2 \author Travis Goodspeed <travis at radiantmachines.com>
3 \brief MSP430 JTAG (16-bit)
11 unsigned int jtag430mode=MSP430X2MODE;
14 void jtag430_setr(u8 reg, u16 val){
15 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
16 jtag_dr_shift16(0x3401);// release low byte
17 jtag_ir_shift8(IR_DATA_16BIT);
19 //0x4030 is "MOV #foo, r0"
20 //Right-most field is register, so 0x4035 loads r5
21 jtag_dr_shift16(0x4030+reg);
24 jtag_dr_shift16(val);// Value for the register
26 jtag_ir_shift8(IR_ADDR_CAPTURE);
28 CLRTCLK ;// Now reg is set to new value.
29 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
30 jtag_dr_shift16(0x2401);// low byte controlled by JTAG
33 //! Set the program counter.
34 void jtag430_setpc(unsigned int adr){
39 void jtag430_haltcpu(){
40 //jtag430_setinstrfetch();
42 jtag_ir_shift8(IR_DATA_16BIT);
43 jtag_dr_shift16(0x3FFF);//JMP $+0
46 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
47 jtag_dr_shift16(0x2409);//set JTAG_HALT bit
52 void jtag430_releasecpu(){
54 debugstr("Releasing target MSP430.");
57 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
58 jtag_dr_shift16(0x2C01); //Apply reset.
59 jtag_dr_shift16(0x2401); //Release reset.
61 jtag_ir_shift8(IR_CNTRL_SIG_RELEASE);
65 //! Read data from address
66 unsigned int jtag430_readmem(unsigned int adr){
71 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
74 jtag_dr_shift16(0x2409);//word read
76 jtag_dr_shift16(0x2419);//byte read
77 jtag_ir_shift8(IR_ADDR_16BIT);
78 jtag_dr_shiftadr(adr);//address
79 jtag_ir_shift8(IR_DATA_TO_ADDR);
83 toret=jtag_dr_shift16(0x0000);//16 bit return
88 //! Write data to address.
89 void jtag430_writemem(unsigned int adr, unsigned int data){
91 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
93 jtag_dr_shift16(0x2408);//word write
95 jtag_dr_shift16(0x2418);//byte write
96 jtag_ir_shift8(IR_ADDR_16BIT);
97 jtag_dr_shiftadr(adr);
98 jtag_ir_shift8(IR_DATA_TO_ADDR);
99 jtag_dr_shift16(data);
103 //! Write data to flash memory. Must be preconfigured.
104 void jtag430_writeflashword(unsigned int adr, unsigned int data){
107 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
108 jtag_dr_shift16(0x2408);//word write
109 jtag_ir_shift8(IR_ADDR_16BIT);
110 jtag_dr_shiftadr(adr);
111 jtag_ir_shift8(IR_DATA_TO_ADDR);
112 jtag_dr_shift16(data);
115 //Return to read mode.
117 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
118 jtag_dr_shift16(0x2409);
121 jtag430_writemem(adr,data);
123 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
124 jtag_dr_shift16(0x2409);
128 jtag430_tclk_flashpulses(35); //35 standard
131 //! Configure flash, then write a word.
132 void jtag430_writeflash(unsigned int adr, unsigned int data){
135 //FCTL1=0xA540, enabling flash write
136 jtag430_writemem(0x0128, 0xA540);
137 //FCTL2=0xA540, selecting MCLK as source, DIV=1
138 jtag430_writemem(0x012A, 0xA540);
139 //FCTL3=0xA500, should be 0xA540 for Info Seg A on 2xx chips.
140 jtag430_writemem(0x012C, 0xA500); //all but info flash.
141 //if(jtag430_readmem(0x012C));
143 //Write the word itself.
144 jtag430_writeflashword(adr,data);
146 //FCTL1=0xA500, disabling flash write
147 jtag430_writemem(0x0128, 0xA500);
149 //jtag430_releasecpu();
159 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
160 jtag_dr_shift16(0x2C01); // apply
161 jtag_dr_shift16(0x2401); // remove
167 jtagid = jtag_ir_shift8(IR_ADDR_CAPTURE); // get JTAG identifier
170 jtag430_writemem(0x0120, 0x5A80); // Diabled Watchdog
175 #define ERASE_GLOB 0xA50E
176 #define ERASE_ALLMAIN 0xA50C
177 #define ERASE_MASS 0xA506
178 #define ERASE_MAIN 0xA504
179 #define ERASE_SGMT 0xA502
181 //! Configure flash, then write a word.
182 void jtag430_eraseflash(unsigned int mode, unsigned int adr, unsigned int count,
187 jtag430_writemem(0x0128, mode);
188 //FCTL2=0xA540, selecting MCLK as source, DIV=1
189 jtag430_writemem(0x012A, 0xA540);
190 //FCTL3=0xA500, should be 0xA540 for Info Seg A on 2xx chips.
