1 /***************************************************************************
2 * Copyright (C) 2009 Zachary T Welch *
3 * zw@superlucidity.net *
5 * Copyright (C) 2007,2008,2009 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2009 SoftPLC Corporation *
12 * Copyright (C) 2005 by Dominic Rath *
13 * Dominic.Rath@gmx.de *
15 * This program is free software; you can redistribute it and/or modify *
16 * it under the terms of the GNU General Public License as published by *
17 * the Free Software Foundation; either version 2 of the License, or *
18 * (at your option) any later version. *
20 * This program is distributed in the hope that it will be useful, *
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
23 * GNU General Public License for more details. *
25 * You should have received a copy of the GNU General Public License *
26 * along with this program; if not, write to the *
27 * Free Software Foundation, Inc., *
28 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
29 ***************************************************************************/
35 #include "minidriver.h"
36 #include "interface.h"
43 /// The number of JTAG queue flushes (for profiling and debugging purposes).
44 static int jtag_flush_queue_count
;
46 static void jtag_add_scan_check(void (*jtag_add_scan
)(int in_num_fields
, const scan_field_t
*in_fields
, tap_state_t state
),
47 int in_num_fields
, scan_field_t
*in_fields
, tap_state_t state
);
50 * The jtag_error variable is set when an error occurs while executing
51 * the queue. Application code may set this using jtag_set_error(),
52 * when an error occurs during processing that should be reported during
53 * jtag_execute_queue().
55 * Tts value may be checked with jtag_get_error() and cleared with
56 * jtag_error_clear(). This value is returned (and cleared) by
57 * jtag_execute_queue().
59 static int jtag_error
= ERROR_OK
;
61 static const char *jtag_event_strings
[] =
63 [JTAG_TRST_ASSERTED
] = "TAP reset",
64 [JTAG_TAP_EVENT_SETUP
] = "TAP setup",
65 [JTAG_TAP_EVENT_ENABLE
] = "TAP enabled",
66 [JTAG_TAP_EVENT_DISABLE
] = "TAP disabled",
70 * JTAG adapters must initialize with TRST and SRST de-asserted
71 * (they're negative logic, so that means *high*). But some
72 * hardware doesn't necessarily work that way ... so set things
73 * up so that jtag_init() always forces that state.
75 static int jtag_trst
= -1;
76 static int jtag_srst
= -1;
79 * List all TAPs that have been created.
81 static jtag_tap_t
*__jtag_all_taps
= NULL
;
83 * The number of TAPs in the __jtag_all_taps list, used to track the
84 * assigned chain position to new TAPs
86 static unsigned jtag_num_taps
= 0;
88 static enum reset_types jtag_reset_config
= RESET_NONE
;
89 static tap_state_t cmd_queue_end_state
= TAP_RESET
;
90 tap_state_t cmd_queue_cur_state
= TAP_RESET
;
92 static bool jtag_verify_capture_ir
= true;
93 static int jtag_verify
= 1;
95 /* how long the OpenOCD should wait before attempting JTAG communication after reset lines deasserted (in ms) */
96 static int jtag_nsrst_delay
= 0; /* default to no nSRST delay */
97 static int jtag_ntrst_delay
= 0; /* default to no nTRST delay */
98 static int jtag_nsrst_assert_width
= 0; /* width of assertion */
99 static int jtag_ntrst_assert_width
= 0; /* width of assertion */
101 typedef struct jtag_event_callback_s
103 jtag_event_handler_t callback
;
105 struct jtag_event_callback_s
* next
;
106 } jtag_event_callback_t
;
108 /* callbacks to inform high-level handlers about JTAG state changes */
109 static jtag_event_callback_t
*jtag_event_callbacks
;
112 static int speed_khz
= 0;
113 /* speed to fallback to when RCLK is requested but not supported */
114 static int rclk_fallback_speed_khz
= 0;
115 static enum {CLOCK_MODE_SPEED
, CLOCK_MODE_KHZ
, CLOCK_MODE_RCLK
} clock_mode
;
116 static int jtag_speed
= 0;
118 static struct jtag_interface_s
*jtag
= NULL
;
121 jtag_interface_t
*jtag_interface
= NULL
;
123 void jtag_set_error(int error
)
125 if ((error
== ERROR_OK
) || (jtag_error
!= ERROR_OK
))
129 int jtag_get_error(void)
133 int jtag_error_clear(void)
135 int temp
= jtag_error
;
136 jtag_error
= ERROR_OK
;
142 static bool jtag_poll
= 1;
144 bool is_jtag_poll_safe(void)
146 /* Polling can be disabled explicitly with set_enabled(false).
147 * It is also implicitly disabled while TRST is active and
148 * while SRST is gating the JTAG clock.
150 if (!jtag_poll
|| jtag_trst
!= 0)
152 return jtag_srst
== 0 || (jtag_reset_config
& RESET_SRST_NO_GATING
);
155 bool jtag_poll_get_enabled(void)
160 void jtag_poll_set_enabled(bool value
)
167 jtag_tap_t
*jtag_all_taps(void)
169 return __jtag_all_taps
;
172 unsigned jtag_tap_count(void)
174 return jtag_num_taps
;
177 unsigned jtag_tap_count_enabled(void)
179 jtag_tap_t
*t
= jtag_all_taps();
190 /// Append a new TAP to the chain of all taps.
191 void jtag_tap_add(struct jtag_tap_s
*t
)
193 t
->abs_chain_position
= jtag_num_taps
++;
195 jtag_tap_t
**tap
= &__jtag_all_taps
;
197 tap
= &(*tap
)->next_tap
;
201 /* returns a pointer to the n-th device in the scan chain */
202 static inline jtag_tap_t
*jtag_tap_by_position(unsigned n
)
204 jtag_tap_t
*t
= jtag_all_taps();
212 jtag_tap_t
*jtag_tap_by_string(const char *s
)
214 /* try by name first */
215 jtag_tap_t
*t
= jtag_all_taps();
219 if (0 == strcmp(t
->dotted_name
, s
))
224 /* no tap found by name, so try to parse the name as a number */
226 if (parse_uint(s
, &n
) != ERROR_OK
)
229 /* FIXME remove this numeric fallback code late June 2010, along
230 * with all info in the User's Guide that TAPs have numeric IDs.
