/*! \file jtagarm7tdmi.c
- \author Matthew Carpenter <matt@inguardians.com>
- \brief ARM7TDMI JTAG (AT91R40008)
+ \brief ARM7TDMI JTAG (AT91R40008, AT91SAM7xxx)
*/
#include "platform.h"
http://hri.sourceforge.net/tools/jtag_faq_org.html
********************************/
+
+
+
+
+
/****************************************************************
Enabling jtag likely differs with most platforms. We will attempt to enable most from here. Override jtagarm7tdmi_start() to extend for other implementations
ARM7TDMI enables three different scan chains:
*PIN.17 (DBGRQ) Asynchronous debug request. DBGRQ allows an external signal to force the ARM core into debug mode, should be pull down to GND.
PIN.19 (DBGACK) Debug acknowledge. The ARM core acknowledges debug-mode inresponse to a DBGRQ input.
+
+----------- SAMPLE TIMES -----------
+
+TDI and TMS are sampled on the rising edge of TCK and TDO transitions appear on the falling edge of TCK. Therefore, TDI and TMS must be written after the falling edge of TCK and TDO must be read after the rising edge of TCK.
+
+for this module, we keep tck high for all changes/sampling, and then bounce it.
****************************************************************/
+
/************************** JTAGARM7TDMI Primitives ****************************/
void jtag_goto_shift_ir() {
SETTMS;
jtag_arm_tcktock();
jtag_arm_tcktock();
jtag_arm_tcktock();
+ jtag_arm_tcktock();
+ jtag_arm_tcktock();
+ jtag_arm_tcktock();
jtag_arm_tcktock(); // now in Reset state
CLRTMS;
jtag_arm_tcktock(); // now in Run-Test/Idle state
}
void jtag_arm_tcktock() {
+ delay(100); // FIXME: Should never wait this long...
CLRTCK;
- //PLEDOUT^=PLEDPIN;
+ PLEDOUT^=PLEDPIN;
+ delay(100); // FIXME: Should never wait this long...
SETTCK;
- //PLEDOUT^=PLEDPIN;
+ PLEDOUT^=PLEDPIN;
}
+
// ! Start JTAG, setup pins, reset TAP and return IDCODE
unsigned long jtagarm7tdmi_start() {
- debugstr("_start");
jtagsetup();
- //Known-good starting position.
- //Might be unnecessary.
- SETTST;
- SETRST;
-
- delay(0xFF);
-
- //Entry sequence from Page 67 of SLAU265A for 4-wire JTAG
- CLRRST;
- delay(20);
- CLRTST;
-
- msdelay(10);
- SETRST;
- /*
- P5DIR &=~RST;
- */
- delay(0xFF);
jtagarm7tdmi_resettap();
return jtagarm7tdmi_idcode();
}
//! Reset TAP State Machine
void jtagarm7tdmi_resettap(){ // PROVEN
- debugstr("_resettap");
current_chain = -1;
jtag_reset_to_runtest_idle();
}
+
+// NOTE: important: THIS MODULE REVOLVES AROUND RETURNING TO RUNTEST/IDLE, OR THE FUNCTIONAL EQUIVALENT
+
+
//! Shift N bits over TDI/TDO. May choose LSB or MSB, and select whether to terminate (TMS-high on last bit) and whether to return to RUNTEST/IDLE
unsigned long jtagarmtransn(unsigned long word, unsigned char bitcount, unsigned char lsb, unsigned char end, unsigned char retidle){ // PROVEN
unsigned int bit;
unsigned long high = 1;
unsigned long mask;
- debugstr("_transn");
- for (bit=(bitcount-1)/16; bit>0; bit--)
- high <<= 16;
- high <<= ((bitcount-1)%16);
+ //for (bit=(bitcount-1)/8; bit>0; bit--)
+ // high <<= 8;
+ //high <<= ((bitcount-1)%8);
+ high <<= (bitcount-1);
mask = high-1;
}
}
} else {
- for (bit=bitcount; bit>0; bit++) {
+ for (bit = bitcount; bit > 0; bit--) {
/* write MOSI on trailing edge of previous clock */
if (word & high)
{SETMOSI;}
jtag_arm_tcktock();
/* read MISO on trailing edge */
- word |= READMISO;
+ word |= (READMISO);
}
}
+
+
+ SETMOSI;
if (end){
// exit state
/************************** Basic JTAG Verb Commands *******************************/
//! Grab the core ID.
unsigned long jtagarm7tdmi_idcode(){ // PROVEN
- debugstr("_idcode");
jtagarm7tdmi_resettap();
SHIFT_IR;
jtagarmtransn(ARM7TDMI_IR_IDCODE, 4, LSB, END, RETIDLE);
//! Connect Bypass Register to TDO/TDI
unsigned char jtagarm7tdmi_bypass(){ // PROVEN
- debugstr("_bypass");
jtagarm7tdmi_resettap();
SHIFT_IR;
return jtagarmtransn(ARM7TDMI_IR_BYPASS, 4, LSB, END, NORETIDLE);
}
//! INTEST verb - do internal test
unsigned char jtagarm7tdmi_intest() {
- debugstr("_intest");
- jtagarm7tdmi_resettap();
SHIFT_IR;
return jtagarmtransn(ARM7TDMI_IR_INTEST, 4, LSB, END, NORETIDLE);
}
//! EXTEST verb
unsigned char jtagarm7tdmi_extest() {
- debugstr("_extest");
- jtagarm7tdmi_resettap();
SHIFT_IR;
return jtagarmtransn(ARM7TDMI_IR_EXTEST, 4, LSB, END, NORETIDLE);
}
//! SAMPLE verb
//unsigned long jtagarm7tdmi_sample() {
-// debugstr("_sample");
// jtagarm7tdmi_ir_shift4(ARM7TDMI_IR_SAMPLE); // ???? same here.
// return jtagtransn(0,32);
//}
//! RESTART verb
unsigned char jtagarm7tdmi_restart() {
- debugstr("_restart");
jtagarm7tdmi_resettap();
SHIFT_IR;
return jtagarmtransn(ARM7TDMI_IR_RESTART, 4, LSB, END, RETIDLE);
}
//! ARM7TDMI_IR_CLAMP 0x5
-unsigned long jtagarm7tdmi_clamp() {
- jtagarm7tdmi_resettap();
- SHIFT_IR;
- jtagarmtransn(ARM7TDMI_IR_CLAMP, 4, LSB, END, NORETIDLE);
- SHIFT_DR;
- return jtagarmtransn(0, 32, LSB, END, RETIDLE);
-}
+//unsigned long jtagarm7tdmi_clamp() {
+// jtagarm7tdmi_resettap();
+// SHIFT_IR;
+// jtagarmtransn(ARM7TDMI_IR_CLAMP, 4, LSB, END, NORETIDLE);
+// SHIFT_DR;
+// return jtagarmtransn(0, 32, LSB, END, RETIDLE);
+//}
//! ARM7TDMI_IR_HIGHZ 0x7
-unsigned char jtagarm7tdmi_highz() {
- jtagarm7tdmi_resettap();
- SHIFT_IR;
- return jtagarmtransn(ARM7TDMI_IR_HIGHZ, 4, LSB, END, NORETIDLE);
-}
+//unsigned char jtagarm7tdmi_highz() {
+// jtagarm7tdmi_resettap();
+// SHIFT_IR;
+// return jtagarmtransn(ARM7TDMI_IR_HIGHZ, 4, LSB, END, NORETIDLE);
+//}
//! define ARM7TDMI_IR_CLAMPZ 0x9
-unsigned char jtagarm7tdmi_clampz() {
- jtagarm7tdmi_resettap();
- SHIFT_IR;
- return jtagarmtransn(ARM7TDMI_IR_CLAMPZ, 4, LSB, END, NORETIDLE);
-}
+//unsigned char jtagarm7tdmi_clampz() {
+// jtagarm7tdmi_resettap();
+// SHIFT_IR;
+// return jtagarmtransn(ARM7TDMI_IR_CLAMPZ, 4, LSB, END, NORETIDLE);
+//}
//! Connect the appropriate scan chain to TDO/TDI. SCAN_N, INTEST, ENDS IN SHIFT_DR!!!!!
