint8_t access_type_buf
= 1;
90 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
93 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
95 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
96 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
98 fields
[0].num_bits
= 1;
99 fields
[0].out_value
= &access_type_buf
;
100 fields
[0].in_value
= NULL
;
102 fields
[1].num_bits
= 32;
103 fields
[1].out_value
= NULL
;
104 fields
[1].in_value
= NULL
;
106 fields
[2].num_bits
= 6;
107 fields
[2].out_value
= ®_addr_buf
;
108 fields
[2].in_value
= NULL
;
110 fields
[3].num_bits
= 1;
111 fields
[3].out_value
= &nr_w_buf
;
112 fields
[3].in_value
= NULL
;
114 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
116 fields
[1].in_value
= (uint8_t *)value
;
118 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
120 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
122 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
123 jtag_execute_queue();
124 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
130 static int arm920t_write_cp15_physical(struct target
*target
,
131 int reg_addr
, uint32_t value
)
133 struct arm920t_common
*arm920t
= target_to_arm920(target
);
134 struct arm_jtag
*jtag_info
;
135 struct scan_field fields
[4];
136 uint8_t access_type_buf
= 1;
137 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
138 uint8_t nr_w_buf
= 1;
139 uint8_t value_buf
[4];
141 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
143 buf_set_u32(value_buf
, 0, 32, value
);
145 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
146 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
148 fields
[0].num_bits
= 1;
149 fields
[0].out_value
= &access_type_buf
;
150 fields
[0].in_value
= NULL
;
152 fields
[1].num_bits
= 32;
153 fields
[1].out_value
= value_buf
;
154 fields
[1].in_value
= NULL
;
156 fields
[2].num_bits
= 6;
157 fields
[2].out_value
= ®_addr_buf
;
158 fields
[2].in_value
= NULL
;
160 fields
[3].num_bits
= 1;
161 fields
[3].out_value
= &nr_w_buf
;
162 fields
[3].in_value
= NULL
;
164 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
166 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
167 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
173 /* See table 9-10 for scan chain 15 format during interpreted access mode.
174 * If the TESTSTATE register is set for interpreted access, certain CP15
175 * MRC and MCR instructions may be executed through scan chain 15.
177 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
178 * executed using scan chain 15 interpreted mode.
180 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
184 struct arm920t_common
*arm920t
= target_to_arm920(target
);
185 struct arm_jtag
*jtag_info
;
186 struct scan_field fields
[4];
187 uint8_t access_type_buf
= 0; /* interpreted access */
188 uint8_t reg_addr_buf
= 0x0;
189 uint8_t nr_w_buf
= 0;
190 uint8_t cp15_opcode_buf
[4];
192 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
194 arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
195 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
197 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
199 fields
[0].num_bits
= 1;
200 fields
[0].out_value
= &access_type_buf
;
201 fields
[0].in_value
= NULL
;
203 fields
[1].num_bits
= 32;
204 fields
[1].out_value
= cp15_opcode_buf
;
205 fields
[1].in_value
= NULL
;
207 fields
[2].num_bits
= 6;
208 fields
[2].out_value
= ®_addr_buf
;
209 fields
[2].in_value
= NULL
;
211 fields
[3].num_bits
= 1;
212 fields
[3].out_value
= &nr_w_buf
;
213 fields
[3].in_value
= NULL
;
215 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
217 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
218 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
219 retval
= arm7_9_execute_sys_speed(target
);
220 if (retval
!= ERROR_OK
)
223 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
225 LOG_ERROR("failed executing JTAG queue");
232 static int arm920t_read_cp15_interpreted(struct target
*target
,
233 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
235 struct arm
*armv4_5
= target_to_arm(target
);
238 uint32_t cp15c15
= 0x0;
239 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
241 /* load address into R1 */
243 arm9tdmi_write_core_regs(target
, 0x2, regs
);
245 /* read-modify-write CP15 test state register
246 * to enable interpreted access mode */
247 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
248 jtag_execute_queue();
249 cp15c15
|= 1; /* set interpret mode */
250 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
252 /* execute CP15 instruction and ARM load (reading from coprocessor) */
253 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
255 /* disable interpreted access mode */
256 cp15c15
&= ~1U; /* clear interpret mode */
257 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
259 /* retrieve value from R0 */
261 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
262 jtag_execute_queue();
264 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
265 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
266 cp15_opcode
, address
, *value
);
269 if (!is_arm_mode(armv4_5
->core_mode
))
279 int arm920t_write_cp15_interpreted(struct target
