1 /***************************************************************************
2 * Copyright (C) 2005 by Dominic Rath *
3 * Dominic.Rath@gmx.de *
5 * This program is free software; you can redistribute it and/or modify *
6 * it under the terms of the GNU General Public License as published by *
7 * the Free Software Foundation; either version 2 of the License, or *
8 * (at your option) any later version. *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the *
17 * Free Software Foundation, Inc., *
18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
19 ***************************************************************************/
25 #include <helper/time_support.h>
26 #include "target_type.h"
28 #include "arm_opcodes.h"
32 * For information about the ARM920T, see ARM DDI 0151C especially
33 * Chapter 9 about debug support, which shows how to manipulate each
34 * of the different scan chains:
36 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
37 * 1 ... debugging; watchpoint and breakpoint status, etc; also
38 * MMU and cache access in conjunction with scan chain 15
40 * 3 ... external boundary scan (SoC-specific, unused here)
41 * 4 ... access to cache tag RAM
43 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
44 * "interpreted" works with a few actual MRC/MCR instructions
45 * "physical" provides register-like behaviors. Section 9.6.7
46 * covers these details.
48 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
52 #define _DEBUG_INSTRUCTION_EXECUTION_
55 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
56 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
57 * JTAG scan, while reads use two.
59 * Table 9-9 lists the thirteen registers which support physical access.
60 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
61 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
67 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
69 /* Registers supporting physical Read access (from table 9-9) */
70 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
71 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
72 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
73 /* NOTE: several more registers support only physical read access */
75 /* Registers supporting physical Read/Write access (from table 9-9) */
76 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
77 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
78 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
79 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
80 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
82 static int arm920t_read_cp15_physical(struct target
*target
,
83 int reg_addr
, uint32_t *value
)
85 struct arm920t_common
*arm920t
= target_to_arm920(target
);
86 struct arm_jtag
*jtag_info
;
87 struct scan_field fields
[4];
88 uint8_t access_type_buf
= 1;
89 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
92 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
94 jtag_set_end_state(TAP_IDLE
);
95 arm_jtag_scann(jtag_info
, 0xf);
96 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
98 fields
[0].tap
= jtag_info
->tap
;
99 fields
[0].num_bits
= 1;
100 fields
[0].out_value
= &access_type_buf
;
101 fields
[0].in_value
= NULL
;
103 fields
[1].tap
= jtag_info
->tap
;
104 fields
[1].num_bits
= 32;
105 fields
[1].out_value
= NULL
;
106 fields
[1].in_value
= NULL
;
108 fields
[2].tap
= jtag_info
->tap
;
109 fields
[2].num_bits
= 6;
110 fields
[2].out_value
= ®_addr_buf
;
111 fields
[2].in_value
= NULL
;
113 fields
[3].tap
= jtag_info
->tap
;
114 fields
[3].num_bits
= 1;
115 fields
[3].out_value
= &nr_w_buf
;
116 fields
[3].in_value
= NULL
;
118 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
120 fields
[1].in_value
= (uint8_t *)value
;
122 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
124 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
126 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
127 jtag_execute_queue();
128 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
134 static int arm920t_write_cp15_physical(struct target
*target
,
135 int reg_addr
, uint32_t value
)
137 struct arm920t_common
*arm920t
= target_to_arm920(target
);
138 struct arm_jtag
*jtag_info
;
139 struct scan_field fields
[4];
140 uint8_t access_type_buf
= 1;
141 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
142 uint8_t nr_w_buf
= 1;
143 uint8_t value_buf
[4];
145 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
147 buf_set_u32(value_buf
, 0, 32, value
);
149 jtag_set_end_state(TAP_IDLE
);
150 arm_jtag_scann(jtag_info
, 0xf);
151 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
153 fields
[0].tap
= jtag_info
->tap
;
154 fields
[0].num_bits
= 1;
155 fields
[0].out_value
= &access_type_buf
;
156 fields
[0].in_value
= NULL
;
158 fields
[1].tap
= jtag_info
->tap
;
159 fields
[1].num_bits
= 32;
160 fields
[1].out_value
= value_buf
;
161 fields
[1].in_value
= NULL
;
163 fields
[2].tap
= jtag_info
->tap
;
164 fields
[2].num_bits
= 6;
165 fields
[2].out_value
= ®_addr_buf
;
166 fields
[2].in_value
= NULL
;
168 fields
[3].tap
= jtag_info
->tap
;
169 fields
[3].num_bits
= 1;
170 fields
[3].out_value
= &nr_w_buf
;
171 fields
[3].in_value
= NULL
;
173 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
175 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
176 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
182 /* See table 9-10 for scan chain 15 format during interpreted access mode.
183 * If the TESTSTATE register is set for interpreted access, certain CP15
184 * MRC and MCR instructions may be executed through scan chain 15.
186 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
187 * executed using scan chain 15 interpreted mode.
