2 \author Travis Goodspeed <travis at radiantmachines.com>
3 \brief MSP430 JTAG (16-bit)
10 //! Handles classic MSP430 JTAG commands. Forwards others to JTAG.
11 void jtag430_handle_fn(uint8_t const app,
15 // define the jtag430 app's app_t
16 app_t const jtag430_app = {
28 "\tThe JTAG430 app adds to the basic JTAG app\n"
29 "\tsupport for JTAG'ing MSP430 devices.\n"
32 unsigned int jtag430mode=MSP430X2MODE;
35 void jtag430_setr(u8 reg, u16 val){
36 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
37 jtag_dr_shift16(0x3401);// release low byte
38 jtag_ir_shift8(IR_DATA_16BIT);
40 //0x4030 is "MOV #foo, r0"
41 //Right-most field is register, so 0x4035 loads r5
42 jtag_dr_shift16(0x4030+reg);
45 jtag_dr_shift16(val);// Value for the register
47 jtag_ir_shift8(IR_ADDR_CAPTURE);
49 CLRTCLK ;// Now reg is set to new value.
50 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
51 jtag_dr_shift16(0x2401);// low byte controlled by JTAG
54 //! Set the program counter.
55 void jtag430_setpc(unsigned int adr){
60 void jtag430_haltcpu(){
61 //jtag430_setinstrfetch();
63 jtag_ir_shift8(IR_DATA_16BIT);
64 jtag_dr_shift16(0x3FFF);//JMP $+0
67 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
68 jtag_dr_shift16(0x2409);//set JTAG_HALT bit
73 void jtag430_releasecpu(){
75 //debugstr("Releasing target MSP430.");
78 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
79 jtag_dr_shift16(0x2C01); //Apply reset.
80 jtag_dr_shift16(0x2401); //Release reset.
82 jtag_ir_shift8(IR_CNTRL_SIG_RELEASE);
86 //! Read data from address
87 unsigned int jtag430_readmem(unsigned int adr){
92 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
95 jtag_dr_shift16(0x2409);//word read
97 jtag_dr_shift16(0x2419);//byte read
98 jtag_ir_shift8(IR_ADDR_16BIT);
99 jtag_dr_shiftadr(adr);//address
100 jtag_ir_shift8(IR_DATA_TO_ADDR);
104 toret=jtag_dr_shift16(0x0000);//16 bit return
109 //! Write data to address.
110 void jtag430_writemem(unsigned int adr, unsigned int data){
112 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
114 jtag_dr_shift16(0x2408);//word write
116 jtag_dr_shift16(0x2418);//byte write
117 jtag_ir_shift8(IR_ADDR_16BIT);
118 jtag_dr_shiftadr(adr);
119 jtag_ir_shift8(IR_DATA_TO_ADDR);
120 jtag_dr_shift16(data);
124 //! Write data to flash memory. Must be preconfigured.
125 void jtag430_writeflashword(unsigned int adr, unsigned int data){
128 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
129 jtag_dr_shift16(0x2408);//word write
130 jtag_ir_shift8(IR_ADDR_16BIT);
131 jtag_dr_shiftadr(adr);
132 jtag_ir_shift8(IR_DATA_TO_ADDR);
133 jtag_dr_shift16(data);
136 //Return to read mode.
138 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
139 jtag_dr_shift16(0x2409);
142 jtag430_writemem(adr,data);
144 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
145 jtag_dr_shift16(0x2409);
149 jtag430_tclk_flashpulses(35); //35 standard
152 //! Configure flash, then write a word.
153 void jtag430_writeflash(unsigned int adr, unsigned int data){
156 //FCTL1=0xA540, enabling flash write
157 jtag430_writemem(0x0128, 0xA540);
158 //FCTL2=0xA540, selecting MCLK as source, DIV=1
159 jtag430_writemem(0x012A, 0xA540);
160 //FCTL3=0xA500, should be 0xA540 for Info Seg A on 2xx chips.
161 jtag430_writemem(0x012C, 0xA500); //all but info flash.
162 //if(jtag430_readmem(0x012C));
164 //Write the word itself.
165 jtag430_writeflashword(adr,data);
167 //FCTL1=0xA500, disabling flash write
168 jtag430_writemem(0x0128, 0xA500);
170 //jtag430_releasecpu();
180 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
181 jtag_dr_shift16(0x2C01); // apply
182 jtag_dr_shift16(0x2401); // remove
188 jtagid = jtag_ir_shift8(IR_ADDR_CAPTURE); // get JTAG identifier
191 jtag430_writemem(0x0120, 0x5A80); // Diabled Watchdog
196 #define ERASE_GLOB 0xA50E
197 #define ERASE_ALLMAIN 0xA50C
198 #define ERASE_MASS 0xA506
199 #define ERASE_MAIN 0xA504
200 #define ERASE_SGMT 0xA502
202 //! Configure flash, then write a word.
203 void jtag430_eraseflash(unsigned int mode, unsigned int adr, unsigned int count,
208 jtag430_writemem(0x0128, mode);
209 //FCTL2=0xA540, selecting MCLK as source, DIV=1
210 jtag430_writemem(0x012A, 0xA540);
211 //FCTL3=0xA500, should be 0xA540 for Info Seg A on 2xx chips.
213 jtag430_writemem(0x012C, 0xA540);
215 jtag430_writemem(0x012C, 0xA500);
217 //Write the erase word.
218 jtag430_writemem(adr, 0x55AA);
219 //Return to read mode.
221 jtag_ir_shift8(IR_CNTRL_SIG_16BIT);
222 jtag_dr_shift16(0x2409);
225 jtag430_tclk_flashpulses(count);
227 //FCTL1=0xA500, disabling flash write
228 jtag430_writemem(0x0128, 0xA500);
230 //jtag430_releasecpu();
234 //! Reset the TAP state machine.
