**** BEGIN LOGGING AT Tue Apr 17 02:59:56 2007
Apr 17 12:19:26 <Trou> hello people
Apr 17 12:19:55 <Trou> i was surveying available jtag hardware for reverse engineering and wondered if you could help me
Apr 17 12:20:06 <Trou> i already built a wiggler clone which functions well
Apr 17 12:20:10 <Trou> but it's awfully slwo
Apr 17 12:20:26 <Trou> so I have checked some commercial offerings like usb2demon
Apr 17 12:20:39 <Trou> which look faster but are not compatible with opensource tools and not documented
Apr 17 12:21:06 <Trou> so I wondered if anyone had experiences with commercial jtags and could tell me if they are worth anything
Apr 17 12:21:23 <Trou> or if i'd better go and get used to waiting with my wiggler cable
Apr 17 12:21:34 <Trou> the main objective if flash reading / writing
Apr 17 12:21:47 <Trou> like with hairydairymaid's utility
Apr 17 12:22:28 <Trou> or if anyone understands FASTDATA in the EJTAG spec, i'd be glad to have a meaningul explanation ;)
Apr 17 12:24:16 <drath> I'm mostly concerned with ARM based targets, and know little about MIPS
Apr 17 12:25:23 <drath> The FT2232 from FTDI can be used as a JTAG interface - see openocd.berlios.de for an open source project using it for ARM debugging
Apr 17 12:25:37 <drath> Which software are you using with the Wiggler?
Apr 17 12:25:57 <Trou> hairydairymaid's
Apr 17 12:26:25 <Trou> mainly used by openwrt users to debrick their linksys/MIPS based routers
Apr 17 12:26:45 <Trou> i think i saw some things based on the FT2232 but I don't think they support MIPS
Apr 17 12:27:08 <drath> no, they don't at the moment, but it's fully documented
Apr 17 12:27:14 <Trou> at least openocd does not
Apr 17 12:27:17 <Trou> hmm
Apr 17 12:28:22 <drath> The major problem isn't going to be the JTAG hardware - the JTAG protocol is rather simple
Apr 17 12:28:38 <drath> But the software site is difficult, i.e. what to send over JTAG to talk to your target
Apr 17 12:29:00 <drath> s/site/side/
Apr 17 12:29:00 <purl> drath meant: But the software side is difficult, i.e. what to send over JTAG to talk to your target
Apr 17 12:29:10 <Trou> yes
Apr 17 12:29:15 <Trou> but atm this part is OK
Apr 17 12:29:37 <drath> yeah - and I think you might be able to extend whatever JTAG tool you're currently using to make use of the FT2232
Apr 17 12:29:39 <Trou> the debrick utility uses processor access to access the flash to send the data to the JTAG
Apr 17 12:29:44 <Trou> yeah OK
Apr 17 12:30:15 <Trou> what's the speed difference between a wiggler and a JT2232 based cable ?
Apr 17 12:30:31 <Trou> because atm it take 24h to dump the 16MB of flash of the router i'm working on :x
Apr 17 12:30:45 <drath> the FT2232 can do up to 6mhz in theory, during ARM debug I get ~1.5mhz effective
Apr 17 12:30:50 <drath> a wiggler does ~200kHz
Apr 17 12:31:18 <drath> but it really depends on the target requirements, and i don't know mips enough
Apr 17 12:31:29 <drath> do you have a link to 14:26 < Trou> hairydairymaid's
Apr 17 12:31:50 <Trou> http://downloads.openwrt.org/utils/HairyDairyMaid_WRT54G_Debrick_Utility_v48.zip
Apr 17 12:32:00 <Trou> it implements the EJTAG protocol
Apr 17 12:34:02 <drath> hum, ok, guess it would require a major rewrite
Apr 17 12:34:35 <drath> when using a parallelport, you just toggle the port pins when you want to
Apr 17 12:34:44 <drath> but when using the USB, you have to queue larger command sequences
Apr 17 12:34:58 <drath> to achieve reasonable throughput
Apr 17 12:35:17 <Trou> hmm ok
Apr 17 12:35:31 <Trou> maybe modifying openocd would be easier ?
Apr 17 12:37:13 <Trou> looks like it probably would
Apr 17 12:38:31 <drath> well, being the OpenOCD's author of course I'd like to see someone extend it to another architecture - but the OpenOCD aims to be a complete debugger, and probably requires you to implement a lot of stuff which you wouldn't need to just read/write flash
Apr 17 12:38:58 <Trou> indeed
Apr 17 12:39:05 <Trou> a full debugger wouldn't be bad
Apr 17 12:39:19 <Trou> but I surely won't have the time to do this
Apr 17 12:39:52 <Trou> my employer wouldn't like to see me working full time on this I bet :(
Apr 17 12:39:55 <drath> ok, you could replace ReadWriteData from hairdydairymaid's with something using FT2232 quite easily
Apr 17 12:40:20 <drath> but i'm not sure if that's enough to achieve a performance gain over a wiggler
Apr 17 12:40:55 <drath> every USB read-write is going to take 2-10ms, so you could only do 100-500 32-bit accesses
Apr 17 12:41:38 <drath> on the wiggler, scanning 32 bit should roughly take 100us
Apr 17 12:42:05 <Trou> the difference is not really worth it
Apr 17 12:42:18 <drath> no, it's actually 20x worse than a wiggler
Apr 17 12:42:39 <Trou> I should probably implement the FASTDATA mechanism
Apr 17 12:42:44 <Trou> ah yeah I read 100ms
Apr 17 12:44:13 <Trou> thanks a lot for the info :)
Apr 17 12:44:36 <drath> you're welcome
Apr 17 23:54:00 <flyback> http://www.youtube.com/watch?v=M7w5OUXwTZs <--- HOLY MOTHER OF CANUCK
Apr 17 23:56:40 <flyback> j4k3 http://www.youtube.com/watch?v=M7w5OUXwTZs <--- YOU GO TO HELL AND YOU DIE
Apr 17 23:57:06 <flyback> opps wrong /msg sorry
**** ENDING LOGGING AT Wed Apr 18 02:59:56 2007