1 /***************************************************************************
2 * Copyright (C) 2008 digenius technology GmbH. *
5 * Copyright (C) 2008,2009 Oyvind Harboe oyvind.harboe@zylin.com *
7 * This program is free software; you can redistribute it and/or modify *
8 * it under the terms of the GNU General Public License as published by *
9 * the Free Software Foundation; either version 2 of the License, or *
10 * (at your option) any later version. *
12 * This program is distributed in the hope that it will be useful, *
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
15 * GNU General Public License for more details. *
17 * You should have received a copy of the GNU General Public License *
18 * along with this program; if not, write to the *
19 * Free Software Foundation, Inc., *
20 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
21 ***************************************************************************/
28 #include "arm11_dbgtap.h"
30 #include "time_support.h"
33 #define JTAG_DEBUG(expr ...) do { if (1) LOG_DEBUG(expr); } while (0)
35 #define JTAG_DEBUG(expr ...) do { if (0) LOG_DEBUG(expr); } while (0)
39 This pathmove goes from Pause-IR to Shift-IR while avoiding RTI. The
40 behavior of the FTDI driver IIRC was to go via RTI.
42 Conversely there may be other places in this code where the ARM11 code relies
43 on the driver to hit through RTI when coming from Update-?R.
45 static const tap_state_t arm11_move_pi_to_si_via_ci[] =
47 TAP_IREXIT2, TAP_IRUPDATE, TAP_DRSELECT, TAP_IRSELECT, TAP_IRCAPTURE, TAP_IRSHIFT
51 static int arm11_add_ir_scan_vc(int num_fields, struct scan_field *fields,
54 if (cmd_queue_cur_state == TAP_IRPAUSE)
55 jtag_add_pathmove(ARRAY_SIZE(arm11_move_pi_to_si_via_ci), arm11_move_pi_to_si_via_ci);
57 jtag_add_ir_scan(num_fields, fields, state);
61 static const tap_state_t arm11_move_pd_to_sd_via_cd[] =
63 TAP_DREXIT2, TAP_DRUPDATE, TAP_DRSELECT, TAP_DRCAPTURE, TAP_DRSHIFT
66 int arm11_add_dr_scan_vc(int num_fields, struct scan_field *fields, tap_state_t state)
68 if (cmd_queue_cur_state == TAP_DRPAUSE)
69 jtag_add_pathmove(ARRAY_SIZE(arm11_move_pd_to_sd_via_cd), arm11_move_pd_to_sd_via_cd);
71 jtag_add_dr_scan(num_fields, fields, state);
76 /** Code de-clutter: Construct struct scan_field to write out a value
78 * \param arm11 Target state variable.
79 * \param num_bits Length of the data field
80 * \param out_data pointer to the data that will be sent out
81 * <em > (data is read when it is added to the JTAG queue)</em>
82 * \param in_data pointer to the memory that will receive data that was clocked in
83 * <em > (data is written when the JTAG queue is executed)</em>
84 * \param field target data structure that will be initialized
86 void arm11_setup_field(struct arm11_common * arm11, int num_bits, void * out_data, void * in_data, struct scan_field * field)
88 field->tap = arm11->arm.target->tap;
89 field->num_bits = num_bits;
90 field->out_value = out_data;
91 field->in_value = in_data;
95 /** Write JTAG instruction register
97 * \param arm11 Target state variable.
98 * \param instr An ARM11 DBGTAP instruction. Use enum #arm11_instructions.
99 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default value (Pause-IR).
101 * \remarks This adds to the JTAG command queue but does \em not execute it.
103 void arm11_add_IR(struct arm11_common * arm11, uint8_t instr, tap_state_t state)
105 struct jtag_tap *tap = arm11->arm.target->tap;
107 if (buf_get_u32(tap->cur_instr, 0, 5) == instr)
109 JTAG_DEBUG("IR <= 0x%02x SKIPPED", instr);
113 JTAG_DEBUG("IR <= 0x%02x", instr);
115 struct scan_field field;
117 arm11_setup_field(arm11, 5, &instr, NULL, &field);
119 arm11_add_ir_scan_vc(1, &field, state == ARM11_TAP_DEFAULT ? TAP_IRPAUSE : state);
122 /** Verify shifted out data from Scan Chain Register (SCREG)
123 * Used as parameter to struct scan_field::in_handler in
124 * arm11_add_debug_SCAN_N().
