2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. *
20 ***************************************************************************/
27 #include <helper/time_support.h>
28 #include "target_type.h"
30 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target
*target
,
84 int reg_addr
, uint32_t *value
)
86 struct arm920t_common
*arm920t
= target_to_arm920(target
);
87 struct arm_jtag
*jtag_info
;
88 struct scan_field fields
[4];
89 uint8_t access_type_buf
= 1;
90 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
94 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
96 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
97 if (retval
!= ERROR_OK
)
99 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
100 if (retval
!= ERROR_OK
)
103 fields
[0].num_bits
= 1;
104 fields
[0].out_value
= &access_type_buf
;
105 fields
[0].in_value
= NULL
;
107 fields
[1].num_bits
= 32;
108 fields
[1].out_value
= NULL
;
109 fields
[1].in_value
= NULL
;
111 fields
[2].num_bits
= 6;
112 fields
[2].out_value
= ®_addr_buf
;
113 fields
[2].in_value
= NULL
;
115 fields
[3].num_bits
= 1;
116 fields
[3].out_value
= &nr_w_buf
;
117 fields
[3].in_value
= NULL
;
119 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
121 fields
[1].in_value
= (uint8_t *)value
;
123 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
125 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
127 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
128 jtag_execute_queue();
129 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
135 static int arm920t_write_cp15_physical(struct target
*target
,
136 int reg_addr
, uint32_t value
)
138 struct arm920t_common
*arm920t
= target_to_arm920(target
);
139 struct arm_jtag
*jtag_info
;
140 struct scan_field fields
[4];
141 uint8_t access_type_buf
= 1;
142 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
143 uint8_t nr_w_buf
= 1;
144 uint8_t value_buf
[4];
147 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
149 buf_set_u32(value_buf
, 0, 32, value
);
151 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
152 if (retval
!= ERROR_OK
)
154 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
155 if (retval
!= ERROR_OK
)
158 fields
[0].num_bits
= 1;
159 fields
[0].out_value
= &access_type_buf
;
160 fields
[0].in_value
= NULL
;
162 fields
[1].num_bits
= 32;
163 fields
[1].out_value
= value_buf
;
164 fields
[1].in_value
= NULL
;
166 fields
[2].num_bits
= 6;
167 fields
[2].out_value
= ®_addr_buf
;
168 fields
[2].in_value
= NULL
;
170 fields
[3].num_bits
= 1;
171 fields
[3].out_value
= &nr_w_buf
;
172 fields
[3].in_value
= NULL
;
174 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
176 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
177 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
183 /* See table 9-10 for scan chain 15 format during interpreted access mode.
184 * If the TESTSTATE register is set for interpreted access, certain CP15
185 * MRC and MCR instructions may be executed through scan chain 15.
187 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
188 * executed using scan chain 15 interpreted mode.
190 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
194 struct arm920t_common
*arm920t
= target_to_arm920(target
);
195 struct arm_jtag
*jtag_info
;
196 struct scan_field fields
[4];
197 uint8_t access_type_buf
= 0; /* interpreted access */
198 uint8_t reg_addr_buf
= 0x0;
199 uint8_t nr_w_buf
= 0;
200 uint8_t cp15_opcode_buf
[4];
202 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
204 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
205 if (retval
!= ERROR_OK
)
207 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
208 if (retval
!= ERROR_OK
)
211 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
213 fields
[0].num_bits
= 1;
214 fields
[0].out_value
= &access_type_buf
;
215 fields
[0].in_value
= NULL
;
217 fields
[1].num_bits
= 32;
218 fields
[1].out_value
= cp15_opcode_buf
;
219 fields
[1].in_value
= NULL
;
221 fields
[2].num_bits
= 6;
222 fields
[2].out_value
= ®_addr_buf
;
223 fields
[2].in_value
= NULL
;
225 fields
[3].num_bits
= 1;
226 fields
[3].out_value
= &nr_w_buf
;
227 fields
[3].in_value
= NULL
;
229 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
231 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
232 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
233 retval
= arm7_9_execute_sys_speed(target
);
234 if (retval
!= ERROR_OK
)
237 retval
= jtag_execute_queue();
238 if (retval
!= ERROR_OK
) {
239 LOG_ERROR("failed executing JTAG queue");
246 static int arm920t_read_cp15_interpreted(struct target
*target
,
247 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
249 struct arm
*arm
= target_to_arm(target
);
252 uint32_t cp15c15
= 0x0;
253 struct reg
*r
= arm
->core_cache
->reg_list
;
255 /* load address into R1 */
257 arm9tdmi_write_core_regs(target
, 0x2, regs
);
259 /* read-modify-write CP15 test state register
260 * to enable interpreted access mode */
261 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
262 jtag_execute_queue();
263 cp15c15
|= 1; /* set interpret mode */
264 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
266 /* execute CP15 instruction and ARM load (reading from coprocessor) */
