2 /***************************************************************************
3 * Copyright (C) 2005 by Dominic Rath *
4 * Dominic.Rath@gmx.de *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
26 #include <helper/time_support.h>
27 #include "target_type.h"
29 #include "arm_opcodes.h"
33 * For information about the ARM920T, see ARM DDI 0151C especially
34 * Chapter 9 about debug support, which shows how to manipulate each
35 * of the different scan chains:
37 * 0 ... ARM920 signals, e.g. to rest of SOC (unused here)
38 * 1 ... debugging; watchpoint and breakpoint status, etc; also
39 * MMU and cache access in conjunction with scan chain 15
41 * 3 ... external boundary scan (SoC-specific, unused here)
42 * 4 ... access to cache tag RAM
44 * 15 ... access coprocessor 15, "physical" or "interpreted" modes
45 * "interpreted" works with a few actual MRC/MCR instructions
46 * "physical" provides register-like behaviors. Section 9.6.7
47 * covers these details.
49 * The ARM922T is similar, but with smaller caches (8K each, vs 16K).
53 #define _DEBUG_INSTRUCTION_EXECUTION_
56 /* Table 9-8 shows scan chain 15 format during physical access mode, using a
57 * dedicated 6-bit address space (encoded in bits 33:38). Writes use one
58 * JTAG scan, while reads use two.
60 * Table 9-9 lists the thirteen registers which support physical access.
61 * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed
62 * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().
68 #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
70 /* Registers supporting physical Read access (from table 9-9) */
71 #define CP15PHYS_CACHETYPE ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)
72 #define CP15PHYS_ICACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)
73 #define CP15PHYS_DCACHE_IDX ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)
74 /* NOTE: several more registers support only physical read access */
76 /* Registers supporting physical Read/Write access (from table 9-9) */
77 #define CP15PHYS_CTRL ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)
78 #define CP15PHYS_PID ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)
79 #define CP15PHYS_TESTSTATE ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)
80 #define CP15PHYS_ICACHE ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)
81 #define CP15PHYS_DCACHE ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)
83 static int arm920t_read_cp15_physical(struct target *target,
84 int reg_addr, uint32_t *value)
86 struct arm920t_common *arm920t = target_to_arm920(target);
87 struct arm_jtag *jtag_info;
88 struct scan_field fields[4];
89 uint8_t access_type_buf = 1;
90 uint8_t reg_addr_buf = reg_addr & 0x3f;
93 jtag_info = &arm920t->arm7_9_common.jtag_info;
95 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
96 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
98 fields[0].num_bits = 1;
99 fields[0].out_value = &access_type_buf;
100 fields[0].in_value = NULL;
102 fields[1].num_bits = 32;
103 fields[1].out_value = NULL;
104 fields[1].in_value = NULL;
106 fields[2].num_bits = 6;
107 fields[2].out_value = ®_addr_buf;
108 fields[2].in_value = NULL;
110 fields[3].num_bits = 1;
111 fields[3].out_value = &nr_w_buf;
112 fields[3].in_value = NULL;
114 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
116 fields[1].in_value = (uint8_t *)value;
118 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
120 jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);
122 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
123 jtag_execute_queue();
124 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
130 static int arm920t_write_cp15_physical(struct target *target,
131 int reg_addr, uint32_t value)
133 struct arm920t_common *arm920t = target_to_arm920(target);
134 struct arm_jtag *jtag_info;
135 struct scan_field fields[4];
136 uint8_t access_type_buf = 1;
137 uint8_t reg_addr_buf = reg_addr & 0x3f;
138 uint8_t nr_w_buf = 1;
139 uint8_t value_buf[4];
141 jtag_info = &arm920t->arm7_9_common.jtag_info;
143 buf_set_u32(value_buf, 0, 32, value);
145 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
146 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
148 fields[0].num_bits = 1;
149 fields[0].out_value = &access_type_buf;
150 fields[0].in_value = NULL;
152 fields[1].num_bits = 32;
153 fields[1].out_value = value_buf;
154 fields[1].in_value = NULL;
156 fields[2].num_bits = 6;
157 fields[2].out_value = ®_addr_buf;
158 fields[2].in_value = NULL;
160 fields[3].num_bits = 1;
161 fields[3].out_value = &nr_w_buf;
162 fields[3].in_value = NULL;
164 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
166 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
167 LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
173 /* See table 9-10 for scan chain 15 format during interpreted access mode.
174 * If the TESTSTATE register is set for interpreted access, certain CP15
175 * MRC and MCR instructions may be executed through scan chain 15.
177 * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be
178 * executed using scan chain 15 interpreted mode.
