found by code inspection. There are many other places in
CFI where LOG_ERROR() should be called similarly...
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
when a write/unlock/erase failed during write_image, then
an error was not propagated back up so e.g. flash write
image from tcl scripts would not throw an exception.
Also flash filling speed was printed even when the
operation failed. Output is now less confusing.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
any read/write operation to memory can fail.
block write algorithm error propagation was broken
in that it would continue after an error was reported
writing data to ram or the algorithm failing.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Hello,
"stm32x mass_erase" return ERROR_OK even if something goes wrong.
Here is a summary of changes :
* in stm32x_mass_erase : return ERROR_FLASH_OPERATION_FAILED when error
detected in FLASH_SR register;
* in COMMAND_HANDLER(stm32x_handle_mass_erase_command) : return the
returned value of stm32x_mass_erase().
I don't know if there is reason to always return ERROR_OK ?
Gaëtan
When a flash cmd is called using the flash name the autoprobe
function is not called. autoprobe is called if flash_command_get_bank
falls through to get_flash_bank_by_num.
This makes both get_flash_bank_by_name and get_flash_bank_by_num
behave the same.
Signed-off-by: Spencer Oliver <ntfreak@users.sourceforge.net>
This adds a virtual flash bank driver that allows virtual banks to
be defined that refer to an existing flash bank.
For example the real address for bank0 on the pic32 is 0x1fc00000
but the user program will either be in kseg0 (0xbfc00000) or
kseg1 (0x9fc00000).
This also means that gdb will be aware of all the read only flash
addresses.
Signed-off-by: Spencer Oliver <ntfreak@users.sourceforge.net>
Every time command "flash probe #" is executed, memory
structures are re-allocated without preventive free()
of former areas, causing memory leak.
Also, memory allocation does not check return value,
determining segmentation fault in case of out of memory.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: Spencer Oliver <ntfreak@users.sourceforge.net>
This patch add support of iMX27 nand flash controller. This is based on
driver for imx31 nand flash controller.
OOB functionality is not fully working. As in mx31 controller, mx2 NFC
has a bug that swap two bytes between SPARE and MAIN buffer.
I used this driver for several months and no problems appear.
Page reads using hwecc4_infix layout segfaulted for check_bad_blocks because
the read assumed a valid data buffer, which check_bad_blocks does not use
(it only passes a 6 byte buffer for the start of OOB).
This version copes with undersized or missing data or oob buffers and uses
random read commands within the page to skip unwanted areas of data/OOB for
speed.
NOTE: Running check_bad_blocks with this layout will be reading infix
OOB locations, not manufacturer bad block markers. This means that if you
check blocks written in infix layout they will appear good, but manufacturer-
marked bad blocks may also appear good.
If you want to scan for manufactuer-marked bad blocks, you need to enable
raw_access before running check_bad_blocks, or use the non-infix layout.
Signed-off-by: Jon Povey <jon.povey@racelogic.co.uk>
CC: David Brownell <dbrownell@users.sourceforge.net>
nand_build_bbt() was ignoring the return value from nand_read_page() and
blindly continuing.
It now passes the return value up to the caller if the read fails.
Signed-off-by: Jon Povey <jon.povey@racelogic.co.uk>
Change download rate messages about kibibytes from "kb/s" to "KiB/s" units.
See: http://en.wikipedia.org/wiki/Data_rate_units
Signed-off-by: Jon Povey <jon.povey@racelogic.co.uk>
Remove few LOG_DEBUG() messages, together with code and
variables required to build such messages.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Final step to force bus_width size during CFI flash
read.
Added CFI specific implementation cfi_read() that uses
only accesses at bus_width size.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Final target is to force bus_width size during CFI flash
read.
In this first step I need to replace default flash read
with flash specific implementation.
This patch introduces:
- flash_driver_read() layer;
- default_flash_read(), backward compatible;
- read() callback in struct flash_driver;
- proper initialization in every flash_driver instance.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
During cfi_write(), head and tail of destination area
could be not aligned to bus_width.
Since write operation must be at bus_width size, source
buffer size is extended and buffer padded with current
values read from flash.
Force using bus_width to read current value from flash.
