2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
27 #include <helper/time_support.h>
28 #include "target_type.h"
30 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target
*target
,
84 int reg_addr
, uint32_t *value
)
86 struct arm920t_common
*arm920t
= target_to_arm920(target
);
87 struct arm_jtag
*jtag_info
;
88 struct scan_field fields
[4];
89 uint8_t access_type_buf
= 1;
90 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
94 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
96 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
97 if (retval
!= ERROR_OK
)
99 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
100 if (retval
!= ERROR_OK
)
103 fields
[0].num_bits
= 1;
104 fields
[0].out_value
= &access_type_buf
;
105 fields
[0].in_value
= NULL
;
107 fields
[1].num_bits
= 32;
108 fields
[1].out_value
= NULL
;
109 fields
[1].in_value
= NULL
;
111 fields
[2].num_bits
= 6;
112 fields
[2].out_value
= ®_addr_buf
;
113 fields
[2].in_value
= NULL
;
115 fields
[3].num_bits
= 1;
116 fields
[3].out_value
= &nr_w_buf
;
117 fields
[3].in_value
= NULL
;
119 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
121 fields
[1].in_value
= (uint8_t *)value
;
123 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
125 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
127 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
128 jtag_execute_queue();
129 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
135 static int arm920t_write_cp15_physical(struct target
*target
,
136 int reg_addr
, uint32_t value
)
138 struct arm920t_common
*arm920t
= target_to_arm920(target
);
139 struct arm_jtag
*jtag_info
;
140 struct scan_field fields
[4];
141 uint8_t access_type_buf
= 1;
142 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
143 uint8_t nr_w_buf
= 1;
144 uint8_t value_buf
[4];
147 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
149 buf_set_u32(value_buf
, 0, 32, value
);
151 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
152 if (retval
!= ERROR_OK
)
154 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
155 if (retval
!= ERROR_OK
)
158 fields
[0].num_bits
= 1;
159 fields
[0].out_value
= &access_type_buf
;
160 fields
[0].in_value
= NULL
;
162 fields
[1].num_bits
= 32;
163 fields
[1].out_value
= value_buf
;
164 fields
[1].in_value
= NULL
;
166 fields
[2].num_bits
= 6;
167 fields
[2].out_value
= ®_addr_buf
;
168 fields
[2].in_value
= NULL
;
170 fields
[3].num_bits
= 1;
171 fields
[3].out_value
= &nr_w_buf
;
172 fields
[3].in_value
= NULL
;
174 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
176 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
177 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
183 /* See table 9-10 for scan chain 15 format during interpreted access mode.
184 * If the TESTSTATE register is set for interpreted access, certain CP15
185 * MRC and MCR instructions may be executed through scan chain 15.
187 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
188 * executed using scan chain 15 interpreted mode.
190 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
194 struct arm920t_common
*arm920t
= target_to_arm920(target
);
195 struct arm_jtag
*jtag_info
;
196 struct scan_field fields
[4];
197 uint8_t access_type_buf
= 0; /* interpreted access */
198 uint8_t reg_addr_buf
= 0x0;
199 uint8_t nr_w_buf
= 0;
200 uint8_t cp15_opcode_buf
[4];
202 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
204 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
205 if (retval
!= ERROR_OK
)
207 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
208 if (retval
!= ERROR_OK
)
211 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
213 fields
[0].num_bits
= 1;
214 fields
[0].out_value
= &access_type_buf
;
215 fields
[0].in_value
= NULL
;
217 fields
[1].num_bits
= 32;
218 fields
[1].out_value
= cp15_opcode_buf
;
219 fields
[1].in_value
= NULL
;
221 fields
[2].num_bits
= 6;
222 fields
[2].out_value
= ®_addr_buf
;
223 fields
[2].in_value
= NULL
;
225 fields
[3].num_bits
= 1;
226 fields
[3].out_value
= &nr_w_buf
;
227 fields
[3].in_value
= NULL
;
229 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
231 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
232 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
233 retval
= arm7_9_execute_sys_speed(target
);
234 if (retval
!= ERROR_OK
)
237 retval
= jtag_execute_queue();
238 if (retval
!= ERROR_OK
) {
239 LOG_ERROR("failed executing JTAG queue");
246 static int arm920t_read_cp15_interpreted(struct target
*target
,
247 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
249 struct arm
*arm
= target_to_arm(target
);
252 uint32_t cp15c15
= 0x0;
253 struct reg
*r
= arm
->core_cache
->reg_list
;
255 /* load address into R1 */
257 arm9tdmi_write_core_regs(target
, 0x2, regs
);
259 /* read-modify-write CP15 test state register
260 * to enable interpreted access mode */
261 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
262 jtag_execute_queue();
263 cp15c15
|= 1; /* set interpret mode */
264 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
266 /* execute CP15 instruction and ARM load (reading from coprocessor) */
267 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
