10 #include <sys/types.h>
15 #include "stlink-common.h"
16 #include "uglylogging.h"
18 #define LOG_TAG __FILE__
19 #define DLOG(format, args...) ugly_log(UDEBUG, LOG_TAG, format, ## args)
20 #define ILOG(format, args...) ugly_log(UINFO, LOG_TAG, format, ## args)
21 #define WLOG(format, args...) ugly_log(UWARN, LOG_TAG, format, ## args)
22 #define fatal(format, args...) ugly_log(UFATAL, LOG_TAG, format, ## args)
24 /* todo: stm32l15xxx flash memory, pm0062 manual */
26 /* stm32f FPEC flash controller interface, pm0063 manual */
27 // TODO - all of this needs to be abstracted out....
28 #define FLASH_REGS_ADDR 0x40022000
29 #define FLASH_REGS_SIZE 0x28
31 #define FLASH_ACR (FLASH_REGS_ADDR + 0x00)
32 #define FLASH_KEYR (FLASH_REGS_ADDR + 0x04)
33 #define FLASH_SR (FLASH_REGS_ADDR + 0x0c)
34 #define FLASH_CR (FLASH_REGS_ADDR + 0x10)
35 #define FLASH_AR (FLASH_REGS_ADDR + 0x14)
36 #define FLASH_OBR (FLASH_REGS_ADDR + 0x1c)
37 #define FLASH_WRPR (FLASH_REGS_ADDR + 0x20)
39 #define FLASH_RDPTR_KEY 0x00a5
40 #define FLASH_KEY1 0x45670123
41 #define FLASH_KEY2 0xcdef89ab
43 #define FLASH_SR_BSY 0
44 #define FLASH_SR_EOP 5
47 #define FLASH_CR_PER 1
48 #define FLASH_CR_MER 2
49 #define FLASH_CR_STRT 6
50 #define FLASH_CR_LOCK 7
53 //32L = 32F1 same CoreID as 32F4!
54 #define STM32L_FLASH_REGS_ADDR ((uint32_t)0x40023c00)
55 #define STM32L_FLASH_ACR (STM32L_FLASH_REGS_ADDR + 0x00)
56 #define STM32L_FLASH_PECR (STM32L_FLASH_REGS_ADDR + 0x04)
57 #define STM32L_FLASH_PDKEYR (STM32L_FLASH_REGS_ADDR + 0x08)
58 #define STM32L_FLASH_PEKEYR (STM32L_FLASH_REGS_ADDR + 0x0c)
59 #define STM32L_FLASH_PRGKEYR (STM32L_FLASH_REGS_ADDR + 0x10)
60 #define STM32L_FLASH_OPTKEYR (STM32L_FLASH_REGS_ADDR + 0x14)
61 #define STM32L_FLASH_SR (STM32L_FLASH_REGS_ADDR + 0x18)
62 #define STM32L_FLASH_OBR (STM32L_FLASH_REGS_ADDR + 0x1c)
63 #define STM32L_FLASH_WRPR (STM32L_FLASH_REGS_ADDR + 0x20)
64 #define FLASH_L1_FPRG 10
65 #define FLASH_L1_PROG 3
69 #define FLASH_F4_REGS_ADDR ((uint32_t)0x40023c00)
70 #define FLASH_F4_KEYR (FLASH_F4_REGS_ADDR + 0x04)
71 #define FLASH_F4_OPT_KEYR (FLASH_F4_REGS_ADDR + 0x08)
72 #define FLASH_F4_SR (FLASH_F4_REGS_ADDR + 0x0c)
73 #define FLASH_F4_CR (FLASH_F4_REGS_ADDR + 0x10)
74 #define FLASH_F4_OPT_CR (FLASH_F4_REGS_ADDR + 0x14)
75 #define FLASH_F4_CR_STRT 16
76 #define FLASH_F4_CR_LOCK 31
77 #define FLASH_F4_CR_SER 1
78 #define FLASH_F4_CR_SNB 3
79 #define FLASH_F4_CR_SNB_MASK 0x38
80 #define FLASH_F4_SR_BSY 16
83 void write_uint32(unsigned char* buf, uint32_t ui) {
84 if (!is_bigendian()) { // le -> le (don't swap)
85 buf[0] = ((unsigned char*) &ui)[0];
86 buf[1] = ((unsigned char*) &ui)[1];
87 buf[2] = ((unsigned char*) &ui)[2];
88 buf[3] = ((unsigned char*) &ui)[3];
90 buf[0] = ((unsigned char*) &ui)[3];
91 buf[1] = ((unsigned char*) &ui)[2];
92 buf[2] = ((unsigned char*) &ui)[1];
93 buf[3] = ((unsigned char*) &ui)[0];
97 void write_uint16(unsigned char* buf, uint16_t ui) {
98 if (!is_bigendian()) { // le -> le (don't swap)
99 buf[0] = ((unsigned char*) &ui)[0];
100 buf[1] = ((unsigned char*) &ui)[1];
102 buf[0] = ((unsigned char*) &ui)[1];
103 buf[1] = ((unsigned char*) &ui)[0];
107 uint32_t read_uint32(const unsigned char *c, const int pt) {
109 char *p = (char *) &ui;
111 if (!is_bigendian()) { // le -> le (don't swap)
125 static uint32_t __attribute__((unused)) read_flash_rdp(stlink_t *sl) {
126 return stlink_read_debug32(sl, FLASH_WRPR) & 0xff;
129 static inline uint32_t read_flash_wrpr(stlink_t *sl) {
130 return stlink_read_debug32(sl, FLASH_WRPR);
133 static inline uint32_t read_flash_obr(stlink_t *sl) {
134 return stlink_read_debug32(sl, FLASH_OBR);
137 static inline uint32_t read_flash_cr(stlink_t *sl) {
139 if(sl->chip_id==STM32F4_CHIP_ID)
140 res = stlink_read_debug32(sl, FLASH_F4_CR);
142 res = stlink_read_debug32(sl, FLASH_CR);
144 fprintf(stdout, "CR:0x%x\n", res);
149 static inline unsigned int is_flash_locked(stlink_t *sl) {
150 /* return non zero for true */
151 if(sl->chip_id==STM32F4_CHIP_ID)
152 return read_flash_cr(sl) & (1 << FLASH_F4_CR_LOCK);
154 return read_flash_cr(sl) & (1 << FLASH_CR_LOCK);
157 static void unlock_flash(stlink_t *sl) {
158 /* the unlock sequence consists of 2 write cycles where
159 2 key values are written to the FLASH_KEYR register.
160 an invalid sequence results in a definitive lock of
161 the FPEC block until next reset.
