1 /*! \file jtagarm7tdmi.h
2 \brief JTAG handler functions for the ARM7TDMI family of processors
8 #define JTAGSTATE_ARM 0 // bit 4 on dbg status reg is low
9 #define JTAGSTATE_THUMB 1
11 #define ARMTCKTOCK CLRTCK; PLEDOUT^=PLEDPIN; SETTCK; PLEDOUT^=PLEDPIN;
12 // ASSUME RUN-TEST/IDLE STATE
13 #define SHIFT_IR SETTMS;TCKTOCK;TCKTOCK;CLRTMS;TCKTOCK;TCKTOCK;
14 #define SHIFT_DR SETTMS;TCKTOCK;CLRTMS;TCKTOCK;TCKTOCK;
18 unsigned char current_chain;
19 unsigned char current_dbgstate = -1;
20 unsigned char last_halt_debug_state = -1;
21 unsigned long last_halt_pc = -1;
22 unsigned long count_dbgspd_instr_since_debug = 0;
23 unsigned long count_sysspd_instr_since_debug = 0;
26 void jtag_goto_shift_ir();
27 void jtag_goto_shift_dr();
28 void jtag_reset_to_runtest_idle();
29 void jtag_arm_tcktock();
32 // JTAGARM7TDMI Commands
34 //! Write data to address.
35 unsigned long jtagarm7tdmi_writemem(unsigned long adr, unsigned long data);
36 //! Read data from address
37 unsigned long jtagarm7tdmi_readmem(unsigned long adr);
40 unsigned long jtagarm7tdmi_haltcpu();
42 unsigned long jtagarm7tdmi_releasecpu();
44 //! Set the program counter.
45 void jtagarm7tdmi_setpc(unsigned long adr);
47 //! Write data to address.
48 unsigned long jtagarm7tdmi_writeflash(unsigned long adr, unsigned long data);
52 void jtagarm7tdmi_start(void);
53 //! Reset TAP State Machine
54 void jtagarm7tdmi_resettap();
56 //! ARM-specific JTAG bit-transfer
57 unsigned long jtagarmtransn(unsigned long word, unsigned char bitcount, unsigned char lsb, unsigned char end, unsigned char retidle);
59 //! Grab debug register - Expect chain 2 to be selected
60 unsigned long jtagarm7tdmi_get_dbgstate() ;
62 unsigned long jtagarm7tdmi_idcode();
63 //! Connect Bypass Register to TDO/TDI
64 unsigned char jtagarm7tdmi_bypass();
65 //! Connect the appropriate scan chain to TDO/TDI
66 unsigned long jtagarm7tdmi_scan_intest(int n);
67 //! Set a 32-bit ARM register
68 void jtagarm7tdmi_set_register(unsigned long reg, unsigned long val);
69 //! Get a 32-bit ARM register
70 unsigned long jtagarm7tdmi_get_register(unsigned long reg);