267 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
269 /* disable interpreted access mode */
270 cp15c15
&= ~1U; /* clear interpret mode */
271 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
273 /* retrieve value from R0 */
275 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
276 jtag_execute_queue();
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
280 cp15_opcode
, address
, *value
);
283 if (!is_arm_mode(arm
->core_mode
)) {
284 LOG_ERROR("not a valid arm core mode - communication failure?");
295 int arm920t_write_cp15_interpreted(struct target
*target
,
296 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
298 uint32_t cp15c15
= 0x0;
299 struct arm
*arm
= target_to_arm(target
);
301 struct reg
*r
= arm
->core_cache
->reg_list
;
303 /* load value, address into R0, R1 */
306 arm9tdmi_write_core_regs(target
, 0x3, regs
);
308 /* read-modify-write CP15 test state register
309 * to enable interpreted access mode */
310 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
311 jtag_execute_queue();
312 cp15c15
|= 1; /* set interpret mode */
313 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
315 /* execute CP15 instruction and ARM store (writing to coprocessor) */
316 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
318 /* disable interpreted access mode */
319 cp15c15
&= ~1U; /* set interpret mode */
320 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
322 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
323 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
324 cp15_opcode
, value
, address
);
327 if (!is_arm_mode(arm
->core_mode
)) {
328 LOG_ERROR("not a valid arm core mode - communication failure?");
338 /* EXPORTED to FA256 */
339 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
344 retval
= arm920t_read_cp15_interpreted(target
,
345 /* FIXME use opcode macro */
346 0xeebf0f51, 0x0, &ttb
);
347 if (retval
!= ERROR_OK
)
354 /* EXPORTED to FA256 */
355 int arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
356 int d_u_cache
, int i_cache
)
358 uint32_t cp15_control
;
361 /* read cp15 control register */
362 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
363 if (retval
!= ERROR_OK
)
365 retval
= jtag_execute_queue();
366 if (retval
!= ERROR_OK
)
370 cp15_control
&= ~0x1U
;
373 cp15_control
&= ~0x4U
;
376 cp15_control
&= ~0x1000U
;
378 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
382 /* EXPORTED to FA256 */
383 int arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
384 int d_u_cache
, int i_cache
)
386 uint32_t cp15_control
;
389 /* read cp15 control register */
390 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
391 if (retval
!= ERROR_OK
)
393 retval
= jtag_execute_queue();
394 if (retval
!= ERROR_OK
)
398 cp15_control
|= 0x1U
;
401 cp15_control
|= 0x4U
;
404 cp15_control
|= 0x1000U
;
406 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
410 /* EXPORTED to FA256 */
411 int arm920t_post_debug_entry(struct target
*target
)
414 struct arm920t_common
*arm920t
= target_to_arm920(target
);
417 /* examine cp15 control reg */
418 retval
= arm920t_read_cp15_physical(target
,
419 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
420 if (retval
!= ERROR_OK
)
422 retval
= jtag_execute_queue();
423 if (retval
!= ERROR_OK
)
425 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
427 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1) {
428 uint32_t cache_type_reg
;
429 /* identify caches */
430 retval
= arm920t_read_cp15_physical(target
,
431 CP15PHYS_CACHETYPE
, &cache_type_reg
);
432 if (retval
!= ERROR_OK
)
434 retval
= jtag_execute_queue();
435 if (retval
!= ERROR_OK
)
437 armv4_5_identify_cache(cache_type_reg
,
438 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
441 arm920t
->armv4_5_mmu
.mmu_enabled
=
442 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
443 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
444 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
445 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
446 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
448 /* save i/d fault status and address register
449 * FIXME use opcode macros */
450 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
451 if (retval
!= ERROR_OK
)
453 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
454 if (retval
!= ERROR_OK
)
456 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
457 if (retval
!= ERROR_OK
)
459 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
460 if (retval
!= ERROR_OK
)
463 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
464 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
465 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
467 if (arm920t
->preserve_cache
) {
468 /* read-modify-write CP15 test state register
469 * to disable I/D-cache linefills */
470 retval
= arm920t_read_cp15_physical(target
,
471 CP15PHYS_TESTSTATE
, &cp15c15
);
472 if (retval
!= ERROR_OK
)
474 retval
= jtag_execute_queue();
475 if (retval
!= ERROR_OK
)
478 retval
= arm920t_write_cp15_physical(target
,
479 CP15PHYS_TESTSTATE
, cp15c15
);
480 if (retval
!= ERROR_OK
)
486 /* EXPORTED to FA256 */
487 void arm920t_pre_restore_context(struct target
*target
)
490 struct arm920t_common
*arm920t