231 * Also update "scan_chain" output to not display the numbers.
233 t
= jtag_tap_by_position(n
);
235 LOG_WARNING("Specify TAP '%s' by name, not number %u",
241 jtag_tap_t
*jtag_tap_by_jim_obj(Jim_Interp
*interp
, Jim_Obj
*o
)
243 const char *cp
= Jim_GetString(o
, NULL
);
244 jtag_tap_t
*t
= cp
? jtag_tap_by_string(cp
) : NULL
;
248 Jim_SetResult_sprintf(interp
, "Tap '%s' could not be found", cp
);
252 jtag_tap_t
* jtag_tap_next_enabled(jtag_tap_t
* p
)
254 p
= p
? p
->next_tap
: jtag_all_taps();
264 const char *jtag_tap_name(const jtag_tap_t
*tap
)
266 return (tap
== NULL
) ? "(unknown)" : tap
->dotted_name
;
270 int jtag_register_event_callback(jtag_event_handler_t callback
, void *priv
)
272 jtag_event_callback_t
**callbacks_p
= &jtag_event_callbacks
;
274 if (callback
== NULL
)
276 return ERROR_INVALID_ARGUMENTS
;
281 while ((*callbacks_p
)->next
)
282 callbacks_p
= &((*callbacks_p
)->next
);
283 callbacks_p
= &((*callbacks_p
)->next
);
286 (*callbacks_p
) = malloc(sizeof(jtag_event_callback_t
));
287 (*callbacks_p
)->callback
= callback
;
288 (*callbacks_p
)->priv
= priv
;
289 (*callbacks_p
)->next
= NULL
;
294 int jtag_unregister_event_callback(jtag_event_handler_t callback
, void *priv
)
296 jtag_event_callback_t
**callbacks_p
;
297 jtag_event_callback_t
**next
;
299 if (callback
== NULL
)
301 return ERROR_INVALID_ARGUMENTS
;
304 for (callbacks_p
= &jtag_event_callbacks
;
305 *callbacks_p
!= NULL
;
308 next
= &((*callbacks_p
)->next
);
310 if ((*callbacks_p
)->priv
!= priv
)
313 if ((*callbacks_p
)->callback
== callback
)
316 *callbacks_p
= *next
;
323 int jtag_call_event_callbacks(enum jtag_event event
)
325 jtag_event_callback_t
*callback
= jtag_event_callbacks
;
327 LOG_DEBUG("jtag event: %s", jtag_event_strings
[event
]);
331 jtag_event_callback_t
*next
;
333 /* callback may remove itself */
334 next
= callback
->next
;
335 callback
->callback(event
, callback
->priv
);
342 static void jtag_checks(void)
344 assert(jtag_trst
== 0);
347 static void jtag_prelude(tap_state_t state
)
351 assert(state
!= TAP_INVALID
);
353 cmd_queue_cur_state
= state
;
356 void jtag_alloc_in_value32(scan_field_t
*field
)
358 interface_jtag_alloc_in_value32(field
);
361 void jtag_add_ir_scan_noverify(int in_count
, const scan_field_t
*in_fields
,
366 int retval
= interface_jtag_add_ir_scan(in_count
, in_fields
, state
);
367 jtag_set_error(retval
);
371 void jtag_add_ir_scan(int in_num_fields
, scan_field_t
*in_fields
, tap_state_t state
)
373 assert(state
!= TAP_RESET
);
375 if (jtag_verify
&& jtag_verify_capture_ir
)
377 /* 8 x 32 bit id's is enough for all invocations */
379 for (int j
= 0; j
< in_num_fields
; j
++)
381 /* if we are to run a verification of the ir scan, we need to get the input back.
382 * We may have to allocate space if the caller didn't ask for the input back.
384 in_fields
[j
].check_value
= in_fields
[j
].tap
->expected
;
385 in_fields
[j
].check_mask
= in_fields
[j
].tap
->expected_mask
;
387 jtag_add_scan_check(jtag_add_ir_scan_noverify
, in_num_fields
, in_fields
, state
);
390 jtag_add_ir_scan_noverify(in_num_fields
, in_fields
, state
);
394 void jtag_add_plain_ir_scan(int in_num_fields
, const scan_field_t
*in_fields
,
397 assert(state
!= TAP_RESET
);
401 int retval
= interface_jtag_add_plain_ir_scan(
402 in_num_fields
, in_fields
, state
);
403 jtag_set_error(retval
);
406 void jtag_add_callback(jtag_callback1_t f
, jtag_callback_data_t data0
)
408 interface_jtag_add_callback(f
, data0
);
411 void jtag_add_callback4(jtag_callback_t f
, jtag_callback_data_t data0
,
412 jtag_callback_data_t data1
, jtag_callback_data_t data2
,
413 jtag_callback_data_t data3
)
415 interface_jtag_add_callback4(f
, data0
, data1
, data2
, data3
);
418 static int jtag_check_value_inner(uint8_t *captured
, uint8_t *in_check_value
,
419 uint8_t *in_check_mask
, int num_bits
);
421 static int jtag_check_value_mask_callback(jtag_callback_data_t data0
, jtag_callback_data_t data1
, jtag_callback_data_t data2
, jtag_callback_data_t data3
)
423 return jtag_check_value_inner((uint8_t *)data0
, (uint8_t *)data1
, (uint8_t *)data2
, (int)data3
);
426 static void jtag_add_scan_check(void (*jtag_add_scan
)(int in_num_fields
, const scan_field_t
*in_fields
, tap_state_t state
),
427 int in_num_fields
, scan_field_t
*in_fields
, tap_state_t state
)
429 for (int i
= 0; i
< in_num_fields
; i
++)
431 struct scan_field_s
*field
= &in_fields
[i
];
432 field
->allocated
= 0;
434 if (field
->check_value
|| field
->in_value
)
436 interface_jtag_add_scan_check_alloc(field
);
440 jtag_add_scan(in_num_fields
, in_fields
, state
);
442 for (int i
= 0; i