189 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
193 struct arm920t_common
*arm920t
= target_to_arm920(target
);
194 struct arm_jtag
*jtag_info
;
195 struct scan_field fields
[4];
196 uint8_t access_type_buf
= 0; /* interpreted access */
197 uint8_t reg_addr_buf
= 0x0;
198 uint8_t nr_w_buf
= 0;
199 uint8_t cp15_opcode_buf
[4];
201 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
203 jtag_set_end_state(TAP_IDLE
);
204 arm_jtag_scann(jtag_info
, 0xf);
205 arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
);
207 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
209 fields
[0].tap
= jtag_info
->tap
;
210 fields
[0].num_bits
= 1;
211 fields
[0].out_value
= &access_type_buf
;
212 fields
[0].in_value
= NULL
;
214 fields
[1].tap
= jtag_info
->tap
;
215 fields
[1].num_bits
= 32;
216 fields
[1].out_value
= cp15_opcode_buf
;
217 fields
[1].in_value
= NULL
;
219 fields
[2].tap
= jtag_info
->tap
;
220 fields
[2].num_bits
= 6;
221 fields
[2].out_value
= ®_addr_buf
;
222 fields
[2].in_value
= NULL
;
224 fields
[3].tap
= jtag_info
->tap
;
225 fields
[3].num_bits
= 1;
226 fields
[3].out_value
= &nr_w_buf
;
227 fields
[3].in_value
= NULL
;
229 jtag_add_dr_scan(4, fields
, jtag_get_end_state());
231 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
232 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
233 retval
= arm7_9_execute_sys_speed(target
);
234 if (retval
!= ERROR_OK
)
237 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
239 LOG_ERROR("failed executing JTAG queue");
246 static int arm920t_read_cp15_interpreted(struct target
*target
,
247 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
249 struct arm
*armv4_5
= target_to_arm(target
);
252 uint32_t cp15c15
= 0x0;
253 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
255 /* load address into R1 */
257 arm9tdmi_write_core_regs(target
, 0x2, regs
);
259 /* read-modify-write CP15 test state register
260 * to enable interpreted access mode */
261 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
262 jtag_execute_queue();
263 cp15c15
|= 1; /* set interpret mode */
264 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
266 /* execute CP15 instruction and ARM load (reading from coprocessor) */
267 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
269 /* disable interpreted access mode */
270 cp15c15
&= ~1U; /* clear interpret mode */
271 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
273 /* retrieve value from R0 */
275 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
276 jtag_execute_queue();
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
280 cp15_opcode
, address
, *value
);
283 if (!is_arm_mode(armv4_5
->core_mode
))
293 int arm920t_write_cp15_interpreted(struct target
*target
,
294 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
296 uint32_t cp15c15
= 0x0;
297 struct arm
*armv4_5
= target_to_arm(target
);
299 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
301 /* load value, address into R0, R1 */
304 arm9tdmi_write_core_regs(target
, 0x3, regs
);
306 /* read-modify-write CP15 test state register
307 * to enable interpreted access mode */
308 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
309 jtag_execute_queue();
310 cp15c15
|= 1; /* set interpret mode */
311 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
313 /* execute CP15 instruction and ARM store (writing to coprocessor) */
314 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
316 /* disable interpreted access mode */
317 cp15c15
&= ~1U; /* set interpret mode */
318 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
320 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
321 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
322 cp15_opcode
, value
, address
);
325 if (!is_arm_mode(armv4_5
->core_mode
))
335 uint32_t arm920t_get_ttb(struct target
*target
)
340 if ((retval
= arm920t_read_cp15_interpreted(target
,
341 /* FIXME use opcode macro */
342 0xeebf0f51, 0x0, &ttb
)) != ERROR_OK
)
349 void arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
350 int d_u_cache
, int i_cache
)
352 uint32_t cp15_control
;
354 /* read cp15 control register */
355 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
356 jtag_execute_queue();
359 cp15_control
&= ~0x1U
;
362 cp15_control
&= ~0x4U
;
365 cp15_control
&= ~0x1000U
;
367 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
371 void arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
372 int d_u_cache
, int i_cache
)
374 uint32_t cp15_control
;
376 /* read cp15 control register */
377 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
378 jtag_execute_queue();
381 cp15_control
|= 0x1U
;
384 cp15_control
|= 0x4U
;
387 cp15_control
|= 0x1000U
;
389 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
393 void arm920t_post_debug_entry(struct target
*target
)
396 struct arm920t_common
*arm920t
= target_to_arm920(target
);
398 /* examine cp15 control reg */
399 arm920t_read_cp15_physical(target
,
400 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
401 jtag_execute_queue();
402 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
404 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
406 uint32_t cache_type_reg
;
407 /* identify caches */
408 arm920t_read_cp15_physical(target
,
409 CP15PHYS_CACHETYPE
, &cache_type_reg
);
410 jtag_execute_queue();
411 armv4_5_identify_cache(cache_type_reg
,
412 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
415 arm920t
->armv4_5_mmu
.mmu_enabled
=
416 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
417 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
418 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
419 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
420 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
422 /* save i/d fault status and address register */
423 /* FIXME use opcode macros */
424 arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
