1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
4 * Copyright (C) 2008 Oyvind Harboe oyvind.harboe@zylin.com *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the *
18 * Free Software Foundation, Inc., *
19 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
20 ***************************************************************************/
34 #define JTAG_DEBUG(expr ...) DEBUG(expr)
36 #define JTAG_DEBUG(expr ...) do {} while(0)
40 This pathmove goes from Pause-IR to Shift-IR while avoiding RTI. The
41 behavior of the FTDI driver IIRC was to go via RTI.
43 Conversely there may be other places in this code where the ARM11 code relies
44 on the driver to hit through RTI when coming from Update-?R.
46 tap_state_t arm11_move_pi_to_si_via_ci[] =
48 TAP_IREXIT2, TAP_IRUPDATE, TAP_DRSELECT, TAP_IRSELECT, TAP_IRCAPTURE, TAP_IRSHIFT
52 int arm11_add_ir_scan_vc(int num_fields, scan_field_t *fields, tap_state_t state)
54 if (cmd_queue_cur_state == TAP_IRPAUSE)
55 jtag_add_pathmove(asizeof(arm11_move_pi_to_si_via_ci), arm11_move_pi_to_si_via_ci);
57 jtag_add_ir_scan(num_fields, fields, state);
61 tap_state_t arm11_move_pd_to_sd_via_cd[] =
63 TAP_DREXIT2, TAP_DRUPDATE, TAP_DRSELECT, TAP_DRCAPTURE, TAP_DRSHIFT
66 int arm11_add_dr_scan_vc(int num_fields, scan_field_t *fields, tap_state_t state)
68 if (cmd_queue_cur_state == TAP_DRPAUSE)
69 jtag_add_pathmove(asizeof(arm11_move_pd_to_sd_via_cd), arm11_move_pd_to_sd_via_cd);
71 jtag_add_dr_scan(num_fields, fields, state);
76 /** Code de-clutter: Construct scan_field_t to write out a value
78 * \param arm11 Target state variable.
79 * \param num_bits Length of the data field
80 * \param out_data pointer to the data that will be sent out
81 * <em>(data is read when it is added to the JTAG queue)</em>
82 * \param in_data pointer to the memory that will receive data that was clocked in
83 * <em>(data is written when the JTAG queue is executed)</em>
84 * \param field target data structure that will be initialized
86 void arm11_setup_field(arm11_common_t * arm11, int num_bits, void * out_data, void * in_data, scan_field_t * field)
88 field->tap = arm11->jtag_info.tap;
89 field->num_bits = num_bits;
90 field->in_check_mask = NULL;
91 field->in_check_value = NULL;
92 field->in_handler = NULL;
93 field->in_handler_priv = NULL;
95 field->out_value = out_data;
96 field->in_value = in_data;
100 /** Write JTAG instruction register
102 * \param arm11 Target state variable.
103 * \param instr An ARM11 DBGTAP instruction. Use enum #arm11_instructions.
104 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default value (Pause-IR).
106 * \remarks This adds to the JTAG command queue but does \em not execute it.
108 void arm11_add_IR(arm11_common_t * arm11, u8 instr, tap_state_t state)
111 tap = arm11->jtag_info.tap;
113 if (buf_get_u32(tap->cur_instr, 0, 5) == instr)
115 JTAG_DEBUG("IR <= 0x%02x SKIPPED", instr);
119 JTAG_DEBUG("IR <= 0x%02x", instr);
123 arm11_setup_field(arm11, 5, &instr, NULL, &field);
125 arm11_add_ir_scan_vc(1, &field, state == ARM11_TAP_DEFAULT ? TAP_IRPAUSE : state);
128 /** Verify shifted out data from Scan Chain Register (SCREG)
129 * Used as parameter to scan_field_t::in_handler in
130 * arm11_add_debug_SCAN_N().
133 static int arm11_in_handler_SCAN_N(u8 *in_value, void *priv, struct scan_field_s *field)
135 /** \todo TODO: clarify why this isnt properly masked in jtag.c jtag_read_buffer() */
136 u8 v = *in_value & 0x1F;
140 LOG_ERROR("'arm11 target' JTAG communication error SCREG SCAN OUT 0x%02x (expected 0x10)", v);
144 JTAG_DEBUG("SCREG SCAN OUT 0x%02x", v);
148 /** Select and write to Scan Chain Register (SCREG)
150 * This function sets the instruction register to SCAN_N and writes
151 * the data register with the selected chain number.
153 * http://infocenter.arm.com/help/topic/com.arm.doc.ddi0301f/Cacbjhfg.html
155 * \param arm11 Target state variable.
156 * \param chain Scan chain that will be selected.
