1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
4 * Copyright (C) 2008 Oyvind Harboe oyvind.harboe@zylin.com *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
34 #define JTAG_DEBUG(expr ...) DEBUG(expr)
36 #define JTAG_DEBUG(expr ...) do {} while(0)
40 This pathmove goes from Pause-IR to Shift-IR while avoiding RTI. The
41 behavior of the FTDI driver IIRC was to go via RTI.
43 Conversely there may be other places in this code where the ARM11 code relies
44 on the driver to hit through RTI when coming from Update-?R.
46 tap_state_t arm11_move_pi_to_si_via_ci[] =
48 TAP_IREXIT2, TAP_IRUPDATE, TAP_DRSELECT, TAP_IRSELECT, TAP_IRCAPTURE, TAP_IRSHIFT
52 int arm11_add_ir_scan_vc(int num_fields, scan_field_t *fields, tap_state_t state)
54 if (cmd_queue_cur_state == TAP_IRPAUSE)
55 jtag_add_pathmove(asizeof(arm11_move_pi_to_si_via_ci), arm11_move_pi_to_si_via_ci);
57 jtag_add_ir_scan(num_fields, fields, state);
61 tap_state_t arm11_move_pd_to_sd_via_cd[] =
63 TAP_DREXIT2, TAP_DRUPDATE, TAP_DRSELECT, TAP_DRCAPTURE, TAP_DRSHIFT
66 int arm11_add_dr_scan_vc(int num_fields, scan_field_t *fields, tap_state_t state)
68 if (cmd_queue_cur_state == TAP_DRPAUSE)
69 jtag_add_pathmove(asizeof(arm11_move_pd_to_sd_via_cd), arm11_move_pd_to_sd_via_cd);
71 jtag_add_dr_scan(num_fields, fields, state);
76 /** Code de-clutter: Construct scan_field_t to write out a value
78 * \param arm11 Target state variable.
79 * \param num_bits Length of the data field
80 * \param out_data pointer to the data that will be sent out
81 * <em>(data is read when it is added to the JTAG queue)</em>
82 * \param in_data pointer to the memory that will receive data that was clocked in
83 * <em>(data is written when the JTAG queue is executed)</em>
84 * \param field target data structure that will be initialized
86 void arm11_setup_field(arm11_common_t * arm11, int num_bits, void * out_data, void * in_data, scan_field_t * field)
88 field->tap = arm11->jtag_info.tap;
89 field->num_bits = num_bits;
90 field->in_check_mask = NULL;
91 field->in_check_value = NULL;
92 field->in_handler = NULL;
93 field->in_handler_priv = NULL;
95 field->out_value = out_data;
96 field->in_value = in_data;
100 /** Write JTAG instruction register
102 * \param arm11 Target state variable.
103 * \param instr An ARM11 DBGTAP instruction. Use enum #arm11_instructions.
104 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default value (Pause-IR).
106 * \remarks This adds to the JTAG command queue but does \em not execute it.
108 void arm11_add_IR(arm11_common_t * arm11, u8 instr, tap_state_t state)
111 tap = arm11->jtag_info.tap;
113 if (buf_get_u32(tap->cur_instr, 0, 5) == instr)
115 JTAG_DEBUG("IR <= 0x%02x SKIPPED", instr);
119 JTAG_DEBUG("IR <= 0x%02x", instr);
123 arm11_setup_field(arm11, 5, &instr, NULL, &field);
125 arm11_add_ir_scan_vc(1, &field, state == ARM11_TAP_DEFAULT ? TAP_IRPAUSE : state);
128 /** Verify shifted out data from Scan Chain Register (SCREG)
129 * Used as parameter to scan_field_t::in_handler in
130 * arm11_add_debug_SCAN_N().
133 static void arm11_in_handler_SCAN_N(u8 *in_value)
135 /** \todo TODO: clarify why this isnt properly masked in jtag.c jtag_read_buffer() */
136 u8 v = *in_value & 0x1F;
140 LOG_ERROR("'arm11 target' JTAG communication error SCREG SCAN OUT 0x%02x (expected 0x10)", v);
141 jtag_set_error(ERROR_FAIL);
144 JTAG_DEBUG("SCREG SCAN OUT 0x%02x", v);
147 /** Select and write to Scan Chain Register (SCREG)
149 * This function sets the instruction register to SCAN_N and writes
150 * the data register with the selected chain number.
152 * http://infocenter.arm.com/help/topic/com.arm.doc.ddi0301f/Cacbjhfg.html
154 * \param arm11 Target state variable.
155 * \param chain Scan chain that will be selected.