180 static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,
184 struct arm920t_common *arm920t = target_to_arm920(target);
185 struct arm_jtag *jtag_info;
186 struct scan_field fields[4];
187 uint8_t access_type_buf = 0; /* interpreted access */
188 uint8_t reg_addr_buf = 0x0;
189 uint8_t nr_w_buf = 0;
190 uint8_t cp15_opcode_buf[4];
192 jtag_info = &arm920t->arm7_9_common.jtag_info;
194 arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);
195 arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);
197 buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
199 fields[0].num_bits = 1;
200 fields[0].out_value = &access_type_buf;
201 fields[0].in_value = NULL;
203 fields[1].num_bits = 32;
204 fields[1].out_value = cp15_opcode_buf;
205 fields[1].in_value = NULL;
207 fields[2].num_bits = 6;
208 fields[2].out_value = ®_addr_buf;
209 fields[2].in_value = NULL;
211 fields[3].num_bits = 1;
212 fields[3].out_value = &nr_w_buf;
213 fields[3].in_value = NULL;
215 jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);
217 arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
218 arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
219 retval = arm7_9_execute_sys_speed(target);
220 if (retval != ERROR_OK)
223 if ((retval = jtag_execute_queue()) != ERROR_OK)
225 LOG_ERROR("failed executing JTAG queue");
232 static int arm920t_read_cp15_interpreted(struct target *target,
233 uint32_t cp15_opcode, uint32_t address, uint32_t *value)
235 struct arm *armv4_5 = target_to_arm(target);
238 uint32_t cp15c15 = 0x0;
239 struct reg *r = armv4_5->core_cache->reg_list;
241 /* load address into R1 */
243 arm9tdmi_write_core_regs(target, 0x2, regs);
245 /* read-modify-write CP15 test state register
246 * to enable interpreted access mode */
247 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
248 jtag_execute_queue();
249 cp15c15 |= 1; /* set interpret mode */
250 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
252 /* execute CP15 instruction and ARM load (reading from coprocessor) */
253 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
255 /* disable interpreted access mode */
256 cp15c15 &= ~1U; /* clear interpret mode */
257 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
259 /* retrieve value from R0 */
261 arm9tdmi_read_core_regs(target, 0x1, regs_p);
262 jtag_execute_queue();
264 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
265 LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",
266 cp15_opcode, address, *value);
269 if (!is_arm_mode(armv4_5->core_mode))
279 int arm920t_write_cp15_interpreted(struct target *target,
280 uint32_t cp15_opcode, uint32_t value, uint32_t address)
282 uint32_t cp15c15 = 0x0;
283 struct arm *armv4_5 = target_to_arm(target);
285 struct reg *r = armv4_5->core_cache->reg_list;
287 /* load value, address into R0, R1 */
290 arm9tdmi_write_core_regs(target, 0x3, regs);
292 /* read-modify-write CP15 test state register
293 * to enable interpreted access mode */
294 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
295 jtag_execute_queue();
296 cp15c15 |= 1; /* set interpret mode */
297 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
299 /* execute CP15 instruction and ARM store (writing to coprocessor) */
300 arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
302 /* disable interpreted access mode */
303 cp15c15 &= ~1U; /* set interpret mode */
304 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
306 #ifdef _DEBUG_INSTRUCTION_EXECUTION_
307 LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",
308 cp15_opcode, value, address);
311 if (!is_arm_mode(armv4_5->core_mode))
321 int arm920t_get_ttb(struct target *target, uint32_t *result)
326 if ((retval = arm920t_read_cp15_interpreted(target,
327 /* FIXME use opcode macro */
328 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
336 void arm920t_disable_mmu_caches(struct target *target, int mmu,
337 int d_u_cache, int i_cache)
339 uint32_t cp15_control;
341 /* read cp15 control register */
342 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
343 jtag_execute_queue();
346 cp15_control &= ~0x1U;
349 cp15_control &= ~0x4U;
352 cp15_control &= ~0x1000U;
354 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
358 void arm920t_enable_mmu_caches(struct target *target, int mmu,
359 int d_u_cache, int i_cache)
361 uint32_t cp15_control;
363 /* read cp15 control register */
364 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);
365 jtag_execute_queue();
368 cp15_control |= 0x1U;
371 cp15_control |= 0x4U;
374 cp15_control |= 0x1000U;
376 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);
380 void arm920t_post_debug_entry(struct target *target)
383 struct arm920t_common *arm920t = target_to_arm920(target);
385 /* examine cp15 control reg */
386 arm920t_read_cp15_physical(target,
387 CP15PHYS_CTRL, &arm920t->cp15_control_reg);
388 jtag_execute_queue();
389 LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, arm920t->cp15_control_reg);
391 if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
393 uint32_t cache_type_reg;
394 /* identify caches */
395 arm920t_read_cp15_physical(target,
396 CP15PHYS_CACHETYPE, &cache_type_reg);
397 jtag_execute_queue();
398 armv4_5_identify_cache(cache_type_reg,
399 &arm920t->armv4_5_mmu.armv4_5_cache);
402 arm920t->armv4_5_mmu.mmu_enabled =
403 (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
404 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =
405 (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
406 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled =
407 (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
409 /* save i/d fault status and address register */
410 /* FIXME use opcode macros */
411 arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
412 arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
413 arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
