1 /***************************************************************************
2 * Copyright (C) 2009 Zachary T Welch *
3 * zw@superlucidity.net *
5 * Copyright (C) 2007,2008,2009 Øyvind Harboe *
6 * oyvind.harboe@zylin.com *
8 * Copyright (C) 2009 SoftPLC Corporation *
12 * Copyright (C) 2005 by Dominic Rath *
13 * Dominic.Rath@gmx.de *
15 * This program is free software; you can redistribute it and/or modify *
16 * it under the terms of the GNU General Public License as published by *
17 * the Free Software Foundation; either version 2 of the License, or *
18 * (at your option) any later version. *
20 * This program is distributed in the hope that it will be useful, *
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
23 * GNU General Public License for more details. *
25 * You should have received a copy of the GNU General Public License *
26 * along with this program; if not, write to the *
27 * Free Software Foundation, Inc., *
28 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
29 ***************************************************************************/
35 #include "interface.h"
42 /// The number of JTAG queue flushes (for profiling and debugging purposes).
43 static int jtag_flush_queue_count;
45 static void jtag_add_scan_check(struct jtag_tap *active,
46 void (*jtag_add_scan)(struct jtag_tap *active, int in_num_fields, const struct scan_field *in_fields, tap_state_t state),
47 int in_num_fields, struct scan_field *in_fields, tap_state_t state);
50 * The jtag_error variable is set when an error occurs while executing
51 * the queue. Application code may set this using jtag_set_error(),
52 * when an error occurs during processing that should be reported during
53 * jtag_execute_queue().
55 * Tts value may be checked with jtag_get_error() and cleared with
56 * jtag_error_clear(). This value is returned (and cleared) by
57 * jtag_execute_queue().
59 static int jtag_error = ERROR_OK;
61 static const char *jtag_event_strings[] =
63 [JTAG_TRST_ASSERTED] = "TAP reset",
64 [JTAG_TAP_EVENT_SETUP] = "TAP setup",
65 [JTAG_TAP_EVENT_ENABLE] = "TAP enabled",
66 [JTAG_TAP_EVENT_DISABLE] = "TAP disabled",
70 * JTAG adapters must initialize with TRST and SRST de-asserted
71 * (they're negative logic, so that means *high*). But some
72 * hardware doesn't necessarily work that way ... so set things
73 * up so that jtag_init() always forces that state.
75 static int jtag_trst = -1;
76 static int jtag_srst = -1;
79 * List all TAPs that have been created.
81 static struct jtag_tap *__jtag_all_taps = NULL;
83 * The number of TAPs in the __jtag_all_taps list, used to track the
84 * assigned chain position to new TAPs
86 static unsigned jtag_num_taps = 0;
88 static enum reset_types jtag_reset_config = RESET_NONE;
89 static tap_state_t cmd_queue_end_state = TAP_RESET;
90 tap_state_t cmd_queue_cur_state = TAP_RESET;
92 static bool jtag_verify_capture_ir = true;
93 static int jtag_verify = 1;
95 /* how long the OpenOCD should wait before attempting JTAG communication after reset lines deasserted (in ms) */
96 static int jtag_nsrst_delay = 0; /* default to no nSRST delay */
97 static int jtag_ntrst_delay = 0; /* default to no nTRST delay */
98 static int jtag_nsrst_assert_width = 0; /* width of assertion */
99 static int jtag_ntrst_assert_width = 0; /* width of assertion */
102 * Contains a single callback along with a pointer that will be passed
103 * when an event occurs.
105 struct jtag_event_callback {
107 jtag_event_handler_t callback;
108 /// the private data to pass to the callback
110 /// the next callback
111 struct jtag_event_callback* next;
114 /* callbacks to inform high-level handlers about JTAG state changes */
115 static struct jtag_event_callback *jtag_event_callbacks;
118 static int speed_khz = 0;
119 /* speed to fallback to when RCLK is requested but not supported */
120 static int rclk_fallback_speed_khz = 0;
121 static enum {CLOCK_MODE_SPEED, CLOCK_MODE_KHZ, CLOCK_MODE_RCLK} clock_mode;
122 static int jtag_speed = 0;
124 static struct jtag_interface *jtag = NULL;
127 struct jtag_interface *jtag_interface = NULL;
129 void jtag_set_error(int error)
131 if ((error == ERROR_OK) || (jtag_error != ERROR_OK))
135 int jtag_get_error(void)
139 int jtag_error_clear(void)
141 int temp = jtag_error;
142 jtag_error = ERROR_OK;
148 static bool jtag_poll = 1;
150 bool is_jtag_poll_safe(void)
152 /* Polling can be disabled explicitly with set_enabled(false).
153 * It is also implicitly disabled while TRST is active and
154 * while SRST is gating the JTAG clock.
156 if (!jtag_poll || jtag_trst != 0)
158 return jtag_srst == 0 || (jtag_reset_config & RESET_SRST_NO_GATING);
161 bool jtag_poll_get_enabled(void)
166 void jtag_poll_set_enabled(bool value)
173 struct jtag_tap *jtag_all_taps(void)
175 return __jtag_all_taps;
178 unsigned jtag_tap_count(void)
180 return jtag_num_taps;
183 unsigned jtag_tap_count_enabled(void)
185 struct jtag_tap *t = jtag_all_taps();
196 /// Append a new TAP to the chain of all taps.
197 void jtag_tap_add(struct jtag_tap *t)
199 t->abs_chain_position = jtag_num_taps++;
201 struct jtag_tap **tap = &__jtag_all_taps;
203 tap = &(*tap)->next_tap;
207 /* returns a pointer to the n-th device in the scan chain */
208 static inline struct jtag_tap *jtag_tap_by_position(unsigned n)
210 struct jtag_tap *t = jtag_all_taps();
218 struct jtag_tap *jtag_tap_by_string(const char *s)
220 /* try by name first */
221 struct jtag_tap *t = jtag_all_taps();
225 if (0 == strcmp(t->dotted_name, s))
230 /* no tap found by name, so try to parse the name as a number */
232 if (parse_uint(s, &n) != ERROR_OK)
235 /* FIXME remove this numeric fallback code late June 2010, along
236 * with all info in the User's Guide that TAPs have numeric IDs.
237 * Also update "scan_chain" output to not display the numbers.
