2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
26 #include <helper/time_support.h>
27 #include "target_type.h"
29 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target
*target
,
84 int reg_addr
, uint32_t *value
)
86 struct arm920t_common
*arm920t
= target_to_arm920(target
);
87 struct arm_jtag
*jtag_info
;
88 struct scan_field fields
[4];
89 uint8_t access_type_buf
= 1;
90 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
94 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
96 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
97 if (retval
!= ERROR_OK
)
99 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
100 if (retval
!= ERROR_OK
)
103 fields
[0].num_bits
= 1;
104 fields
[0].out_value
= &access_type_buf
;
105 fields
[0].in_value
= NULL
;
107 fields
[1].num_bits
= 32;
108 fields
[1].out_value
= NULL
;
109 fields
[1].in_value
= NULL
;
111 fields
[2].num_bits
= 6;
112 fields
[2].out_value
= ®_addr_buf
;
113 fields
[2].in_value
= NULL
;
115 fields
[3].num_bits
= 1;
116 fields
[3].out_value
= &nr_w_buf
;
117 fields
[3].in_value
= NULL
;
119 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
121 fields
[1].in_value
= (uint8_t *)value
;
123 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
125 jtag_add_callback(arm_le_to_h_u32
, (jtag_callback_data_t
)value
);
127 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
128 jtag_execute_queue();
129 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, *value
);
135 static int arm920t_write_cp15_physical(struct target
*target
,
136 int reg_addr
, uint32_t value
)
138 struct arm920t_common
*arm920t
= target_to_arm920(target
);
139 struct arm_jtag
*jtag_info
;
140 struct scan_field fields
[4];
141 uint8_t access_type_buf
= 1;
142 uint8_t reg_addr_buf
= reg_addr
& 0x3f;
143 uint8_t nr_w_buf
= 1;
144 uint8_t value_buf
[4];
147 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
149 buf_set_u32(value_buf
, 0, 32, value
);
151 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
152 if (retval
!= ERROR_OK
)
154 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
155 if (retval
!= ERROR_OK
)
158 fields
[0].num_bits
= 1;
159 fields
[0].out_value
= &access_type_buf
;
160 fields
[0].in_value
= NULL
;
162 fields
[1].num_bits
= 32;
163 fields
[1].out_value
= value_buf
;
164 fields
[1].in_value
= NULL
;
166 fields
[2].num_bits
= 6;
167 fields
[2].out_value
= ®_addr_buf
;
168 fields
[2].in_value
= NULL
;
170 fields
[3].num_bits
= 1;
171 fields
[3].out_value
= &nr_w_buf
;
172 fields
[3].in_value
= NULL
;
174 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
176 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
177 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr
, value
);
183 /* See table 9-10 for scan chain 15 format during interpreted access mode.
184 * If the TESTSTATE register is set for interpreted access, certain CP15
185 * MRC and MCR instructions may be executed through scan chain 15.
187 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
188 * executed using scan chain 15 interpreted mode.
190 static int arm920t_execute_cp15(struct target
*target
, uint32_t cp15_opcode
,
194 struct arm920t_common
*arm920t
= target_to_arm920(target
);
195 struct arm_jtag
*jtag_info
;
196 struct scan_field fields
[4];
197 uint8_t access_type_buf
= 0; /* interpreted access */
198 uint8_t reg_addr_buf
= 0x0;
199 uint8_t nr_w_buf
= 0;
200 uint8_t cp15_opcode_buf
[4];
202 jtag_info
= &arm920t
->arm7_9_common
.jtag_info
;
204 retval
= arm_jtag_scann(jtag_info
, 0xf, TAP_IDLE
);
205 if (retval
!= ERROR_OK
)
207 retval
= arm_jtag_set_instr(jtag_info
, jtag_info
->intest_instr
, NULL
, TAP_IDLE
);
208 if (retval
!= ERROR_OK
)
211 buf_set_u32(cp15_opcode_buf
, 0, 32, cp15_opcode
);
213 fields
[0].num_bits
= 1;
214 fields
[0].out_value
= &access_type_buf
;
215 fields
[0].in_value
= NULL
;
217 fields
[1].num_bits
= 32;
218 fields
[1].out_value
= cp15_opcode_buf
;
219 fields
[1].in_value
= NULL
;
221 fields
[2].num_bits
= 6;
222 fields
[2].out_value
= ®_addr_buf
;
223 fields
[2].in_value
= NULL
;
225 fields
[3].num_bits
= 1;
226 fields
[3].out_value
= &nr_w_buf
;
227 fields
[3].in_value
= NULL
;
229 jtag_add_dr_scan(jtag_info
->tap
, 4, fields
, TAP_IDLE
);
231 arm9tdmi_clock_out(jtag_info
, arm_opcode
, 0, NULL
, 0);
232 arm9tdmi_clock_out(jtag_info
, ARMV4_5_NOP
, 0, NULL
, 1);
233 retval
= arm7_9_execute_sys_speed(target
);
234 if (retval
!= ERROR_OK
)
237 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
239 LOG_ERROR("failed executing JTAG queue");
246 static int arm920t_read_cp15_interpreted(struct target
*target
,
247 uint32_t cp15_opcode
, uint32_t address
, uint32_t *value
)
249 struct arm
*armv4_5
= target_to_arm(target
);
252 uint32_t cp15c15
= 0x0;
253 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
255 /* load address into R1 */
257 arm9tdmi_write_core_regs(target
, 0x2, regs
);
259 /* read-modify-write CP15 test state register
260 * to enable interpreted access mode */
261 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
262 jtag_execute_queue();
263 cp15c15
|= 1; /* set interpret mode */
264 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
266 /* execute CP15 instruction and ARM load (reading from coprocessor) */
267 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_LDR(0, 1));
