1 /*! \file jtagarm7tdmi.h
2 \brief JTAG handler functions for the ARM7TDMI family of processors
8 #define JTAGSTATE_ARM 0 // bit 4 on dbg status reg is low
9 #define JTAGSTATE_THUMB 1
11 #define ARMTCKTOCK CLRTCK; PLEDOUT^=PLEDPIN; SETTCK; PLEDOUT^=PLEDPIN;
12 // ASSUME RUN-TEST/IDLE STATE
13 #define SHIFT_IR SETTMS;TCKTOCK;TCKTOCK;CLRTMS;TCKTOCK;TCKTOCK;
14 #define SHIFT_DR SETTMS;TCKTOCK;CLRTMS;TCKTOCK;TCKTOCK;
18 unsigned char current_chain;
19 unsigned char last_halt_debug_state = -1;
20 unsigned long last_halt_pc = -1;
21 unsigned long count_dbgspd_instr_since_debug = 0;
22 unsigned long count_sysspd_instr_since_debug = 0;
25 void jtag_goto_shift_ir();
26 void jtag_goto_shift_dr();
27 void jtag_reset_to_runtest_idle();
28 void jtag_arm_tcktock();
31 // JTAGARM7TDMI Commands
33 //! Write data to address.
34 unsigned long jtagarm7tdmi_writemem(unsigned long adr, unsigned long data);
35 //! Read data from address
36 unsigned long jtagarm7tdmi_readmem(unsigned long adr);
39 unsigned long jtagarm7tdmi_haltcpu();
41 unsigned long jtagarm7tdmi_releasecpu();
43 //! Set the program counter.
44 void jtagarm7tdmi_setpc(unsigned long adr);
46 //! Write data to address.
47 unsigned long jtagarm7tdmi_writeflash(unsigned long adr, unsigned long data);
51 unsigned long jtagarm7tdmi_start(void);
52 //! Reset TAP State Machine
53 void jtagarm7tdmi_resettap();
55 //! ARM-specific JTAG bit-transfer
56 unsigned long jtagarmtransn(unsigned long word, unsigned char bitcount, unsigned char lsb, unsigned char end, unsigned char retidle);
58 //! Grab debug register - Expect chain 2 to be selected
59 unsigned long jtagarm7tdmi_get_dbgstate() ;
61 unsigned long jtagarm7tdmi_idcode();
62 //! Connect Bypass Register to TDO/TDI
63 unsigned char jtagarm7tdmi_bypass();
64 //! Connect the appropriate scan chain to TDO/TDI
65 unsigned long jtagarm7tdmi_scan_intest(int n);
67 // ARM7TDMI-specific pins
68 // DBGRQ - GoodFET Pin 8
72 The instruction register is 4 bits in length.
73 There is no parity bit.
74 The fixed value 0001 is loaded into the instruction register during the CAPTURE-IR
76 The least significant bit of the instruction register is scanned in and scanned out first.
79 //4-bit ARM7TDMI JTAG commands, bit-swapped
80 #define ARM7TDMI_IR_EXTEST 0x0
81 #define ARM7TDMI_IR_SCAN_N 0x2
82 #define ARM7TDMI_IR_SAMPLE 0x3
83 #define ARM7TDMI_IR_RESTART 0x4
84 #define ARM7TDMI_IR_CLAMP 0x5
85 #define ARM7TDMI_IR_HIGHZ 0x7
86 #define ARM7TDMI_IR_CLAMPZ 0x9
87 #define ARM7TDMI_IR_INTEST 0xC
88 #define ARM7TDMI_IR_IDCODE 0xE
89 #define ARM7TDMI_IR_BYPASS 0xF
91 // read 3 bit - Debug Control
92 #define EICE_DBGCTRL 0
93 #define EICE_DBGCTRL_BITLEN 3
94 // read 5 bit - Debug Status
95 #define EICE_DBGSTATUS 1
96 #define EICE_DBGSTATUS_BITLEN 5
97 // read 6 bit - Debug Comms Control Register
99 #define EICE_DBGCCR_BITLEN 6
100 // r/w 32 bit - Debug Comms Data Register
101 #define EICE_DBGCDR 5
102 // r/w 32 bit - Watchpoint 0 Address
103 #define EICE_WP0ADDR 8
104 // r/w 32 bit - Watchpoint 0 Addres Mask
105 #define EICE_WP0ADDRMASK 9
106 // r/w 32 bit - Watchpoint 0 Data
107 #define EICE_WP0DATA 10
108 // r/w 32 bit - Watchpoint 0 Data Masl
109 #define EICE_WP0DATAMASK 11
110 // r/w 9 bit - Watchpoint 0 Control Value
111 #define EICE_WP0CTRL 12
112 // r/w 8 bit - Watchpoint 0 Control Mask
113 #define EICE_WP0CTRLMASK 13