*target
,
280 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
282 uint32_t cp15c15
= 0x0;
283 struct arm
*armv4_5
= target_to_arm(target
);
285 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
287 /* load value, address into R0, R1 */
290 arm9tdmi_write_core_regs(target
, 0x3, regs
);
292 /* read-modify-write CP15 test state register
293 * to enable interpreted access mode */
294 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
295 jtag_execute_queue();
296 cp15c15
|= 1; /* set interpret mode */
297 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
299 /* execute CP15 instruction and ARM store (writing to coprocessor) */
300 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
302 /* disable interpreted access mode */
303 cp15c15
&= ~1U; /* set interpret mode */
304 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
306 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
307 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
308 cp15_opcode
, value
, address
);
311 if (!is_arm_mode(armv4_5
->core_mode
))
321 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
326 if ((retval
= arm920t_read_cp15_interpreted(target
,
327 /* FIXME use opcode macro */
328 0xeebf0f51, 0x0, &ttb
)) != ERROR_OK
)
336 void arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
337 int d_u_cache
, int i_cache
)
339 uint32_t cp15_control
;
341 /* read cp15 control register */
342 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
343 jtag_execute_queue();
346 cp15_control
&= ~0x1U
;
349 cp15_control
&= ~0x4U
;
352 cp15_control
&= ~0x1000U
;
354 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
358 void arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
359 int d_u_cache
, int i_cache
)
361 uint32_t cp15_control
;
363 /* read cp15 control register */
364 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
365 jtag_execute_queue();
368 cp15_control
|= 0x1U
;
371 cp15_control
|= 0x4U
;
374 cp15_control
|= 0x1000U
;
376 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
380 void arm920t_post_debug_entry(struct target
*target
)
383 struct arm920t_common
*arm920t
= target_to_arm920(target
);
385 /* examine cp15 control reg */
386 arm920t_read_cp15_physical(target
,
387 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
388 jtag_execute_queue();
389 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
391 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
393 uint32_t cache_type_reg
;
394 /* identify caches */
395 arm920t_read_cp15_physical(target
,
396 CP15PHYS_CACHETYPE
, &cache_type_reg
);
397 jtag_execute_queue();
398 armv4_5_identify_cache(cache_type_reg
,
399 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
402 arm920t
->armv4_5_mmu
.mmu_enabled
=
403 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
404 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
405 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
406 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
407 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
409 /* save i/d fault status and address register */
410 /* FIXME use opcode macros */
411 arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
412 arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
413 arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
414 arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
416 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
417 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
418 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
420 if (arm920t
->preserve_cache
)
422 /* read-modify-write CP15 test state register
423 * to disable I/D-cache linefills */
424 arm920t_read_cp15_physical(target
,
425 CP15PHYS_TESTSTATE
, &cp15c15
);
426 jtag_execute_queue();
428 arm920t_write_cp15_physical(target
,
429 CP15PHYS_TESTSTATE
, cp15c15
);
434 void arm920t_pre_restore_context(struct target
*target
)
437 struct arm920t_common
*arm920t
= target_to_arm920(target
);
439 /* restore i/d fault status and address register */
440 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
441 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
442 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
443 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
445 /* read-modify-write CP15 test state register
446 * to reenable I/D-cache linefills */
447 if (arm920t
->preserve_cache
)
449 arm920t_read_cp15_physical(target
,
450 CP15PHYS_TESTSTATE
, &cp15c15
);
451 jtag_execute_queue();
453 arm920t_write_cp15_physical(target
,
454 CP15PHYS_TESTSTATE
, cp15c15
);
458 static const char arm920_not
[] = "target is not an ARM920";
460 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
461 struct arm920t_common
*arm920t
)
463 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
464 command_print(cmd_ctx
, arm920_not
);
465 return ERROR_TARGET_INVALID
;
471 /** Logs summary of ARM920 state for a halted target. */
472 int arm920t_arch_state(struct target
*target
)
474 static const char *state
[] =
476 "disabled", "enabled"
479 struct arm920t_common
*arm920t
= target_to_arm920(target
);
482 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
)
484 LOG_ERROR("BUG: %s", arm920_not