269 /* disable interpreted access mode */
270 cp15c15
&= ~1U; /* clear interpret mode */
271 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
273 /* retrieve value from R0 */
275 arm9tdmi_read_core_regs(target
, 0x1, regs_p
);
276 jtag_execute_queue();
278 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
279 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
280 cp15_opcode
, address
, *value
);
283 if (!is_arm_mode(armv4_5
->core_mode
))
293 int arm920t_write_cp15_interpreted(struct target
*target
,
294 uint32_t cp15_opcode
, uint32_t value
, uint32_t address
)
296 uint32_t cp15c15
= 0x0;
297 struct arm
*armv4_5
= target_to_arm(target
);
299 struct reg
*r
= armv4_5
->core_cache
->reg_list
;
301 /* load value, address into R0, R1 */
304 arm9tdmi_write_core_regs(target
, 0x3, regs
);
306 /* read-modify-write CP15 test state register
307 * to enable interpreted access mode */
308 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
309 jtag_execute_queue();
310 cp15c15
|= 1; /* set interpret mode */
311 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
313 /* execute CP15 instruction and ARM store (writing to coprocessor) */
314 arm920t_execute_cp15(target
, cp15_opcode
, ARMV4_5_STR(0, 1));
316 /* disable interpreted access mode */
317 cp15c15
&= ~1U; /* set interpret mode */
318 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
320 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
321 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
322 cp15_opcode
, value
, address
);
325 if (!is_arm_mode(armv4_5
->core_mode
))
335 int arm920t_get_ttb(struct target
*target
, uint32_t *result
)
340 if ((retval
= arm920t_read_cp15_interpreted(target
,
341 /* FIXME use opcode macro */
342 0xeebf0f51, 0x0, &ttb
)) != ERROR_OK
)
350 int arm920t_disable_mmu_caches(struct target
*target
, int mmu
,
351 int d_u_cache
, int i_cache
)
353 uint32_t cp15_control
;
356 /* read cp15 control register */
357 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
358 if (retval
!= ERROR_OK
)
360 retval
= jtag_execute_queue();
361 if (retval
!= ERROR_OK
)
365 cp15_control
&= ~0x1U
;
368 cp15_control
&= ~0x4U
;
371 cp15_control
&= ~0x1000U
;
373 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
378 int arm920t_enable_mmu_caches(struct target
*target
, int mmu
,
379 int d_u_cache
, int i_cache
)
381 uint32_t cp15_control
;
384 /* read cp15 control register */
385 retval
= arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_control
);
386 if (retval
!= ERROR_OK
)
388 retval
= jtag_execute_queue();
389 if (retval
!= ERROR_OK
)
393 cp15_control
|= 0x1U
;
396 cp15_control
|= 0x4U
;
399 cp15_control
|= 0x1000U
;
401 retval
= arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_control
);
406 int arm920t_post_debug_entry(struct target
*target
)
409 struct arm920t_common
*arm920t
= target_to_arm920(target
);
412 /* examine cp15 control reg */
413 retval
= arm920t_read_cp15_physical(target
,
414 CP15PHYS_CTRL
, &arm920t
->cp15_control_reg
);
415 if (retval
!= ERROR_OK
)
417 retval
= jtag_execute_queue();
418 if (retval
!= ERROR_OK
)
420 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32
, arm920t
->cp15_control_reg
);
422 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
== -1)
424 uint32_t cache_type_reg
;
425 /* identify caches */
426 retval
= arm920t_read_cp15_physical(target
,
427 CP15PHYS_CACHETYPE
, &cache_type_reg
);
428 if (retval
!= ERROR_OK
)
430 retval
= jtag_execute_queue();
431 if (retval
!= ERROR_OK
)
433 armv4_5_identify_cache(cache_type_reg
,
434 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
437 arm920t
->armv4_5_mmu
.mmu_enabled
=
438 (arm920t
->cp15_control_reg
& 0x1U
) ? 1 : 0;
439 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
=
440 (arm920t
->cp15_control_reg
& 0x4U
) ? 1 : 0;
441 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
=
442 (arm920t
->cp15_control_reg
& 0x1000U
) ? 1 : 0;
444 /* save i/d fault status and address register */
445 /* FIXME use opcode macros */
446 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f10, 0x0, &arm920t
->d_fsr
);
447 if (retval
!= ERROR_OK
)
449 retval
= arm920t_read_cp15_interpreted(target
, 0xee150f30, 0x0, &arm920t
->i_fsr
);
450 if (retval
!= ERROR_OK
)
452 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f10, 0x0, &arm920t
->d_far
);
453 if (retval
!= ERROR_OK
)
455 retval
= arm920t_read_cp15_interpreted(target
, 0xee160f30, 0x0, &arm920t
->i_far
);
456 if (retval
!= ERROR_OK
)
459 LOG_DEBUG("D FSR: 0x%8.8" PRIx32
", D FAR: 0x%8.8" PRIx32
460 ", I FSR: 0x%8.8" PRIx32
", I FAR: 0x%8.8" PRIx32
,
461 arm920t
->d_fsr
, arm920t
->d_far
, arm920t
->i_fsr
, arm920t
->i_far
);
463 if (arm920t
->preserve_cache
)
465 /* read-modify-write CP15 test state register
466 * to disable I/D-cache linefills */
467 retval
= arm920t_read_cp15_physical(target
,
468 CP15PHYS_TESTSTATE
, &cp15c15
);
469 if (retval
!= ERROR_OK
)
471 retval
= jtag_execute_queue();
472 if (retval
!= ERROR_OK
)
475 retval
= arm920t_write_cp15_physical(target
,
476 CP15PHYS_TESTSTATE
, cp15c15
);
477 if (retval
!= ERROR_OK
)
484 void arm920t_pre_restore_context(struct target
*target
)
487 struct arm920t_common
*arm920t
= target_to_arm920(target
);
489 /* restore i/d fault status and address register */
490 arm920t_write_cp15_interpreted(target
, 0xee050f10, arm920t