269 /* disable interpreted access mode */
270 cp15c15
&= ~1U; /* clear interpret mode */
271 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
273 /* retrieve value from R0 */
275 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
276 jtag_execute_queue();
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
280 cp15_opcode
, address
, *value
);
283 if (!is_arm_mode(arm
->core_mode
)) {
284 LOG_ERROR("not a valid arm core mode - communication failure?");
295 int arm920t_write_cp15_interpreted(struct target
*target
,
296 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
298 uint32_t cp15c15
= 0x0;
299 struct arm
*arm
= target_to_arm(target
);
301 struct reg
*r
= arm
->core_cache
->reg_list
;
303 /* load value, address into R0, R1 */
306 arm9tdmi_write_core_regs(target
, 0x3, regs
);
308 /* read-modify-write CP15 test state register
309 * to enable interpreted access mode */
310 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
311 jtag_execute_queue();
312 cp15c15
|= 1; /* set interpret mode */
313 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
315 /* execute CP15 instruction and ARM store (writing to coprocessor) */
316 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
318 /* disable interpreted access mode */
319 cp15c15
&= ~1U; /* set interpret mode */
320 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
322 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
323 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
324 cp15_opcode
, value
, address
);
327 if (!is_arm_mode(arm
->core_mode
)) {
328 LOG_ERROR("not a valid arm core mode - communication failure?");
338 /* EXPORTED to FA256 */
339 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
344 retval
= arm920t_read_cp15_interpreted(target
,
345 /* FIXME use opcode macro */
346 0xeebf0f51, 0x0, &ttb
);
347 if (retval
!= ERROR_OK
)
354 /* EXPORTED to FA256 */
355 int arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
356 int d_u_cache
, int i_cache
)
358 uint32_t cp15_control
;
361 /* read cp15 control register */
362 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
363 if (retval
!= ERROR_OK
)
365 retval
= jtag_execute_queue();
366 if (retval
!= ERROR_OK
)
370 cp15_control
&= ~0x1U
;
373 cp15_control
&= ~0x4U
;
376 cp15_control
&= ~0x1000U
;
378 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
382 /* EXPORTED to FA256 */
383 int arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
384 int d_u_cache
, int i_cache
)
386 uint32_t cp15_control
;
389 /* read cp15 control register */
390 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
391 if (retval
!= ERROR_OK
)
393 retval
= jtag_execute_queue();
394 if (retval
!= ERROR_OK
)
398 cp15_control
|= 0x1U
;
401 cp15_control
|= 0x4U
;
404 cp15_control
|= 0x1000U
;
406 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
410 /* EXPORTED to FA256 */
411 int arm920t_post_debug_entry(struct target
*target
)
414 struct arm920t_common
*arm920t
= target_to_arm920(target
);
417 /* examine cp15 control reg */
418 retval
= arm920t_read_cp15_physical(target
,
419 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
420 if (retval
!= ERROR_OK
)
422 retval
= jtag_execute_queue();
423 if (retval
!= ERROR_OK
)
425 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
427 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1) {
428 uint32_t cache_type_reg
;
429 /* identify caches */
430 retval
= arm920t_read_cp15_physical(target
,
431 CP15PHYS_CACHETYPE
, &cache_type_reg
);
432 if (retval
!= ERROR_OK
)
434 retval
= jtag_execute_queue();
435 if (retval
!= ERROR_OK
)
437 armv4_5_identify_cache(cache_type_reg
,
438 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
441 arm920t
->armv4_5_mmu
.mmu_enabled
=
442 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
443 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
444 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
445 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
446 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
448 /* save i/d fault status and address register
449 * FIXME use opcode macros */
450 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
451 if (retval
!= ERROR_OK
)
453 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
454 if (retval
!= ERROR_OK
)
456 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
457 if (retval
!= ERROR_OK
)
459 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
460 if (retval
!= ERROR_OK
)
463 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
464 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
465 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
467 if (arm920t
->preserve_cache
) {
468 /* read-modify-write CP15 test state register
469 * to disable I/D-cache linefills */
470 retval
= arm920t_read_cp15_physical(target
,
471 CP15PHYS_TESTSTATE
, &cp15c15
);
472 if (retval
!= ERROR_OK
)
474 retval
= jtag_execute_queue();
475 if (retval
!= ERROR_OK
)
478 retval
= arm920t_write_cp15_physical(target
,
479 CP15PHYS_TESTSTATE
, cp15c15
);
480 if (retval
!= ERROR_OK
)
486 /* EXPORTED to FA256 */
487 void arm920t_pre_restore_context(struct target
*target
)
490 struct arm920t_common
*arm920t
= target_to_arm920(target
);