);
485 return ERROR_TARGET_INVALID
;
488 armv4_5
= &arm920t
->arm7_9_common
.armv4_5_common
;
490 arm_arch_state(target
);
491 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
492 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
493 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
494 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
499 static int arm920_mmu(struct target
*target
, int *enabled
)
501 if (target
->state
!= TARGET_HALTED
) {
502 LOG_ERROR("%s: target not halted", __func__
);
503 return ERROR_TARGET_INVALID
;
506 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
510 static int arm920_virt2phys(struct target
*target
,
511 uint32_t virt
, uint32_t *phys
)
514 struct arm920t_common
*arm920t
= target_to_arm920(target
);
517 int retval
= armv4_5_mmu_translate_va(target
,
518 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
519 if (retval
!= ERROR_OK
)
525 /** Reads a buffer, in the specified word size, with current MMU settings. */
526 int arm920t_read_memory(struct target
*target
, uint32_t address
,
527 uint32_t size
, uint32_t count
, uint8_t *buffer
)
531 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
537 static int arm920t_read_phys_memory(struct target
*target
,
538 uint32_t address
, uint32_t size
,
539 uint32_t count
, uint8_t *buffer
)
541 struct arm920t_common
*arm920t
= target_to_arm920(target
);
543 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
544 address
, size
, count
, buffer
);
547 static int arm920t_write_phys_memory(struct target
*target
,
548 uint32_t address
, uint32_t size
,
549 uint32_t count
, uint8_t *buffer
)
551 struct arm920t_common
*arm920t
= target_to_arm920(target
);
553 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
554 address
, size
, count
, buffer
);
558 /** Writes a buffer, in the specified word size, with current MMU settings. */
559 int arm920t_write_memory(struct target
*target
, uint32_t address
,
560 uint32_t size
, uint32_t count
, uint8_t *buffer
)
563 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
564 struct arm920t_common
*arm920t
= target_to_arm920(target
);
566 /* FIX!!!! this should be cleaned up and made much more general. The
567 * plan is to write up and test on arm920t specifically and
568 * then generalize and clean up afterwards.
570 * Also it should be moved to the callbacks that handle breakpoints
571 * specifically and not the generic memory write fn's. See XScale code.
573 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
574 ((size
==2) || (size
==4)))
576 /* special case the handling of single word writes to
577 * bypass MMU, to allow implementation of breakpoints
578 * in memory marked read only
585 * We need physical address and cb
587 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
589 if (retval
!= ERROR_OK
)
592 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
596 LOG_DEBUG("D-Cache buffered, "
597 "drain write buffer");
600 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
603 retval
= arm920t_write_cp15_interpreted(target
,
604 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
606 if (retval
!= ERROR_OK
)
613 * Write back memory ? -> clean cache
615 * There is no way to clean cache lines using
616 * cp15 scan chain, so copy the full cache
617 * line from cache to physical memory.
621 LOG_DEBUG("D-Cache in 'write back' mode, "
624 retval
= target_read_memory(target
,
625 address
& cache_mask
, 1,
626 sizeof(data
), &data
[0]);
627 if (retval
!= ERROR_OK
)
630 retval
= armv4_5_mmu_write_physical(target
,
631 &arm920t
->armv4_5_mmu
,
633 sizeof(data
), &data
[0]);
634 if (retval
!= ERROR_OK
)
642 * Cached ? -> Invalidate data cache using MVA
644 * MCR p15,0,Rd,c7,c6,1
646 LOG_DEBUG("D-Cache enabled, "
647 "invalidate cache line");
649 retval
= arm920t_write_cp15_interpreted(target
,
650 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
651 address
& cache_mask
);
652 if (retval
!= ERROR_OK
)
657 /* write directly to physical memory,
658 * bypassing any read only MMU bits, etc.
660 retval
= armv4_5_mmu_write_physical(target
,
661 &arm920t
->armv4_5_mmu
, pa
, size
,
663 if (retval
!= ERROR_OK
)
667 if ((retval
= arm7_9_write_memory(target
, address
,
668 size
, count
, buffer
)) != ERROR_OK
)
672 /* If ICache is enabled, we have to invalidate affected ICache lines
673 * the DCache is forced to write-through,
674 * so we don't have to clean it here
676 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
680 /* invalidate ICache single entry with MVA
681 * mcr 15, 0, r0, cr7, cr5, {1}
683 LOG_DEBUG("I-Cache enabled, "
684 "invalidating affected I-Cache line");
685 retval
= arm920t_write_cp15_interpreted(target
,
686 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
687 0x0, address
& cache_mask
);
688 if (retval
!= ERROR_OK
)
694 * mcr 15, 0, r0, cr7, cr5, {0}
696 retval
= arm920t_write_cp15_interpreted(target
,
697 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
699 if (retval
!= ERROR_OK
)
708 int arm920t_soft_reset_halt(struct target
*target
)
710 int retval
= ERROR_OK
;
711 struct arm920t_common
*arm920t
= target_to_arm920(target
);
712 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