239 t = jtag_tap_by_position(n);
241 LOG_WARNING("Specify TAP '%s' by name, not number %u",
247 struct jtag_tap* jtag_tap_next_enabled(struct jtag_tap* p)
249 p = p ? p->next_tap : jtag_all_taps();
259 const char *jtag_tap_name(const struct jtag_tap *tap)
261 return (tap == NULL) ? "(unknown)" : tap->dotted_name;
265 int jtag_register_event_callback(jtag_event_handler_t callback, void *priv)
267 struct jtag_event_callback **callbacks_p = &jtag_event_callbacks;
269 if (callback == NULL)
271 return ERROR_INVALID_ARGUMENTS;
276 while ((*callbacks_p)->next)
277 callbacks_p = &((*callbacks_p)->next);
278 callbacks_p = &((*callbacks_p)->next);
281 (*callbacks_p) = malloc(sizeof(struct jtag_event_callback));
282 (*callbacks_p)->callback = callback;
283 (*callbacks_p)->priv = priv;
284 (*callbacks_p)->next = NULL;
289 int jtag_unregister_event_callback(jtag_event_handler_t callback, void *priv)
291 struct jtag_event_callback **callbacks_p;
292 struct jtag_event_callback **next;
294 if (callback == NULL)
296 return ERROR_INVALID_ARGUMENTS;
299 for (callbacks_p = &jtag_event_callbacks;
300 *callbacks_p != NULL;
303 next = &((*callbacks_p)->next);
305 if ((*callbacks_p)->priv != priv)
308 if ((*callbacks_p)->callback == callback)
311 *callbacks_p = *next;
318 int jtag_call_event_callbacks(enum jtag_event event)
320 struct jtag_event_callback *callback = jtag_event_callbacks;
322 LOG_DEBUG("jtag event: %s", jtag_event_strings[event]);
326 struct jtag_event_callback *next;
328 /* callback may remove itself */
329 next = callback->next;
330 callback->callback(event, callback->priv);
337 static void jtag_checks(void)
339 assert(jtag_trst == 0);
342 static void jtag_prelude(tap_state_t state)
346 assert(state != TAP_INVALID);
348 cmd_queue_cur_state = state;
351 void jtag_alloc_in_value32(struct scan_field *field)
353 interface_jtag_alloc_in_value32(field);
356 void jtag_add_ir_scan_noverify(struct jtag_tap *active, const struct scan_field *in_fields,
361 int retval = interface_jtag_add_ir_scan(active, in_fields, state);
362 jtag_set_error(retval);
365 static void jtag_add_ir_scan_noverify_callback(struct jtag_tap *active, int dummy, const struct scan_field *in_fields,
368 jtag_add_ir_scan_noverify(active, in_fields, state);
371 void jtag_add_ir_scan(struct jtag_tap *active, struct scan_field *in_fields, tap_state_t state)
373 assert(state != TAP_RESET);
375 if (jtag_verify && jtag_verify_capture_ir)
377 /* 8 x 32 bit id's is enough for all invocations */
379 /* if we are to run a verification of the ir scan, we need to get the input back.
380 * We may have to allocate space if the caller didn't ask for the input back.
382 in_fields->check_value = active->expected;
383 in_fields->check_mask = active->expected_mask;
384 jtag_add_scan_check(active, jtag_add_ir_scan_noverify_callback, 1, in_fields, state);
387 jtag_add_ir_scan_noverify(active, in_fields, state);
391 void jtag_add_plain_ir_scan(int in_num_fields, const struct scan_field *in_fields,
394 assert(state != TAP_RESET);
398 int retval = interface_jtag_add_plain_ir_scan(
399 in_num_fields, in_fields, state);
400 jtag_set_error(retval);
403 static int jtag_check_value_inner(uint8_t *captured, uint8_t *in_check_value,
404 uint8_t *in_check_mask, int num_bits);
406 static int jtag_check_value_mask_callback(jtag_callback_data_t data0, jtag_callback_data_t data1, jtag_callback_data_t data2, jtag_callback_data_t data3)
408 return jtag_check_value_inner((uint8_t *)data0, (uint8_t *)data1, (uint8_t *)data2, (int)data3);
411 static void jtag_add_scan_check(struct jtag_tap *active, void (*jtag_add_scan)(struct jtag_tap *active, int in_num_fields, const struct scan_field *in_fields, tap_state_t state),
412 int in_num_fields, struct scan_field *in_fields, tap_state_t state)
414 for (int i = 0; i < in_num_fields; i++)
416 struct scan_field *field = &in_fields[i];
417 field->allocated = 0;
419 if (field->check_value || field->in_value)
421 interface_jtag_add_scan_check_alloc(field);
425 jtag_add_scan(active, in_num_fields, in_fields, state);
427 for (int i = 0; i < in_num_fields; i++)
429 if ((in_fields[i].check_value != NULL) && (in_fields[i].in_value != NULL))
431 /* this is synchronous for a minidriver */
432 jtag_add_callback4(jtag_check_value_mask_callback, (jtag_callback_data_t)in_fields[i].in_value,
433 (jtag_callback_data_t)in_fields[i].check_value,
434 (jtag_callback_data_t)in_fields[i].check_mask,
435 (jtag_callback_data_t)in_fields[i].num_bits);
437 if (in_fields[i].allocated)
439 free(in_fields[i].in_value);
441 if (in_fields[i].modified)
443 in_fields[i].in_value = NULL;
448 void jtag_add_dr_scan_check(struct jtag_tap *active, int in_num_fields, struct scan_field *in_fields, tap_state_t state)
452 jtag_add_scan_check(active, jtag_add_dr_scan, in_num_fields, in_fields, state);
455 jtag_add_dr_scan(active, in_num_fields, in_fields, state);
460 void jtag_add_dr_scan(struct jtag_tap *active, int in_num_fields, const struct scan_field *in_fields,
463 assert(state != TAP_RESET);
468 retval = interface_jtag_add_dr_scan(active, in_num_fields, in_fields, state);
469 jtag_set_error(retval);
472 void jtag_add_plain_dr_scan(int in_num_fields, const struct scan_field *in_fields,
475 assert(state != TAP_RESET);
480 retval = interface_jtag_add_plain_dr_scan(in_num_fields, in_fields, state);
481 jtag_set_error(retval);
484 void jtag_add_tlr(void)
486 jtag_prelude(TAP_RESET);
487 jtag_set_error(interface_jtag_add_tlr());
489 /* NOTE: order here matches TRST path in jtag_add_reset() */
490 jtag_call_event_callbacks(JTAG_TRST_ASSERTED);
491 jtag_notify_event(JTAG_TRST_ASSERTED);
495 * If supported by the underlying adapter, this clocks a raw bit sequence
496 * onto TMS for switching betwen JTAG and SWD modes.