163 if(sl->chip_id==STM32F4_CHIP_ID) {
164 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY1);
165 stlink_write_debug32(sl, FLASH_F4_KEYR, FLASH_KEY2);
168 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY1);
169 stlink_write_debug32(sl, FLASH_KEYR, FLASH_KEY2);
174 static int unlock_flash_if(stlink_t *sl) {
175 /* unlock flash if already locked */
177 if (is_flash_locked(sl)) {
179 if (is_flash_locked(sl)) {
180 WLOG("Failed to unlock flash!\n");
184 DLOG("Successfully unlocked flash\n");
188 static void lock_flash(stlink_t *sl) {
189 if(sl->chip_id==STM32F4_CHIP_ID) {
190 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_F4_CR_LOCK);
191 stlink_write_debug32(sl, FLASH_F4_CR, n);
194 /* write to 1 only. reset by hw at unlock sequence */
195 const uint32_t n = read_flash_cr(sl) | (1 << FLASH_CR_LOCK);
196 stlink_write_debug32(sl, FLASH_CR, n);
201 static void set_flash_cr_pg(stlink_t *sl) {
202 if(sl->chip_id==STM32F4_CHIP_ID) {
203 uint32_t x = read_flash_cr(sl);
204 x |= (1 << FLASH_CR_PG);
205 stlink_write_debug32(sl, FLASH_F4_CR, x);
208 const uint32_t n = 1 << FLASH_CR_PG;
209 stlink_write_debug32(sl, FLASH_CR, n);
213 static void __attribute__((unused)) clear_flash_cr_pg(stlink_t *sl) {
214 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PG);
215 if(sl->chip_id==STM32F4_CHIP_ID)
216 stlink_write_debug32(sl, FLASH_F4_CR, n);
218 stlink_write_debug32(sl, FLASH_CR, n);
221 static void set_flash_cr_per(stlink_t *sl) {
222 const uint32_t n = 1 << FLASH_CR_PER;
223 stlink_write_debug32(sl, FLASH_CR, n);
226 static void __attribute__((unused)) clear_flash_cr_per(stlink_t *sl) {
227 const uint32_t n = read_flash_cr(sl) & ~(1 << FLASH_CR_PER);
228 stlink_write_debug32(sl, FLASH_CR, n);
231 static void set_flash_cr_mer(stlink_t *sl) {
232 if(sl->chip_id == STM32F4_CHIP_ID)
233 stlink_write_debug32(sl, FLASH_F4_CR,
234 stlink_read_debug32(sl, FLASH_F4_CR) | (1 << FLASH_CR_MER));
236 stlink_write_debug32(sl, FLASH_CR,
237 stlink_read_debug32(sl, FLASH_CR) | (1 << FLASH_CR_MER));
240 static void __attribute__((unused)) clear_flash_cr_mer(stlink_t *sl) {
241 if(sl->chip_id == STM32F4_CHIP_ID)
242 stlink_write_debug32(sl, FLASH_F4_CR,
243 stlink_read_debug32(sl, FLASH_F4_CR) & ~(1 << FLASH_CR_MER));
245 stlink_write_debug32(sl, FLASH_CR,
246 stlink_read_debug32(sl, FLASH_CR) & ~(1 << FLASH_CR_MER));
249 static void set_flash_cr_strt(stlink_t *sl) {
250 if(sl->chip_id == STM32F4_CHIP_ID)
252 uint32_t x = read_flash_cr(sl);
253 x |= (1 << FLASH_F4_CR_STRT);
254 stlink_write_debug32(sl, FLASH_F4_CR, x);
257 stlink_write_debug32(
259 stlink_read_debug32(sl,FLASH_CR) |(1 << FLASH_CR_STRT) );
263 static inline uint32_t read_flash_acr(stlink_t *sl) {
264 return stlink_read_debug32(sl, FLASH_ACR);
267 static inline uint32_t read_flash_sr(stlink_t *sl) {
269 if(sl->chip_id==STM32F4_CHIP_ID)
270 res = stlink_read_debug32(sl, FLASH_F4_SR);
272 res = stlink_read_debug32(sl, FLASH_SR);
273 //fprintf(stdout, "SR:0x%x\n", *(uint32_t*) sl->q_buf);
277 static inline unsigned int is_flash_busy(stlink_t *sl) {
278 if(sl->chip_id==STM32F4_CHIP_ID)
279 return read_flash_sr(sl) & (1 << FLASH_F4_SR_BSY);
281 return read_flash_sr(sl) & (1 << FLASH_SR_BSY);
284 static void wait_flash_busy(stlink_t *sl) {
285 /* todo: add some delays here */
286 while (is_flash_busy(sl))
290 static void wait_flash_busy_progress(stlink_t *sl) {
292 fprintf(stdout, "Mass erasing");
294 while (is_flash_busy(sl))
299 fprintf(stdout, ".");
303 fprintf(stdout, "\n");
306 static inline unsigned int is_flash_eop(stlink_t *sl) {
307 return read_flash_sr(sl) & (1 << FLASH_SR_EOP);
310 static void __attribute__((unused)) clear_flash_sr_eop(stlink_t *sl) {
311 const uint32_t n = read_flash_sr(sl) & ~(1 << FLASH_SR_EOP);
312 stlink_write_debug32(sl, FLASH_SR, n);
315 static void __attribute__((unused)) wait_flash_eop(stlink_t *sl) {
316 /* todo: add some delays here */
317 while (is_flash_eop(sl) == 0)
321 static inline void write_flash_ar(stlink_t *sl, uint32_t n) {
322 stlink_write_debug32(sl, FLASH_AR, n);
325 static inline void write_flash_cr_psiz(stlink_t *sl, uint32_t n) {
326 uint32_t x = read_flash_cr(sl);
330 fprintf(stdout, "PSIZ:0x%x 0x%x\n", x, n);
332 stlink_write_debug32(sl, FLASH_F4_CR, x);
336 static inline void write_flash_cr_snb(stlink_t *sl, uint32_t n) {
337 uint32_t x = read_flash_cr(sl);
338 x &= ~FLASH_F4_CR_SNB_MASK;
339 x |= (n << FLASH_F4_CR_SNB);
340 x |= (1 << FLASH_F4_CR_SER);
342 fprintf(stdout, "SNB:0x%x 0x%x\n", x, n);
344 stlink_write_debug32(sl, FLASH_F4_CR, x);
349 static void disable_flash_read_protection(stlink_t *sl) {
350 /* erase the option byte area */
357 // Delegates to the backends...