157 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default
160 * The chain takes effect when Update-DR is passed (usually when subsequently
161 * the INTEXT/EXTEST instructions are written).
163 * \warning (Obsolete) Using this twice in a row will \em fail. The first
164 * call will end in Pause-DR. The second call, due to the IR
165 * caching, will not go through Capture-DR when shifting in the
166 * new scan chain number. As a result the verification in
167 * arm11_in_handler_SCAN_N() must fail.
169 * \remarks This adds to the JTAG command queue but does \em not execute it.
172 void arm11_add_debug_SCAN_N(arm11_common_t * arm11, u8 chain, tap_state_t state)
174 JTAG_DEBUG("SCREG <= 0x%02x", chain);
176 arm11_add_IR(arm11, ARM11_SCAN_N, ARM11_TAP_DEFAULT);
180 arm11_setup_field(arm11, 5, &chain, NULL, &field);
182 field.in_handler = arm11_in_handler_SCAN_N; /* deprecated! invoke this from user code! */
184 arm11_add_dr_scan_vc(1, &field, state == ARM11_TAP_DEFAULT ? TAP_DRPAUSE : state);
187 /** Write an instruction into the ITR register
189 * \param arm11 Target state variable.
190 * \param inst An ARM11 processor instruction/opcode.
191 * \param flag Optional parameter to retrieve the InstCompl flag
192 * (this will be written when the JTAG chain is executed).
193 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default
194 * value (Run-Test/Idle).
196 * \remarks By default this ends with Run-Test/Idle state
197 * and causes the instruction to be executed. If
198 * a subsequent write to DTR is needed before
199 * executing the instruction then TAP_DRPAUSE should be
200 * passed to \p state.
202 * \remarks This adds to the JTAG command queue but does \em not execute it.
204 void arm11_add_debug_INST(arm11_common_t * arm11, u32 inst, u8 * flag, tap_state_t state)
206 JTAG_DEBUG("INST <= 0x%08x", inst);
210 arm11_setup_field(arm11, 32, &inst, NULL, itr + 0);
211 arm11_setup_field(arm11, 1, NULL, flag, itr + 1);
213 arm11_add_dr_scan_vc(asizeof(itr), itr, state == ARM11_TAP_DEFAULT ? TAP_IDLE : state);
216 /** Read the Debug Status and Control Register (DSCR)
220 * \param arm11 Target state variable.
221 * \return DSCR content
223 * \remarks This is a stand-alone function that executes the JTAG command queue.
225 int arm11_read_DSCR(arm11_common_t * arm11, u32 *value)
227 arm11_add_debug_SCAN_N(arm11, 0x01, ARM11_TAP_DEFAULT);
229 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
232 scan_field_t chain1_field;
234 arm11_setup_field(arm11, 32, NULL, &dscr, &chain1_field);
236 arm11_add_dr_scan_vc(1, &chain1_field, TAP_DRPAUSE);
238 CHECK_RETVAL(jtag_execute_queue());
240 if (arm11->last_dscr != dscr)
241 JTAG_DEBUG("DSCR = %08x (OLD %08x)", dscr, arm11->last_dscr);
243 arm11->last_dscr = dscr;
250 /** Write the Debug Status and Control Register (DSCR)
254 * \param arm11 Target state variable.
255 * \param dscr DSCR content
257 * \remarks This is a stand-alone function that executes the JTAG command queue.
259 int arm11_write_DSCR(arm11_common_t * arm11, u32 dscr)
261 arm11_add_debug_SCAN_N(arm11, 0x01, ARM11_TAP_DEFAULT);
263 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
265 scan_field_t chain1_field;
267 arm11_setup_field(arm11, 32, &dscr, NULL, &chain1_field);
269 arm11_add_dr_scan_vc(1, &chain1_field, TAP_DRPAUSE);
271 CHECK_RETVAL(jtag_execute_queue());
273 JTAG_DEBUG("DSCR <= %08x (OLD %08x)", dscr, arm11->last_dscr);
275 arm11->last_dscr = dscr;
282 /** Get the debug reason from Debug Status and Control Register (DSCR)
284 * \param dscr DSCR value to analyze
285 * \return Debug reason
288 enum target_debug_reason arm11_get_DSCR_debug_reason(u32 dscr)
290 switch (dscr & ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_MASK)
292 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_HALT:
293 LOG_INFO("Debug entry: JTAG HALT");
294 return DBG_REASON_DBGRQ;
296 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_BREAKPOINT:
297 LOG_INFO("Debug entry: breakpoint");
298 return DBG_REASON_BREAKPOINT;
300 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_WATCHPOINT:
301 LOG_INFO("Debug entry: watchpoint");
302 return DBG_REASON_WATCHPOINT;
304 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_BKPT_INSTRUCTION:
305 LOG_INFO("Debug entry: BKPT instruction");
306 return DBG_REASON_BREAKPOINT;
308 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_EDBGRQ:
309 LOG_INFO("Debug entry: EDBGRQ signal");
310 return DBG_REASON_DBGRQ;
312 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_VECTOR_CATCH:
313 LOG_INFO("Debug entry: VCR vector catch");
314 return DBG_REASON_BREAKPOINT;
317 LOG_INFO("Debug entry: unknown");
318 return DBG_REASON_DBGRQ;
324 /** Prepare the stage for ITR/DTR operations
325 * from the arm11_run_instr... group of functions.