414 arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
416 LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32
417 ", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32,
418 arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
420 if (arm920t->preserve_cache)
422 /* read-modify-write CP15 test state register
423 * to disable I/D-cache linefills */
424 arm920t_read_cp15_physical(target,
425 CP15PHYS_TESTSTATE, &cp15c15);
426 jtag_execute_queue();
428 arm920t_write_cp15_physical(target,
429 CP15PHYS_TESTSTATE, cp15c15);
434 void arm920t_pre_restore_context(struct target *target)
437 struct arm920t_common *arm920t = target_to_arm920(target);
439 /* restore i/d fault status and address register */
440 arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
441 arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
442 arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
443 arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
445 /* read-modify-write CP15 test state register
446 * to reenable I/D-cache linefills */
447 if (arm920t->preserve_cache)
449 arm920t_read_cp15_physical(target,
450 CP15PHYS_TESTSTATE, &cp15c15);
451 jtag_execute_queue();
453 arm920t_write_cp15_physical(target,
454 CP15PHYS_TESTSTATE, cp15c15);
458 static const char arm920_not[] = "target is not an ARM920";
460 static int arm920t_verify_pointer(struct command_context *cmd_ctx,
461 struct arm920t_common *arm920t)
463 if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {
464 command_print(cmd_ctx, arm920_not);
465 return ERROR_TARGET_INVALID;
471 /** Logs summary of ARM920 state for a halted target. */
472 int arm920t_arch_state(struct target *target)
474 static const char *state[] =
476 "disabled", "enabled"
479 struct arm920t_common *arm920t = target_to_arm920(target);
482 if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
484 LOG_ERROR("BUG: %s", arm920_not);
485 return ERROR_TARGET_INVALID;
488 armv4_5 = &arm920t->arm7_9_common.armv4_5_common;
490 arm_arch_state(target);
491 LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",
492 state[arm920t->armv4_5_mmu.mmu_enabled],
493 state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
494 state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
499 static int arm920_mmu(struct target *target, int *enabled)
501 if (target->state != TARGET_HALTED) {
502 LOG_ERROR("%s: target not halted", __func__);
503 return ERROR_TARGET_INVALID;
506 *enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;
510 static int arm920_virt2phys(struct target *target,
511 uint32_t virt, uint32_t *phys)
514 struct arm920t_common *arm920t = target_to_arm920(target);
517 int retval = armv4_5_mmu_translate_va(target,
518 &arm920t->armv4_5_mmu, virt, &cb, &ret);
519 if (retval != ERROR_OK)
525 /** Reads a buffer, in the specified word size, with current MMU settings. */
526 int arm920t_read_memory(struct target *target, uint32_t address,
527 uint32_t size, uint32_t count, uint8_t *buffer)
531 retval = arm7_9_read_memory(target, address, size, count, buffer);
537 static int arm920t_read_phys_memory(struct target *target,
538 uint32_t address, uint32_t size,
539 uint32_t count, uint8_t *buffer)
541 struct arm920t_common *arm920t = target_to_arm920(target);
543 return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,
544 address, size, count, buffer);
547 static int arm920t_write_phys_memory(struct target *target,
548 uint32_t address, uint32_t size,
549 uint32_t count, uint8_t *buffer)
551 struct arm920t_common *arm920t = target_to_arm920(target);
553 return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,
554 address, size, count, buffer);
558 /** Writes a buffer, in the specified word size, with current MMU settings. */
559 int arm920t_write_memory(struct target *target, uint32_t address,
560 uint32_t size, uint32_t count, uint8_t *buffer)
563 const uint32_t cache_mask = ~0x1f; /* cache line size : 32 byte */
564 struct arm920t_common *arm920t = target_to_arm920(target);
566 /* FIX!!!! this should be cleaned up and made much more general. The
567 * plan is to write up and test on arm920t specifically and
568 * then generalize and clean up afterwards.
570 * Also it should be moved to the callbacks that handle breakpoints
571 * specifically and not the generic memory write fn's. See XScale code.
573 if (arm920t->armv4_5_mmu.mmu_enabled && (count == 1) &&
574 ((size==2) || (size==4)))
576 /* special case the handling of single word writes to
577 * bypass MMU, to allow implementation of breakpoints
578 * in memory marked read only
585 * We need physical address and cb
587 retval = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu,
589 if (retval != ERROR_OK)
592 if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
596 LOG_DEBUG("D-Cache buffered, "
597 "drain write buffer");
600 * Drain write buffer - MCR p15,0,Rd,c7,c10,4
603 retval = arm920t_write_cp15_interpreted(target,
604 ARMV4_5_MCR(15, 0, 0, 7, 10, 4),
606 if (retval != ERROR_OK)
613 * Write back memory ? -> clean cache
615 * There is no way to clean cache lines using
616 * cp15 scan chain, so copy the full cache
617 * line from cache to physical memory.
621 LOG_DEBUG("D-Cache in 'write back' mode, "
624 retval = target_read_memory(target,
625 address & cache_mask, 1,
626 sizeof(data), &data[0]);
627 if (retval != ERROR_OK)
630 retval = armv4_5_mmu_write_physical(target,
631 &arm920t->armv4_5_mmu,
633 sizeof(data), &data[0]);
634 if (retval != ERROR_OK)
642 * Cached ? -> Invalidate data cache using MVA
644 * MCR p15,0,Rd,c7,c6,1
646 LOG_DEBUG("D-Cache enabled, "
647 "invalidate cache line");
649 retval = arm920t_write_cp15_interpreted(target,
650 ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,
651 address & cache_mask);
652 if (retval != ERROR_OK)
657 /* write directly to physical memory,
658 * bypassing any read only MMU bits, etc.