127 static void arm11_in_handler_SCAN_N(uint8_t *in_value)
129 /** \todo TODO: clarify why this isnt properly masked in core.c jtag_read_buffer() */
130 uint8_t v = *in_value & 0x1F;
134 LOG_ERROR("'arm11 target' JTAG communication error SCREG SCAN OUT 0x%02x (expected 0x10)", v);
135 jtag_set_error(ERROR_FAIL);
138 JTAG_DEBUG("SCREG SCAN OUT 0x%02x", v);
141 /** Select and write to Scan Chain Register (SCREG)
143 * This function sets the instruction register to SCAN_N and writes
144 * the data register with the selected chain number.
146 * http://infocenter.arm.com/help/topic/com.arm.doc.ddi0301f/Cacbjhfg.html
148 * \param arm11 Target state variable.
149 * \param chain Scan chain that will be selected.
150 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default
153 * The chain takes effect when Update-DR is passed (usually when subsequently
154 * the INTEXT/EXTEST instructions are written).
156 * \warning (Obsolete) Using this twice in a row will \em fail. The first
157 * call will end in Pause-DR. The second call, due to the IR
158 * caching, will not go through Capture-DR when shifting in the
159 * new scan chain number. As a result the verification in
160 * arm11_in_handler_SCAN_N() must fail.
162 * \remarks This adds to the JTAG command queue but does \em not execute it.
165 int arm11_add_debug_SCAN_N(struct arm11_common * arm11, uint8_t chain, tap_state_t state)
167 JTAG_DEBUG("SCREG <= 0x%02x", chain);
169 arm11_add_IR(arm11, ARM11_SCAN_N, ARM11_TAP_DEFAULT);
171 struct scan_field field;
174 arm11_setup_field(arm11, 5, &chain, &tmp, &field);
176 arm11_add_dr_scan_vc(1, &field, state == ARM11_TAP_DEFAULT ? TAP_DRPAUSE : state);
178 jtag_execute_queue_noclear();
180 arm11_in_handler_SCAN_N(tmp);
182 arm11->jtag_info.cur_scan_chain = chain;
184 return jtag_execute_queue();
187 /** Write an instruction into the ITR register
189 * \param arm11 Target state variable.
190 * \param inst An ARM11 processor instruction/opcode.
191 * \param flag Optional parameter to retrieve the InstCompl flag
192 * (this will be written when the JTAG chain is executed).
193 * \param state Pass the final TAP state or ARM11_TAP_DEFAULT for the default
194 * value (Run-Test/Idle).
196 * \remarks By default this ends with Run-Test/Idle state
197 * and causes the instruction to be executed. If
198 * a subsequent write to DTR is needed before
199 * executing the instruction then TAP_DRPAUSE should be
200 * passed to \p state.
202 * \remarks This adds to the JTAG command queue but does \em not execute it.
204 static void arm11_add_debug_INST(struct arm11_common * arm11,
205 uint32_t inst, uint8_t * flag, tap_state_t state)
207 JTAG_DEBUG("INST <= 0x%08x", (unsigned) inst);
209 struct scan_field itr[2];
211 arm11_setup_field(arm11, 32, &inst, NULL, itr + 0);
212 arm11_setup_field(arm11, 1, NULL, flag, itr + 1);
214 arm11_add_dr_scan_vc(ARRAY_SIZE(itr), itr, state == ARM11_TAP_DEFAULT ? TAP_IDLE : state);
217 /** Read the Debug Status and Control Register (DSCR)
221 * \param arm11 Target state variable.
222 * \param value DSCR content
223 * \return Error status
225 * \remarks This is a stand-alone function that executes the JTAG command queue.
