1 // SPDX-License-Identifier: GPL-2.0-or-later
3 /***************************************************************************
4 * Copyright (C) 2005 by Dominic Rath *
5 * Dominic.Rath@gmx.de *
7 * Copyright (C) 2007,2008 Øyvind Harboe *
8 * oyvind.harboe@zylin.com *
10 * Copyright (C) 2009 SoftPLC Corporation *
11 * http://softplc.com *
14 * Copyright (C) 2009 Zachary T Welch *
15 * zw@superlucidity.net *
16 ***************************************************************************/
23 #include "interface.h"
26 * @see tap_set_state() and tap_get_state() accessors.
27 * Actual name is not important since accessors hide it.
29 static tap_state_t state_follower = TAP_RESET;
31 void tap_set_state_impl(tap_state_t new_state)
33 /* this is the state we think the TAPs are in now, was cur_state */
34 state_follower = new_state;
37 tap_state_t tap_get_state(void)
39 return state_follower;
43 * @see tap_set_end_state() and tap_get_end_state() accessors.
44 * Actual name is not important because accessors hide it.
46 static tap_state_t end_state_follower = TAP_RESET;
48 void tap_set_end_state(tap_state_t new_end_state)
50 /* this is the state we think the TAPs will be in at completion of the
51 * current TAP operation, was end_state
53 end_state_follower = new_end_state;
56 tap_state_t tap_get_end_state(void)
58 return end_state_follower;
61 int tap_move_ndx(tap_state_t astate)
63 /* given a stable state, return the index into the tms_seqs[]
64 * array within tap_get_tms_path()
89 LOG_ERROR("FATAL: unstable state \"%s\" in tap_move_ndx()",
90 tap_state_name(astate));
97 /* tap_move[i][j]: tap movement command to go from state i to state j
98 * encodings of i and j are what tap_move_ndx() reports.
100 * DRSHIFT->DRSHIFT and IRSHIFT->IRSHIFT have to be caught in interface specific code
102 struct tms_sequences {
108 * These macros allow us to specify TMS state transitions by bits rather than hex bytes.
109 * Read the bits from LSBit first to MSBit last (right-to-left).
111 #define HEX__(n) 0x##n##LU
114 ((((x) & 0x0000000FLU) ? (1 << 0) : 0) \
115 +(((x) & 0x000000F0LU) ? (1 << 1) : 0) \
116 +(((x) & 0x00000F00LU) ? (1 << 2) : 0) \
117 +(((x) & 0x0000F000LU) ? (1 << 3) : 0) \
118 +(((x) & 0x000F0000LU) ? (1 << 4) : 0) \
119 +(((x) & 0x00F00000LU) ? (1 << 5) : 0) \
120 +(((x) & 0x0F000000LU) ? (1 << 6) : 0) \
121 +(((x) & 0xF0000000LU) ? (1 << 7) : 0))
123 #define B8(bits, count) {((uint8_t)B8__(HEX__(bits))), (count)}
125 static const struct tms_sequences old_tms_seqs[6][6] = { /* [from_state_ndx][to_state_ndx] */
126 /* value clocked to TMS to move from one of six stable states to another.
127 * N.B. OOCD clocks TMS from LSB first, so read these right-to-left.
128 * N.B. Reset only needs to be 0b11111, but in JLink an even byte of 1's is more stable.
129 * These extra ones cause no TAP state problem, because we go into reset and stay in reset.
133 /* RESET IDLE DRSHIFT DRPAUSE IRSHIFT IRPAUSE */ /* from state: */
134 {B8(1111111, 7), B8(0000000, 7), B8(0010111, 7), B8(0001010, 7), B8(0011011, 7), B8(0010110, 7)},/* RESET */
135 {B8(1111111, 7), B8(0000000, 7), B8(0100101, 7), B8(0000101, 7), B8(0101011, 7), B8(0001011, 7)},/* IDLE */
136 {B8(1111111, 7), B8(0110001, 7), B8(0000000, 7), B8(0000001, 7), B8(0001111, 7), B8(0101111, 7)},/* DRSHIFT */
137 {B8(1111111, 7), B8(0110000, 7), B8(0100000, 7), B8(0010111, 7), B8(0011110, 7), B8(0101111, 7)},/* DRPAUSE */
138 {B8(1111111, 7), B8(0110001, 7), B8(0000111, 7), B8(0010111, 7), B8(0000000, 7), B8(0000001, 7)},/* IRSHIFT */
139 {B8(1111111, 7), B8(0110000, 7), B8(0011100, 7), B8(0010111, 7), B8(0011110, 7), B8(0101111, 7)},/* IRPAUSE */
142 static const struct tms_sequences short_tms_seqs[6][6] = { /* [from_state_ndx][to_state_ndx] */
143 /* this is the table submitted by Jeff Williams on 3/30/2009 with this comment:
145 OK, I added Peter's version of the state table, and it works OK for
146 me on MC1322x. I've recreated the jlink portion of patch with this
147 new state table. His changes to my state table are pretty minor in
148 terms of total transitions, but Peter feels that his version fixes
149 some long-standing problems.