unsigned long jtagarm7tdmi_scan(int chain, int testmode) { // PROVEN
- debugstr("_scan");
/*
When selecting a scan chain the “Run Test/Idle” state should never be reached, other-
wise, when in debug state, the core will not be correctly isolated and intrusive
commands occur. Therefore, it is recommended to pass directly from the “Update”
state” to the “Select DR” state each time the “Update” state is reached.
*/
- //jtagarm7tdmi_resettap(); // assume already sane?
- if (current_chain == chain) {
- return chain;
- }
-
unsigned long retval;
- SHIFT_IR;
- jtagarmtransn(ARM7TDMI_IR_SCAN_N, 4, LSB, END, NORETIDLE);
- SHIFT_DR;
- retval = jtagarmtransn(chain, 4, LSB, END, NORETIDLE);
- current_chain = chain;
+ if (current_chain != chain) {
+ //debugstr("===change chains===");
+ SHIFT_IR;
+ jtagarmtransn(ARM7TDMI_IR_SCAN_N, 4, LSB, END, NORETIDLE);
+ SHIFT_DR;
+ retval = jtagarmtransn(chain, 4, LSB, END, NORETIDLE);
+ current_chain = chain;
+ } else
+ //debugstr("===NOT change chains===");
+ retval = current_chain;
// put in test mode...
SHIFT_IR;
jtagarmtransn(testmode, 4, LSB, END, RETIDLE);
-
- current_chain = chain;
-
return(retval);
}
}
-//! Connect the appropriate scan chain to TDO/TDI. SCAN_N, INTEST, ENDS IN SHIFT_DR!!!!!
-unsigned long jtagarm7tdmi_scan_extest(int chain) { // PROVEN
- return jtagarm7tdmi_scan(chain, ARM7TDMI_IR_EXTEST);
-}
-
-//! push an instruction into the pipeline - Assumes scan-chain 1 is already INTEST
-unsigned long jtagarm7tdmi_instr_primitive(unsigned long instr, char breakpt){
+//! push an instruction into the pipeline
+unsigned long jtagarm7tdmi_instr_primitive(unsigned long instr, char breakpt){ // PROVEN
unsigned long retval;
- // TOTALLY TESTING: FIXME: THIS IS NOT AS IT WANTS TO BE
jtagarm7tdmi_scan_intest(1);
- ////////////////////////////////////////////////////////
+
SHIFT_DR;
// if the next instruction is to run using MCLK (master clock), set TDI
if (breakpt)
CLRMOSI;
count_dbgspd_instr_since_debug++;
}
-
jtag_arm_tcktock();
// Now shift in the 32 bits
retval = jtagarmtransn(instr, 32, MSB, END, RETIDLE); // Must return to RUN-TEST/IDLE state for instruction to enter pipeline, and causes debug clock.
- //jtag_arm_tcktock();
return(retval);
}
-//! push a NOP instruction into the pipeline
-unsigned long jtagarm7tdmi_nop(char breakpt){
- return jtagarm7tdmi_nop(breakpt);
+//! push NOP into the instruction pipeline
+unsigned long jtagarm7tdmi_nop(char breakpt){ // PROVEN
+ return jtagarm7tdmi_instr_primitive(ARM_INSTR_NOP, breakpt);
}
-
/* stolen from ARM DDI0029G documentation, translated using ARM Architecture Reference Manual (14128.pdf)
STR R0, [R0]; Save R0 before use
MOV R0, PC ; Copy PC into R0
NOP
*/
+
//! set the current mode to ARM, returns PC (FIXME). Should be used by haltcpu(), which should also store PC and the THUMB state, for use by releasecpu();
unsigned long jtagarm7tdmi_setMode_ARM(){ // PROVEN
+ debugstr("=== Thumb Mode... Switching to ARM mode ===");
unsigned long retval = 0xff;
while ((jtagarm7tdmi_get_dbgstate() & JTAG_ARM7TDMI_DBG_TBIT)&& retval-- > 0){
- jtagarm7tdmi_scan_intest(1);
+ cmddataword[6] = jtagarm7tdmi_instr_primitive(THUMB_INSTR_NOP,0);
cmddataword[1] = jtagarm7tdmi_instr_primitive(THUMB_INSTR_STR_R0_r0,0);
cmddataword[2] = jtagarm7tdmi_instr_primitive(THUMB_INSTR_MOV_R0_PC,0);
cmddataword[3] = jtagarm7tdmi_instr_primitive(THUMB_INSTR_STR_R0_r0,0);
cmddataword[4] = jtagarm7tdmi_instr_primitive(THUMB_INSTR_BX_PC,0);
cmddataword[5] = jtagarm7tdmi_instr_primitive(THUMB_INSTR_NOP,0);
cmddataword[6] = jtagarm7tdmi_instr_primitive(THUMB_INSTR_NOP,0);
- delay(10);
+ jtagarm7tdmi_resettap(); // seems necessary for some reason. ugh.
}
return(retval);
}
//! shifter for writing to chain2 (EmbeddedICE).
unsigned long eice_write(unsigned char reg, unsigned long data){
unsigned long retval, temp;
+ debugstr("eice_write");
+ debughex(reg);
+ debughex32(data);
jtagarm7tdmi_scan_intest(2);
// Now shift in the 32 bits
SHIFT_DR;
retval = jtagarmtransn(data, 32, LSB, NOEND, NORETIDLE); // send in the data - 32-bits lsb
temp = jtagarmtransn(reg, 5, LSB, NOEND, NORETIDLE); // send in the register address - 5 bits lsb
- jtagarmtransn(1, 1, LSB, END, RETIDLE); // send in the register address - 5 bits lsb
+ jtagarmtransn(1, 1, LSB, END, RETIDLE); // send in the WRITE bit
//SETTMS; // Last Bit - Exit UPDATE_DR
//// is this update a read/write or just read?