713 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
714 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
716 if ((retval
= target_halt(target
)) != ERROR_OK
)
721 long long then
= timeval_ms();
723 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
725 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1)
728 embeddedice_read_reg(dbg_stat
);
729 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
737 if (debug_level
>= 3)
739 /* do not eat all CPU, time out after 1 se*/
748 LOG_ERROR("Failed to halt CPU after 1 sec");
749 return ERROR_TARGET_TIMEOUT
;
752 target
->state
= TARGET_HALTED
;
754 /* SVC, ARM state, IRQ and FIQ disabled */
757 cpsr
= buf_get_u32(armv4_5
->cpsr
->value
, 0, 32);
760 arm_set_cpsr(armv4_5
, cpsr
);
761 armv4_5
->cpsr
->dirty
= 1;
763 /* start fetching from 0x0 */
764 buf_set_u32(armv4_5
->pc
->value
, 0, 32, 0x0);
765 armv4_5
->pc
->dirty
= 1;
766 armv4_5
->pc
->valid
= 1;
768 arm920t_disable_mmu_caches(target
, 1, 1, 1);
769 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
770 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
771 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
773 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
776 /* FIXME remove forward decls */
777 static int arm920t_mrc(struct target
*target
, int cpnum
,
778 uint32_t op1
, uint32_t op2
,
779 uint32_t CRn
, uint32_t CRm
,
781 static int arm920t_mcr(struct target
*target
, int cpnum
,
782 uint32_t op1
, uint32_t op2
,
783 uint32_t CRn
, uint32_t CRm
,
786 static int arm920t_init_arch_info(struct target
*target
,
787 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
789 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
791 arm7_9
->armv4_5_common
.mrc
= arm920t_mrc
;
792 arm7_9
->armv4_5_common
.mcr
= arm920t_mcr
;
794 /* initialize arm7/arm9 specific info (including armv4_5) */
795 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
797 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
799 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
800 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
802 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
803 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
804 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
805 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
806 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
807 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
808 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
809 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
811 /* disabling linefills leads to lockups, so keep them enabled for now
812 * this doesn't affect correctness, but might affect timing issues, if
813 * important data is evicted from the cache during the debug session
815 arm920t
->preserve_cache
= 0;
817 /* override hw single-step capability from ARM9TDMI */
818 arm7_9
->has_single_step
= 1;
823 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
825 struct arm920t_common
*arm920t
;
827 arm920t
= calloc(1,sizeof(struct arm920t_common
));
828 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
831 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
833 int retval
= ERROR_OK
;
834 struct target
*target
= get_current_target(CMD_CTX
);
835 struct arm920t_common
*arm920t
= target_to_arm920(target
);
836 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
837 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
839 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
841 uint32_t *regs_p
[16];
842 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
845 struct arm920t_cache_line d_cache
[8][64], i_cache
[8][64];
846 int segment
, index_t
;
849 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
850 if (retval
!= ERROR_OK
)
855 command_print(CMD_CTX
, "usage: arm920t read_cache <filename>");
859 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
861 LOG_DEBUG("error opening cache content file");
865 for (i
= 0; i
< 16; i
++)
866 regs_p
[i
] = ®s
[i
];
868 /* disable MMU and Caches */
869 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
870 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
874 cp15_ctrl_saved
= cp15_ctrl
;
875 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
876 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
877 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
879 /* read CP15 test state register */
880 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
881 jtag_execute_queue();
883 /* read DCache content */
884 fprintf(output
, "DCache:\n");
886 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
888 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
891 fprintf(output
, "\nsegment: %i\n----------", segment
);
893 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
894 regs
[0] = 0x0 | (segment
<< 5);
895 arm9tdmi_write_core_regs(target
, 0x1, regs
);
897 /* set interpret mode */
899 arm920t_write_cp15_physical(target
,
900 CP15PHYS_TESTSTATE
, cp15c15
);
902 /* D CAM Read, loads current victim into C15.C.D.Ind */
903 arm920t_execute_cp15(target
,
904 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
906 /* read current victim */