152 I added the bit count into the table, reduced RESET column to 7 bits from 8.
155 state specific comments:
156 ------------------------
157 *->RESET tried the 5 bit reset and it gave me problems, 7 bits seems to
158 work better on ARM9 with ft2232 driver. (Dick)
160 RESET->DRSHIFT add 1 extra clock cycles in the RESET state before advancing.
161 needed on ARM9 with ft2232 driver. (Dick)
162 (For a total of *THREE* extra clocks in RESET; NOP.)
164 RESET->IRSHIFT add 1 extra clock cycles in the RESET state before advancing.
165 needed on ARM9 with ft2232 driver. (Dick)
166 (For a total of *TWO* extra clocks in RESET; NOP.)
168 RESET->* always adds one or more clocks in the target state,
169 which should be NOPS; except shift states which (as
170 noted above) add those clocks in RESET.
172 The X-to-X transitions always add clocks; from *SHIFT, they go
173 via IDLE and thus *DO HAVE SIDE EFFECTS* (capture and update).
177 /* RESET IDLE DRSHIFT DRPAUSE IRSHIFT IRPAUSE */ /* from state: */
178 {B8(1111111, 7), B8(0000000, 7), B8(0010111, 7), B8(0001010, 7), B8(0011011, 7), B8(0010110, 7)}, /* RESET */
179 {B8(1111111, 7), B8(0000000, 7), B8(001, 3), B8(0101, 4), B8(0011, 4), B8(01011, 5)}, /* IDLE */
180 {B8(1111111, 7), B8(011, 3), B8(00111, 5), B8(01, 2), B8(001111, 6), B8(0101111, 7)}, /* DRSHIFT */
181 {B8(1111111, 7), B8(011, 3), B8(01, 2), B8(0, 1), B8(001111, 6), B8(0101111, 7)}, /* DRPAUSE */
182 {B8(1111111, 7), B8(011, 3), B8(00111, 5), B8(010111, 6), B8(001111, 6), B8(01, 2)}, /* IRSHIFT */
183 {B8(1111111, 7), B8(011, 3), B8(00111, 5), B8(010111, 6), B8(01, 2), B8(0, 1)} /* IRPAUSE */
186 typedef const struct tms_sequences tms_table[6][6];
188 static tms_table *tms_seqs = &short_tms_seqs;
190 int tap_get_tms_path(tap_state_t from, tap_state_t to)
192 return (*tms_seqs)[tap_move_ndx(from)][tap_move_ndx(to)].bits;
195 int tap_get_tms_path_len(tap_state_t from, tap_state_t to)
197 return (*tms_seqs)[tap_move_ndx(from)][tap_move_ndx(to)].bit_count;
200 bool tap_is_state_stable(tap_state_t astate)
204 /* A switch () is used because it is symbol dependent
205 * (not value dependent like an array), and can also check bounds.
223 tap_state_t tap_state_transition(tap_state_t cur_state, bool tms)
225 tap_state_t new_state;
227 /* A switch is used because it is symbol dependent and not value dependent
228 * like an array. Also it can check for out of range conditions.
234 new_state = cur_state;
239 new_state = TAP_DRSELECT;
242 new_state = TAP_IRSELECT;
246 new_state = TAP_DREXIT1;
250 new_state = TAP_DRUPDATE;
253 new_state = TAP_DREXIT2;
256 new_state = TAP_RESET;
260 new_state = TAP_IREXIT1;
264 new_state = TAP_IRUPDATE;
267 new_state = TAP_IREXIT2;
270 LOG_ERROR("fatal: invalid argument cur_state=%d", cur_state);
280 new_state = TAP_IDLE;
283 new_state = TAP_DRCAPTURE;
288 new_state = TAP_DRSHIFT;
292 new_state = TAP_DRPAUSE;
295 new_state = TAP_IRCAPTURE;
300 new_state = TAP_IRSHIFT;
304 new_state = TAP_IRPAUSE;
307 LOG_ERROR("fatal: invalid argument cur_state=%d", cur_state);
316 /* NOTE: do not change these state names. They're documented,
317 * and we rely on them to match SVF input (except for "RUN/IDLE").