425 arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
426 arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
427 arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
429 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
430 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
431 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
433 if (arm920t
->preserve_cache
)
435 /* read-modify-write CP15 test state register
436 * to disable I/D-cache linefills */
437 arm920t_read_cp15_physical(target
,
438 CP15PHYS_TESTSTATE
, &cp15c15
);
439 jtag_execute_queue();
441 arm920t_write_cp15_physical(target
,
442 CP15PHYS_TESTSTATE
, cp15c15
);
447 void arm920t_pre_restore_context(struct target
*target
)
450 struct arm920t_common
*arm920t
= target_to_arm920(target
);
452 /* restore i/d fault status and address register */
453 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
454 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
455 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
456 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
458 /* read-modify-write CP15 test state register
459 * to reenable I/D-cache linefills */
460 if (arm920t
->preserve_cache
)
462 arm920t_read_cp15_physical(target
,
463 CP15PHYS_TESTSTATE
, &cp15c15
);
464 jtag_execute_queue();
466 arm920t_write_cp15_physical(target
,
467 CP15PHYS_TESTSTATE
, cp15c15
);
471 static const char arm920_not
[] = "target is not an ARM920";
473 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
474 struct arm920t_common
*arm920t
)
476 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
477 command_print(cmd_ctx
, arm920_not
);
478 return ERROR_TARGET_INVALID
;
484 /** Logs summary of ARM920 state for a halted target. */
485 int arm920t_arch_state(struct target
*target
)
487 static const char *state
[] =
489 "disabled", "enabled"
492 struct arm920t_common
*arm920t
= target_to_arm920(target
);
495 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
)
497 LOG_ERROR("BUG: %s", arm920_not
);
498 return ERROR_TARGET_INVALID
;
501 armv4_5
= &arm920t
->arm7_9_common
.armv4_5_common
;
503 arm_arch_state(target
);
504 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
505 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
506 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
507 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
512 static int arm920_mmu(struct target
*target
, int *enabled
)
514 if (target
->state
!= TARGET_HALTED
) {
515 LOG_ERROR("%s: target not halted", __func__
);
516 return ERROR_TARGET_INVALID
;
519 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
523 static int arm920_virt2phys(struct target
*target
,
524 uint32_t virt
, uint32_t *phys
)
530 struct arm920t_common
*arm920t
= target_to_arm920(target
);
532 uint32_t ret
= armv4_5_mmu_translate_va(target
,
533 &arm920t
->armv4_5_mmu
, virt
, &type
, &cb
, &domain
, &ap
);
542 /** Reads a buffer, in the specified word size, with current MMU settings. */
543 int arm920t_read_memory(struct target
*target
, uint32_t address
,
544 uint32_t size
, uint32_t count
, uint8_t *buffer
)
548 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
554 static int arm920t_read_phys_memory(struct target
*target
,
555 uint32_t address
, uint32_t size
,
556 uint32_t count
, uint8_t *buffer
)
558 struct arm920t_common
*arm920t
= target_to_arm920(target
);
560 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
561 address
, size
, count
, buffer
);
564 static int arm920t_write_phys_memory(struct target
*target
,
565 uint32_t address
, uint32_t size
,
566 uint32_t count
, uint8_t *buffer
)
568 struct arm920t_common
*arm920t
= target_to_arm920(target
);
570 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
571 address
, size
, count
, buffer
);
575 /** Writes a buffer, in the specified word size, with current MMU settings. */
576 int arm920t_write_memory(struct target
*target
, uint32_t address
,
577 uint32_t size
, uint32_t count
, uint8_t *buffer
)
580 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
581 struct arm920t_common
*arm920t
= target_to_arm920(target
);
583 /* FIX!!!! this should be cleaned up and made much more general. The
584 * plan is to write up and test on arm920t specifically and
585 * then generalize and clean up afterwards. */
586 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
587 ((size
==2) || (size
==4)))
589 /* special case the handling of single word writes to
590 * bypass MMU, to allow implementation of breakpoints
591 * in memory marked read only
601 * We need physical address and cb
603 pa
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
604 address
, &type
, &cb
, &domain
, &ap
);
608 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
612 LOG_DEBUG("D-Cache buffered, "
613 "drain write buffer");
616 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
619 retval
= arm920t_write_cp15_interpreted(target
,
620 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
622 if (retval
!= ERROR_OK
)
629 * Write back memory ? -> clean cache
631 * There is no way to clean cache lines using
632 * cp15 scan chain, so copy the full cache
633 * line from cache to physical memory.
637 LOG_DEBUG("D-Cache in 'write back' mode, "
640 retval
= target_read_memory(target
,
641 address
& cache_mask
, 1,
642 sizeof(data
), &data
[0]);
643 if (retval
!= ERROR_OK
)
646 retval
= armv4_5_mmu_write_physical(target
,
647 &arm920t
->armv4_5_mmu
,
649 sizeof(data
), &data
[0]);
650 if (retval
!= ERROR_OK
)
658 * Cached ? -> Invalidate data cache using MVA
660 * MCR p15,0,Rd,c7,c6,1
662 LOG_DEBUG("D-Cache enabled, "
663 "invalidate cache line");
665 retval
= arm920t_write_cp15_interpreted(target
,
666 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
667 address
& cache_mask
);
668 if (retval
!= ERROR_OK
)
673 /* write directly to physical memory,
674 * bypassing any read only MMU bits, etc.
