Hi,
when trying to unlock a stellaris chip (lm3s9b92) the stellaris
recovery command turns out to be unusable. The chip has been locked by
flashing it with a program that misconfigures the system clock.
Running the 'stellaris recover' command requires initialized target and
stellaris flash driver. Unfortunately, target initialization
(examination) performed by openocd results in timeouts in case of
version 0.4 and indefinite hanging of version 0.5 (see my previous post
https://lists.berlios.de/pipermail/openocd-development/2011-September/020851.html
that nobody replied to) due to the fact that the chip is locked &
unusable.
A potential workaround would be to create the target and declare
flash memory after the configuration phase. Unfortunately (again), the
'flash bank' command that eventually enables the 'stellaris' command is
available exclusively in the configuration phase. Such behavior is
understandable.
Attached is a patch, that shows a proof of concept and has been tested
to succesfully unlock a target chip. A configuration that has been used
to prepare the enviroment for unlocking looks as follows:
---------------------
source [find interface/luminary-icdi.cfg]
adapter_khz 500
debug_level 3
jtag newtap lm3s cpu -expected-id 0x0ba00477 -irlen 4 -irmask 0xf
-ignore-version
# run the initialization prior to target creation and flash
# declaration to prevent target examination that would fail
# since the chip is locked
init
# SRST is needed for the recovery command
reset_config srst_only srst_open_drain
target create lm3s.cpu cortex_m3 -chain-position lm3s.cpu
flash bank lm3s.flash stellaris 0 0 0 0 lm3s.cpu
# finally, run the recovery
stellaris recover 0
---------------------
Best regards,
Jan Capek
--
Braiins Systems
email: jan.ca...@braiins.cz
--- openocd-0.5.0.orig/src/flash/nor/tcl.c
+++ openocd-0.5.0/src/flash/nor/tcl.c
@@ -917,7 +917,7 @@ static const struct command_registration
{
.name = "bank",
.handler = handle_flash_bank_command,
- .mode = COMMAND_CONFIG,
+ .mode = COMMAND_ANY,
.usage = "bank_id driver_name base_address size_bytes "
"chip_width_bytes bus_width_bytes target "
"[driver_options ...]",
--- openocd-0.5.0.orig/src/flash/nor/stellaris.c
+++ openocd-0.5.0/src/flash/nor/stellaris.c
@@ -1280,10 +1280,6 @@ COMMAND_HANDLER(stellaris_handle_recover
struct flash_bank *bank;
int retval;
- retval = CALL_COMMAND_HANDLER(flash_command_get_bank, 0, &bank);
- if (retval != ERROR_OK)
- return retval;
-
/* REVISIT ... it may be worth sanity checking that the AP is
* inactive before we start. ARM documents that switching a DP's
* mode while it's active can cause fault modes that need a power
@@ -1298,11 +1294,11 @@ COMMAND_HANDLER(stellaris_handle_recover
jtag_add_reset(0, 1);
for (int i = 0; i < 5; i++) {
- retval = dap_to_swd(bank->target);
+ retval = dap_to_swd(NULL);
if (retval != ERROR_OK)
goto done;
- retval = dap_to_jtag(bank->target);
+ retval = dap_to_jtag(NULL);
if (retval != ERROR_OK)
goto done;
}
@@ -1336,7 +1332,6 @@ static const struct command_registration
.name = "recover",
.handler = stellaris_handle_recover_command,
.mode = COMMAND_EXEC,
- .usage = "bank_id",
.help = "recover (and erase) locked device",
},
COMMAND_REGISTRATION_DONE
--- openocd-0.5.0.orig/src/target/adi_v5_swd.c
+++ openocd-0.5.0/src/target/adi_v5_swd.c
@@ -167,7 +167,7 @@ static const uint8_t jtag2swd_bitseq[] =
*/
int dap_to_swd(struct target *target)
{
- struct arm *arm = target_to_arm(target);
+ struct arm *arm;
int retval;
LOG_DEBUG("Enter SWD mode");
@@ -181,8 +181,11 @@ int dap_to_swd(struct target *target)
if (retval == ERROR_OK)
retval = jtag_execute_queue();
- /* set up the DAP's ops vector for SWD mode. */
- arm->dap->ops = &swd_dap_ops;
+ if (target != NULL) {
+ arm = target_to_arm(target);
+ /* set up the DAP's ops vector for SWD mode. */
+ arm->dap->ops = &swd_dap_ops;
+ }
return retval;
}
_______________________________________________
Openocd-development mailing list
Openocd-development@lists.berlios.de
https://lists.berlios.de/mailman/listinfo/openocd-development