//! shifter for reading from chain2 (EmbeddedICE).
unsigned long eice_read(unsigned char reg){ // PROVEN
- unsigned long temp;
+ unsigned long temp, retval;
+ debugstr("eice_read");
+ debughex(reg);
jtagarm7tdmi_scan_intest(2);
// send in the register address - 5 bits LSB
SHIFT_DR;
// Now shift out the 32 bits
- return(jtagarmtransn(0, 32, LSB, END, RETIDLE)); // atmel arm jtag docs pp.10-11: LSB first
+ retval = jtagarmtransn(0, 32, LSB, END, RETIDLE); // atmel arm jtag docs pp.10-11: LSB first
+ debughex32(retval);
+ return(retval); // atmel arm jtag docs pp.10-11: LSB first
}
//! Grab debug register
unsigned long jtagarm7tdmi_get_dbgstate() { // ICE Debug register, *NOT* ARM register DSCR // PROVEN
//jtagarm7tdmi_resettap();
- //jtagarm7tdmi_scan(2, ARM7TDMI_IR_INTEST); // select ICEBreaker
return eice_read(EICE_DBGSTATUS);
}
//! Grab debug register
unsigned long jtagarm7tdmi_get_dbgctrl() {
- //jtagarm7tdmi_resettap();
- //jtagarm7tdmi_scan_intest(2); // select ICEBreaker
return eice_read(EICE_DBGCTRL);
}
//! Update debug register
unsigned long jtagarm7tdmi_set_dbgctrl(unsigned long bits) {
- //jtagarm7tdmi_resettap();
- //jtagarm7tdmi_scan_intest(2); // select ICEBreaker
return eice_write(EICE_DBGCTRL, bits);
}
//! Set and Enable Watchpoint 0
void jtagarm7tdmi_set_watchpoint0(unsigned long addr, unsigned long addrmask, unsigned long data, unsigned long datamask, unsigned long ctrl, unsigned long ctrlmask){
- // select ICEBreaker
- jtagarm7tdmi_scan_intest(2);
// store watchpoint info? - not right now
- // write 0 in watchpoint 0 address
- eice_write(EICE_WP0ADDR, addr);
- // write 0xffffffff in watchpoint 0 address mask
- eice_write(EICE_WP0ADDRMASK, addrmask);
- // write 0 in watchpoint 0 data
- eice_write(EICE_WP0DATA, data);
- // write 0xffffffff in watchpoint 0 data mask
- eice_write(EICE_WP0DATAMASK, datamask);
- // write 0x00000100 in watchpoint 0 control value register (enables watchpoint)
- eice_write(EICE_WP0CTRL, ctrlmask);
- // write 0xfffffff7 in watchpoint 0 control mask - only detect the fetch instruction
- eice_write(EICE_WP0CTRLMASK, ctrlmask);
+ // FIXME: store info
+
+ eice_write(EICE_WP0ADDR, addr); // write 0 in watchpoint 0 address
+ eice_write(EICE_WP0ADDRMASK, addrmask); // write 0xffffffff in watchpoint 0 address mask
+ eice_write(EICE_WP0DATA, data); // write 0 in watchpoint 0 data
+ eice_write(EICE_WP0DATAMASK, datamask); // write 0xffffffff in watchpoint 0 data mask
+ eice_write(EICE_WP0CTRL, ctrlmask); // write 0x00000100 in watchpoint 0 control value register (enables watchpoint)
+ eice_write(EICE_WP0CTRLMASK, ctrlmask); // write 0xfffffff7 in watchpoint 0 control mask - only detect the fetch instruction
}
//! Set and Enable Watchpoint 1
void jtagarm7tdmi_set_watchpoint1(unsigned long addr, unsigned long addrmask, unsigned long data, unsigned long datamask, unsigned long ctrl, unsigned long ctrlmask){
- // select ICEBreaker
- //jtagarm7tdmi_scan_intest(2);
// store watchpoint info? - not right now
- // write 0 in watchpoint 1 address
- eice_write(EICE_WP1ADDR, addr);
- // write 0xffffffff in watchpoint 1 address mask
- eice_write(EICE_WP1ADDRMASK, addrmask);
- // write 0 in watchpoint 1 data
- eice_write(EICE_WP1DATA, data);
- // write 0xffffffff in watchpoint 1 data mask
- eice_write(EICE_WP1DATAMASK, datamask);
- // write 0x00000100 in watchpoint 1 control value register (enables watchpoint)
- eice_write(EICE_WP1CTRL, ctrl);
- // write 0xfffffff7 in watchpoint 1 control mask - only detect the fetch instruction
- eice_write(EICE_WP1CTRLMASK, ctrlmask);
+ // FIXME: store info
+
+ eice_write(EICE_WP1ADDR, addr); // write 0 in watchpoint 1 address
+ eice_write(EICE_WP1ADDRMASK, addrmask); // write 0xffffffff in watchpoint 1 address mask
+ eice_write(EICE_WP1DATA, data); // write 0 in watchpoint 1 data
+ eice_write(EICE_WP1DATAMASK, datamask); // write 0xffffffff in watchpoint 1 data mask
+ eice_write(EICE_WP1CTRL, ctrl); // write 0x00000100 in watchpoint 1 control value register (enables watchpoint)
+ eice_write(EICE_WP1CTRLMASK, ctrlmask); // write 0xfffffff7 in watchpoint 1 control mask - only detect the fetch instruction
}
//! Disable Watchpoint 0
void jtagarm7tdmi_disable_watchpoint0(){
- // select ICEBreaker
- //jtagarm7tdmi_scan_intest(2);
- // write 0 in watchpoint 0 control value - disables watchpoint 0
- eice_write(EICE_WP0CTRL, 0x0);
+ eice_write(EICE_WP0CTRL, 0x0); // write 0 in watchpoint 0 control value - disables watchpoint 0
}
//! Disable Watchpoint 1
void jtagarm7tdmi_disable_watchpoint1(){
- // select ICEBreaker
- //jtagarm7tdmi_scan_intest(2);
- // write 0 in watchpoint 0 control value - disables watchpoint 0
- eice_write(EICE_WP1CTRL, 0x0);
+ eice_write(EICE_WP1CTRL, 0x0); // write 0 in watchpoint 0 control value - disables watchpoint 0
}
/******************** Complex Commands **************************/
-//! Push an instruction into the CPU pipeline
-// NOTE! Must provide EXECNOPARM for parameter if no parm is required.
-unsigned long test_exec(unsigned long instr, unsigned long parameter, unsigned char systemspeed) {
- unsigned long retval;
- // select chain 1
- //jtagarm7tdmi_scan_intest(1);
-
- cmddatalong[1] = jtagarm7tdmi_nop(0);
- cmddatalong[2] = jtagarm7tdmi_nop(systemspeed);
- // write 32-bit instruction code into DR
- cmddatalong[3] = jtagarm7tdmi_instr_primitive(instr, 0);
- cmddatalong[4] = jtagarm7tdmi_nop(0);
- cmddatalong[5] = jtagarm7tdmi_nop(0);
- // inject long
- cmddatalong[6] = jtagarm7tdmi_instr_primitive(parameter, 0);
- cmddatalong[7] = jtagarm7tdmi_nop(0);
- cmddatalong[8] = jtagarm7tdmi_nop(0);
- cmddatalong[9] = jtagarm7tdmi_nop(0);
- retval = cmddatalong[9];
-
- return(retval);
-}
-
//! Push an instruction into the CPU pipeline
// NOTE! Must provide EXECNOPARM for parameter if no parm is required.