492 /* restore i/d fault status and address register */
493 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
494 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
495 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
496 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
498 /* read-modify-write CP15 test state register
499 * to reenable I/D-cache linefills */
500 if (arm920t
->preserve_cache
) {
501 arm920t_read_cp15_physical(target
,
502 CP15PHYS_TESTSTATE
, &cp15c15
);
503 jtag_execute_queue();
505 arm920t_write_cp15_physical(target
,
506 CP15PHYS_TESTSTATE
, cp15c15
);
510 static const char arm920_not
[] = "target is not an ARM920";
512 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
513 struct arm920t_common
*arm920t
)
515 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
516 command_print(cmd_ctx
, arm920_not
);
517 return ERROR_TARGET_INVALID
;
523 /** Logs summary of ARM920 state for a halted target. */
524 int arm920t_arch_state(struct target
*target
)
526 static const char *state
[] = {
527 "disabled", "enabled"
530 struct arm920t_common
*arm920t
= target_to_arm920(target
);
532 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
533 LOG_ERROR("BUG: %s", arm920_not
);
534 return ERROR_TARGET_INVALID
;
537 arm_arch_state(target
);
538 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
539 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
540 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
541 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
546 static int arm920_mmu(struct target
*target
, int *enabled
)
548 if (target
->state
!= TARGET_HALTED
) {
549 LOG_ERROR("%s: target not halted", __func__
);
550 return ERROR_TARGET_INVALID
;
553 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
557 static int arm920_virt2phys(struct target
*target
,
558 uint32_t virt
, uint32_t *phys
)
561 struct arm920t_common
*arm920t
= target_to_arm920(target
);
564 int retval
= armv4_5_mmu_translate_va(target
,
565 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
566 if (retval
!= ERROR_OK
)
572 /** Reads a buffer, in the specified word size, with current MMU settings. */
573 int arm920t_read_memory(struct target
*target
, uint32_t address
,
574 uint32_t size
, uint32_t count
, uint8_t *buffer
)
578 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
584 static int arm920t_read_phys_memory(struct target
*target
,
585 uint32_t address
, uint32_t size
,
586 uint32_t count
, uint8_t *buffer
)
588 struct arm920t_common
*arm920t
= target_to_arm920(target
);
590 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
591 address
, size
, count
, buffer
);
594 static int arm920t_write_phys_memory(struct target
*target
,
595 uint32_t address
, uint32_t size
,
596 uint32_t count
, const uint8_t *buffer
)
598 struct arm920t_common
*arm920t
= target_to_arm920(target
);
600 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
601 address
, size
, count
, buffer
);
604 /** Writes a buffer, in the specified word size, with current MMU settings. */
605 int arm920t_write_memory(struct target
*target
, uint32_t address
,
606 uint32_t size
, uint32_t count
, const uint8_t *buffer
)
609 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
610 struct arm920t_common
*arm920t
= target_to_arm920(target
);
612 /* FIX!!!! this should be cleaned up and made much more general. The
613 * plan is to write up and test on arm920t specifically and
614 * then generalize and clean up afterwards.
616 * Also it should be moved to the callbacks that handle breakpoints
617 * specifically and not the generic memory write fn's. See XScale code.
619 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
620 ((size
== 2) || (size
== 4))) {
621 /* special case the handling of single word writes to
622 * bypass MMU, to allow implementation of breakpoints
623 * in memory marked read only
630 * We need physical address and cb
632 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
634 if (retval
!= ERROR_OK
)
637 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
) {
639 LOG_DEBUG("D-Cache buffered, "
640 "drain write buffer");
643 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
646 retval
= arm920t_write_cp15_interpreted(target
,
647 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
649 if (retval
!= ERROR_OK
)
655 * Write back memory ? -> clean cache
657 * There is no way to clean cache lines using
658 * cp15 scan chain, so copy the full cache
659 * line from cache to physical memory.
663 LOG_DEBUG("D-Cache in 'write back' mode, "
666 retval
= target_read_memory(target
,
667 address
& cache_mask
, 1,
668 sizeof(data
), &data
[0]);
669 if (retval
!= ERROR_OK
)
672 retval
= armv4_5_mmu_write_physical(target
,
673 &arm920t
->armv4_5_mmu
,
675 sizeof(data
), &data
[0]);
676 if (retval
!= ERROR_OK
)
683 * Cached ? -> Invalidate data cache using MVA
685 * MCR p15,0,Rd,c7,c6,1
687 LOG_DEBUG("D-Cache enabled, "
688 "invalidate cache line");
690 retval
= arm920t_write_cp15_interpreted(target
,
691 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
692 address
& cache_mask
);
693 if (retval
!= ERROR_OK
)
698 /* write directly to physical memory,
699 * bypassing any read only MMU bits, etc.