= target_to_arm920(target
);
492 /* restore i/d fault status and address register */
493 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
494 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
495 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
496 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
498 /* read-modify-write CP15 test state register
499 * to reenable I/D-cache linefills */
500 if (arm920t
->preserve_cache
) {
501 arm920t_read_cp15_physical(target
,
502 CP15PHYS_TESTSTATE
, &cp15c15
);
503 jtag_execute_queue();
505 arm920t_write_cp15_physical(target
,
506 CP15PHYS_TESTSTATE
, cp15c15
);
510 static const char arm920_not
[] = "target is not an ARM920";
512 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
513 struct arm920t_common
*arm920t
)
515 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
516 command_print(cmd_ctx
, arm920_not
);
517 return ERROR_TARGET_INVALID
;
523 /** Logs summary of ARM920 state for a halted target. */
524 int arm920t_arch_state(struct target
*target
)
526 static const char *state
[] = {
527 "disabled", "enabled"
530 struct arm920t_common
*arm920t
= target_to_arm920(target
);
532 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
533 LOG_ERROR("BUG: %s", arm920_not
);
534 return ERROR_TARGET_INVALID
;
537 arm_arch_state(target
);
538 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
539 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
540 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
541 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
546 static int arm920_mmu(struct target
*target
, int *enabled
)
548 if (target
->state
!= TARGET_HALTED
) {
549 LOG_ERROR("%s: target not halted", __func__
);
550 return ERROR_TARGET_INVALID
;
553 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
557 static int arm920_virt2phys(struct target
*target
,
558 uint32_t virt
, uint32_t *phys
)
561 struct arm920t_common
*arm920t
= target_to_arm920(target
);
564 int retval
= armv4_5_mmu_translate_va(target
,
565 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
566 if (retval
!= ERROR_OK
)
572 /** Reads a buffer, in the specified word size, with current MMU settings. */
573 int arm920t_read_memory(struct target
*target
, uint32_t address
,
574 uint32_t size
, uint32_t count
, uint8_t *buffer
)
578 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
584 static int arm920t_read_phys_memory(struct target
*target
,
585 uint32_t address
, uint32_t size
,
586 uint32_t count
, uint8_t *buffer
)
588 struct arm920t_common
*arm920t
= target_to_arm920(target
);
590 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
591 address
, size
, count
, buffer
);
594 static int arm920t_write_phys_memory(struct target
*target
,
595 uint32_t address
, uint32_t size
,
596 uint32_t count
, const uint8_t *buffer
)
598 struct arm920t_common
*arm920t
= target_to_arm920(target
);
600 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
601 address
, size
, count
, buffer
);
604 /** Writes a buffer, in the specified word size, with current MMU settings. */
605 int arm920t_write_memory(struct target
*target
, uint32_t address
,
606 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
609 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
610 struct arm920t_common
*arm920t
= target_to_arm920(target
);
612 /* FIX!!!! this should be cleaned up and made much more general. The
613 * plan is to write up and test on arm920t specifically and
614 * then generalize and clean up afterwards.
616 * Also it should be moved to the callbacks that handle breakpoints
617 * specifically and not the generic memory write fn's. See XScale code.
619 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
620 ((size
== 2) || (size
== 4))) {
621 /* special case the handling of single word writes to
622 * bypass MMU, to allow implementation of breakpoints
623 * in memory marked read only
630 * We need physical address and cb
632 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
634 if (retval
!= ERROR_OK
)
637 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
) {
639 LOG_DEBUG("D-Cache buffered, "
640 "drain write buffer");
643 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
646 retval
= arm920t_write_cp15_interpreted(target
,
647 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
649 if (retval
!= ERROR_OK
)
655 * Write back memory ? -> clean cache
657 * There is no way to clean cache lines using
658 * cp15 scan chain, so copy the full cache
659 * line from cache to physical memory.
663 LOG_DEBUG("D-Cache in 'write back' mode, "
666 retval
= target_read_memory(target
,
667 address
& cache_mask
, 1,
668 sizeof(data
), &data
[0]);
669 if (retval
!= ERROR_OK
)
672 retval
= armv4_5_mmu_write_physical(target
,
673 &arm920t
->armv4_5_mmu
,
675 sizeof(data
), &data
[0]);
676 if (retval
!= ERROR_OK
)
683 * Cached ? -> Invalidate data cache using MVA
685 * MCR p15,0,Rd,c7,c6,1
687 LOG_DEBUG("D-Cache enabled, "
688 "invalidate cache line");
690 retval
= arm920t_write_cp15_interpreted(target
,
691 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
692 address
& cache_mask
);
693 if (retval
!= ERROR_OK
)
698 /* write directly to physical memory,
699 * bypassing any read only MMU bits, etc.