unsigned long jtagarm7tdmi_exec(unsigned long instr, unsigned long parameter, unsigned char systemspeed) {
unsigned long retval;
- // select chain 1
- //jtagarm7tdmi_scan_intest(1);
-
- cmddatalong[1] = jtagarm7tdmi_nop(0);
- cmddatalong[2] = jtagarm7tdmi_nop(systemspeed);
- // write 32-bit instruction code into DR
- cmddatalong[3] = jtagarm7tdmi_instr_primitive(instr, 0);
- cmddatalong[4] = jtagarm7tdmi_nop(0);
- cmddatalong[5] = jtagarm7tdmi_nop(0);
- // inject long
- cmddatalong[6] = jtagarm7tdmi_instr_primitive(parameter, 0);
- retval = jtagarm7tdmi_nop(0);
- cmddatalong[8] = jtagarm7tdmi_nop(0);
- cmddatalong[9] = jtagarm7tdmi_nop(0);
- cmddatalong[7] = retval;
+
+ debughex32(jtagarm7tdmi_nop( 0));
+ debughex32(jtagarm7tdmi_nop(systemspeed));
+ debughex32(jtagarm7tdmi_instr_primitive(instr, 0)); // write 32-bit instruction code into DR
+ debughex32(jtagarm7tdmi_nop( 0));
+ debughex32(jtagarm7tdmi_nop( 0));
+ debughex32(jtagarm7tdmi_instr_primitive(parameter, 0)); // inject long
+ retval = jtagarm7tdmi_nop( 0);
+ debughex32(retval);
+ debughex32(jtagarm7tdmi_nop( 0));
+ debughex32(jtagarm7tdmi_nop( 0));
return(retval);
}
//! Retrieve a 32-bit Register value
-unsigned long jtagarm7tdmi_get_register(unsigned char reg) {
- unsigned long retval = 0, instr;
- //JTAGARM7TDMI_RESETTAP();
- // select chain 1, automatically put in INTEST
- //jtagarm7tdmi_scan_intest(1);
- instr = ARM_INSTR_STR_Rx_r14 + ((reg<<12)&0xf00);
- //retval = jtagarm7tdmi_exec(instr, 0);
- // push STR_Rx, [R14] into pipeline
- cmddatalong[1] = jtagarm7tdmi_instr_primitive(instr, 0);
- // push nop into pipeline - fetched
- cmddatalong[2] = jtagarm7tdmi_nop(0);
- // push nop into pipeline - decoded
- cmddatalong[3] = jtagarm7tdmi_nop(0);
- // push nop into pipeline - executed
- cmddatalong[4] = jtagarm7tdmi_nop(0);
- // recover 32-bit word
- //retval = jtagarmtransn(0, 32, LSB, END, RETIDLE);
- retval = jtagarm7tdmi_nop(0);
- cmddatalong[5] = retval;
- cmddatalong[6] = jtagarm7tdmi_nop(0);
- cmddatalong[7] = jtagarm7tdmi_nop(0);
- cmddatalong[8] = jtagarm7tdmi_nop(0);
+unsigned long jtagarm7tdmi_get_register(unsigned long reg) {
+ unsigned long retval = 0, instr, reg2;
+ reg2 = (reg&0xf);
+ // push nop into pipeline - clean out the pipeline...
+ instr = (unsigned long)(reg<<12) | (unsigned long)ARM_READ_REG; // STR Rx, [R14]
+ instr |= (unsigned long)((unsigned long)reg2<<8)<<8;
+ //instr = (unsigned long)(((unsigned long)reg<<12) | ARM_READ_REG);
+ //debugstr("Reading:");
+ debughex32(instr);
+
+ jtagarm7tdmi_nop( 0);
+ jtagarm7tdmi_nop( 0);
+ jtagarm7tdmi_nop( 0);
+ jtagarm7tdmi_instr_primitive(instr, 0);
+ jtagarm7tdmi_nop( 0); // push nop into pipeline - fetched
+ jtagarm7tdmi_nop( 0); // push nop into pipeline - decoded
+ jtagarm7tdmi_nop( 0); // push nop into pipeline - executed
+ retval = jtagarm7tdmi_nop( 0); // recover 32-bit word
+ debughex32(retval);
+ jtagarm7tdmi_nop( 0);
+ jtagarm7tdmi_nop( 0);
+ jtagarm7tdmi_nop( 0);
return retval;
}
//! Set a 32-bit Register value
-unsigned long jtagarm7tdmi_set_register(unsigned char reg, unsigned long val) {
- unsigned long retval = 0, instr;
- //jtagarm7tdmi_resettap();
- // select chain 1
- //jtagarm7tdmi_scan_intest(1);
- instr = ARM_INSTR_LDR_Rx_r14 + ((reg<<12)&0xf00);
- //retval = jtagarm7tdmi_exec(instr, 0);
- // push STR_Rx, [R14] into pipeline
- cmddatalong[1] = jtagarm7tdmi_instr_primitive(instr, 0);
- // push nop into pipeline - fetched
- cmddatalong[2] = jtagarm7tdmi_nop(0);
- // push nop into pipeline - decoded
- cmddatalong[2] = jtagarm7tdmi_nop(0);
+void jtagarm7tdmi_set_register(unsigned long reg, unsigned long val) {
+ unsigned long instr, reg2;
+ reg2 = (reg&0xf);
+ instr = (unsigned long)(((unsigned long)reg<<12) | ARM_WRITE_REG); // LDR Rx, [R14]
+ instr |= (unsigned long)((unsigned long)reg2<<8)<<8;
+ //instr |= (unsigned long)((((unsigned long)reg)&0x7)<<8)<<8;
+ //debugstr("Writing:");
+ debughex32(instr);
+ //debughex32(val);
+ jtagarm7tdmi_nop( 0); // push nop into pipeline - clean out the pipeline...
+ jtagarm7tdmi_nop( 0); // push nop into pipeline - clean out the pipeline...