319 static const struct name_mapping {
320 enum tap_state symbol;
322 } tap_name_mapping[] = {
323 { TAP_RESET, "RESET", },
324 { TAP_IDLE, "RUN/IDLE", },
325 { TAP_DRSELECT, "DRSELECT", },
326 { TAP_DRCAPTURE, "DRCAPTURE", },
327 { TAP_DRSHIFT, "DRSHIFT", },
328 { TAP_DREXIT1, "DREXIT1", },
329 { TAP_DRPAUSE, "DRPAUSE", },
330 { TAP_DREXIT2, "DREXIT2", },
331 { TAP_DRUPDATE, "DRUPDATE", },
332 { TAP_IRSELECT, "IRSELECT", },
333 { TAP_IRCAPTURE, "IRCAPTURE", },
334 { TAP_IRSHIFT, "IRSHIFT", },
335 { TAP_IREXIT1, "IREXIT1", },
336 { TAP_IRPAUSE, "IRPAUSE", },
337 { TAP_IREXIT2, "IREXIT2", },
338 { TAP_IRUPDATE, "IRUPDATE", },
340 /* only for input: accept standard SVF name */
341 { TAP_IDLE, "IDLE", },
344 const char *tap_state_name(tap_state_t state)
348 for (i = 0; i < ARRAY_SIZE(tap_name_mapping); i++) {
349 if (tap_name_mapping[i].symbol == state)
350 return tap_name_mapping[i].name;
355 tap_state_t tap_state_by_name(const char *name)
359 for (i = 0; i < ARRAY_SIZE(tap_name_mapping); i++) {
360 /* be nice to the human */
361 if (strcasecmp(name, tap_name_mapping[i].name) == 0)
362 return tap_name_mapping[i].symbol;
368 #define JTAG_DEBUG_STATE_APPEND(buf, len, bit) \
369 do { buf[len] = bit ? '1' : '0'; } while (0)
370 #define JTAG_DEBUG_STATE_PRINT(a, b, astr, bstr) \
371 LOG_DEBUG_IO("TAP/SM: %9s -> %5s\tTMS: %s\tTDI: %s", \
372 tap_state_name(a), tap_state_name(b), astr, bstr)
374 tap_state_t jtag_debug_state_machine_(const void *tms_buf, const void *tdi_buf,
375 unsigned tap_bits, tap_state_t next_state)
377 const uint8_t *tms_buffer;
378 const uint8_t *tdi_buffer;
383 unsigned tap_out_bits;
387 tap_state_t last_state;
389 /* set startstate (and possibly last, if tap_bits == 0) */
390 last_state = next_state;
391 LOG_DEBUG_IO("TAP/SM: START state: %s", tap_state_name(next_state));
393 tms_buffer = (const uint8_t *)tms_buf;
394 tdi_buffer = (const uint8_t *)tdi_buf;
396 tap_bytes = DIV_ROUND_UP(tap_bits, 8);
397 LOG_DEBUG_IO("TAP/SM: TMS bits: %u (bytes: %u)", tap_bits, tap_bytes);
400 for (cur_byte = 0; cur_byte < tap_bytes; cur_byte++) {
401 for (cur_bit = 0; cur_bit < 8; cur_bit++) {
402 /* make sure we do not run off the end of the buffers */
403 unsigned tap_bit = cur_byte * 8 + cur_bit;
404 if (tap_bit == tap_bits)
407 /* check and save TMS bit */
408 tap_bit = !!(tms_buffer[cur_byte] & (1 << cur_bit));
409 JTAG_DEBUG_STATE_APPEND(tms_str, tap_out_bits, tap_bit);
411 /* use TMS bit to find the next TAP state */
412 next_state = tap_state_transition(last_state, tap_bit);
414 /* check and store TDI bit */
415 tap_bit = !!(tdi_buffer[cur_byte] & (1 << cur_bit));
416 JTAG_DEBUG_STATE_APPEND(tdi_str, tap_out_bits, tap_bit);
418 /* increment TAP bits */
421 /* Only show TDO bits on state transitions, or */
422 /* after some number of bits in the same state. */
423 if ((next_state == last_state) && (tap_out_bits < 32))
426 /* terminate strings and display state transition */
427 tms_str[tap_out_bits] = tdi_str[tap_out_bits] = 0;
428 JTAG_DEBUG_STATE_PRINT(last_state, next_state, tms_str, tdi_str);
431 last_state = next_state;
437 /* terminate strings and display state transition */
438 tms_str[tap_out_bits] = tdi_str[tap_out_bits] = 0;
439 JTAG_DEBUG_STATE_PRINT(last_state, next_state, tms_str, tdi_str);
442 LOG_DEBUG_IO("TAP/SM: FINAL state: %s", tap_state_name(next_state));
447 void tap_use_new_tms_table(bool use_new)
449 tms_seqs = use_new ? &short_tms_seqs : &old_tms_seqs;
451 bool tap_uses_new_tms_table(void)
453 return tms_seqs == &short_tms_seqs;