1 /***************************************************************************
2 * Copyright (C) 2009 Zachary T Welch *
3 * zw@superlucidity.net *
5 * Copyright (C) 2007,2008,2009 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2009 SoftPLC Corporation *
12 * Copyright (C) 2005 by Dominic Rath *
13 * Dominic.Rath@gmx.de *
15 * This program is free software; you can redistribute it and/or modify *
16 * it under the terms of the GNU General Public License as published by *
17 * the Free Software Foundation; either version 2 of the License, or *
18 * (at your option) any later version. *
20 * This program is distributed in the hope that it will be useful, *
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
23 * GNU General Public License for more details. *
25 * You should have received a copy of the GNU General Public License *
26 * along with this program; if not, write to the *
27 * Free Software Foundation, Inc., *
28 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
29 ***************************************************************************/
35 #include "minidriver.h"
36 #include "interface.h"
43 /// The number of JTAG queue flushes (for profiling and debugging purposes).
44 static int jtag_flush_queue_count
;
46 static void jtag_add_scan_check(void (*jtag_add_scan
)(int in_num_fields
, const scan_field_t
*in_fields
, tap_state_t state
),
47 int in_num_fields
, scan_field_t
*in_fields
, tap_state_t state
);
50 * The jtag_error variable is set when an error occurs while executing
51 * the queue. Application code may set this using jtag_set_error(),
52 * when an error occurs during processing that should be reported during
53 * jtag_execute_queue().
55 * Tts value may be checked with jtag_get_error() and cleared with
56 * jtag_error_clear(). This value is returned (and cleared) by
57 * jtag_execute_queue().
59 static int jtag_error
= ERROR_OK
;
61 static const char *jtag_event_strings
[] =
63 [JTAG_TRST_ASSERTED
] = "TAP reset",
64 [JTAG_TAP_EVENT_SETUP
] = "TAP setup",
65 [JTAG_TAP_EVENT_ENABLE
] = "TAP enabled",
66 [JTAG_TAP_EVENT_DISABLE
] = "TAP disabled",
70 * JTAG adapters must initialize with TRST and SRST de-asserted
71 * (they're negative logic, so that means *high*). But some
72 * hardware doesn't necessarily work that way ... so set things
73 * up so that jtag_init() always forces that state.
75 static int jtag_trst
= -1;
76 static int jtag_srst
= -1;
79 * List all TAPs that have been created.
81 static jtag_tap_t
*__jtag_all_taps
= NULL
;
83 * The number of TAPs in the __jtag_all_taps list, used to track the
84 * assigned chain position to new TAPs
86 static unsigned jtag_num_taps
= 0;
88 static enum reset_types jtag_reset_config
= RESET_NONE
;
89 static tap_state_t cmd_queue_end_state
= TAP_RESET
;
90 tap_state_t cmd_queue_cur_state
= TAP_RESET
;
92 static bool jtag_verify_capture_ir
= true;
93 static int jtag_verify
= 1;
95 /* how long the OpenOCD should wait before attempting JTAG communication after reset lines deasserted (in ms) */
96 static int jtag_nsrst_delay
= 0; /* default to no nSRST delay */
97 static int jtag_ntrst_delay
= 0; /* default to no nTRST delay */
98 static int jtag_nsrst_assert_width
= 0; /* width of assertion */
99 static int jtag_ntrst_assert_width
= 0; /* width of assertion */
101 typedef struct jtag_event_callback_s
103 jtag_event_handler_t callback
;
105 struct jtag_event_callback_s
* next
;
106 } jtag_event_callback_t
;
108 /* callbacks to inform high-level handlers about JTAG state changes */
109 static jtag_event_callback_t
*jtag_event_callbacks
;
112 static int speed_khz
= 0;
113 /* speed to fallback to when RCLK is requested but not supported */
114 static int rclk_fallback_speed_khz
= 0;
115 static enum {CLOCK_MODE_SPEED
, CLOCK_MODE_KHZ
, CLOCK_MODE_RCLK
} clock_mode
;
116 static int jtag_speed
= 0;
118 static struct jtag_interface_s
*jtag
= NULL
;
121 jtag_interface_t
*jtag_interface
= NULL
;
123 void jtag_set_error(int error
)
125 if ((error
== ERROR_OK
) || (jtag_error
!= ERROR_OK
))
129 int jtag_get_error(void)
133 int jtag_error_clear(void)
135 int temp
= jtag_error
;
136 jtag_error
= ERROR_OK
;
142 static bool jtag_poll
= 1;
144 bool is_jtag_poll_safe(void)
146 /* Polling can be disabled explicitly with set_enabled(false).
147 * It is also implicitly disabled while TRST is active and
148 * while SRST is gating the JTAG clock.
150 if (!jtag_poll
|| jtag_trst
!= 0)
152 return jtag_srst
== 0 || (jtag_reset_config
& RESET_SRST_NO_GATING
);
155 bool jtag_poll_get_enabled(void)
160 void jtag_poll_set_enabled(bool value
)
167 jtag_tap_t
*jtag_all_taps(void)
169 return __jtag_all_taps
;
172 unsigned jtag_tap_count(void)
174 return jtag_num_taps
;
177 unsigned jtag_tap_count_enabled(void)
179 jtag_tap_t
*t
= jtag_all_taps();
190 /// Append a new TAP to the chain of all taps.
191 void jtag_tap_add(struct jtag_tap_s
*t
)
193 t
->abs_chain_position
= jtag_num_taps
++;
195 jtag_tap_t
**tap
= &__jtag_all_taps
;
197 tap
= &(*tap
)->next_tap
;
201 /* returns a pointer to the n-th device in the scan chain */
202 static inline jtag_tap_t
*jtag_tap_by_position(unsigned n
)
204 jtag_tap_t
*t
= jtag_all_taps();
212 jtag_tap_t
*jtag_tap_by_string(const char *s
)
214 /* try by name first */
215 jtag_tap_t
*t
= jtag_all_taps();
219 if (0 == strcmp(t
->dotted_name
, s
))
224 /* no tap found by name, so try to parse the name as a number */
226 if (parse_uint(s
, &n
) != ERROR_OK
)
229 /* FIXME remove this numeric fallback code late June 2010, along
230 * with all info in the User's Guide that TAPs have numeric IDs.