359 void stlink_close(stlink_t *sl) {
360 DLOG("*** stlink_close ***\n");
361 sl->backend->close(sl);
365 void stlink_exit_debug_mode(stlink_t *sl) {
366 DLOG("*** stlink_exit_debug_mode ***\n");
367 stlink_write_debug32(sl, DHCSR, DBGKEY);
368 sl->backend->exit_debug_mode(sl);
371 void stlink_enter_swd_mode(stlink_t *sl) {
372 DLOG("*** stlink_enter_swd_mode ***\n");
373 sl->backend->enter_swd_mode(sl);
376 // Force the core into the debug mode -> halted state.
377 void stlink_force_debug(stlink_t *sl) {
378 DLOG("*** stlink_force_debug_mode ***\n");
379 sl->backend->force_debug(sl);
382 void stlink_exit_dfu_mode(stlink_t *sl) {
383 DLOG("*** stlink_exit_dfu_mode ***\n");
384 sl->backend->exit_dfu_mode(sl);
387 uint32_t stlink_core_id(stlink_t *sl) {
388 DLOG("*** stlink_core_id ***\n");
389 sl->backend->core_id(sl);
391 stlink_print_data(sl);
392 DLOG("core_id = 0x%08x\n", sl->core_id);
396 uint32_t stlink_chip_id(stlink_t *sl) {
397 uint32_t chip_id = stlink_read_debug32(sl, 0xE0042000);
402 * Cortex m3 tech ref manual, CPUID register description
403 * @param sl stlink context
404 * @param cpuid pointer to the result object
406 void stlink_cpu_id(stlink_t *sl, cortex_m3_cpuid_t *cpuid) {
407 uint32_t raw = stlink_read_debug32(sl, CM3_REG_CPUID);
408 cpuid->implementer_id = (raw >> 24) & 0x7f;
409 cpuid->variant = (raw >> 20) & 0xf;
410 cpuid->part = (raw >> 4) & 0xfff;
411 cpuid->revision = raw & 0xf;
416 * reads and decodes the flash parameters, as dynamically as possible
418 * @return 0 for success, or -1 for unsupported core type.
420 int stlink_load_device_params(stlink_t *sl) {
421 ILOG("Loading device parameters....\n");
422 const chip_params_t *params = NULL;
423 sl->core_id = stlink_core_id(sl);
424 uint32_t chip_id = stlink_chip_id(sl);
426 sl->chip_id = chip_id & 0xfff;
427 /* Fix chip_id for F4 rev A errata , Read CPU ID, as CoreID is the same for F2/F4*/
428 if (sl->chip_id == 0x411) {
429 uint32_t cpuid = stlink_read_debug32(sl, 0xE000ED00);
430 if((cpuid & 0xfff0) == 0xc240)
434 for(size_t i = 0; i < sizeof(devices) / sizeof(devices[0]); i++) {
435 if(devices[i].chip_id == sl->chip_id) {
436 params = &devices[i];
440 if (params == NULL) {
441 WLOG("unknown chip id! %#x\n", chip_id);
445 // These are fixed...
446 sl->flash_base = STM32_FLASH_BASE;
447 sl->sram_base = STM32_SRAM_BASE;
449 // read flash size from hardware, if possible...
450 if (sl->chip_id == STM32_CHIPID_F2) {
451 sl->flash_size = 0; // FIXME - need to work this out some other way, just set to max possible?
452 } else if (sl->chip_id == STM32_CHIPID_F4) {
453 sl->flash_size = 0x100000; //todo: RM0090 error; size register same address as unique ID
455 uint32_t flash_size = stlink_read_debug32(sl, params->flash_size_reg) & 0xffff;
456 sl->flash_size = flash_size * 1024;
458 sl->flash_pgsz = params->flash_pagesize;
459 sl->sram_size = params->sram_size;
460 sl->sys_base = params->bootrom_base;
461 sl->sys_size = params->bootrom_size;
463 ILOG("Device connected is: %s, id %#x\n", params->description, chip_id);
464 // TODO make note of variable page size here.....
465 ILOG("SRAM size: %#x bytes (%d KiB), Flash: %#x bytes (%d KiB) in pages of %zd bytes\n",
466 sl->sram_size, sl->sram_size / 1024, sl->flash_size, sl->flash_size / 1024,
471 void stlink_reset(stlink_t *sl) {
472 DLOG("*** stlink_reset ***\n");
473 sl->backend->reset(sl);
476 void stlink_jtag_reset(stlink_t *sl, int value) {
477 DLOG("*** stlink_jtag_reset ***\n");
478 sl->backend->jtag_reset(sl, value);
481 void stlink_run(stlink_t *sl) {
482 DLOG("*** stlink_run ***\n");
483 sl->backend->run(sl);
486 void stlink_status(stlink_t *sl) {
487 DLOG("*** stlink_status ***\n");
488 sl->backend->status(sl);
489 stlink_core_stat(sl);
493 * Decode the version bits, originally from -sg, verified with usb
494 * @param sl stlink context, assumed to contain valid data in the buffer
495 * @param slv output parsed version object
497 void _parse_version(stlink_t *sl, stlink_version_t *slv) {
498 uint32_t b0 = sl->q_buf[0]; //lsb
499 uint32_t b1 = sl->q_buf[1];
500 uint32_t b2 = sl->q_buf[2];
501 uint32_t b3 = sl->q_buf[3];
502 uint32_t b4 = sl->q_buf[4];
503 uint32_t b5 = sl->q_buf[5]; //msb
505 // b0 b1 || b2 b3 | b4 b5
506 // 4b | 6b | 6b || 2B | 2B
507 // stlink_v | jtag_v | swim_v || st_vid | stlink_pid
509 slv->stlink_v = (b0 & 0xf0) >> 4;
510 slv->jtag_v = ((b0 & 0x0f) << 2) | ((b1 & 0xc0) >> 6);
511 slv->swim_v = b1 & 0x3f;
512 slv->st_vid = (b3 << 8) | b2;
513 slv->stlink_pid = (b5 << 8) | b4;
517 void stlink_version(stlink_t *sl) {
518 DLOG("*** looking up stlink version\n");
519 sl->backend->version(sl);
520 _parse_version(sl, &sl->version);
522 DLOG("st vid = 0x%04x (expect 0x%04x)\n", sl->version.st_vid, USB_ST_VID);
523 DLOG("stlink pid = 0x%04x\n", sl->version.stlink_pid);
524 DLOG("stlink version = 0x%x\n", sl->version.stlink_v);
525 DLOG("jtag version = 0x%x\n", sl->version.jtag_v);
526 DLOG("swim version = 0x%x\n", sl->version.swim_v);
527 if (sl->version.jtag_v == 0) {
528 DLOG(" notice: the firmware doesn't support a jtag/swd interface\n");
530 if (sl->version.swim_v == 0) {
531 DLOG(" notice: the firmware doesn't support a swim interface\n");
535 uint32_t stlink_read_debug32(stlink_t *sl, uint32_t addr) {
536 uint32_t data = sl->backend->read_debug32(sl, addr);
537 DLOG("*** stlink_read_debug32 %x is %#x\n", data, addr);
541 void stlink_write_debug32(stlink_t *sl, uint32_t addr, uint32_t data) {