+ jtagarm7tdmi_instr_primitive(instr, 0); // push instr into pipeline - fetch
+ jtagarm7tdmi_nop( 0); // push nop into pipeline - decode
+ //jtagarm7tdmi_nop( 0); // push nop into pipeline - execute
- // push 32-bit word on data bus - execute state
- //retval = jtagarmtransn(val, 32, LSB, END, RETIDLE);
- cmddatalong[3] = jtagarm7tdmi_instr_primitive(val, 0);
- // push nop into pipeline - executed
- cmddatalong[4] = jtagarm7tdmi_nop(0);
+ jtagarm7tdmi_instr_primitive(val, 0); // push 32-bit word on data bus
+ jtagarm7tdmi_instr_primitive(val, 0); // push 32-bit word on data bus
+ jtagarm7tdmi_instr_primitive(val, 0); // push 32-bit word on data bus
+ jtagarm7tdmi_nop( 0); // push nop into pipeline - executed
+ jtagarm7tdmi_nop( 0); // push nop into pipeline - executed
+
if (reg == ARM_REG_PC){
- cmddatalong[5] = jtagarm7tdmi_nop(0);
- cmddatalong[6] = jtagarm7tdmi_nop(0);
+ jtagarm7tdmi_nop( 0);
+ jtagarm7tdmi_nop( 0);
}
- retval = jtagarm7tdmi_nop(0);
- cmddatalong[7] = retval;
- return(retval);
+ jtagarm7tdmi_nop( 0);
}
-//! Get all registers. Return an array
-unsigned long* jtagarm7tdmi_get_registers() {
- //jtagarm7tdmi_scan_intest(1);
- cmddatalong[1] = jtagarm7tdmi_instr_primitive(ARM_INSTR_SKANKREGS,0);
- cmddatalong[2] = jtagarm7tdmi_nop(0);
- cmddatalong[3] = jtagarm7tdmi_nop(0);
- cmddatalong[4] = jtagarm7tdmi_nop(0);
- cmddatalong[5] = jtagarm7tdmi_nop(0);
- cmddatalong[6] = jtagarm7tdmi_nop(0);
- cmddatalong[7] = jtagarm7tdmi_nop(0);
- cmddatalong[8] = jtagarm7tdmi_nop(0);
- cmddatalong[9] = jtagarm7tdmi_nop(0);
- cmddatalong[10] = jtagarm7tdmi_nop(0);
- cmddatalong[11] = jtagarm7tdmi_nop(0);
- cmddatalong[12] = jtagarm7tdmi_nop(0);
- cmddatalong[13] = jtagarm7tdmi_nop(0);
- cmddatalong[14] = jtagarm7tdmi_nop(0);
- cmddatalong[15] = jtagarm7tdmi_nop(0);
- cmddatalong[16] = jtagarm7tdmi_nop(0);
- cmddatalong[17] = jtagarm7tdmi_nop(0);
- cmddatalong[18] = jtagarm7tdmi_nop(0);
- cmddatalong[19] = jtagarm7tdmi_nop(0);
- cmddatalong[20] = jtagarm7tdmi_nop(0);
- return registers;
+//! Get all registers, placing them into cmddatalong[0-15]
+void jtagarm7tdmi_get_registers() {
+ debugstr("First 8 registers:");
+ debugstr(" Instr and the first few pops from the instruction chain:");
+ debughex32(ARM_INSTR_SKANKREGS1);
+ debughex32(jtagarm7tdmi_nop( 0));
+ debughex32(jtagarm7tdmi_instr_primitive(ARM_INSTR_SKANKREGS1,0));
+ debughex32(jtagarm7tdmi_nop( 0));
+ debughex32(jtagarm7tdmi_nop( 0));
+ cmddatalong[ 0] = jtagarm7tdmi_nop( 0);
+ cmddatalong[ 1] = jtagarm7tdmi_nop( 0);
+ cmddatalong[ 2] = jtagarm7tdmi_nop( 0);
+ cmddatalong[ 3] = jtagarm7tdmi_nop( 0);
+ cmddatalong[ 4] = jtagarm7tdmi_nop( 0);
+ cmddatalong[ 5] = jtagarm7tdmi_nop( 0);
+ cmddatalong[ 6] = jtagarm7tdmi_nop( 0);
+ cmddatalong[ 7] = jtagarm7tdmi_nop( 0);
+
+ debugstr("Last 8 registers:");
+ debugstr(" Instr and the first few pops from the instruction chain:");
+ debughex32(ARM_INSTR_SKANKREGS2);
+ debughex32(jtagarm7tdmi_nop( 0));
+ //jtagarm7tdmi_nop( 0);
+ debughex32(jtagarm7tdmi_instr_primitive(ARM_INSTR_SKANKREGS2,0));
+ debughex32(jtagarm7tdmi_nop( 0));
+ debughex32(jtagarm7tdmi_nop( 0));
+ //jtagarm7tdmi_nop( 0);
+ //jtagarm7tdmi_nop( 0);
+ cmddatalong[ 8] = jtagarm7tdmi_nop( 0);
+ cmddatalong[ 9] = jtagarm7tdmi_nop( 0);
+ cmddatalong[10] = jtagarm7tdmi_nop( 0);
+ cmddatalong[11] = jtagarm7tdmi_nop( 0);
+ cmddatalong[12] = jtagarm7tdmi_nop( 0);
+ cmddatalong[13] = jtagarm7tdmi_nop( 0);
+ cmddatalong[14] = jtagarm7tdmi_nop( 0);
+ cmddatalong[15] = jtagarm7tdmi_nop( 0);
+ jtagarm7tdmi_nop( 0);
+}
+
+//! Set all registers from cmddatalong[0-15]
+void jtagarm7tdmi_set_registers() { //FIXME: BORKEN... TOTALLY TRYING TO BUY A VOWEL
+ debughex32(ARM_INSTR_CLOBBEREGS);
+ jtagarm7tdmi_nop( 0);
+ debughex32(jtagarm7tdmi_instr_primitive(ARM_INSTR_CLOBBEREGS,0));
+ jtagarm7tdmi_nop( 0);
+ jtagarm7tdmi_nop( 0);
+ debughex32(jtagarm7tdmi_instr_primitive(0x40,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x41,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x42,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x43,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x44,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x45,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x46,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x47,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x48,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x49,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x4a,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x4b,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x4c,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x4d,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x4e,0));
+ debughex32(jtagarm7tdmi_instr_primitive(0x4f,0));
}
//! Retrieve the CPSR Register value
unsigned long jtagarm7tdmi_get_regCPSR() {
unsigned long retval = 0;
- // select chain 1
- //cmddatalong[1] = jtagarm7tdmi_scan_intest(1);
-
- // push STR_Rx, [R14] into pipeline
- cmddatalong[1] = jtagarm7tdmi_instr_primitive(ARM_INSTR_MRS_R0_CPSR, 0);
- // push nop into pipeline - fetched
- cmddatalong[2] = jtagarm7tdmi_nop(0);
- // push nop into pipeline - decoded
- cmddatalong[3] = jtagarm7tdmi_nop(0);
- // push nop into pipeline - executed
- cmddatalong[4] = jtagarm7tdmi_nop(0);
- // recover 32-bit word
- retval = jtagarmtransn(0, 32, LSB, END, RETIDLE);
- cmddatalong[5] = retval;
+
+ debughex32(jtagarm7tdmi_nop( 0)); // push nop into pipeline - clean out the pipeline...
+ debughex32(jtagarm7tdmi_instr_primitive(ARM_INSTR_MRS_R0_CPSR, 0)); // push MRS_R0, CPSR into pipeline
+ debughex32(jtagarm7tdmi_nop( 0)); // push nop into pipeline - fetched
+ debughex32(jtagarm7tdmi_nop( 0)); // push nop into pipeline - decoded
+ debughex32(jtagarm7tdmi_nop( 0)); // push nop into pipeline - executed
+ retval = jtagarm7tdmi_nop( 0); // recover 32-bit word
+ debughex32(retval);
return retval;
}
//! Retrieve the CPSR Register value
unsigned long jtagarm7tdmi_set_regCPSR(unsigned long val) {
unsigned long retval = 0;
- // select chain 1
- //jtagarm7tdmi_scan_intest(1);
-
- // push MSR cpsr_cxsf, R0 into pipeline
- cmddatalong[1] = jtagarm7tdmi_instr_primitive(ARM_INSTR_MSR_cpsr_cxsf_R0, 0);
- // push nop into pipeline - fetched
- cmddatalong[2] = jtagarm7tdmi_nop(0);
- // push nop into pipeline - decoded
- cmddatalong[3] = jtagarm7tdmi_nop(0);
+
+ debughex32(jtagarm7tdmi_nop( 0)); // push nop into pipeline - clean out the pipeline...