498 * DO NOT use this to bypass the integrity checks and logging provided
499 * by the jtag_add_pathmove() and jtag_add_statemove() calls.
501 * @param nbits How many bits to clock out.
502 * @param seq The bit sequence. The LSB is bit 0 of seq[0].
503 * @param state The JTAG tap state to record on completion. Use
504 * TAP_INVALID to represent being in in SWD mode.
506 * @todo Update naming conventions to stop assuming everything is JTAG.
508 int jtag_add_tms_seq(unsigned nbits, const uint8_t *seq, enum tap_state state)
512 if (!(jtag->supported & DEBUG_CAP_TMS_SEQ))
513 return ERROR_JTAG_NOT_IMPLEMENTED;
516 cmd_queue_cur_state = state;
518 retval = interface_add_tms_seq(nbits, seq, state);
519 jtag_set_error(retval);
523 void jtag_add_pathmove(int num_states, const tap_state_t *path)
525 tap_state_t cur_state = cmd_queue_cur_state;
527 /* the last state has to be a stable state */
528 if (!tap_is_state_stable(path[num_states - 1]))
530 LOG_ERROR("BUG: TAP path doesn't finish in a stable state");
531 jtag_set_error(ERROR_JTAG_NOT_STABLE_STATE);
535 for (int i = 0; i < num_states; i++)
537 if (path[i] == TAP_RESET)
539 LOG_ERROR("BUG: TAP_RESET is not a valid state for pathmove sequences");
540 jtag_set_error(ERROR_JTAG_STATE_INVALID);
544 if (tap_state_transition(cur_state, true) != path[i]
545 && tap_state_transition(cur_state, false) != path[i])
547 LOG_ERROR("BUG: %s -> %s isn't a valid TAP transition",
548 tap_state_name(cur_state), tap_state_name(path[i]));
549 jtag_set_error(ERROR_JTAG_TRANSITION_INVALID);
557 jtag_set_error(interface_jtag_add_pathmove(num_states, path));
558 cmd_queue_cur_state = path[num_states - 1];
561 int jtag_add_statemove(tap_state_t goal_state)
563 tap_state_t cur_state = cmd_queue_cur_state;
565 if (goal_state != cur_state)
567 LOG_DEBUG("cur_state=%s goal_state=%s",
568 tap_state_name(cur_state),
569 tap_state_name(goal_state));
572 /* If goal is RESET, be paranoid and force that that transition
573 * (e.g. five TCK cycles, TMS high). Else trust "cur_state".
575 if (goal_state == TAP_RESET)
577 else if (goal_state == cur_state)
578 /* nothing to do */ ;
580 else if (tap_is_state_stable(cur_state) && tap_is_state_stable(goal_state))
582 unsigned tms_bits = tap_get_tms_path(cur_state, goal_state);
583 unsigned tms_count = tap_get_tms_path_len(cur_state, goal_state);
584 tap_state_t moves[8];
585 assert(tms_count < ARRAY_SIZE(moves));
587 for (unsigned i = 0; i < tms_count; i++, tms_bits >>= 1)
589 bool bit = tms_bits & 1;
591 cur_state = tap_state_transition(cur_state, bit);
592 moves[i] = cur_state;
595 jtag_add_pathmove(tms_count, moves);
597 else if (tap_state_transition(cur_state, true) == goal_state
598 || tap_state_transition(cur_state, false) == goal_state)
600 jtag_add_pathmove(1, &goal_state);
609 void jtag_add_runtest(int num_cycles, tap_state_t state)
612 jtag_set_error(interface_jtag_add_runtest(num_cycles, state));
616 void jtag_add_clocks(int num_cycles)
618 if (!tap_is_state_stable(cmd_queue_cur_state))
620 LOG_ERROR("jtag_add_clocks() called with TAP in unstable state \"%s\"",
621 tap_state_name(cmd_queue_cur_state));
622 jtag_set_error(ERROR_JTAG_NOT_STABLE_STATE);
629 jtag_set_error(interface_jtag_add_clocks(num_cycles));
633 void jtag_add_reset(int req_tlr_or_trst, int req_srst)
635 int trst_with_tlr = 0;
639 /* Without SRST, we must use target-specific JTAG operations
640 * on each target; callers should not be requesting SRST when
641 * that signal doesn't exist.
643 * RESET_SRST_PULLS_TRST is a board or chip level quirk, which
644 * can kick in even if the JTAG adapter can't drive TRST.
647 if (!(jtag_reset_config & RESET_HAS_SRST)) {
648 LOG_ERROR("BUG: can't assert SRST");
649 jtag_set_error(ERROR_FAIL);
652 if ((jtag_reset_config & RESET_SRST_PULLS_TRST) != 0
653 && !req_tlr_or_trst) {
654 LOG_ERROR("BUG: can't assert only SRST");
655 jtag_set_error(ERROR_FAIL);
661 /* JTAG reset (entry to TAP_RESET state) can always be achieved
662 * using TCK and TMS; that may go through a TAP_{IR,DR}UPDATE
663 * state first. TRST accelerates it, and bypasses those states.
665 * RESET_TRST_PULLS_SRST is a board or chip level quirk, which
666 * can kick in even if the JTAG adapter can't drive SRST.