542 DLOG("*** stlink_write_debug32 %x to %#x\n", data, addr);
543 sl->backend->write_debug32(sl, addr, data);
546 void stlink_write_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
547 DLOG("*** stlink_write_mem32 %u bytes to %#x\n", len, addr);
549 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n", len % 4);
552 sl->backend->write_mem32(sl, addr, len);
555 void stlink_read_mem32(stlink_t *sl, uint32_t addr, uint16_t len) {
556 DLOG("*** stlink_read_mem32 ***\n");
557 if (len % 4 != 0) { // !!! never ever: fw gives just wrong values
558 fprintf(stderr, "Error: Data length doesn't have a 32 bit alignment: +%d byte.\n",
562 sl->backend->read_mem32(sl, addr, len);
565 void stlink_write_mem8(stlink_t *sl, uint32_t addr, uint16_t len) {
566 DLOG("*** stlink_write_mem8 ***\n");
567 if (len > 0x40 ) { // !!! never ever: Writing more then 0x40 bytes gives unexpected behaviour
568 fprintf(stderr, "Error: Data length > 64: +%d byte.\n",
572 sl->backend->write_mem8(sl, addr, len);
575 void stlink_read_all_regs(stlink_t *sl, reg *regp) {
576 DLOG("*** stlink_read_all_regs ***\n");
577 sl->backend->read_all_regs(sl, regp);
580 void stlink_write_reg(stlink_t *sl, uint32_t reg, int idx) {
581 DLOG("*** stlink_write_reg\n");
582 sl->backend->write_reg(sl, reg, idx);
585 void stlink_read_reg(stlink_t *sl, int r_idx, reg *regp) {
586 DLOG("*** stlink_read_reg\n");
587 DLOG(" (%d) ***\n", r_idx);
589 if (r_idx > 20 || r_idx < 0) {
590 fprintf(stderr, "Error: register index must be in [0..20]\n");
594 sl->backend->read_reg(sl, r_idx, regp);
597 unsigned int is_core_halted(stlink_t *sl) {
598 /* return non zero if core is halted */
600 return sl->q_buf[0] == STLINK_CORE_HALTED;
603 void stlink_step(stlink_t *sl) {
604 DLOG("*** stlink_step ***\n");
605 sl->backend->step(sl);
608 int stlink_current_mode(stlink_t *sl) {
609 int mode = sl->backend->current_mode(sl);
611 case STLINK_DEV_DFU_MODE:
612 DLOG("stlink current mode: dfu\n");
614 case STLINK_DEV_DEBUG_MODE:
615 DLOG("stlink current mode: debug (jtag or swd)\n");
617 case STLINK_DEV_MASS_MODE:
618 DLOG("stlink current mode: mass\n");
621 DLOG("stlink mode: unknown!\n");
622 return STLINK_DEV_UNKNOWN_MODE;
628 // End of delegates.... Common code below here...
631 // http://www.ibm.com/developerworks/aix/library/au-endianc/index.html
633 // #define is_bigendian() ( (*(char*)&i) == 0 )
635 inline unsigned int is_bigendian(void) {
636 static volatile const unsigned int i = 1;
637 return *(volatile const char*) &i == 0;
640 uint16_t read_uint16(const unsigned char *c, const int pt) {
642 char *p = (char *) &ui;
644 if (!is_bigendian()) { // le -> le (don't swap)
654 // same as above with entrypoint.
656 void stlink_run_at(stlink_t *sl, stm32_addr_t addr) {
657 stlink_write_reg(sl, addr, 15); /* pc register */
661 while (is_core_halted(sl) == 0)
665 void stlink_core_stat(stlink_t *sl) {
669 switch (sl->q_buf[0]) {
670 case STLINK_CORE_RUNNING:
671 sl->core_stat = STLINK_CORE_RUNNING;
672 DLOG(" core status: running\n");
674 case STLINK_CORE_HALTED:
675 sl->core_stat = STLINK_CORE_HALTED;
676 DLOG(" core status: halted\n");
679 sl->core_stat = STLINK_CORE_STAT_UNKNOWN;
680 fprintf(stderr, " core status: unknown\n");
684 void stlink_print_data(stlink_t * sl) {
685 if (sl->q_len <= 0 || sl->verbose < UDEBUG)
688 fprintf(stdout, "data_len = %d 0x%x\n", sl->q_len, sl->q_len);
690 for (int i = 0; i < sl->q_len; i++) {
693 if (sl->q_data_dir == Q_DATA_OUT)
694 fprintf(stdout, "\n<- 0x%08x ", sl->q_addr + i);
696 fprintf(stdout, "\n-> 0x%08x ", sl->q_addr + i);
699 fprintf(stdout, " %02x", (unsigned int) sl->q_buf[i]);
701 fputs("\n\n", stdout);
704 /* memory mapped file */
706 typedef struct mapped_file {
711 #define MAPPED_FILE_INITIALIZER { NULL, 0 }
713 static int map_file(mapped_file_t* mf, const char* path) {
717 const int fd = open(path, O_RDONLY);
719 fprintf(stderr, "open(%s) == -1\n", path);
723 if (fstat(fd, &st) == -1) {
724 fprintf(stderr, "fstat() == -1\n");
728 mf->base = (uint8_t*) mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, fd, 0);
729 if (mf->base == MAP_FAILED) {
730 fprintf(stderr, "mmap() == MAP_FAILED\n");
734 mf->len = st.st_size;
745 static void unmap_file(mapped_file_t * mf) {
746 munmap((void*) mf->base, mf->len);
747 mf->base = (unsigned char*) MAP_FAILED;
751 /* Limit the block size to compare to 0x1800
752 Anything larger will stall the STLINK2
753 Maybe STLINK V1 needs smaller value!*/
754 static int check_file(stlink_t* sl, mapped_file_t* mf, stm32_addr_t addr) {
756 size_t n_cmp = sl->flash_pgsz;
760 for (off = 0; off < mf->len; off += n_cmp) {
763 /* adjust last page size */
764 size_t cmp_size = n_cmp;
765 if ((off + n_cmp) > mf->len)
766 cmp_size = mf->len - off;
768 aligned_size = cmp_size;
769 if (aligned_size & (4 - 1))
770 aligned_size = (cmp_size + 4) & ~(4 - 1);
772 stlink_read_mem32(sl, addr + off, aligned_size);
774 if (memcmp(sl->q_buf, mf->base + off, cmp_size))
781 int stlink_fwrite_sram
782 (stlink_t * sl, const char* path, stm32_addr_t addr) {
783 /* write the file in sram at addr */
787 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
789 if (map_file(&mf, path) == -1) {
790 fprintf(stderr, "map_file() == -1\n");
794 /* check addr range is inside the sram */
795 if (addr < sl->sram_base) {
796 fprintf(stderr, "addr too low\n");
798 } else if ((addr + mf.len) < addr) {
799 fprintf(stderr, "addr overruns\n");
801 } else if ((addr + mf.len) > (sl->sram_base + sl->sram_size)) {
802 fprintf(stderr, "addr too high\n");