327 * Put arm11_run_instr_data_prepare() and arm11_run_instr_data_finish()
328 * around a block of arm11_run_instr_... calls.
330 * Select scan chain 5 to allow quick access to DTR. When scan
331 * chain 4 is needed to put in a register the ITRSel instruction
332 * shortcut is used instead of actually changing the Scan_N
335 * \param arm11 Target state variable.
338 void arm11_run_instr_data_prepare(arm11_common_t * arm11)
340 arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
343 /** Cleanup after ITR/DTR operations
344 * from the arm11_run_instr... group of functions
346 * Put arm11_run_instr_data_prepare() and arm11_run_instr_data_finish()
347 * around a block of arm11_run_instr_... calls.
349 * Any IDLE can lead to an instruction execution when
350 * scan chains 4 or 5 are selected and the IR holds
351 * INTEST or EXTEST. So we must disable that before
352 * any following activities lead to an IDLE.
354 * \param arm11 Target state variable.
357 void arm11_run_instr_data_finish(arm11_common_t * arm11)
359 arm11_add_debug_SCAN_N(arm11, 0x00, ARM11_TAP_DEFAULT);
363 /** Execute one or multiple instructions via ITR
365 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
367 * \param arm11 Target state variable.
368 * \param opcode Pointer to sequence of ARM opcodes
369 * \param count Number of opcodes to execute
372 int arm11_run_instr_no_data(arm11_common_t * arm11, u32 * opcode, size_t count)
374 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
378 arm11_add_debug_INST(arm11, *opcode++, NULL, TAP_IDLE);
384 arm11_add_debug_INST(arm11, 0, &flag, count ? TAP_IDLE : TAP_DRPAUSE);
386 CHECK_RETVAL(jtag_execute_queue());
396 /** Execute one instruction via ITR
398 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
400 * \param arm11 Target state variable.
401 * \param opcode ARM opcode
404 void arm11_run_instr_no_data1(arm11_common_t * arm11, u32 opcode)
406 arm11_run_instr_no_data(arm11, &opcode, 1);
410 /** Execute one instruction via ITR repeatedly while
411 * passing data to the core via DTR on each execution.
413 * The executed instruction \em must read data from DTR.
415 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
417 * \param arm11 Target state variable.
418 * \param opcode ARM opcode
419 * \param data Pointer to the data words to be passed to the core
420 * \param count Number of data words and instruction repetitions
423 int arm11_run_instr_data_to_core(arm11_common_t * arm11, u32 opcode, u32 * data, size_t count)
425 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
427 arm11_add_debug_INST(arm11, opcode, NULL, TAP_DRPAUSE);
429 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
431 scan_field_t chain5_fields[3];
437 arm11_setup_field(arm11, 32, &Data, NULL, chain5_fields + 0);
438 arm11_setup_field(arm11, 1, NULL, &Ready, chain5_fields + 1);
439 arm11_setup_field(arm11, 1, NULL, &nRetry, chain5_fields + 2);
447 arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, TAP_IDLE);
449 CHECK_RETVAL(jtag_execute_queue());
451 JTAG_DEBUG("DTR Ready %d nRetry %d", Ready, nRetry);
458 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
464 arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, TAP_DRPAUSE);
466 CHECK_RETVAL(jtag_execute_queue());
468 JTAG_DEBUG("DTR Data %08x Ready %d nRetry %d", Data, Ready, nRetry);
475 /** JTAG path for arm11_run_instr_data_to_core_noack
477 * The repeated TAP_IDLE's do not cause a repeated execution
478 * if passed without leaving the state.
480 * Since this is more than 7 bits (adjustable via adding more
481 * TAP_IDLE's) it produces an artificial delay in the lower
482 * layer (FT2232) that is long enough to finish execution on
483 * the core but still shorter than any manually inducible delays.