< in_num_fields
; i
++)
444 if ((in_fields
[i
].check_value
!= NULL
) && (in_fields
[i
].in_value
!= NULL
))
446 /* this is synchronous for a minidriver */
447 jtag_add_callback4(jtag_check_value_mask_callback
, (jtag_callback_data_t
)in_fields
[i
].in_value
,
448 (jtag_callback_data_t
)in_fields
[i
].check_value
,
449 (jtag_callback_data_t
)in_fields
[i
].check_mask
,
450 (jtag_callback_data_t
)in_fields
[i
].num_bits
);
452 if (in_fields
[i
].allocated
)
454 free(in_fields
[i
].in_value
);
456 if (in_fields
[i
].modified
)
458 in_fields
[i
].in_value
= NULL
;
463 void jtag_add_dr_scan_check(int in_num_fields
, scan_field_t
*in_fields
, tap_state_t state
)
467 jtag_add_scan_check(jtag_add_dr_scan
, in_num_fields
, in_fields
, state
);
470 jtag_add_dr_scan(in_num_fields
, in_fields
, state
);
475 void jtag_add_dr_scan(int in_num_fields
, const scan_field_t
*in_fields
,
478 assert(state
!= TAP_RESET
);
483 retval
= interface_jtag_add_dr_scan(in_num_fields
, in_fields
, state
);
484 jtag_set_error(retval
);
487 void jtag_add_plain_dr_scan(int in_num_fields
, const scan_field_t
*in_fields
,
490 assert(state
!= TAP_RESET
);
495 retval
= interface_jtag_add_plain_dr_scan(in_num_fields
, in_fields
, state
);
496 jtag_set_error(retval
);
499 void jtag_add_dr_out(jtag_tap_t
* tap
,
500 int num_fields
, const int* num_bits
, const uint32_t* value
,
501 tap_state_t end_state
)
503 assert(end_state
!= TAP_RESET
);
504 assert(end_state
!= TAP_INVALID
);
506 cmd_queue_cur_state
= end_state
;
508 interface_jtag_add_dr_out(tap
,
509 num_fields
, num_bits
, value
,
513 void jtag_add_tlr(void)
515 jtag_prelude(TAP_RESET
);
516 jtag_set_error(interface_jtag_add_tlr());
518 /* NOTE: order here matches TRST path in jtag_add_reset() */
519 jtag_call_event_callbacks(JTAG_TRST_ASSERTED
);
520 jtag_notify_event(JTAG_TRST_ASSERTED
);
523 void jtag_add_pathmove(int num_states
, const tap_state_t
*path
)
525 tap_state_t cur_state
= cmd_queue_cur_state
;
527 /* the last state has to be a stable state */
528 if (!tap_is_state_stable(path
[num_states
- 1]))
530 LOG_ERROR("BUG: TAP path doesn't finish in a stable state");
531 jtag_set_error(ERROR_JTAG_NOT_STABLE_STATE
);
535 for (int i
= 0; i
< num_states
; i
++)
537 if (path
[i
] == TAP_RESET
)
539 LOG_ERROR("BUG: TAP_RESET is not a valid state for pathmove sequences");
540 jtag_set_error(ERROR_JTAG_STATE_INVALID
);
544 if (tap_state_transition(cur_state
, true) != path
[i
]
545 && tap_state_transition(cur_state
, false) != path
[i
])
547 LOG_ERROR("BUG: %s -> %s isn't a valid TAP transition",
548 tap_state_name(cur_state
), tap_state_name(path
[i
]));
549 jtag_set_error(ERROR_JTAG_TRANSITION_INVALID
);
557 jtag_set_error(interface_jtag_add_pathmove(num_states
, path
));
558 cmd_queue_cur_state
= path
[num_states
- 1];
561 int jtag_add_statemove(tap_state_t goal_state
)
563 tap_state_t cur_state
= cmd_queue_cur_state
;
565 LOG_DEBUG("cur_state=%s goal_state=%s",
566 tap_state_name(cur_state
),
567 tap_state_name(goal_state
));
570 /* If goal is RESET, be paranoid and force that that transition
571 * (e.g. five TCK cycles, TMS high). Else trust "cur_state".
573 if (goal_state
== TAP_RESET
)
575 else if (goal_state
== cur_state
)
576 /* nothing to do */ ;
578 else if (tap_is_state_stable(cur_state
) && tap_is_state_stable(goal_state
))
580 unsigned tms_bits
= tap_get_tms_path(cur_state
, goal_state
);
581 unsigned tms_count
= tap_get_tms_path_len(cur_state
, goal_state
);
582 tap_state_t moves
[8];
583 assert(tms_count
< DIM(moves
));
585 for (unsigned i
= 0; i
< tms_count
; i
++, tms_bits
>>= 1)
587 bool bit
= tms_bits
& 1;
589 cur_state
= tap_state_transition(cur_state
, bit
);
590 moves
[i
] = cur_state
;
593 jtag_add_pathmove(tms_count
, moves
);
595 else if (tap_state_transition(cur_state
, true) == goal_state
596 || tap_state_transition(cur_state
, false) == goal_state
)
598 jtag_add_pathmove(1, &goal_state
);
607 void jtag_add_runtest(int num_cycles
, tap_state_t state
)
610 jtag_set_error(interface_jtag_add_runtest(num_cycles
, state
));
614 void jtag_add_clocks(int num_cycles
)
616 if (!tap_is_state_stable(cmd_queue_cur_state
))
618 LOG_ERROR("jtag_add_clocks() called with TAP in unstable state \"%s\"",
619 tap_state_name(cmd_queue_cur_state
));
620 jtag_set_error(ERROR_JTAG_NOT_STABLE_STATE
);
627 jtag_set_error(interface_jtag_add_clocks(num_cycles
));
631 void jtag_add_reset(int req_tlr_or_trst
, int req_srst
)
633 int trst_with_tlr
= 0;
637 /* Without SRST, we must use target-specific JTAG operations
638 * on each target; callers should not be requesting SRST when
639 * that signal doesn't exist.