->d_fsr
, 0x0);
491 arm920t_write_cp15_interpreted(target
, 0xee050f30, arm920t
->i_fsr
, 0x0);
492 arm920t_write_cp15_interpreted(target
, 0xee060f10, arm920t
->d_far
, 0x0);
493 arm920t_write_cp15_interpreted(target
, 0xee060f30, arm920t
->i_far
, 0x0);
495 /* read-modify-write CP15 test state register
496 * to reenable I/D-cache linefills */
497 if (arm920t
->preserve_cache
)
499 arm920t_read_cp15_physical(target
,
500 CP15PHYS_TESTSTATE
, &cp15c15
);
501 jtag_execute_queue();
503 arm920t_write_cp15_physical(target
,
504 CP15PHYS_TESTSTATE
, cp15c15
);
508 static const char arm920_not
[] = "target is not an ARM920";
510 static int arm920t_verify_pointer(struct command_context
*cmd_ctx
,
511 struct arm920t_common
*arm920t
)
513 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
) {
514 command_print(cmd_ctx
, arm920_not
);
515 return ERROR_TARGET_INVALID
;
521 /** Logs summary of ARM920 state for a halted target. */
522 int arm920t_arch_state(struct target
*target
)
524 static const char *state
[] =
526 "disabled", "enabled"
529 struct arm920t_common
*arm920t
= target_to_arm920(target
);
532 if (arm920t
->common_magic
!= ARM920T_COMMON_MAGIC
)
534 LOG_ERROR("BUG: %s", arm920_not
);
535 return ERROR_TARGET_INVALID
;
538 armv4_5
= &arm920t
->arm7_9_common
.armv4_5_common
;
540 arm_arch_state(target
);
541 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
542 state
[arm920t
->armv4_5_mmu
.mmu_enabled
],
543 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
],
544 state
[arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
]);
549 static int arm920_mmu(struct target
*target
, int *enabled
)
551 if (target
->state
!= TARGET_HALTED
) {
552 LOG_ERROR("%s: target not halted", __func__
);
553 return ERROR_TARGET_INVALID
;
556 *enabled
= target_to_arm920(target
)->armv4_5_mmu
.mmu_enabled
;
560 static int arm920_virt2phys(struct target
*target
,
561 uint32_t virt
, uint32_t *phys
)
564 struct arm920t_common
*arm920t
= target_to_arm920(target
);
567 int retval
= armv4_5_mmu_translate_va(target
,
568 &arm920t
->armv4_5_mmu
, virt
, &cb
, &ret
);
569 if (retval
!= ERROR_OK
)
575 /** Reads a buffer, in the specified word size, with current MMU settings. */
576 int arm920t_read_memory(struct target
*target
, uint32_t address
,
577 uint32_t size
, uint32_t count
, uint8_t *buffer
)
581 retval
= arm7_9_read_memory(target
, address
, size
, count
, buffer
);
587 static int arm920t_read_phys_memory(struct target
*target
,
588 uint32_t address
, uint32_t size
,
589 uint32_t count
, uint8_t *buffer
)
591 struct arm920t_common
*arm920t
= target_to_arm920(target
);
593 return armv4_5_mmu_read_physical(target
, &arm920t
->armv4_5_mmu
,
594 address
, size
, count
, buffer
);
597 static int arm920t_write_phys_memory(struct target
*target
,
598 uint32_t address
, uint32_t size
,
599 uint32_t count
, uint8_t *buffer
)
601 struct arm920t_common
*arm920t
= target_to_arm920(target
);
603 return armv4_5_mmu_write_physical(target
, &arm920t
->armv4_5_mmu
,
604 address
, size
, count
, buffer
);
608 /** Writes a buffer, in the specified word size, with current MMU settings. */
609 int arm920t_write_memory(struct target
*target
, uint32_t address
,
610 uint32_t size
, uint32_t count
, uint8_t *buffer
)
613 const uint32_t cache_mask
= ~0x1f; /* cache line size : 32 byte */
614 struct arm920t_common
*arm920t
= target_to_arm920(target
);
616 /* FIX!!!! this should be cleaned up and made much more general. The
617 * plan is to write up and test on arm920t specifically and
618 * then generalize and clean up afterwards.
620 * Also it should be moved to the callbacks that handle breakpoints
621 * specifically and not the generic memory write fn's. See XScale code.
623 if (arm920t
->armv4_5_mmu
.mmu_enabled
&& (count
== 1) &&
624 ((size
==2) || (size
==4)))
626 /* special case the handling of single word writes to
627 * bypass MMU, to allow implementation of breakpoints
628 * in memory marked read only
635 * We need physical address and cb
637 retval
= armv4_5_mmu_translate_va(target
, &arm920t
->armv4_5_mmu
,
639 if (retval
!= ERROR_OK
)
642 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
)
646 LOG_DEBUG("D-Cache buffered, "
647 "drain write buffer");
650 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
653 retval
= arm920t_write_cp15_interpreted(target
,
654 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
656 if (retval
!= ERROR_OK
)
663 * Write back memory ? -> clean cache
665 * There is no way to clean cache lines using
666 * cp15 scan chain, so copy the full cache
667 * line from cache to physical memory.
671 LOG_DEBUG("D-Cache in 'write back' mode, "
674 retval
= target_read_memory(target
,
675 address
& cache_mask
, 1,
676 sizeof(data
), &data
[0]);
677 if (retval
!= ERROR_OK
)
680 retval
= armv4_5_mmu_write_physical(target
,
681 &arm920t
->armv4_5_mmu
,
683 sizeof(data
), &data
[0]);
684 if (retval
!= ERROR_OK
)
692 * Cached ? -> Invalidate data cache using MVA
694 * MCR p15,0,Rd,c7,c6,1
696 LOG_DEBUG("D-Cache enabled, "
697 "invalidate cache line");
699 retval
= arm920t_write_cp15_interpreted(target
,
700 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
701 address
& cache_mask
);
702 if (retval
!= ERROR_OK
)
707 /* write directly to physical memory,
708 * bypassing any read only MMU bits, etc.