485 * To disable this code, try "memwrite burst false"
488 tap_state_t arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay[] =
490 TAP_DREXIT2, TAP_DRUPDATE, TAP_IDLE, TAP_IDLE, TAP_IDLE, TAP_DRSELECT, TAP_DRCAPTURE, TAP_DRSHIFT
495 /** Execute one instruction via ITR repeatedly while
496 * passing data to the core via DTR on each execution.
498 * No Ready check during transmission.
500 * The executed instruction \em must read data from DTR.
502 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
504 * \param arm11 Target state variable.
505 * \param opcode ARM opcode
506 * \param data Pointer to the data words to be passed to the core
507 * \param count Number of data words and instruction repetitions
510 int arm11_run_instr_data_to_core_noack(arm11_common_t * arm11, u32 opcode, u32 * data, size_t count)
512 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
514 arm11_add_debug_INST(arm11, opcode, NULL, TAP_DRPAUSE);
516 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
518 scan_field_t chain5_fields[3];
520 arm11_setup_field(arm11, 32, NULL/*&Data*/, NULL, chain5_fields + 0);
521 arm11_setup_field(arm11, 1, NULL, NULL /*&Ready*/, chain5_fields + 1);
522 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
524 u8 Readies[count + 1];
525 u8 * ReadyPos = Readies;
529 chain5_fields[0].out_value = (void *)(data++);
530 chain5_fields[1].in_value = ReadyPos++;
534 jtag_add_dr_scan(asizeof(chain5_fields), chain5_fields, TAP_DRPAUSE);
535 jtag_add_pathmove(asizeof(arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay),
536 arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay);
540 jtag_add_dr_scan(asizeof(chain5_fields), chain5_fields, TAP_IDLE);
544 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
546 chain5_fields[0].out_value = 0;
547 chain5_fields[1].in_value = ReadyPos++;
549 arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, TAP_DRPAUSE);
551 CHECK_RETVAL(jtag_execute_queue());
553 size_t error_count = 0;
556 for (i = 0; i < asizeof(Readies); i++)
565 LOG_ERROR("Transfer errors " ZU, error_count);
571 /** Execute an instruction via ITR while handing data into the core via DTR.
573 * The executed instruction \em must read data from DTR.
575 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
577 * \param arm11 Target state variable.
578 * \param opcode ARM opcode
579 * \param data Data word to be passed to the core via DTR
582 int arm11_run_instr_data_to_core1(arm11_common_t * arm11, u32 opcode, u32 data)
584 return arm11_run_instr_data_to_core(arm11, opcode, &data, 1);
588 /** Execute one instruction via ITR repeatedly while
589 * reading data from the core via DTR on each execution.
591 * The executed instruction \em must write data to DTR.
593 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
595 * \param arm11 Target state variable.
596 * \param opcode ARM opcode
597 * \param data Pointer to an array that receives the data words from the core
598 * \param count Number of data words and instruction repetitions
601 int arm11_run_instr_data_from_core(arm11_common_t * arm11, u32 opcode, u32 * data, size_t count)
603 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
605 arm11_add_debug_INST(arm11, opcode, NULL, TAP_IDLE);
607 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
609 scan_field_t chain5_fields[3];
615 arm11_setup_field(arm11, 32, NULL, &Data, chain5_fields + 0);
616 arm11_setup_field(arm11, 1, NULL, &Ready, chain5_fields + 1);
617 arm11_setup_field(arm11, 1, NULL, &nRetry, chain5_fields + 2);
623 arm11_add_dr_scan_vc(asizeof(chain5_fields), chain5_fields, count ? TAP_IDLE : TAP_DRPAUSE);
625 CHECK_RETVAL(jtag_execute_queue());
627 JTAG_DEBUG("DTR Data %08x Ready %d nRetry %d", Data, Ready, nRetry);
637 /** Execute one instruction via ITR
638 * then load r0 into DTR and read DTR from core.
640 * The first executed instruction (\p opcode) should write data to r0.
642 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
644 * \param arm11 Target state variable.
645 * \param opcode ARM opcode to write r0 with the value of interest
646 * \param data Pointer to a data word that receives the value from r0 after \p opcode was executed.
649 void arm11_run_instr_data_from_core_via_r0(arm11_common_t * arm11, u32 opcode, u32 * data)
651 arm11_run_instr_no_data1(arm11, opcode);
653 /* MCR p14,0,R0,c0,c5,0 (move r0 -> wDTR -> local var) */
654 arm11_run_instr_data_from_core(arm11, 0xEE000E15, data, 1);
657 /** Load data into core via DTR then move it to r0 then
658 * execute one instruction via ITR
660 * The final executed instruction (\p opcode) should read data from r0.