641 * RESET_SRST_PULLS_TRST is a board or chip level quirk, which
642 * can kick in even if the JTAG adapter can't drive TRST.
645 if (!(jtag_reset_config
& RESET_HAS_SRST
)) {
646 LOG_ERROR("BUG: can't assert SRST");
647 jtag_set_error(ERROR_FAIL
);
650 if ((jtag_reset_config
& RESET_SRST_PULLS_TRST
) != 0
651 && !req_tlr_or_trst
) {
652 LOG_ERROR("BUG: can't assert only SRST");
653 jtag_set_error(ERROR_FAIL
);
659 /* JTAG reset (entry to TAP_RESET state) can always be achieved
660 * using TCK and TMS; that may go through a TAP_{IR,DR}UPDATE
661 * state first. TRST accelerates it, and bypasses those states.
663 * RESET_TRST_PULLS_SRST is a board or chip level quirk, which
664 * can kick in even if the JTAG adapter can't drive SRST.
666 if (req_tlr_or_trst
) {
667 if (!(jtag_reset_config
& RESET_HAS_TRST
))
669 else if ((jtag_reset_config
& RESET_TRST_PULLS_SRST
) != 0
676 /* Maybe change TRST and/or SRST signal state */
677 if (jtag_srst
!= new_srst
|| jtag_trst
!= new_trst
) {
680 retval
= interface_jtag_add_reset(new_trst
, new_srst
);
681 if (retval
!= ERROR_OK
)
682 jtag_set_error(retval
);
684 retval
= jtag_execute_queue();
686 if (retval
!= ERROR_OK
) {
687 LOG_ERROR("TRST/SRST error %d", retval
);
692 /* SRST resets everything hooked up to that signal */
693 if (jtag_srst
!= new_srst
) {
694 jtag_srst
= new_srst
;
697 LOG_DEBUG("SRST line asserted");
698 if (jtag_nsrst_assert_width
)
699 jtag_add_sleep(jtag_nsrst_assert_width
* 1000);
702 LOG_DEBUG("SRST line released");
703 if (jtag_nsrst_delay
)
704 jtag_add_sleep(jtag_nsrst_delay
* 1000);
708 /* Maybe enter the JTAG TAP_RESET state ...
709 * - using only TMS, TCK, and the JTAG state machine
710 * - or else more directly, using TRST
712 * TAP_RESET should be invisible to non-debug parts of the system.
715 LOG_DEBUG("JTAG reset with TLR instead of TRST");
716 jtag_set_end_state(TAP_RESET
);
719 } else if (jtag_trst
!= new_trst
) {
720 jtag_trst
= new_trst
;
722 LOG_DEBUG("TRST line asserted");
723 tap_set_state(TAP_RESET
);
724 if (jtag_ntrst_assert_width
)
725 jtag_add_sleep(jtag_ntrst_assert_width
* 1000);
727 LOG_DEBUG("TRST line released");
728 if (jtag_ntrst_delay
)
729 jtag_add_sleep(jtag_ntrst_delay
* 1000);
731 /* We just asserted nTRST, so we're now in TAP_RESET.
732 * Inform possible listeners about this, now that
733 * JTAG instructions and data can be shifted. This
734 * sequence must match jtag_add_tlr().
736 jtag_call_event_callbacks(JTAG_TRST_ASSERTED
);
737 jtag_notify_event(JTAG_TRST_ASSERTED
);
742 tap_state_t
jtag_set_end_state(tap_state_t state
)
744 if ((state
== TAP_DRSHIFT
)||(state
== TAP_IRSHIFT
))
746 LOG_ERROR("BUG: TAP_DRSHIFT/IRSHIFT can't be end state. Calling code should use a larger scan field");
749 if (state
!= TAP_INVALID
)
750 cmd_queue_end_state
= state
;
751 return cmd_queue_end_state
;
754 tap_state_t
jtag_get_end_state(void)
756 return cmd_queue_end_state
;
759 void jtag_add_sleep(uint32_t us
)
761 /// @todo Here, keep_alive() appears to be a layering violation!!!
763 jtag_set_error(interface_jtag_add_sleep(us
));
766 static int jtag_check_value_inner(uint8_t *captured
, uint8_t *in_check_value
,
767 uint8_t *in_check_mask
, int num_bits
)
769 int retval
= ERROR_OK
;
771 int compare_failed
= 0;
774 compare_failed
= buf_cmp_mask(captured
, in_check_value
, in_check_mask
, num_bits
);
776 compare_failed
= buf_cmp(captured
, in_check_value
, num_bits
);
778 if (compare_failed
) {
779 char *captured_str
, *in_check_value_str
;
780 int bits
= (num_bits
> DEBUG_JTAG_IOZ
)
784 /* NOTE: we've lost diagnostic context here -- 'which tap' */
786 captured_str
= buf_to_str(captured
, bits
, 16);
787 in_check_value_str
= buf_to_str(in_check_value
, bits
, 16);
789 LOG_WARNING("Bad value '%s' captured during DR or IR scan:",
791 LOG_WARNING(" check_value: 0x%s", in_check_value_str
);
794 free(in_check_value_str
);
797 char *in_check_mask_str
;
799 in_check_mask_str
= buf_to_str(in_check_mask
, bits
, 16);
800 LOG_WARNING(" check_mask: 0x%s", in_check_mask_str
);
801 free(in_check_mask_str
);
804 retval
= ERROR_JTAG_QUEUE_FAILED
;
809 void jtag_check_value_mask(scan_field_t
*field
, uint8_t *value
, uint8_t *mask
)
811 assert(field
->in_value
!= NULL
);
815 /* no checking to do */
819 jtag_execute_queue_noclear();
821 int retval
= jtag_check_value_inner(field
->in_value
, value
, mask
, field
->num_bits
);
822 jtag_set_error(retval
);
827 int default_interface_jtag_execute_queue(void)
831 LOG_ERROR("No JTAG interface configured yet. "
832 "Issue 'init' command in startup scripts "
833 "before communicating with targets.");
837 return jtag
->execute_queue();
840 void jtag_execute_queue_noclear(void)
842 jtag_flush_queue_count
++;
843 jtag_set_error(interface_jtag_execute_queue());
846 int jtag_get_flush_queue_count(void)
848 return jtag_flush_queue_count
;
851 int jtag_execute_queue(void)
853 jtag_execute_queue_noclear();
854 return jtag_error_clear();
857 static int jtag_reset_callback(enum jtag_event event
, void *priv
)
859 jtag_tap_t
*tap
= priv
;
861 if (event
== JTAG_TRST_ASSERTED
)
863 tap
->enabled
= !tap
->disabled_after_reset
;
865 /* current instruction is either BYPASS or IDCODE */
866 buf_set_ones(tap
->cur_instr
, tap
->ir_length
);
873 void jtag_sleep(uint32_t us
)
875 alive_sleep(us
/1000);
878 /* Maximum number of enabled JTAG devices we expect in the scan chain,
879 * plus one (to detect garbage at the end). Devices that don't support
880 * IDCODE take up fewer bits, possibly allowing a few more devices.