227 int arm11_read_DSCR(struct arm11_common * arm11, uint32_t *value)
230 retval = arm11_add_debug_SCAN_N(arm11, 0x01, ARM11_TAP_DEFAULT);
231 if (retval != ERROR_OK)
234 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
237 struct scan_field chain1_field;
239 arm11_setup_field(arm11, 32, NULL, &dscr, &chain1_field);
241 arm11_add_dr_scan_vc(1, &chain1_field, TAP_DRPAUSE);
243 CHECK_RETVAL(jtag_execute_queue());
245 if (arm11->last_dscr != dscr)
246 JTAG_DEBUG("DSCR = %08x (OLD %08x)",
248 (unsigned) arm11->last_dscr);
250 arm11->last_dscr = dscr;
257 /** Write the Debug Status and Control Register (DSCR)
261 * \param arm11 Target state variable.
262 * \param dscr DSCR content
264 * \remarks This is a stand-alone function that executes the JTAG command queue.
266 int arm11_write_DSCR(struct arm11_common * arm11, uint32_t dscr)
269 retval = arm11_add_debug_SCAN_N(arm11, 0x01, ARM11_TAP_DEFAULT);
270 if (retval != ERROR_OK)
273 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
275 struct scan_field chain1_field;
277 arm11_setup_field(arm11, 32, &dscr, NULL, &chain1_field);
279 arm11_add_dr_scan_vc(1, &chain1_field, TAP_DRPAUSE);
281 CHECK_RETVAL(jtag_execute_queue());
283 JTAG_DEBUG("DSCR <= %08x (OLD %08x)",
285 (unsigned) arm11->last_dscr);
287 arm11->last_dscr = dscr;
294 /** Get the debug reason from Debug Status and Control Register (DSCR)
296 * \param dscr DSCR value to analyze
297 * \return Debug reason
300 enum target_debug_reason arm11_get_DSCR_debug_reason(uint32_t dscr)
302 switch (dscr & ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_MASK)
304 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_HALT:
305 LOG_INFO("Debug entry: JTAG HALT");
306 return DBG_REASON_DBGRQ;
308 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_BREAKPOINT:
309 LOG_INFO("Debug entry: breakpoint");
310 return DBG_REASON_BREAKPOINT;
312 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_WATCHPOINT:
313 LOG_INFO("Debug entry: watchpoint");
314 return DBG_REASON_WATCHPOINT;
316 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_BKPT_INSTRUCTION:
317 LOG_INFO("Debug entry: BKPT instruction");
318 return DBG_REASON_BREAKPOINT;
320 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_EDBGRQ:
321 LOG_INFO("Debug entry: EDBGRQ signal");
322 return DBG_REASON_DBGRQ;
324 case ARM11_DSCR_METHOD_OF_DEBUG_ENTRY_VECTOR_CATCH:
325 LOG_INFO("Debug entry: VCR vector catch");
326 return DBG_REASON_BREAKPOINT;
329 LOG_INFO("Debug entry: unknown");
330 return DBG_REASON_DBGRQ;
336 /** Prepare the stage for ITR/DTR operations
337 * from the arm11_run_instr... group of functions.
339 * Put arm11_run_instr_data_prepare() and arm11_run_instr_data_finish()
340 * around a block of arm11_run_instr_... calls.
342 * Select scan chain 5 to allow quick access to DTR. When scan
343 * chain 4 is needed to put in a register the ITRSel instruction
344 * shortcut is used instead of actually changing the Scan_N
347 * \param arm11 Target state variable.
350 int arm11_run_instr_data_prepare(struct arm11_common * arm11)
352 return arm11_add_debug_SCAN_N(arm11, 0x05, ARM11_TAP_DEFAULT);
355 /** Cleanup after ITR/DTR operations
356 * from the arm11_run_instr... group of functions
358 * Put arm11_run_instr_data_prepare() and arm11_run_instr_data_finish()
359 * around a block of arm11_run_instr_... calls.
361 * Any IDLE can lead to an instruction execution when
362 * scan chains 4 or 5 are selected and the IR holds
363 * INTEST or EXTEST. So we must disable that before
364 * any following activities lead to an IDLE.
366 * \param arm11 Target state variable.
369 int arm11_run_instr_data_finish(struct arm11_common * arm11)
371 return arm11_add_debug_SCAN_N(arm11, 0x00, ARM11_TAP_DEFAULT);
376 /** Execute one or multiple instructions via ITR
378 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
380 * \param arm11 Target state variable.
