2 import sys, struct, binascii,time
3 from GoodFETARM7 import *
4 from intelhex import IntelHex
11 #Initailize FET and set baud rate
12 print >>sys.stderr,"Connecting to goodfet..."
16 print >>sys.stderr,"Setting up JTAG ARM on goodfet..."
18 print >>sys.stderr,"Starting JTAG ARM on goodfet..."
20 print "STARTUP: "+repr(client.data)
23 def print_registers():
24 return [ hex(client.ARMget_register(x)) for x in range(15) ]
26 def regwratchet(num,hi=13,lo=0):
27 for x in xrange(lo,hi+1):
28 client.ARMset_register(x,num)
31 print "ARM JTAG Test Unit"
32 print " Chip ID", hex(client.ARMident())
33 print client.ARMidentstr()
34 print " Debug State: ",hex(client.ARMget_dbgstate())
35 print " Debug CTRL: ",hex(client.ARMget_dbgctrl())
37 print "Testing Register Read/Writes"
38 print " Storing old values"
39 originalregs = [client.ARMget_register(x) for x in xrange(16)]
42 test = [None for x in xrange(15)]
43 control = [x for x in xrange(15)]
45 client.ARMset_register(x,control[x])
46 test[x] = client.ARMget_register(x)
49 print "Control:",control
52 print "A little harder..."
53 test = [None for x in xrange(15)]
54 control = [4*x for x in xrange(15)]
56 client.ARMset_register(x,control[x])
57 test[x] = client.ARMget_register(x)
60 print "Control:",control
63 print "Complex testing 1"
64 for y in xrange(0,0xffffffff,0x10101010):
65 test = [None for x in xrange(15)]
66 control = [y for x in xrange(15)]
67 print " Test parms: ",control
69 client.ARMset_register(x,control[x])
70 test[x] = client.ARMget_register(x)
73 print "Control:",control
76 print "Complex testing 2"
77 for y in xrange(0,0xffffffff,101010101):
78 test = [None for x in xrange(15)]
79 control = [y for x in xrange(15)]
80 print " Test parms: ",control
82 client.ARMset_register(x,control[x])
83 test[x] = client.ARMget_register(x)
86 print "Control:",control
89 test = [None for x in xrange(15)]
90 control = [0x100*x for x in xrange(15)]
92 client.ARMset_register(x,control[x])
93 test[x] = client.ARMget_register(x)
96 print "Control:",control
99 print "Resetting original register values..."
101 client.ARMset_register(x,originalregs[x])
102 regs = [client.ARMget_register(x) for x in xrange(16)]
103 print "Original: \t",originalregs
104 print "Now (r15 may differ:\t",regs
106 print "Testing setting and movement of PC between instructions"
107 #client.ARMsetPC(0x0)
108 print "PC:",client.ARMgetPC()
109 print "PC:",client.ARMgetPC()
110 print "PC:",client.ARMgetPC()
111 print "PC:",client.ARMgetPC()
112 print "Testing readChunk/writeChunk"
113 mem=client.ARMreadChunk(0x200000,32)
114 client.ARMwriteChunk(0x200000,mem)
115 mem2=client.ARMreadChunk(0x200000,32)
117 print "Failed: \n%s\n%s"%(repr([hex(x) for x in mem]), repr([hex(x) for x in mem2]))
124 print "\n\nTesting JTAG for ARM\n"
125 client.writecmd(0x33,0xd0,4,[0x40,0x40,0x40,0x40]); print "loopback: \t %s"%repr(client.data) # loopback
126 data.append(client.data)
127 client.writecmd(0x33,0xd1,2,[1,0]); print "scanchain1:\t %s"%repr(client.data) # set scan chain
128 data.append(client.data)
129 client.writecmd(0x33,0xd2,0,[]); print "debug state:\t %s"%repr(client.data) # get dbg state
130 data.append(client.data)
131 client.writecmd(0x33,0xd3,0,[0,0,0xa0,0xe1]); print "exec_nop: \t %s"%repr(client.data) # execute instruction
132 data.append(client.data)