668 if (req_tlr_or_trst) {
669 if (!(jtag_reset_config & RESET_HAS_TRST))
671 else if ((jtag_reset_config & RESET_TRST_PULLS_SRST) != 0
678 /* Maybe change TRST and/or SRST signal state */
679 if (jtag_srst != new_srst || jtag_trst != new_trst) {
682 retval = interface_jtag_add_reset(new_trst, new_srst);
683 if (retval != ERROR_OK)
684 jtag_set_error(retval);
686 retval = jtag_execute_queue();
688 if (retval != ERROR_OK) {
689 LOG_ERROR("TRST/SRST error %d", retval);
694 /* SRST resets everything hooked up to that signal */
695 if (jtag_srst != new_srst) {
696 jtag_srst = new_srst;
699 LOG_DEBUG("SRST line asserted");
700 if (jtag_nsrst_assert_width)
701 jtag_add_sleep(jtag_nsrst_assert_width * 1000);
704 LOG_DEBUG("SRST line released");
705 if (jtag_nsrst_delay)
706 jtag_add_sleep(jtag_nsrst_delay * 1000);
710 /* Maybe enter the JTAG TAP_RESET state ...
711 * - using only TMS, TCK, and the JTAG state machine
712 * - or else more directly, using TRST
714 * TAP_RESET should be invisible to non-debug parts of the system.
717 LOG_DEBUG("JTAG reset with TLR instead of TRST");
718 jtag_set_end_state(TAP_RESET);
721 } else if (jtag_trst != new_trst) {
722 jtag_trst = new_trst;
724 LOG_DEBUG("TRST line asserted");
725 tap_set_state(TAP_RESET);
726 if (jtag_ntrst_assert_width)
727 jtag_add_sleep(jtag_ntrst_assert_width * 1000);
729 LOG_DEBUG("TRST line released");
730 if (jtag_ntrst_delay)
731 jtag_add_sleep(jtag_ntrst_delay * 1000);
733 /* We just asserted nTRST, so we're now in TAP_RESET.
734 * Inform possible listeners about this, now that
735 * JTAG instructions and data can be shifted. This
736 * sequence must match jtag_add_tlr().
738 jtag_call_event_callbacks(JTAG_TRST_ASSERTED);
739 jtag_notify_event(JTAG_TRST_ASSERTED);
744 tap_state_t jtag_set_end_state(tap_state_t state)
746 if ((state == TAP_DRSHIFT)||(state == TAP_IRSHIFT))
748 LOG_ERROR("BUG: TAP_DRSHIFT/IRSHIFT can't be end state. Calling code should use a larger scan field");
751 if (state != TAP_INVALID)
752 cmd_queue_end_state = state;
753 return cmd_queue_end_state;
756 tap_state_t jtag_get_end_state(void)
758 return cmd_queue_end_state;
761 void jtag_add_sleep(uint32_t us)
763 /// @todo Here, keep_alive() appears to be a layering violation!!!
765 jtag_set_error(interface_jtag_add_sleep(us));
768 static int jtag_check_value_inner(uint8_t *captured, uint8_t *in_check_value,
769 uint8_t *in_check_mask, int num_bits)
771 int retval = ERROR_OK;
775 compare_failed = buf_cmp_mask(captured, in_check_value, in_check_mask, num_bits);
777 compare_failed = buf_cmp(captured, in_check_value, num_bits);
779 if (compare_failed) {
780 char *captured_str, *in_check_value_str;
781 int bits = (num_bits > DEBUG_JTAG_IOZ)
785 /* NOTE: we've lost diagnostic context here -- 'which tap' */
787 captured_str = buf_to_str(captured, bits, 16);
788 in_check_value_str = buf_to_str(in_check_value, bits, 16);
790 LOG_WARNING("Bad value '%s' captured during DR or IR scan:",
792 LOG_WARNING(" check_value: 0x%s", in_check_value_str);
795 free(in_check_value_str);
798 char *in_check_mask_str;
800 in_check_mask_str = buf_to_str(in_check_mask, bits, 16);
801 LOG_WARNING(" check_mask: 0x%s", in_check_mask_str);
802 free(in_check_mask_str);
805 retval = ERROR_JTAG_QUEUE_FAILED;
810 void jtag_check_value_mask(struct scan_field *field, uint8_t *value, uint8_t *mask)
812 assert(field->in_value != NULL);
816 /* no checking to do */
820 jtag_execute_queue_noclear();
822 int retval = jtag_check_value_inner(field->in_value, value, mask, field->num_bits);
823 jtag_set_error(retval);
828 int default_interface_jtag_execute_queue(void)
832 LOG_ERROR("No JTAG interface configured yet. "
833 "Issue 'init' command in startup scripts "
834 "before communicating with targets.");
838 return jtag->execute_queue();
841 void jtag_execute_queue_noclear(void)
843 jtag_flush_queue_count++;
844 jtag_set_error(interface_jtag_execute_queue());
847 int jtag_get_flush_queue_count(void)
849 return jtag_flush_queue_count;
852 int jtag_execute_queue(void)
854 jtag_execute_queue_noclear();
855 return jtag_error_clear();
858 static int jtag_reset_callback(enum jtag_event event, void *priv)
860 struct jtag_tap *tap = priv;
862 if (event == JTAG_TRST_ASSERTED)
864 tap->enabled = !tap->disabled_after_reset;
866 /* current instruction is either BYPASS or IDCODE */
867 buf_set_ones(tap->cur_instr, tap->ir_length);
874 void jtag_sleep(uint32_t us)
876 alive_sleep(us/1000);
879 /* Maximum number of enabled JTAG devices we expect in the scan chain,
880 * plus one (to detect garbage at the end). Devices that don't support
881 * IDCODE take up fewer bits, possibly allowing a few more devices.
883 #define JTAG_MAX_CHAIN_SIZE 20
885 #define EXTRACT_MFG(X) (((X) & 0xffe) >> 1)
886 #define EXTRACT_PART(X) (((X) & 0xffff000) >> 12)
887 #define EXTRACT_VER(X) (((X) & 0xf0000000) >> 28)
889 /* A reserved manufacturer ID is used in END_OF_CHAIN_FLAG, so we
890 * know that no valid TAP will have it as an IDCODE value.