231 * Also update "scan_chain" output to not display the numbers.
233 t
= jtag_tap_by_position(n
);
235 LOG_WARNING("Specify TAP '%s' by name, not number %u",
241 jtag_tap_t
*jtag_tap_by_jim_obj(Jim_Interp
*interp
, Jim_Obj
*o
)
243 const char *cp
= Jim_GetString(o
, NULL
);
244 jtag_tap_t
*t
= cp
? jtag_tap_by_string(cp
) : NULL
;
248 Jim_SetResult_sprintf(interp
, "Tap '%s' could not be found", cp
);
252 jtag_tap_t
* jtag_tap_next_enabled(jtag_tap_t
* p
)
254 p
= p
? p
->next_tap
: jtag_all_taps();
264 const char *jtag_tap_name(const jtag_tap_t
*tap
)
266 return (tap
== NULL
) ? "(unknown)" : tap
->dotted_name
;
270 int jtag_register_event_callback(jtag_event_handler_t callback
, void *priv
)
272 jtag_event_callback_t
**callbacks_p
= &jtag_event_callbacks
;
274 if (callback
== NULL
)
276 return ERROR_INVALID_ARGUMENTS
;
281 while ((*callbacks_p
)->next
)
282 callbacks_p
= &((*callbacks_p
)->next
);
283 callbacks_p
= &((*callbacks_p
)->next
);
286 (*callbacks_p
) = malloc(sizeof(jtag_event_callback_t
));
287 (*callbacks_p
)->callback
= callback
;
288 (*callbacks_p
)->priv
= priv
;
289 (*callbacks_p
)->next
= NULL
;
294 int jtag_unregister_event_callback(jtag_event_handler_t callback
, void *priv
)
296 jtag_event_callback_t
**callbacks_p
;
297 jtag_event_callback_t
**next
;
299 if (callback
== NULL
)
301 return ERROR_INVALID_ARGUMENTS
;
304 for (callbacks_p
= &jtag_event_callbacks
;
305 *callbacks_p
!= NULL
;
308 next
= &((*callbacks_p
)->next
);
310 if ((*callbacks_p
)->priv
!= priv
)
313 if ((*callbacks_p
)->callback
== callback
)
316 *callbacks_p
= *next
;
323 int jtag_call_event_callbacks(enum jtag_event event
)
325 jtag_event_callback_t
*callback
= jtag_event_callbacks
;
327 LOG_DEBUG("jtag event: %s", jtag_event_strings
[event
]);
331 jtag_event_callback_t
*next
;
333 /* callback may remove itself */
334 next
= callback
->next
;
335 callback
->callback(event
, callback
->priv
);
342 static void jtag_checks(void)
344 assert(jtag_trst
== 0);
347 static void jtag_prelude(tap_state_t state
)
351 assert(state
!= TAP_INVALID
);
353 cmd_queue_cur_state
= state
;
356 void jtag_alloc_in_value32(scan_field_t
*field
)
358 interface_jtag_alloc_in_value32(field
);
361 void jtag_add_ir_scan_noverify(int in_count
, const scan_field_t
*in_fields
,
366 int retval
= interface_jtag_add_ir_scan(in_count
, in_fields
, state
);
367 jtag_set_error(retval
);
371 void jtag_add_ir_scan(int in_num_fields
, scan_field_t
*in_fields
, tap_state_t state
)
373 assert(state
!= TAP_RESET
);
375 if (jtag_verify
&& jtag_verify_capture_ir
)
377 /* 8 x 32 bit id's is enough for all invocations */
379 for (int j
= 0; j
< in_num_fields
; j
++)
381 /* if we are to run a verification of the ir scan, we need to get the input back.
382 * We may have to allocate space if the caller didn't ask for the input back.
384 in_fields
[j
].check_value
= in_fields
[j
].tap
->expected
;
385 in_fields
[j
].check_mask
= in_fields
[j
].tap
->expected_mask
;
387 jtag_add_scan_check(jtag_add_ir_scan_noverify
, in_num_fields
, in_fields
, state
);
390 jtag_add_ir_scan_noverify(in_num_fields
, in_fields
, state
);
394 void jtag_add_plain_ir_scan(int in_num_fields
, const scan_field_t
*in_fields
,
397 assert(state
!= TAP_RESET
);
401 int retval
= interface_jtag_add_plain_ir_scan(
402 in_num_fields
, in_fields
, state
);
403 jtag_set_error(retval
);
406 void jtag_add_callback(jtag_callback1_t f
, jtag_callback_data_t data0
)
408 interface_jtag_add_callback(f
, data0
);
411 void jtag_add_callback4(jtag_callback_t f
, jtag_callback_data_t data0
,
412 jtag_callback_data_t data1
, jtag_callback_data_t data2
,
413 jtag_callback_data_t data3
)
415 interface_jtag_add_callback4(f
, data0
, data1
, data2
, data3
);
418 static int jtag_check_value_inner(uint8_t *captured
, uint8_t *in_check_value
,
419 uint8_t *in_check_mask
, int num_bits
);
421 static int jtag_check_value_mask_callback(jtag_callback_data_t data0
, jtag_callback_data_t data1
, jtag_callback_data_t data2
, jtag_callback_data_t data3
)
423 return jtag_check_value_inner((uint8_t *)data0
, (uint8_t *)data1
, (uint8_t *)data2
, (int)data3
);
426 static void jtag_add_scan_check(void (*jtag_add_scan
)(int in_num_fields
, const scan_field_t
*in_fields
, tap_state_t state
),
427 int in_num_fields
, scan_field_t
*in_fields
, tap_state_t state
)
429 for (int i
= 0; i
< in_num_fields
; i
++)
431 struct scan_field_s
*field
= &in_fields
[i
];
432 field
->allocated
= 0;
434 if (field
->check_value
|| field
->in_value
)
436 interface_jtag_add_scan_check_alloc(field
);
440 jtag_add_scan(in_num_fields
, in_fields
, state
);
442 for (int i
= 0; i
< in_num_fields
; i
++)
444 if ((in_fields
[i
].check_value