882 #define JTAG_MAX_CHAIN_SIZE 20
884 #define EXTRACT_MFG(X) (((X) & 0xffe) >> 1)
885 #define EXTRACT_PART(X) (((X) & 0xffff000) >> 12)
886 #define EXTRACT_VER(X) (((X) & 0xf0000000) >> 28)
888 /* A reserved manufacturer ID is used in END_OF_CHAIN_FLAG, so we
889 * know that no valid TAP will have it as an IDCODE value.
891 #define END_OF_CHAIN_FLAG 0x000000ff
893 static int jtag_examine_chain_execute(uint8_t *idcode_buffer
, unsigned num_idcode
)
895 scan_field_t field
= {
897 .num_bits
= num_idcode
* 32,
898 .out_value
= idcode_buffer
,
899 .in_value
= idcode_buffer
,
902 // initialize to the end of chain ID value
903 for (unsigned i
= 0; i
< JTAG_MAX_CHAIN_SIZE
; i
++)
904 buf_set_u32(idcode_buffer
, i
* 32, 32, END_OF_CHAIN_FLAG
);
906 jtag_add_plain_dr_scan(1, &field
, TAP_DRPAUSE
);
908 return jtag_execute_queue();
911 static bool jtag_examine_chain_check(uint8_t *idcodes
, unsigned count
)
913 uint8_t zero_check
= 0x0;
914 uint8_t one_check
= 0xff;
916 for (unsigned i
= 0; i
< count
* 4; i
++)
918 zero_check
|= idcodes
[i
];
919 one_check
&= idcodes
[i
];
922 /* if there wasn't a single non-zero bit or if all bits were one,
923 * the scan is not valid. We wrote a mix of both values; either
925 * - There's a hardware issue (almost certainly):
926 * + all-zeroes can mean a target stuck in JTAG reset
927 * + all-ones tends to mean no target
928 * - The scan chain is WAY longer than we can handle, *AND* either
929 * + there are several hundreds of TAPs in bypass, or
930 * + at least a few dozen TAPs all have an all-ones IDCODE
932 if (zero_check
== 0x00 || one_check
== 0xff)
934 LOG_ERROR("JTAG scan chain interrogation failed: all %s",
935 (zero_check
== 0x00) ? "zeroes" : "ones");
936 LOG_ERROR("Check JTAG interface, timings, target power, etc.");
942 static void jtag_examine_chain_display(enum log_levels level
, const char *msg
,
943 const char *name
, uint32_t idcode
)
945 log_printf_lf(level
, __FILE__
, __LINE__
, __FUNCTION__
,
946 "JTAG tap: %s %16.16s: 0x%08x "
947 "(mfg: 0x%3.3x, part: 0x%4.4x, ver: 0x%1.1x)",
949 (unsigned int)idcode
,
950 (unsigned int)EXTRACT_MFG(idcode
),
951 (unsigned int)EXTRACT_PART(idcode
),
952 (unsigned int)EXTRACT_VER(idcode
));
955 static bool jtag_idcode_is_final(uint32_t idcode
)
958 * Some devices, such as AVR8, will output all 1's instead
959 * of TDI input value at end of chain. Allow those values
960 * instead of failing.
962 return idcode
== END_OF_CHAIN_FLAG
|| idcode
== 0xFFFFFFFF;
966 * This helper checks that remaining bits in the examined chain data are
967 * all as expected, but a single JTAG device requires only 64 bits to be
968 * read back correctly. This can help identify and diagnose problems
969 * with the JTAG chain earlier, gives more helpful/explicit error messages.
970 * Returns TRUE iff garbage was found.
972 static bool jtag_examine_chain_end(uint8_t *idcodes
, unsigned count
, unsigned max
)
974 bool triggered
= false;
975 for (; count
< max
- 31; count
+= 32)
977 uint32_t idcode
= buf_get_u32(idcodes
, count
, 32);
979 /* do not trigger the warning if the data looks good */
980 if (jtag_idcode_is_final(idcode
))
982 LOG_WARNING("Unexpected idcode after end of chain: %d 0x%08x",
983 count
, (unsigned int)idcode
);
989 static bool jtag_examine_chain_match_tap(const struct jtag_tap_s
*tap
)
991 /* ignore expected BYPASS codes; warn otherwise */
992 if (0 == tap
->expected_ids_cnt
&& !tap
->idcode
)
995 /* Loop over the expected identification codes and test for a match */
996 unsigned ii
, limit
= tap
->expected_ids_cnt
;
998 for (ii
= 0; ii
< limit
; ii
++)
1000 if (tap
->idcode
== tap
->expected_ids
[ii
])
1003 /* treat "-expected-id 0" as a "don't-warn" wildcard */
1004 if (0 == tap
->expected_ids
[ii
])
1008 /* If none of the expected ids matched, warn */
1009 jtag_examine_chain_display(LOG_LVL_WARNING
, "UNEXPECTED",
1010 tap
->dotted_name
, tap
->idcode
);
1011 for (ii
= 0; ii
< limit
; ii
++)
1015 snprintf(msg
, sizeof(msg
), "expected %u of %u", ii
+ 1, limit
);
1016 jtag_examine_chain_display(LOG_LVL_ERROR
, msg
,
1017 tap
->dotted_name
, tap
->expected_ids
[ii
]);
1022 /* Try to examine chain layout according to IEEE 1149.1 §12
1023 * This is called a "blind interrogation" of the scan chain.