133 client.writecmd(0x33,0xd3,0,[0,0,0x8e,0xe5]); print "exec_stuff: \t %s"%repr(client.data) # execute instruction
134 data.append(client.data)
135 client.writecmd(0x33,0xd3,0,[0,0,0xa0,0xe1]); print "exec_nop: \t %s"%repr(client.data) # execute instruction
136 data.append(client.data)
137 client.writecmd(0x33,0xd3,0,[0,0,0xa0,0xe1]); print "exec_nop: \t %s"%repr(client.data) # execute instruction
138 data.append(client.data)
139 client.writecmd(0x33,0xd3,0,[0,0,0xa0,0xe1]); print "exec_nop: \t %s"%repr(client.data) # execute instruction
140 data.append(client.data)
141 client.writecmd(0x33,0xd6,0,[]); print "shift_dr_32: \t %s"%repr(client.data) # dr_shift32
142 data.append(client.data)
143 client.writecmd(0x33,0xd5,8,[3, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40]); print "set_register:\t %s"%repr(client.data) # set register
144 data.append(client.data)
145 client.writecmd(0x33,0xd4,1,[3]); print "get_register:\t %s"%repr(client.data) # get register
146 data.append(client.data)
147 client.writecmd(0x33,0xd7,0,[]); print "chain1: \t %s"%repr(client.data) # chain1
148 data.append(client.data)
149 client.writecmd(0x33,0xd8,0,[]); print "read_chain2: \t %s"%repr(client.data) # read chain2
150 data.append(client.data)
151 client.writecmd(0x33,0xd9,0,[]); print "idcode: \t %s"%repr(client.data) # read idcode
152 data.append(client.data)
153 client.writecmd(0x33,0xf0,2,[4,4,1,1]); print "f0: \t %s"%repr(client.data) # read idcode
154 data.append(client.data)
155 client.writecmd(0x33,0xdb,8,[0x0,4,4,4,4,4,4,4]); print "verb(0): \t %s"%repr(client.data)
156 data.append(client.data)
157 client.writecmd(0x33,0xdb,8,[0x2,4,4,4,4,4,4,4]); print "verb(2): \t %s"%repr(client.data)
158 data.append(client.data)
159 client.writecmd(0x33,0xdb,8,[0x3,4,4,4,4,4,4,4]); print "verb(3): \t %s"%repr(client.data)
160 data.append(client.data)
161 client.writecmd(0x33,0xdb,8,[0x4,4,4,4,4,4,4,4]); print "verb(4): \t %s"%repr(client.data)
162 data.append(client.data)
163 client.writecmd(0x33,0xdb,8,[0x5,4,4,4,4,4,4,4]); print "verb(5): \t %s"%repr(client.data)
164 data.append(client.data)
165 client.writecmd(0x33,0xdb,8,[0x7,4,4,4,4,4,4,4]); print "verb(7): \t %s"%repr(client.data)
166 data.append(client.data)
167 client.writecmd(0x33,0xdb,8,[0x9,4,4,4,4,4,4,4]); print "verb(9): \t %s"%repr(client.data)
168 data.append(client.data)
169 client.writecmd(0x33,0xdb,8,[0xc,4,4,4,4,4,4,4]); print "verb(c): \t %s"%repr(client.data)
170 data.append(client.data)
171 client.writecmd(0x33,0xdb,8,[0xe,0,0,0,0,0,0xa0,0xe1]); print "verb(e): \t %s"%repr(client.data)
172 data.append(client.data)
173 client.writecmd(0x33,0xdb,8,[0xf,4,4,4,4,4,4,4]); print "verb(f): \t %s"%repr(client.data)
174 data.append(client.data)
178 print "\n\nTesting JTAG for ARM\n"
179 print "IDCODE: %x"%client.ARMident()
180 print "Debug State: %x"%client.ARMget_dbgstate ()
181 print "Debug State: %x"%client.ARMget_dbgstate ()
182 print "Debug State: %x"%client.ARMget_dbgstate ()
183 print "Debug CTRL: %x"%client.ARMget_dbgctrl()
184 client.writecmd(0x33,0xda,0,[])
185 print "TEST CHAIN0: %s"%repr(client.data)
186 print "Debug State: %x"%client.ARMget_dbgstate ()
187 print "IDCODE: %x"%client.ARMident()
188 print "Debug State: %x"%client.ARMget_dbgstate ()
189 client.writecmd(0x33,0xd0,4,[0xf7,0xf7,0xf7,0xf7])