804 } else if ((addr & 3) || (mf.len & 3)) {
806 fprintf(stderr, "unaligned addr or size\n");
810 /* do the copy by 1k blocks */
811 for (off = 0; off < mf.len; off += 1024) {
813 if ((off + size) > mf.len)
816 memcpy(sl->q_buf, mf.base + off, size);
818 /* round size if needed */
822 stlink_write_mem32(sl, addr + off, size);
825 /* check the file ha been written */
826 if (check_file(sl, &mf, addr) == -1) {
827 fprintf(stderr, "check_file() == -1\n");
834 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
835 /* Set PC to the reset routine*/
836 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
844 int stlink_fread(stlink_t* sl, const char* path, stm32_addr_t addr, size_t size) {
845 /* read size bytes from addr to file */
850 unsigned char erased_pattern =(sl->chip_id == STM32_CHIPID_L1_MEDIUM)?0:0xff;
852 const int fd = open(path, O_RDWR | O_TRUNC | O_CREAT, 00700);
854 fprintf(stderr, "open(%s) == -1\n", path);
859 size = sl->flash_size;
861 if (size > sl->flash_size)
862 size = sl->flash_size;
864 /* do the copy by 1k blocks */
865 for (off = 0; off < size; off += 1024) {
866 size_t read_size = 1024;
869 if ((off + read_size) > size)
870 read_size = size - off;
872 /* round size if needed */
873 rounded_size = read_size;
874 if (rounded_size & 3)
875 rounded_size = (rounded_size + 4) & ~(3);
877 stlink_read_mem32(sl, addr + off, rounded_size);
879 for(index = 0; index < read_size; index ++) {
880 if (sl->q_buf[index] == erased_pattern)
885 if (write(fd, sl->q_buf, read_size) != (ssize_t) read_size) {
886 fprintf(stderr, "write() != read_size\n");
891 /* Ignore NULL Bytes at end of file */
892 ftruncate(fd, size - num_empty);
903 int write_buffer_to_sram(stlink_t *sl, flash_loader_t* fl, const uint8_t* buf, size_t size) {
904 /* write the buffer right after the loader */
905 size_t chunk = size & ~0x3;
906 size_t rem = size & 0x3;
908 memcpy(sl->q_buf, buf, chunk);
909 stlink_write_mem32(sl, fl->buf_addr, chunk);
912 memcpy(sl->q_buf, buf+chunk, rem);
913 stlink_write_mem8(sl, (fl->buf_addr)+chunk, rem);
918 uint32_t calculate_F4_sectornum(uint32_t flashaddr){
919 flashaddr &= ~STM32_FLASH_BASE; //Page now holding the actual flash address
920 if (flashaddr<0x4000) return (0);
921 else if(flashaddr<0x8000) return(1);
922 else if(flashaddr<0xc000) return(2);
923 else if(flashaddr<0x10000) return(3);
924 else if(flashaddr<0x20000) return(4);
925 else return(flashaddr/0x20000)+4;
929 uint32_t stlink_calculate_pagesize(stlink_t *sl, uint32_t flashaddr){
930 if(sl->chip_id == STM32F4_CHIP_ID) {
931 uint32_t sector=calculate_F4_sectornum(flashaddr);
932 if (sector<4) sl->flash_pgsz=0x4000;
933 else if(sector<5) sl->flash_pgsz=0x10000;
934 else sl->flash_pgsz=0x20000;
936 return (sl->flash_pgsz);
940 * Erase a page of flash, assumes sl is fully populated with things like chip/core ids
941 * @param sl stlink context
942 * @param flashaddr an address in the flash page to erase
943 * @return 0 on success -ve on failure
945 int stlink_erase_flash_page(stlink_t *sl, stm32_addr_t flashaddr)
947 if (sl->chip_id == STM32F4_CHIP_ID)
949 /* wait for ongoing op to finish */
952 /* unlock if locked */
955 /* select the page to erase */
956 // calculate the actual page from the address
957 uint32_t sector=calculate_F4_sectornum(flashaddr);
959 fprintf(stderr, "EraseFlash - Sector:0x%x Size:0x%x\n", sector, stlink_calculate_pagesize(sl, flashaddr));
960 write_flash_cr_snb(sl, sector);
962 /* start erase operation */
963 set_flash_cr_strt(sl);
965 /* wait for completion */
968 /* relock the flash */
969 //todo: fails to program if this is in
972 fprintf(stdout, "Erase Final CR:0x%x\n", read_flash_cr(sl));
975 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM)
980 /* disable pecr protection */
981 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
982 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
984 /* check pecr.pelock is cleared */
985 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
988 WLOG("pecr.pelock not clear (%#x)\n", val);
992 /* unlock program memory */
993 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
994 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
996 /* check pecr.prglock is cleared */
997 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1000 WLOG("pecr.prglock not clear (%#x)\n", val);
1004 /* unused: unlock the option byte block */
1006 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0xfbead9c8);
1007 stlink_write_debug32(sl, STM32L_FLASH_OPTKEYR, 0x24252627);
1009 /* check pecr.optlock is cleared */
1010 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1013 fprintf(stderr, "pecr.prglock not clear\n");
1018 /* set pecr.{erase,prog} */
1019 val |= (1 << 9) | (1 << 3);
1020 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1022 #if 0 /* fix_to_be_confirmed */
1024 /* wait for sr.busy to be cleared
1025 MP: Test shows that busy bit is not set here. Perhaps, PM0062 is
1026 wrong and we do not need to wait here for clearing the busy bit.
1027 TEXANE: ok, if experience says so and it works for you, we comment
1028 it. If someone has a problem, please drop an email.
1030 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1034 #endif /* fix_to_be_confirmed */
1036 /* write 0 to the first word of the page to be erased */
1037 stlink_write_debug32(sl, flashaddr, 0);
1039 /* MP: It is better to wait for clearing the busy bit after issuing
1040 page erase command, even though PM0062 recommends to wait before it.