114 // r/w 32 bit - Watchpoint 0 Address
115 #define EICE_WP1ADDR 16
116 // r/w 32 bit - Watchpoint 0 Addres Mask
117 #define EICE_WP1ADDRMASK 17
118 // r/w 32 bit - Watchpoint 0 Data
119 #define EICE_WP1DATA 18
120 // r/w 32 bit - Watchpoint 0 Data Masl
121 #define EICE_WP1DATAMASK 19
122 // r/w 9 bit - Watchpoint 0 Control Value
123 #define EICE_WP1CTRL 20
124 // r/w 8 bit - Watchpoint 0 Control Mask
125 #define EICE_WP1CTRLMASK 21
136 //JTAGARM7TDMI commands
137 #define JTAGARM7TDMI_GET_DEBUG_CTRL 0x80
138 #define JTAGARM7TDMI_SET_DEBUG_CTRL 0x81
139 #define JTAGARM7TDMI_GET_PC 0x82
140 #define JTAGARM7TDMI_SET_PC 0x83
141 #define JTAGARM7TDMI_GET_CHIP_ID 0x84
142 #define JTAGARM7TDMI_GET_DEBUG_STATE 0x85
143 #define JTAGARM7TDMI_GET_WATCHPOINT 0x86
144 #define JTAGARM7TDMI_SET_WATCHPOINT 0x87
145 #define JTAGARM7TDMI_GET_REGISTER 0x88
146 #define JTAGARM7TDMI_SET_REGISTER 0x89
147 #define JTAGARM7TDMI_GET_REGISTERS 0x8a
148 #define JTAGARM7TDMI_SET_REGISTERS 0x8b
149 #define JTAGARM7TDMI_HALTCPU 0x8c
150 #define JTAGARM7TDMI_RELEASECPU 0x8d
151 #define JTAGARM7TDMI_DEBUG_INSTR 0x8e
152 #define JTAGARM7TDMI_STEP_INSTR 0x8f
153 #define JTAGARM7TDMI_WRITEMEM 0x90
154 #define JTAGARM7TDMI_READMEM 0x91
155 #define JTAGARM7TDMI_WRITE_FLASH_PAGE 0x92
156 #define JTAGARM7TDMI_READ_FLASH_PAGE 0x93
157 #define JTAGARM7TDMI_MASS_ERASE_FLASH 0x94
158 #define JTAGARM7TDMI_PROGRAM_FLASH 0x95
159 #define JTAGARM7TDMI_LOCKCHIP 0x96
160 #define JTAGARM7TDMI_CHIP_ERASE 0x97
161 // Really ARM specific stuff
162 #define JTAGARM7TDMI_GET_CPSR 0x98
163 #define JTAGARM7TDMI_SET_CPSR 0x99
164 #define JTAGARM7TDMI_GET_SPSR 0x9a
165 #define JTAGARM7TDMI_SET_SPSR 0x9b
166 #define JTAGARM7TDMI_SET_MODE_THUMB 0x9c
167 #define JTAGARM7TDMI_SET_MODE_ARM 0x9d
170 // for deeper understanding, read the instruction cycle timing section of:
171 // http://www.atmel.com/dyn/resources/prod_documents/DDI0029G_7TDMI_R3_trm.pdf
172 #define EXECNOPARM 0xe1a00000L
173 #define ARM_INSTR_NOP 0xe1a00000L
174 //#define ARM_INSTR_STR_Rx_r14 0xe58e0000L // from atmel docs
175 #define ARM_INSTR_STR_Rx_r14 0xe5800000L // set both src and dest reg in code
176 #define ARM_READ_REG ARM_INSTR_STR_Rx_r14
177 //#define ARM_INSTR_LDR_Rx_r14 0xe59e0000L // from atmel docs
178 #define ARM_INSTR_LDR_Rx_r14 0xe5900000L // set both src and dest reg in code
179 #define ARM_WRITE_REG ARM_INSTR_LDR_Rx_r14
180 #define ARM_INSTR_LDR_R1_r0_4 0xe4901004L
181 #define ARM_READ_MEM ARM_INSTR_LDR_R1_r0_4
182 #define ARM_INSTR_MRS_R0_CPSR 0xf10f0000L
183 #define ARM_INSTR_MSR_cpsr_cxsf_R0 0xe12ff000L
184 #define ARM_INSTR_STMIA_R14_r0_rx 0xE88E0000L // add up to 65k to indicate which registers...
185 #define ARM_STORE_MULTIPLE ARM_INSTR_STMIA_R14_r0-rx
186 #define ARM_INSTR_SKANKREGS1 0xE88E00ffL
187 #define ARM_INSTR_SKANKREGS2 0xE88Eff00L
188 #define ARM_INSTR_CLOBBEREGS 0xE89EffffL
190 #define ARM_INSTR_B_PC 0xea000000L
191 #define ARM_INSTR_BX_PC 0xe1200010L // need to set r0 to the desired address
192 #define THUMB_INSTR_STR_R0_r0 0x60006000L
193 #define THUMB_INSTR_MOV_R0_PC 0x46b846b8L
194 #define THUMB_INSTR_BX_PC 0x47784778L
195 #define THUMB_INSTR_NOP 0x1c001c00L
196 #define ARM_REG_PC 15
198 #define JTAG_ARM7TDMI_DBG_DBGACK 1
199 #define JTAG_ARM7TDMI_DBG_DBGRQ 2
200 #define JTAG_ARM7TDMI_DBG_IFEN 4
201 #define JTAG_ARM7TDMI_DBG_cgenL 8
202 #define JTAG_ARM7TDMI_DBG_TBIT 16