676 retval
= armv4_5_mmu_write_physical(target
,
677 &arm920t
->armv4_5_mmu
, pa
, size
,
679 if (retval
!= ERROR_OK
)
683 if ((retval
= arm7_9_write_memory(target
, address
,
684 size
, count
, buffer
)) != ERROR_OK
)
688 /* If ICache is enabled, we have to invalidate affected ICache lines
689 * the DCache is forced to write-through,
690 * so we don't have to clean it here
692 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
696 /* invalidate ICache single entry with MVA
697 * mcr 15, 0, r0, cr7, cr5, {1}
699 LOG_DEBUG("I-Cache enabled, "
700 "invalidating affected I-Cache line");
701 retval
= arm920t_write_cp15_interpreted(target
,
702 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
703 0x0, address
& cache_mask
);
704 if (retval
!= ERROR_OK
)
710 * mcr 15, 0, r0, cr7, cr5, {0}
712 retval
= arm920t_write_cp15_interpreted(target
,
713 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
715 if (retval
!= ERROR_OK
)
724 int arm920t_soft_reset_halt(struct target
*target
)
726 int retval
= ERROR_OK
;
727 struct arm920t_common
*arm920t
= target_to_arm920(target
);
728 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
729 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
730 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
732 if ((retval
= target_halt(target
)) != ERROR_OK
)
737 long long then
= timeval_ms();
739 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
741 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1)
744 embeddedice_read_reg(dbg_stat
);
745 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
753 if (debug_level
>= 3)
755 /* do not eat all CPU, time out after 1 se*/
764 LOG_ERROR("Failed to halt CPU after 1 sec");
765 return ERROR_TARGET_TIMEOUT
;
768 target
->state
= TARGET_HALTED
;
770 /* SVC, ARM state, IRQ and FIQ disabled */
773 cpsr
= buf_get_u32(armv4_5
->cpsr
->value
, 0, 32);
776 arm_set_cpsr(armv4_5
, cpsr
);
777 armv4_5
->cpsr
->dirty
= 1;
779 /* start fetching from 0x0 */
780 buf_set_u32(armv4_5
->core_cache
->reg_list
[15].value
, 0, 32, 0x0);
781 armv4_5
->core_cache
->reg_list
[15].dirty
= 1;
782 armv4_5
->core_cache
->reg_list
[15].valid
= 1;
784 arm920t_disable_mmu_caches(target
, 1, 1, 1);
785 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
786 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
787 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
789 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
792 /* FIXME remove forward decls */
793 static int arm920t_mrc(struct target
*target
, int cpnum
,
794 uint32_t op1
, uint32_t op2
,
795 uint32_t CRn
, uint32_t CRm
,
797 static int arm920t_mcr(struct target
*target
, int cpnum
,
798 uint32_t op1
, uint32_t op2
,
799 uint32_t CRn
, uint32_t CRm
,
802 int arm920t_init_arch_info(struct target
*target
,
803 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
805 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
807 arm7_9
->armv4_5_common
.mrc
= arm920t_mrc
;
808 arm7_9
->armv4_5_common
.mcr
= arm920t_mcr
;
810 /* initialize arm7/arm9 specific info (including armv4_5) */
811 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
813 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
815 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
816 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
818 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
819 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
820 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
821 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
822 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
823 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
824 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
825 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
827 /* disabling linefills leads to lockups, so keep them enabled for now
828 * this doesn't affect correctness, but might affect timing issues, if
829 * important data is evicted from the cache during the debug session
831 arm920t
->preserve_cache
= 0;
833 /* override hw single-step capability from ARM9TDMI */
834 arm7_9
->has_single_step
= 1;
839 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
841 struct arm920t_common
*arm920t
;
843 arm920t
= calloc(1,sizeof(struct arm920t_common
));
844 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
847 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
849 int retval
= ERROR_OK
;
850 struct target
*target
= get_current_target(CMD_CTX
);
851 struct arm920t_common
*arm920t
= target_to_arm920(target
);
852 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
853 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
855 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
857 uint32_t *regs_p
[16];
858 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
861 struct arm920t_cache_line d_cache
[8][64], i_cache
[8][64];
865 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
866 if (retval
!= ERROR_OK
)
871 command_print(CMD_CTX
, "usage: arm920t read_cache <filename>");
875 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
877 LOG_DEBUG("error opening cache content file");
881 for (i
= 0; i
< 16; i
++)
882 regs_p
[i
] = ®s
[i
];
884 /* disable MMU and Caches */
885 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
886 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
890 cp15_ctrl_saved
= cp15_ctrl
;
891 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
892 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