660 retval = armv4_5_mmu_write_physical(target,
661 &arm920t->armv4_5_mmu, pa, size,
663 if (retval != ERROR_OK)
667 if ((retval = arm7_9_write_memory(target, address,
668 size, count, buffer)) != ERROR_OK)
672 /* If ICache is enabled, we have to invalidate affected ICache lines
673 * the DCache is forced to write-through,
674 * so we don't have to clean it here
676 if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
680 /* invalidate ICache single entry with MVA
681 * mcr 15, 0, r0, cr7, cr5, {1}
683 LOG_DEBUG("I-Cache enabled, "
684 "invalidating affected I-Cache line");
685 retval = arm920t_write_cp15_interpreted(target,
686 ARMV4_5_MCR(15, 0, 0, 7, 5, 1),
687 0x0, address & cache_mask);
688 if (retval != ERROR_OK)
694 * mcr 15, 0, r0, cr7, cr5, {0}
696 retval = arm920t_write_cp15_interpreted(target,
697 ARMV4_5_MCR(15, 0, 0, 7, 5, 0),
699 if (retval != ERROR_OK)
708 int arm920t_soft_reset_halt(struct target *target)
710 int retval = ERROR_OK;
711 struct arm920t_common *arm920t = target_to_arm920(target);
712 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
713 struct arm *armv4_5 = &arm7_9->armv4_5_common;
714 struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
716 if ((retval = target_halt(target)) != ERROR_OK)
721 long long then = timeval_ms();
723 while (!(timeout = ((timeval_ms()-then) > 1000)))
725 if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1)
728 embeddedice_read_reg(dbg_stat);
729 if ((retval = jtag_execute_queue()) != ERROR_OK)
737 if (debug_level >= 3)
739 /* do not eat all CPU, time out after 1 se*/
748 LOG_ERROR("Failed to halt CPU after 1 sec");
749 return ERROR_TARGET_TIMEOUT;
752 target->state = TARGET_HALTED;
754 /* SVC, ARM state, IRQ and FIQ disabled */
757 cpsr = buf_get_u32(armv4_5->cpsr->value, 0, 32);
760 arm_set_cpsr(armv4_5, cpsr);
761 armv4_5->cpsr->dirty = 1;
763 /* start fetching from 0x0 */
764 buf_set_u32(armv4_5->pc->value, 0, 32, 0x0);
765 armv4_5->pc->dirty = 1;
766 armv4_5->pc->valid = 1;
768 arm920t_disable_mmu_caches(target, 1, 1, 1);
769 arm920t->armv4_5_mmu.mmu_enabled = 0;
770 arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
771 arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
773 return target_call_event_callbacks(target, TARGET_EVENT_HALTED);
776 /* FIXME remove forward decls */
777 static int arm920t_mrc(struct target *target, int cpnum,
778 uint32_t op1, uint32_t op2,
779 uint32_t CRn, uint32_t CRm,
781 static int arm920t_mcr(struct target *target, int cpnum,
782 uint32_t op1, uint32_t op2,
783 uint32_t CRn, uint32_t CRm,
786 static int arm920t_init_arch_info(struct target *target,
787 struct arm920t_common *arm920t, struct jtag_tap *tap)
789 struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;
791 arm7_9->armv4_5_common.mrc = arm920t_mrc;
792 arm7_9->armv4_5_common.mcr = arm920t_mcr;
794 /* initialize arm7/arm9 specific info (including armv4_5) */
795 arm9tdmi_init_arch_info(target, arm7_9, tap);
797 arm920t->common_magic = ARM920T_COMMON_MAGIC;
799 arm7_9->post_debug_entry = arm920t_post_debug_entry;
800 arm7_9->pre_restore_context = arm920t_pre_restore_context;
802 arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
803 arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
804 arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
805 arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
806 arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
807 arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
808 arm920t->armv4_5_mmu.has_tiny_pages = 1;
809 arm920t->armv4_5_mmu.mmu_enabled = 0;
811 /* disabling linefills leads to lockups, so keep them enabled for now
812 * this doesn't affect correctness, but might affect timing issues, if
813 * important data is evicted from the cache during the debug session
815 arm920t->preserve_cache = 0;
817 /* override hw single-step capability from ARM9TDMI */
818 arm7_9->has_single_step = 1;
823 static int arm920t_target_create(struct target *target, Jim_Interp *interp)
825 struct arm920t_common *arm920t;
827 arm920t = calloc(1,sizeof(struct arm920t_common));
828 return arm920t_init_arch_info(target, arm920t, target->tap);
831 COMMAND_HANDLER(arm920t_handle_read_cache_command)
833 int retval = ERROR_OK;
834 struct target *target = get_current_target(CMD_CTX);
835 struct arm920t_common *arm920t = target_to_arm920(target);
836 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
837 struct arm *armv4_5 = &arm7_9->armv4_5_common;
839 uint32_t cp15_ctrl, cp15_ctrl_saved;
841 uint32_t *regs_p[16];
842 uint32_t C15_C_D_Ind, C15_C_I_Ind;
845 struct arm920t_cache_line d_cache[8][64], i_cache[8][64];
846 int segment, index_t;
849 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
850 if (retval != ERROR_OK)
855 command_print(CMD_CTX, "usage: arm920t read_cache <filename>");
859 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
861 LOG_DEBUG("error opening cache content file");
865 for (i = 0; i < 16; i++)
866 regs_p[i] = ®s[i];
868 /* disable MMU and Caches */
869 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
870 if ((retval = jtag_execute_queue()) != ERROR_OK)
874 cp15_ctrl_saved = cp15_ctrl;
875 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
876 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
877 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