907 arm920t_read_cp15_physical(target
,
908 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
910 /* clear interpret mode */
912 arm920t_write_cp15_physical(target
,
913 CP15PHYS_TESTSTATE
, cp15c15
);
915 for (index_t
= 0; index_t
< 64; index_t
++)
918 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
920 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
921 arm9tdmi_write_core_regs(target
, 0x1, regs
);
923 /* set interpret mode */
925 arm920t_write_cp15_physical(target
,
926 CP15PHYS_TESTSTATE
, cp15c15
);
928 /* Write DCache victim */
929 arm920t_execute_cp15(target
,
930 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
933 arm920t_execute_cp15(target
,
934 ARMV4_5_MCR(15,2,0,15,10,2),
935 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
938 arm920t_execute_cp15(target
,
939 ARMV4_5_MCR(15,2,0,15,6,2),
942 /* clear interpret mode */
944 arm920t_write_cp15_physical(target
,
945 CP15PHYS_TESTSTATE
, cp15c15
);
947 /* read D RAM and CAM content */
948 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
949 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
954 d_cache
[segment
][index_t
].cam
= regs
[9];
957 regs
[9] &= 0xfffffffe;
958 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
959 PRIx32
", content (%s):\n",
960 segment
, index_t
, regs
[9],
961 (regs
[9] & 0x10) ? "valid" : "invalid");
963 for (i
= 1; i
< 9; i
++)
965 d_cache
[segment
][index_t
].data
[i
] = regs
[i
];
966 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
972 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
973 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
974 arm9tdmi_write_core_regs(target
, 0x1, regs
);
976 /* set interpret mode */
978 arm920t_write_cp15_physical(target
,
979 CP15PHYS_TESTSTATE
, cp15c15
);
981 /* Write DCache victim */
982 arm920t_execute_cp15(target
,
983 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
985 /* clear interpret mode */
987 arm920t_write_cp15_physical(target
,
988 CP15PHYS_TESTSTATE
, cp15c15
);
991 /* read ICache content */
992 fprintf(output
, "ICache:\n");
994 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
996 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
999 fprintf(output
, "segment: %i\n----------", segment
);
1001 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1002 regs
[0] = 0x0 | (segment
<< 5);
1003 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1005 /* set interpret mode */
1007 arm920t_write_cp15_physical(target
,
1008 CP15PHYS_TESTSTATE
, cp15c15
);
1010 /* I CAM Read, loads current victim into C15.C.I.Ind */
1011 arm920t_execute_cp15(target
,
1012 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1014 /* read current victim */
1015 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1018 /* clear interpret mode */
1020 arm920t_write_cp15_physical(target
,
1021 CP15PHYS_TESTSTATE
, cp15c15
);
1023 for (index_t
= 0; index_t
< 64; index_t
++)
1026 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1028 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1029 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1031 /* set interpret mode */
1033 arm920t_write_cp15_physical(target
,
1034 CP15PHYS_TESTSTATE
, cp15c15
);
1036 /* Write ICache victim */
1037 arm920t_execute_cp15(target
,
1038 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1041 arm920t_execute_cp15(target
,
1042 ARMV4_5_MCR(15,2,0,15,9,2),
1043 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1046 arm920t_execute_cp15(target
,
1047 ARMV4_5_MCR(15,2,0,15,5,2),
1050 /* clear interpret mode */
1052 arm920t_write_cp15_physical(target
,
1053 CP15PHYS_TESTSTATE
, cp15c15
);
1055 /* read I RAM and CAM content */
1056 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1057 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1062 i_cache
[segment
][index_t
].cam
= regs
[9];
1065 regs
[9] &= 0xfffffffe;
1066 fprintf(output
, "\nsegment: %i, index: %i, "
1067 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1068 segment
, index_t
, regs
[9],
1069 (regs
[9] & 0x10) ? "valid" : "invalid");
1071 for (i
= 1; i
< 9; i
++)
1073 i_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1074 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1079 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1080 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1081 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1083 /* set interpret mode */
1085 arm920t_write_cp15_physical(target
,
1086 CP15PHYS_TESTSTATE
, cp15c15
);
1088 /* Write ICache victim */
1089 arm920t_execute_cp15(target
,
1090 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1092 /* clear interpret mode */
1094 arm920t_write_cp15_physical(target
,
1095 CP15PHYS_TESTSTATE
, cp15c15
);
1098 /* restore CP15 MMU and Cache settings */
1099 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1101 command_print(CMD_CTX
, "cache content successfully output to %s",
1106 if (!is_arm_mode(armv4_5
->core_mode
))
1109 /* force writeback of the valid data */
1110 r
= armv4_5
->core_cache
->reg_list
;
1111 r
[0].dirty
= r
[0].valid
;
1112 r
[1].dirty
= r
[1].valid
;
1113 r
[2].dirty
= r
[2].valid
;
1114 r
[3].dirty
= r
[3].valid
;
1115 r
[4].dirty
= r
[4].valid