72 // ARM7TDMI-specific pins
73 // DBGRQ - GoodFET Pin 8
77 The instruction register is 4 bits in length.
78 There is no parity bit.
79 The fixed value 0001 is loaded into the instruction register during the CAPTURE-IR
81 The least significant bit of the instruction register is scanned in and scanned out first.
84 //4-bit ARM7TDMI JTAG commands, bit-swapped
85 #define ARM7TDMI_IR_EXTEST 0x0
86 #define ARM7TDMI_IR_SCAN_N 0x2
87 #define ARM7TDMI_IR_SAMPLE 0x3
88 #define ARM7TDMI_IR_RESTART 0x4
89 #define ARM7TDMI_IR_CLAMP 0x5
90 #define ARM7TDMI_IR_HIGHZ 0x7
91 #define ARM7TDMI_IR_CLAMPZ 0x9
92 #define ARM7TDMI_IR_INTEST 0xC
93 #define ARM7TDMI_IR_IDCODE 0xE
94 #define ARM7TDMI_IR_BYPASS 0xF
96 // read 3 bit - Debug Control
97 #define EICE_DBGCTRL 0
98 #define EICE_DBGCTRL_BITLEN 3
99 // read 5 bit - Debug Status
100 #define EICE_DBGSTATUS 1
101 #define EICE_DBGSTATUS_BITLEN 5
102 // read 6 bit - Debug Comms Control Register
103 #define EICE_DBGCCR 4
104 #define EICE_DBGCCR_BITLEN 6
105 // r/w 32 bit - Debug Comms Data Register
106 #define EICE_DBGCDR 5
107 // r/w 32 bit - Watchpoint 0 Address
108 #define EICE_WP0ADDR 8
109 // r/w 32 bit - Watchpoint 0 Addres Mask
110 #define EICE_WP0ADDRMASK 9
111 // r/w 32 bit - Watchpoint 0 Data
112 #define EICE_WP0DATA 10
113 // r/w 32 bit - Watchpoint 0 Data Masl
114 #define EICE_WP0DATAMASK 11
115 // r/w 9 bit - Watchpoint 0 Control Value
116 #define EICE_WP0CTRL 12
117 // r/w 8 bit - Watchpoint 0 Control Mask
118 #define EICE_WP0CTRLMASK 13
119 // r/w 32 bit - Watchpoint 0 Address
120 #define EICE_WP1ADDR 16
121 // r/w 32 bit - Watchpoint 0 Addres Mask
122 #define EICE_WP1ADDRMASK 17
123 // r/w 32 bit - Watchpoint 0 Data
124 #define EICE_WP1DATA 18
125 // r/w 32 bit - Watchpoint 0 Data Masl
126 #define EICE_WP1DATAMASK 19
127 // r/w 9 bit - Watchpoint 0 Control Value
128 #define EICE_WP1CTRL 20
129 // r/w 8 bit - Watchpoint 0 Control Mask
130 #define EICE_WP1CTRLMASK 21
133 //JTAGARM7TDMI commands
134 #define JTAGARM7_GET_REGISTER 0x87
135 #define JTAGARM7_SET_REGISTER 0x88
136 #define JTAGARM7_DEBUG_INSTR 0x89
137 // Really ARM specific stuff
138 #define JTAGARM7_SET_IR 0x90
139 #define JTAGARM7_WAIT_DBG 0x91
140 #define JTAGARM7_SHIFT_DR 0x92
141 #define JTAGARM7_CHAIN0 0x93
142 #define JTAGARM7_SCANCHAIN1 0x94
143 #define JTAGARM7_EICE_READ 0x95
144 #define JTAGARM7_EICE_WRITE 0x96
147 // for deeper understanding, read the instruction cycle timing section of:
148 // http://www.atmel.com/dyn/resources/prod_documents/DDI0029G_7TDMI_R3_trm.pdf
149 #define EXECNOPARM 0xe1a00000L
150 #define ARM_INSTR_NOP 0xe1a00000L
151 #define ARM_INSTR_BX_R0 0xe12fff10L
152 #define ARM_INSTR_STR_Rx_r14 0xe58f0000L // from atmel docs
153 #define ARM_READ_REG ARM_INSTR_STR_Rx_r14
154 #define ARM_INSTR_LDR_Rx_r14 0xe59f0000L // from atmel docs
155 #define ARM_WRITE_REG ARM_INSTR_LDR_Rx_r14
156 #define ARM_INSTR_LDR_R1_r0_4 0xe4901004L
157 #define ARM_READ_MEM ARM_INSTR_LDR_R1_r0_4
158 #define ARM_INSTR_STR_R1_r0_4 0xe4801004L
159 #define ARM_WRITE_MEM ARM_INSTR_STR_R1_r0_4
160 #define ARM_INSTR_MRS_R0_CPSR 0xe10f0000L
161 #define ARM_INSTR_MSR_cpsr_cxsf_R0 0xe12ff000L
162 #define ARM_INSTR_STMIA_R14_r0_rx 0xE88E0000L // add up to 65k to indicate which registers...
163 #define ARM_STORE_MULTIPLE ARM_INSTR_STMIA_R14_r0_rx
164 #define ARM_INSTR_SKANKREGS 0xE88F7fffL
165 #define ARM_INSTR_CLOBBEREGS 0xE89F7fffL
167 #define ARM_INSTR_B_IMM 0xea000000L
168 #define ARM_INSTR_BX_PC 0xe12fff10L // need to set r0 to the desired address
169 #define THUMB_INSTR_STR_R0_r0 0x60006000L
170 #define THUMB_INSTR_MOV_R0_PC 0x46b846b8L
171 #define THUMB_INSTR_BX_PC 0x47784778L
172 #define THUMB_INSTR_NOP 0x1c001c00L
173 #define ARM_REG_PC 15
175 #define JTAG_ARM7TDMI_DBG_DBGACK 1
176 #define JTAG_ARM7TDMI_DBG_DBGRQ 2
177 #define JTAG_ARM7TDMI_DBG_IFEN 4
178 #define JTAG_ARM7TDMI_DBG_cgenL 8
179 #define JTAG_ARM7TDMI_DBG_TBIT 16
projects / goodfet / blob