893 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
895 /* read CP15 test state register */
896 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
897 jtag_execute_queue();
899 /* read DCache content */
900 fprintf(output
, "DCache:\n");
902 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
904 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
907 fprintf(output
, "\nsegment: %i\n----------", segment
);
909 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
910 regs
[0] = 0x0 | (segment
<< 5);
911 arm9tdmi_write_core_regs(target
, 0x1, regs
);
913 /* set interpret mode */
915 arm920t_write_cp15_physical(target
,
916 CP15PHYS_TESTSTATE
, cp15c15
);
918 /* D CAM Read, loads current victim into C15.C.D.Ind */
919 arm920t_execute_cp15(target
,
920 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
922 /* read current victim */
923 arm920t_read_cp15_physical(target
,
924 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
926 /* clear interpret mode */
928 arm920t_write_cp15_physical(target
,
929 CP15PHYS_TESTSTATE
, cp15c15
);
931 for (index
= 0; index
< 64; index
++)
934 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
936 regs
[0] = 0x0 | (segment
<< 5) | (index
<< 26);
937 arm9tdmi_write_core_regs(target
, 0x1, regs
);
939 /* set interpret mode */
941 arm920t_write_cp15_physical(target
,
942 CP15PHYS_TESTSTATE
, cp15c15
);
944 /* Write DCache victim */
945 arm920t_execute_cp15(target
,
946 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
949 arm920t_execute_cp15(target
,
950 ARMV4_5_MCR(15,2,0,15,10,2),
951 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
954 arm920t_execute_cp15(target
,
955 ARMV4_5_MCR(15,2,0,15,6,2),
958 /* clear interpret mode */
960 arm920t_write_cp15_physical(target
,
961 CP15PHYS_TESTSTATE
, cp15c15
);
963 /* read D RAM and CAM content */
964 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
965 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
970 d_cache
[segment
][index
].cam
= regs
[9];
973 regs
[9] &= 0xfffffffe;
974 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
975 PRIx32
", content (%s):\n",
976 segment
, index
, regs
[9],
977 (regs
[9] & 0x10) ? "valid" : "invalid");
979 for (i
= 1; i
< 9; i
++)
981 d_cache
[segment
][index
].data
[i
] = regs
[i
];
982 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
988 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
989 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
990 arm9tdmi_write_core_regs(target
, 0x1, regs
);
992 /* set interpret mode */
994 arm920t_write_cp15_physical(target
,
995 CP15PHYS_TESTSTATE
, cp15c15
);
997 /* Write DCache victim */
998 arm920t_execute_cp15(target
,
999 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
1001 /* clear interpret mode */
1003 arm920t_write_cp15_physical(target
,
1004 CP15PHYS_TESTSTATE
, cp15c15
);
1007 /* read ICache content */
1008 fprintf(output
, "ICache:\n");
1010 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1012 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1015 fprintf(output
, "segment: %i\n----------", segment
);
1017 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1018 regs
[0] = 0x0 | (segment
<< 5);
1019 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1021 /* set interpret mode */
1023 arm920t_write_cp15_physical(target
,
1024 CP15PHYS_TESTSTATE
, cp15c15
);
1026 /* I CAM Read, loads current victim into C15.C.I.Ind */
1027 arm920t_execute_cp15(target
,
1028 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1030 /* read current victim */
1031 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1034 /* clear interpret mode */
1036 arm920t_write_cp15_physical(target
,
1037 CP15PHYS_TESTSTATE
, cp15c15
);
1039 for (index
= 0; index
< 64; index
++)
1042 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1044 regs
[0] = 0x0 | (segment
<< 5) | (index
<< 26);
1045 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1047 /* set interpret mode */
1049 arm920t_write_cp15_physical(target
,
1050 CP15PHYS_TESTSTATE
, cp15c15
);
1052 /* Write ICache victim */
1053 arm920t_execute_cp15(target
,
1054 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1057 arm920t_execute_cp15(target
,
1058 ARMV4_5_MCR(15,2,0,15,9,2),
1059 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1062 arm920t_execute_cp15(target
,
1063 ARMV4_5_MCR(15,2,0,15,5,2),
1066 /* clear interpret mode */
1068 arm920t_write_cp15_physical(target
,
1069 CP15PHYS_TESTSTATE
, cp15c15
);
1071 /* read I RAM and CAM content */
1072 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1073 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1078 i_cache
[segment
][index
].cam
= regs
[9];
1081 regs
[9] &= 0xfffffffe;
1082 fprintf(output
, "\nsegment: %i, index: %i, "
1083 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1084 segment
, index
, regs
[9],
1085 (regs
[9] & 0x10) ? "valid" : "invalid");
1087 for (i
= 1; i
< 9; i
++)
1089 i_cache
[segment
][index
].data
[i
] = regs
[i
];
1090 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1095 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1096 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1097 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1099 /* set interpret mode */
1101 arm920t_write_cp15_physical(target
,
1102 CP15PHYS_TESTSTATE
, cp15c15
);
1104 /* Write ICache victim */
1105 arm920t_execute_cp15(target
,
1106 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1108 /* clear interpret mode */
