# Before you really can start debugging some work has to be done.
# Extract the JTAG-GDB Server sources with
# "tar -xyf" at UNIX or with "tar -xjf" at CYGWIN
tar -xyf jtag_gdbserver.tar.bz2
# The project is in an early state. Treat all functions as untested yet.
# So expect that there are plenty of bugs in the source.
# Study the sources carefully and make sure you understand what's going on
# there, since YOU are the only one that will be able to fix the bugs.
# (Really, I wasn't able to find and eliminate them.)
# In case that you did not understand what's going on here.
# It's not a shame to exit this project here and it might be a wise decision
# to do so.
# And it's not your fault. It's mine, since I've made the sources not readable
# enough (Yes, I was to lazy to make a better documentation. Sorry about that.)
#
# modul overview
+-------------------------------------------------------------------+
| |
| gdbserver |
| |
| +--------------------------------------------------------------+
| | +-------------+ |
| | gdbstub |step history | |
| | +-------------+ |
| | +---------+ +-----+-----+----------------+---------+
| | | | | | | | |
| | | gdbstub | | emu |osabi| gdbstub |gdbstub |
| | | break | | | | rcmd/query |callback |
| | | | | | | | |
| | | | +-----+-----+--+------+------+---------+
| | | | | SFA | | |
| | | | |cmd seq | | |
| | | | +--------+ | |
| | | | | gdbstub | |
| | | | | memory mmap | arm flash |
| | | | | | |
| | | +----+----------+---------+-----+-----+----------+
| | | | memory | memory | |
| | | | read/write | workspace | jt flash |
+----+---+----+----+-------------------------+-----------+----------+
| | |
| | ARM - core - access |
| | |
| +-----------+----------+----------+---------+-----+--------+
| | CORTEX-M3 | | | | | |
| | | | | | | |
| | Core/Sytem| ARM7TDMI | ARM9TDMI | CP15_XX | MMU | ICE_RT |
| | AHB | | | | | |
| | DAP | | | | | |
| +-----------+----------+----------+---------+-----+--------+
| | JTAG intr. |
| TCP/IP +----------------------------------------------------------+
| | TAP ( Wrapper ) |
| +-+-+-+-+--------------------------------------------------+
| | | | | | TAP ( driver ) |
| +-+-+-+-+--------------------------------------------------+
| | | | | | raw - IO (via LPT or USB) |
+--------+-+-+-+-+--------------------------------------------------+
#
# low level routines to access the raw JTAG-TAP signal lines (TCK,TMS,TDI,TDO)
#
# - jt_io.h --- hardware IO
# device_on(); device_off(); device_disable();
# raw_Tout(); raw_Tin();
# - jt_direct_io.c --- grant access to hardware
# ioperm() - if libioperm did not exists
#
# - jt_raw_out_test.c --- simple test routine
# to check if raw functions are working or not
#
# next higher level JTAG routines
#
# - jt_tap.h --- walk through TAP controller
# - jt_tap.c
# tap_reset();tap_start();tap_stop();
# tap_idle();tap_instr();tap_data();
# tap_discover_chain()
# - jt_instr.h --- walk through Jtag - chains
# - jt_instr.c
# jtag_reset();jtag_start();
# jtag_eos();jtag_send_instr();jtag_exchange_data();
# jtag_identify_devices();
# - jt_arm.h --- ARM core access
# - jt_arm.c
# jtag_arm_ReadCpuRegs();jtag_arm_WriteCpuRegs();jtag_arm_DumpCPUregs();
# jtag_arm_PrepareExitDebug();jtag_arm_FinalExitDebug();jtag_arm_Step();
# jtag_arm_ReadWordMemory();jtag_arm_ReadWord();
# jtag_arm_ReadHalfword();jtag_arm_ReadByte();
# jtag_arm_WriteMemoryBuf();jtag_arm_WriteWord();
# jtag_arm_WriteHalfword();jtag_arm_WriteByte();
# - jt_arm7.c --- ARM7TDMI core support
# - jt_arm9.c --- ARM9TDMI core support
# - jt_cortex.h
# - jt_cortex_core.c --- ARM Cortex-M3 core support
# - jt_arm_support.c
# jtag_supp_int2bitstr_MSB_First();jtag_supp_int2bitstr_LSB_First();
# jtag_supp_bitstr2int_LSB_First();jtag_supp_bitstr2int_MSB_First();
# jtag_arm_identify();
# is_arm_store_instr();is_thumb_store_instr(); ..
# - jt_arm_chain_support.c --- (used by ARM7TDMI and ARM9TDMI cores)
# jtag_arm_set_chain();jtag_arm7_mov_chain1_data();jtag_arm9_mov_chain1_data();
# - jt_arm_iceRT.c --- embedded ICE RT debug support
# jtag_arm_IceRT_RegRead();jtag_arm_IceRT_RegWrite();
# jtag_arm_ShowAllIceRT_Regs();
# jtag_arm_PollDbgState();jtag_arm_StopRunningProgram();
# jtag_arm_IceRT_version();
# jtag_arm_Put..BreakPoint();
# - jt_cortex_dap.c --- ARM Cortex-M3 Debug Access Port
# - jt_cortex_ahb.c
# - jt_cortex_break.c
# - jt_mmu.h --- MMU
# - jt_mmu.c
# - jt_cp15.c --- Coprosessor 15 debug support
# - jt_flash.h --- support of different Flash
# algorithem (using the jt_arm - ARM core access)
# - jt_flash_info.c
# - jt_flash_info_amd.c
# - jt_flash_info_atmel.c
# - jt_flash_info_intel.c
# - jt_flash_info_philips.c
# - jt_flash_info_st.c
# - jt_flash_amd.c
# - jt_flash_intel.c
# - jt_flash_philips.c
# - jt_flash_str91x.c
# - jt_flash_stm32f10x.c
#
# - jt_jtag_test.c --- simple test (should be build by yourself)