1041 Test shows that a few iterations is performed in the following loop
1042 before busy bit is cleared.*/
1043 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0)
1047 /* reset lock bits */
1048 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1049 | (1 << 0) | (1 << 1) | (1 << 2);
1050 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1052 else if (sl->core_id == STM32VL_CORE_ID)
1054 /* wait for ongoing op to finish */
1055 wait_flash_busy(sl);
1057 /* unlock if locked */
1058 unlock_flash_if(sl);
1060 /* set the page erase bit */
1061 set_flash_cr_per(sl);
1063 /* select the page to erase */
1064 write_flash_ar(sl, flashaddr);
1066 /* start erase operation, reset by hw with bsy bit */
1067 set_flash_cr_strt(sl);
1069 /* wait for completion */
1070 wait_flash_busy(sl);
1072 /* relock the flash */
1077 WLOG("unknown coreid: %x\n", sl->core_id);
1081 /* todo: verify the erased page */
1086 int stlink_erase_flash_mass(stlink_t *sl) {
1087 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM) {
1088 /* erase each page */
1089 int i = 0, num_pages = sl->flash_size/sl->flash_pgsz;
1090 for (i = 0; i < num_pages; i++) {
1091 /* addr must be an addr inside the page */
1092 stm32_addr_t addr = sl->flash_base + i * sl->flash_pgsz;
1093 if (stlink_erase_flash_page(sl, addr) == -1) {
1094 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr);
1097 fprintf(stdout,"\rFlash page at %5d/%5d erased", i, num_pages);
1100 fprintf(stdout, "\n");
1103 /* wait for ongoing op to finish */
1104 wait_flash_busy(sl);
1106 /* unlock if locked */
1107 unlock_flash_if(sl);
1109 /* set the mass erase bit */
1110 set_flash_cr_mer(sl);
1112 /* start erase operation, reset by hw with bsy bit */
1113 set_flash_cr_strt(sl);
1115 /* wait for completion */
1116 wait_flash_busy_progress(sl);
1118 /* relock the flash */
1121 /* todo: verify the erased memory */
1126 int init_flash_loader(stlink_t *sl, flash_loader_t* fl) {
1129 /* allocate the loader in sram */
1130 if (write_loader_to_sram(sl, &fl->loader_addr, &size) == -1) {
1131 WLOG("Failed to write flash loader to sram!\n");
1135 /* allocate a one page buffer in sram right after loader */
1136 fl->buf_addr = fl->loader_addr + size;
1137 ILOG("Successfully loaded flash loader in sram\n");
1141 int write_loader_to_sram(stlink_t *sl, stm32_addr_t* addr, size_t* size) {
1142 /* from openocd, contrib/loaders/flash/stm32.s */
1143 static const uint8_t loader_code_stm32vl[] = {
1144 0x08, 0x4c, /* ldr r4, STM32_FLASH_BASE */
1145 0x1c, 0x44, /* add r4, r3 */
1146 /* write_half_word: */
1147 0x01, 0x23, /* movs r3, #0x01 */
1148 0x23, 0x61, /* str r3, [r4, #STM32_FLASH_CR_OFFSET] */
1149 0x30, 0xf8, 0x02, 0x3b, /* ldrh r3, [r0], #0x02 */
1150 0x21, 0xf8, 0x02, 0x3b, /* strh r3, [r1], #0x02 */
1152 0xe3, 0x68, /* ldr r3, [r4, #STM32_FLASH_SR_OFFSET] */
1153 0x13, 0xf0, 0x01, 0x0f, /* tst r3, #0x01 */
1154 0xfb, 0xd0, /* beq busy */
1155 0x13, 0xf0, 0x14, 0x0f, /* tst r3, #0x14 */
1156 0x01, 0xd1, /* bne exit */
1157 0x01, 0x3a, /* subs r2, r2, #0x01 */
1158 0xf0, 0xd1, /* bne write_half_word */
1160 0x00, 0xbe, /* bkpt #0x00 */
1161 0x00, 0x20, 0x02, 0x40, /* STM32_FLASH_BASE: .word 0x40022000 */
1164 static const uint8_t loader_code_stm32l[] = {
1166 /* openocd.git/contrib/loaders/flash/stm32lx.S
1167 r0, input, dest addr
1168 r1, input, source addr
1169 r2, input, word count
1170 r3, output, word count
1176 0x51, 0xf8, 0x04, 0xcb,
1177 0x40, 0xf8, 0x04, 0xcb,
1185 const uint8_t* loader_code;
1188 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM) /* stm32l */
1190 loader_code = loader_code_stm32l;
1191 loader_size = sizeof(loader_code_stm32l);
1193 else if (sl->core_id == STM32VL_CORE_ID)
1195 loader_code = loader_code_stm32vl;
1196 loader_size = sizeof(loader_code_stm32vl);
1200 WLOG("unknown coreid, not sure what flash loader to use, aborting!: %x\n", sl->core_id);
1204 memcpy(sl->q_buf, loader_code, loader_size);
1205 stlink_write_mem32(sl, sl->sram_base, loader_size);
1207 *addr = sl->sram_base;
1208 *size = loader_size;
1214 int stlink_fcheck_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1215 /* check the contents of path are at addr */
1218 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1220 if (map_file(&mf, path) == -1)
1223 res = check_file(sl, &mf, addr);
1231 * Verify addr..addr+len is binary identical to base...base+len
1232 * @param sl stlink context
1233 * @param address stm device address
1234 * @param data host side buffer to check against
1235 * @param length how much
1236 * @return 0 for success, -ve for failure
1238 int stlink_verify_write_flash(stlink_t *sl, stm32_addr_t address, uint8_t *data, unsigned length) {
1240 if (sl->chip_id == STM32_CHIPID_F4) {
1241 DLOG("(FIXME)Skipping verification for F4, not enough ram (yet)\n");
1244 ILOG("Starting verification of write complete\n");
1245 for (off = 0; off < length; off += sl->flash_pgsz) {
1246 size_t aligned_size;
1248 /* adjust last page size */
1249 size_t cmp_size = sl->flash_pgsz;
1250 if ((off + sl->flash_pgsz) > length)
1251 cmp_size = length - off;
1253 aligned_size = cmp_size;
1254 if (aligned_size & (4 - 1))
1255 aligned_size = (cmp_size + 4) & ~(4 - 1);
1257 stlink_read_mem32(sl, address + off, aligned_size);
1259 if (memcmp(sl->q_buf, data + off, cmp_size)) {
1260 WLOG("Verification of flash failed at offset: %zd\n", off);
1264 ILOG("Flash written and verified! jolly good!\n");
1269 int stm32l1_write_half_pages(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned num_half_pages)
