David Brownell <david-b@pacbell.net> More testcase work:
A5.3.11 Data processing (shifted register)
The usual kinds of problems; the most noteworthy were that
the "S"et flags bit was mis-handled in these instructions.
---
This is the last patch from a quickie set of tests covering all
encodings of the instructions with 32-bit opcodes. There may
be some corner cases left, plus the instructions that aren't
yet handled, but the Thumb2 disassembler is no longer just
"lightly" tested with GCC output ... the new code paths have
mostly been verified.
There was a longstanding bug in Thumb-1 LDM; the rest of the LDM/STM
fixes are just using width specs to match UAL syntax, except for two
opcode name typos. Load word had two bitmask goofs.
David Brownell <david-b@pacbell.net> More fixes from test cases:
A5.3.8 Load halfword, unallocated memory hints
It's mostly the usual sort of bitmasking goofage and getting the
width specs right. In one case an older x86 GCC generated bad code
unless I structred a conditional differently (sigh).
David Brownell <david-b@pacbell.net> More instruction decoding fixes:
A5.3.5 Load/store multiple
A5.3.7 Load word
There was a longstanding bug in Thumb-1 LDM; the rest of the LDM/STM
fixes are just using width specs to match UAL syntax, except for two
opcode name typos. Load word had two bitmask goofs.
David Brownell <david-b@pacbell.net> Bugfix some instruction decoding ... I've crafted asm files
with testcases covering several new encodings in these sections
of the ARMv7-M arch manual:
A5.3.12 Data processing (register)
A5.3.13 Miscellaneous operations
A5.3.14 Multiply, and multiply accumulate
A5.3.15 Long multiply, long multiply accumulate, and divide
The issues were mostly in '12 and '13; some new related 16-bit
opcodes had issues too.
Andreas Fritiofson <andreas.fritiofson@gmail.com> I noticed there are a few checks for (rt == 0xf) even though that case
is handled with an early return at the top of the function.
Clean up treatment of registers in ARMv7-M and Cortex-M3.
- At the arch level:
* Just list registers and names; don't impose core-specific
policy about how they are accessed.
* Each register has a symbol.
* Remove the register mode field (irrelevant to debugger)
- At the core/implementation level:
* Just map the registers to their relevant access methods;
don't require the arch level to say how that should work
(cores other than Cortex-M3 could do it differently).
* Don't use undefined bits from register 20.
* Use register IDs that are part of the ARMv7-M interface.
In short, there's now a real distinction between the arch
and core layers.
- Bugfixes:
* Distinguish branch from misc via "!=" not "=="
* MRS register shift is 8 bits (vs MSR being 16)
- Format tweaks:
* CPS needed tab (not space)
* add commma before some shifts
* add space after comma in LDM/STM
* use ".W" width spec on various instructions
Revert parts of the previous ARMv7-M register patch.
It turns out that part of the issue is a documentation
problem for the Cortex-M3 r1 parts. So for the rest,
simpler fixes are possible (in followup patch).
- fix issue with reading device id, bug appeared when flash_address code was added
- fix issue when multiple flash chips are connected, eg. x16 x 2 on 32bit mcu bus
Magnus Lundin <lundin@mlu.mine.nu>, Oyvind Harboe <oyvind.harboe@zylin.com>, David Brownell <david-b@pacbell.net>:
Move the dap command handler implementations to arm_adi_v5.c,
leaving just thin wrappers in armv7m.c. There should be no
change in functionality here. (From Magnus.)
Minor style cleanup: whitespace, line length, etc. Update spec
references to use docs which are currently available. (From Dave.)
Magnus Lundin <lundin@mlu.mine.nu>, Oyvind Harboe <oyvind.harboe@zylin.com>, David Brownell <david-b@pacbell.net>:
Some cleanup of the ARMv7-M support:
- Reference the relevant ARMv7-M ARM doc (DDI 0405C to non-Vendors), and
update the Cortex-M3 doc refs (DDI 0337C is no longer available).
- Those registers aren't actually general, and some are incorrect (per all
public docs anyway). Update comments and code accordingly.
* What the Core Debug facility exposes is *implementation-specific*
not architectural. These values aren't fully portable. They match
Cortex-M3 ... so no current implementation will make trouble, but
the next v7m implementation might.
* Four of the registers are actually not exposed that way. Before
Cortex-M3 r2p0 they are read/written through MRS/MSR instructions.
In that newest silicon, they are four bytes in one register, not
four separate registers.
- Update the CM3 code to report when that one register is available,
and not try to access it when it isn't. Also declare the register
numbers that an eventual MRS/MSR solution will need to be using.
- Stop line wrapping the exception labels.
So for parts before r2p0 OpenOCD behavior is effectively unchanged, and
still buggy; but for those newer parts a few things might now be correct.