1025 static int jtag_examine_chain(void)
1027 uint8_t idcode_buffer
[JTAG_MAX_CHAIN_SIZE
* 4];
1031 /* DR scan to collect BYPASS or IDCODE register contents.
1032 * Then make sure the scan data has both ones and zeroes.
1034 LOG_DEBUG("DR scan interrogation for IDCODE/BYPASS");
1035 retval
= jtag_examine_chain_execute(idcode_buffer
, JTAG_MAX_CHAIN_SIZE
);
1036 if (retval
!= ERROR_OK
)
1038 if (!jtag_examine_chain_check(idcode_buffer
, JTAG_MAX_CHAIN_SIZE
))
1039 return ERROR_JTAG_INIT_FAILED
;
1041 /* point at the 1st tap */
1042 jtag_tap_t
*tap
= jtag_tap_next_enabled(NULL
);
1045 LOG_ERROR("JTAG: No taps enabled?");
1046 return ERROR_JTAG_INIT_FAILED
;
1050 tap
&& bit_count
< (JTAG_MAX_CHAIN_SIZE
* 32) - 31;
1051 tap
= jtag_tap_next_enabled(tap
))
1053 uint32_t idcode
= buf_get_u32(idcode_buffer
, bit_count
, 32);
1055 if ((idcode
& 1) == 0)
1057 /* Zero for LSB indicates a device in bypass */
1058 LOG_WARNING("TAP %s does not have IDCODE",
1061 tap
->hasidcode
= false;
1067 /* Friendly devices support IDCODE */
1068 tap
->hasidcode
= true;
1069 jtag_examine_chain_display(LOG_LVL_INFO
,
1071 tap
->dotted_name
, idcode
);
1075 tap
->idcode
= idcode
;
1077 /* ensure the TAP ID matches what was expected */
1078 if (!jtag_examine_chain_match_tap(tap
))
1079 retval
= ERROR_JTAG_INIT_SOFT_FAIL
;
1082 /* Fail if too many TAPs were enabled for us to verify them all. */
1084 LOG_ERROR("Too many TAPs enabled; '%s' ignored.",
1086 return ERROR_JTAG_INIT_FAILED
;
1089 /* After those IDCODE or BYPASS register values should be
1090 * only the data we fed into the scan chain.
1092 if (jtag_examine_chain_end(idcode_buffer
, bit_count
,
1093 8 * sizeof(idcode_buffer
))) {
1094 LOG_ERROR("double-check your JTAG setup (interface, "
1095 "speed, missing TAPs, ...)");
1096 return ERROR_JTAG_INIT_FAILED
;
1099 /* Return success or, for backwards compatibility if only
1100 * some IDCODE values mismatched, a soft/continuable fault.
1106 * Validate the date loaded by entry to the Capture-IR state, to help
1107 * find errors related to scan chain configuration (wrong IR lengths)
1110 * Entry state can be anything. On non-error exit, all TAPs are in
1111 * bypass mode. On error exits, the scan chain is reset.
1113 static int jtag_validate_ircapture(void)
1116 int total_ir_length
= 0;
1117 uint8_t *ir_test
= NULL
;
1123 for (tap
= NULL
, total_ir_length
= 0;
1124 (tap
= jtag_tap_next_enabled(tap
)) != NULL
;
1125 total_ir_length
+= tap
->ir_length
)
1128 /* increase length to add 2 bit sentinel after scan */
1129 total_ir_length
+= 2;
1131 ir_test
= malloc(CEIL(total_ir_length
, 8));
1132 if (ir_test
== NULL
)
1135 /* after this scan, all TAPs will capture BYPASS instructions */
1136 buf_set_ones(ir_test
, total_ir_length
);
1139 field
.num_bits
= total_ir_length
;
1140 field
.out_value
= ir_test
;
1141 field
.in_value
= ir_test
;
1143 jtag_add_plain_ir_scan(1, &field
, TAP_IDLE
);
1145 LOG_DEBUG("IR capture validation scan");
1146 retval
= jtag_execute_queue();
1147 if (retval
!= ERROR_OK
)
1154 tap
= jtag_tap_next_enabled(tap
);
1159 /* Validate the two LSBs, which must be 01 per JTAG spec.
1161 * Or ... more bits could be provided by TAP declaration.
1162 * Plus, some taps (notably in i.MX series chips) violate
1163 * this part of the JTAG spec, so their capture mask/value
1164 * attributes might disable this test.
1166 val
= buf_get_u32(ir_test
, chain_pos
, tap
->ir_length
);
1167 if ((val
& tap
->ir_capture_mask
) != tap
->ir_capture_value
) {
1168 LOG_ERROR("%s: IR capture error; saw 0x%0*x not 0x%0*x",
1170 (tap
->ir_length
+ 7) / tap
->ir_length
,
1172 (tap
->ir_length
+ 7) / tap
->ir_length
,
1173 (unsigned) tap
->ir_capture_value
);
1175 retval
= ERROR_JTAG_INIT_FAILED
;
1178 LOG_DEBUG("%s: IR capture 0x%0*x", jtag_tap_name(tap
),
1179 (tap
->ir_length
+ 7) / tap
->ir_length
, val
);
1180 chain_pos
+= tap
->ir_length
;
1183 /* verify the '11' sentinel we wrote is returned at the end */
1184 val
= buf_get_u32(ir_test
, chain_pos
, 2);
1187 char *cbuf
= buf_to_str(ir_test
, total_ir_length
, 16);
1189 LOG_ERROR("IR capture error at bit %d, saw 0x%s not 0x...3",
1192 retval
= ERROR_JTAG_INIT_FAILED
;
1197 if (retval
!= ERROR_OK
) {
1199 jtag_execute_queue();
1205 void jtag_tap_init(jtag_tap_t
*tap
)
1207 assert(0 != tap
->ir_length
);
1209 /// @todo fix, this allocates one byte per bit for all three fields!