1275 ILOG("Starting Half page flash write for STM32L core id\n");
1276 /* flash loader initialization */
1277 if (init_flash_loader(sl, &fl) == -1) {
1278 WLOG("init_flash_loader() == -1\n");
1281 /* Unlock already done */
1282 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1283 val |= (1 << FLASH_L1_FPRG);
1284 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1286 val |= (1 << FLASH_L1_PROG);
1287 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1288 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {}
1290 #define L1_WRITE_BLOCK_SIZE 0x80
1291 for (count = 0; count < num_half_pages; count ++) {
1292 if (run_flash_loader(sl, &fl, addr + count * L1_WRITE_BLOCK_SIZE, base + count * L1_WRITE_BLOCK_SIZE, L1_WRITE_BLOCK_SIZE) == -1) {
1293 WLOG("l1_run_flash_loader(%#zx) failed! == -1\n", addr + count * L1_WRITE_BLOCK_SIZE);
1294 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1295 val &= ~((1 << FLASH_L1_FPRG) |(1 << FLASH_L1_PROG));
1296 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1299 /* wait for sr.busy to be cleared */
1300 if (sl->verbose >= 1) {
1301 /* show progress. writing procedure is slow
1302 and previous errors are misleading */
1303 fprintf(stdout, "\r%3u/%u halfpages written", count, num_half_pages);
1306 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1309 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1310 val &= ~(1 << FLASH_L1_PROG);
1311 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1312 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1313 val &= ~(1 << FLASH_L1_FPRG);
1314 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1319 int stlink_write_flash(stlink_t *sl, stm32_addr_t addr, uint8_t* base, unsigned len) {
1322 ILOG("Attempting to write %d (%#x) bytes to stm32 address: %u (%#x)\n",
1323 len, len, addr, addr);
1324 /* check addr range is inside the flash */
1325 stlink_calculate_pagesize(sl, addr);
1326 if (addr < sl->flash_base) {
1327 WLOG("addr too low %#x < %#x\n", addr, sl->flash_base);
1329 } else if ((addr + len) < addr) {
1330 WLOG("addr overruns\n");
1332 } else if ((addr + len) > (sl->flash_base + sl->flash_size)) {
1333 WLOG("addr too high\n");
1335 } else if ((addr & 1) || (len & 1)) {
1336 WLOG("unaligned addr or size\n");
1338 } else if (addr & (sl->flash_pgsz - 1)) {
1339 WLOG("addr not a multiple of pagesize, not supported\n");
1343 // Make sure we've loaded the context with the chip details
1345 /* erase each page */
1347 for (off = 0; off < len; off += stlink_calculate_pagesize(sl, addr + off)) {
1348 /* addr must be an addr inside the page */
1349 if (stlink_erase_flash_page(sl, addr + off) == -1) {
1350 WLOG("Failed to erase_flash_page(%#zx) == -1\n", addr + off);
1353 fprintf(stdout,"\rFlash page at addr: 0x%08lx erased",
1354 (unsigned long)addr + off);
1358 fprintf(stdout,"\n");
1359 ILOG("Finished erasing %d pages of %d (%#x) bytes\n",
1360 page_count, sl->flash_pgsz, sl->flash_pgsz);
1362 if (sl->chip_id == STM32F4_CHIP_ID) {
1363 /* todo: check write operation */
1365 /* First unlock the cr */
1366 unlock_flash_if(sl);
1368 /* TODO: Check that Voltage range is 2.7 - 3.6 V */
1369 /* set parallelisim to 32 bit*/
1370 write_flash_cr_psiz(sl, 2);
1372 /* set programming mode */
1373 set_flash_cr_pg(sl);
1375 #define PROGRESS_CHUNK_SIZE 0x1000
1376 /* write a word in program memory */
1377 for (off = 0; off < len; off += sizeof(uint32_t)) {
1379 if (sl->verbose >= 1) {
1380 if ((off & (PROGRESS_CHUNK_SIZE - 1)) == 0) {
1381 /* show progress. writing procedure is slow
1382 and previous errors are misleading */
1383 const uint32_t pgnum = (off / PROGRESS_CHUNK_SIZE)+1;
1384 const uint32_t pgcount = len / PROGRESS_CHUNK_SIZE;
1385 fprintf(stdout, "Writing %ukB chunk %u out of %u\n", PROGRESS_CHUNK_SIZE/1024, pgnum, pgcount);
1389 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1390 stlink_write_debug32(sl, addr + off, data);
1392 /* wait for sr.busy to be cleared */
1393 wait_flash_busy(sl);
1399 #if 0 /* todo: debug mode */
1400 fprintf(stdout, "Final CR:0x%x\n", read_flash_cr(sl));
1407 else if (sl->chip_id == STM32_CHIPID_L1_MEDIUM) {
1408 /* use fast word write. todo: half page. */
1411 #if 0 /* todo: check write operation */
1413 uint32_t nwrites = sl->flash_pgsz;
1417 #endif /* todo: check write operation */
1419 /* disable pecr protection */
1420 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x89abcdef);
1421 stlink_write_debug32(sl, STM32L_FLASH_PEKEYR, 0x02030405);
1423 /* check pecr.pelock is cleared */
1424 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1425 if (val & (1 << 0)) {
1426 fprintf(stderr, "pecr.pelock not clear\n");
1430 /* unlock program memory */
1431 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x8c9daebf);
1432 stlink_write_debug32(sl, STM32L_FLASH_PRGKEYR, 0x13141516);
1434 /* check pecr.prglock is cleared */
1435 val = stlink_read_debug32(sl, STM32L_FLASH_PECR);
1436 if (val & (1 << 1)) {
1437 fprintf(stderr, "pecr.prglock not clear\n");
1441 if (len > L1_WRITE_BLOCK_SIZE) {
1442 if (stm32l1_write_half_pages(sl, addr, base, len/L1_WRITE_BLOCK_SIZE) == -1){
1443 /* This may happen on a blank device! */
1444 WLOG("\nwrite_half_pages failed == -1\n");
1447 off = (len /L1_WRITE_BLOCK_SIZE)*L1_WRITE_BLOCK_SIZE;
1451 /* write remainingword in program memory */
1452 for ( ; off < len; off += sizeof(uint32_t)) {
1455 fprintf(stdout, "\r");
1457 if ((off % sl->flash_pgsz) > (sl->flash_pgsz -5)) {
1458 fprintf(stdout, "\r%3u/%u pages written",