879 /* read CP15 test state register */
880 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
881 jtag_execute_queue();
883 /* read DCache content */
884 fprintf(output, "DCache:\n");
886 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
888 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
891 fprintf(output, "\nsegment: %i\n----------", segment);
893 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
894 regs[0] = 0x0 | (segment << 5);
895 arm9tdmi_write_core_regs(target, 0x1, regs);
897 /* set interpret mode */
899 arm920t_write_cp15_physical(target,
900 CP15PHYS_TESTSTATE, cp15c15);
902 /* D CAM Read, loads current victim into C15.C.D.Ind */
903 arm920t_execute_cp15(target,
904 ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
906 /* read current victim */
907 arm920t_read_cp15_physical(target,
908 CP15PHYS_DCACHE_IDX, &C15_C_D_Ind);
910 /* clear interpret mode */
912 arm920t_write_cp15_physical(target,
913 CP15PHYS_TESTSTATE, cp15c15);
915 for (index_t = 0; index_t < 64; index_t++)
918 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
920 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
921 arm9tdmi_write_core_regs(target, 0x1, regs);
923 /* set interpret mode */
925 arm920t_write_cp15_physical(target,
926 CP15PHYS_TESTSTATE, cp15c15);
928 /* Write DCache victim */
929 arm920t_execute_cp15(target,
930 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
933 arm920t_execute_cp15(target,
934 ARMV4_5_MCR(15,2,0,15,10,2),
935 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
938 arm920t_execute_cp15(target,
939 ARMV4_5_MCR(15,2,0,15,6,2),
942 /* clear interpret mode */
944 arm920t_write_cp15_physical(target,
945 CP15PHYS_TESTSTATE, cp15c15);
947 /* read D RAM and CAM content */
948 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
949 if ((retval = jtag_execute_queue()) != ERROR_OK)
954 d_cache[segment][index_t].cam = regs[9];
957 regs[9] &= 0xfffffffe;
958 fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8"
959 PRIx32 ", content (%s):\n",
960 segment, index_t, regs[9],
961 (regs[9] & 0x10) ? "valid" : "invalid");
963 for (i = 1; i < 9; i++)
965 d_cache[segment][index_t].data[i] = regs[i];
966 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
972 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
973 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
974 arm9tdmi_write_core_regs(target, 0x1, regs);
976 /* set interpret mode */
978 arm920t_write_cp15_physical(target,
979 CP15PHYS_TESTSTATE, cp15c15);
981 /* Write DCache victim */
982 arm920t_execute_cp15(target,
983 ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
985 /* clear interpret mode */
987 arm920t_write_cp15_physical(target,
988 CP15PHYS_TESTSTATE, cp15c15);
991 /* read ICache content */
992 fprintf(output, "ICache:\n");
994 /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
996 segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;
999 fprintf(output, "segment: %i\n----------", segment);
1001 /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
1002 regs[0] = 0x0 | (segment << 5);
1003 arm9tdmi_write_core_regs(target, 0x1, regs);
1005 /* set interpret mode */
1007 arm920t_write_cp15_physical(target,
1008 CP15PHYS_TESTSTATE, cp15c15);
1010 /* I CAM Read, loads current victim into C15.C.I.Ind */
1011 arm920t_execute_cp15(target,
1012 ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
1014 /* read current victim */
1015 arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,
1018 /* clear interpret mode */
1020 arm920t_write_cp15_physical(target,
1021 CP15PHYS_TESTSTATE, cp15c15);
1023 for (index_t = 0; index_t < 64; index_t++)
1026 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)
1028 regs[0] = 0x0 | (segment << 5) | (index_t << 26);
1029 arm9tdmi_write_core_regs(target, 0x1, regs);
1031 /* set interpret mode */
1033 arm920t_write_cp15_physical(target,
1034 CP15PHYS_TESTSTATE, cp15c15);
1036 /* Write ICache victim */
1037 arm920t_execute_cp15(target,
1038 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1041 arm920t_execute_cp15(target,
1042 ARMV4_5_MCR(15,2,0,15,9,2),
1043 ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
1046 arm920t_execute_cp15(target,
1047 ARMV4_5_MCR(15,2,0,15,5,2),
1050 /* clear interpret mode */
1052 arm920t_write_cp15_physical(target,
1053 CP15PHYS_TESTSTATE, cp15c15);
1055 /* read I RAM and CAM content */
1056 arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
1057 if ((retval = jtag_execute_queue()) != ERROR_OK)
1062 i_cache[segment][index_t].cam = regs[9];
1065 regs[9] &= 0xfffffffe;
1066 fprintf(output, "\nsegment: %i, index: %i, "
1067 "CAM: 0x%8.8" PRIx32 ", content (%s):\n",
1068 segment, index_t, regs[9],
1069 (regs[9] & 0x10) ? "valid" : "invalid");
1071 for (i = 1; i < 9; i++)
1073 i_cache[segment][index_t].data[i] = regs[i];
1074 fprintf(output, "%i: 0x%8.8" PRIx32 "\n",
1079 /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
1080 regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
1081 arm9tdmi_write_core_regs(target, 0x1, regs);
1083 /* set interpret mode */
1085 arm920t_write_cp15_physical(target,
1086 CP15PHYS_TESTSTATE, cp15c15);
1088 /* Write ICache victim */
1089 arm920t_execute_cp15(target,
1090 ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
1092 /* clear interpret mode */