892 #define END_OF_CHAIN_FLAG 0x000000ff
894 /* a larger IR length than we ever expect to autoprobe */
895 #define JTAG_IRLEN_MAX 60
897 static int jtag_examine_chain_execute(uint8_t *idcode_buffer, unsigned num_idcode)
899 struct scan_field field = {
900 .num_bits = num_idcode * 32,
901 .out_value = idcode_buffer,
902 .in_value = idcode_buffer,
905 // initialize to the end of chain ID value
906 for (unsigned i = 0; i < JTAG_MAX_CHAIN_SIZE; i++)
907 buf_set_u32(idcode_buffer, i * 32, 32, END_OF_CHAIN_FLAG);
909 jtag_add_plain_dr_scan(1, &field, TAP_DRPAUSE);
911 return jtag_execute_queue();
914 static bool jtag_examine_chain_check(uint8_t *idcodes, unsigned count)
916 uint8_t zero_check = 0x0;
917 uint8_t one_check = 0xff;
919 for (unsigned i = 0; i < count * 4; i++)
921 zero_check |= idcodes[i];
922 one_check &= idcodes[i];
925 /* if there wasn't a single non-zero bit or if all bits were one,
926 * the scan is not valid. We wrote a mix of both values; either
928 * - There's a hardware issue (almost certainly):
929 * + all-zeroes can mean a target stuck in JTAG reset
930 * + all-ones tends to mean no target
931 * - The scan chain is WAY longer than we can handle, *AND* either
932 * + there are several hundreds of TAPs in bypass, or
933 * + at least a few dozen TAPs all have an all-ones IDCODE
935 if (zero_check == 0x00 || one_check == 0xff)
937 LOG_ERROR("JTAG scan chain interrogation failed: all %s",
938 (zero_check == 0x00) ? "zeroes" : "ones");
939 LOG_ERROR("Check JTAG interface, timings, target power, etc.");
945 static void jtag_examine_chain_display(enum log_levels level, const char *msg,
946 const char *name, uint32_t idcode)
948 log_printf_lf(level, __FILE__, __LINE__, __FUNCTION__,
949 "JTAG tap: %s %16.16s: 0x%08x "
950 "(mfg: 0x%3.3x, part: 0x%4.4x, ver: 0x%1.1x)",
952 (unsigned int)idcode,
953 (unsigned int)EXTRACT_MFG(idcode),
954 (unsigned int)EXTRACT_PART(idcode),
955 (unsigned int)EXTRACT_VER(idcode));
958 static bool jtag_idcode_is_final(uint32_t idcode)
961 * Some devices, such as AVR8, will output all 1's instead
962 * of TDI input value at end of chain. Allow those values
963 * instead of failing.
965 return idcode == END_OF_CHAIN_FLAG || idcode == 0xFFFFFFFF;
969 * This helper checks that remaining bits in the examined chain data are
970 * all as expected, but a single JTAG device requires only 64 bits to be
971 * read back correctly. This can help identify and diagnose problems
972 * with the JTAG chain earlier, gives more helpful/explicit error messages.
973 * Returns TRUE iff garbage was found.
975 static bool jtag_examine_chain_end(uint8_t *idcodes, unsigned count, unsigned max)
977 bool triggered = false;
978 for (; count < max - 31; count += 32)
980 uint32_t idcode = buf_get_u32(idcodes, count, 32);
982 /* do not trigger the warning if the data looks good */
983 if (jtag_idcode_is_final(idcode))
985 LOG_WARNING("Unexpected idcode after end of chain: %d 0x%08x",
986 count, (unsigned int)idcode);
992 static bool jtag_examine_chain_match_tap(const struct jtag_tap *tap)
994 uint32_t idcode = tap->idcode;
996 /* ignore expected BYPASS codes; warn otherwise */
997 if (0 == tap->expected_ids_cnt && !idcode)
1000 /* optionally ignore the JTAG version field */
1001 uint32_t mask = tap->ignore_version ? ~(0xff << 24) : ~0;
1005 /* Loop over the expected identification codes and test for a match */
1006 unsigned ii, limit = tap->expected_ids_cnt;
1008 for (ii = 0; ii < limit; ii++)
1010 uint32_t expected = tap->expected_ids[ii] & mask;
1012 if (idcode == expected)
1015 /* treat "-expected-id 0" as a "don't-warn" wildcard */
1016 if (0 == tap->expected_ids[ii])
1020 /* If none of the expected ids matched, warn */
1021 jtag_examine_chain_display(LOG_LVL_WARNING, "UNEXPECTED",
1022 tap->dotted_name, tap->idcode);
1023 for (ii = 0; ii < limit; ii++)
1027 snprintf(msg, sizeof(msg), "expected %u of %u", ii + 1, limit);
1028 jtag_examine_chain_display(LOG_LVL_ERROR, msg,
1029 tap->dotted_name, tap->expected_ids[ii]);
1034 /* Try to examine chain layout according to IEEE 1149.1 §12
1035 * This is called a "blind interrogation" of the scan chain.
1037 static int jtag_examine_chain(void)
1039 uint8_t idcode_buffer[JTAG_MAX_CHAIN_SIZE * 4];
1043 bool autoprobe = false;
1045 /* DR scan to collect BYPASS or IDCODE register contents.
1046 * Then make sure the scan data has both ones and zeroes.
1048 LOG_DEBUG("DR scan interrogation for IDCODE/BYPASS");
1049 retval = jtag_examine_chain_execute(idcode_buffer, JTAG_MAX_CHAIN_SIZE);
1050 if (retval != ERROR_OK)
1052 if (!jtag_examine_chain_check(idcode_buffer, JTAG_MAX_CHAIN_SIZE))
1053 return ERROR_JTAG_INIT_FAILED;
1055 /* point at the 1st tap */
1056 struct jtag_tap *tap = jtag_tap_next_enabled(NULL);
1062 tap && bit_count < (JTAG_MAX_CHAIN_SIZE * 32) - 31;
1063 tap = jtag_tap_next_enabled(tap))
1065 uint32_t idcode = buf_get_u32(idcode_buffer, bit_count, 32);
1067 if ((idcode & 1) == 0)
1069 /* Zero for LSB indicates a device in bypass */
1070 LOG_INFO("TAP %s does not have IDCODE",
1073 tap->hasidcode = false;
1079 /* Friendly devices support IDCODE */
1080 tap->hasidcode = true;
1081 jtag_examine_chain_display(LOG_LVL_INFO,
1083 tap->dotted_name, idcode);
1087 tap->idcode = idcode;
1089 /* ensure the TAP ID matches what was expected */
1090 if (!jtag_examine_chain_match_tap(tap))
1091 retval = ERROR_JTAG_INIT_SOFT_FAIL;
1094 /* Fail if too many TAPs were enabled for us to verify them all. */
1096 LOG_ERROR("Too many TAPs enabled; '%s' ignored.",
1098 return ERROR_JTAG_INIT_FAILED;
1101 /* if autoprobing, the tap list is still empty ... populate it! */
1102 while (autoprobe && bit_count < (JTAG_MAX_CHAIN_SIZE * 32) - 31) {
1106 /* Is there another TAP? */
1107 idcode = buf_get_u32(idcode_buffer, bit_count, 32);
1108 if (jtag_idcode_is_final(idcode))
1111 /* Default everything in this TAP except IR length.