Do not use cfi_add_byte() anymore, to allow removing this
function later on.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
NOR flash structure requires each access to be bus_width wide.
Fix read of flash ID accordingly to rule above.
Add case (chip_width == 4), allowed by CFI spec and coherent
with current value of CFI_MAX_CHIP_WIDTH but currently not
used by any target.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Since NOR flash devices does not handle "byte enable lanes",
each read/write access involves the whole "chip_width".
When multiple devices are in parallel, usually all chips are
enabled during each access.
All such cases are compatible with flash accesses at
"bus_width" size.
Access at "bus_width" size is mandatory for write access to
avoid transferring of garbage values to flash.
During read access the flash controller should take care,
and discard unneeded bytes. Anyway, it is good practice to
use "bus_width" size also for read.
Every memory access that does not respect "bus_width" size
is marked with a "FIXME" comment.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Review and simplify computation of bufferwsize.
Add comments about variables' meaning.
The same code is present 3 times in the file.
Current patch updates all the 3 instances.
Step 1)
Replace "switch(bank->chip_width) {...}".
Illegal values of bank->chip_width are already dropped.
For legal values, the code is equivalent to:
bufferwsize = buffersize / bank->chip_width;
Step 2)
The above code replacement plus the following line:
bufferwsize /= (bank->bus_width / bank->chip_width);
is merged in a single formula:
bufferwsize = (buffersize / bank->chip_width) /
(bank->bus_width / bank->chip_width);
and simplified as:
bufferwsize = buffersize / bank->bus_width;
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Arguments chip_width and bus_width of command "flash bank" are
not fully checked.
While bus_width is later on redundantly checked in several other
parts (e.g. in cfi_command_val()) and generates run-time error,
chip_width is never checked, nor related to actual bus_width
value.
Added check to avoid:
- (chip_width == 0), that would mean no memory chip at all,
avoiding also division by zero e.g. in cfi_get_u8();
- (bus_width == 0), that would mean no bus at all;
- unsupported cases of chip_width or bus_width value not power
of 2;
- unsupported case of chip width wider than bus.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Last block was being skipped, fix by changing the loop test from "<" to "<="
First block argument was ignored, always started from block 0 (and counted
the wrong blocks as bad if first was nonzero). Now we use it.
Signed-off-by: Jon Povey <jon.povey@racelogic.co.uk>
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
The last_block argument to nand_erase() is checked against nand->num_blocks,
but the highest valid block number is (total - 1), the test for invalid should
be ">=" rather than ">".
Signed-off-by: Jon Povey <jon.povey@racelogic.co.uk>
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
flash cmds can now be passed either the bank name or the bank number.
For example.
flash info stm32.flash
flash info 0
Signed-off-by: Spencer Oliver <ntfreak@users.sourceforge.net>
Hi,
This is my first post to the list. First, I would like to thank
everyone for their work on OpenOCD, it is a great tool to work with. I
have been using it to debug code on hardware for the Rockbox project
(www.rockbox.org).
The target that I primarily work with has a Spansion/Fujitsu NOR flash
(MBM29SL800TE). I attached a patch that adds support for this flash. I
hope it can be included in the main repository. If there is something
that needs to be changed with the patch before inclusion please let me
know.
-Karl Kurbjun
The ST/Numonix M29W128G has an issue when a 0xff cmd is sent,
it cause an internal undefined state. The workaround according
to the Numonyx is to send another 0xf0 reset cmd
Signed-off-by: Spencer Oliver <ntfreak@users.sourceforge.net>
There are a million reasons why cached protection state might
be stale: power cycling of target, reset, code executing on
the target, etc.
The "flash protect_check" command is now gone. This is *always*
executed when running a "flash info".
As a bonus for more a more robust approach, lots of code could
be deleted.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
This stops GDB from launching with an empty memory map,
making gdb load w/flashing fail for no obvious reason.
The error message points in the direction of the gdb-attach
event that can be set up to issue a halt or "reset init"
which will put GDB in a well defined stated upon attach
and thus have a robust flash autoprobe.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Remove/fix lots of bugs in handling of non-contigious sections
and out of order sections.