!= NULL
) && (in_fields
[i
].in_value
!= NULL
))
446 /* this is synchronous for a minidriver */
447 jtag_add_callback4(jtag_check_value_mask_callback
, (jtag_callback_data_t
)in_fields
[i
].in_value
,
448 (jtag_callback_data_t
)in_fields
[i
].check_value
,
449 (jtag_callback_data_t
)in_fields
[i
].check_mask
,
450 (jtag_callback_data_t
)in_fields
[i
].num_bits
);
452 if (in_fields
[i
].allocated
)
454 free(in_fields
[i
].in_value
);
456 if (in_fields
[i
].modified
)
458 in_fields
[i
].in_value
= NULL
;
463 void jtag_add_dr_scan_check(int in_num_fields
, scan_field_t
*in_fields
, tap_state_t state
)
467 jtag_add_scan_check(jtag_add_dr_scan
, in_num_fields
, in_fields
, state
);
470 jtag_add_dr_scan(in_num_fields
, in_fields
, state
);
475 void jtag_add_dr_scan(int in_num_fields
, const scan_field_t
*in_fields
,
478 assert(state
!= TAP_RESET
);
483 retval
= interface_jtag_add_dr_scan(in_num_fields
, in_fields
, state
);
484 jtag_set_error(retval
);
487 void jtag_add_plain_dr_scan(int in_num_fields
, const scan_field_t
*in_fields
,
490 assert(state
!= TAP_RESET
);
495 retval
= interface_jtag_add_plain_dr_scan(in_num_fields
, in_fields
, state
);
496 jtag_set_error(retval
);
499 void jtag_add_dr_out(jtag_tap_t
* tap
,
500 int num_fields
, const int* num_bits
, const uint32_t* value
,
501 tap_state_t end_state
)
503 assert(end_state
!= TAP_RESET
);
504 assert(end_state
!= TAP_INVALID
);
506 cmd_queue_cur_state
= end_state
;
508 interface_jtag_add_dr_out(tap
,
509 num_fields
, num_bits
, value
,
513 void jtag_add_tlr(void)
515 jtag_prelude(TAP_RESET
);
516 jtag_set_error(interface_jtag_add_tlr());
518 /* NOTE: order here matches TRST path in jtag_add_reset() */
519 jtag_call_event_callbacks(JTAG_TRST_ASSERTED
);
520 jtag_notify_event(JTAG_TRST_ASSERTED
);
523 void jtag_add_pathmove(int num_states
, const tap_state_t
*path
)
525 tap_state_t cur_state
= cmd_queue_cur_state
;
527 /* the last state has to be a stable state */
528 if (!tap_is_state_stable(path
[num_states
- 1]))
530 LOG_ERROR("BUG: TAP path doesn't finish in a stable state");
531 jtag_set_error(ERROR_JTAG_NOT_STABLE_STATE
);
535 for (int i
= 0; i
< num_states
; i
++)
537 if (path
[i
] == TAP_RESET
)
539 LOG_ERROR("BUG: TAP_RESET is not a valid state for pathmove sequences");
540 jtag_set_error(ERROR_JTAG_STATE_INVALID
);
544 if (tap_state_transition(cur_state
, true) != path
[i
]
545 && tap_state_transition(cur_state
, false) != path
[i
])
547 LOG_ERROR("BUG: %s -> %s isn't a valid TAP transition",
548 tap_state_name(cur_state
), tap_state_name(path
[i
]));
549 jtag_set_error(ERROR_JTAG_TRANSITION_INVALID
);
557 jtag_set_error(interface_jtag_add_pathmove(num_states
, path
));
558 cmd_queue_cur_state
= path
[num_states
- 1];
561 int jtag_add_statemove(tap_state_t goal_state
)
563 tap_state_t cur_state
= cmd_queue_cur_state
;
565 LOG_DEBUG("cur_state=%s goal_state=%s",
566 tap_state_name(cur_state
),
567 tap_state_name(goal_state
));
570 /* If goal is RESET, be paranoid and force that that transition
571 * (e.g. five TCK cycles, TMS high). Else trust "cur_state".
573 if (goal_state
== TAP_RESET
)
575 else if (goal_state
== cur_state
)
576 /* nothing to do */ ;
578 else if (tap_is_state_stable(cur_state
) && tap_is_state_stable(goal_state
))
580 unsigned tms_bits
= tap_get_tms_path(cur_state
, goal_state
);
581 unsigned tms_count
= tap_get_tms_path_len(cur_state
, goal_state
);
582 tap_state_t moves
[8];
583 assert(tms_count
< DIM(moves
));
585 for (unsigned i
= 0; i
< tms_count
; i
++, tms_bits
>>= 1)
587 bool bit
= tms_bits
& 1;
589 cur_state
= tap_state_transition(cur_state
, bit
);
590 moves
[i
] = cur_state
;
593 jtag_add_pathmove(tms_count
, moves
);
595 else if (tap_state_transition(cur_state
, true) == goal_state
596 || tap_state_transition(cur_state
, false) == goal_state
)
598 jtag_add_pathmove(1, &goal_state
);
607 void jtag_add_runtest(int num_cycles
, tap_state_t state
)
610 jtag_set_error(interface_jtag_add_runtest(num_cycles
, state
));
614 void jtag_add_clocks(int num_cycles
)
616 if (!tap_is_state_stable(cmd_queue_cur_state
))
618 LOG_ERROR("jtag_add_clocks() called with TAP in unstable state \"%s\"",
619 tap_state_name(cmd_queue_cur_state
));
620 jtag_set_error(ERROR_JTAG_NOT_STABLE_STATE
);
627 jtag_set_error(interface_jtag_add_clocks(num_cycles
));
631 void jtag_add_reset(int req_tlr_or_trst
, int req_srst
)
633 int trst_with_tlr
= 0;
637 /* Without SRST, we must use target-specific JTAG operations
638 * on each target; callers should not be requesting SRST when
639 * that signal doesn't exist.
641 * RESET_SRST_PULLS_TRST is a board or chip level quirk, which
642 * can kick in even if the JTAG adapter can't drive TRST.