192 jtag430_writemem(0x012C, 0xA540);
194 jtag430_writemem(0x012C, 0xA500);
196 //Write the erase word.
197 jtag430_writemem(adr, 0x55AA);
198 //Return to read mode.
200 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
201 jtag_dr_shift16(0x2409);
204 jtag430_tclk_flashpulses(count);
206 //FCTL1=0xA500, disabling flash write
207 jtag430_writemem(0x0128, 0xA500);
209 //jtag430_releasecpu();
213 //! Reset the TAP state machine.
214 void jtag430_resettap(){
222 // Navigate to reset state.
223 // Should be at least six.
236 Sometimes this isn't necessary. */
248 //! Start JTAG, take pins
249 void jtag430_start(){
252 //Known-good starting position.
253 //Might be unnecessary.
260 //Entry sequence from Page 67 of SLAU265A for 4-wire MSP430 JTAG
272 //Perform a reset and disable watchdog.
274 jtag430_writemem(0x120,0x5a80);//disable watchdog
281 debugstr("Exiting JTAG.");
284 //Known-good starting position.
285 //Might be unnecessary.
291 //Entry sequence from Page 67 of SLAU265A for 4-wire MSP430 JTAG
300 //! Set CPU to Instruction Fetch
301 void jtag430_setinstrfetch(){
303 jtag_ir_shift8(IR_CNTRL_SIG_CAPTURE);
305 // Wait until instruction fetch state.
307 if (jtag_dr_shift16(0x0000) & 0x0080)
315 //! Handles classic MSP430 JTAG commands. Forwards others to JTAG.
316 void jtag430handle(unsigned char app,
322 //debugstr("Classic MSP430 handler.");
326 * Sometimes JTAG doesn't init correctly.
327 * This restarts the connection if the masked-rom
328 * chip ID cannot be read. Should print warning
329 * for testing server.
331 while((i=jtag430_readmem(0xff0))==0xFFFF){
332 debugstr("Reconnecting to target MSP430.");
343 //TAP setup, fuse check
346 cmddata[0]=jtag_ir_shift8(IR_BYPASS);
354 case JTAG430_HALTCPU:
358 case JTAG430_RELEASECPU:
359 jtag430_releasecpu();
362 case JTAG430_SETINSTRFETCH:
363 jtag430_setinstrfetch();
367 case JTAG430_READMEM:
371 //Fetch large blocks for bulk fetches,
372 //small blocks for individual peeks.
374 len=(cmddataword[2]);//always even.
377 len&=~1;//clear lsbit
379 txhead(app,verb,len);
382 val=jtag430_readmem(at);
386 serial_tx((val&0xFF00)>>8);
389 case JTAG430_WRITEMEM:
392 jtag430_writemem(cmddataword[0],cmddataword[2]);
393 cmddataword[0]=jtag430_readmem(cmddataword[0]);
397 case JTAG430_WRITEFLASH:
399 //debugstr("Poking flash memory.");
400 jtag430_writeflash(cmddataword[0],cmddataword[2]);
402 //Try again if failure.
403 //if(cmddataword[2]!=jtag430_readmem(cmddataword[0]))
404 // jtag430_writeflash(cmddataword[0],cmddataword[2]);
407 cmddataword[0]=jtag430_readmem(cmddataword[0]);
411 case JTAG430_WRITEFLASH:
414 for(i=0;i<(len>>1)-2;i++){
415 //debugstr("Poking flash memory.");
416 jtag430_writeflash(at+(i<<1),cmddataword[i+2]);
417 //Reflash if needed. Try this twice to save grace?
418 if(cmddataword[i]!=jtag430_readmem(at))
419 jtag430_writeflash(at+(i<<1),cmddataword[i+2]);
422 //Return result of first write as a word.
423 cmddataword[0]=jtag430_readmem(cmddataword[0]);
427 case JTAG430_ERASEFLASH:
428 jtag430_eraseflash(ERASE_MASS,0xFFFE,0x3000,0);
431 case JTAG430_ERASEINFO:
432 jtag430_eraseflash(ERASE_SGMT,0x1000,0x3000,1);
437 debughex("Setting PC.");
438 debughex(cmddataword[0]);
439 jtag430_setpc(cmddataword[0]);
440 jtag430_releasecpu();
444 jtag430_setr(cmddata[0],cmddataword[1]);
448 //jtag430_getr(cmddata[0]);
449 debugstr("JTAG430_GETREG not yet implemented.");
450 cmddataword[0]=0xDEAD;
453 case JTAG430_COREIP_ID:
454 case JTAG430_DEVICE_ID:
461 jtaghandle(app,verb,len);
463 //jtag430_resettap(); //DO NOT UNCOMMENT