1113 * REVISIT create a jtag_alloc(chip, tap) routine, and
1114 * share it with jim_newtap_cmd().
1116 tap = calloc(1, sizeof *tap);
1120 sprintf(buf, "auto%d", tapcount++);
1121 tap->chip = strdup(buf);
1122 tap->tapname = strdup("tap");
1124 sprintf(buf, "%s.%s", tap->chip, tap->tapname);
1125 tap->dotted_name = strdup(buf);
1127 /* tap->ir_length == 0 ... signifying irlen autoprobe */
1128 tap->ir_capture_mask = 0x03;
1129 tap->ir_capture_value = 0x01;
1131 tap->enabled = true;
1133 if ((idcode & 1) == 0) {
1135 tap->hasidcode = false;
1138 tap->hasidcode = true;
1139 tap->idcode = idcode;
1141 tap->expected_ids_cnt = 1;
1142 tap->expected_ids = malloc(sizeof(uint32_t));
1143 tap->expected_ids[0] = idcode;
1146 LOG_WARNING("AUTO %s - use \"jtag newtap "
1147 "%s %s -expected-id 0x%8.8" PRIx32 " ...\"",
1148 tap->dotted_name, tap->chip, tap->tapname,
1154 /* After those IDCODE or BYPASS register values should be
1155 * only the data we fed into the scan chain.
1157 if (jtag_examine_chain_end(idcode_buffer, bit_count,
1158 8 * sizeof(idcode_buffer))) {
1159 LOG_ERROR("double-check your JTAG setup (interface, "
1160 "speed, missing TAPs, ...)");
1161 return ERROR_JTAG_INIT_FAILED;
1164 /* Return success or, for backwards compatibility if only
1165 * some IDCODE values mismatched, a soft/continuable fault.
1171 * Validate the date loaded by entry to the Capture-IR state, to help
1172 * find errors related to scan chain configuration (wrong IR lengths)
1175 * Entry state can be anything. On non-error exit, all TAPs are in
1176 * bypass mode. On error exits, the scan chain is reset.
1178 static int jtag_validate_ircapture(void)
1180 struct jtag_tap *tap;
1181 int total_ir_length = 0;
1182 uint8_t *ir_test = NULL;
1183 struct scan_field field;
1188 /* when autoprobing, accomodate huge IR lengths */
1189 for (tap = NULL, total_ir_length = 0;
1190 (tap = jtag_tap_next_enabled(tap)) != NULL;
1191 total_ir_length += tap->ir_length) {
1192 if (tap->ir_length == 0)
1193 total_ir_length += JTAG_IRLEN_MAX;
1196 /* increase length to add 2 bit sentinel after scan */
1197 total_ir_length += 2;
1199 ir_test = malloc(DIV_ROUND_UP(total_ir_length, 8));
1200 if (ir_test == NULL)
1203 /* after this scan, all TAPs will capture BYPASS instructions */
1204 buf_set_ones(ir_test, total_ir_length);
1206 field.num_bits = total_ir_length;
1207 field.out_value = ir_test;
1208 field.in_value = ir_test;
1210 jtag_add_plain_ir_scan(1, &field, TAP_IDLE);
1212 LOG_DEBUG("IR capture validation scan");
1213 retval = jtag_execute_queue();
1214 if (retval != ERROR_OK)
1221 tap = jtag_tap_next_enabled(tap);
1226 /* If we're autoprobing, guess IR lengths. They must be at
1227 * least two bits. Guessing will fail if (a) any TAP does
1228 * not conform to the JTAG spec; or (b) when the upper bits
1229 * captured from some conforming TAP are nonzero. Or if
1230 * (c) an IR length is longer than 32 bits -- which is only
1231 * an implementation limit, which could someday be raised.
1233 * REVISIT optimization: if there's a *single* TAP we can
1234 * lift restrictions (a) and (b) by scanning a recognizable
1235 * pattern before the all-ones BYPASS. Check for where the
1236 * pattern starts in the result, instead of an 0...01 value.
1238 * REVISIT alternative approach: escape to some tcl code
1239 * which could provide more knowledge, based on IDCODE; and
1240 * only guess when that has no success.
1242 if (tap->ir_length == 0) {
1244 while ((val = buf_get_u32(ir_test, chain_pos,
1245 tap->ir_length + 1)) == 1
1246 && tap->ir_length <= 32) {
1249 LOG_WARNING("AUTO %s - use \"... -irlen %d\"",
1250 jtag_tap_name(tap), tap->ir_length);
1253 /* Validate the two LSBs, which must be 01 per JTAG spec.
1255 * Or ... more bits could be provided by TAP declaration.
1256 * Plus, some taps (notably in i.MX series chips) violate
1257 * this part of the JTAG spec, so their capture mask/value
1258 * attributes might disable this test.