710 retval
= armv4_5_mmu_write_physical(target
,
711 &arm920t
->armv4_5_mmu
, pa
, size
,
713 if (retval
!= ERROR_OK
)
717 if ((retval
= arm7_9_write_memory(target
, address
,
718 size
, count
, buffer
)) != ERROR_OK
)
722 /* If ICache is enabled, we have to invalidate affected ICache lines
723 * the DCache is forced to write-through,
724 * so we don't have to clean it here
726 if (arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
)
730 /* invalidate ICache single entry with MVA
731 * mcr 15, 0, r0, cr7, cr5, {1}
733 LOG_DEBUG("I-Cache enabled, "
734 "invalidating affected I-Cache line");
735 retval
= arm920t_write_cp15_interpreted(target
,
736 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
737 0x0, address
& cache_mask
);
738 if (retval
!= ERROR_OK
)
744 * mcr 15, 0, r0, cr7, cr5, {0}
746 retval
= arm920t_write_cp15_interpreted(target
,
747 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
749 if (retval
!= ERROR_OK
)
758 int arm920t_soft_reset_halt(struct target
*target
)
760 int retval
= ERROR_OK
;
761 struct arm920t_common
*arm920t
= target_to_arm920(target
);
762 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
763 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
764 struct reg
*dbg_stat
= &arm7_9
->eice_cache
->reg_list
[EICE_DBG_STAT
];
766 if ((retval
= target_halt(target
)) != ERROR_OK
)
771 long long then
= timeval_ms();
773 while (!(timeout
= ((timeval_ms()-then
) > 1000)))
775 if (buf_get_u32(dbg_stat
->value
, EICE_DBG_STATUS_DBGACK
, 1)
778 embeddedice_read_reg(dbg_stat
);
779 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
787 if (debug_level
>= 3)
789 /* do not eat all CPU, time out after 1 se*/
798 LOG_ERROR("Failed to halt CPU after 1 sec");
799 return ERROR_TARGET_TIMEOUT
;
802 target
->state
= TARGET_HALTED
;
804 /* SVC, ARM state, IRQ and FIQ disabled */
807 cpsr
= buf_get_u32(armv4_5
->cpsr
->value
, 0, 32);
810 arm_set_cpsr(armv4_5
, cpsr
);
811 armv4_5
->cpsr
->dirty
= 1;
813 /* start fetching from 0x0 */
814 buf_set_u32(armv4_5
->pc
->value
, 0, 32, 0x0);
815 armv4_5
->pc
->dirty
= 1;
816 armv4_5
->pc
->valid
= 1;
818 arm920t_disable_mmu_caches(target
, 1, 1, 1);
819 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
820 arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_cache_enabled
= 0;
821 arm920t
->armv4_5_mmu
.armv4_5_cache
.i_cache_enabled
= 0;
823 return target_call_event_callbacks(target
, TARGET_EVENT_HALTED
);
826 /* FIXME remove forward decls */
827 static int arm920t_mrc(struct target
*target
, int cpnum
,
828 uint32_t op1
, uint32_t op2
,
829 uint32_t CRn
, uint32_t CRm
,
831 static int arm920t_mcr(struct target
*target
, int cpnum
,
832 uint32_t op1
, uint32_t op2
,
833 uint32_t CRn
, uint32_t CRm
,
836 static int arm920t_init_arch_info(struct target
*target
,
837 struct arm920t_common
*arm920t
, struct jtag_tap
*tap
)
839 struct arm7_9_common
*arm7_9
= &arm920t
->arm7_9_common
;
841 arm7_9
->armv4_5_common
.mrc
= arm920t_mrc
;
842 arm7_9
->armv4_5_common
.mcr
= arm920t_mcr
;
844 /* initialize arm7/arm9 specific info (including armv4_5) */
845 arm9tdmi_init_arch_info(target
, arm7_9
, tap
);
847 arm920t
->common_magic
= ARM920T_COMMON_MAGIC
;
849 arm7_9
->post_debug_entry
= arm920t_post_debug_entry
;
850 arm7_9
->pre_restore_context
= arm920t_pre_restore_context
;
852 arm920t
->armv4_5_mmu
.armv4_5_cache
.ctype
= -1;
853 arm920t
->armv4_5_mmu
.get_ttb
= arm920t_get_ttb
;
854 arm920t
->armv4_5_mmu
.read_memory
= arm7_9_read_memory
;
855 arm920t
->armv4_5_mmu
.write_memory
= arm7_9_write_memory
;
856 arm920t
->armv4_5_mmu
.disable_mmu_caches
= arm920t_disable_mmu_caches
;
857 arm920t
->armv4_5_mmu
.enable_mmu_caches
= arm920t_enable_mmu_caches
;
858 arm920t
->armv4_5_mmu
.has_tiny_pages
= 1;
859 arm920t
->armv4_5_mmu
.mmu_enabled
= 0;
861 /* disabling linefills leads to lockups, so keep them enabled for now
862 * this doesn't affect correctness, but might affect timing issues, if
863 * important data is evicted from the cache during the debug session
865 arm920t
->preserve_cache
= 0;
867 /* override hw single-step capability from ARM9TDMI */
868 arm7_9
->has_single_step
= 1;
873 static int arm920t_target_create(struct target
*target
, Jim_Interp
*interp
)
875 struct arm920t_common
*arm920t
;
877 arm920t
= calloc(1,sizeof(struct arm920t_common
));
878 return arm920t_init_arch_info(target
, arm920t
, target
->tap
);
881 COMMAND_HANDLER(arm920t_handle_read_cache_command
)
883 int retval
= ERROR_OK
;
884 struct target
*target
= get_current_target(CMD_CTX
);
885 struct arm920t_common
*arm920t
= target_to_arm920(target
);
886 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
887 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
889 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
891 uint32_t *regs_p
[16];
892 uint32_t C15_C_D_Ind
, C15_C_I_Ind
;
895 struct arm920t_cache_line d_cache
[8][64], i_cache
[8][64];
896 int segment
, index_t
;
899 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
900 if (retval
!= ERROR_OK
)
905 command_print(CMD_CTX
, "usage: arm920t read_cache <filename>");
909 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
911 LOG_DEBUG("error opening cache content file");
915 for (i
= 0; i
< 16; i
++)
916 regs_p
[i
] = ®s
[i
];
918 /* disable MMU and Caches */
919 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
920 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
924 cp15_ctrl_saved
= cp15_ctrl
;
925 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
