oharboe [Tue, 25 Aug 2009 20:02:19 +0000 (20:02 +0000)]
David Brownell <david-b@pacbell.net> Tweak disassembly commands:
For ARMv4/ARMv5:
- better command parameter error checking
- don't require an instruction count; default to one
- recognize thumb function addresses
- make function static
- shorten some too-long lines
For Cortex-M3:
- don't require an instruction count; default to one
With the relevant doc updates.
---
Nyet done: invoke the thumb2 disassembler on v4/v5,
to better handle branch instructions.
oharboe [Tue, 25 Aug 2009 19:59:55 +0000 (19:59 +0000)]
David Brownell <david-b@pacbell.net> More jtag_add_reset() cleanup:
Unify the handling of the req_srst parameter, and rip out a
large NOP branch and its associated FIXME. (There didn't seem
to be anything that needs fixing; but that was unclear since
the constraints were scattered all over the place not unified.)
oharboe [Tue, 25 Aug 2009 19:58:06 +0000 (19:58 +0000)]
David Brownell <david-b@pacbell.net> More jtag_add_reset() cleanup:
Unify the handling of the req_tlr_or_trst parameter. Basically,
JTAG TMS+TCK ops ("TLR") is always used ... unless TRST is a safe
option in this system configuration.
oharboe [Tue, 25 Aug 2009 19:55:32 +0000 (19:55 +0000)]
David Brownell <david-b@pacbell.net> Some jtag_add_reset() cleanup:
- Track whether TRST and/or SRST actually change:
* If they're not changing, don't ask the JTAG adapter to do anything!
(JTAG TCK/TMS ops might still be used to enter TAP_RESET though.)
* Don't change their recorded values until after the adapter says it
did so ... so fault paths can't leave corrupt state.
* Detect and report jtag_execute_queue() failure mode
* Only emit messages saying what really changed; this includes adding
an omitted "deasserted TRST" message.
* Only apply delays after deasserting SRST/TRST if we *DID* deassert!
- Messages say "TLR" not "RESET", to be less confusing; there are many
kinds of reset. (Though "TLR" isn't quite ideal either, since it's
the name of the TAP state being entered by TMS+TCK or TRST; it's at
least non-ambiguous in context.)
So the main effect is to do only the work this routine was told to do;
and to have debug messaging make more sense.
oharboe [Tue, 25 Aug 2009 19:52:02 +0000 (19:52 +0000)]
David Brownell <david-b@pacbell.net> Accomodate targets which don't support various target-specific
reset operations. Maybe they can't; or it's a "not yet" thing.
Note that the assert/deassert operations can't yet trigger for
OMAP3 because resets currently include JTAG reset in all cases,
resetting the ICEpick and thus disabling the TAP for Cortex-A8.
oharboe [Tue, 25 Aug 2009 07:17:19 +0000 (07:17 +0000)]
strange.... the code build and links w/Linux GCC target but fails w/arm-elf. The code was clearly broken as it was missing two extern's in the .h file...
oharboe [Tue, 25 Aug 2009 07:09:48 +0000 (07:09 +0000)]
Michael Schwingen <rincewind@discworld.dascon.de> The attached patch adds a "xscale vector_table" command that allows to set
the values that are written in the mini-IC (plus documentation updates that
describe why this is needed).
oharboe [Tue, 25 Aug 2009 07:04:25 +0000 (07:04 +0000)]
Audrius Urmanavičius <didele.deze@gmail.com> Latest source (R2606) does not compile under Windows+Cygwin - fails with error about possibly uninitialized use of variable 'ch'.
oharboe [Tue, 25 Aug 2009 06:58:34 +0000 (06:58 +0000)]
David Brownell The rest of the Cortex-A8 support from Magnus: replace the previous
nonfunctional cortex_a8 code with something that at least basically
works (for halt/step/resume, without MMU) even if it is incomplete.
(With tweaks from Øyvind, and cleanup from Dave.)
This code has mainly been developed and tested against R1606, it has
been built and tested against R2294 where it runs but step and resume
commands are broken due to regression (which should be fixed now).
This code is really written for OMAP3530. It doesn't identify debug
resources using generic DAP calls to scan the ROM table, or perform
topology detection. The OMAP3530 DAP exposes two memory access ports:
- Port #0 is connected to L3 interconnect (the main bus) with
passthrough to the L4 EMU bus ... so it will be used for most
memory accesses.
- Port #1 is connected to a dedicated debug bus (L4 EMU), with
access to L4 Wakeup, and holds the ROM table ... so it must
be used for most debug and control operations.