+ debughex32(jtagarm7tdmi_instr_primitive(ARM_INSTR_MSR_cpsr_cxsf_R0, 0)); // push MSR cpsr_cxsf, R0 into pipeline
+ debughex32(jtagarm7tdmi_nop( 0)); // push nop into pipeline - fetched
+ debughex32(jtagarm7tdmi_nop( 0)); // push nop into pipeline - decoded
- // push 32-bit word on data bus
- retval = jtagarmtransn(val, 32, LSB, END, RETIDLE);
- // push nop into pipeline - executed
- cmddatalong[5] = jtagarm7tdmi_nop(0);
- cmddatalong[4] = retval;
+ retval = jtagarm7tdmi_instr_primitive(val, 0);// push 32-bit word on data bus
+ debughex32(jtagarm7tdmi_nop( 0)); // push nop into pipeline - executed
+ debughex32(retval);
return(retval);
}
//! Write data to address - Assume TAP in run-test/idle state
unsigned long jtagarm7tdmi_writemem(unsigned long adr, unsigned long data){
unsigned long r0=0, r1=-1;
- // select chain 1
- //jtagarm7tdmi_scan_intest(1);
- // store R0 and R1
- r0 = jtagarm7tdmi_get_register(0);
+ r0 = jtagarm7tdmi_get_register(0); // store R0 and R1
r1 = jtagarm7tdmi_get_register(1);
- // write address into R0
- jtagarm7tdmi_set_register(0, adr);
- // write data in R1
- jtagarm7tdmi_set_register(1, data);
- //retval = jtagarm7tdmi_exec(ARM_INSTR_LDR_R1_r0_4,1);
- // push nop into pipeline to "clean" it ???
- jtagarm7tdmi_nop(0);
- // push nop into pipeline with BREAKPT set
- jtagarm7tdmi_nop(1);
- // push LDR R1, R0, #4 into instruction pipeline
- jtagarm7tdmi_instr_primitive(ARM_INSTR_LDR_R1_r0_4, 0);
- // push nop into pipeline
- jtagarm7tdmi_nop(0);
- // restore R0 and R1
- jtagarm7tdmi_set_register(1, r1);
+ jtagarm7tdmi_set_register(0, adr); // write address into R0
+ jtagarm7tdmi_set_register(1, data); // write data in R1
+ jtagarm7tdmi_nop( 0); // push nop into pipeline to "clean" it ???
+ jtagarm7tdmi_nop( 1); // push nop into pipeline with BREAKPT set
+ jtagarm7tdmi_instr_primitive(ARM_INSTR_LDR_R1_r0_4, 0); // push LDR R1, R0, #4 into instruction pipeline
+ jtagarm7tdmi_nop( 0); // push nop into pipeline
+ jtagarm7tdmi_set_register(1, r1); // restore R0 and R1
jtagarm7tdmi_set_register(0, r0);
return(-1);
}
+
+
+
//! Read data from address
unsigned long jtagarm7tdmi_readmem(unsigned long adr){
unsigned long retval = 0;
unsigned long r0=0, r1=-1;
int waitcount = 0xfff;
- // select chain 1
- //jtagarm7tdmi_scan_intest(1);
- // select chain 2
- // store R0 and R1 - not yet...
- r0 = jtagarm7tdmi_get_register(0);
+ r0 = jtagarm7tdmi_get_register(0); // store R0 and R1
r1 = jtagarm7tdmi_get_register(1);
- // write address into R0
- jtagarm7tdmi_set_register(0, adr);
- // push nop into pipeline to "clean" it ???
- jtagarm7tdmi_nop(0);
- // push nop into pipeline with BREAKPT set
- jtagarm7tdmi_nop(1);
- // push LDR R1, R0, #4 into instruction pipeline
- jtagarm7tdmi_instr_primitive(ARM_INSTR_LDR_R1_r0_4, 0);
- // push nop into pipeline
- jtagarm7tdmi_nop(0);
- // SHIFT_IR with RESTART instruction
- jtagarm7tdmi_restart();
+ jtagarm7tdmi_set_register(0, adr); // write address into R0
+ jtagarm7tdmi_nop( 0); // push nop into pipeline to "clean" it ???
+ jtagarm7tdmi_nop( 1); // push nop into pipeline with BREAKPT set
+ jtagarm7tdmi_instr_primitive(ARM_INSTR_LDR_R1_r0_4, 0); // push LDR R1, R0, #4 into instruction pipeline
+ jtagarm7tdmi_nop( 0); // push nop into pipeline
+ jtagarm7tdmi_restart(); // SHIFT_IR with RESTART instruction
+
// Poll the Debug Status Register for DBGACK and nMREQ to be HIGH
- while ((jtagarm7tdmi_get_dbgstate() & 1) == 0 && waitcount > 0){
+ while ((jtagarm7tdmi_get_dbgstate() & 9) == 0 && waitcount > 0){
delay(1);
waitcount --;
}
- if (waitcount == 0xffff){
+ if (waitcount == 0){
return (-1);
} else {
- retval = jtagarm7tdmi_get_register(1);
- // read memory value from R1 register
- // restore R0 and R1
- jtagarm7tdmi_set_register(1, r1);
- jtagarm7tdmi_set_register(0, r0);
+ retval = jtagarm7tdmi_get_register(1); // read memory value from R1 register
+ jtagarm7tdmi_set_register(1, r1); // restore R0 and R1
+ jtagarm7tdmi_set_register(0, r0);
}
return retval;
}
}
//! Set Program Counter
-unsigned long jtagarm7tdmi_setpc(unsigned long adr){
- return jtagarm7tdmi_set_register(ARM_REG_PC, adr);
+void jtagarm7tdmi_setpc(unsigned long adr){
+ jtagarm7tdmi_set_register(ARM_REG_PC, adr);
}
//! Halt CPU - returns 0xffff if the operation fails to complete within
unsigned long jtagarm7tdmi_haltcpu(){ // PROVEN
int waitcount = 0xfff;
- // select ICEBreaker
- jtagarm7tdmi_scan_intest(2);
+
+/******** OLD WAY ********/
// store watchpoint info? - not right now
- // write 0 in watchpoint 1 address
- eice_write(EICE_WP1ADDR, 0);
- // write 0xffffffff in watchpoint 1 address mask
- eice_write(EICE_WP1ADDRMASK, 0xffffffff);
- // write 0 in watchpoint 1 data
- eice_write(EICE_WP1DATA, 0);
- // write 0xffffffff in watchpoint 1 data mask
- eice_write(EICE_WP1DATAMASK, 0xffffffff);
- // write 0x00000100 in watchpoint 1 control value register (enables watchpoint)
- eice_write(EICE_WP1CTRL, 0x100); //!!!!! WTF! THIS IS SUPPOSED TO BE 9 bits wide?!?