156 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default
159 * The chain takes effect when Update-DR is passed (usually when subsequently
160 * the INTEXT/EXTEST instructions are written).
162 * \warning (Obsolete) Using this twice in a row will \em fail. The first
163 * call will end in Pause-DR. The second call, due to the IR
164 * caching, will not go through Capture-DR when shifting in the
165 * new scan chain number. As a result the verification in
166 * arm11_in_handler_SCAN_N() must fail.
168 * \remarks This adds to the JTAG command queue but does \em not execute it.
171 void arm11_add_debug_SCAN_N(arm11_common_t * arm11, u8 chain, tap_state_t state)
173 JTAG_DEBUG("SCREG <= 0x%02x", chain);
175 arm11_add_IR(arm11, ARM11_SCAN_N, ARM11_TAP_DEFAULT);
180 arm11_setup_field(arm11, 5, &chain, &tmp, &field);
182 arm11_add_dr_scan_vc(1, &field, state == ARM11_TAP_DEFAULT ? TAP_DRPAUSE : state);
184 jtag_execute_queue_noclear();
186 arm11_in_handler_SCAN_N(tmp);
189 /** Write an instruction into the ITR register
191 * \param arm11 Target state variable.
192 * \param inst An ARM11 processor instruction/opcode.
193 * \param flag Optional parameter to retrieve the InstCompl flag
194 * (this will be written when the JTAG chain is executed).
195 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default
196 * value (Run-Test/Idle).
198 * \remarks By default this ends with Run-Test/Idle state
199 * and causes the instruction to be executed. If
200 * a subsequent write to DTR is needed before
201 * executing the instruction then TAP_DRPAUSE should be
202 * passed to \p state.
204 * \remarks This adds to the JTAG command queue but does \em not execute it.
206 void arm11_add_debug_INST(arm11_common_t * arm11, u32 inst, u8 * flag, tap_state_t state)
208 JTAG_DEBUG("INST <= 0x%08x", inst);
212 arm11_setup_field(arm11, 32, &inst, NULL, itr + 0);
213 arm11_setup_field(arm11, 1, NULL, flag, itr + 1);
215 arm11_add_dr_scan_vc(asizeof(itr), itr, state == ARM11_TAP_DEFAULT ? TAP_IDLE : state);
218 /** Read the Debug Status and Control Register (DSCR)
222 * \param arm11 Target state variable.
223 * \return DSCR content
225 * \remarks This is a stand-alone function that executes the JTAG command queue.
227 int arm11_read_DSCR(arm11_common_t * arm11, u32 *value)
229 arm11_add_debug_SCAN_N(arm11, 0x01, ARM11_TAP_DEFAULT);
231 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
234 scan_field_t chain1_field;
236 arm11_setup_field(arm11, 32, NULL, &dscr, &chain1_field);
238 arm11_add_dr_scan_vc(1, &chain1_field, TAP_DRPAUSE);
240 CHECK_RETVAL(jtag_execute_queue());
242 if (arm11->last_dscr != dscr)
243 JTAG_DEBUG("DSCR = %08x (OLD %08x)", dscr, arm11->last_dscr);
245 arm11->last_dscr = dscr;
252 /** Write the Debug Status and Control Register (DSCR)
256 * \param arm11 Target state variable.
257 * \param dscr DSCR content
259 * \remarks This is a stand-alone function that executes the JTAG command queue.
261 int arm11_write_DSCR(arm11_common_t * arm11, u32 dscr)
263 arm11_add_debug_SCAN_N(arm11, 0x01, ARM11_TAP_DEFAULT);
265 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
267 scan_field_t chain1_field;
269 arm11_setup_field(arm11, 32, &dscr, NULL, &chain1_field);
271 arm11_add_dr_scan_vc(1, &chain1_field, TAP_DRPAUSE);
273 CHECK_RETVAL(jtag_execute_queue());
275 JTAG_DEBUG("DSCR <= %08x (OLD %08x)", dscr, arm11->last_dscr);
277 arm11->last_dscr = dscr;
284 /** Get the debug reason from Debug Status and Control Register (DSCR)
286 * \param dscr DSCR value to analyze
287 * \return Debug reason
290 enum target_debug_reason arm11_get_DSCR_debug_reason(u32 dscr)
292 switch (dscr & ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_MASK)
294 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_HALT:
295 LOG_INFO("Debug entry: JTAG HALT");
296 return DBG_REASON_DBGRQ;
298 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_BREAKPOINT:
299 LOG_INFO("Debug entry: breakpoint");
300 return DBG_REASON_BREAKPOINT;
302 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_WATCHPOINT:
303 LOG_INFO("Debug entry: watchpoint");
304 return DBG_REASON_WATCHPOINT;
306 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_BKPT_INSTRUCTION:
307 LOG_INFO("Debug entry: BKPT instruction");
308 return DBG_REASON_BREAKPOINT;
310 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_EDBGRQ:
311 LOG_INFO("Debug entry: EDBGRQ signal");
312 return DBG_REASON_DBGRQ;
314 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_VECTOR_CATCH:
315 LOG_INFO("Debug entry: VCR vector catch");
316 return DBG_REASON_BREAKPOINT;
319 LOG_INFO("Debug entry: unknown");
320 return DBG_REASON_DBGRQ;
326 /** Prepare the stage for ITR/DTR operations
327 * from the arm11_run_instr... group of functions.