The are some defines to handle this in cortex_a8.c, which should be
replaced with more general code. Having access to another Cortex-A8
implementation would help get that right.
oharboe [Tue, 25 Aug 2009 06:57:26 +0000 (06:57 +0000)]
David Brownell Subset of Cortex-A8 support from Magnus: create an armv7a file
and seed it with DAP access support using the current ADIv5 code.
(With tweaks and cleanup from Øyvind and Dave.)
The ARMv7-AR architecture manual is not publicly available (even
in subset form like the ARMv7-M spec), so it's hard to distinguish
between the Cortex-A8 implementation and the ARMv7-A architecture.
The register set presumably is architectural, and so it's stored
here; it's like earlier ARMs, with small additions. Ditto the
instruction set, though Thumb2 support is used (extending Thumb
support from ARMv6 with more 32-bit instructions) and there's this
ThumbEE thing too. There is a new "debug monitor" mode, not yet
fully addressed here, to support debugging in environments (like
motor control) where halting debug mode is inadvisable.
oharboe [Mon, 24 Aug 2009 07:26:05 +0000 (07:26 +0000)]
Jonas Horberg <jhorberg@sauer-danfoss.com>
The trunk is currently broken for interfaces without
the speed_div function (interface specific clock speed
value to kHz conversion). Example: parport.
oharboe [Thu, 20 Aug 2009 08:55:34 +0000 (08:55 +0000)]
Piotr Ziecik <kosmo@semihalf.com> This patch adds handling blank characters between hex digits in
SVF file, making OpenOCD compatible with files generated by
Altera Quatrus II 9.0.
ntfreak [Thu, 20 Aug 2009 07:54:49 +0000 (07:54 +0000)]
- remove enable-ft2232-highspeed configure option, high speed ftdi support is now detected during the configure stage
- warning now issued if high speed ftdi device found and openocd was built using an old driver
oharboe [Thu, 20 Aug 2009 07:15:46 +0000 (07:15 +0000)]
David Brownell <david-b@pacbell.net>More Thumb2 disassembly:
ARMv7-M: A5.3.6 Load/store dual or exclusive, table branch
GCC will generate the table branch instructions, usually with inlined
tables that will confuse this disassembler. LDREX and STREX are not
issued by GCC without inline assembly.
This means all Thumb2 instructions implemented by Cortex-M3 can now
be disassembled. Cortex-A8 cores support more Thumb2 instructions,
but most of those aren't yet publicly documented.
oharboe [Wed, 19 Aug 2009 06:30:08 +0000 (06:30 +0000)]
David Brownell <david-b@pacbell.net> Clean up some Cortex-M3 reset handling.
- AIRCR_SYSRESETREQ is generic; use it on any system where
SRST won't fly, not just on Stellaris-based ones.
- Reformat and improve comments about the Stellaris quirk; and
xref the only public docs (an email) about the issue.
It seems that *most* Stellaris chips have this problem. Tempest
parts aren't yet in general sampling; and if rev B silicon for
earlier chips exists, it's not very visible yet.
ntfreak [Tue, 18 Aug 2009 19:55:01 +0000 (19:55 +0000)]
David Brownell [david-b@pacbell.net]:
Simplify dumping of register lists by only printing cached values
if they are marked as valid. Most of the time, they are invalid;
so printing *any* value is just misleading.
Note that for ARM7 and ARM9 most EmbeddedICE registers (except for
debug status) could be cached most of the time; and their register
cache isn't maintained properly (many accesses seem to bypass that
cache code).
ntfreak [Tue, 18 Aug 2009 14:41:58 +0000 (14:41 +0000)]
Jonas Horberg [jhorberg@sauer-danfoss.com]
https://lists.berlios.de/pipermail/openocd-development/2009-August/009939.html
1. It can only be built with the FTD2XX driver. libftdi supports FT2232H/FT4232H
since version 0.16
2. A speed value of 0 is used as a RTCK request indicator. This clashes with the
valid clock division value 0 that provide the highest fixed clock frequency.
3. The ft2232_speed_div function return the maximum selectable frequency (30MHz)
when RTCK is activated. It should return 0.
4. The ft2232_khz function return ERROR_OK when RTCK is requested even for
devices lacking RTCK support. It should return ERROR_FAIL so the upper driver layers
can detect this and try to fallback to a fixed frequency.
5. FT2232H/FT4232H have a backward compatibility function that divide the clock
by 5 to get the same frequency range as FT2232D. There is no code that disable
this functionality. I can not find anything about if this is enabled or disabled by default.