701 retval
= armv4_5_mmu_write_physical(target
,
702 &arm920t
->armv4_5_mmu
, pa
, size
,
704 if (retval
!= ERROR_OK
)
707 retval
= arm7_9_write_memory(target
, address
, size
, count
, buffer
);
708 if (retval
!= ERROR_OK
)
712 /* If ICache is enabled, we have to invalidate affected ICache lines
713 * the DCache is forced to write-through,
714 * so we don't have to clean it here
716 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
) {
718 /* invalidate ICache single entry with MVA
719 * mcr 15, 0, r0, cr7, cr5, {1}
721 LOG_DEBUG("I-Cache enabled, "
722 "invalidating affected I-Cache line");
723 retval
= arm920t_write_cp15_interpreted(target
,
724 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
725 0x0, address
& cache_mask
);
726 if (retval
!= ERROR_OK
)
730 * mcr 15, 0, r0, cr7, cr5, {0}
732 retval
= arm920t_write_cp15_interpreted(target
,
733 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
735 if (retval
!= ERROR_OK
)
743 /* EXPORTED to FA256 */
744 int arm920t_soft_reset_halt(struct target
*target
)
746 int retval
= ERROR_OK
;
747 struct arm920t_common
*arm920t
= target_to_arm920(target
);
748 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
749 struct arm
*arm
= &arm7_9
->arm
;
750 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
752 retval
= target_halt(target
);
753 if (retval
!= ERROR_OK
)
756 long long then
= timeval_ms();
758 while (!(timeout
= ((timeval_ms()-then
) > 1000))) {
759 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1) == 0) {
760 embeddedice_read_reg(dbg_stat
);
761 retval
= jtag_execute_queue();
762 if (retval
!= ERROR_OK
)
766 if (debug_level
>= 3) {
767 /* do not eat all CPU, time out after 1 se*/
773 LOG_ERROR("Failed to halt CPU after 1 sec");
774 return ERROR_TARGET_TIMEOUT
;
777 target
->state
= TARGET_HALTED
;
779 /* SVC, ARM state, IRQ and FIQ disabled */
782 cpsr
= buf_get_u32(arm
->cpsr
->value
, 0, 32);
785 arm_set_cpsr(arm
, cpsr
);
786 arm
->cpsr
->dirty
= 1;
788 /* start fetching from 0x0 */
789 buf_set_u32(arm
->pc
->value
, 0, 32, 0x0);
793 arm920t_disable_mmu_caches(target
, 1, 1, 1);
794 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
795 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
796 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
798 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
801 /* FIXME remove forward decls */
802 static int arm920t_mrc(struct target
*target
, int cpnum
,
803 uint32_t op1
, uint32_t op2
,
804 uint32_t CRn
, uint32_t CRm
,
806 static int arm920t_mcr(struct target
*target
, int cpnum
,
807 uint32_t op1
, uint32_t op2
,
808 uint32_t CRn
, uint32_t CRm
,
811 static int arm920t_init_arch_info(struct target
*target
,
812 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
814 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
816 arm7_9
->arm
.mrc
= arm920t_mrc
;
817 arm7_9
->arm
.mcr
= arm920t_mcr
;
819 /* initialize arm7/arm9 specific info (including armv4_5) */
820 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
822 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
824 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
825 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
827 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
828 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
829 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
830 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
831 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
832 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
833 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
834 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
836 /* disabling linefills leads to lockups, so keep them enabled for now
837 * this doesn't affect correctness, but might affect timing issues, if
838 * important data is evicted from the cache during the debug session
840 arm920t
->preserve_cache
= 0;
842 /* override hw single-step capability from ARM9TDMI */
843 arm7_9
->has_single_step
= 1;
848 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
850 struct arm920t_common
*arm920t
;
852 arm920t
= calloc(1, sizeof(struct arm920t_common
));
853 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
856 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
858 int retval
= ERROR_OK
;
859 struct target
*target
= get_current_target(CMD_CTX
);
860 struct arm920t_common
*arm920t
= target_to_arm920(target
);
861 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
862 struct arm
*arm
= &arm7_9
->arm
;
864 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
866 uint32_t *regs_p
[16];
867 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
870 int segment
, index_t
;
873 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
874 if (retval
!= ERROR_OK
)
878 return ERROR_COMMAND_SYNTAX_ERROR
;
880 output
= fopen(CMD_ARGV
[0], "w");
881 if (output
== NULL
) {
882 LOG_DEBUG("error opening cache content file");
886 for (i
= 0; i
< 16; i
++)
887 regs_p
[i
] = ®s
[i
];
889 /* disable MMU and Caches */
890 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
891 retval
= jtag_execute_queue();
892 if (retval
!= ERROR_OK
)
894 cp15_ctrl_saved
= cp15_ctrl
;
895 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
896 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
897 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
899 /* read CP15 test state register */
900 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