645 if (!(jtag_reset_config
& RESET_HAS_SRST
)) {
646 LOG_ERROR("BUG: can't assert SRST");
647 jtag_set_error(ERROR_FAIL
);
650 if ((jtag_reset_config
& RESET_SRST_PULLS_TRST
) != 0
651 && !req_tlr_or_trst
) {
652 LOG_ERROR("BUG: can't assert only SRST");
653 jtag_set_error(ERROR_FAIL
);
659 /* JTAG reset (entry to TAP_RESET state) can always be achieved
660 * using TCK and TMS; that may go through a TAP_{IR,DR}UPDATE
661 * state first. TRST accelerates it, and bypasses those states.
663 * RESET_TRST_PULLS_SRST is a board or chip level quirk, which
664 * can kick in even if the JTAG adapter can't drive SRST.
666 if (req_tlr_or_trst
) {
667 if (!(jtag_reset_config
& RESET_HAS_TRST
))
669 else if ((jtag_reset_config
& RESET_TRST_PULLS_SRST
) != 0
676 /* Maybe change TRST and/or SRST signal state */
677 if (jtag_srst
!= new_srst
|| jtag_trst
!= new_trst
) {
680 retval
= interface_jtag_add_reset(new_trst
, new_srst
);
681 if (retval
!= ERROR_OK
)
682 jtag_set_error(retval
);
684 retval
= jtag_execute_queue();
686 if (retval
!= ERROR_OK
) {
687 LOG_ERROR("TRST/SRST error %d", retval
);
692 /* SRST resets everything hooked up to that signal */
693 if (jtag_srst
!= new_srst
) {
694 jtag_srst
= new_srst
;
697 LOG_DEBUG("SRST line asserted");
698 if (jtag_nsrst_assert_width
)
699 jtag_add_sleep(jtag_nsrst_assert_width
* 1000);
702 LOG_DEBUG("SRST line released");
703 if (jtag_nsrst_delay
)
704 jtag_add_sleep(jtag_nsrst_delay
* 1000);
708 /* Maybe enter the JTAG TAP_RESET state ...
709 * - using only TMS, TCK, and the JTAG state machine
710 * - or else more directly, using TRST
712 * TAP_RESET should be invisible to non-debug parts of the system.
715 LOG_DEBUG("JTAG reset with TLR instead of TRST");
716 jtag_set_end_state(TAP_RESET
);
719 } else if (jtag_trst
!= new_trst
) {
720 jtag_trst
= new_trst
;
722 LOG_DEBUG("TRST line asserted");
723 tap_set_state(TAP_RESET
);
724 if (jtag_ntrst_assert_width
)
725 jtag_add_sleep(jtag_ntrst_assert_width
* 1000);
727 LOG_DEBUG("TRST line released");
728 if (jtag_ntrst_delay
)
729 jtag_add_sleep(jtag_ntrst_delay
* 1000);
731 /* We just asserted nTRST, so we're now in TAP_RESET.
732 * Inform possible listeners about this, now that
733 * JTAG instructions and data can be shifted. This
734 * sequence must match jtag_add_tlr().
736 jtag_call_event_callbacks(JTAG_TRST_ASSERTED
);
737 jtag_notify_event(JTAG_TRST_ASSERTED
);
742 tap_state_t
jtag_set_end_state(tap_state_t state
)
744 if ((state
== TAP_DRSHIFT
)||(state
== TAP_IRSHIFT
))
746 LOG_ERROR("BUG: TAP_DRSHIFT/IRSHIFT can't be end state. Calling code should use a larger scan field");
749 if (state
!= TAP_INVALID
)
750 cmd_queue_end_state
= state
;
751 return cmd_queue_end_state
;
754 tap_state_t
jtag_get_end_state(void)
756 return cmd_queue_end_state
;
759 void jtag_add_sleep(uint32_t us
)
761 /// @todo Here, keep_alive() appears to be a layering violation!!!
763 jtag_set_error(interface_jtag_add_sleep(us
));
766 static int jtag_check_value_inner(uint8_t *captured
, uint8_t *in_check_value
,
767 uint8_t *in_check_mask
, int num_bits
)
769 int retval
= ERROR_OK
;
771 int compare_failed
= 0;
774 compare_failed
= buf_cmp_mask(captured
, in_check_value
, in_check_mask
, num_bits
);
776 compare_failed
= buf_cmp(captured
, in_check_value
, num_bits
);
778 if (compare_failed
) {
779 char *captured_str
, *in_check_value_str
;
780 int bits
= (num_bits
> DEBUG_JTAG_IOZ
)
784 /* NOTE: we've lost diagnostic context here -- 'which tap' */
786 captured_str
= buf_to_str(captured
, bits
, 16);
787 in_check_value_str
= buf_to_str(in_check_value
, bits
, 16);
789 LOG_WARNING("Bad value '%s' captured during DR or IR scan:",
791 LOG_WARNING(" check_value: 0x%s", in_check_value_str
);
794 free(in_check_value_str
);
797 char *in_check_mask_str
;
799 in_check_mask_str
= buf_to_str(in_check_mask
, bits
, 16);
800 LOG_WARNING(" check_mask: 0x%s", in_check_mask_str
);
801 free(in_check_mask_str
);
804 retval
= ERROR_JTAG_QUEUE_FAILED
;
809 void jtag_check_value_mask(scan_field_t
*field
, uint8_t *value
, uint8_t *mask
)
811 assert(field
->in_value
!= NULL
);
815 /* no checking to do */
819 jtag_execute_queue_noclear();
821 int retval
= jtag_check_value_inner(field
->in_value
, value
, mask
, field
->num_bits
);
822 jtag_set_error(retval
);
827 int default_interface_jtag_execute_queue(void)
831 LOG_ERROR("No JTAG interface configured yet. "
832 "Issue 'init' command in startup scripts "
833 "before communicating with targets.");
837 return jtag
->execute_queue();
840 void jtag_execute_queue_noclear(void)
842 jtag_flush_queue_count
++;
843 jtag_set_error(interface_jtag_execute_queue());
846 int jtag_get_flush_queue_count(void)
848 return jtag_flush_queue_count
;
851 int jtag_execute_queue(void)
853 jtag_execute_queue_noclear();
854 return jtag_error_clear();
857 static int jtag_reset_callback(enum jtag_event event
, void *priv
)
859 jtag_tap_t
*tap
= priv
;
861 if (event
== JTAG_TRST_ASSERTED
)
863 tap
->enabled
= !tap
->disabled_after_reset
;
865 /* current instruction is either BYPASS or IDCODE */
866 buf_set_ones(tap
->cur_instr
, tap
->ir_length
);
873 void jtag_sleep(uint32_t us
)
875 alive_sleep(us
/1000);
878 /* Maximum number of enabled JTAG devices we expect in the scan chain,
879 * plus one (to detect garbage at the end). Devices that don't support
880 * IDCODE take up fewer bits, possibly allowing a few more devices.