190 print "Loopback: \t %s"%repr(client.data) # loopback
191 print "Debug State: %x"%client.ARMget_dbgstate ()
192 print "IDCODE: %x"%client.ARMident()
193 print "GetPC: %x"%client.ARMgetPC()
194 print "IDCODE: %x"%client.ARMident()
195 print "Debug State: %x"%client.ARMget_dbgstate ()
196 print "IDCODE: %x"%client.ARMident()
197 print "set_register(3,0x41414141): %x"%client.ARMset_register(3,0x41414141)
198 print "IDCODE: %x"%client.ARMident()
199 print "Debug State: %x"%client.ARMget_dbgstate ()
200 print "IDCODE: %x"%client.ARMident()
201 print "get_register(3): %x"%client.ARMget_register(3)
202 print "IDCODE: %x"%client.ARMident()
203 print "Debug State: %x"%client.ARMget_dbgstate ()
204 print "IDCODE: %x"%client.ARMident()
207 print "IDCODE: %x"%client.ARMident()
208 print "Debug State: %x"%client.ARMget_dbgstate ()
209 client.writecmd(0x33,0xd0,4,[0xf7,0xf7,0xf7,0xf7])
210 print "Loopback: \t %s"%repr(client.data) # loopback
211 client.writecmd(0x33,0xd5,8,[0,0,0,0,0xf7,0xf7,0xf7,0xf7])
212 print "test_set_reg: \t %s"%repr(client.data)
213 client.writecmd(0x33,0xd4,1,[0])
214 print "test_get_reg: \t %s"%repr(client.data)
215 print "set_register(3,0x41414141): %x"%client.ARMset_register(3,0x41414141)
216 print "get_register(3): %x"%client.ARMget_register(3)
217 client.writecmd(0x33,0xd4,1,[0])
218 print "test_get_reg: \t %s"%repr(client.data)
221 print "IDCODE: %x"%client.ARMident()
222 print "Debug State: %x"%client.ARMget_dbgstate ()
223 print "set_register(0,0x4141): %x"%client.ARMset_register(0,0x4141)
224 print "get_register(0): %x"%client.ARMget_register(0)
225 print "set_register(1,0x4141): %x"%client.ARMset_register(1,0x4142)
226 print "get_register(1): %x"%client.ARMget_register(1)
227 print "set_register(2,0x4141): %x"%client.ARMset_register(2,0x4143)
228 print "get_register(2): %x"%client.ARMget_register(2)
229 print "set_register(3,0x4141): %x"%client.ARMset_register(3,0x4144)
230 print "get_register(3): %x"%client.ARMget_register(3)
231 print "set_register(4,0x4141): %x"%client.ARMset_register(4,0x4145)
232 print "get_register(4): %x"%client.ARMget_register(4)
233 print "set_register(5,0x4141): %x"%client.ARMset_register(5,0x4146)
234 print "get_register(5): %x"%client.ARMget_register(5)
235 print "set_register(6,0x4141): %x"%client.ARMset_register(6,0x4147)
236 print "get_register(6): %x"%client.ARMget_register(6)
237 print "set_register(7,0x4141): %x"%client.ARMset_register(7,0x4148)
238 print "get_register(7): %x"%client.ARMget_register(7)
239 print "set_register(8,0x4141): %x"%client.ARMset_register(8,0x4149)
240 print "get_register(8): %x"%client.ARMget_register(8)
241 print "set_register(9,0x4141): %x"%client.ARMset_register(9,0x4140)
242 print "get_register(9): %x"%client.ARMget_register(9)
243 print "set_register(10,0x4141): %x"%client.ARMset_register(10,0x4151)
244 print "get_register(10): %x"%client.ARMget_register(10)
245 print "set_register(11,0x4141): %x"%client.ARMset_register(11,0x4152)
246 print "get_register(11): %x"%client.ARMget_register(11)
247 print "set_register(12,0x4141): %x"%client.ARMset_register(12,0x4153)
248 print "get_register(12): %x"%client.ARMget_register(12)
249 print "set_register(13,0x4141): %x"%client.ARMset_register(13,0x4154)
250 print "get_register(13): %x"%client.ARMget_register(13)