381 * \param opcode Pointer to sequence of ARM opcodes
382 * \param count Number of opcodes to execute
386 int arm11_run_instr_no_data(struct arm11_common * arm11,
387 uint32_t * opcode, size_t count)
389 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
393 arm11_add_debug_INST(arm11, *opcode++, NULL, TAP_IDLE);
400 arm11_add_debug_INST(arm11, 0, &flag, count ? TAP_IDLE : TAP_DRPAUSE);
402 CHECK_RETVAL(jtag_execute_queue());
415 if ((timeval_ms()-then) > 1000)
417 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
429 /** Execute one instruction via ITR
431 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
433 * \param arm11 Target state variable.
434 * \param opcode ARM opcode
437 int arm11_run_instr_no_data1(struct arm11_common * arm11, uint32_t opcode)
439 return arm11_run_instr_no_data(arm11, &opcode, 1);
443 /** Execute one instruction via ITR repeatedly while
444 * passing data to the core via DTR on each execution.
446 * The executed instruction \em must read data from DTR.
448 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
450 * \param arm11 Target state variable.
451 * \param opcode ARM opcode
452 * \param data Pointer to the data words to be passed to the core
453 * \param count Number of data words and instruction repetitions
456 int arm11_run_instr_data_to_core(struct arm11_common * arm11, uint32_t opcode, uint32_t * data, size_t count)
458 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
460 arm11_add_debug_INST(arm11, opcode, NULL, TAP_DRPAUSE);
462 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
464 struct scan_field chain5_fields[3];
470 arm11_setup_field(arm11, 32, &Data, NULL, chain5_fields + 0);
471 arm11_setup_field(arm11, 1, NULL, &Ready, chain5_fields + 1);
472 arm11_setup_field(arm11, 1, NULL, &nRetry, chain5_fields + 2);
481 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, jtag_set_end_state(TAP_IDLE));
483 CHECK_RETVAL(jtag_execute_queue());
485 JTAG_DEBUG("DTR Ready %d nRetry %d", Ready, nRetry);
495 if ((timeval_ms()-then) > 1000)
497 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
509 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
516 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
518 CHECK_RETVAL(jtag_execute_queue());
520 JTAG_DEBUG("DTR Data %08x Ready %d nRetry %d",
521 (unsigned) Data, Ready, nRetry);
531 if ((timeval_ms()-then) > 1000)
533 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
545 /** JTAG path for arm11_run_instr_data_to_core_noack
547 * The repeated TAP_IDLE's do not cause a repeated execution
548 * if passed without leaving the state.
550 * Since this is more than 7 bits (adjustable via adding more
551 * TAP_IDLE's) it produces an artificial delay in the lower
552 * layer (FT2232) that is long enough to finish execution on
553 * the core but still shorter than any manually inducible delays.
555 * To disable this code, try "memwrite burst false"
557 * FIX!!! should we use multiple TAP_IDLE here or not???
559 * https://lists.berlios.de/pipermail/openocd-development/2009-July/009698.html
560 * https://lists.berlios.de/pipermail/openocd-development/2009-August/009865.html
562 static const tap_state_t arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay[] =
564 TAP_DREXIT2, TAP_DRUPDATE, TAP_IDLE, TAP_IDLE, TAP_IDLE, TAP_DRSELECT, TAP_DRCAPTURE, TAP_DRSHIFT
569 /** Execute one instruction via ITR repeatedly while
570 * passing data to the core via DTR on each execution.
572 * No Ready check during transmission.
574 * The executed instruction \em must read data from DTR.
576 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
578 * \param arm11 Target state variable.