882 #define JTAG_MAX_CHAIN_SIZE 20
884 #define EXTRACT_MFG(X) (((X) & 0xffe) >> 1)
885 #define EXTRACT_PART(X) (((X) & 0xffff000) >> 12)
886 #define EXTRACT_VER(X) (((X) & 0xf0000000) >> 28)
888 /* A reserved manufacturer ID is used in END_OF_CHAIN_FLAG, so we
889 * know that no valid TAP will have it as an IDCODE value.
891 #define END_OF_CHAIN_FLAG 0x000000ff
893 static int jtag_examine_chain_execute(uint8_t *idcode_buffer
, unsigned num_idcode
)
895 scan_field_t field
= {
897 .num_bits
= num_idcode
* 32,
898 .out_value
= idcode_buffer
,
899 .in_value
= idcode_buffer
,
902 // initialize to the end of chain ID value
903 for (unsigned i
= 0; i
< JTAG_MAX_CHAIN_SIZE
; i
++)
904 buf_set_u32(idcode_buffer
, i
* 32, 32, END_OF_CHAIN_FLAG
);
906 jtag_add_plain_dr_scan(1, &field
, TAP_DRPAUSE
);
908 return jtag_execute_queue();
911 static bool jtag_examine_chain_check(uint8_t *idcodes
, unsigned count
)
913 uint8_t zero_check
= 0x0;
914 uint8_t one_check
= 0xff;
916 for (unsigned i
= 0; i
< count
* 4; i
++)
918 zero_check
|= idcodes
[i
];
919 one_check
&= idcodes
[i
];
922 /* if there wasn't a single non-zero bit or if all bits were one,
923 * the scan is not valid. We wrote a mix of both values; either
925 * - There's a hardware issue (almost certainly):
926 * + all-zeroes can mean a target stuck in JTAG reset
927 * + all-ones tends to mean no target
928 * - The scan chain is WAY longer than we can handle, *AND* either
929 * + there are several hundreds of TAPs in bypass, or
930 * + at least a few dozen TAPs all have an all-ones IDCODE
932 if (zero_check
== 0x00 || one_check
== 0xff)
934 LOG_ERROR("JTAG scan chain interrogation failed: all %s",
935 (zero_check
== 0x00) ? "zeroes" : "ones");
936 LOG_ERROR("Check JTAG interface, timings, target power, etc.");
942 static void jtag_examine_chain_display(enum log_levels level
, const char *msg
,
943 const char *name
, uint32_t idcode
)
945 log_printf_lf(level
, __FILE__
, __LINE__
, __FUNCTION__
,
946 "JTAG tap: %s %16.16s: 0x%08x "
947 "(mfg: 0x%3.3x, part: 0x%4.4x, ver: 0x%1.1x)",
949 (unsigned int)idcode
,
950 (unsigned int)EXTRACT_MFG(idcode
),
951 (unsigned int)EXTRACT_PART(idcode
),
952 (unsigned int)EXTRACT_VER(idcode
));
955 static bool jtag_idcode_is_final(uint32_t idcode
)
958 * Some devices, such as AVR8, will output all 1's instead
959 * of TDI input value at end of chain. Allow those values
960 * instead of failing.
962 return idcode
== END_OF_CHAIN_FLAG
|| idcode
== 0xFFFFFFFF;
966 * This helper checks that remaining bits in the examined chain data are
967 * all as expected, but a single JTAG device requires only 64 bits to be
968 * read back correctly. This can help identify and diagnose problems
969 * with the JTAG chain earlier, gives more helpful/explicit error messages.
970 * Returns TRUE iff garbage was found.
972 static bool jtag_examine_chain_end(uint8_t *idcodes
, unsigned count
, unsigned max
)
974 bool triggered
= false;
975 for (; count
< max
- 31; count
+= 32)
977 uint32_t idcode
= buf_get_u32(idcodes
, count
, 32);
979 /* do not trigger the warning if the data looks good */
980 if (jtag_idcode_is_final(idcode
))
982 LOG_WARNING("Unexpected idcode after end of chain: %d 0x%08x",
983 count
, (unsigned int)idcode
);
989 static bool jtag_examine_chain_match_tap(const struct jtag_tap_s
*tap
)
991 /* ignore expected BYPASS codes; warn otherwise */
992 if (0 == tap
->expected_ids_cnt
&& !tap
->idcode
)
995 /* Loop over the expected identification codes and test for a match */
996 unsigned ii
, limit
= tap
->expected_ids_cnt
;
998 for (ii
= 0; ii
< limit
; ii
++)
1000 if (tap
->idcode
== tap
->expected_ids
[ii
])
1003 /* treat "-expected-id 0" as a "don't-warn" wildcard */
1004 if (0 == tap
->expected_ids
[ii
])
1008 /* If none of the expected ids matched, warn */
1009 jtag_examine_chain_display(LOG_LVL_WARNING
, "UNEXPECTED",
1010 tap
->dotted_name
, tap
->idcode
);
1011 for (ii
= 0; ii
< limit
; ii
++)
1015 snprintf(msg
, sizeof(msg
), "expected %u of %u", ii
+ 1, limit
);
1016 jtag_examine_chain_display(LOG_LVL_ERROR
, msg
,
1017 tap
->dotted_name
, tap
->expected_ids
[ii
]);
1022 /* Try to examine chain layout according to IEEE 1149.1 §12
1023 * This is called a "blind interrogation" of the scan chain.