251 print "set_register(14,0x4141): %x"%client.ARMset_register(14,0x4155)
252 print "get_register(14): %x"%client.ARMget_register(14)
253 #print "set_register(15,0x4141): %x"%client.ARMset_register(15,0x41414156)
254 #print "get_register(15): %x"%client.ARMget_register(15)
258 def test5(start=0,end=15):
260 results = [[] for x in range(end)]
262 #print "IDCODE: %x"%client.ARMident()
263 #print "Debug State: %x"%client.ARMget_dbgstate ()
264 for x in range(start,end):
265 num = client.ARMset_register(x,seed)
266 print "set_register(%d,0x%x): %x"%(x,seed,num)
267 num = client.ARMget_register(x)
268 print "get_register(%d): %x"%(x,num)
269 results[x].append(num)
272 num = client.ARMset_register(x,seed)
273 print "set_register(%d,0x%x): %x"%(x,seed,num)
274 num = client.ARMget_register(x)
275 print "get_register(%d): %x"%(x,num)
276 results[x].append(num)
280 print "Debug State: %x"%client.ARMget_dbgstate ()
282 def test6(start=0,end=15):
284 results = [[] for x in range(end)]
286 #print "IDCODE: %x"%client.ARMident()
287 #print "Debug State: %x"%client.ARMget_dbgstate ()
288 for x in range(start,end):
289 num = client.ARMset_register(x,seed+x)
290 print "set_register(%d,0x%x): %x"%(x,seed+x,num)
293 for x in range(start,end):
294 num = client.ARMget_register(x)
295 print "get_register(%d): %x"%(x,num)
296 results[x].append(num)
299 num = client.ARMset_register(x,seed+x)
300 print "set_register(%d,0x%x): %x"%(x,seed+x,num)
301 num = client.ARMget_register(x)
302 print "get_register(%d): %x"%(x,num)
303 results[x].append(num)
306 print "Debug State: %x"%client.ARMget_dbgstate ()
309 def test7(start=0,end=14):
311 results = [[] for x in range(end)]
313 #print "IDCODE: %x"%client.ARMident()
314 #print "Debug State: %x"%client.ARMget_dbgstate ()
315 for x in range(end,start-1, -1):
316 num = client.ARMset_register(x,seed+x)
318 print "set_register(%d,0x%x): %x"%(x,seed+x,num)
320 for x in range(start,endi+1):
321 num = client.ARMget_register(x)
323 print "get_register(%d): %x"%(x,num)
324 results[x].append(num)
327 def readtest(start=0,end=14):
329 results = [[] for x in range(end)]
331 #print "IDCODE: %x"%client.ARMident()
332 #print "Debug State: %x"%client.ARMget_dbgstate ()
333 for x in range(end,start, -1):
334 num = client.ARMget_register(x)
336 print "get_register(%d): %x"%(x,num)
338 for x in range(start,end,2):
339 num = client.ARMget_register(x)
341 print "get_register(%d): %x"%(x,num)
342 results[x].append(num)
346 print "Don't forget to 'client.stop()' if you want to exit cleanly"
350 for y in range(len(results)):
352 print "%.2x=%s"%(y,repr(["%x"%t for t in x]))
354 def ARMreadMem(self, adr, wrdcount):
356 r0 = self.ARMget_register(5); # store R0 and R1
357 r1 = self.ARMget_register(9);
358 #print >>sys.stderr,("CPSR:\t%x"%self.ARMget_regCPSR())
359 for word in range(adr, adr+(wrdcount*4), 4):
360 #sys.stdin.readline()
361 self.ARMset_register(5, word); # write address into R0
362 self.ARMset_register(9, 0xdeadbeef)
365 self.ARMdebuginstr(0xe4959004L, 0); # push LDR R1, [R0], #4 into instruction pipeline (autoincrements for consecutive reads)
370 self.ARMdebuginstr(0x47146,0)
371 self.ARMdebuginstr(0x47147,0)
372 print hex(self.ARMget_register(9))
373 # FIXME: this may end up changing te current debug-state. should we compare to current_dbgstate?