579 * \param opcode ARM opcode
580 * \param data Pointer to the data words to be passed to the core
581 * \param count Number of data words and instruction repetitions
584 int arm11_run_instr_data_to_core_noack(struct arm11_common * arm11, uint32_t opcode, uint32_t * data, size_t count)
586 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
588 arm11_add_debug_INST(arm11, opcode, NULL, TAP_DRPAUSE);
590 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
592 struct scan_field chain5_fields[3];
594 arm11_setup_field(arm11, 32, NULL/*&Data*/, NULL, chain5_fields + 0);
595 arm11_setup_field(arm11, 1, NULL, NULL /*&Ready*/, chain5_fields + 1);
596 arm11_setup_field(arm11, 1, NULL, NULL, chain5_fields + 2);
599 unsigned readiesNum = count + 1;
600 unsigned bytes = sizeof(*Readies)*readiesNum;
602 Readies = (uint8_t *) malloc(bytes);
605 LOG_ERROR("Out of memory allocating %u bytes", bytes);
609 uint8_t * ReadyPos = Readies;
613 chain5_fields[0].out_value = (void *)(data++);
614 chain5_fields[1].in_value = ReadyPos++;
618 jtag_add_dr_scan(ARRAY_SIZE(chain5_fields), chain5_fields, jtag_set_end_state(TAP_DRPAUSE));
619 jtag_add_pathmove(ARRAY_SIZE(arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay),
620 arm11_MOVE_DRPAUSE_IDLE_DRPAUSE_with_delay);
624 jtag_add_dr_scan(ARRAY_SIZE(chain5_fields), chain5_fields, jtag_set_end_state(TAP_IDLE));
628 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
630 chain5_fields[0].out_value = 0;
631 chain5_fields[1].in_value = ReadyPos++;
633 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, TAP_DRPAUSE);
635 int retval = jtag_execute_queue();
636 if (retval == ERROR_OK)
638 unsigned error_count = 0;
640 for (size_t i = 0; i < readiesNum; i++)
648 if (error_count > 0 )
649 LOG_ERROR("%u words out of %u not transferred",
650 error_count, readiesNum);
660 /** Execute an instruction via ITR while handing data into the core via DTR.
662 * The executed instruction \em must read data from DTR.
664 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
666 * \param arm11 Target state variable.
667 * \param opcode ARM opcode
668 * \param data Data word to be passed to the core via DTR
671 int arm11_run_instr_data_to_core1(struct arm11_common * arm11, uint32_t opcode, uint32_t data)
673 return arm11_run_instr_data_to_core(arm11, opcode, &data, 1);
677 /** Execute one instruction via ITR repeatedly while
678 * reading data from the core via DTR on each execution.
680 * The executed instruction \em must write data to DTR.
682 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
684 * \param arm11 Target state variable.
685 * \param opcode ARM opcode
686 * \param data Pointer to an array that receives the data words from the core
687 * \param count Number of data words and instruction repetitions
690 int arm11_run_instr_data_from_core(struct arm11_common * arm11, uint32_t opcode, uint32_t * data, size_t count)
692 arm11_add_IR(arm11, ARM11_ITRSEL, ARM11_TAP_DEFAULT);
694 arm11_add_debug_INST(arm11, opcode, NULL, TAP_IDLE);
696 arm11_add_IR(arm11, ARM11_INTEST, ARM11_TAP_DEFAULT);
698 struct scan_field chain5_fields[3];
704 arm11_setup_field(arm11, 32, NULL, &Data, chain5_fields + 0);
705 arm11_setup_field(arm11, 1, NULL, &Ready, chain5_fields + 1);
706 arm11_setup_field(arm11, 1, NULL, &nRetry, chain5_fields + 2);
713 arm11_add_dr_scan_vc(ARRAY_SIZE(chain5_fields), chain5_fields, count ? TAP_IDLE : TAP_DRPAUSE);
715 CHECK_RETVAL(jtag_execute_queue());
717 JTAG_DEBUG("DTR Data %08x Ready %d nRetry %d",
718 (unsigned) Data, Ready, nRetry);
728 if ((timeval_ms()-then) > 1000)
730 LOG_WARNING("Timeout (1000ms) waiting for instructions to complete");
745 /** Execute one instruction via ITR
746 * then load r0 into DTR and read DTR from core.
748 * The first executed instruction (\p opcode) should write data to r0.
750 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
752 * \param arm11 Target state variable.
753 * \param opcode ARM opcode to write r0 with the value of interest
754 * \param data Pointer to a data word that receives the value from r0 after \p opcode was executed.