1094 arm920t_write_cp15_physical(target,
1095 CP15PHYS_TESTSTATE, cp15c15);
1098 /* restore CP15 MMU and Cache settings */
1099 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1101 command_print(CMD_CTX, "cache content successfully output to %s",
1106 if (!is_arm_mode(armv4_5->core_mode))
1109 /* force writeback of the valid data */
1110 r = armv4_5->core_cache->reg_list;
1111 r[0].dirty = r[0].valid;
1112 r[1].dirty = r[1].valid;
1113 r[2].dirty = r[2].valid;
1114 r[3].dirty = r[3].valid;
1115 r[4].dirty = r[4].valid;
1116 r[5].dirty = r[5].valid;
1117 r[6].dirty = r[6].valid;
1118 r[7].dirty = r[7].valid;
1120 r = arm_reg_current(armv4_5, 8);
1121 r->dirty = r->valid;
1123 r = arm_reg_current(armv4_5, 9);
1124 r->dirty = r->valid;
1129 COMMAND_HANDLER(arm920t_handle_read_mmu_command)
1131 int retval = ERROR_OK;
1132 struct target *target = get_current_target(CMD_CTX);
1133 struct arm920t_common *arm920t = target_to_arm920(target);
1134 struct arm7_9_common *arm7_9 = target_to_arm7_9(target);
1135 struct arm *armv4_5 = &arm7_9->armv4_5_common;
1137 uint32_t cp15_ctrl, cp15_ctrl_saved;
1139 uint32_t *regs_p[16];
1142 uint32_t Dlockdown, Ilockdown;
1143 struct arm920t_tlb_entry d_tlb[64], i_tlb[64];
1147 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1148 if (retval != ERROR_OK)
1153 command_print(CMD_CTX, "usage: arm920t read_mmu <filename>");
1157 if ((output = fopen(CMD_ARGV[0], "w")) == NULL)
1159 LOG_DEBUG("error opening mmu content file");
1163 for (i = 0; i < 16; i++)
1164 regs_p[i] = ®s[i];
1166 /* disable MMU and Caches */
1167 arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);
1168 if ((retval = jtag_execute_queue()) != ERROR_OK)
1172 cp15_ctrl_saved = cp15_ctrl;
1173 cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED
1174 | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
1175 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);
1177 /* read CP15 test state register */
1178 arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);
1179 if ((retval = jtag_execute_queue()) != ERROR_OK)
1184 /* prepare reading D TLB content
1187 /* set interpret mode */
1189 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1191 /* Read D TLB lockdown */
1192 arm920t_execute_cp15(target,
1193 ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
1195 /* clear interpret mode */
1197 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1199 /* read D TLB lockdown stored to r1 */
1200 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1201 if ((retval = jtag_execute_queue()) != ERROR_OK)
1205 Dlockdown = regs[1];
1207 for (victim = 0; victim < 64; victim += 8)
1209 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1210 * base remains unchanged, victim goes through entries 0 to 63
1212 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1213 arm9tdmi_write_core_regs(target, 0x2, regs);
1215 /* set interpret mode */
1217 arm920t_write_cp15_physical(target,
1218 CP15PHYS_TESTSTATE, cp15c15);
1220 /* Write D TLB lockdown */
1221 arm920t_execute_cp15(target,
1222 ARMV4_5_MCR(15,0,0,10,0,0),
1225 /* Read D TLB CAM */
1226 arm920t_execute_cp15(target,
1227 ARMV4_5_MCR(15,4,0,15,6,4),
1228 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1230 /* clear interpret mode */
1232 arm920t_write_cp15_physical(target,
1233 CP15PHYS_TESTSTATE, cp15c15);
1235 /* read D TLB CAM content stored to r2-r9 */
1236 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1237 if ((retval = jtag_execute_queue()) != ERROR_OK)
1242 for (i = 0; i < 8; i++)
1243 d_tlb[victim + i].cam = regs[i + 2];
1246 for (victim = 0; victim < 64; victim++)
1248 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1249 * base remains unchanged, victim goes through entries 0 to 63
1251 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1252 arm9tdmi_write_core_regs(target, 0x2, regs);
1254 /* set interpret mode */
1256 arm920t_write_cp15_physical(target,
1257 CP15PHYS_TESTSTATE, cp15c15);
1259 /* Write D TLB lockdown */
1260 arm920t_execute_cp15(target,
1261 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1263 /* Read D TLB RAM1 */
1264 arm920t_execute_cp15(target,
1265 ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
1267 /* Read D TLB RAM2 */
1268 arm920t_execute_cp15(target,
1269 ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
1271 /* clear interpret mode */
1273 arm920t_write_cp15_physical(target,
1274 CP15PHYS_TESTSTATE, cp15c15);
1276 /* read D TLB RAM content stored to r2 and r3 */
1277 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1278 if ((retval = jtag_execute_queue()) != ERROR_OK)
1283 d_tlb[victim].ram1 = regs[2];
1284 d_tlb[victim].ram2 = regs[3];
1287 /* restore D TLB lockdown */
1288 regs[1] = Dlockdown;
1289 arm9tdmi_write_core_regs(target, 0x2, regs);
1291 /* Write D TLB lockdown */
1292 arm920t_execute_cp15(target,
1293 ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
1295 /* prepare reading I TLB content
1298 /* set interpret mode */
1300 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1302 /* Read I TLB lockdown */
1303 arm920t_execute_cp15(target,
1304 ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
1306 /* clear interpret mode */
1308 arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);
1310 /* read I TLB lockdown stored to r1 */