- // write 0xfffffff7 in watchpoint 1 control mask - only detect the fetch instruction
- eice_write(EICE_WP1CTRLMASK, 0xfffffff7); //!!!!! WTF! THIS IS SUPPOSED TO BE 8 bits wide?!?
+ eice_write(EICE_WP1ADDR, 0); // write 0 in watchpoint 1 address
+ eice_write(EICE_WP1ADDRMASK, 0xffffffff); // write 0xffffffff in watchpoint 1 address mask
+ eice_write(EICE_WP1DATA, 0); // write 0 in watchpoint 1 data
+ eice_write(EICE_WP1DATAMASK, 0xffffffff); // write 0xffffffff in watchpoint 1 data mask
+ eice_write(EICE_WP1CTRL, 0x100); // write 0x00000100 in watchpoint 1 control value register (enables watchpoint)
+ eice_write(EICE_WP1CTRLMASK, 0xfffffff7); // write 0xfffffff7 in watchpoint 1 control mask - only detect the fetch instruction
+/***************************/
+
+/******** NEW WAY *********/
+// eice_write(EICE_DBGCTRL, JTAG_ARM7TDMI_DBG_DBGRQ); // r/o register?
+/****************************/
+
// poll until debug status says the cpu is in debug mode
- while (!(jtagarm7tdmi_get_dbgstate() & 0x1) && waitcount > 0){
- delay(5);
- waitcount --;
+ while (!(jtagarm7tdmi_get_dbgstate() & 0x1) && waitcount-- > 0){
+ delay(1);
}
- // write 0 in watchpoint 0 control value - disables watchpoint 0
- eice_write(EICE_WP1CTRL, 0x0);
+
+/******** OLD WAY ********/
+ eice_write(EICE_WP1CTRL, 0x0); // write 0 in watchpoint 0 control value - disables watchpoint 0
+/***************************/
+
+/******** NEW WAY ********/
+// eice_write(EICE_DBGCTRL, 0); // r/o register?
+/***************************/
// store the debug state
last_halt_debug_state = jtagarm7tdmi_get_dbgstate();
- last_halt_pc = jtagarm7tdmi_getpc() - 4; // assume -4 for entering debug mode via watchpoint.
+ last_halt_pc = jtagarm7tdmi_getpc() - 4; // assume -4 for entering debug mode via watchpoint.
count_dbgspd_instr_since_debug = 0;
count_sysspd_instr_since_debug = 0;
- if (last_halt_debug_state & JTAG_ARM7TDMI_DBG_TBIT){
+
+ // get into ARM mode if the T flag is set (Thumb mode)
+ while (jtagarm7tdmi_get_dbgstate() & JTAG_ARM7TDMI_DBG_TBIT && waitcount-- > 0) {
jtagarm7tdmi_setMode_ARM();
}
+ jtagarm7tdmi_resettap();
return waitcount;
}
int waitcount = 0xfff;
unsigned long instr;
// somehow determine what PC should be (a couple ways possible, calculations required)
- //jtagarm7tdmi_scan_intest(1);
- // NOP
- jtagarm7tdmi_nop(0);
- // NOP/BREAKPT
- jtagarm7tdmi_nop(1);
-
- if (last_halt_debug_state & JTAG_ARM7TDMI_DBG_TBIT){
- instr = ARM_INSTR_BX_PC + 0x1000000 - (count_dbgspd_instr_since_debug) - (count_sysspd_instr_since_debug*3); //FIXME: make this right - can't we just do an a7solute b/bx?
+ jtagarm7tdmi_nop(0); // NOP
+ jtagarm7tdmi_nop(1); // NOP/BREAKPT
+
+ if (last_halt_debug_state & JTAG_ARM7TDMI_DBG_TBIT){ // FIXME: FORNICATED! BX requires register, thus more instrs... could we get away with the same instruction but +1 to offset?
+ instr = ARM_INSTR_B_PC + 0x1000001 - (count_dbgspd_instr_since_debug) - (count_sysspd_instr_since_debug*3); //FIXME: make this right - can't we just do an a7solute b/bx?
jtagarm7tdmi_instr_primitive(instr,0);
} else {
- instr = ARM_INSTR_B_PC + 0x1000000 - (count_dbgspd_instr_since_debug) - (count_sysspd_instr_since_debug*3); //FIXME: make this right - can't we just do an absolute b/bx?
+ instr = ARM_INSTR_B_PC + 0x1000000 - (count_dbgspd_instr_since_debug*4) - (count_sysspd_instr_since_debug*12);
jtagarm7tdmi_instr_primitive(instr,0);
}
- // VERB_RESTART
+
SHIFT_IR;
- jtagarmtransn(ARM7TDMI_IR_RESTART,4,LSB,END,RETIDLE);
+ jtagarmtransn(ARM7TDMI_IR_RESTART,4,LSB,END,RETIDLE); // VERB_RESTART
// wait until restart-bit set in debug state register
while ((jtagarm7tdmi_get_dbgstate() & JTAG_ARM7TDMI_DBG_DBGACK) && waitcount > 0){
- //delay(1);
+ msdelay(1);
waitcount --;
}
last_halt_debug_state = -1;
-
-
-
-
-
-
-
-
-
-
-
+///////////////////////////////////////////////////////////////////////////////////////////////////
//! Handles ARM7TDMI JTAG commands. Forwards others to JTAG.
void jtagarm7tdmihandle(unsigned char app, unsigned char verb, unsigned long len){
register char blocks;
unsigned long at;
jtagarm7tdmi_resettap();
- debugstr("Classic ARM JTAG handler.");
-
- //PLEDOUT^=PLEDPIN;
+
switch(verb){
case START:
//Enter JTAG mode.
- cmddatalong[0] = jtagarm7tdmi_start();
- cmddatalong[1] = jtagarm7tdmi_haltcpu();
+ debughex32(jtagarm7tdmi_start());
+ debughex32(jtagarm7tdmi_haltcpu());
//jtagarm7tdmi_resettap();
- txdata(app,verb,0x8);
+ debughex32(jtagarm7tdmi_get_dbgstate());
+
+ // DEBUG: FIXME: NOT PART OF OPERATIONAL CODE
+ //for (mlop=2;mlop<4;mlop++){
+ // jtagarm7tdmi_set_register(mlop, 0x43424140);
+ //}
+ /////////////////////////////////////////////
+ txdata(app,verb,0x4);
break;
case JTAGARM7TDMI_READMEM:
case PEEK:
jtagarm7tdmi_resettap();
cmddatalong[0] = jtagarm7tdmi_idcode();
txdata(app,verb,4);
- PLEDOUT^=PLEDPIN;
break;
//case JTAGARM7TDMI_WRITEFLASH:
//case JTAGARM7TDMI_ERASEFLASH:
case JTAGARM7TDMI_SET_PC:
- jtagarm7tdmi_resettap();
- cmddatalong[0] = jtagarm7tdmi_setpc(cmddatalong[0]);
- txdata(app,verb,4);
+ jtagarm7tdmi_setpc(cmddatalong[0]);
+ txdata(app,verb,0);
break;
case JTAGARM7TDMI_GET_DEBUG_CTRL:
- jtagarm7tdmi_resettap();
cmddatalong[0] = jtagarm7tdmi_get_dbgctrl();
txdata(app,verb,1);
break;
case JTAGARM7TDMI_SET_DEBUG_CTRL:
- jtagarm7tdmi_resettap();
cmddatalong[0] = jtagarm7tdmi_set_dbgctrl(cmddata[0]);
txdata(app,verb,4);
break;
case JTAGARM7TDMI_GET_PC:
- jtagarm7tdmi_resettap();
cmddatalong[0] = jtagarm7tdmi_getpc();
txdata(app,verb,4);
break;
case JTAGARM7TDMI_GET_DEBUG_STATE:
- jtagarm7tdmi_resettap(); // Shouldn't need this, but currently do. FIXME!