757 int arm11_run_instr_data_from_core_via_r0(struct arm11_common * arm11, uint32_t opcode, uint32_t * data)
760 retval = arm11_run_instr_no_data1(arm11, opcode);
761 if (retval != ERROR_OK)
764 /* MCR p14,0,R0,c0,c5,0 (move r0 -> wDTR -> local var) */
765 arm11_run_instr_data_from_core(arm11, 0xEE000E15, data, 1);
770 /** Load data into core via DTR then move it to r0 then
771 * execute one instruction via ITR
773 * The final executed instruction (\p opcode) should read data from r0.
775 * \pre arm11_run_instr_data_prepare() / arm11_run_instr_data_finish() block
777 * \param arm11 Target state variable.
778 * \param opcode ARM opcode to read r0 act upon it
779 * \param data Data word that will be written to r0 before \p opcode is executed
782 int arm11_run_instr_data_to_core_via_r0(struct arm11_common * arm11, uint32_t opcode, uint32_t data)
785 /* MRC p14,0,r0,c0,c5,0 */
786 retval = arm11_run_instr_data_to_core1(arm11, 0xEE100E15, data);
787 if (retval != ERROR_OK)
790 retval = arm11_run_instr_no_data1(arm11, opcode);
791 if (retval != ERROR_OK)
797 /** Apply reads and writes to scan chain 7
799 * \see struct arm11_sc7_action
801 * \param arm11 Target state variable.
802 * \param actions A list of read and/or write instructions
803 * \param count Number of instructions in the list.
806 int arm11_sc7_run(struct arm11_common * arm11, struct arm11_sc7_action * actions, size_t count)
810 retval = arm11_add_debug_SCAN_N(arm11, 0x07, ARM11_TAP_DEFAULT);
811 if (retval != ERROR_OK)
814 arm11_add_IR(arm11, ARM11_EXTEST, ARM11_TAP_DEFAULT);
816 struct scan_field chain7_fields[3];
825 arm11_setup_field(arm11, 1, &nRW, &Ready, chain7_fields + 0);
826 arm11_setup_field(arm11, 32, &DataOut, &DataIn, chain7_fields + 1);
827 arm11_setup_field(arm11, 7, &AddressOut, &AddressIn, chain7_fields + 2);
829 for (size_t i = 0; i < count + 1; i++)
833 nRW = actions[i].write ? 1 : 0;
834 DataOut = actions[i].value;
835 AddressOut = actions[i].address;
846 JTAG_DEBUG("SC7 <= Address %02x Data %08x nRW %d",
847 (unsigned) AddressOut,
851 arm11_add_dr_scan_vc(ARRAY_SIZE(chain7_fields),
852 chain7_fields, TAP_DRPAUSE);
854 CHECK_RETVAL(jtag_execute_queue());
856 JTAG_DEBUG("SC7 => Address %02x Data %08x Ready %d",
857 (unsigned) AddressIn,
861 while (!Ready); /* 'nRW' is 'Ready' on read out */
865 if (actions[i - 1].address != AddressIn)
867 LOG_WARNING("Scan chain 7 shifted out unexpected address");
870 if (!actions[i - 1].write)
872 actions[i - 1].value = DataIn;
876 if (actions[i - 1].value != DataIn)
878 LOG_WARNING("Scan chain 7 shifted out unexpected data");
884 for (size_t i = 0; i < count; i++)
886 JTAG_DEBUG("SC7 %02d: %02x %s %08x",
887 (unsigned) i, actions[i].address,
888 actions[i].write ? "<=" : "=>",
889 (unsigned) actions[i].value);
895 /** Clear VCR and all breakpoints and watchpoints via scan chain 7
897 * \param arm11 Target state variable.
900 void arm11_sc7_clear_vbw(struct arm11_common * arm11)
902 size_t clear_bw_size = arm11->brp + arm11->wrp + 1;
903 struct arm11_sc7_action *clear_bw = malloc(sizeof(struct arm11_sc7_action) * clear_bw_size);
904 struct arm11_sc7_action * pos = clear_bw;
906 for (size_t i = 0; i < clear_bw_size; i++)
908 clear_bw[i].write = true;
909 clear_bw[i].value = 0;
912 for (size_t i = 0; i < arm11->brp; i++)
913 (pos++)->address = ARM11_SC7_BCR0 + i;
916 for (size_t i = 0; i < arm11->wrp; i++)
917 (pos++)->address = ARM11_SC7_WCR0 + i;
920 (pos++)->address = ARM11_SC7_VCR;
922 arm11_sc7_run(arm11, clear_bw, clear_bw_size);
927 /** Write VCR register
929 * \param arm11 Target state variable.