374 #print repr(self.data[4])
375 if (len(self.data)>4 and self.data[4] == '\x00'):
376 print >>sys.stderr,("FAILED TO READ MEMORY/RE-ENTER DEBUG MODE")
377 raise Exception("FAILED TO READ MEMORY/RE-ENTER DEBUG MODE")
380 retval.append( self.ARMget_register(9) ) # read memory value from R1 register
381 #print >>sys.stderr,("CPSR: %x\t\tR0: %x\t\tR1: %x"%(self.ARMget_regCPSR(),self.ARMget_register(0),self.ARMget_register(1)))
382 self.ARMset_register(9, r1); # restore R0 and R1
383 self.ARMset_register(5, r0);
387 case 0xD0: // loopback test
388 cmddatalong[0] = 0x12345678;
389 case 0xD1: // Set Scan Chain
390 cmddatalong[0] = jtagarm7tdmi_scan_n(cmddataword[0]);
392 cmddatalong[0] = jtagarm7tdmi_get_dbgstate();
394 cmddatalong[0] = jtagarm7tdmi_exec(cmddatalong[0]);
396 cmddatalong[0] = jtagarm7tdmi_get_register(cmddata[0]);
398 cmddatalong[0] = jtagarm7tdmi_set_register(cmddata[0], cmddatalong[1]);
400 cmddatalong[0] = jtagarm7tdmi_dr_shift32(cmddatalong[0]);
402 cmddatalong[0] = jtagarm7tdmi_chain1(cmddatalong[0], 0);
404 cmddatalong[0] = jtagarm7tdmi_chain2_read(cmddata[0], 32);
408 if(sys.argv[1]=="test"):
410 if(sys.argv[1]=="deadtest"):
411 for i in range(1,10):
412 print "IDENT as %s" % client.CCidentstr();
413 if(sys.argv[1]=="dumpcode"):
418 start=int(sys.argv[3],16);
420 stop=int(sys.argv[4],16);
422 print "Dumping code from %04x to %04x as %s." % (start,stop,f);
426 h[i]=client.CCpeekcodebyte(i);
428 print "Dumped %04x."%i;
431 if(sys.argv[1]=="dumpdata"):
436 start=int(sys.argv[3],16);
438 stop=int(sys.argv[4],16);
440 print "Dumping data from %04x to %04x as %s." % (start,stop,f);
444 h[i]=client.CCpeekdatabyte(i);
446 print "Dumped %04x."%i;
449 if(sys.argv[1]=="status"):
450 print "Status: %s" %client.CCstatusstr();
451 if(sys.argv[1]=="erase"):
452 print "Status: %s" % client.CCstatusstr();
453 client.CCchiperase();
454 print "Status: %s" %client.CCstatusstr();
456 if(sys.argv[1]=="peekinfo"):
457 print "Select info flash."