;
1116 r
[5].dirty
= r
[5].valid
;
1117 r
[6].dirty
= r
[6].valid
;
1118 r
[7].dirty
= r
[7].valid
;
1120 r
= arm_reg_current(armv4_5
, 8);
1121 r
->dirty
= r
->valid
;
1123 r
= arm_reg_current(armv4_5
, 9);
1124 r
->dirty
= r
->valid
;
1129 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1131 int retval
= ERROR_OK
;
1132 struct target
*target
= get_current_target(CMD_CTX
);
1133 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1134 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1135 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
1137 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1139 uint32_t *regs_p
[16];
1142 uint32_t Dlockdown
, Ilockdown
;
1143 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1147 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1148 if (retval
!= ERROR_OK
)
1153 command_print(CMD_CTX
, "usage: arm920t read_mmu <filename>");
1157 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
1159 LOG_DEBUG("error opening mmu content file");
1163 for (i
= 0; i
< 16; i
++)
1164 regs_p
[i
] = ®s
[i
];
1166 /* disable MMU and Caches */
1167 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1168 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1172 cp15_ctrl_saved
= cp15_ctrl
;
1173 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1174 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1175 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1177 /* read CP15 test state register */
1178 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1179 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1184 /* prepare reading D TLB content
1187 /* set interpret mode */
1189 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1191 /* Read D TLB lockdown */
1192 arm920t_execute_cp15(target
,
1193 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1195 /* clear interpret mode */
1197 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1199 /* read D TLB lockdown stored to r1 */
1200 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1201 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1205 Dlockdown
= regs
[1];
1207 for (victim
= 0; victim
< 64; victim
+= 8)
1209 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1210 * base remains unchanged, victim goes through entries 0 to 63
1212 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1213 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1215 /* set interpret mode */
1217 arm920t_write_cp15_physical(target
,
1218 CP15PHYS_TESTSTATE
, cp15c15
);
1220 /* Write D TLB lockdown */
1221 arm920t_execute_cp15(target
,
1222 ARMV4_5_MCR(15,0,0,10,0,0),
1225 /* Read D TLB CAM */
1226 arm920t_execute_cp15(target
,
1227 ARMV4_5_MCR(15,4,0,15,6,4),
1228 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1230 /* clear interpret mode */
1232 arm920t_write_cp15_physical(target
,
1233 CP15PHYS_TESTSTATE
, cp15c15
);
1235 /* read D TLB CAM content stored to r2-r9 */
1236 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1237 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1242 for (i
= 0; i
< 8; i
++)
1243 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1246 for (victim
= 0; victim
< 64; victim
++)
1248 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1249 * base remains unchanged, victim goes through entries 0 to 63
1251 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1252 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1254 /* set interpret mode */
1256 arm920t_write_cp15_physical(target
,
1257 CP15PHYS_TESTSTATE
, cp15c15
);
1259 /* Write D TLB lockdown */
1260 arm920t_execute_cp15(target
,
1261 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1263 /* Read D TLB RAM1 */
1264 arm920t_execute_cp15(target
,
1265 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1267 /* Read D TLB RAM2 */
1268 arm920t_execute_cp15(target
,
1269 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1271 /* clear interpret mode */
1273 arm920t_write_cp15_physical(target
,
1274 CP15PHYS_TESTSTATE
, cp15c15
);
1276 /* read D TLB RAM content stored to r2 and r3 */
1277 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1278 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1283 d_tlb
[victim
].ram1
= regs
[2];
1284 d_tlb
[victim
].ram2
= regs
[3];
1287 /* restore D TLB lockdown */
1288 regs
[1] = Dlockdown
;
1289 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1291 /* Write D TLB lockdown */
1292 arm920t_execute_cp15(target
,
1293 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1295 /* prepare reading I TLB content
1298 /* set interpret mode */
1300 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1302 /* Read I TLB lockdown */
1303 arm920t_execute_cp15(target
,
1304 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1306 /* clear interpret mode */
1308 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1310 /* read I TLB lockdown stored to r1 */
1311 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1312 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1316 Ilockdown
= regs
[1];
1318 for (victim
= 0; victim
< 64; victim
+= 8)
1320 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1321 * base remains unchanged, victim goes through entries 0 to 63