Fix a gaffe introduced in previous commit to src/flash/nor/core.c
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Remove bogus error messages when trying to allocate a
large chunk of target memory and then falling back to
a smaller one.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
The current timeout for STM32 flash block erase and flash mass erase is
10 (ms), which is too tight, and fails around 50% of the time for me.
The data sheet for STM32F107VC specifies a maximum erase time of 40 ms
(for both operations).
I'd also consider it a bug that the code does not detect a timeout, but
just assumes that the operation has completed. The attached patch does
not address this bug.
The attached patch increases the timeouts from 10 to 100 ms. Please apply.
/Tobias
Fix a bug where write_image would fail if the sections
in the image were not in ascending order. This has previously
been fixed in gdb load.
Solved by sorting the image sections before running flash
write_image erase unlock foo.elf.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
this is done for unlocking and it is a simple omission that
it wasn't done for sectors.
The unnerving thing is that nobody has complained about this
until now....
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
If the flash has not yet been probed and GDB connects while the target is
running, the flash probe triggered by GDB's memory map read will fail. In
that case the returned memory map will be empty, causing a subsequent load
from within GDB to fail. There's not much you can do from GDB to recover,
other than a restart; a 'mon reset init' and manual 'mon flash probe' won't
help since GDB has already made up its mind about the memory map.
It seems there's no reason to require the target to be halted when probing
the flash. Remove the check to let a valid memory map be provided to GDB
even when connecting to a running target.
Signed-off-by: Andreas Fritiofson <andreas.fritiofson@gmail.com>
The The patch labeled "CFI CORE: bug-fix protect single sector" was merged
rged without some requested bugfixes. Most significantly it broke invariants
in the code, invalidating descriptions and changing the calling convention
for underlying drivers. (It (Also wasn't CFI-specific...)
Fix that, and Include an update from Antonio Borneo for the degenerate
"nothing to do" case, (although that's still in the wrong location. which
is presumably why that is it was working in some cases but not all.)
src/flash/nor/core.c | 21 ++++++++++++++++-----
1 file changed, 16 insertions(+), 5 deletions(-)
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Arguments for "flash bank" command are already
parsed and put in "bank" struct.
Removed code to parse them again.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Syntax of "flash bank" command requires:
- chip_width as CMD_ARGV[3]
- bus_width as CMD_ARGV[4]
Actual code swaps the arguments.
Bug has no run time impact since wrong variables
are only used to check value and both are checked
against same constraint.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
The command "flash bank" has updated syntax.
Add the mandatory parameter <target> to the usage message
that prints in case of error.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
jtag_get/set_end_state() is now deprecated.
There were lots of places in the code where the end state was
unintentionally modified.
The big Q is whether there were any places where the intention
was to modify the end state. 0.5 is a long way off, so we'll
get a fair amount of testing.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Until this time only basic SLC functionality exists when you want to use SLC to access external nand flash.
Basic functionality can be selected with command:
lpc3180 select 0 slc
It is anyway very slow to write/read to/from nand flash.
With the new command, SLC speed improved about 20 times, and hardware ECC info also read/written from/to nand flash OOB area:
lpc3180 select 0 slc bulk
Speed improvement achieved by using working are in SRAM of the LPC3250 chip and controlling DMA controller to interact between SRAM and SLC peripheral.
Here are the patches, and if they are ok than take them.
Tested with hitex LPC3250 usb stick.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Fixes bug that prevented users from specifying a base address of
0x80000000 or higher in image commands (flash write_image, etm image,
xscale trace_image).
image.base_address is an offset from the start address contained in
the image file (if there is one), or from 0 (for binary files). As a
signed 32-bit int, it couldn't be greater than 0x7fffffff, which is a
problem when trying to write a binary file to flash above that
address. Changing it to a 64-bit long long keeps it as a signed
offset, but allows it to cover the entire 32-bit address space.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
Add flash algorithm support for the PIC32MX.
Still a few things todo but this dramatically decreases
the programing time, eg. approx programming for 2.5k test file.
- without fastload: 60secs
- with fastload: 45secs
- with fastload and algorithm: 2secs.
Add new devices to supported list.