+ //jtagarm7tdmi_resettap(); // Shouldn't need this, but currently do. FIXME!
cmddatalong[0] = jtagarm7tdmi_get_dbgstate();
txdata(app,verb,4);
break;
//case JTAGARM7TDMI_SET_WATCHPOINT:
case JTAGARM7TDMI_GET_REGISTER:
jtagarm7tdmi_resettap();
- cmddatalong[0] = jtagarm7tdmi_get_register(cmddata[0]);
- txdata(app,verb,96);
+ val = cmddata[0];
+ cmddatalong[0] = jtagarm7tdmi_get_register(val);
+ //debughex32(cmddatalong[0]);
+ txdata(app,verb,4);
break;
- case JTAGARM7TDMI_SET_REGISTER:
+ case JTAGARM7TDMI_SET_REGISTER: // FIXME: NOT AT ALL CORRECT, THIS IS TESTING CODE ONLY
jtagarm7tdmi_resettap();
- cmddatalong[0] = cmddatalong[1];
+ debughex32(cmddatalong[1]);
jtagarm7tdmi_set_register(cmddata[0], cmddatalong[1]);
- txdata(app,verb,96);
+ cmddatalong[0] = cmddatalong[1];
+ txdata(app,verb,4);
break;
case JTAGARM7TDMI_GET_REGISTERS:
jtagarm7tdmi_resettap();
jtagarm7tdmi_get_registers();
- txdata(app,verb,80);
+ txdata(app,verb,64);
+ break;
+ case JTAGARM7TDMI_SET_REGISTERS:
+ jtagarm7tdmi_resettap();
+ jtagarm7tdmi_set_registers();
+ txdata(app,verb,64);
break;
- //case JTAGARM7TDMI_SET_REGISTERS:
case JTAGARM7TDMI_DEBUG_INSTR:
jtagarm7tdmi_resettap();
cmddataword[0] = jtagarm7tdmi_exec(cmddataword[0], cmddataword[1], cmddata[9]);
txdata(app,verb,80);
break;
- case JTAGARM7TDMI_STEP_INSTR:
+ //case JTAGARM7TDMI_STEP_INSTR:
/* case JTAGARM7TDMI_READ_CODE_MEMORY:
case JTAGARM7TDMI_WRITE_FLASH_PAGE:
case JTAGARM7TDMI_READ_FLASH_PAGE:
cmddatalong[0] = jtagarm7tdmi_bypass(cmddatalong[0]);
txdata(app,verb,4);
break;
- case 0xD1: // Set Scan Chain
- jtagarm7tdmi_resettap();
- cmddatalong[0] = test_exec(cmddatalong[0], EXECNOPARM, 0);
- txdata(app,verb,52);
- break;
- case 0xD3: // EXECUTE
- jtagarm7tdmi_resettap();
- //cmddatalong[0] = jtagarm7tdmi_exec(cmddatalong[0], EXECNOPARM, 0);
- cmddatalong[0] = test_exec(cmddatalong[0], EXECNOPARM, 0);
- txdata(app,verb,52);
- break;
- case 0xD4: // GET REGISTER
- jtagarm7tdmi_resettap();
- cmddatalong[0] = jtagarm7tdmi_get_register(cmddata[0]);
- txdata(app,verb,40);
- break;
- case 0xD5: // SET REGISTER
- jtagarm7tdmi_resettap();
- cmddatalong[0] = jtagarm7tdmi_set_register(cmddata[0], cmddatalong[1]);
- txdata(app,verb,40);
- break;
- case 0xD6: // SHIFT_DR
- SHIFT_DR;
- cmddatalong[0] = jtagarmtransn(cmddatalong[0], 32, LSB, END, RETIDLE);
- txdata(app,verb,4);
- break;
- case 0xD7: // INSTR_PRIMITIVE
- jtagarm7tdmi_resettap();
- // select chain 1
- jtagarm7tdmi_scan_intest(1);
- cmddatalong[0] = jtagarm7tdmi_instr_primitive(cmddatalong[0], 0);
- txdata(app,verb,4);
- break;
case 0xD8: // EICE_READ
jtagarm7tdmi_resettap();
cmddatalong[0] = eice_read(cmddatalong[0]);
cmddatalong[9] = jtagarmtransn(0x44444444, 1, MSB, NOEND, NORETIDLE);
cmddatalong[10] = jtagarmtransn(cmddatalong[8], 32, MSB, NOEND, NORETIDLE);
cmddatalong[11] = jtagarmtransn(cmddatalong[9], 1, MSB, END, RETIDLE);
+ jtagarm7tdmi_resettap();
txdata(app,verb,48);
break;
jtaghandle(app,verb,len);
}
}
+
+
+
+
+/*****************************
+Captured from FlySwatter against AT91SAM7S, to be used by me for testing. ignore
+
+> arm reg
+System and User mode registers
+ r0: 300000df r1: 00000000 r2: 58000000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 000000fc
+ cpsr: 00000093
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000000 spsr_abt: e00000ff
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+>
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Supervisor
+cpsr: 0x00000093 pc: 0x00000100
+System and User mode registers
+ r0: 300000df r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000100
+ cpsr: 00000093
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000000 spsr_abt: e00000ff
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+>
+ step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+> step;arm reg
+target state: halted
+target halted in ARM state due to single-step, current mode: Abort
+cpsr: 0x00000097 pc: 0x00000010
+System and User mode registers
+ r0: 300000e3 r1: 00000000 r2: 00200000 r3: 00200a75
+ r4: fffb0000 r5: 00000002 r6: 00000000 r7: 00200f6c
+ r8: 00000000 r9: 00000000 r10: ffffffff r11: 00000000
+ r12: 00000009 sp_usr: 00000000 lr_usr: 00000000 pc: 00000010
+ cpsr: 00000097
+
+FIQ mode shadow registers
+ r8_fiq: 00000000 r9_fiq: fffcc000 r10_fiq: fffff400 r11_fiq: fffff000
+ r12_fiq: 00200f44 sp_fiq: 00000000 lr_fiq: 00000000 spsr_fiq: f00000fb
+
+Supervisor mode shadow registers
+ sp_svc: 00201f78 lr_svc: 00200a75 spsr_svc: 400000b3
+
+Abort mode shadow registers
+ sp_abt: 00000000 lr_abt: 00000108 spsr_abt: 00000093
+
+IRQ mode shadow registers
+ sp_irq: 00000000 lr_irq: 00000000 spsr_irq: f000003b
+
+Undefined instruction mode shadow registers
+ sp_und: 00000000 lr_und: 00000000 spsr_und: 300000df
+>
+*/
projects / goodfet / blobdiff