1323 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1324 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1326 /* set interpret mode */
1328 arm920t_write_cp15_physical(target
,
1329 CP15PHYS_TESTSTATE
, cp15c15
);
1331 /* Write I TLB lockdown */
1332 arm920t_execute_cp15(target
,
1333 ARMV4_5_MCR(15,0,0,10,0,1),
1336 /* Read I TLB CAM */
1337 arm920t_execute_cp15(target
,
1338 ARMV4_5_MCR(15,4,0,15,5,4),
1339 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1341 /* clear interpret mode */
1343 arm920t_write_cp15_physical(target
,
1344 CP15PHYS_TESTSTATE
, cp15c15
);
1346 /* read I TLB CAM content stored to r2-r9 */
1347 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1348 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1353 for (i
= 0; i
< 8; i
++)
1354 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1357 for (victim
= 0; victim
< 64; victim
++)
1359 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1360 * base remains unchanged, victim goes through entries 0 to 63
1362 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1363 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1365 /* set interpret mode */
1367 arm920t_write_cp15_physical(target
,
1368 CP15PHYS_TESTSTATE
, cp15c15
);
1370 /* Write I TLB lockdown */
1371 arm920t_execute_cp15(target
,
1372 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1374 /* Read I TLB RAM1 */
1375 arm920t_execute_cp15(target
,
1376 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1378 /* Read I TLB RAM2 */
1379 arm920t_execute_cp15(target
,
1380 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1382 /* clear interpret mode */
1384 arm920t_write_cp15_physical(target
,
1385 CP15PHYS_TESTSTATE
, cp15c15
);
1387 /* read I TLB RAM content stored to r2 and r3 */
1388 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1389 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1394 i_tlb
[victim
].ram1
= regs
[2];
1395 i_tlb
[victim
].ram2
= regs
[3];
1398 /* restore I TLB lockdown */
1399 regs
[1] = Ilockdown
;
1400 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1402 /* Write I TLB lockdown */
1403 arm920t_execute_cp15(target
,
1404 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1406 /* restore CP15 MMU and Cache settings */
1407 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1409 /* output data to file */
1410 fprintf(output
, "D TLB content:\n");
1411 for (i
= 0; i
< 64; i
++)
1413 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1414 " 0x%8.8" PRIx32
" %s\n",
1415 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1416 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1419 fprintf(output
, "\n\nI TLB content:\n");
1420 for (i
= 0; i
< 64; i
++)
1422 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1423 " 0x%8.8" PRIx32
" %s\n",
1424 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1425 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1428 command_print(CMD_CTX
, "mmu content successfully output to %s",
1433 if (!is_arm_mode(armv4_5
->core_mode
))
1436 /* force writeback of the valid data */
1437 r
= armv4_5
->core_cache
->reg_list
;
1438 r
[0].dirty
= r
[0].valid
;
1439 r
[1].dirty
= r
[1].valid
;
1440 r
[2].dirty
= r
[2].valid
;
1441 r
[3].dirty
= r
[3].valid
;
1442 r
[4].dirty
= r
[4].valid
;
1443 r
[5].dirty
= r
[5].valid
;
1444 r
[6].dirty
= r
[6].valid
;
1445 r
[7].dirty
= r
[7].valid
;
1447 r
= arm_reg_current(armv4_5
, 8);
1448 r
->dirty
= r
->valid
;
1450 r
= arm_reg_current(armv4_5
, 9);
1451 r
->dirty
= r
->valid
;
1456 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1459 struct target
*target
= get_current_target(CMD_CTX
);
1460 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1462 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1463 if (retval
!= ERROR_OK
)
1466 if (target
->state
!= TARGET_HALTED
)
1468 command_print(CMD_CTX
, "target must be stopped for "
1469 "\"%s\" command", CMD_NAME
);
1473 /* one argument, read a register.
1474 * two arguments, write it.
1479 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1484 if ((retval
= arm920t_read_cp15_physical(target
,
1485 address
, &value
)) != ERROR_OK
)
1487 command_print(CMD_CTX
,
1488 "couldn't access reg %i", address
);
1491 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1496 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1499 else if (CMD_ARGC
== 2)
1502 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1503 retval
= arm920t_write_cp15_physical(target
,
1505 if (retval
!= ERROR_OK
)
1507 command_print(CMD_CTX
,
1508 "couldn't access reg %i", address
);
1509 /* REVISIT why lie? "return retval"? */
1512 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1520 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1523 struct target
*target
= get_current_target(CMD_CTX
);
1524 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1526 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1527 if (retval
!= ERROR_OK
)
1531 if (target
->state
!= TARGET_HALTED
)
1533 command_print(CMD_CTX
, "target must be stopped for "
1534 "\"%s\" command", CMD_NAME
);
1538 /* one argument, read a register.
1539 * two arguments, write it.