329 * Put arm11_run_instr_data_prepare() and arm11_run_instr_data_finish()
330 * around a block of arm11_run_instr_... calls.
332 * Select scan chain 5 to allow quick access to DTR. When scan
333 * chain 4 is needed to put in a register the ITRSel instruction
334 * shortcut is used instead of actually changing the Scan_N
337 * \param arm11 Target state variable.
340 void arm11_run_instr_data_prepare(arm11_common_t * arm11)
342 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
345 /** Cleanup after ITR/DTR operations
346 * from the arm11_run_instr... group of functions
348 * Put arm11_run_instr_data_prepare() and arm11_run_instr_data_finish()
349 * around a block of arm11_run_instr_... calls.
351 * Any IDLE can lead to an instruction execution when
352 * scan chains 4 or 5 are selected and the IR holds
353 * INTEST or EXTEST. So we must disable that before
354 * any following activities lead to an IDLE.
356 * \param arm11 Target state variable.
359 void arm11_run_instr_data_finish(arm11_common_t * arm11)
361 arm11_add_debug_SCAN_N(arm11, 0x00, ARM11_TAP_DEFAULT);
365 /** Execute one or multiple instructions via ITR
367 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
369 * \param arm11 Target state variable.
370 * \param opcode Pointer to sequence of ARM opcodes
371 * \param count Number of opcodes to execute
374 int arm11_run_instr_no_data(arm11_common_t * arm11, u32 * opcode, size_t count)
376 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
380 arm11_add_debug_INST(arm11, *opcode++, NULL, TAP_IDLE);
386 arm11_add_debug_INST(arm11, 0, &flag, count ? TAP_IDLE : TAP_DRPAUSE);
388 CHECK_RETVAL(jtag_execute_queue());
398 /** Execute one instruction via ITR
400 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
402 * \param arm11 Target state variable.
403 * \param opcode ARM opcode
406 void arm11_run_instr_no_data1(arm11_common_t * arm11, u32 opcode)
408 arm11_run_instr_no_data(arm11, &opcode, 1);
412 /** Execute one instruction via ITR repeatedly while
413 * passing data to the core via DTR on each execution.
415 * The executed instruction \em must read data from DTR.
417 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
419 * \param arm11 Target state variable.
420 * \param opcode ARM opcode
421 * \param data Pointer to the data words to be passed to the core
422 * \param count Number of data words and instruction repetitions
425 int arm11_run_instr_data_to_core(arm11_common_t * arm11, u32 opcode, u32 * data, size_t count)
427 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
429 arm11_add_debug_INST(arm11, opcode, NULL, TAP_DRPAUSE);
431 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
433 scan_field_t chain5_fields[3];
439 arm11_setup_field(arm11, 32, &Data, NULL, chain5_fields + 0);
440 arm11_setup_field(arm11, 1, NULL, &Ready, chain5_fields + 1);
441 arm11_setup_field(arm11, 1, NULL, &nRetry, chain5_fields + 2);
449 arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, TAP_IDLE);
451 CHECK_RETVAL(jtag_execute_queue());
453 JTAG_DEBUG("DTR Ready %d nRetry %d", Ready, nRetry);
460 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
466 arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, TAP_DRPAUSE);
468 CHECK_RETVAL(jtag_execute_queue());
470 JTAG_DEBUG("DTR Data %08x Ready %d nRetry %d", Data, Ready, nRetry);
477 /** JTAG path for arm11_run_instr_data_to_core_noack
479 * The repeated TAP_IDLE's do not cause a repeated execution
480 * if passed without leaving the state.
482 * Since this is more than 7 bits (adjustable via adding more
483 * TAP_IDLE's) it produces an artificial delay in the lower
484 * layer (FT2232) that is long enough to finish execution on
485 * the core but still shorter than any manually inducible delays.