701 retval
= armv4_5_mmu_write_physical(target
,
702 &arm920t
->armv4_5_mmu
, pa
, size
,
704 if (retval
!= ERROR_OK
)
707 retval
= arm7_9_write_memory(target
, address
, size
, count
, buffer
);
708 if (retval
!= ERROR_OK
)
712 /* If ICache is enabled, we have to invalidate affected ICache lines
713 * the DCache is forced to write-through,
714 * so we don't have to clean it here
716 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
) {
718 /* invalidate ICache single entry with MVA
719 * mcr 15, 0, r0, cr7, cr5, {1}
721 LOG_DEBUG("I-Cache enabled, "
722 "invalidating affected I-Cache line");
723 retval
= arm920t_write_cp15_interpreted(target
,
724 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
725 0x0, address
& cache_mask
);
726 if (retval
!= ERROR_OK
)
730 * mcr 15, 0, r0, cr7, cr5, {0}
732 retval
= arm920t_write_cp15_interpreted(target
,
733 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
735 if (retval
!= ERROR_OK
)
743 /* EXPORTED to FA256 */
744 int arm920t_soft_reset_halt(struct target
*target
)
746 int retval
= ERROR_OK
;
747 struct arm920t_common
*arm920t
= target_to_arm920(target
);
748 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
749 struct arm
*arm
= &arm7_9
->arm
;
750 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
752 retval
= target_halt(target
);
753 if (retval
!= ERROR_OK
)
756 long long then
= timeval_ms();
758 while (!(timeout
= ((timeval_ms()-then
) > 1000))) {
759 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1) == 0) {
760 embeddedice_read_reg(dbg_stat
);
761 retval
= jtag_execute_queue();
762 if (retval
!= ERROR_OK
)
766 if (debug_level
>= 3) {
767 /* do not eat all CPU, time out after 1 se*/
773 LOG_ERROR("Failed to halt CPU after 1 sec");
774 return ERROR_TARGET_TIMEOUT
;
777 target
->state
= TARGET_HALTED
;
779 /* SVC, ARM state, IRQ and FIQ disabled */
782 cpsr
= buf_get_u32(arm
->cpsr
->value
, 0, 32);
785 arm_set_cpsr(arm
, cpsr
);
786 arm
->cpsr
->dirty
= 1;
788 /* start fetching from 0x0 */
789 buf_set_u32(arm
->pc
->value
, 0, 32, 0x0);
793 arm920t_disable_mmu_caches(target
, 1, 1, 1);
794 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
795 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
796 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
798 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
801 /* FIXME remove forward decls */
802 static int arm920t_mrc(struct target
*target
, int cpnum
,
803 uint32_t op1
, uint32_t op2
,
804 uint32_t CRn
, uint32_t CRm
,
806 static int arm920t_mcr(struct target
*target
, int cpnum
,
807 uint32_t op1
, uint32_t op2
,
808 uint32_t CRn
, uint32_t CRm
,
811 static int arm920t_init_arch_info(struct target
*target
,
812 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
814 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
816 arm7_9
->arm
.mrc
= arm920t_mrc
;
817 arm7_9
->arm
.mcr
= arm920t_mcr
;
819 /* initialize arm7/arm9 specific info (including armv4_5) */
820 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
822 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
824 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
825 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
826 arm7_9
->write_memory
= arm920t_write_memory
;
828 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
829 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
830 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
831 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
832 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
833 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
834 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
835 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
837 /* disabling linefills leads to lockups, so keep them enabled for now
838 * this doesn't affect correctness, but might affect timing issues, if
839 * important data is evicted from the cache during the debug session
841 arm920t
->preserve_cache
= 0;
843 /* override hw single-step capability from ARM9TDMI */
844 arm7_9
->has_single_step
= 1;
849 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
851 struct arm920t_common
*arm920t
;
853 arm920t
= calloc(1, sizeof(struct arm920t_common
));
854 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
857 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
859 int retval
= ERROR_OK
;
860 struct target
*target
= get_current_target(CMD_CTX
);
861 struct arm920t_common
*arm920t
= target_to_arm920(target
);
862 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
863 struct arm
*arm
= &arm7_9
->arm
;
865 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
867 uint32_t *regs_p
[16];
868 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
871 int segment
, index_t
;
874 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
875 if (retval
!= ERROR_OK
)
879 return ERROR_COMMAND_SYNTAX_ERROR
;
881 output
= fopen(CMD_ARGV
[0], "w");
882 if (output
== NULL
) {
883 LOG_DEBUG("error opening cache content file");
887 for (i
= 0; i
< 16; i
++)
888 regs_p
[i
] = ®s
[i
];
890 /* disable MMU and Caches */
891 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
892 retval
= jtag_execute_queue();
893 if (retval
!= ERROR_OK
)
895 cp15_ctrl_saved
= cp15_ctrl
;
896 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
897 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
898 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
900 /* read CP15 test state register */