901 jtag_execute_queue();
903 /* read DCache content */
904 fprintf(output
, "DCache:\n");
906 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
908 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
910 fprintf(output
, "\nsegment: %i\n----------", segment
);
912 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
913 regs
[0] = 0x0 | (segment
<< 5);
914 arm9tdmi_write_core_regs(target
, 0x1, regs
);
916 /* set interpret mode */
918 arm920t_write_cp15_physical(target
,
919 CP15PHYS_TESTSTATE
, cp15c15
);
921 /* D CAM Read, loads current victim into C15.C.D.Ind */
922 arm920t_execute_cp15(target
,
923 ARMV4_5_MCR(15, 2, 0, 15, 6, 2), ARMV4_5_LDR(1, 0));
925 /* read current victim */
926 arm920t_read_cp15_physical(target
,
927 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
929 /* clear interpret mode */
931 arm920t_write_cp15_physical(target
,
932 CP15PHYS_TESTSTATE
, cp15c15
);
934 for (index_t
= 0; index_t
< 64; index_t
++) {
936 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
938 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
939 arm9tdmi_write_core_regs(target
, 0x1, regs
);
941 /* set interpret mode */
943 arm920t_write_cp15_physical(target
,
944 CP15PHYS_TESTSTATE
, cp15c15
);
946 /* Write DCache victim */
947 arm920t_execute_cp15(target
,
948 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
951 arm920t_execute_cp15(target
,
952 ARMV4_5_MCR(15, 2, 0, 15, 10, 2),
953 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
956 arm920t_execute_cp15(target
,
957 ARMV4_5_MCR(15, 2, 0, 15, 6, 2),
960 /* clear interpret mode */
962 arm920t_write_cp15_physical(target
,
963 CP15PHYS_TESTSTATE
, cp15c15
);
965 /* read D RAM and CAM content */
966 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
967 retval
= jtag_execute_queue();
968 if (retval
!= ERROR_OK
)
972 regs
[9] &= 0xfffffffe;
973 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
974 PRIx32
", content (%s):\n",
975 segment
, index_t
, regs
[9],
976 (regs
[9] & 0x10) ? "valid" : "invalid");
978 for (i
= 1; i
< 9; i
++) {
979 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
985 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
986 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
987 arm9tdmi_write_core_regs(target
, 0x1, regs
);
989 /* set interpret mode */
991 arm920t_write_cp15_physical(target
,
992 CP15PHYS_TESTSTATE
, cp15c15
);
994 /* Write DCache victim */
995 arm920t_execute_cp15(target
,
996 ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));
998 /* clear interpret mode */
1000 arm920t_write_cp15_physical(target
,
1001 CP15PHYS_TESTSTATE
, cp15c15
);
1004 /* read ICache content */
1005 fprintf(output
, "ICache:\n");
1007 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1009 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1011 fprintf(output
, "segment: %i\n----------", segment
);
1013 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1014 regs
[0] = 0x0 | (segment
<< 5);
1015 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1017 /* set interpret mode */
1019 arm920t_write_cp15_physical(target
,
1020 CP15PHYS_TESTSTATE
, cp15c15
);
1022 /* I CAM Read, loads current victim into C15.C.I.Ind */
1023 arm920t_execute_cp15(target
,
1024 ARMV4_5_MCR(15, 2, 0, 15, 5, 2), ARMV4_5_LDR(1, 0));
1026 /* read current victim */
1027 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1030 /* clear interpret mode */
1032 arm920t_write_cp15_physical(target
,
1033 CP15PHYS_TESTSTATE
, cp15c15
);
1035 for (index_t
= 0; index_t
< 64; index_t
++) {
1037 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1039 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1040 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1042 /* set interpret mode */
1044 arm920t_write_cp15_physical(target
,
1045 CP15PHYS_TESTSTATE
, cp15c15
);
1047 /* Write ICache victim */
1048 arm920t_execute_cp15(target
,
1049 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1052 arm920t_execute_cp15(target
,
1053 ARMV4_5_MCR(15, 2, 0, 15, 9, 2),
1054 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1057 arm920t_execute_cp15(target
,
1058 ARMV4_5_MCR(15, 2, 0, 15, 5, 2),
1061 /* clear interpret mode */
1063 arm920t_write_cp15_physical(target
,
1064 CP15PHYS_TESTSTATE
, cp15c15
);
1066 /* read I RAM and CAM content */
1067 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1068 retval
= jtag_execute_queue();
1069 if (retval
!= ERROR_OK
)
1073 regs
[9] &= 0xfffffffe;
1074 fprintf(output
, "\nsegment: %i, index: %i, "
1075 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1076 segment
, index_t
, regs
[9],
1077 (regs
[9] & 0x10) ? "valid" : "invalid");
1079 for (i
= 1; i
< 9; i
++) {
1080 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1085 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1086 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1087 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1089 /* set interpret mode */
1091 arm920t_write_cp15_physical(target
,
1092 CP15PHYS_TESTSTATE
, cp15c15
);
1094 /* Write ICache victim */
1095 arm920t_execute_cp15(target
,
1096 ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));
1098 /* clear interpret mode */
1100 arm920t_write_cp15_physical(target
,
1101 CP15PHYS_TESTSTATE
, cp15c15
);
1104 /* restore CP15 MMU and Cache settings */
1105 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1107 command_print(CMD_CTX
, "cache content successfully output to %s",