1110 arm920t_write_cp15_physical(target
,
1111 CP15PHYS_TESTSTATE
, cp15c15
);
1114 /* restore CP15 MMU and Cache settings */
1115 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1117 command_print(CMD_CTX
, "cache content successfully output to %s",
1122 if (!is_arm_mode(armv4_5
->core_mode
))
1125 /* force writeback of the valid data */
1126 r
= armv4_5
->core_cache
->reg_list
;
1127 r
[0].dirty
= r
[0].valid
;
1128 r
[1].dirty
= r
[1].valid
;
1129 r
[2].dirty
= r
[2].valid
;
1130 r
[3].dirty
= r
[3].valid
;
1131 r
[4].dirty
= r
[4].valid
;
1132 r
[5].dirty
= r
[5].valid
;
1133 r
[6].dirty
= r
[6].valid
;
1134 r
[7].dirty
= r
[7].valid
;
1136 r
= arm_reg_current(armv4_5
, 8);
1137 r
->dirty
= r
->valid
;
1139 r
= arm_reg_current(armv4_5
, 9);
1140 r
->dirty
= r
->valid
;
1145 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1147 int retval
= ERROR_OK
;
1148 struct target
*target
= get_current_target(CMD_CTX
);
1149 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1150 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1151 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
1153 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1155 uint32_t *regs_p
[16];
1158 uint32_t Dlockdown
, Ilockdown
;
1159 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1163 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1164 if (retval
!= ERROR_OK
)
1169 command_print(CMD_CTX
, "usage: arm920t read_mmu <filename>");
1173 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
1175 LOG_DEBUG("error opening mmu content file");
1179 for (i
= 0; i
< 16; i
++)
1180 regs_p
[i
] = ®s
[i
];
1182 /* disable MMU and Caches */
1183 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1184 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1188 cp15_ctrl_saved
= cp15_ctrl
;
1189 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1190 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1191 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1193 /* read CP15 test state register */
1194 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1195 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1200 /* prepare reading D TLB content
1203 /* set interpret mode */
1205 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1207 /* Read D TLB lockdown */
1208 arm920t_execute_cp15(target
,
1209 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1211 /* clear interpret mode */
1213 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1215 /* read D TLB lockdown stored to r1 */
1216 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1217 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1221 Dlockdown
= regs
[1];
1223 for (victim
= 0; victim
< 64; victim
+= 8)
1225 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1226 * base remains unchanged, victim goes through entries 0 to 63
1228 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1229 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1231 /* set interpret mode */
1233 arm920t_write_cp15_physical(target
,
1234 CP15PHYS_TESTSTATE
, cp15c15
);
1236 /* Write D TLB lockdown */
1237 arm920t_execute_cp15(target
,
1238 ARMV4_5_MCR(15,0,0,10,0,0),
1241 /* Read D TLB CAM */
1242 arm920t_execute_cp15(target
,
1243 ARMV4_5_MCR(15,4,0,15,6,4),
1244 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1246 /* clear interpret mode */
1248 arm920t_write_cp15_physical(target
,
1249 CP15PHYS_TESTSTATE
, cp15c15
);
1251 /* read D TLB CAM content stored to r2-r9 */
1252 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1253 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1258 for (i
= 0; i
< 8; i
++)
1259 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1262 for (victim
= 0; victim
< 64; victim
++)
1264 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1265 * base remains unchanged, victim goes through entries 0 to 63
1267 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1268 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1270 /* set interpret mode */
1272 arm920t_write_cp15_physical(target
,
1273 CP15PHYS_TESTSTATE
, cp15c15
);
1275 /* Write D TLB lockdown */
1276 arm920t_execute_cp15(target
,
1277 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1279 /* Read D TLB RAM1 */
1280 arm920t_execute_cp15(target
,
1281 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1283 /* Read D TLB RAM2 */
1284 arm920t_execute_cp15(target
,
1285 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1287 /* clear interpret mode */
1289 arm920t_write_cp15_physical(target
,
1290 CP15PHYS_TESTSTATE
, cp15c15
);
1292 /* read D TLB RAM content stored to r2 and r3 */
1293 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1294 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1299 d_tlb
[victim
].ram1
= regs
[2];
1300 d_tlb
[victim
].ram2
= regs
[3];
1303 /* restore D TLB lockdown */
1304 regs
[1] = Dlockdown
;
1305 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1307 /* Write D TLB lockdown */
1308 arm920t_execute_cp15(target
,
1309 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1311 /* prepare reading I TLB content
1314 /* set interpret mode */
1316 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1318 /* Read I TLB lockdown */
1319 arm920t_execute_cp15(target
,
1320 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1322 /* clear interpret mode */
1324 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1326 /* read I TLB lockdown stored to r1 */