901 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
902 jtag_execute_queue();
904 /* read DCache content */
905 fprintf(output
, "DCache:\n");
907 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
909 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
911 fprintf(output
, "\nsegment: %i\n----------", segment
);
913 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
914 regs
[0] = 0x0 | (segment
<< 5);
915 arm9tdmi_write_core_regs(target
, 0x1, regs
);
917 /* set interpret mode */
919 arm920t_write_cp15_physical(target
,
920 CP15PHYS_TESTSTATE
, cp15c15
);
922 /* D CAM Read, loads current victim into C15.C.D.Ind */
923 arm920t_execute_cp15(target
,
924 ARMV4_5_MCR(15, 2, 0, 15, 6, 2), ARMV4_5_LDR(1, 0));
926 /* read current victim */
927 arm920t_read_cp15_physical(target
,
928 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
930 /* clear interpret mode */
932 arm920t_write_cp15_physical(target
,
933 CP15PHYS_TESTSTATE
, cp15c15
);
935 for (index_t
= 0; index_t
< 64; index_t
++) {
937 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
939 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
940 arm9tdmi_write_core_regs(target
, 0x1, regs
);
942 /* set interpret mode */
944 arm920t_write_cp15_physical(target
,
945 CP15PHYS_TESTSTATE
, cp15c15
);
947 /* Write DCache victim */
948 arm920t_execute_cp15(target
,
949 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
952 arm920t_execute_cp15(target
,
953 ARMV4_5_MCR(15, 2, 0, 15, 10, 2),
954 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
957 arm920t_execute_cp15(target
,
958 ARMV4_5_MCR(15, 2, 0, 15, 6, 2),
961 /* clear interpret mode */
963 arm920t_write_cp15_physical(target
,
964 CP15PHYS_TESTSTATE
, cp15c15
);
966 /* read D RAM and CAM content */
967 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
968 retval
= jtag_execute_queue();
969 if (retval
!= ERROR_OK
)
973 regs
[9] &= 0xfffffffe;
974 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
975 PRIx32
", content (%s):\n",
976 segment
, index_t
, regs
[9],
977 (regs
[9] & 0x10) ? "valid" : "invalid");
979 for (i
= 1; i
< 9; i
++) {
980 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
986 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
987 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
988 arm9tdmi_write_core_regs(target
, 0x1, regs
);
990 /* set interpret mode */
992 arm920t_write_cp15_physical(target
,
993 CP15PHYS_TESTSTATE
, cp15c15
);
995 /* Write DCache victim */
996 arm920t_execute_cp15(target
,
997 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
999 /* clear interpret mode */
1001 arm920t_write_cp15_physical(target
,
1002 CP15PHYS_TESTSTATE
, cp15c15
);
1005 /* read ICache content */
1006 fprintf(output
, "ICache:\n");
1008 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1010 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1012 fprintf(output
, "segment: %i\n----------", segment
);
1014 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1015 regs
[0] = 0x0 | (segment
<< 5);
1016 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1018 /* set interpret mode */
1020 arm920t_write_cp15_physical(target
,
1021 CP15PHYS_TESTSTATE
, cp15c15
);
1023 /* I CAM Read, loads current victim into C15.C.I.Ind */
1024 arm920t_execute_cp15(target
,
1025 ARMV4_5_MCR(15, 2, 0, 15, 5, 2), ARMV4_5_LDR(1, 0));
1027 /* read current victim */
1028 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1031 /* clear interpret mode */
1033 arm920t_write_cp15_physical(target
,
1034 CP15PHYS_TESTSTATE
, cp15c15
);
1036 for (index_t
= 0; index_t
< 64; index_t
++) {
1038 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1040 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1041 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1043 /* set interpret mode */
1045 arm920t_write_cp15_physical(target
,
1046 CP15PHYS_TESTSTATE
, cp15c15
);
1048 /* Write ICache victim */
1049 arm920t_execute_cp15(target
,
1050 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1053 arm920t_execute_cp15(target
,
1054 ARMV4_5_MCR(15, 2, 0, 15, 9, 2),
1055 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1058 arm920t_execute_cp15(target
,
1059 ARMV4_5_MCR(15, 2, 0, 15, 5, 2),
1062 /* clear interpret mode */
1064 arm920t_write_cp15_physical(target
,
1065 CP15PHYS_TESTSTATE
, cp15c15
);
1067 /* read I RAM and CAM content */
1068 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1069 retval
= jtag_execute_queue();
1070 if (retval
!= ERROR_OK
)
1074 regs
[9] &= 0xfffffffe;
1075 fprintf(output
, "\nsegment: %i, index: %i, "
1076 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1077 segment
, index_t
, regs
[9],
1078 (regs
[9] & 0x10) ? "valid" : "invalid");
1080 for (i
= 1; i
< 9; i
++) {
1081 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1086 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1087 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1088 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1090 /* set interpret mode */
1092 arm920t_write_cp15_physical(target
,
1093 CP15PHYS_TESTSTATE
, cp15c15
);
1095 /* Write ICache victim */
1096 arm920t_execute_cp15(target
,
1097 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1099 /* clear interpret mode */
1101 arm920t_write_cp15_physical(target
,
1102 CP15PHYS_TESTSTATE
, cp15c15
);
1105 /* restore CP15 MMU and Cache settings */
1106 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1108 command_print(CMD_CTX
, "cache content successfully output to %s",