458 client.CCwr_config(1);
459 print "Config is %02x" % client.CCrd_config();
463 start=int(sys.argv[2],16);
466 stop=int(sys.argv[3],16);
467 print "Peeking from %04x to %04x." % (start,stop);
469 print "%04x: %02x" % (start,client.CCpeekcodebyte(start));
471 if(sys.argv[1]=="poke"):
472 client.CCpokeirambyte(int(sys.argv[2],16),
473 int(sys.argv[3],16));
474 if(sys.argv[1]=="randtest"):
476 client.CCpokeirambyte(0xBD,0x01); #RNDH=0x01
477 client.CCpokeirambyte(0xB4,0x04); #ADCCON1=0x04
478 client.CCpokeirambyte(0xBD,0x01); #RNDH=0x01
479 client.CCpokeirambyte(0xB4,0x04); #ADCCON1=0x04
482 for foo in range(1,10):
483 print "%02x" % client.CCpeekirambyte(0xBD); #RNDH
484 client.CCpokeirambyte(0xB4,0x04); #ADCCON1=0x04
485 client.CCreleasecpu();
487 print "%02x" % client.CCpeekdatabyte(0xDF61); #CHIP ID
488 if(sys.argv[1]=="adctest"):
489 # ADCTest 0xDF3A 0xDF3B
490 print "ADC TEST %02x%02x" % (
491 client.CCpeekdatabyte(0xDF3A),
492 client.CCpeekdatabyte(0xDF3B));
493 if(sys.argv[1]=="config"):
494 print "Config is %02x" % client.CCrd_config();
496 if(sys.argv[1]=="flash"):
501 start=int(sys.argv[3],16);
503 stop=int(sys.argv[4],16);
507 pagelen = 2048; #2kB pages in 32-bit words
510 print "Wiping Flash."
512 #client.CCchiperase();
513 #Wipe the RAM buffer for the next flash page.
514 #client.CCeraseflashbuffer();
515 for i in h._buf.keys():
516 while(i>page+pagelen):
518 client.CCflashpage(page);
519 #client.CCeraseflashbuffer();
521 print "Flashed page at %06x" % page
524 #Place byte into buffer.
525 client.CCpokedatabyte(0xF000+i-page,
529 print "Buffering %04x toward %06x" % (i,page);
531 client.CCflashpage(page);
532 print "Flashed final page at %06x" % page;
534 if(sys.argv[1]=="lock"):
535 print "Status: %s" %client.CCstatusstr();
537 print "Status: %s" %client.CCstatusstr();
538 if(sys.argv[1]=="flashpage"):
541 target=int(sys.argv[2],16);
542 print "Writing a page of flash from 0xF000 in XDATA"
543 client.CCflashpage(target);
544 if(sys.argv[1]=="erasebuffer"):
545 print "Erasing flash buffer.";
546 client.CCeraseflashbuffer();
548 if(sys.argv[1]=="writedata"):
553 start=int(sys.argv[3],16);
555 stop=int(sys.argv[4],16);
559 for i in h._buf.keys():
560 if(i>=start and i<=stop):
561 client.CCpokedatabyte(i,h[i]);
564 #if(sys.argv[1]=="flashtest"):
565 # client.CCflashtest();
566 if(sys.argv[1]=="peekdata"):
569 start=int(sys.argv[2],16);
572 stop=int(sys.argv[3],16);
573 print "Peeking from %04x to %04x." % (start,stop);
575 print "%04x: %02x" % (start,client.CCpeekdatabyte(start));
577 if(sys.argv[1]=="peek"):
580 start=int(sys.argv[2],16);
583 stop=int(sys.argv[3],16);
584 print "Peeking from %04x to %04x." % (start,stop);
586 print "%04x: %02x" % (start,client.CCpeekirambyte(start));
589 if(sys.argv[1]=="peekcode"):
592 start=int(sys.argv[2],16);
595 stop=int(sys.argv[3],16);
596 print "Peeking from %04x to %04x." % (start,stop);
598 print "%04x: %02x" % (start,client.CCpeekcodebyte(start));
600 if(sys.argv[1]=="pokedata"):
604 start=int(sys.argv[2],16);
606 val=int(sys.argv[3],16);
607 print "Poking %04x to become %02x." % (start,val);
608 client.CCpokedatabyte(start,val);
projects / goodfet / blob