1210 tap
->expected
= malloc(tap
->ir_length
);
1211 tap
->expected_mask
= malloc(tap
->ir_length
);
1212 tap
->cur_instr
= malloc(tap
->ir_length
);
1214 /// @todo cope sanely with ir_length bigger than 32 bits
1215 buf_set_u32(tap
->expected
, 0, tap
->ir_length
, tap
->ir_capture_value
);
1216 buf_set_u32(tap
->expected_mask
, 0, tap
->ir_length
, tap
->ir_capture_mask
);
1217 buf_set_ones(tap
->cur_instr
, tap
->ir_length
);
1219 // place TAP in bypass mode
1221 // register the reset callback for the TAP
1222 jtag_register_event_callback(&jtag_reset_callback
, tap
);
1224 LOG_DEBUG("Created Tap: %s @ abs position %d, "
1225 "irlen %d, capture: 0x%x mask: 0x%x", tap
->dotted_name
,
1226 tap
->abs_chain_position
, tap
->ir_length
,
1227 (unsigned) tap
->ir_capture_value
,
1228 (unsigned) tap
->ir_capture_mask
);
1232 void jtag_tap_free(jtag_tap_t
*tap
)
1234 jtag_unregister_event_callback(&jtag_reset_callback
, tap
);
1236 /// @todo is anything missing? no memory leaks please
1237 free((void *)tap
->expected
);
1238 free((void *)tap
->expected_ids
);
1239 free((void *)tap
->chip
);
1240 free((void *)tap
->tapname
);
1241 free((void *)tap
->dotted_name
);
1245 int jtag_interface_init(struct command_context_s
*cmd_ctx
)
1250 if (!jtag_interface
)
1252 /* nothing was previously specified by "interface" command */
1253 LOG_ERROR("JTAG interface has to be specified, see \"interface\" command");
1254 return ERROR_JTAG_INVALID_INTERFACE
;
1257 jtag
= jtag_interface
;
1258 if (jtag_interface
->init() != ERROR_OK
)
1261 return ERROR_JTAG_INIT_FAILED
;
1264 int requested_khz
= jtag_get_speed_khz();
1265 int actual_khz
= requested_khz
;
1266 int retval
= jtag_get_speed_readable(&actual_khz
);
1267 if (ERROR_OK
!= retval
)
1268 LOG_INFO("interface specific clock speed value %d", jtag_get_speed());
1269 else if (actual_khz
)
1271 if ((CLOCK_MODE_RCLK
== clock_mode
)
1272 || ((CLOCK_MODE_KHZ
== clock_mode
) && !requested_khz
))
1274 LOG_INFO("RCLK (adaptive clock speed) not supported - fallback to %d kHz"
1278 LOG_INFO("clock speed %d kHz", actual_khz
);
1281 LOG_INFO("RCLK (adaptive clock speed)");
1286 int jtag_init_inner(struct command_context_s
*cmd_ctx
)
1290 bool issue_setup
= true;
1292 LOG_DEBUG("Init JTAG chain");
1294 tap
= jtag_tap_next_enabled(NULL
);
1296 LOG_ERROR("There are no enabled taps?");
1297 return ERROR_JTAG_INIT_FAILED
;
1301 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1304 /* Examine DR values first. This discovers problems which will
1305 * prevent communication ... hardware issues like TDO stuck, or
1306 * configuring the wrong number of (enabled) TAPs.
1308 retval
= jtag_examine_chain();
1311 /* complete success */
1313 case ERROR_JTAG_INIT_SOFT_FAIL
:
1314 /* For backward compatibility reasons, try coping with
1315 * configuration errors involving only ID mismatches.
1316 * We might be able to talk to the devices.
1318 LOG_ERROR("Trying to use configured scan chain anyway...");
1319 issue_setup
= false;
1322 /* some hard error; already issued diagnostics */
1326 /* Now look at IR values. Problems here will prevent real
1327 * communication. They mostly mean that the IR length is
1328 * wrong ... or that the IR capture value is wrong. (The
1329 * latter is uncommon, but easily worked around: provide
1330 * ircapture/irmask values during TAP setup.)
1332 retval
= jtag_validate_ircapture();
1333 if (retval
!= ERROR_OK
)
1337 jtag_notify_event(JTAG_TAP_EVENT_SETUP
);
1339 LOG_WARNING("Bypassing JTAG setup events due to errors");
1345 int jtag_interface_quit(void)
1347 if (!jtag
|| !jtag
->quit
)
1350 // close the JTAG interface
1351 int result
= jtag
->quit();
1352 if (ERROR_OK
!= result
)
1353 LOG_ERROR("failed: %d", result
);
1359 int jtag_init_reset(struct command_context_s
*cmd_ctx
)
1363 if ((retval
= jtag_interface_init(cmd_ctx
)) != ERROR_OK
)
1366 LOG_DEBUG("Initializing with hard TRST+SRST reset");
1369 * This procedure is used by default when OpenOCD triggers a reset.
1370 * It's now done through an overridable Tcl "init_reset" wrapper.
1372 * This started out as a more powerful "get JTAG working" reset than
1373 * jtag_init_inner(), applying TRST because some chips won't activate
1374 * JTAG without a TRST cycle (presumed to be async, though some of
1375 * those chips synchronize JTAG activation using TCK).
1377 * But some chips only activate JTAG as part of an SRST cycle; SRST
1378 * got mixed in. So it became a hard reset routine, which got used
1379 * in more places, and which coped with JTAG reset being forced as
1380 * part of SRST (srst_pulls_trst).