1112 if (!is_arm_mode(arm
->core_mode
)) {
1113 LOG_ERROR("not a valid arm core mode - communication failure?");
1117 /* force writeback of the valid data */
1118 r
= arm
->core_cache
->reg_list
;
1119 r
[0].dirty
= r
[0].valid
;
1120 r
[1].dirty
= r
[1].valid
;
1121 r
[2].dirty
= r
[2].valid
;
1122 r
[3].dirty
= r
[3].valid
;
1123 r
[4].dirty
= r
[4].valid
;
1124 r
[5].dirty
= r
[5].valid
;
1125 r
[6].dirty
= r
[6].valid
;
1126 r
[7].dirty
= r
[7].valid
;
1128 r
= arm_reg_current(arm
, 8);
1129 r
->dirty
= r
->valid
;
1131 r
= arm_reg_current(arm
, 9);
1132 r
->dirty
= r
->valid
;
1137 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1139 int retval
= ERROR_OK
;
1140 struct target
*target
= get_current_target(CMD_CTX
);
1141 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1142 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1143 struct arm
*arm
= &arm7_9
->arm
;
1145 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1147 uint32_t *regs_p
[16];
1150 uint32_t Dlockdown
, Ilockdown
;
1151 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1155 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1156 if (retval
!= ERROR_OK
)
1160 return ERROR_COMMAND_SYNTAX_ERROR
;
1162 output
= fopen(CMD_ARGV
[0], "w");
1163 if (output
== NULL
) {
1164 LOG_DEBUG("error opening mmu content file");
1168 for (i
= 0; i
< 16; i
++)
1169 regs_p
[i
] = ®s
[i
];
1171 /* disable MMU and Caches */
1172 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1173 retval
= jtag_execute_queue();
1174 if (retval
!= ERROR_OK
)
1176 cp15_ctrl_saved
= cp15_ctrl
;
1177 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1178 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1179 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1181 /* read CP15 test state register */
1182 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1183 retval
= jtag_execute_queue();
1184 if (retval
!= ERROR_OK
)
1187 /* prepare reading D TLB content
1190 /* set interpret mode */
1192 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1194 /* Read D TLB lockdown */
1195 arm920t_execute_cp15(target
,
1196 ARMV4_5_MRC(15, 0, 0, 10, 0, 0), ARMV4_5_LDR(1, 0));
1198 /* clear interpret mode */
1200 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1202 /* read D TLB lockdown stored to r1 */
1203 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1204 retval
= jtag_execute_queue();
1205 if (retval
!= ERROR_OK
)
1207 Dlockdown
= regs
[1];
1209 for (victim
= 0; victim
< 64; victim
+= 8) {
1210 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1211 * base remains unchanged, victim goes through entries 0 to 63
1213 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1214 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1216 /* set interpret mode */
1218 arm920t_write_cp15_physical(target
,
1219 CP15PHYS_TESTSTATE
, cp15c15
);
1221 /* Write D TLB lockdown */
1222 arm920t_execute_cp15(target
,
1223 ARMV4_5_MCR(15, 0, 0, 10, 0, 0),
1226 /* Read D TLB CAM */
1227 arm920t_execute_cp15(target
,
1228 ARMV4_5_MCR(15, 4, 0, 15, 6, 4),
1229 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1231 /* clear interpret mode */
1233 arm920t_write_cp15_physical(target
,
1234 CP15PHYS_TESTSTATE
, cp15c15
);
1236 /* read D TLB CAM content stored to r2-r9 */
1237 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1238 retval
= jtag_execute_queue();
1239 if (retval
!= ERROR_OK
)
1242 for (i
= 0; i
< 8; i
++)
1243 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1246 for (victim
= 0; victim
< 64; victim
++) {
1247 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1248 * base remains unchanged, victim goes through entries 0 to 63
1250 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1251 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1253 /* set interpret mode */
1255 arm920t_write_cp15_physical(target
,
1256 CP15PHYS_TESTSTATE
, cp15c15
);
1258 /* Write D TLB lockdown */
1259 arm920t_execute_cp15(target
,
1260 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1262 /* Read D TLB RAM1 */
1263 arm920t_execute_cp15(target
,
1264 ARMV4_5_MCR(15, 4, 0, 15, 10, 4), ARMV4_5_LDR(2, 0));
1266 /* Read D TLB RAM2 */
1267 arm920t_execute_cp15(target
,
1268 ARMV4_5_MCR(15, 4, 0, 15, 2, 5), ARMV4_5_LDR(3, 0));
1270 /* clear interpret mode */
1272 arm920t_write_cp15_physical(target
,
1273 CP15PHYS_TESTSTATE
, cp15c15
);
1275 /* read D TLB RAM content stored to r2 and r3 */
1276 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1277 retval
= jtag_execute_queue();
1278 if (retval
!= ERROR_OK
)
1281 d_tlb
[victim
].ram1
= regs
[2];
1282 d_tlb
[victim
].ram2
= regs
[3];
1285 /* restore D TLB lockdown */
1286 regs
[1] = Dlockdown
;
1287 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1289 /* Write D TLB lockdown */
1290 arm920t_execute_cp15(target
,
1291 ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));
1293 /* prepare reading I TLB content
1296 /* set interpret mode */
1298 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1300 /* Read I TLB lockdown */
1301 arm920t_execute_cp15(target
,
1302 ARMV4_5_MRC(15, 0, 0, 10, 0, 1), ARMV4_5_LDR(1, 0));
1304 /* clear interpret mode */
1306 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1308 /* read I TLB lockdown stored to r1 */
1309 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1310 retval
= jtag_execute_queue();
1311 if (retval
!= ERROR_OK
)
1313 Ilockdown
= regs
[1];
1315 for (victim
= 0; victim
< 64; victim