Signed-off-by: Spencer Oliver <ntfreak@users.sourceforge.net>
Cannot protect or unprotect single sector in cfi flash.
When first==last the procedure fails.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
At the end I have added comments /* FIXME: to be removed */
There are 3 lines in which my simplification is not complete due to
data dependency with LOG_DEBUG() messages visible in the patch.
Such log_debug has been introduced on Jan 22, 2007 with commit
4fc97d3f27 during development activity
in this file/procedure.
From my point of view, these logs can be removed, since not part of a
consistent flow of information.
Alternatively, could be borrowed in the new cfi_send_command(), but
this will increase verbosity.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
In the code a single field was all that was ever used. Makes
jtag_add_ir_scan() simpler and leaves more complicated stuff
to jtag_add_plain_ir_scan().
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
jtag_add_dr/ir_scan() now takes the tap as the first
argument, rather than for each of the fields passed
in.
The code never exercised the path where there was
more than one tap being scanned, who knows if it even
worked.
This simplifies the implementation and reduces clutter
in the calling code.
use jtag_add_ir/dr_plain_scan() for more fancy situations.
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
JEDEC standard reports Vpp integer part encoded as 4 bit HEX value.
To print it using decimal digits, %u is required.
Other voltage values are coded as BCD, so %x is appropriate.
Code already prints one nibble at a time, so no need for field width
and precision in format string.
Signed-off-by: Antonio Borneo <borneo.antonio@gmail.com>
Signed-off-by: Øyvind Harboe <oyvind.harboe@zylin.com>
When the beginning or end of the specified range of sectors
already has the requested protection status, don't ask the
flash driver to change those sectors.
This will among other things turn command sequences like
this into the NOPs one would expect:
flash protect_check 0
flash info 0
... reports everything as unprotected ...
flash protect 0 0 1 off
That speeds things up (by whatever work was just avoided).
Also, with Stellaris (which can't unprotect flash at page level)
this can eliminate some undesirable/false error reports. (And
finishes fixing a bug currently listed in our bug database...)
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
The NOR infrastructure caches some per-sector state, but
it's not used much ... because the cache is not trustworthy.
This patch addresses one part of that problem, by ensuring
that state cached by NOR drivers gets invalidated once we
resume the target -- since targets may then modify sectors.
Now if we see sector protection or erase status marked as
anything other than "unknown", we should be able to rely
on that as being accurate. (That is ... if we assume the
drivers initialize and update this state correctly.)
Another part of that problem is that the cached state isn't
much used (being unreliable, it would have been unsafe).
Those issues can be addressed in later patches.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Give a more accurate failure message when trying to unprotect; don't
complain about pages being write protected, just say that unprotect is
not supported by the hardware ... referencing the new "recover" command,
which is the way to achieve that.
Likewise, when trying to protect, talk about "pages" (matching hardware
doc) not "sectors" (an concept that's alien to these chips).
Also make the helptext for the "recover" command mention that it
also erases the device.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Fix some issues with the generic LPC1768 config file:
- Handle the post-reset clock config: 4 MHz internal RC, no PLL.
This affects flash and JTAG clocking.
- Remove JTAG adapter config; they don't all support trst_and_srst
- Remove the rest of the bogus "reset-init" event handler.
- Allow explicit CCLK configuration, instead of assuming 12 MHz;
some boards will use 100 Mhz (or the post-reset 4 MHz).
- Simplify: rely on defaults for endianness and IR-Capture value
- Update some comments too
Build on those fixes to make a trivial config for the IAR LPC1768
kickstart board (by Olimex) start working.
Also, add doxygen to the lpc2000 flash driver, primarily to note a
configuration problem with driver: it wrongly assumes the core clock
rate never changes. Configs that are safe for updating flash after
"reset halt" will thus often be unsafe later ... e.g. for LPC1768,
after switching to use PLL0 at 100 MHz.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Øyvind Harboe
gcembed
Spencer Oliver
Antonio Borneo
Jon Povey
Karl Kurbjun
Tobias Ringström
Andreas Fritiofson
David Brownell
Daniel Bäder
richard vegh
Bradey Honsinger