662 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
664 * \param arm11 Target state variable.
665 * \param opcode ARM opcode to read r0 act upon it
666 * \param data Data word that will be written to r0 before \p opcode is executed
669 void arm11_run_instr_data_to_core_via_r0(arm11_common_t * arm11, u32 opcode, u32 data)
671 /* MRC p14,0,r0,c0,c5,0 */
672 arm11_run_instr_data_to_core1(arm11, 0xEE100E15, data);
674 arm11_run_instr_no_data1(arm11, opcode);
677 /** Apply reads and writes to scan chain 7
679 * \see arm11_sc7_action_t
681 * \param arm11 Target state variable.
682 * \param actions A list of read and/or write instructions
683 * \param count Number of instructions in the list.
686 int arm11_sc7_run(arm11_common_t * arm11, arm11_sc7_action_t * actions, size_t count)
688 arm11_add_debug_SCAN_N(arm11, 0x07, ARM11_TAP_DEFAULT);
690 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
692 scan_field_t chain7_fields[3];
701 arm11_setup_field(arm11, 1, &nRW, &Ready, chain7_fields + 0);
702 arm11_setup_field(arm11, 32, &DataOut, &DataIn, chain7_fields + 1);
703 arm11_setup_field(arm11, 7, &AddressOut, &AddressIn, chain7_fields + 2);
706 for (i = 0; i < count + 1; i++)
710 nRW = actions[i].write ? 1 : 0;
711 DataOut = actions[i].value;
712 AddressOut = actions[i].address;
723 JTAG_DEBUG("SC7 <= Address %02x Data %08x nRW %d", AddressOut, DataOut, nRW);
725 arm11_add_dr_scan_vc(asizeof(chain7_fields), chain7_fields, TAP_DRPAUSE);
727 CHECK_RETVAL(jtag_execute_queue());
729 JTAG_DEBUG("SC7 => Address %02x Data %08x Ready %d", AddressIn, DataIn, Ready);
731 while (!Ready); /* 'nRW' is 'Ready' on read out */
735 if (actions[i - 1].address != AddressIn)
737 LOG_WARNING("Scan chain 7 shifted out unexpected address");
740 if (!actions[i - 1].write)
742 actions[i - 1].value = DataIn;
746 if (actions[i - 1].value != DataIn)
748 LOG_WARNING("Scan chain 7 shifted out unexpected data");
755 for (i = 0; i < count; i++)
757 JTAG_DEBUG("SC7 %02d: %02x %s %08x", i, actions[i].address, actions[i].write ? "<=" : "=>", actions[i].value);
763 /** Clear VCR and all breakpoints and watchpoints via scan chain 7
765 * \param arm11 Target state variable.
768 void arm11_sc7_clear_vbw(arm11_common_t * arm11)
770 arm11_sc7_action_t clear_bw[arm11->brp + arm11->wrp + 1];
771 arm11_sc7_action_t * pos = clear_bw;
774 for (i = 0; i < asizeof(clear_bw); i++)
776 clear_bw[i].write = true;
777 clear_bw[i].value = 0;
781 for (i = 0; i < arm11->brp; i++)
782 (pos++)->address = ARM11_SC7_BCR0 + i;
786 for (i = 0; i < arm11->wrp; i++)
787 (pos++)->address = ARM11_SC7_WCR0 + i;
790 (pos++)->address = ARM11_SC7_VCR;
792 arm11_sc7_run(arm11, clear_bw, asizeof(clear_bw));
795 /** Write VCR register
797 * \param arm11 Target state variable.
798 * \param value Value to be written
800 void arm11_sc7_set_vcr(arm11_common_t * arm11, u32 value)
802 arm11_sc7_action_t set_vcr;
804 set_vcr.write = true;
805 set_vcr.address = ARM11_SC7_VCR;
806 set_vcr.value = value;
809 arm11_sc7_run(arm11, &set_vcr, 1);
814 /** Read word from address
816 * \param arm11 Target state variable.
817 * \param address Memory address to be read
818 * \param result Pointer where to store result
821 int arm11_read_memory_word(arm11_common_t * arm11, u32 address, u32 * result)
823 arm11_run_instr_data_prepare(arm11);
825 /* MRC p14,0,r0,c0,c5,0 (r0 = address) */
826 CHECK_RETVAL(arm11_run_instr_data_to_core1(arm11, 0xee100e15, address));
828 /* LDC p14,c5,[R0],#4 (DTR = [r0]) */
829 CHECK_RETVAL(arm11_run_instr_data_from_core(arm11, 0xecb05e01, result, 1));
831 arm11_run_instr_data_finish(arm11);