1025 static int jtag_examine_chain(void)
1027 uint8_t idcode_buffer
[JTAG_MAX_CHAIN_SIZE
* 4];
1031 /* DR scan to collect BYPASS or IDCODE register contents.
1032 * Then make sure the scan data has both ones and zeroes.
1034 LOG_DEBUG("DR scan interrogation for IDCODE/BYPASS");
1035 retval
= jtag_examine_chain_execute(idcode_buffer
, JTAG_MAX_CHAIN_SIZE
);
1036 if (retval
!= ERROR_OK
)
1038 if (!jtag_examine_chain_check(idcode_buffer
, JTAG_MAX_CHAIN_SIZE
))
1039 return ERROR_JTAG_INIT_FAILED
;
1041 /* point at the 1st tap */
1042 jtag_tap_t
*tap
= jtag_tap_next_enabled(NULL
);
1045 LOG_ERROR("JTAG: No taps enabled?");
1046 return ERROR_JTAG_INIT_FAILED
;
1050 tap
&& bit_count
< (JTAG_MAX_CHAIN_SIZE
* 32) - 31;
1051 tap
= jtag_tap_next_enabled(tap
))
1053 uint32_t idcode
= buf_get_u32(idcode_buffer
, bit_count
, 32);
1055 if ((idcode
& 1) == 0)
1057 /* Zero for LSB indicates a device in bypass */
1058 LOG_WARNING("TAP %s does not have IDCODE",
1061 tap
->hasidcode
= false;
1067 /* Friendly devices support IDCODE */
1068 tap
->hasidcode
= true;
1069 jtag_examine_chain_display(LOG_LVL_INFO
,
1071 tap
->dotted_name
, idcode
);
1075 tap
->idcode
= idcode
;
1077 /* ensure the TAP ID matches what was expected */
1078 if (!jtag_examine_chain_match_tap(tap
))
1079 retval
= ERROR_JTAG_INIT_SOFT_FAIL
;
1082 /* Fail if too many TAPs were enabled for us to verify them all. */
1084 LOG_ERROR("Too many TAPs enabled; '%s' ignored.",
1086 return ERROR_JTAG_INIT_FAILED
;
1089 /* After those IDCODE or BYPASS register values should be
1090 * only the data we fed into the scan chain.
1092 if (jtag_examine_chain_end(idcode_buffer
, bit_count
,
1093 8 * sizeof(idcode_buffer
))) {
1094 LOG_ERROR("double-check your JTAG setup (interface, "
1095 "speed, missing TAPs, ...)");
1096 return ERROR_JTAG_INIT_FAILED
;
1099 /* Return success or, for backwards compatibility if only
1100 * some IDCODE values mismatched, a soft/continuable fault.
1106 * Validate the date loaded by entry to the Capture-IR state, to help
1107 * find errors related to scan chain configuration (wrong IR lengths)
1110 * Entry state can be anything. On non-error exit, all TAPs are in
1111 * bypass mode. On error exits, the scan chain is reset.
1113 static int jtag_validate_ircapture(void)
1116 int total_ir_length
= 0;
1117 uint8_t *ir_test
= NULL
;
1123 for (tap
= NULL
, total_ir_length
= 0;
1124 (tap
= jtag_tap_next_enabled(tap
)) != NULL
;
1125 total_ir_length
+= tap
->ir_length
)
1128 /* increase length to add 2 bit sentinel after scan */
1129 total_ir_length
+= 2;
1131 ir_test
= malloc(CEIL(total_ir_length
, 8));
1132 if (ir_test
== NULL
)
1135 /* after this scan, all TAPs will capture BYPASS instructions */
1136 buf_set_ones(ir_test
, total_ir_length
);
1139 field
.num_bits
= total_ir_length
;
1140 field
.out_value
= ir_test
;
1141 field
.in_value
= ir_test
;
1143 jtag_add_plain_ir_scan(1, &field
, TAP_IDLE
);
1145 LOG_DEBUG("IR capture validation scan");
1146 retval
= jtag_execute_queue();
1147 if (retval
!= ERROR_OK
)
1154 tap
= jtag_tap_next_enabled(tap
);
1159 /* Validate the two LSBs, which must be 01 per JTAG spec.
1161 * Or ... more bits could be provided by TAP declaration.
1162 * Plus, some taps (notably in i.MX series chips) violate
1163 * this part of the JTAG spec, so their capture mask/value
1164 * attributes might disable this test.