Most current Cortex-M3 parts use r1p1 (or earlier); this seems to include
most LM3S parts and all STM32 parts. Parts using r2p0 are available, and
include fourth generation LM3S parts ("Tempest") plus AT91SAM3 and LPC17xx
parts which are now sampling.
Make disassembly of the Thumb load-literal instruction show the
address of the literal being loaded (so users can avoid doing
that math themselves). Add and use an Align(PC,4) utility.
Make the Thumb2 disassembler handle a bunch of 32-bit instructions:
A5.3.4 Branches and miscellaneous control
Note that this shifts some responsabililty out of helper functions,
making the code and layout simpler for 32-bit decoders: they only
need to know how to format the instruction and its parameters.
Also, technical note: with this patch, Thumb1 decoders could now
call the Thumb2 decoder if they wanted to get nicer treatment of
the exiting 32-bit B/BLX instructions.
Change layout of Thumb disassembly to work better with Thumb2:
- Move opcode to the left, allowing space for four hex bytes:
* after address, two spaces not one tab (taking 6 spaces)
* after 2-byte opcode, four spaces before tab
- Also, after opcode mnemonic use a tab not a space, to make
operands line up
Sample output (after some patches decoding a few 32-bit instructions):
Initial support for disassembling Thumb2 code. This works only for
Cortex-M3 cores so far. Eventually other cores will also need Thumb2
support ... but they don't yet support any kind of disassembly.
- Update the 16-bit Thumb decoder:
* Understand CPS, REV*, SETEND, {U,S}XT{B,H} opcodes added
by ARMv6. (It already seems to treat CPY as MOV.)
* Understand CB, CBNZ, WFI, IT, and other opcodes added by
in Thumb2.
- A new Thumb2 instruction decode routine is provided.
* This has a different signature: pass the target, not the
instruction, so it can fetch a second halfword when needed.
The instruction size is likewise returned to the caller.
* 32-bit instructions are recognized but not yet decoded.
- Start using the current "UAL" syntax in some cases. "SWI" is
renamed as "SVC"; "LDMIA" as "LDM"; "STMIA" as "STM".
- Define a new "cortex_m3 disassemble addr count" command to give
access to this disassembly.
Sanity checked against "objdump -d" output; a bunch of the new
instructions checked out fine.
Improve the release script before 0.2.0:
1) Only archive NEWS file on major and minor relesae, not bug-fixes.
2) Switch back to correct development branch during final release step.
3) Add do_svn_switch helper to ensure package variables are reloaded.
David Brownell <david-b@pacbell.net> Update docs to say that "arm7_9 dbgrq enable" is the default
on ARM9 cores, and update the DaVinci config files so they
no longer explicitly specify it.
Fix certain arm926ejs targets(e.g. i.MX27) which report an unknown MOE(method of entry) - interpret this as dbgrq. "reset run" + "halt" + "step" now works.
The late birth of the NEWS file also caused me to revisit the release
process once again and reconsider it in some detail. In doing so,
some further revisions to the process were required:
1) The URL of the repository is embedded in the released code.
- The packages need to be created from the tagged branch.
- The URL then points to where to get the tagged code.
2) Improve the instructions for NEWS handling.
- NEWS file must be updated for each release; describe that process.
- The NEWS file should be archived an recreated for each release.
3) Add detail steps for the berliOS release process.
4) Minor cleanups to release process doxygen markup.
Updates to private TAP state tables in amtjtagaccel interface driver.
The first change is the neccesary one to correct a long-standing bug that
caused the IDCODE to be shifted by one bit too many. This was caused by
an incorrect path from state RESET to state DRSHIFT.
The value of those 2 bytes were 0x8a and 0x04. This means that the
bitstream to do this transition is 0b 00100 01010 (send LSB first). This
will bring you from the reset state to the shift state; however, you
enter the shift-state twice, which explains why the ID-CODE that will be
read next will be shifted 1 bit. The fix changes these to 0x05 and 0x00.
This will send the bitstream 0b 00101 (send LSB first). This will bring
the TAP controller from the RESET state to the DRSHIFT state directly,
without entering the DRSHIFT state twice.
After checking the whole table, two other transitions were found that
could be optimized (5 bits in stead of 10 bits).
Summary off all changes:
From To Old values Old Bitstream New values New Bitstream Remarks
---- ------- ---------- ------------- ---------- ------------- -------
RESET DRSHIFT 0x8a 0x04 0b00100 01010 0x05 0x00 0b00101 1,2
IDLE DRSHIFT 0x85 0x08 0b01000 00101 0x04 0x00 0b00100 2
IDLE IRSHIFT 0x8b 0x08 0b01000 01011 0x06 0x00 0b00110 2