926 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
927 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
929 /* read CP15 test state register */
930 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
931 jtag_execute_queue();
933 /* read DCache content */
934 fprintf(output
, "DCache:\n");
936 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
938 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
941 fprintf(output
, "\nsegment: %i\n----------", segment
);
943 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
944 regs
[0] = 0x0 | (segment
<< 5);
945 arm9tdmi_write_core_regs(target
, 0x1, regs
);
947 /* set interpret mode */
949 arm920t_write_cp15_physical(target
,
950 CP15PHYS_TESTSTATE
, cp15c15
);
952 /* D CAM Read, loads current victim into C15.C.D.Ind */
953 arm920t_execute_cp15(target
,
954 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
956 /* read current victim */
957 arm920t_read_cp15_physical(target
,
958 CP15PHYS_DCACHE_IDX
, &C15_C_D_Ind
);
960 /* clear interpret mode */
962 arm920t_write_cp15_physical(target
,
963 CP15PHYS_TESTSTATE
, cp15c15
);
965 for (index_t
= 0; index_t
< 64; index_t
++)
968 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
970 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
971 arm9tdmi_write_core_regs(target
, 0x1, regs
);
973 /* set interpret mode */
975 arm920t_write_cp15_physical(target
,
976 CP15PHYS_TESTSTATE
, cp15c15
);
978 /* Write DCache victim */
979 arm920t_execute_cp15(target
,
980 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
983 arm920t_execute_cp15(target
,
984 ARMV4_5_MCR(15,2,0,15,10,2),
985 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
988 arm920t_execute_cp15(target
,
989 ARMV4_5_MCR(15,2,0,15,6,2),
992 /* clear interpret mode */
994 arm920t_write_cp15_physical(target
,
995 CP15PHYS_TESTSTATE
, cp15c15
);
997 /* read D RAM and CAM content */
998 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
999 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1004 d_cache
[segment
][index_t
].cam
= regs
[9];
1007 regs
[9] &= 0xfffffffe;
1008 fprintf(output
, "\nsegment: %i, index: %i, CAM: 0x%8.8"
1009 PRIx32
", content (%s):\n",
1010 segment
, index_t
, regs
[9],
1011 (regs
[9] & 0x10) ? "valid" : "invalid");
1013 for (i
= 1; i
< 9; i
++)
1015 d_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1016 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1022 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1023 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1024 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1026 /* set interpret mode */
1028 arm920t_write_cp15_physical(target
,
1029 CP15PHYS_TESTSTATE
, cp15c15
);
1031 /* Write DCache victim */
1032 arm920t_execute_cp15(target
,
1033 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
1035 /* clear interpret mode */
1037 arm920t_write_cp15_physical(target
,
1038 CP15PHYS_TESTSTATE
, cp15c15
);
1041 /* read ICache content */
1042 fprintf(output
, "ICache:\n");
1044 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
1046 segment
< arm920t
->armv4_5_mmu
.armv4_5_cache
.d_u_size
.nsets
;
1049 fprintf(output
, "segment: %i\n----------", segment
);
1051 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1052 regs
[0] = 0x0 | (segment
<< 5);
1053 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1055 /* set interpret mode */
1057 arm920t_write_cp15_physical(target
,
1058 CP15PHYS_TESTSTATE
, cp15c15
);
1060 /* I CAM Read, loads current victim into C15.C.I.Ind */
1061 arm920t_execute_cp15(target
,
1062 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1064 /* read current victim */
1065 arm920t_read_cp15_physical(target
, CP15PHYS_ICACHE_IDX
,
1068 /* clear interpret mode */
1070 arm920t_write_cp15_physical(target
,
1071 CP15PHYS_TESTSTATE
, cp15c15
);
1073 for (index_t
= 0; index_t
< 64; index_t
++)
1076 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1078 regs
[0] = 0x0 | (segment
<< 5) | (index_t
<< 26);
1079 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1081 /* set interpret mode */
1083 arm920t_write_cp15_physical(target
,
1084 CP15PHYS_TESTSTATE
, cp15c15
);
1086 /* Write ICache victim */
1087 arm920t_execute_cp15(target
,
1088 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1091 arm920t_execute_cp15(target
,
1092 ARMV4_5_MCR(15,2,0,15,9,2),
1093 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1096 arm920t_execute_cp15(target
,
1097 ARMV4_5_MCR(15,2,0,15,5,2),
1100 /* clear interpret mode */
1102 arm920t_write_cp15_physical(target
,
1103 CP15PHYS_TESTSTATE
, cp15c15
);
1105 /* read I RAM and CAM content */
1106 arm9tdmi_read_core_regs(target
, 0x3fe, regs_p
);
1107 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1112 i_cache
[segment
][index_t
].cam
= regs
[9];
1115 regs
[9] &= 0xfffffffe;
1116 fprintf(output
, "\nsegment: %i, index: %i, "
1117 "CAM: 0x%8.8" PRIx32
", content (%s):\n",
1118 segment
, index_t
, regs
[9],
1119 (regs
[9] & 0x10) ? "valid" : "invalid");
1121 for (i
= 1; i
< 9; i
++)
1123 i_cache
[segment
][index_t
].data
[i
] = regs
[i
];
1124 fprintf(output
, "%i: 0x%8.8" PRIx32
"\n",
1129 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1130 regs
[0] = 0x0 | (segment
<< 5) | (C15_C_D_Ind
<< 26);
1131 arm9tdmi_write_core_regs(target
, 0x1, regs
);
1133 /* set interpret mode */
1135 arm920t_write_cp15_physical(target
,
1136 CP15PHYS_TESTSTATE
, cp15c15
);
1138 /* Write ICache victim */
1139 arm920t_execute_cp15(target
,