1260 val = buf_get_u32(ir_test, chain_pos, tap->ir_length);
1261 if ((val & tap->ir_capture_mask) != tap->ir_capture_value) {
1262 LOG_ERROR("%s: IR capture error; saw 0x%0*x not 0x%0*x",
1264 (tap->ir_length + 7) / tap->ir_length,
1266 (tap->ir_length + 7) / tap->ir_length,
1267 (unsigned) tap->ir_capture_value);
1269 retval = ERROR_JTAG_INIT_FAILED;
1272 LOG_DEBUG("%s: IR capture 0x%0*x", jtag_tap_name(tap),
1273 (tap->ir_length + 7) / tap->ir_length, val);
1274 chain_pos += tap->ir_length;
1277 /* verify the '11' sentinel we wrote is returned at the end */
1278 val = buf_get_u32(ir_test, chain_pos, 2);
1281 char *cbuf = buf_to_str(ir_test, total_ir_length, 16);
1283 LOG_ERROR("IR capture error at bit %d, saw 0x%s not 0x...3",
1286 retval = ERROR_JTAG_INIT_FAILED;
1291 if (retval != ERROR_OK) {
1293 jtag_execute_queue();
1299 void jtag_tap_init(struct jtag_tap *tap)
1301 unsigned ir_len_bits;
1302 unsigned ir_len_bytes;
1304 /* if we're autoprobing, cope with potentially huge ir_length */
1305 ir_len_bits = tap->ir_length ? : JTAG_IRLEN_MAX;
1306 ir_len_bytes = DIV_ROUND_UP(ir_len_bits, 8);
1308 tap->expected = calloc(1, ir_len_bytes);
1309 tap->expected_mask = calloc(1, ir_len_bytes);
1310 tap->cur_instr = malloc(ir_len_bytes);
1312 /// @todo cope better with ir_length bigger than 32 bits
1313 if (ir_len_bits > 32)
1316 buf_set_u32(tap->expected, 0, ir_len_bits, tap->ir_capture_value);
1317 buf_set_u32(tap->expected_mask, 0, ir_len_bits, tap->ir_capture_mask);
1319 // TAP will be in bypass mode after jtag_validate_ircapture()
1321 buf_set_ones(tap->cur_instr, tap->ir_length);
1323 // register the reset callback for the TAP
1324 jtag_register_event_callback(&jtag_reset_callback, tap);
1326 LOG_DEBUG("Created Tap: %s @ abs position %d, "
1327 "irlen %d, capture: 0x%x mask: 0x%x", tap->dotted_name,
1328 tap->abs_chain_position, tap->ir_length,
1329 (unsigned) tap->ir_capture_value,
1330 (unsigned) tap->ir_capture_mask);
1334 void jtag_tap_free(struct jtag_tap *tap)
1336 jtag_unregister_event_callback(&jtag_reset_callback, tap);
1338 /// @todo is anything missing? no memory leaks please
1339 free((void *)tap->expected);
1340 free((void *)tap->expected_ids);
1341 free((void *)tap->chip);
1342 free((void *)tap->tapname);
1343 free((void *)tap->dotted_name);
1347 int jtag_interface_init(struct command_context *cmd_ctx)
1352 if (!jtag_interface)
1354 /* nothing was previously specified by "interface" command */
1355 LOG_ERROR("JTAG interface has to be specified, see \"interface\" command");
1356 return ERROR_JTAG_INVALID_INTERFACE;
1359 jtag = jtag_interface;
1360 if (jtag_interface->init() != ERROR_OK)
1363 return ERROR_JTAG_INIT_FAILED;
1366 int requested_khz = jtag_get_speed_khz();
1367 int actual_khz = requested_khz;
1368 int retval = jtag_get_speed_readable(&actual_khz);
1369 if (ERROR_OK != retval)
1370 LOG_INFO("interface specific clock speed value %d", jtag_get_speed());
1371 else if (actual_khz)
1373 if ((CLOCK_MODE_RCLK == clock_mode)
1374 || ((CLOCK_MODE_KHZ == clock_mode) && !requested_khz))
1376 LOG_INFO("RCLK (adaptive clock speed) not supported - fallback to %d kHz"
1380 LOG_INFO("clock speed %d kHz", actual_khz);
1383 LOG_INFO("RCLK (adaptive clock speed)");
1388 int jtag_init_inner(struct command_context *cmd_ctx)
1390 struct jtag_tap *tap;
1392 bool issue_setup = true;
1394 LOG_DEBUG("Init JTAG chain");
1396 tap = jtag_tap_next_enabled(NULL);
1398 /* Once JTAG itself is properly set up, and the scan chain
1399 * isn't absurdly large, IDCODE autoprobe should work fine.
1401 * But ... IRLEN autoprobe can fail even on systems which
1402 * are fully conformant to JTAG. Also, JTAG setup can be
1403 * quite finicky on some systems.
1405 * REVISIT: if TAP autoprobe works OK, then in many cases
1406 * we could escape to tcl code and set up targets based on
1407 * the TAP's IDCODE values.
1409 LOG_WARNING("There are no enabled taps. "
1410 "AUTO PROBING MIGHT NOT WORK!!");
1412 /* REVISIT default clock will often be too fast ... */
1416 if ((retval = jtag_execute_queue()) != ERROR_OK)
1419 /* Examine DR values first. This discovers problems which will
1420 * prevent communication ... hardware issues like TDO stuck, or
1421 * configuring the wrong number of (enabled) TAPs.
1423 retval = jtag_examine_chain();
1426 /* complete success */
1428 case ERROR_JTAG_INIT_SOFT_FAIL:
1429 /* For backward compatibility reasons, try coping with
1430 * configuration errors involving only ID mismatches.
1431 * We might be able to talk to the devices.
1433 LOG_ERROR("Trying to use configured scan chain anyway...");
1434 issue_setup = false;
1437 /* some hard error; already issued diagnostics */
1441 /* Now look at IR values. Problems here will prevent real
1442 * communication. They mostly mean that the IR length is
1443 * wrong ... or that the IR capture value is wrong. (The
1444 * latter is uncommon, but easily worked around: provide
1445 * ircapture/irmask values during TAP setup.)
1447 retval = jtag_validate_ircapture();
1448 if (retval != ERROR_OK)
1452 jtag_notify_event(JTAG_TAP_EVENT_SETUP);
1454 LOG_WARNING("Bypassing JTAG setup events due to errors");
1460 int jtag_interface_quit(void)
1462 if (!jtag || !jtag->quit)
1465 // close the JTAG interface
1466 int result = jtag->quit();
1467 if (ERROR_OK != result)
1468 LOG_ERROR("failed: %d", result);
1474 int jtag_init_reset(struct command_context *cmd_ctx)
1478 if ((retval = jtag_interface_init(cmd_ctx)) != ERROR_OK)
1481 LOG_DEBUG("Initializing with hard TRST+SRST reset");
1484 * This procedure is used by default when OpenOCD triggers a reset.
1485 * It's now done through an overridable Tcl "init_reset" wrapper.