+= 8) {
1316 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1317 * base remains unchanged, victim goes through entries 0 to 63
1319 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1320 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1322 /* set interpret mode */
1324 arm920t_write_cp15_physical(target
,
1325 CP15PHYS_TESTSTATE
, cp15c15
);
1327 /* Write I TLB lockdown */
1328 arm920t_execute_cp15(target
,
1329 ARMV4_5_MCR(15, 0, 0, 10, 0, 1),
1332 /* Read I TLB CAM */
1333 arm920t_execute_cp15(target
,
1334 ARMV4_5_MCR(15, 4, 0, 15, 5, 4),
1335 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1337 /* clear interpret mode */
1339 arm920t_write_cp15_physical(target
,
1340 CP15PHYS_TESTSTATE
, cp15c15
);
1342 /* read I TLB CAM content stored to r2-r9 */
1343 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1344 retval
= jtag_execute_queue();
1345 if (retval
!= ERROR_OK
)
1348 for (i
= 0; i
< 8; i
++)
1349 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1352 for (victim
= 0; victim
< 64; victim
++) {
1353 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1354 * base remains unchanged, victim goes through entries 0 to 63
1356 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1357 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1359 /* set interpret mode */
1361 arm920t_write_cp15_physical(target
,
1362 CP15PHYS_TESTSTATE
, cp15c15
);
1364 /* Write I TLB lockdown */
1365 arm920t_execute_cp15(target
,
1366 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1368 /* Read I TLB RAM1 */
1369 arm920t_execute_cp15(target
,
1370 ARMV4_5_MCR(15, 4, 0, 15, 9, 4), ARMV4_5_LDR(2, 0));
1372 /* Read I TLB RAM2 */
1373 arm920t_execute_cp15(target
,
1374 ARMV4_5_MCR(15, 4, 0, 15, 1, 5), ARMV4_5_LDR(3, 0));
1376 /* clear interpret mode */
1378 arm920t_write_cp15_physical(target
,
1379 CP15PHYS_TESTSTATE
, cp15c15
);
1381 /* read I TLB RAM content stored to r2 and r3 */
1382 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1383 retval
= jtag_execute_queue();
1384 if (retval
!= ERROR_OK
)
1387 i_tlb
[victim
].ram1
= regs
[2];
1388 i_tlb
[victim
].ram2
= regs
[3];
1391 /* restore I TLB lockdown */
1392 regs
[1] = Ilockdown
;
1393 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1395 /* Write I TLB lockdown */
1396 arm920t_execute_cp15(target
,
1397 ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));
1399 /* restore CP15 MMU and Cache settings */
1400 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1402 /* output data to file */
1403 fprintf(output
, "D TLB content:\n");
1404 for (i
= 0; i
< 64; i
++) {
1405 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1406 " 0x%8.8" PRIx32
" %s\n",
1407 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1408 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1411 fprintf(output
, "\n\nI TLB content:\n");
1412 for (i
= 0; i
< 64; i
++) {
1413 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1414 " 0x%8.8" PRIx32
" %s\n",
1415 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1416 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1419 command_print(CMD_CTX
, "mmu content successfully output to %s",
1424 if (!is_arm_mode(arm
->core_mode
)) {
1425 LOG_ERROR("not a valid arm core mode - communication failure?");
1429 /* force writeback of the valid data */
1430 r
= arm
->core_cache
->reg_list
;
1431 r
[0].dirty
= r
[0].valid
;
1432 r
[1].dirty
= r
[1].valid
;
1433 r
[2].dirty
= r
[2].valid
;
1434 r
[3].dirty
= r
[3].valid
;
1435 r
[4].dirty
= r
[4].valid
;
1436 r
[5].dirty
= r
[5].valid
;
1437 r
[6].dirty
= r
[6].valid
;
1438 r
[7].dirty
= r
[7].valid
;
1440 r
= arm_reg_current(arm
, 8);
1441 r
->dirty
= r
->valid
;
1443 r
= arm_reg_current(arm
, 9);
1444 r
->dirty
= r
->valid
;
1449 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1452 struct target
*target
= get_current_target(CMD_CTX
);
1453 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1455 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1456 if (retval
!= ERROR_OK
)
1459 if (target
->state
!= TARGET_HALTED
) {
1460 command_print(CMD_CTX
, "target must be stopped for "
1461 "\"%s\" command", CMD_NAME
);
1465 /* one argument, read a register.
1466 * two arguments, write it.
1468 if (CMD_ARGC
>= 1) {
1470 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1472 if (CMD_ARGC
== 1) {
1474 retval
= arm920t_read_cp15_physical(target
, address
, &value
);
1475 if (retval
!= ERROR_OK
) {
1476 command_print(CMD_CTX
,
1477 "couldn't access reg %i", address
);
1480 retval
= jtag_execute_queue();
1481 if (retval
!= ERROR_OK
)
1484 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1486 } else if (CMD_ARGC
== 2) {
1488 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1489 retval
= arm920t_write_cp15_physical(target
,
1491 if (retval
!= ERROR_OK
) {
1492 command_print(CMD_CTX
,
1493 "couldn't access reg %i", address
);
1494 /* REVISIT why lie? "return retval"? */
1497 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1505 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1508 struct target
*target
= get_current_target(CMD_CTX
);
1509 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1511 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1512 if (retval
!= ERROR_OK
)
1516 if (target
->state
!= TARGET_HALTED
) {
1517 command_print(CMD_CTX
, "target must be stopped for "
1518 "\"%s\" command", CMD_NAME
);
1522 /* one argument, read a register.
1523 * two arguments, write it.