1140 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1142 /* clear interpret mode */
1144 arm920t_write_cp15_physical(target
,
1145 CP15PHYS_TESTSTATE
, cp15c15
);
1148 /* restore CP15 MMU and Cache settings */
1149 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1151 command_print(CMD_CTX
, "cache content successfully output to %s",
1156 if (!is_arm_mode(armv4_5
->core_mode
))
1159 /* force writeback of the valid data */
1160 r
= armv4_5
->core_cache
->reg_list
;
1161 r
[0].dirty
= r
[0].valid
;
1162 r
[1].dirty
= r
[1].valid
;
1163 r
[2].dirty
= r
[2].valid
;
1164 r
[3].dirty
= r
[3].valid
;
1165 r
[4].dirty
= r
[4].valid
;
1166 r
[5].dirty
= r
[5].valid
;
1167 r
[6].dirty
= r
[6].valid
;
1168 r
[7].dirty
= r
[7].valid
;
1170 r
= arm_reg_current(armv4_5
, 8);
1171 r
->dirty
= r
->valid
;
1173 r
= arm_reg_current(armv4_5
, 9);
1174 r
->dirty
= r
->valid
;
1179 COMMAND_HANDLER(arm920t_handle_read_mmu_command
)
1181 int retval
= ERROR_OK
;
1182 struct target
*target
= get_current_target(CMD_CTX
);
1183 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1184 struct arm7_9_common
*arm7_9
= target_to_arm7_9(target
);
1185 struct arm
*armv4_5
= &arm7_9
->armv4_5_common
;
1187 uint32_t cp15_ctrl
, cp15_ctrl_saved
;
1189 uint32_t *regs_p
[16];
1192 uint32_t Dlockdown
, Ilockdown
;
1193 struct arm920t_tlb_entry d_tlb
[64], i_tlb
[64];
1197 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1198 if (retval
!= ERROR_OK
)
1203 command_print(CMD_CTX
, "usage: arm920t read_mmu <filename>");
1207 if ((output
= fopen(CMD_ARGV
[0], "w")) == NULL
)
1209 LOG_DEBUG("error opening mmu content file");
1213 for (i
= 0; i
< 16; i
++)
1214 regs_p
[i
] = ®s
[i
];
1216 /* disable MMU and Caches */
1217 arm920t_read_cp15_physical(target
, CP15PHYS_CTRL
, &cp15_ctrl
);
1218 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1222 cp15_ctrl_saved
= cp15_ctrl
;
1223 cp15_ctrl
&= ~(ARMV4_5_MMU_ENABLED
1224 | ARMV4_5_D_U_CACHE_ENABLED
| ARMV4_5_I_CACHE_ENABLED
);
1225 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl
);
1227 /* read CP15 test state register */
1228 arm920t_read_cp15_physical(target
, CP15PHYS_TESTSTATE
, &cp15c15
);
1229 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1234 /* prepare reading D TLB content
1237 /* set interpret mode */
1239 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1241 /* Read D TLB lockdown */
1242 arm920t_execute_cp15(target
,
1243 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1245 /* clear interpret mode */
1247 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1249 /* read D TLB lockdown stored to r1 */
1250 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1251 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1255 Dlockdown
= regs
[1];
1257 for (victim
= 0; victim
< 64; victim
+= 8)
1259 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1260 * base remains unchanged, victim goes through entries 0 to 63
1262 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1263 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1265 /* set interpret mode */
1267 arm920t_write_cp15_physical(target
,
1268 CP15PHYS_TESTSTATE
, cp15c15
);
1270 /* Write D TLB lockdown */
1271 arm920t_execute_cp15(target
,
1272 ARMV4_5_MCR(15,0,0,10,0,0),
1275 /* Read D TLB CAM */
1276 arm920t_execute_cp15(target
,
1277 ARMV4_5_MCR(15,4,0,15,6,4),
1278 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1280 /* clear interpret mode */
1282 arm920t_write_cp15_physical(target
,
1283 CP15PHYS_TESTSTATE
, cp15c15
);
1285 /* read D TLB CAM content stored to r2-r9 */
1286 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1287 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1292 for (i
= 0; i
< 8; i
++)
1293 d_tlb
[victim
+ i
].cam
= regs
[i
+ 2];
1296 for (victim
= 0; victim
< 64; victim
++)
1298 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1299 * base remains unchanged, victim goes through entries 0 to 63
1301 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1302 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1304 /* set interpret mode */
1306 arm920t_write_cp15_physical(target
,
1307 CP15PHYS_TESTSTATE
, cp15c15
);
1309 /* Write D TLB lockdown */
1310 arm920t_execute_cp15(target
,
1311 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1313 /* Read D TLB RAM1 */
1314 arm920t_execute_cp15(target
,
1315 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1317 /* Read D TLB RAM2 */
1318 arm920t_execute_cp15(target
,
1319 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1321 /* clear interpret mode */
1323 arm920t_write_cp15_physical(target
,
1324 CP15PHYS_TESTSTATE
, cp15c15
);
1326 /* read D TLB RAM content stored to r2 and r3 */
1327 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1328 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1333 d_tlb
[victim
].ram1
= regs
[2];
1334 d_tlb
[victim
].ram2
= regs
[3];
1337 /* restore D TLB lockdown */
1338 regs
[1] = Dlockdown
;
1339 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1341 /* Write D TLB lockdown */
1342 arm920t_execute_cp15(target
,
1343 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1345 /* prepare reading I TLB content
1348 /* set interpret mode */
1350 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1352 /* Read I TLB lockdown */
1353 arm920t_execute_cp15(target
,
1354 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1356 /* clear interpret mode */
1358 arm920t_write_cp15_physical(target
, CP15PHYS_TESTSTATE
, cp15c15
);