487 * To disable this code, try "memwrite burst false"
490 tap_state_t arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay[] =
492 TAP_DREXIT2, TAP_DRUPDATE, TAP_IDLE, TAP_IDLE, TAP_IDLE, TAP_DRSELECT, TAP_DRCAPTURE, TAP_DRSHIFT
497 /** Execute one instruction via ITR repeatedly while
498 * passing data to the core via DTR on each execution.
500 * No Ready check during transmission.
502 * The executed instruction \em must read data from DTR.
504 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
506 * \param arm11 Target state variable.
507 * \param opcode ARM opcode
508 * \param data Pointer to the data words to be passed to the core
509 * \param count Number of data words and instruction repetitions
512 int arm11_run_instr_data_to_core_noack(arm11_common_t * arm11, u32 opcode, u32 * data, size_t count)
514 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
516 arm11_add_debug_INST(arm11, opcode, NULL, TAP_DRPAUSE);
518 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
520 scan_field_t chain5_fields[3];
522 arm11_setup_field(arm11, 32, NULL/*&Data*/, NULL, chain5_fields + 0);
523 arm11_setup_field(arm11, 1, NULL, NULL /*&Ready*/, chain5_fields + 1);
524 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
526 u8 Readies[count + 1];
527 u8 * ReadyPos = Readies;
531 chain5_fields[0].out_value = (void *)(data++);
532 chain5_fields[1].in_value = ReadyPos++;
536 jtag_add_dr_scan(asizeof(chain5_fields), chain5_fields, TAP_DRPAUSE);
537 jtag_add_pathmove(asizeof(arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay),
538 arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay);
542 jtag_add_dr_scan(asizeof(chain5_fields), chain5_fields, TAP_IDLE);
546 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
548 chain5_fields[0].out_value = 0;
549 chain5_fields[1].in_value = ReadyPos++;
551 arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, TAP_DRPAUSE);
553 CHECK_RETVAL(jtag_execute_queue());
555 size_t error_count = 0;
558 for (i = 0; i < asizeof(Readies); i++)
567 LOG_ERROR("Transfer errors " ZU, error_count);
573 /** Execute an instruction via ITR while handing data into the core via DTR.
575 * The executed instruction \em must read data from DTR.
577 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
579 * \param arm11 Target state variable.
580 * \param opcode ARM opcode
581 * \param data Data word to be passed to the core via DTR
584 int arm11_run_instr_data_to_core1(arm11_common_t * arm11, u32 opcode, u32 data)
586 return arm11_run_instr_data_to_core(arm11, opcode, &data, 1);
590 /** Execute one instruction via ITR repeatedly while
591 * reading data from the core via DTR on each execution.
593 * The executed instruction \em must write data to DTR.
595 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
597 * \param arm11 Target state variable.
598 * \param opcode ARM opcode
599 * \param data Pointer to an array that receives the data words from the core
600 * \param count Number of data words and instruction repetitions
603 int arm11_run_instr_data_from_core(arm11_common_t * arm11, u32 opcode, u32 * data, size_t count)
605 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
607 arm11_add_debug_INST(arm11, opcode, NULL, TAP_IDLE);
609 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
611 scan_field_t chain5_fields[3];
617 arm11_setup_field(arm11, 32, NULL, &Data, chain5_fields + 0);
618 arm11_setup_field(arm11, 1, NULL, &Ready, chain5_fields + 1);
619 arm11_setup_field(arm11, 1, NULL, &nRetry, chain5_fields + 2);
625 arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, count ? TAP_IDLE : TAP_DRPAUSE);
627 CHECK_RETVAL(jtag_execute_queue());
629 JTAG_DEBUG("DTR Data %08x Ready %d nRetry %d", Data, Ready, nRetry);
639 /** Execute one instruction via ITR
640 * then load r0 into DTR and read DTR from core.
642 * The first executed instruction (\p opcode) should write data to r0.
644 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
646 * \param arm11 Target state variable.
647 * \param opcode ARM opcode to write r0 with the value of interest
648 * \param data Pointer to a data word that receives the value from r0 after \p opcode was executed.
651 void arm11_run_instr_data_from_core_via_r0(arm11_common_t * arm11, u32 opcode, u32 * data)
653 arm11_run_instr_no_data1(arm11, opcode);
655 /* MCR p14,0,R0,c0,c5,0 (move r0 -> wDTR -> local var) */
656 arm11_run_instr_data_from_core(arm11, 0xEE000E15, data, 1);
659 /** Load data into core via DTR then move it to r0 then
660 * execute one instruction via ITR
662 * The final executed instruction (\p opcode) should read data from r0.