1459 off/sl->flash_pgsz, len/sl->flash_pgsz);
1463 write_uint32((unsigned char*) &data, *(uint32_t*) (base + off));
1464 stlink_write_debug32(sl, addr + off, data);
1466 /* wait for sr.busy to be cleared */
1467 while ((stlink_read_debug32(sl, STM32L_FLASH_SR) & (1 << 0)) != 0) {
1470 #if 0 /* todo: check redo write operation */
1472 /* check written bytes. todo: should be on a per page basis. */
1473 data = stlink_read_debug32(sl, addr + off);
1474 if (data == *(uint32_t*)(base + off)) {
1475 /* re erase the page and redo the write operation */
1479 /* fail if successive write count too low */
1480 if (nwrites < sl->flash_pgsz) {
1481 fprintf(stderr, "writes operation failure count too high, aborting\n");
1487 /* assume addr aligned */
1488 if (off % sl->flash_pgsz) off &= ~(sl->flash_pgsz - 1);
1491 fprintf(stderr, "invalid write @0x%x(0x%x): 0x%x != 0x%x. retrying.\n",
1492 page, addr + off, read_uint32(base + off, 0), read_uint32(sl->q_buf, 0));
1494 /* reset lock bits */
1495 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1496 | (1 << 0) | (1 << 1) | (1 << 2);
1497 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1499 stlink_erase_flash_page(sl, page);
1504 /* increment successive writes counter */
1507 #endif /* todo: check redo write operation */
1509 fprintf(stdout, "\n");
1510 /* reset lock bits */
1511 val = stlink_read_debug32(sl, STM32L_FLASH_PECR)
1512 | (1 << 0) | (1 << 1) | (1 << 2);
1513 stlink_write_debug32(sl, STM32L_FLASH_PECR, val);
1514 } else if (sl->core_id == STM32VL_CORE_ID) {
1515 ILOG("Starting Flash write for VL core id\n");
1516 /* flash loader initialization */
1517 if (init_flash_loader(sl, &fl) == -1) {
1518 WLOG("init_flash_loader() == -1\n");
1522 int write_block_count = 0;
1523 for (off = 0; off < len; off += sl->flash_pgsz) {
1524 /* adjust last write size */
1525 size_t size = sl->flash_pgsz;
1526 if ((off + sl->flash_pgsz) > len) size = len - off;
1528 /* unlock and set programming mode */
1529 unlock_flash_if(sl);
1530 set_flash_cr_pg(sl);
1531 //DLOG("Finished setting flash cr pg, running loader!\n");
1532 if (run_flash_loader(sl, &fl, addr + off, base + off, size) == -1) {
1533 WLOG("run_flash_loader(%#zx) failed! == -1\n", addr + off);
1537 if (sl->verbose >= 1) {
1538 /* show progress. writing procedure is slow
1539 and previous errors are misleading */
1540 fprintf(stdout, "\r%3u/%lu pages written", write_block_count++, (unsigned long)len/sl->flash_pgsz);
1544 fprintf(stdout, "\n");
1546 WLOG("unknown coreid, not sure how to write: %x\n", sl->core_id);
1550 return stlink_verify_write_flash(sl, addr, base, len);
1554 * Write the given binary file into flash at address "addr"
1556 * @param path readable file path, should be binary image
1557 * @param addr where to start writing
1558 * @return 0 on success, -ve on failure.
1560 int stlink_fwrite_flash(stlink_t *sl, const char* path, stm32_addr_t addr) {
1561 /* write the file in flash at addr */
1563 unsigned int num_empty = 0, index;
1564 unsigned char erased_pattern =(sl->chip_id == STM32_CHIPID_L1_MEDIUM)?0:0xff;
1565 mapped_file_t mf = MAPPED_FILE_INITIALIZER;
1566 if (map_file(&mf, path) == -1) {
1567 WLOG("map_file() == -1\n");
1570 for(index = 0; index < mf.len; index ++) {
1571 if (mf.base[index] == erased_pattern)
1576 if(num_empty != 0) {
1577 ILOG("Ignoring %d bytes of Zeros at end of file\n",num_empty);
1578 mf.len -= num_empty;
1580 err = stlink_write_flash(sl, addr, mf.base, mf.len);
1582 stlink_write_reg(sl, stlink_read_debug32(sl, addr ),13);
1583 /* Set PC to the reset routine*/
1584 stlink_write_reg(sl, stlink_read_debug32(sl, addr + 4),15);
1590 int run_flash_loader(stlink_t *sl, flash_loader_t* fl, stm32_addr_t target, const uint8_t* buf, size_t size) {
1594 DLOG("Running flash loader, write address:%#x, size: %zd\n", target, size);
1595 // FIXME This can never return -1
1596 if (write_buffer_to_sram(sl, fl, buf, size) == -1) {
1598 WLOG("write_buffer_to_sram() == -1\n");
1602 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM) {
1604 size_t count = size / sizeof(uint32_t);
1605 if (size % sizeof(uint32_t)) ++count;
1608 stlink_write_reg(sl, target, 0); /* target */
1609 stlink_write_reg(sl, fl->buf_addr, 1); /* source */
1610 stlink_write_reg(sl, count, 2); /* count (32 bits words) */
1611 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1613 } else if (sl->core_id == STM32VL_CORE_ID) {
1615 size_t count = size / sizeof(uint16_t);
1616 if (size % sizeof(uint16_t)) ++count;
1619 stlink_write_reg(sl, fl->buf_addr, 0); /* source */
1620 stlink_write_reg(sl, target, 1); /* target */
1621 stlink_write_reg(sl, count, 2); /* count (16 bits half words) */
1622 stlink_write_reg(sl, 0, 3); /* flash bank 0 (input) */
1623 stlink_write_reg(sl, fl->loader_addr, 15); /* pc register */
1626 fprintf(stderr, "unknown coreid: 0x%x\n", sl->core_id);
1633 /* wait until done (reaches breakpoint) */
1634 while ((is_core_halted(sl) == 0) && (i <1000))
1640 fprintf(stderr, "run error\n");
1644 /* check written byte count */
1645 if (sl->chip_id == STM32_CHIPID_L1_MEDIUM) {
1647 size_t count = size / sizeof(uint32_t);
1648 if (size % sizeof(uint32_t)) ++count;
1650 stlink_read_reg(sl, 3, &rr);
1651 if (rr.r[3] != count) {
1652 fprintf(stderr, "write error, count == %u\n", rr.r[3]);
1656 } else if (sl->core_id == STM32VL_CORE_ID) {
1658 stlink_read_reg(sl, 2, &rr);
1660 fprintf(stderr, "write error, count == %u\n", rr.r[2]);
1666 fprintf(stderr, "unknown coreid: 0x%x\n", sl->core_id);