1166 val
= buf_get_u32(ir_test
, chain_pos
, tap
->ir_length
);
1167 if ((val
& tap
->ir_capture_mask
) != tap
->ir_capture_value
) {
1168 LOG_ERROR("%s: IR capture error; saw 0x%0*x not 0x%0*x",
1170 (tap
->ir_length
+ 7) / tap
->ir_length
,
1172 (tap
->ir_length
+ 7) / tap
->ir_length
,
1173 (unsigned) tap
->ir_capture_value
);
1175 retval
= ERROR_JTAG_INIT_FAILED
;
1178 LOG_DEBUG("%s: IR capture 0x%0*x", jtag_tap_name(tap
),
1179 (tap
->ir_length
+ 7) / tap
->ir_length
, val
);
1180 chain_pos
+= tap
->ir_length
;
1183 /* verify the '11' sentinel we wrote is returned at the end */
1184 val
= buf_get_u32(ir_test
, chain_pos
, 2);
1187 char *cbuf
= buf_to_str(ir_test
, total_ir_length
, 16);
1189 LOG_ERROR("IR capture error at bit %d, saw 0x%s not 0x...3",
1192 retval
= ERROR_JTAG_INIT_FAILED
;
1197 if (retval
!= ERROR_OK
) {
1199 jtag_execute_queue();
1205 void jtag_tap_init(jtag_tap_t
*tap
)
1207 unsigned ir_len_bits
;
1208 unsigned ir_len_bytes
;
1210 assert(0 != tap
->ir_length
);
1212 ir_len_bits
= tap
->ir_length
;
1213 ir_len_bytes
= CEIL(ir_len_bits
, 8);
1215 tap
->expected
= calloc(1, ir_len_bytes
);
1216 tap
->expected_mask
= calloc(1, ir_len_bytes
);
1217 tap
->cur_instr
= malloc(ir_len_bytes
);
1219 /// @todo cope better with ir_length bigger than 32 bits
1220 if (ir_len_bits
> 32)
1223 buf_set_u32(tap
->expected
, 0, ir_len_bits
, tap
->ir_capture_value
);
1224 buf_set_u32(tap
->expected_mask
, 0, ir_len_bits
, tap
->ir_capture_mask
);
1226 // TAP will be in bypass mode after jtag_validate_ircapture()
1228 buf_set_ones(tap
->cur_instr
, tap
->ir_length
);
1230 // register the reset callback for the TAP
1231 jtag_register_event_callback(&jtag_reset_callback
, tap
);
1233 LOG_DEBUG("Created Tap: %s @ abs position %d, "
1234 "irlen %d, capture: 0x%x mask: 0x%x", tap
->dotted_name
,
1235 tap
->abs_chain_position
, tap
->ir_length
,
1236 (unsigned) tap
->ir_capture_value
,
1237 (unsigned) tap
->ir_capture_mask
);
1241 void jtag_tap_free(jtag_tap_t
*tap
)
1243 jtag_unregister_event_callback(&jtag_reset_callback
, tap
);
1245 /// @todo is anything missing? no memory leaks please
1246 free((void *)tap
->expected
);
1247 free((void *)tap
->expected_ids
);
1248 free((void *)tap
->chip
);
1249 free((void *)tap
->tapname
);
1250 free((void *)tap
->dotted_name
);
1254 int jtag_interface_init(struct command_context_s
*cmd_ctx
)
1259 if (!jtag_interface
)
1261 /* nothing was previously specified by "interface" command */
1262 LOG_ERROR("JTAG interface has to be specified, see \"interface\" command");
1263 return ERROR_JTAG_INVALID_INTERFACE
;
1266 jtag
= jtag_interface
;
1267 if (jtag_interface
->init() != ERROR_OK
)
1270 return ERROR_JTAG_INIT_FAILED
;
1273 int requested_khz
= jtag_get_speed_khz();
1274 int actual_khz
= requested_khz
;
1275 int retval
= jtag_get_speed_readable(&actual_khz
);
1276 if (ERROR_OK
!= retval
)
1277 LOG_INFO("interface specific clock speed value %d", jtag_get_speed());
1278 else if (actual_khz
)
1280 if ((CLOCK_MODE_RCLK
== clock_mode
)
1281 || ((CLOCK_MODE_KHZ
== clock_mode
) && !requested_khz
))
1283 LOG_INFO("RCLK (adaptive clock speed) not supported - fallback to %d kHz"
1287 LOG_INFO("clock speed %d kHz", actual_khz
);
1290 LOG_INFO("RCLK (adaptive clock speed)");
1295 int jtag_init_inner(struct command_context_s
*cmd_ctx
)
1299 bool issue_setup
= true;
1301 LOG_DEBUG("Init JTAG chain");
1303 tap
= jtag_tap_next_enabled(NULL
);
1305 LOG_ERROR("There are no enabled taps?");
1306 return ERROR_JTAG_INIT_FAILED
;
1310 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1313 /* Examine DR values first. This discovers problems which will
1314 * prevent communication ... hardware issues like TDO stuck, or
1315 * configuring the wrong number of (enabled) TAPs.
1317 retval
= jtag_examine_chain();
1320 /* complete success */
1322 case ERROR_JTAG_INIT_SOFT_FAIL
:
1323 /* For backward compatibility reasons, try coping with
1324 * configuration errors involving only ID mismatches.
1325 * We might be able to talk to the devices.
1327 LOG_ERROR("Trying to use configured scan chain anyway...");
1328 issue_setup
= false;
1331 /* some hard error; already issued diagnostics */
1335 /* Now look at IR values. Problems here will prevent real
1336 * communication. They mostly mean that the IR length is
1337 * wrong ... or that the IR capture value is wrong. (The
1338 * latter is uncommon, but easily worked around: provide
1339 * ircapture/irmask values during TAP setup.)
1341 retval
= jtag_validate_ircapture();
1342 if (retval
!= ERROR_OK
)
1346 jtag_notify_event(JTAG_TAP_EVENT_SETUP
);
1348 LOG_WARNING("Bypassing JTAG setup events due to errors");
1354 int jtag_interface_quit(void)
1356 if (!jtag
|| !jtag
->quit
)
1359 // close the JTAG interface
1360 int result
= jtag
->quit();
1361 if (ERROR_OK
!= result
)
1362 LOG_ERROR("failed: %d", result
);
1368 int jtag_init_reset(struct command_context_s
*cmd_ctx
)
1372 if ((retval
= jtag_interface_init(cmd_ctx
)) != ERROR_OK
)
1375 LOG_DEBUG("Initializing with hard TRST+SRST reset");
1378 * This procedure is used by default when OpenOCD triggers a reset.
1379 * It's now done through an overridable Tcl "init_reset" wrapper.
1381 * This started out as a more powerful "get JTAG working" reset than
1382 * jtag_init_inner(), applying TRST because some chips won't activate
1383 * JTAG without a TRST cycle (presumed to be async, though some of
1384 * those chips synchronize JTAG activation using TCK).
1386 * But some chips only activate JTAG as part of an SRST cycle; SRST
1387 * got mixed in. So it became a hard reset routine, which got used
1388 * in more places, and which coped with JTAG reset being forced as
1389 * part of SRST (srst_pulls_trst).
1391 * And even more corner cases started to surface: TRST and/or SRST
1392 * assertion timings matter; some chips need other JTAG operations;
1393 * TRST/SRST sequences can need to be different from these, etc.
1395 * Systems should override that wrapper to support system-specific
1396 * requirements that this not-fully-generic code doesn't handle.
1398 * REVISIT once Tcl code can read the reset_config modes, this won't
1399 * need to be a C routine at all...