1113 if (!is_arm_mode(arm
->core_mode
)) {
1114 LOG_ERROR("not a valid arm core mode - communication failure?");
1118 /* force writeback of the valid data */
1119 r
= arm
->core_cache
->reg_list
;
1120 r
[0].dirty
= r
[0].valid
;
1121 r
[1].dirty
= r
[1].valid
;
1122 r
[2].dirty
= r
[2].valid
;
1123 r
[3].dirty
= r
[3].valid
;
1124 r
[4].dirty
= r
[4].valid
;
1125 r
[5].dirty
= r
[5].valid
;
1126 r
[6].dirty
= r
[6].valid
;
1127 r
[7].dirty
= r
[7].valid
;
1129 r
= arm_reg_current(arm
, 8);
1130 r
->dirty
= r
->valid
;
1132 r
= arm_reg_current(arm
, 9);
1133 r
->dirty
= r
->valid
;
1138 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1140 int retval
= ERROR_OK
;
1141 struct target
*target
= get_current_target(CMD_CTX
);
1142 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1143 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1144 struct arm
*arm
= &arm7_9
->arm
;
1146 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1148 uint32_t *regs_p
[16];
1151 uint32_t Dlockdown
, Ilockdown
;
1152 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1156 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1157 if (retval
!= ERROR_OK
)
1161 return ERROR_COMMAND_SYNTAX_ERROR
;
1163 output
= fopen(CMD_ARGV
[0], "w");
1164 if (output
== NULL
) {
1165 LOG_DEBUG("error opening mmu content file");
1169 for (i
= 0; i
< 16; i
++)
1170 regs_p
[i
] = ®s
[i
];
1172 /* disable MMU and Caches */
1173 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1174 retval
= jtag_execute_queue();
1175 if (retval
!= ERROR_OK
)
1177 cp15_ctrl_saved
= cp15_ctrl
;
1178 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1179 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1180 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1182 /* read CP15 test state register */
1183 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1184 retval
= jtag_execute_queue();
1185 if (retval
!= ERROR_OK
)
1188 /* prepare reading D TLB content
1191 /* set interpret mode */
1193 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1195 /* Read D TLB lockdown */
1196 arm920t_execute_cp15(target
,
1197 ARMV4_5_MRC(15, 0, 0, 10, 0, 0), ARMV4_5_LDR(1, 0));
1199 /* clear interpret mode */
1201 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1203 /* read D TLB lockdown stored to r1 */
1204 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1205 retval
= jtag_execute_queue();
1206 if (retval
!= ERROR_OK
)
1208 Dlockdown
= regs
[1];
1210 for (victim
= 0; victim
< 64; victim
+= 8) {
1211 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1212 * base remains unchanged, victim goes through entries 0 to 63
1214 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1215 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1217 /* set interpret mode */
1219 arm920t_write_cp15_physical(target
,
1220 CP15PHYS_TESTSTATE
, cp15c15
);
1222 /* Write D TLB lockdown */
1223 arm920t_execute_cp15(target
,
1224 ARMV4_5_MCR(15, 0, 0, 10, 0, 0),
1227 /* Read D TLB CAM */
1228 arm920t_execute_cp15(target
,
1229 ARMV4_5_MCR(15, 4, 0, 15, 6, 4),
1230 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1232 /* clear interpret mode */
1234 arm920t_write_cp15_physical(target
,
1235 CP15PHYS_TESTSTATE
, cp15c15
);
1237 /* read D TLB CAM content stored to r2-r9 */
1238 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1239 retval
= jtag_execute_queue();
1240 if (retval
!= ERROR_OK
)
1243 for (i
= 0; i
< 8; i
++)
1244 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1247 for (victim
= 0; victim
< 64; victim
++) {
1248 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1249 * base remains unchanged, victim goes through entries 0 to 63
1251 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1252 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1254 /* set interpret mode */
1256 arm920t_write_cp15_physical(target
,
1257 CP15PHYS_TESTSTATE
, cp15c15
);
1259 /* Write D TLB lockdown */
1260 arm920t_execute_cp15(target
,
1261 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1263 /* Read D TLB RAM1 */
1264 arm920t_execute_cp15(target
,
1265 ARMV4_5_MCR(15, 4, 0, 15, 10, 4), ARMV4_5_LDR(2, 0));
1267 /* Read D TLB RAM2 */
1268 arm920t_execute_cp15(target
,
1269 ARMV4_5_MCR(15, 4, 0, 15, 2, 5), ARMV4_5_LDR(3, 0));
1271 /* clear interpret mode */
1273 arm920t_write_cp15_physical(target
,
1274 CP15PHYS_TESTSTATE
, cp15c15
);
1276 /* read D TLB RAM content stored to r2 and r3 */
1277 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1278 retval
= jtag_execute_queue();
1279 if (retval
!= ERROR_OK
)
1282 d_tlb
[victim
].ram1
= regs
[2];
1283 d_tlb
[victim
].ram2
= regs
[3];
1286 /* restore D TLB lockdown */
1287 regs
[1] = Dlockdown
;
1288 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1290 /* Write D TLB lockdown */
1291 arm920t_execute_cp15(target
,
1292 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1294 /* prepare reading I TLB content
1297 /* set interpret mode */
1299 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1301 /* Read I TLB lockdown */
1302 arm920t_execute_cp15(target
,
1303 ARMV4_5_MRC(15, 0, 0, 10, 0, 1), ARMV4_5_LDR(1, 0));
1305 /* clear interpret mode */
1307 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1309 /* read I TLB lockdown stored to r1 */
1310 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1311 retval
= jtag_execute_queue();
1312 if (retval
!= ERROR_OK
)
1314 Ilockdown
= regs
[1];
1316 for (victim
= 0; victim