1327 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1328 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1332 Ilockdown
= regs
[1];
1334 for (victim
= 0; victim
< 64; victim
+= 8)
1336 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1337 * base remains unchanged, victim goes through entries 0 to 63
1339 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1340 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1342 /* set interpret mode */
1344 arm920t_write_cp15_physical(target
,
1345 CP15PHYS_TESTSTATE
, cp15c15
);
1347 /* Write I TLB lockdown */
1348 arm920t_execute_cp15(target
,
1349 ARMV4_5_MCR(15,0,0,10,0,1),
1352 /* Read I TLB CAM */
1353 arm920t_execute_cp15(target
,
1354 ARMV4_5_MCR(15,4,0,15,5,4),
1355 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1357 /* clear interpret mode */
1359 arm920t_write_cp15_physical(target
,
1360 CP15PHYS_TESTSTATE
, cp15c15
);
1362 /* read I TLB CAM content stored to r2-r9 */
1363 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1364 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1369 for (i
= 0; i
< 8; i
++)
1370 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1373 for (victim
= 0; victim
< 64; victim
++)
1375 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1376 * base remains unchanged, victim goes through entries 0 to 63
1378 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1379 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1381 /* set interpret mode */
1383 arm920t_write_cp15_physical(target
,
1384 CP15PHYS_TESTSTATE
, cp15c15
);
1386 /* Write I TLB lockdown */
1387 arm920t_execute_cp15(target
,
1388 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1390 /* Read I TLB RAM1 */
1391 arm920t_execute_cp15(target
,
1392 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1394 /* Read I TLB RAM2 */
1395 arm920t_execute_cp15(target
,
1396 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1398 /* clear interpret mode */
1400 arm920t_write_cp15_physical(target
,
1401 CP15PHYS_TESTSTATE
, cp15c15
);
1403 /* read I TLB RAM content stored to r2 and r3 */
1404 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1405 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1410 i_tlb
[victim
].ram1
= regs
[2];
1411 i_tlb
[victim
].ram2
= regs
[3];
1414 /* restore I TLB lockdown */
1415 regs
[1] = Ilockdown
;
1416 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1418 /* Write I TLB lockdown */
1419 arm920t_execute_cp15(target
,
1420 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1422 /* restore CP15 MMU and Cache settings */
1423 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1425 /* output data to file */
1426 fprintf(output
, "D TLB content:\n");
1427 for (i
= 0; i
< 64; i
++)
1429 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1430 " 0x%8.8" PRIx32
" %s\n",
1431 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1432 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1435 fprintf(output
, "\n\nI TLB content:\n");
1436 for (i
= 0; i
< 64; i
++)
1438 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1439 " 0x%8.8" PRIx32
" %s\n",
1440 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1441 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1444 command_print(CMD_CTX
, "mmu content successfully output to %s",
1449 if (!is_arm_mode(armv4_5
->core_mode
))
1452 /* force writeback of the valid data */
1453 r
= armv4_5
->core_cache
->reg_list
;
1454 r
[0].dirty
= r
[0].valid
;
1455 r
[1].dirty
= r
[1].valid
;
1456 r
[2].dirty
= r
[2].valid
;
1457 r
[3].dirty
= r
[3].valid
;
1458 r
[4].dirty
= r
[4].valid
;
1459 r
[5].dirty
= r
[5].valid
;
1460 r
[6].dirty
= r
[6].valid
;
1461 r
[7].dirty
= r
[7].valid
;
1463 r
= arm_reg_current(armv4_5
, 8);
1464 r
->dirty
= r
->valid
;
1466 r
= arm_reg_current(armv4_5
, 9);
1467 r
->dirty
= r
->valid
;
1472 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1475 struct target
*target
= get_current_target(CMD_CTX
);
1476 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1478 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1479 if (retval
!= ERROR_OK
)
1482 if (target
->state
!= TARGET_HALTED
)
1484 command_print(CMD_CTX
, "target must be stopped for "
1485 "\"%s\" command", CMD_NAME
);
1489 /* one argument, read a register.
1490 * two arguments, write it.
1495 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1500 if ((retval
= arm920t_read_cp15_physical(target
,
1501 address
, &value
)) != ERROR_OK
)
1503 command_print(CMD_CTX
,
1504 "couldn't access reg %i", address
);
1507 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1512 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1515 else if (CMD_ARGC
== 2)
1518 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1519 retval
= arm920t_write_cp15_physical(target
,
1521 if (retval
!= ERROR_OK
)
1523 command_print(CMD_CTX
,
1524 "couldn't access reg %i", address
);
1525 /* REVISIT why lie? "return retval"? */
1528 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1536 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1539 struct target
*target
= get_current_target(CMD_CTX
);
1540 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1542 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1543 if (retval
!= ERROR_OK
)
1547 if (target
->state
!= TARGET_HALTED
)
1549 command_print(CMD_CTX
, "target must be stopped for "
1550 "\"%s\" command", CMD_NAME
);
1554 /* one argument, read a register.
1555 * two arguments, write it.