1360 /* read I TLB lockdown stored to r1 */
1361 arm9tdmi_read_core_regs(target
, 0x2, regs_p
);
1362 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1366 Ilockdown
= regs
[1];
1368 for (victim
= 0; victim
< 64; victim
+= 8)
1370 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1371 * base remains unchanged, victim goes through entries 0 to 63
1373 regs
[1] = (Ilockdown
& 0xfc000000) | (victim
<< 20);
1374 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1376 /* set interpret mode */
1378 arm920t_write_cp15_physical(target
,
1379 CP15PHYS_TESTSTATE
, cp15c15
);
1381 /* Write I TLB lockdown */
1382 arm920t_execute_cp15(target
,
1383 ARMV4_5_MCR(15,0,0,10,0,1),
1386 /* Read I TLB CAM */
1387 arm920t_execute_cp15(target
,
1388 ARMV4_5_MCR(15,4,0,15,5,4),
1389 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1391 /* clear interpret mode */
1393 arm920t_write_cp15_physical(target
,
1394 CP15PHYS_TESTSTATE
, cp15c15
);
1396 /* read I TLB CAM content stored to r2-r9 */
1397 arm9tdmi_read_core_regs(target
, 0x3fc, regs_p
);
1398 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1403 for (i
= 0; i
< 8; i
++)
1404 i_tlb
[i
+ victim
].cam
= regs
[i
+ 2];
1407 for (victim
= 0; victim
< 64; victim
++)
1409 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1410 * base remains unchanged, victim goes through entries 0 to 63
1412 regs
[1] = (Dlockdown
& 0xfc000000) | (victim
<< 20);
1413 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1415 /* set interpret mode */
1417 arm920t_write_cp15_physical(target
,
1418 CP15PHYS_TESTSTATE
, cp15c15
);
1420 /* Write I TLB lockdown */
1421 arm920t_execute_cp15(target
,
1422 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1424 /* Read I TLB RAM1 */
1425 arm920t_execute_cp15(target
,
1426 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1428 /* Read I TLB RAM2 */
1429 arm920t_execute_cp15(target
,
1430 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1432 /* clear interpret mode */
1434 arm920t_write_cp15_physical(target
,
1435 CP15PHYS_TESTSTATE
, cp15c15
);
1437 /* read I TLB RAM content stored to r2 and r3 */
1438 arm9tdmi_read_core_regs(target
, 0xc, regs_p
);
1439 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1444 i_tlb
[victim
].ram1
= regs
[2];
1445 i_tlb
[victim
].ram2
= regs
[3];
1448 /* restore I TLB lockdown */
1449 regs
[1] = Ilockdown
;
1450 arm9tdmi_write_core_regs(target
, 0x2, regs
);
1452 /* Write I TLB lockdown */
1453 arm920t_execute_cp15(target
,
1454 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1456 /* restore CP15 MMU and Cache settings */
1457 arm920t_write_cp15_physical(target
, CP15PHYS_CTRL
, cp15_ctrl_saved
);
1459 /* output data to file */
1460 fprintf(output
, "D TLB content:\n");
1461 for (i
= 0; i
< 64; i
++)
1463 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1464 " 0x%8.8" PRIx32
" %s\n",
1465 i
, d_tlb
[i
].cam
, d_tlb
[i
].ram1
, d_tlb
[i
].ram2
,
1466 (d_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1469 fprintf(output
, "\n\nI TLB content:\n");
1470 for (i
= 0; i
< 64; i
++)
1472 fprintf(output
, "%i: 0x%8.8" PRIx32
" 0x%8.8" PRIx32
1473 " 0x%8.8" PRIx32
" %s\n",
1474 i
, i_tlb
[i
].cam
, i_tlb
[i
].ram1
, i_tlb
[i
].ram2
,
1475 (i_tlb
[i
].cam
& 0x20) ? "(valid)" : "(invalid)");
1478 command_print(CMD_CTX
, "mmu content successfully output to %s",
1483 if (!is_arm_mode(armv4_5
->core_mode
))
1486 /* force writeback of the valid data */
1487 r
= armv4_5
->core_cache
->reg_list
;
1488 r
[0].dirty
= r
[0].valid
;
1489 r
[1].dirty
= r
[1].valid
;
1490 r
[2].dirty
= r
[2].valid
;
1491 r
[3].dirty
= r
[3].valid
;
1492 r
[4].dirty
= r
[4].valid
;
1493 r
[5].dirty
= r
[5].valid
;
1494 r
[6].dirty
= r
[6].valid
;
1495 r
[7].dirty
= r
[7].valid
;
1497 r
= arm_reg_current(armv4_5
, 8);
1498 r
->dirty
= r
->valid
;
1500 r
= arm_reg_current(armv4_5
, 9);
1501 r
->dirty
= r
->valid
;
1506 COMMAND_HANDLER(arm920t_handle_cp15_command
)
1509 struct target
*target
= get_current_target(CMD_CTX
);
1510 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1512 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1513 if (retval
!= ERROR_OK
)
1516 if (target
->state
!= TARGET_HALTED
)
1518 command_print(CMD_CTX
, "target must be stopped for "
1519 "\"%s\" command", CMD_NAME
);
1523 /* one argument, read a register.
1524 * two arguments, write it.
1529 COMMAND_PARSE_NUMBER(int, CMD_ARGV
[0], address
);
1534 if ((retval
= arm920t_read_cp15_physical(target
,
1535 address
, &value
)) != ERROR_OK
)
1537 command_print(CMD_CTX
,
1538 "couldn't access reg %i", address
);
1541 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1546 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1549 else if (CMD_ARGC
== 2)
1552 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1553 retval
= arm920t_write_cp15_physical(target
,
1555 if (retval
!= ERROR_OK
)
1557 command_print(CMD_CTX
,
1558 "couldn't access reg %i", address
);
1559 /* REVISIT why lie? "return retval"? */
1562 command_print(CMD_CTX
, "%i: %8.8" PRIx32
,
1570 COMMAND_HANDLER(arm920t_handle_cp15i_command
)
1573 struct target
*target
= get_current_target(CMD_CTX
);
1574 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1576 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1577 if (retval
!= ERROR_OK
)
1581 if (target
->state
!= TARGET_HALTED
)
1583 command_print(CMD_CTX
, "target must be stopped for "
1584 "\"%s\" command", CMD_NAME
);
1588 /* one argument, read a register.
1589 * two arguments, write it.