1382 * And even more corner cases started to surface: TRST and/or SRST
1383 * assertion timings matter; some chips need other JTAG operations;
1384 * TRST/SRST sequences can need to be different from these, etc.
1386 * Systems should override that wrapper to support system-specific
1387 * requirements that this not-fully-generic code doesn't handle.
1389 * REVISIT once Tcl code can read the reset_config modes, this won't
1390 * need to be a C routine at all...
1392 jtag_add_reset(1, 0); /* TAP_RESET, using TMS+TCK or TRST */
1393 if (jtag_reset_config
& RESET_HAS_SRST
)
1395 jtag_add_reset(1, 1);
1396 if ((jtag_reset_config
& RESET_SRST_PULLS_TRST
) == 0)
1397 jtag_add_reset(0, 1);
1399 jtag_add_reset(0, 0);
1400 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1403 /* Check that we can communication on the JTAG chain + eventually we want to
1404 * be able to perform enumeration only after OpenOCD has started
1405 * telnet and GDB server
1407 * That would allow users to more easily perform any magic they need to before
1410 return jtag_init_inner(cmd_ctx
);
1413 int jtag_init(struct command_context_s
*cmd_ctx
)
1417 if ((retval
= jtag_interface_init(cmd_ctx
)) != ERROR_OK
)
1420 /* guard against oddball hardware: force resets to be inactive */
1421 jtag_add_reset(0, 0);
1422 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1425 if (Jim_Eval_Named(interp
, "jtag_init", __FILE__
, __LINE__
) != JIM_OK
)
1431 unsigned jtag_get_speed_khz(void)
1436 static int jtag_khz_to_speed(unsigned khz
, int* speed
)
1438 LOG_DEBUG("convert khz to interface specific speed value");
1442 LOG_DEBUG("have interface set up");
1444 int retval
= jtag
->khz(jtag_get_speed_khz(), &speed_div1
);
1445 if (ERROR_OK
!= retval
)
1449 *speed
= speed_div1
;
1454 static int jtag_rclk_to_speed(unsigned fallback_speed_khz
, int* speed
)
1456 int retval
= jtag_khz_to_speed(0, speed
);
1457 if ((ERROR_OK
!= retval
) && fallback_speed_khz
)
1459 LOG_DEBUG("trying fallback speed...");
1460 retval
= jtag_khz_to_speed(fallback_speed_khz
, speed
);
1465 static int jtag_set_speed(int speed
)
1468 /* this command can be called during CONFIG,
1469 * in which case jtag isn't initialized */
1470 return jtag
? jtag
->speed(speed
) : ERROR_OK
;
1473 int jtag_config_speed(int speed
)
1475 LOG_DEBUG("handle jtag speed");
1476 clock_mode
= CLOCK_MODE_SPEED
;
1477 return jtag_set_speed(speed
);
1480 int jtag_config_khz(unsigned khz
)
1482 LOG_DEBUG("handle jtag khz");
1483 clock_mode
= CLOCK_MODE_KHZ
;
1485 int retval
= jtag_khz_to_speed(khz
, &speed
);
1486 return (ERROR_OK
!= retval
) ? retval
: jtag_set_speed(speed
);
1489 int jtag_config_rclk(unsigned fallback_speed_khz
)
1491 LOG_DEBUG("handle jtag rclk");
1492 clock_mode
= CLOCK_MODE_RCLK
;
1493 rclk_fallback_speed_khz
= fallback_speed_khz
;
1495 int retval
= jtag_rclk_to_speed(fallback_speed_khz
, &speed
);
1496 return (ERROR_OK
!= retval
) ? retval
: jtag_set_speed(speed
);
1499 int jtag_get_speed(void)
1504 case CLOCK_MODE_SPEED
:
1507 case CLOCK_MODE_KHZ
:
1508 jtag_khz_to_speed(jtag_get_speed_khz(), &speed
);
1510 case CLOCK_MODE_RCLK
:
1511 jtag_rclk_to_speed(rclk_fallback_speed_khz
, &speed
);
1514 LOG_ERROR("BUG: unknown jtag clock mode");
1521 int jtag_get_speed_readable(int *khz
)
1523 return jtag
? jtag
->speed_div(jtag_get_speed(), khz
) : ERROR_OK
;
1526 void jtag_set_verify(bool enable
)
1528 jtag_verify
= enable
;
1531 bool jtag_will_verify()
1536 void jtag_set_verify_capture_ir(bool enable
)
1538 jtag_verify_capture_ir
= enable
;
1541 bool jtag_will_verify_capture_ir()
1543 return jtag_verify_capture_ir
;
1546 int jtag_power_dropout(int *dropout
)
1548 return jtag
->power_dropout(dropout
);
1551 int jtag_srst_asserted(int *srst_asserted
)
1553 return jtag
->srst_asserted(srst_asserted
);
1556 enum reset_types
jtag_get_reset_config(void)
1558 return jtag_reset_config
;
1560 void jtag_set_reset_config(enum reset_types type
)
1562 jtag_reset_config
= type
;
1565 int jtag_get_trst(void)
1569 int jtag_get_srst(void)
1574 void jtag_set_nsrst_delay(unsigned delay
)
1576 jtag_nsrst_delay
= delay
;
1578 unsigned jtag_get_nsrst_delay(void)
1580 return jtag_nsrst_delay
;
1582 void jtag_set_ntrst_delay(unsigned delay
)
1584 jtag_ntrst_delay
= delay
;
1586 unsigned jtag_get_ntrst_delay(void)
1588 return jtag_ntrst_delay
;
1592 void jtag_set_nsrst_assert_width(unsigned delay
)
1594 jtag_nsrst_assert_width
= delay
;
1596 unsigned jtag_get_nsrst_assert_width(void)
1598 return jtag_nsrst_assert_width
;
1600 void jtag_set_ntrst_assert_width(unsigned delay
)
1602 jtag_ntrst_assert_width
= delay
;
1604 unsigned jtag_get_ntrst_assert_width(void)
1606 return jtag_ntrst_assert_width
;