I think it is safest to actively disable it.
oharboe [Tue, 18 Aug 2009 10:27:24 +0000 (10:27 +0000)]
David Brownell <david-b@pacbell.net> Cleanup the Stellaris target configs:
- remove endianness options; these chips hard-wire "little"
- $_TARGETNAME updates:
* don't pass $_TARGETNAME where a TAP label is required
* flash config uses $_TARGETNAME (it might not be target #0)
* simplify one $_TARGETNAME construction
- update work area setup:
* remove VM spec; these chips have no VM!
* fix some wrong sizes (0x4000 == 16K, not 4K)
* simplify: take defaults
- comment fixups
oharboe [Tue, 18 Aug 2009 10:25:28 +0000 (10:25 +0000)]
David Brownell <david-b@pacbell.net> Add "cortex_m3 vector_catch" command and docs. One minor
issue with this is that the core debug support uses this
mechanism, then trashes its state over reset. Users can
Work around that (for now) by re-assigning the desired
config after reset.
Also fixes "target halted due to target-not-halted" goof.
When we can't describe the reason using OpenOCD's limited
vocabulary, say "reason undefined" instead of saying it's
not halted.
oharboe [Tue, 18 Aug 2009 10:22:44 +0000 (10:22 +0000)]
David Brownell <david-b@pacbell.net> Clean up ARM7/ARM9 EmbeddedICE register handling ... don't use parallel
arrays (error prone) or assume all registers are 32-bits wide (they can
have fewer bits); don't use spaces in register names, so they can be
passed more easily to the "reg" command.
Minor updates for ARM9 vector_catch support: it's an 8-bit value. This
seems to help this core's vector_catch command work a bit better; but its
behavior wih the register cache is still goofy.
oharboe [Tue, 18 Aug 2009 10:20:25 +0000 (10:20 +0000)]
David Brownell <david-b@pacbell.net> Several of the ARMv7M registers are 8 bits or less; don't
display them as 32 bits unless that's their true size.
(Removes some confusion.
oharboe [Tue, 18 Aug 2009 10:18:18 +0000 (10:18 +0000)]
Piotr Ziecik <kosmo@semihalf.com> Due to errors in chipselect management in davinci_nand driver
OpenOCD was able to access only to chips attached to first EMIF
chipselect. This patch fixes chipselect management code and allows
OpenOCD to access to NAND devices attached to any EMIF CS line.
David Brownell <david-b@pacbell.net> More testcase work:
A5.3.11 Data processing (shifted register)
The usual kinds of problems; the most noteworthy were that
the "S"et flags bit was mis-handled in these instructions.
---
This is the last patch from a quickie set of tests covering all
encodings of the instructions with 32-bit opcodes. There may
be some corner cases left, plus the instructions that aren't
yet handled, but the Thumb2 disassembler is no longer just
"lightly" tested with GCC output ... the new code paths have
mostly been verified.
There was a longstanding bug in Thumb-1 LDM; the rest of the LDM/STM
fixes are just using width specs to match UAL syntax, except for two
opcode name typos. Load word had two bitmask goofs.
David Brownell <david-b@pacbell.net> More fixes from test cases:
A5.3.8 Load halfword, unallocated memory hints
It's mostly the usual sort of bitmasking goofage and getting the
width specs right. In one case an older x86 GCC generated bad code
unless I structred a conditional differently (sigh).
David Brownell <david-b@pacbell.net> More instruction decoding fixes:
A5.3.5 Load/store multiple
A5.3.7 Load word
There was a longstanding bug in Thumb-1 LDM; the rest of the LDM/STM
fixes are just using width specs to match UAL syntax, except for two
opcode name typos. Load word had two bitmask goofs.
David Brownell <david-b@pacbell.net> Bugfix some instruction decoding ... I've crafted asm files
with testcases covering several new encodings in these sections
of the ARMv7-M arch manual:
A5.3.12 Data processing (register)
A5.3.13 Miscellaneous operations
A5.3.14 Multiply, and multiply accumulate
A5.3.15 Long multiply, long multiply accumulate, and divide
The issues were mostly in '12 and '13; some new related 16-bit
opcodes had issues too.
Andreas Fritiofson <andreas.fritiofson@gmail.com> I noticed there are a few checks for (rt == 0xf) even though that case
is handled with an early return at the top of the function.
Clean up treatment of registers in ARMv7-M and Cortex-M3.
- At the arch level:
* Just list registers and names; don't impose core-specific
policy about how they are accessed.
* Each register has a symbol.
* Remove the register mode field (irrelevant to debugger)
- At the core/implementation level:
* Just map the registers to their relevant access methods;
don't require the arch level to say how that should work
(cores other than Cortex-M3 could do it differently).
* Don't use undefined bits from register 20.
* Use register IDs that are part of the ARMv7-M interface.