1594 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[0], opcode
);
1599 retval
= arm920t_read_cp15_interpreted(target
,
1600 opcode
, 0x0, &value
);
1601 if (retval
!= ERROR_OK
)
1603 command_print(CMD_CTX
,
1604 "couldn't execute %8.8" PRIx32
,
1606 /* REVISIT why lie? "return retval"? */
1610 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1613 else if (CMD_ARGC
== 2)
1616 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1617 retval
= arm920t_write_cp15_interpreted(target
,
1619 if (retval
!= ERROR_OK
)
1621 command_print(CMD_CTX
,
1622 "couldn't execute %8.8" PRIx32
,
1624 /* REVISIT why lie? "return retval"? */
1627 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
,
1630 else if (CMD_ARGC
== 3)
1633 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[1], value
);
1635 COMMAND_PARSE_NUMBER(u32
, CMD_ARGV
[2], address
);
1636 retval
= arm920t_write_cp15_interpreted(target
,
1637 opcode
, value
, address
);
1638 if (retval
!= ERROR_OK
)
1640 command_print(CMD_CTX
,
1641 "couldn't execute %8.8" PRIx32
, opcode
);
1642 /* REVISIT why lie? "return retval"? */
1645 command_print(CMD_CTX
, "%8.8" PRIx32
": %8.8" PRIx32
1646 " %8.8" PRIx32
, opcode
, value
, address
);
1651 command_print(CMD_CTX
,
1652 "usage: arm920t cp15i <opcode> [value] [address]");
1658 COMMAND_HANDLER(arm920t_handle_cache_info_command
)
1661 struct target
*target
= get_current_target(CMD_CTX
);
1662 struct arm920t_common
*arm920t
= target_to_arm920(target
);
1664 retval
= arm920t_verify_pointer(CMD_CTX
, arm920t
);
1665 if (retval
!= ERROR_OK
)
1668 return armv4_5_handle_cache_info_command(CMD_CTX
,
1669 &arm920t
->armv4_5_mmu
.armv4_5_cache
);
1673 static int arm920t_mrc(struct target
*target
, int cpnum
,
1674 uint32_t op1
, uint32_t op2
,
1675 uint32_t CRn
, uint32_t CRm
,
1680 LOG_ERROR("Only cp15 is supported");
1685 return arm920t_read_cp15_interpreted(target
,
1686 ARMV4_5_MRC(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1690 static int arm920t_mcr(struct target
*target
, int cpnum
,
1691 uint32_t op1
, uint32_t op2
,
1692 uint32_t CRn
, uint32_t CRm
,
1697 LOG_ERROR("Only cp15 is supported");
1701 /* write "from" r0 */
1702 return arm920t_write_cp15_interpreted(target
,
1703 ARMV4_5_MCR(cpnum
, op1
, 0, CRn
, CRm
, op2
),
1707 static const struct command_registration arm920t_exec_command_handlers
[] = {
1710 .handler
= arm920t_handle_cp15_command
,
1711 .mode
= COMMAND_EXEC
,
1712 .help
= "display/modify cp15 register",
1713 .usage
= "regnum [value]",
1717 .handler
= arm920t_handle_cp15i_command
,
1718 .mode
= COMMAND_EXEC
,
1719 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1720 .help
= "display/modify cp15 register using ARM opcode"
1722 .usage
= "instruction [value [address]]",
1725 .name
= "cache_info",
1726 .handler
= arm920t_handle_cache_info_command
,
1727 .mode
= COMMAND_EXEC
,
1728 .help
= "display information about target caches",
1731 .name
= "read_cache",
1732 .handler
= arm920t_handle_read_cache_command
,
1733 .mode
= COMMAND_EXEC
,
1734 .help
= "dump I/D cache content to file",
1735 .usage
= "filename",
1739 .handler
= arm920t_handle_read_mmu_command
,
1740 .mode
= COMMAND_EXEC
,
1741 .help
= "dump I/D mmu content to file",
1742 .usage
= "filename",
1744 COMMAND_REGISTRATION_DONE
1746 const struct command_registration arm920t_command_handlers
[] = {
1748 .chain
= arm9tdmi_command_handlers
,
1752 .mode
= COMMAND_ANY
,
1753 .help
= "arm920t command group",
1754 .chain
= arm920t_exec_command_handlers
,
1756 COMMAND_REGISTRATION_DONE
1759 /** Holds methods for ARM920 targets. */
1760 struct target_type arm920t_target
=
1764 .poll
= arm7_9_poll
,
1765 .arch_state
= arm920t_arch_state
,
1767 .target_request_data
= arm7_9_target_request_data
,
1769 .halt
= arm7_9_halt
,
1770 .resume
= arm7_9_resume
,
1771 .step
= arm7_9_step
,
1773 .assert_reset
= arm7_9_assert_reset
,
1774 .deassert_reset
= arm7_9_deassert_reset
,
1775 .soft_reset_halt
= arm920t_soft_reset_halt
,
1777 .get_gdb_reg_list
= arm_get_gdb_reg_list
,
1779 .read_memory
= arm920t_read_memory
,
1780 .write_memory
= arm920t_write_memory
,
1781 .read_phys_memory
= arm920t_read_phys_memory
,
1782 .write_phys_memory
= arm920t_write_phys_memory
,
1784 .virt2phys
= arm920_virt2phys
,
1786 .bulk_write_memory
= arm7_9_bulk_write_memory
,
1788 .checksum_memory
= arm_checksum_memory
,
1789 .blank_check_memory
= arm_blank_check_memory
,
1791 .run_algorithm
= armv4_5_run_algorithm
,
1793 .add_breakpoint
= arm7_9_add_breakpoint
,
1794 .remove_breakpoint
= arm7_9_remove_breakpoint
,
1795 .add_watchpoint
= arm7_9_add_watchpoint
,
1796 .remove_watchpoint
= arm7_9_remove_watchpoint
,
1798 .commands
= arm920t_command_handlers
,
1799 .target_create
= arm920t_target_create
,
1800 .init_target
= arm9tdmi_init_target
,
1801 .examine
= arm7_9_examine
,
1802 .check_reset
= arm7_9_check_reset
,
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)