< 64; victim
+= 8) {
1317 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1318 * base remains unchanged, victim goes through entries 0 to 63
1320 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1321 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1323 /* set interpret mode */
1325 arm920t_write_cp15_physical(target
,
1326 CP15PHYS_TESTSTATE
, cp15c15
);
1328 /* Write I TLB lockdown */
1329 arm920t_execute_cp15(target
,
1330 ARMV4_5_MCR(15, 0, 0, 10, 0, 1),
1333 /* Read I TLB CAM */
1334 arm920t_execute_cp15(target
,
1335 ARMV4_5_MCR(15, 4, 0, 15, 5, 4),
1336 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1338 /* clear interpret mode */
1340 arm920t_write_cp15_physical(target
,
1341 CP15PHYS_TESTSTATE
, cp15c15
);
1343 /* read I TLB CAM content stored to r2-r9 */
1344 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1345 retval
= jtag_execute_queue();
1346 if (retval
!= ERROR_OK
)
1349 for (i
= 0; i
< 8; i
++)
1350 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1353 for (victim
= 0; victim
< 64; victim
++) {
1354 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1355 * base remains unchanged, victim goes through entries 0 to 63
1357 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1358 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1360 /* set interpret mode */
1362 arm920t_write_cp15_physical(target
,
1363 CP15PHYS_TESTSTATE
, cp15c15
);
1365 /* Write I TLB lockdown */
1366 arm920t_execute_cp15(target
,
1367 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1369 /* Read I TLB RAM1 */
1370 arm920t_execute_cp15(target
,
1371 ARMV4_5_MCR(15, 4, 0, 15, 9, 4), ARMV4_5_LDR(2, 0));
1373 /* Read I TLB RAM2 */
1374 arm920t_execute_cp15(target
,
1375 ARMV4_5_MCR(15, 4, 0, 15, 1, 5), ARMV4_5_LDR(3, 0));
1377 /* clear interpret mode */
1379 arm920t_write_cp15_physical(target
,
1380 CP15PHYS_TESTSTATE
, cp15c15
);
1382 /* read I TLB RAM content stored to r2 and r3 */
1383 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1384 retval
= jtag_execute_queue();
1385 if (retval
!= ERROR_OK
)
1388 i_tlb
[victim
].ram1
= regs
[2];
1389 i_tlb
[victim
].ram2
= regs
[3];
1392 /* restore I TLB lockdown */
1393 regs
[1] = Ilockdown
;
1394 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1396 /* Write I TLB lockdown */
1397 arm920t_execute_cp15(target
,
1398 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1400 /* restore CP15 MMU and Cache settings */
1401 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1403 /* output data to file */
1404 fprintf(output
, "D TLB content:\n");
1405 for (i
= 0; i
< 64; i
++) {
1406 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1407 " 0x%8.8" PRIx32
" %s\n",
1408 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1409 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1412 fprintf(output
, "\n\nI TLB content:\n");
1413 for (i
= 0; i
< 64; i
++) {
1414 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1415 " 0x%8.8" PRIx32
" %s\n",
1416 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1417 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1420 command_print(CMD_CTX
, "mmu content successfully output to %s",
1425 if (!is_arm_mode(arm
->core_mode
)) {
1426 LOG_ERROR("not a valid arm core mode - communication failure?");
1430 /* force writeback of the valid data */
1431 r
= arm
->core_cache
->reg_list
;
1432 r
[0].dirty
= r
[0].valid
;
1433 r
[1].dirty
= r
[1].valid
;
1434 r
[2].dirty
= r
[2].valid
;
1435 r
[3].dirty
= r
[3].valid
;
1436 r
[4].dirty
= r
[4].valid
;
1437 r
[5].dirty
= r
[5].valid
;
1438 r
[6].dirty
= r
[6].valid
;
1439 r
[7].dirty
= r
[7].valid
;
1441 r
= arm_reg_current(arm
, 8);
1442 r
->dirty
= r
->valid
;
1444 r
= arm_reg_current(arm
, 9);
1445 r
->dirty
= r
->valid
;
1450 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1453 struct target
*target
= get_current_target(CMD_CTX
);
1454 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1456 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1457 if (retval
!= ERROR_OK
)
1460 if (target
->state
!= TARGET_HALTED
) {
1461 command_print(CMD_CTX
, "target must be stopped for "
1462 "\"%s\" command", CMD_NAME
);
1466 /* one argument, read a register.
1467 * two arguments, write it.
1469 if (CMD_ARGC
>= 1) {
1471 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1473 if (CMD_ARGC
== 1) {
1475 retval
= arm920t_read_cp15_physical(target
, address
, &value
);
1476 if (retval
!= ERROR_OK
) {
1477 command_print(CMD_CTX
,
1478 "couldn't access reg %i", address
);
1481 retval
= jtag_execute_queue();
1482 if (retval
!= ERROR_OK
)
1485 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1487 } else if (CMD_ARGC
== 2) {
1489 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1490 retval
= arm920t_write_cp15_physical(target
,
1492 if (retval
!= ERROR_OK
) {
1493 command_print(CMD_CTX
,
1494 "couldn't access reg %i", address
);
1495 /* REVISIT why lie? "return retval"? */
1498 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1506 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1509 struct target
*target
= get_current_target(CMD_CTX
);
1510 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1512 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1513 if (retval
!= ERROR_OK
)
1517 if (target
->state
!= TARGET_HALTED
) {
1518 command_print(CMD_CTX
, "target must be stopped for "
1519 "\"%s\" command", CMD_NAME
);
1523 /* one argument, read a register.
1524 * two arguments, write it.