930 * \param value Value to be written
932 void arm11_sc7_set_vcr(struct arm11_common * arm11, uint32_t value)
934 struct arm11_sc7_action set_vcr;
936 set_vcr.write = true;
937 set_vcr.address = ARM11_SC7_VCR;
938 set_vcr.value = value;
941 arm11_sc7_run(arm11, &set_vcr, 1);
946 /** Read word from address
948 * \param arm11 Target state variable.
949 * \param address Memory address to be read
950 * \param result Pointer where to store result
953 int arm11_read_memory_word(struct arm11_common * arm11, uint32_t address, uint32_t * result)
956 retval = arm11_run_instr_data_prepare(arm11);
957 if (retval != ERROR_OK)
960 /* MRC p14,0,r0,c0,c5,0 (r0 = address) */
961 CHECK_RETVAL(arm11_run_instr_data_to_core1(arm11, 0xee100e15, address));
963 /* LDC p14,c5,[R0],#4 (DTR = [r0]) */
964 CHECK_RETVAL(arm11_run_instr_data_from_core(arm11, 0xecb05e01, result, 1));
966 return arm11_run_instr_data_finish(arm11);
970 /************************************************************************/
973 * ARM11 provider for the OpenOCD implementation of the standard
974 * architectural ARM v6/v7 "Debug Programmer's Model" (DPM).
977 static inline struct arm11_common *dpm_to_arm11(struct arm_dpm *dpm)
979 return container_of(dpm, struct arm11_common, dpm);
982 static int arm11_dpm_prepare(struct arm_dpm *dpm)
984 struct arm11_common *arm11 = dpm_to_arm11(dpm);
986 arm11 = container_of(dpm->arm, struct arm11_common, arm);
988 return arm11_run_instr_data_prepare(dpm_to_arm11(dpm));
991 static int arm11_dpm_finish(struct arm_dpm *dpm)
993 return arm11_run_instr_data_finish(dpm_to_arm11(dpm));
996 static int arm11_dpm_instr_write_data_dcc(struct arm_dpm *dpm,
997 uint32_t opcode, uint32_t data)
999 return arm11_run_instr_data_to_core(dpm_to_arm11(dpm),
1003 static int arm11_dpm_instr_write_data_r0(struct arm_dpm *dpm,
1004 uint32_t opcode, uint32_t data)
1006 return arm11_run_instr_data_to_core_via_r0(dpm_to_arm11(dpm),
1010 static int arm11_dpm_instr_read_data_dcc(struct arm_dpm *dpm,
1011 uint32_t opcode, uint32_t *data)
1013 return arm11_run_instr_data_from_core(dpm_to_arm11(dpm),
1017 static int arm11_dpm_instr_read_data_r0(struct arm_dpm *dpm,
1018 uint32_t opcode, uint32_t *data)
1020 return arm11_run_instr_data_from_core_via_r0(dpm_to_arm11(dpm),
1024 /** Set up high-level debug module utilities */
1025 int arm11_dpm_init(struct arm11_common *arm11, uint32_t didr)
1027 struct arm_dpm *dpm = &arm11->dpm;
1030 dpm->arm = &arm11->arm;
1034 dpm->prepare = arm11_dpm_prepare;
1035 dpm->finish = arm11_dpm_finish;
1037 dpm->instr_write_data_dcc = arm11_dpm_instr_write_data_dcc;
1038 dpm->instr_write_data_r0 = arm11_dpm_instr_write_data_r0;
1040 dpm->instr_read_data_dcc = arm11_dpm_instr_read_data_dcc;
1041 dpm->instr_read_data_r0 = arm11_dpm_instr_read_data_r0;
1043 retval = arm_dpm_setup(dpm);
1044 if (retval != ERROR_OK)
1047 retval = arm_dpm_initialize(dpm);
projects / fw / openocd / blob