1544 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1549 retval
= arm920t_read_cp15_interpreted(target
,
1550 opcode
, 0x0, &value
);
1551 if (retval
!= ERROR_OK
)
1553 command_print(CMD_CTX
,
1554 "couldn't execute %8.8" PRIx32
,
1556 /* REVISIT why lie? "return retval"? */
1560 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1563 else if (CMD_ARGC
== 2)
1566 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1567 retval
= arm920t_write_cp15_interpreted(target
,
1569 if (retval
!= ERROR_OK
)
1571 command_print(CMD_CTX
,
1572 "couldn't execute %8.8" PRIx32
,
1574 /* REVISIT why lie? "return retval"? */
1577 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1580 else if (CMD_ARGC
== 3)
1583 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1585 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1586 retval
= arm920t_write_cp15_interpreted(target
,
1587 opcode
, value
, address
);
1588 if (retval
!= ERROR_OK
)
1590 command_print(CMD_CTX
,
1591 "couldn't execute %8.8" PRIx32
, opcode
);
1592 /* REVISIT why lie? "return retval"? */
1595 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1596 " %8.8" PRIx32
, opcode
, value
, address
);
1601 command_print(CMD_CTX
,
1602 "usage: arm920t cp15i <opcode> [value] [address]");
1608 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1611 struct target
*target
= get_current_target(CMD_CTX
);
1612 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1614 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1615 if (retval
!= ERROR_OK
)
1618 return armv4_5_handle_cache_info_command(CMD_CTX
,
1619 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1623 static int arm920t_mrc(struct target
*target
, int cpnum
,
1624 uint32_t op1
, uint32_t op2
,
1625 uint32_t CRn
, uint32_t CRm
,
1630 LOG_ERROR("Only cp15 is supported");
1635 return arm920t_read_cp15_interpreted(target
,
1636 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1640 static int arm920t_mcr(struct target
*target
, int cpnum
,
1641 uint32_t op1
, uint32_t op2
,
1642 uint32_t CRn
, uint32_t CRm
,
1647 LOG_ERROR("Only cp15 is supported");
1651 /* write "from" r0 */
1652 return arm920t_write_cp15_interpreted(target
,
1653 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1657 static const struct command_registration arm920t_exec_command_handlers
[] = {
1660 .handler
= arm920t_handle_cp15_command
,
1661 .mode
= COMMAND_EXEC
,
1662 .help
= "display/modify cp15 register",
1663 .usage
= "regnum [value]",
1667 .handler
= arm920t_handle_cp15i_command
,
1668 .mode
= COMMAND_EXEC
,
1669 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1670 .help
= "display/modify cp15 register using ARM opcode"
1672 .usage
= "instruction [value [address]]",
1675 .name
= "cache_info",
1676 .handler
= arm920t_handle_cache_info_command
,
1677 .mode
= COMMAND_EXEC
,
1678 .help
= "display information about target caches",
1681 .name
= "read_cache",
1682 .handler
= arm920t_handle_read_cache_command
,
1683 .mode
= COMMAND_EXEC
,
1684 .help
= "dump I/D cache content to file",
1685 .usage
= "filename",
1689 .handler
= arm920t_handle_read_mmu_command
,
1690 .mode
= COMMAND_EXEC
,
1691 .help
= "dump I/D mmu content to file",
1692 .usage
= "filename",
1694 COMMAND_REGISTRATION_DONE
1696 const struct command_registration arm920t_command_handlers
[] = {
1698 .chain
= arm9tdmi_command_handlers
,
1702 .mode
= COMMAND_ANY
,
1703 .help
= "arm920t command group",
1704 .chain
= arm920t_exec_command_handlers
,
1706 COMMAND_REGISTRATION_DONE
1709 /** Holds methods for ARM920 targets. */
1710 struct target_type arm920t_target
=
1714 .poll
= arm7_9_poll
,
1715 .arch_state
= arm920t_arch_state
,
1717 .target_request_data
= arm7_9_target_request_data
,
1719 .halt
= arm7_9_halt
,
1720 .resume
= arm7_9_resume
,
1721 .step
= arm7_9_step
,
1723 .assert_reset
= arm7_9_assert_reset
,
1724 .deassert_reset
= arm7_9_deassert_reset
,
1725 .soft_reset_halt
= arm920t_soft_reset_halt
,
1727 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1729 .read_memory
= arm920t_read_memory
,
1730 .write_memory
= arm920t_write_memory
,
1731 .read_phys_memory
= arm920t_read_phys_memory
,
1732 .write_phys_memory
= arm920t_write_phys_memory
,
1734 .virt2phys
= arm920_virt2phys
,
1736 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1738 .checksum_memory
= arm_checksum_memory
,
1739 .blank_check_memory
= arm_blank_check_memory
,
1741 .run_algorithm
= armv4_5_run_algorithm
,
1743 .add_breakpoint
= arm7_9_add_breakpoint
,
1744 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1745 .add_watchpoint
= arm7_9_add_watchpoint
,
1746 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1748 .commands
= arm920t_command_handlers
,
1749 .target_create
= arm920t_target_create
,
1750 .init_target
= arm9tdmi_init_target
,
1751 .examine
= arm7_9_examine
,
1752 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)