1401 jtag_add_reset(1, 0); /* TAP_RESET, using TMS+TCK or TRST */
1402 if (jtag_reset_config
& RESET_HAS_SRST
)
1404 jtag_add_reset(1, 1);
1405 if ((jtag_reset_config
& RESET_SRST_PULLS_TRST
) == 0)
1406 jtag_add_reset(0, 1);
1408 jtag_add_reset(0, 0);
1409 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1412 /* Check that we can communication on the JTAG chain + eventually we want to
1413 * be able to perform enumeration only after OpenOCD has started
1414 * telnet and GDB server
1416 * That would allow users to more easily perform any magic they need to before
1419 return jtag_init_inner(cmd_ctx
);
1422 int jtag_init(struct command_context_s
*cmd_ctx
)
1426 if ((retval
= jtag_interface_init(cmd_ctx
)) != ERROR_OK
)
1429 /* guard against oddball hardware: force resets to be inactive */
1430 jtag_add_reset(0, 0);
1431 if ((retval
= jtag_execute_queue()) != ERROR_OK
)
1434 if (Jim_Eval_Named(interp
, "jtag_init", __FILE__
, __LINE__
) != JIM_OK
)
1440 unsigned jtag_get_speed_khz(void)
1445 static int jtag_khz_to_speed(unsigned khz
, int* speed
)
1447 LOG_DEBUG("convert khz to interface specific speed value");
1451 LOG_DEBUG("have interface set up");
1453 int retval
= jtag
->khz(jtag_get_speed_khz(), &speed_div1
);
1454 if (ERROR_OK
!= retval
)
1458 *speed
= speed_div1
;
1463 static int jtag_rclk_to_speed(unsigned fallback_speed_khz
, int* speed
)
1465 int retval
= jtag_khz_to_speed(0, speed
);
1466 if ((ERROR_OK
!= retval
) && fallback_speed_khz
)
1468 LOG_DEBUG("trying fallback speed...");
1469 retval
= jtag_khz_to_speed(fallback_speed_khz
, speed
);
1474 static int jtag_set_speed(int speed
)
1477 /* this command can be called during CONFIG,
1478 * in which case jtag isn't initialized */
1479 return jtag
? jtag
->speed(speed
) : ERROR_OK
;
1482 int jtag_config_speed(int speed
)
1484 LOG_DEBUG("handle jtag speed");
1485 clock_mode
= CLOCK_MODE_SPEED
;
1486 return jtag_set_speed(speed
);
1489 int jtag_config_khz(unsigned khz
)
1491 LOG_DEBUG("handle jtag khz");
1492 clock_mode
= CLOCK_MODE_KHZ
;
1494 int retval
= jtag_khz_to_speed(khz
, &speed
);
1495 return (ERROR_OK
!= retval
) ? retval
: jtag_set_speed(speed
);
1498 int jtag_config_rclk(unsigned fallback_speed_khz
)
1500 LOG_DEBUG("handle jtag rclk");
1501 clock_mode
= CLOCK_MODE_RCLK
;
1502 rclk_fallback_speed_khz
= fallback_speed_khz
;
1504 int retval
= jtag_rclk_to_speed(fallback_speed_khz
, &speed
);
1505 return (ERROR_OK
!= retval
) ? retval
: jtag_set_speed(speed
);
1508 int jtag_get_speed(void)
1513 case CLOCK_MODE_SPEED
:
1516 case CLOCK_MODE_KHZ
:
1517 jtag_khz_to_speed(jtag_get_speed_khz(), &speed
);
1519 case CLOCK_MODE_RCLK
:
1520 jtag_rclk_to_speed(rclk_fallback_speed_khz
, &speed
);
1523 LOG_ERROR("BUG: unknown jtag clock mode");
1530 int jtag_get_speed_readable(int *khz
)
1532 return jtag
? jtag
->speed_div(jtag_get_speed(), khz
) : ERROR_OK
;
1535 void jtag_set_verify(bool enable
)
1537 jtag_verify
= enable
;
1540 bool jtag_will_verify()
1545 void jtag_set_verify_capture_ir(bool enable
)
1547 jtag_verify_capture_ir
= enable
;
1550 bool jtag_will_verify_capture_ir()
1552 return jtag_verify_capture_ir
;
1555 int jtag_power_dropout(int *dropout
)
1557 return jtag
->power_dropout(dropout
);
1560 int jtag_srst_asserted(int *srst_asserted
)
1562 return jtag
->srst_asserted(srst_asserted
);
1565 enum reset_types
jtag_get_reset_config(void)
1567 return jtag_reset_config
;
1569 void jtag_set_reset_config(enum reset_types type
)
1571 jtag_reset_config
= type
;
1574 int jtag_get_trst(void)
1578 int jtag_get_srst(void)
1583 void jtag_set_nsrst_delay(unsigned delay
)
1585 jtag_nsrst_delay
= delay
;
1587 unsigned jtag_get_nsrst_delay(void)
1589 return jtag_nsrst_delay
;
1591 void jtag_set_ntrst_delay(unsigned delay
)
1593 jtag_ntrst_delay
= delay
;
1595 unsigned jtag_get_ntrst_delay(void)
1597 return jtag_ntrst_delay
;
1601 void jtag_set_nsrst_assert_width(unsigned delay
)
1603 jtag_nsrst_assert_width
= delay
;
1605 unsigned jtag_get_nsrst_assert_width(void)
1607 return jtag_nsrst_assert_width
;
1609 void jtag_set_ntrst_assert_width(unsigned delay
)
1611 jtag_ntrst_assert_width
= delay
;
1613 unsigned jtag_get_ntrst_assert_width(void)
1615 return jtag_ntrst_assert_width
;
Linking to existing account procedure
If you already have an account and want to add another login method
you
MUST first sign in with your existing account and
then change URL to read
https://review.openocd.org/login/?link
to get to this page again but this time it'll work for linking. Thank you.
SSH host keys fingerprints
1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=.. |
|+o.. . |
|*.o . . |
|+B . . . |
|Bo. = o S |
|Oo.+ + = |
|oB=.* = . o |
| =+=.+ + E |
|. .=o . o |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)