664 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
666 * \param arm11 Target state variable.
667 * \param opcode ARM opcode to read r0 act upon it
668 * \param data Data word that will be written to r0 before \p opcode is executed
671 void arm11_run_instr_data_to_core_via_r0(arm11_common_t * arm11, u32 opcode, u32 data)
673 /* MRC p14,0,r0,c0,c5,0 */
674 arm11_run_instr_data_to_core1(arm11, 0xEE100E15, data);
676 arm11_run_instr_no_data1(arm11, opcode);
679 /** Apply reads and writes to scan chain 7
681 * \see arm11_sc7_action_t
683 * \param arm11 Target state variable.
684 * \param actions A list of read and/or write instructions
685 * \param count Number of instructions in the list.
688 int arm11_sc7_run(arm11_common_t * arm11, arm11_sc7_action_t * actions, size_t count)
690 arm11_add_debug_SCAN_N(arm11, 0x07, ARM11_TAP_DEFAULT);
692 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
694 scan_field_t chain7_fields[3];
703 arm11_setup_field(arm11, 1, &nRW, &Ready, chain7_fields + 0);
704 arm11_setup_field(arm11, 32, &DataOut, &DataIn, chain7_fields + 1);
705 arm11_setup_field(arm11, 7, &AddressOut, &AddressIn, chain7_fields + 2);
708 for (i = 0; i < count + 1; i++)
712 nRW = actions[i].write ? 1 : 0;
713 DataOut = actions[i].value;
714 AddressOut = actions[i].address;
725 JTAG_DEBUG("SC7 <= Address %02x Data %08x nRW %d", AddressOut, DataOut, nRW);
727 arm11_add_dr_scan_vc(asizeof(chain7_fields), chain7_fields, TAP_DRPAUSE);
729 CHECK_RETVAL(jtag_execute_queue());
731 JTAG_DEBUG("SC7 => Address %02x Data %08x Ready %d", AddressIn, DataIn, Ready);
733 while (!Ready); /* 'nRW' is 'Ready' on read out */
737 if (actions[i - 1].address != AddressIn)
739 LOG_WARNING("Scan chain 7 shifted out unexpected address");
742 if (!actions[i - 1].write)
744 actions[i - 1].value = DataIn;
748 if (actions[i - 1].value != DataIn)
750 LOG_WARNING("Scan chain 7 shifted out unexpected data");
757 for (i = 0; i < count; i++)
759 JTAG_DEBUG("SC7 %02d: %02x %s %08x", i, actions[i].address, actions[i].write ? "<=" : "=>", actions[i].value);
765 /** Clear VCR and all breakpoints and watchpoints via scan chain 7
767 * \param arm11 Target state variable.
770 void arm11_sc7_clear_vbw(arm11_common_t * arm11)
772 arm11_sc7_action_t clear_bw[arm11->brp + arm11->wrp + 1];
773 arm11_sc7_action_t * pos = clear_bw;
776 for (i = 0; i < asizeof(clear_bw); i++)
778 clear_bw[i].write = true;
779 clear_bw[i].value = 0;
783 for (i = 0; i < arm11->brp; i++)
784 (pos++)->address = ARM11_SC7_BCR0 + i;
788 for (i = 0; i < arm11->wrp; i++)
789 (pos++)->address = ARM11_SC7_WCR0 + i;
792 (pos++)->address = ARM11_SC7_VCR;
794 arm11_sc7_run(arm11, clear_bw, asizeof(clear_bw));
797 /** Write VCR register
799 * \param arm11 Target state variable.
800 * \param value Value to be written
802 void arm11_sc7_set_vcr(arm11_common_t * arm11, u32 value)
804 arm11_sc7_action_t set_vcr;
806 set_vcr.write = true;
807 set_vcr.address = ARM11_SC7_VCR;
808 set_vcr.value = value;
811 arm11_sc7_run(arm11, &set_vcr, 1);
816 /** Read word from address
818 * \param arm11 Target state variable.
819 * \param address Memory address to be read
820 * \param result Pointer where to store result
823 int arm11_read_memory_word(arm11_common_t * arm11, u32 address, u32 * result)
825 arm11_run_instr_data_prepare(arm11);
827 /* MRC p14,0,r0,c0,c5,0 (r0 = address) */
828 CHECK_RETVAL(arm11_run_instr_data_to_core1(arm11, 0xee100e15, address));
830 /* LDC p14,c5,[R0],#4 (DTR = [r0]) */
831 CHECK_RETVAL(arm11_run_instr_data_from_core(arm11, 0xecb05e01, result, 1));
833 arm11_run_instr_data_finish(arm11);