1526 if (CMD_ARGC
>= 1) {
1528 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1530 if (CMD_ARGC
== 1) {
1532 retval
= arm920t_read_cp15_interpreted(target
,
1533 opcode
, 0x0, &value
);
1534 if (retval
!= ERROR_OK
) {
1535 command_print(CMD_CTX
,
1536 "couldn't execute %8.8" PRIx32
,
1538 /* REVISIT why lie? "return retval"? */
1542 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1544 } else if (CMD_ARGC
== 2) {
1546 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1547 retval
= arm920t_write_cp15_interpreted(target
,
1549 if (retval
!= ERROR_OK
) {
1550 command_print(CMD_CTX
,
1551 "couldn't execute %8.8" PRIx32
,
1553 /* REVISIT why lie? "return retval"? */
1556 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1558 } else if (CMD_ARGC
== 3) {
1560 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1562 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1563 retval
= arm920t_write_cp15_interpreted(target
,
1564 opcode
, value
, address
);
1565 if (retval
!= ERROR_OK
) {
1566 command_print(CMD_CTX
,
1567 "couldn't execute %8.8" PRIx32
, opcode
);
1568 /* REVISIT why lie? "return retval"? */
1571 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1572 " %8.8" PRIx32
, opcode
, value
, address
);
1575 return ERROR_COMMAND_SYNTAX_ERROR
;
1580 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1583 struct target
*target
= get_current_target(CMD_CTX
);
1584 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1586 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1587 if (retval
!= ERROR_OK
)
1590 return armv4_5_handle_cache_info_command(CMD_CTX
,
1591 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1595 static int arm920t_mrc(struct target
*target
, int cpnum
,
1596 uint32_t op1
, uint32_t op2
,
1597 uint32_t CRn
, uint32_t CRm
,
1601 LOG_ERROR("Only cp15 is supported");
1606 return arm920t_read_cp15_interpreted(target
,
1607 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1611 static int arm920t_mcr(struct target
*target
, int cpnum
,
1612 uint32_t op1
, uint32_t op2
,
1613 uint32_t CRn
, uint32_t CRm
,
1617 LOG_ERROR("Only cp15 is supported");
1621 /* write "from" r0 */
1622 return arm920t_write_cp15_interpreted(target
,
1623 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1627 static const struct command_registration arm920t_exec_command_handlers
[] = {
1630 .handler
= arm920t_handle_cp15_command
,
1631 .mode
= COMMAND_EXEC
,
1632 .help
= "display/modify cp15 register",
1633 .usage
= "regnum [value]",
1637 .handler
= arm920t_handle_cp15i_command
,
1638 .mode
= COMMAND_EXEC
,
1639 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1640 .help
= "display/modify cp15 register using ARM opcode"
1642 .usage
= "instruction [value [address]]",
1645 .name
= "cache_info",
1646 .handler
= arm920t_handle_cache_info_command
,
1647 .mode
= COMMAND_EXEC
,
1649 .help
= "display information about target caches",
1652 .name
= "read_cache",
1653 .handler
= arm920t_handle_read_cache_command
,
1654 .mode
= COMMAND_EXEC
,
1655 .help
= "dump I/D cache content to file",
1656 .usage
= "filename",
1660 .handler
= arm920t_handle_read_mmu_command
,
1661 .mode
= COMMAND_EXEC
,
1662 .help
= "dump I/D mmu content to file",
1663 .usage
= "filename",
1665 COMMAND_REGISTRATION_DONE
1667 const struct command_registration arm920t_command_handlers
[] = {
1669 .chain
= arm9tdmi_command_handlers
,
1673 .mode
= COMMAND_ANY
,
1674 .help
= "arm920t command group",
1676 .chain
= arm920t_exec_command_handlers
,
1678 COMMAND_REGISTRATION_DONE
1681 /** Holds methods for ARM920 targets. */
1682 struct target_type arm920t_target
= {
1685 .poll
= arm7_9_poll
,
1686 .arch_state
= arm920t_arch_state
,
1688 .target_request_data
= arm7_9_target_request_data
,
1690 .halt
= arm7_9_halt
,
1691 .resume
= arm7_9_resume
,
1692 .step
= arm7_9_step
,
1694 .assert_reset
= arm7_9_assert_reset
,
1695 .deassert_reset
= arm7_9_deassert_reset
,
1696 .soft_reset_halt
= arm920t_soft_reset_halt
,
1698 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1700 .read_memory
= arm920t_read_memory
,
1701 .write_memory
= arm7_9_write_memory_opt
,
1702 .read_phys_memory
= arm920t_read_phys_memory
,
1703 .write_phys_memory
= arm920t_write_phys_memory
,
1705 .virt2phys
= arm920_virt2phys
,
1707 .checksum_memory
= arm_checksum_memory
,
1708 .blank_check_memory
= arm_blank_check_memory
,
1710 .run_algorithm
= armv4_5_run_algorithm
,
1712 .add_breakpoint
= arm7_9_add_breakpoint
,
1713 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1714 .add_watchpoint
= arm7_9_add_watchpoint
,
1715 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1717 .commands
= arm920t_command_handlers
,
1718 .target_create
= arm920t_target_create
,
1719 .init_target
= arm9tdmi_init_target
,
1720 .examine
= arm7_9_examine
,
1721 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)