1560 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1565 retval
= arm920t_read_cp15_interpreted(target
,
1566 opcode
, 0x0, &value
);
1567 if (retval
!= ERROR_OK
)
1569 command_print(CMD_CTX
,
1570 "couldn't execute %8.8" PRIx32
,
1572 /* REVISIT why lie? "return retval"? */
1576 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1579 else if (CMD_ARGC
== 2)
1582 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1583 retval
= arm920t_write_cp15_interpreted(target
,
1585 if (retval
!= ERROR_OK
)
1587 command_print(CMD_CTX
,
1588 "couldn't execute %8.8" PRIx32
,
1590 /* REVISIT why lie? "return retval"? */
1593 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1596 else if (CMD_ARGC
== 3)
1599 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1601 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1602 retval
= arm920t_write_cp15_interpreted(target
,
1603 opcode
, value
, address
);
1604 if (retval
!= ERROR_OK
)
1606 command_print(CMD_CTX
,
1607 "couldn't execute %8.8" PRIx32
, opcode
);
1608 /* REVISIT why lie? "return retval"? */
1611 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1612 " %8.8" PRIx32
, opcode
, value
, address
);
1617 command_print(CMD_CTX
,
1618 "usage: arm920t cp15i <opcode> [value] [address]");
1624 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1627 struct target
*target
= get_current_target(CMD_CTX
);
1628 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1630 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1631 if (retval
!= ERROR_OK
)
1634 return armv4_5_handle_cache_info_command(CMD_CTX
,
1635 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1639 static int arm920t_mrc(struct target
*target
, int cpnum
,
1640 uint32_t op1
, uint32_t op2
,
1641 uint32_t CRn
, uint32_t CRm
,
1646 LOG_ERROR("Only cp15 is supported");
1651 return arm920t_read_cp15_interpreted(target
,
1652 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1656 static int arm920t_mcr(struct target
*target
, int cpnum
,
1657 uint32_t op1
, uint32_t op2
,
1658 uint32_t CRn
, uint32_t CRm
,
1663 LOG_ERROR("Only cp15 is supported");
1667 /* write "from" r0 */
1668 return arm920t_write_cp15_interpreted(target
,
1669 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1673 static const struct command_registration arm920t_exec_command_handlers
[] = {
1676 .handler
= arm920t_handle_cp15_command
,
1677 .mode
= COMMAND_EXEC
,
1678 .help
= "display/modify cp15 register",
1679 .usage
= "regnum [value]",
1683 .handler
= arm920t_handle_cp15i_command
,
1684 .mode
= COMMAND_EXEC
,
1685 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1686 .help
= "display/modify cp15 register using ARM opcode"
1688 .usage
= "instruction [value [address]]",
1691 .name
= "cache_info",
1692 .handler
= arm920t_handle_cache_info_command
,
1693 .mode
= COMMAND_EXEC
,
1694 .help
= "display information about target caches",
1697 .name
= "read_cache",
1698 .handler
= arm920t_handle_read_cache_command
,
1699 .mode
= COMMAND_EXEC
,
1700 .help
= "dump I/D cache content to file",
1701 .usage
= "filename",
1705 .handler
= arm920t_handle_read_mmu_command
,
1706 .mode
= COMMAND_EXEC
,
1707 .help
= "dump I/D mmu content to file",
1708 .usage
= "filename",
1710 COMMAND_REGISTRATION_DONE
1712 const struct command_registration arm920t_command_handlers
[] = {
1714 .chain
= arm9tdmi_command_handlers
,
1718 .mode
= COMMAND_ANY
,
1719 .help
= "arm920t command group",
1720 .chain
= arm920t_exec_command_handlers
,
1722 COMMAND_REGISTRATION_DONE
1725 /** Holds methods for ARM920 targets. */
1726 struct target_type arm920t_target
=
1730 .poll
= arm7_9_poll
,
1731 .arch_state
= arm920t_arch_state
,
1733 .target_request_data
= arm7_9_target_request_data
,
1735 .halt
= arm7_9_halt
,
1736 .resume
= arm7_9_resume
,
1737 .step
= arm7_9_step
,
1739 .assert_reset
= arm7_9_assert_reset
,
1740 .deassert_reset
= arm7_9_deassert_reset
,
1741 .soft_reset_halt
= arm920t_soft_reset_halt
,
1743 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1745 .read_memory
= arm920t_read_memory
,
1746 .write_memory
= arm920t_write_memory
,
1747 .read_phys_memory
= arm920t_read_phys_memory
,
1748 .write_phys_memory
= arm920t_write_phys_memory
,
1750 .virt2phys
= arm920_virt2phys
,
1752 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1754 .checksum_memory
= arm_checksum_memory
,
1755 .blank_check_memory
= arm_blank_check_memory
,
1757 .run_algorithm
= armv4_5_run_algorithm
,
1759 .add_breakpoint
= arm7_9_add_breakpoint
,
1760 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1761 .add_watchpoint
= arm7_9_add_watchpoint
,
1762 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1764 .commands
= arm920t_command_handlers
,
1765 .target_create
= arm920t_target_create
,
1766 .init_target
= arm9tdmi_init_target
,
1767 .examine
= arm7_9_examine
,
1768 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)