1311 arm9tdmi_read_core_regs(target, 0x2, regs_p);
1312 if ((retval = jtag_execute_queue()) != ERROR_OK)
1316 Ilockdown = regs[1];
1318 for (victim = 0; victim < 64; victim += 8)
1320 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1321 * base remains unchanged, victim goes through entries 0 to 63
1323 regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
1324 arm9tdmi_write_core_regs(target, 0x2, regs);
1326 /* set interpret mode */
1328 arm920t_write_cp15_physical(target,
1329 CP15PHYS_TESTSTATE, cp15c15);
1331 /* Write I TLB lockdown */
1332 arm920t_execute_cp15(target,
1333 ARMV4_5_MCR(15,0,0,10,0,1),
1336 /* Read I TLB CAM */
1337 arm920t_execute_cp15(target,
1338 ARMV4_5_MCR(15,4,0,15,5,4),
1339 ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
1341 /* clear interpret mode */
1343 arm920t_write_cp15_physical(target,
1344 CP15PHYS_TESTSTATE, cp15c15);
1346 /* read I TLB CAM content stored to r2-r9 */
1347 arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
1348 if ((retval = jtag_execute_queue()) != ERROR_OK)
1353 for (i = 0; i < 8; i++)
1354 i_tlb[i + victim].cam = regs[i + 2];
1357 for (victim = 0; victim < 64; victim++)
1359 /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
1360 * base remains unchanged, victim goes through entries 0 to 63
1362 regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
1363 arm9tdmi_write_core_regs(target, 0x2, regs);
1365 /* set interpret mode */
1367 arm920t_write_cp15_physical(target,
1368 CP15PHYS_TESTSTATE, cp15c15);
1370 /* Write I TLB lockdown */
1371 arm920t_execute_cp15(target,
1372 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1374 /* Read I TLB RAM1 */
1375 arm920t_execute_cp15(target,
1376 ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
1378 /* Read I TLB RAM2 */
1379 arm920t_execute_cp15(target,
1380 ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
1382 /* clear interpret mode */
1384 arm920t_write_cp15_physical(target,
1385 CP15PHYS_TESTSTATE, cp15c15);
1387 /* read I TLB RAM content stored to r2 and r3 */
1388 arm9tdmi_read_core_regs(target, 0xc, regs_p);
1389 if ((retval = jtag_execute_queue()) != ERROR_OK)
1394 i_tlb[victim].ram1 = regs[2];
1395 i_tlb[victim].ram2 = regs[3];
1398 /* restore I TLB lockdown */
1399 regs[1] = Ilockdown;
1400 arm9tdmi_write_core_regs(target, 0x2, regs);
1402 /* Write I TLB lockdown */
1403 arm920t_execute_cp15(target,
1404 ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
1406 /* restore CP15 MMU and Cache settings */
1407 arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);
1409 /* output data to file */
1410 fprintf(output, "D TLB content:\n");
1411 for (i = 0; i < 64; i++)
1413 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1414 " 0x%8.8" PRIx32 " %s\n",
1415 i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2,
1416 (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1419 fprintf(output, "\n\nI TLB content:\n");
1420 for (i = 0; i < 64; i++)
1422 fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32
1423 " 0x%8.8" PRIx32 " %s\n",
1424 i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2,
1425 (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
1428 command_print(CMD_CTX, "mmu content successfully output to %s",
1433 if (!is_arm_mode(armv4_5->core_mode))
1436 /* force writeback of the valid data */
1437 r = armv4_5->core_cache->reg_list;
1438 r[0].dirty = r[0].valid;
1439 r[1].dirty = r[1].valid;
1440 r[2].dirty = r[2].valid;
1441 r[3].dirty = r[3].valid;
1442 r[4].dirty = r[4].valid;
1443 r[5].dirty = r[5].valid;
1444 r[6].dirty = r[6].valid;
1445 r[7].dirty = r[7].valid;
1447 r = arm_reg_current(armv4_5, 8);
1448 r->dirty = r->valid;
1450 r = arm_reg_current(armv4_5, 9);
1451 r->dirty = r->valid;
1456 COMMAND_HANDLER(arm920t_handle_cp15_command)
1459 struct target *target = get_current_target(CMD_CTX);
1460 struct arm920t_common *arm920t = target_to_arm920(target);
1462 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1463 if (retval != ERROR_OK)
1466 if (target->state != TARGET_HALTED)
1468 command_print(CMD_CTX, "target must be stopped for "
1469 "\"%s\" command", CMD_NAME);
1473 /* one argument, read a register.
1474 * two arguments, write it.
1479 COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);
1484 if ((retval = arm920t_read_cp15_physical(target,
1485 address, &value)) != ERROR_OK)
1487 command_print(CMD_CTX,
1488 "couldn't access reg %i", address);
1491 if ((retval = jtag_execute_queue()) != ERROR_OK)
1496 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1499 else if (CMD_ARGC == 2)
1502 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1503 retval = arm920t_write_cp15_physical(target,
1505 if (retval != ERROR_OK)
1507 command_print(CMD_CTX,
1508 "couldn't access reg %i", address);
1509 /* REVISIT why lie? "return retval"? */
1512 command_print(CMD_CTX, "%i: %8.8" PRIx32,
1520 COMMAND_HANDLER(arm920t_handle_cp15i_command)
1523 struct target *target = get_current_target(CMD_CTX);
1524 struct arm920t_common *arm920t = target_to_arm920(target);
1526 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1527 if (retval != ERROR_OK)
1531 if (target->state != TARGET_HALTED)
1533 command_print(CMD_CTX, "target must be stopped for "
1534 "\"%s\" command", CMD_NAME);
1538 /* one argument, read a register.
1539 * two arguments, write it.