1525 if (CMD_ARGC
>= 1) {
1527 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1529 if (CMD_ARGC
== 1) {
1531 retval
= arm920t_read_cp15_interpreted(target
,
1532 opcode
, 0x0, &value
);
1533 if (retval
!= ERROR_OK
) {
1534 command_print(CMD_CTX
,
1535 "couldn't execute %8.8" PRIx32
,
1537 /* REVISIT why lie? "return retval"? */
1541 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1543 } else if (CMD_ARGC
== 2) {
1545 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1546 retval
= arm920t_write_cp15_interpreted(target
,
1548 if (retval
!= ERROR_OK
) {
1549 command_print(CMD_CTX
,
1550 "couldn't execute %8.8" PRIx32
,
1552 /* REVISIT why lie? "return retval"? */
1555 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1557 } else if (CMD_ARGC
== 3) {
1559 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1561 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1562 retval
= arm920t_write_cp15_interpreted(target
,
1563 opcode
, value
, address
);
1564 if (retval
!= ERROR_OK
) {
1565 command_print(CMD_CTX
,
1566 "couldn't execute %8.8" PRIx32
, opcode
);
1567 /* REVISIT why lie? "return retval"? */
1570 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1571 " %8.8" PRIx32
, opcode
, value
, address
);
1574 return ERROR_COMMAND_SYNTAX_ERROR
;
1579 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1582 struct target
*target
= get_current_target(CMD_CTX
);
1583 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1585 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1586 if (retval
!= ERROR_OK
)
1589 return armv4_5_handle_cache_info_command(CMD_CTX
,
1590 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1594 static int arm920t_mrc(struct target
*target
, int cpnum
,
1595 uint32_t op1
, uint32_t op2
,
1596 uint32_t CRn
, uint32_t CRm
,
1600 LOG_ERROR("Only cp15 is supported");
1605 return arm920t_read_cp15_interpreted(target
,
1606 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1610 static int arm920t_mcr(struct target
*target
, int cpnum
,
1611 uint32_t op1
, uint32_t op2
,
1612 uint32_t CRn
, uint32_t CRm
,
1616 LOG_ERROR("Only cp15 is supported");
1620 /* write "from" r0 */
1621 return arm920t_write_cp15_interpreted(target
,
1622 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1626 static const struct command_registration arm920t_exec_command_handlers
[] = {
1629 .handler
= arm920t_handle_cp15_command
,
1630 .mode
= COMMAND_EXEC
,
1631 .help
= "display/modify cp15 register",
1632 .usage
= "regnum [value]",
1636 .handler
= arm920t_handle_cp15i_command
,
1637 .mode
= COMMAND_EXEC
,
1638 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1639 .help
= "display/modify cp15 register using ARM opcode"
1641 .usage
= "instruction [value [address]]",
1644 .name
= "cache_info",
1645 .handler
= arm920t_handle_cache_info_command
,
1646 .mode
= COMMAND_EXEC
,
1648 .help
= "display information about target caches",
1651 .name
= "read_cache",
1652 .handler
= arm920t_handle_read_cache_command
,
1653 .mode
= COMMAND_EXEC
,
1654 .help
= "dump I/D cache content to file",
1655 .usage
= "filename",
1659 .handler
= arm920t_handle_read_mmu_command
,
1660 .mode
= COMMAND_EXEC
,
1661 .help
= "dump I/D mmu content to file",
1662 .usage
= "filename",
1664 COMMAND_REGISTRATION_DONE
1666 const struct command_registration arm920t_command_handlers
[] = {
1668 .chain
= arm9tdmi_command_handlers
,
1672 .mode
= COMMAND_ANY
,
1673 .help
= "arm920t command group",
1675 .chain
= arm920t_exec_command_handlers
,
1677 COMMAND_REGISTRATION_DONE
1680 /** Holds methods for ARM920 targets. */
1681 struct target_type arm920t_target
= {
1684 .poll
= arm7_9_poll
,
1685 .arch_state
= arm920t_arch_state
,
1687 .target_request_data
= arm7_9_target_request_data
,
1689 .halt
= arm7_9_halt
,
1690 .resume
= arm7_9_resume
,
1691 .step
= arm7_9_step
,
1693 .assert_reset
= arm7_9_assert_reset
,
1694 .deassert_reset
= arm7_9_deassert_reset
,
1695 .soft_reset_halt
= arm920t_soft_reset_halt
,
1697 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1699 .read_memory
= arm920t_read_memory
,
1700 .write_memory
= arm920t_write_memory
,
1701 .read_phys_memory
= arm920t_read_phys_memory
,
1702 .write_phys_memory
= arm920t_write_phys_memory
,
1704 .virt2phys
= arm920_virt2phys
,
1706 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1708 .checksum_memory
= arm_checksum_memory
,
1709 .blank_check_memory
= arm_blank_check_memory
,
1711 .run_algorithm
= armv4_5_run_algorithm
,
1713 .add_breakpoint
= arm7_9_add_breakpoint
,
1714 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1715 .add_watchpoint
= arm7_9_add_watchpoint
,
1716 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1718 .commands
= arm920t_command_handlers
,
1719 .target_create
= arm920t_target_create
,
1720 .init_target
= arm9tdmi_init_target
,
1721 .examine
= arm7_9_examine
,
1722 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)