1487 * This started out as a more powerful "get JTAG working" reset than
1488 * jtag_init_inner(), applying TRST because some chips won't activate
1489 * JTAG without a TRST cycle (presumed to be async, though some of
1490 * those chips synchronize JTAG activation using TCK).
1492 * But some chips only activate JTAG as part of an SRST cycle; SRST
1493 * got mixed in. So it became a hard reset routine, which got used
1494 * in more places, and which coped with JTAG reset being forced as
1495 * part of SRST (srst_pulls_trst).
1497 * And even more corner cases started to surface: TRST and/or SRST
1498 * assertion timings matter; some chips need other JTAG operations;
1499 * TRST/SRST sequences can need to be different from these, etc.
1501 * Systems should override that wrapper to support system-specific
1502 * requirements that this not-fully-generic code doesn't handle.
1504 * REVISIT once Tcl code can read the reset_config modes, this won't
1505 * need to be a C routine at all...
1507 jtag_add_reset(1, 0); /* TAP_RESET, using TMS+TCK or TRST */
1508 if (jtag_reset_config & RESET_HAS_SRST)
1510 jtag_add_reset(1, 1);
1511 if ((jtag_reset_config & RESET_SRST_PULLS_TRST) == 0)
1512 jtag_add_reset(0, 1);
1514 jtag_add_reset(0, 0);
1515 if ((retval = jtag_execute_queue()) != ERROR_OK)
1518 /* Check that we can communication on the JTAG chain + eventually we want to
1519 * be able to perform enumeration only after OpenOCD has started
1520 * telnet and GDB server
1522 * That would allow users to more easily perform any magic they need to before
1525 return jtag_init_inner(cmd_ctx);
1528 int jtag_init(struct command_context *cmd_ctx)
1532 if ((retval = jtag_interface_init(cmd_ctx)) != ERROR_OK)
1535 /* guard against oddball hardware: force resets to be inactive */
1536 jtag_add_reset(0, 0);
1537 if ((retval = jtag_execute_queue()) != ERROR_OK)
1540 if (Jim_Eval_Named(cmd_ctx->interp, "jtag_init", __FILE__, __LINE__) != JIM_OK)
1546 unsigned jtag_get_speed_khz(void)
1551 static int jtag_khz_to_speed(unsigned khz, int* speed)
1553 LOG_DEBUG("convert khz to interface specific speed value");
1557 LOG_DEBUG("have interface set up");
1559 int retval = jtag->khz(jtag_get_speed_khz(), &speed_div1);
1560 if (ERROR_OK != retval)
1564 *speed = speed_div1;
1569 static int jtag_rclk_to_speed(unsigned fallback_speed_khz, int* speed)
1571 int retval = jtag_khz_to_speed(0, speed);
1572 if ((ERROR_OK != retval) && fallback_speed_khz)
1574 LOG_DEBUG("trying fallback speed...");
1575 retval = jtag_khz_to_speed(fallback_speed_khz, speed);
1580 static int jtag_set_speed(int speed)
1583 /* this command can be called during CONFIG,
1584 * in which case jtag isn't initialized */
1585 return jtag ? jtag->speed(speed) : ERROR_OK;
1588 int jtag_config_khz(unsigned khz)
1590 LOG_DEBUG("handle jtag khz");
1591 clock_mode = CLOCK_MODE_KHZ;
1593 int retval = jtag_khz_to_speed(khz, &speed);
1594 return (ERROR_OK != retval) ? retval : jtag_set_speed(speed);
1597 int jtag_config_rclk(unsigned fallback_speed_khz)
1599 LOG_DEBUG("handle jtag rclk");
1600 clock_mode = CLOCK_MODE_RCLK;
1601 rclk_fallback_speed_khz = fallback_speed_khz;
1603 int retval = jtag_rclk_to_speed(fallback_speed_khz, &speed);
1604 return (ERROR_OK != retval) ? retval : jtag_set_speed(speed);
1607 int jtag_get_speed(void)
1612 case CLOCK_MODE_SPEED:
1615 case CLOCK_MODE_KHZ:
1616 jtag_khz_to_speed(jtag_get_speed_khz(), &speed);
1618 case CLOCK_MODE_RCLK:
1619 jtag_rclk_to_speed(rclk_fallback_speed_khz, &speed);
1622 LOG_ERROR("BUG: unknown jtag clock mode");
1629 int jtag_get_speed_readable(int *khz)
1631 return jtag ? jtag->speed_div(jtag_get_speed(), khz) : ERROR_OK;
1634 void jtag_set_verify(bool enable)
1636 jtag_verify = enable;
1639 bool jtag_will_verify()
1644 void jtag_set_verify_capture_ir(bool enable)
1646 jtag_verify_capture_ir = enable;
1649 bool jtag_will_verify_capture_ir()
1651 return jtag_verify_capture_ir;
1654 int jtag_power_dropout(int *dropout)
1658 /* TODO: as the jtag interface is not valid all
1659 * we can do at the moment is exit OpenOCD */
1660 LOG_ERROR("No Valid JTAG Interface Configured.");
1663 return jtag->power_dropout(dropout);
1666 int jtag_srst_asserted(int *srst_asserted)
1668 return jtag->srst_asserted(srst_asserted);
1671 enum reset_types jtag_get_reset_config(void)
1673 return jtag_reset_config;
1675 void jtag_set_reset_config(enum reset_types type)
1677 jtag_reset_config = type;
1680 int jtag_get_trst(void)
1684 int jtag_get_srst(void)
1689 void jtag_set_nsrst_delay(unsigned delay)
1691 jtag_nsrst_delay = delay;
1693 unsigned jtag_get_nsrst_delay(void)
1695 return jtag_nsrst_delay;
1697 void jtag_set_ntrst_delay(unsigned delay)
1699 jtag_ntrst_delay = delay;
1701 unsigned jtag_get_ntrst_delay(void)
1703 return jtag_ntrst_delay;
1707 void jtag_set_nsrst_assert_width(unsigned delay)
1709 jtag_nsrst_assert_width = delay;
1711 unsigned jtag_get_nsrst_assert_width(void)
1713 return jtag_nsrst_assert_width;
1715 void jtag_set_ntrst_assert_width(unsigned delay)
1717 jtag_ntrst_assert_width = delay;
1719 unsigned jtag_get_ntrst_assert_width(void)
1721 return jtag_ntrst_assert_width;