In short, there's now a real distinction between the arch
and core layers.
- Bugfixes:
* Distinguish branch from misc via "!=" not "=="
* MRS register shift is 8 bits (vs MSR being 16)
- Format tweaks:
* CPS needed tab (not space)
* add commma before some shifts
* add space after comma in LDM/STM
* use ".W" width spec on various instructions
Revert parts of the previous ARMv7-M register patch.
It turns out that part of the issue is a documentation
problem for the Cortex-M3 r1 parts. So for the rest,
simpler fixes are possible (in followup patch).
- fix issue with reading device id, bug appeared when flash_address code was added
- fix issue when multiple flash chips are connected, eg. x16 x 2 on 32bit mcu bus
Magnus Lundin <lundin@mlu.mine.nu>, Oyvind Harboe <oyvind.harboe@zylin.com>, David Brownell <david-b@pacbell.net>:
Move the dap command handler implementations to arm_adi_v5.c,
leaving just thin wrappers in armv7m.c. There should be no
change in functionality here. (From Magnus.)
Minor style cleanup: whitespace, line length, etc. Update spec
references to use docs which are currently available. (From Dave.)
Magnus Lundin <lundin@mlu.mine.nu>, Oyvind Harboe <oyvind.harboe@zylin.com>, David Brownell <david-b@pacbell.net>:
Some cleanup of the ARMv7-M support:
- Reference the relevant ARMv7-M ARM doc (DDI 0405C to non-Vendors), and
update the Cortex-M3 doc refs (DDI 0337C is no longer available).
- Those registers aren't actually general, and some are incorrect (per all
public docs anyway). Update comments and code accordingly.
* What the Core Debug facility exposes is *implementation-specific*
not architectural. These values aren't fully portable. They match
Cortex-M3 ... so no current implementation will make trouble, but
the next v7m implementation might.
* Four of the registers are actually not exposed that way. Before
Cortex-M3 r2p0 they are read/written through MRS/MSR instructions.
In that newest silicon, they are four bytes in one register, not
four separate registers.
- Update the CM3 code to report when that one register is available,
and not try to access it when it isn't. Also declare the register
numbers that an eventual MRS/MSR solution will need to be using.
- Stop line wrapping the exception labels.
So for parts before r2p0 OpenOCD behavior is effectively unchanged, and
still buggy; but for those newer parts a few things might now be correct.
Most current Cortex-M3 parts use r1p1 (or earlier); this seems to include
most LM3S parts and all STM32 parts. Parts using r2p0 are available, and
include fourth generation LM3S parts ("Tempest") plus AT91SAM3 and LPC17xx
parts which are now sampling.
Make disassembly of the Thumb load-literal instruction show the
address of the literal being loaded (so users can avoid doing
that math themselves). Add and use an Align(PC,4) utility.
Make the Thumb2 disassembler handle a bunch of 32-bit instructions:
A5.3.4 Branches and miscellaneous control
Note that this shifts some responsabililty out of helper functions,
making the code and layout simpler for 32-bit decoders: they only
need to know how to format the instruction and its parameters.
Also, technical note: with this patch, Thumb1 decoders could now
call the Thumb2 decoder if they wanted to get nicer treatment of
the exiting 32-bit B/BLX instructions.
Change layout of Thumb disassembly to work better with Thumb2:
- Move opcode to the left, allowing space for four hex bytes:
* after address, two spaces not one tab (taking 6 spaces)
* after 2-byte opcode, four spaces before tab
- Also, after opcode mnemonic use a tab not a space, to make
operands line up
Sample output (after some patches decoding a few 32-bit instructions):
Initial support for disassembling Thumb2 code. This works only for
Cortex-M3 cores so far. Eventually other cores will also need Thumb2
support ... but they don't yet support any kind of disassembly.
- Update the 16-bit Thumb decoder:
* Understand CPS, REV*, SETEND, {U,S}XT{B,H} opcodes added
by ARMv6. (It already seems to treat CPY as MOV.)
* Understand CB, CBNZ, WFI, IT, and other opcodes added by
in Thumb2.
- A new Thumb2 instruction decode routine is provided.
* This has a different signature: pass the target, not the
instruction, so it can fetch a second halfword when needed.
The instruction size is likewise returned to the caller.
* 32-bit instructions are recognized but not yet decoded.
- Start using the current "UAL" syntax in some cases. "SWI" is
renamed as "SVC"; "LDMIA" as "LDM"; "STMIA" as "STM".
- Define a new "cortex_m3 disassemble addr count" command to give
access to this disassembly.
Sanity checked against "objdump -d" output; a bunch of the new
instructions checked out fine.
projects / openocd / log