235 void jtag430_resettap(){
243 // Navigate to reset state.
244 // Should be at least six.
257 Sometimes this isn't necessary. */
269 unsigned char jtagid;
272 unsigned char jtag430x2_jtagid(){
274 jtagid=jtag_ir_shift8(IR_BYPASS);
275 if(jtagid!=0x89 && jtagid!=0x91){
276 debugstr("Unknown JTAG ID");
281 //! Start JTAG, take pins
282 unsigned char jtag430x2_start(){
285 //Known-good starting position.
286 //Might be unnecessary.
292 //Entry sequence from Page 67 of SLAU265A for 4-wire MSP430 JTAG
305 //Perform a reset and disable watchdog.
306 return jtag430x2_jtagid();
310 //! Start JTAG, take pins
311 void jtag430_start(){
314 //Known-good starting position.
315 //Might be unnecessary.
322 //Entry sequence from Page 67 of SLAU265A for 4-wire MSP430 JTAG
334 //Perform a reset and disable watchdog.
336 jtag430_writemem(0x120,0x5a80);//disable watchdog
343 debugstr("Exiting JTAG.");
346 //Known-good starting position.
347 //Might be unnecessary.
353 //Entry sequence from Page 67 of SLAU265A for 4-wire MSP430 JTAG
362 //! Set CPU to Instruction Fetch
363 void jtag430_setinstrfetch(){
365 jtag_ir_shift8(IR_CNTRL_SIG_CAPTURE);
367 // Wait until instruction fetch state.
369 if (jtag_dr_shift16(0x0000) & 0x0080)
376 //! Grab the core ID.
377 unsigned int jtag430_coreid(){
378 jtag_ir_shift8(IR_COREIP_ID);
379 return jtag_dr_shift16(0);
382 //! Grab the device ID.
383 unsigned long jtag430_deviceid(){
384 jtag_ir_shift8(IR_DEVICE_ID);
385 return jtag_dr_shift20(0);
391 //! Handles classic MSP430 JTAG commands. Forwards others to JTAG.
392 void jtag430_handle_fn(uint8_t const app,
401 * Sometimes JTAG doesn't init correctly.
402 * This restarts the connection if the masked-rom
403 * chip ID cannot be read. Should print warning
404 * for testing server.
406 while((i=jtag430_readmem(0xff0))==0xFFFF){
407 debugstr("Reconnecting to target MSP430.");
416 /* old method, classic MSP430.
419 //TAP setup, fuse check
422 cmddata[0]=jtag_ir_shift8(IR_BYPASS);
428 jtag430mode=MSP430MODE;
430 /* So the way this works is that a width of 20 does some
431 backward-compatibility finagling, causing the correct value
432 to be exchanged for addresses on 16-bit chips as well as the
433 new MSP430X chips. (This has only been verified on the
434 MSP430F2xx family. TODO verify for others.)
439 //Perform a reset and disable watchdog.
441 jtag430_writemem(0x120,0x5a80);//disable watchdog
453 case JTAG430_HALTCPU:
457 case JTAG430_RELEASECPU:
458 jtag430_releasecpu();
461 case JTAG430_SETINSTRFETCH:
462 jtag430_setinstrfetch();
466 case JTAG430_READMEM:
470 //Fetch large blocks for bulk fetches,
471 //small blocks for individual peeks.
473 l=(cmddataword[2]);//always even.
479 for(i = 0; i < l; i += 2) {
481 val=jtag430_readmem(at);
485 serial_tx((val&0xFF00)>>8);
488 case JTAG430_WRITEMEM:
491 jtag430_writemem(cmddataword[0],cmddataword[2]);
492 cmddataword[0]=jtag430_readmem(cmddataword[0]);
496 case JTAG430_WRITEFLASH:
498 //debugstr("Poking flash memory.");
499 jtag430_writeflash(cmddataword[0],cmddataword[2]);
501 //Try again if failure.
502 //if(cmddataword[2]!=jtag430_readmem(cmddataword[0]))
503 // jtag430_writeflash(cmddataword[0],cmddataword[2]);
506 cmddataword[0]=jtag430_readmem(cmddataword[0]);
510 case JTAG430_WRITEFLASH:
513 for(i=0;i<(len>>1)-2;i++){
514 //debugstr("Poking flash memory.");
515 jtag430_writeflash(at+(i<<1),cmddataword[i+2]);
516 //Reflash if needed. Try this twice to save grace?
517 if(cmddataword[i]!=jtag430_readmem(at))
518 jtag430_writeflash(at+(i<<1),cmddataword[i+2]);
521 //Return result of first write as a word.
522 cmddataword[0]=jtag430_readmem(cmddataword[0]);
526 case JTAG430_ERASEFLASH:
527 jtag430_eraseflash(ERASE_MASS,0xFFFE,0x3000,0);
530 case JTAG430_ERASEINFO:
531 jtag430_eraseflash(ERASE_SGMT,0x1000,0x3000,1);
536 //debughex("Setting PC.");
537 //debughex(cmddataword[0]);
538 jtag430_setpc(cmddataword[0]);
539 jtag430_releasecpu();
543 jtag430_setr(cmddata[0],cmddataword[1]);
547 //jtag430_getr(cmddata[0]);
548 debugstr("JTAG430_GETREG not yet implemented.");
549 cmddataword[0]=0xDEAD;
552 case JTAG430_COREIP_ID:
553 cmddataword[0]=jtag430_coreid();
556 case JTAG430_DEVICE_ID:
557 cmddatalong[0]=jtag430_deviceid();
561 (*(jtag_app.handle))(app,verb,len);
563 //jtag430_resettap(); //DO NOT UNCOMMENT