1544 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);
1549 retval = arm920t_read_cp15_interpreted(target,
1550 opcode, 0x0, &value);
1551 if (retval != ERROR_OK)
1553 command_print(CMD_CTX,
1554 "couldn't execute %8.8" PRIx32,
1556 /* REVISIT why lie? "return retval"? */
1560 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1563 else if (CMD_ARGC == 2)
1566 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1567 retval = arm920t_write_cp15_interpreted(target,
1569 if (retval != ERROR_OK)
1571 command_print(CMD_CTX,
1572 "couldn't execute %8.8" PRIx32,
1574 /* REVISIT why lie? "return retval"? */
1577 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,
1580 else if (CMD_ARGC == 3)
1583 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);
1585 COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);
1586 retval = arm920t_write_cp15_interpreted(target,
1587 opcode, value, address);
1588 if (retval != ERROR_OK)
1590 command_print(CMD_CTX,
1591 "couldn't execute %8.8" PRIx32, opcode);
1592 /* REVISIT why lie? "return retval"? */
1595 command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32
1596 " %8.8" PRIx32, opcode, value, address);
1601 command_print(CMD_CTX,
1602 "usage: arm920t cp15i <opcode> [value] [address]");
1608 COMMAND_HANDLER(arm920t_handle_cache_info_command)
1611 struct target *target = get_current_target(CMD_CTX);
1612 struct arm920t_common *arm920t = target_to_arm920(target);
1614 retval = arm920t_verify_pointer(CMD_CTX, arm920t);
1615 if (retval != ERROR_OK)
1618 return armv4_5_handle_cache_info_command(CMD_CTX,
1619 &arm920t->armv4_5_mmu.armv4_5_cache);
1623 static int arm920t_mrc(struct target *target, int cpnum,
1624 uint32_t op1, uint32_t op2,
1625 uint32_t CRn, uint32_t CRm,
1630 LOG_ERROR("Only cp15 is supported");
1635 return arm920t_read_cp15_interpreted(target,
1636 ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),
1640 static int arm920t_mcr(struct target *target, int cpnum,
1641 uint32_t op1, uint32_t op2,
1642 uint32_t CRn, uint32_t CRm,
1647 LOG_ERROR("Only cp15 is supported");
1651 /* write "from" r0 */
1652 return arm920t_write_cp15_interpreted(target,
1653 ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),
1657 static const struct command_registration arm920t_exec_command_handlers[] = {
1660 .handler = arm920t_handle_cp15_command,
1661 .mode = COMMAND_EXEC,
1662 .help = "display/modify cp15 register",
1663 .usage = "regnum [value]",
1667 .handler = arm920t_handle_cp15i_command,
1668 .mode = COMMAND_EXEC,
1669 /* prefer using less error-prone "arm mcr" or "arm mrc" */
1670 .help = "display/modify cp15 register using ARM opcode"
1672 .usage = "instruction [value [address]]",
1675 .name = "cache_info",
1676 .handler = arm920t_handle_cache_info_command,
1677 .mode = COMMAND_EXEC,
1678 .help = "display information about target caches",
1681 .name = "read_cache",
1682 .handler = arm920t_handle_read_cache_command,
1683 .mode = COMMAND_EXEC,
1684 .help = "dump I/D cache content to file",
1685 .usage = "filename",
1689 .handler = arm920t_handle_read_mmu_command,
1690 .mode = COMMAND_EXEC,
1691 .help = "dump I/D mmu content to file",
1692 .usage = "filename",
1694 COMMAND_REGISTRATION_DONE
1696 const struct command_registration arm920t_command_handlers[] = {
1698 .chain = arm9tdmi_command_handlers,
1702 .mode = COMMAND_ANY,
1703 .help = "arm920t command group",
1704 .chain = arm920t_exec_command_handlers,
1706 COMMAND_REGISTRATION_DONE
1709 /** Holds methods for ARM920 targets. */
1710 struct target_type arm920t_target =
1714 .poll = arm7_9_poll,
1715 .arch_state = arm920t_arch_state,
1717 .target_request_data = arm7_9_target_request_data,
1719 .halt = arm7_9_halt,
1720 .resume = arm7_9_resume,
1721 .step = arm7_9_step,
1723 .assert_reset = arm7_9_assert_reset,
1724 .deassert_reset = arm7_9_deassert_reset,
1725 .soft_reset_halt = arm920t_soft_reset_halt,
1727 .get_gdb_reg_list = arm_get_gdb_reg_list,
1729 .read_memory = arm920t_read_memory,
1730 .write_memory = arm920t_write_memory,
1731 .read_phys_memory = arm920t_read_phys_memory,
1732 .write_phys_memory = arm920t_write_phys_memory,
1734 .virt2phys = arm920_virt2phys,
1736 .bulk_write_memory = arm7_9_bulk_write_memory,
1738 .checksum_memory = arm_checksum_memory,
1739 .blank_check_memory = arm_blank_check_memory,
1741 .run_algorithm = armv4_5_run_algorithm,
1743 .add_breakpoint = arm7_9_add_breakpoint,
1744 .remove_breakpoint = arm7_9_remove_breakpoint,
1745 .add_watchpoint = arm7_9_add_watchpoint,
1746 .remove_watchpoint = arm7_9_remove_watchpoint,
1748 .commands = arm920t_command_handlers,
1749 .target_create = arm920t_target_create,
1750 .init_target = arm9tdmi_init_target,
1751 .examine = arm7_9_examine,
1752 .check_reset = arm7_9_check_reset,
projects / fw / openocd / blob