#
# high level GDB server stub
#
# - arm_gdbstub.c
# - arm_gdbstub_break.c
# - arm_gdbstub_callback.c
# - arm_gdbstub_rcmd.c
# - arm_gdbstub_query.c
# - arm_memory_mmap.c
# - arm_memory_workspace.c
# - arm_memory_read.c
# - arm_memory_write.c
# - arm_sfa_cmdseq.c
# - arm_emu.c
#
# workspace flash support functions
# - arm_flash_readchk.c
# - arm_flash_verify.c
# - arm_flash_check.c
# - arm_flash_erase.c
# - arm_flash_program.c
# - arm_flash_amd.c
# - arm_flash_atmel.c
# - arm_flash_philips.c
# - arm_flash_st.c
#
# target routines running at workspace (ARM - program)
# - t_arm_dcc_read_mem.c
# - t_arm_dcc_write_mem.c
# - t_arm_dcc_check_flash.c
# - t_arm_amdflash_8.c
# - t_arm_amdflash_16.c
# - t_arm_amdflash_32.c
# - t_arm_atmelflash.c
# - t_arm_philipsflash.c
# - t_arm_stflash.c
# - t_arm_str9cui.c
# - t_cortex_check_flash.c
# - t_cortex_stm32flash.c
#
# main Program
#
# - arm_gdbserver.c
#
#
# environment
#
# we need binutils, gdb and gcc
# The latest version of binutils and version gdb 7.0 should work
# I'm doing an experimental work at gdb and insight.
# So here is a snapshot with modifictions in remote,
# cli and gdbtk's tcl/tk library.
# I've updated from current CVS-snapshot of tcl/tk (version 8.5),
# itcl/itk (version 3.4) and iwidgets (version 4.0.2)
# I've also patched libgui to be able to work with the updated package.
# Additional "unused" libgui stuff have been removed, too.
# Now we can be sure having the latest bugs, and some more (oops).
# To reduce the size of the tarball all testsuites and all machine depended
# stuff other than ARM machines are striped away
# Make sure that you can live with the modification I've made.
# Note the patches are dropped by gdb but I like them.
# - My argument counter and the one from gdb still differ within the cli stuff.
# see: cli-cmds.c, cli-script.h and cli-script.c
# - add argument $rcmdretval to extract an integer number of the last "monitor" response.
# - add shadow register support (to show the user register while we are in interrupt)
# - change null_file_write in ui-file.c (little speedup)
# - the insight library has now some extensions / modifications
# compare e.g. /usr/local/share/insight1.0 with gdbtk/library
# - to make sure that this did not corrupt an existing insight version
# the corresponding build scripts (Makefile.in configure ..) are modified, too
# so the modified version lives in /usr/local/share/insight1.0.tcltk85
# - the libgui is incompatible with the original one
# so the modified version lives in /usr/local/share/insight1.0.tcltk85/gui
# - some patches to be able to compile under cygwin with mingw are added
# (binutils and gdb like to see the real cygwin-gcc
# while tcl/tk like to see the mingw-gcc with win32 api)
# Remember: using this "patched" sources is done at your own risk
# Maybe you decide not to use this, this is OK since gdb 7.0 should work, too.
#
# I've also added parts of the gcc version SVN-snapshot.
# (Any gcc version after 4.3 should work, too.)
# Disable target run-time libraries like stack smashing protection (libssp),
# GNU OpenMP Library (libgomp) and memory-check Libray (libmudflap).
#
# Required Packages:
# GNU Multiple Precision Library (GMP) version 4.3.1 (http://swox.com/gmp/)
# (using configure switch --enable-cxx --prefix=$HOME/local)
# MPFR Library version 2.4.2 (http://www.mpfr.org/)
# (using configure switch --with-gmp=$HOME/local --prefix=$HOME/local)
# MPC Library version 0.8.1 (http://www.multiprecision.org/)
# (using configure --prefix=$HOME/local --with-gmp=$HOME/local --with-mpfr=$HOME/local --prefix=$HOME/local)
# Expat (http://www.libexpat.org/)
#
# Optional Packages:
# Python version 6 (http://www.python.org/)
# (using configure switch --without-threads --enable-shared --prefix=$HOME/local)
# PPL version 0.10.2 (http://www.cs.unipr.it/ppl/)
# (using configure --with-libgmp-prefix=$HOME/local --with-libgmpxx-prefix=$HOME/local --prefix=$HOME/local )
# CLOOG version 0.15.7 (ftp://gcc.gnu.org/pub/gcc/infrastructure/)
# (using configure --with-ppl=$HOME/local --with-gmp=HOME/local --prefix=$HOME/local)
# libelf version 0.8.12 (http://www.mr511.de/software/)
# libusb (http://libusb.sourceforge.net/) or libusb-win32 (http://libusb-win32.sourceforge.net)
tar -xyf armUtil.tar.bz2
mkdir buildArmEnv
cd buildArmEnv
../src/configure --target=arm-elf-eabi \
--enable-target-optspace \
--disable-werror \
--disable-nls \
--enable-target-static \
--disable-target-shared \
--disable-libssp \
--disable-libgomp \
--disable-libmudflap \
--enable-languages=c,c++ \
--with-float=soft \
--with-newlib \
--without-headers \
--enable-multilib \
--enable-tls \
# you may have to add
--with-gmp=/usr/local \
--with-mpfr=/usr/local \
--with-python=/usr/local \
# or
--prefix=$HOME/local \
--with-mpc=$HOME/local \
--with-mpfr=$HOME/local \
--with-gmp=$HOME/local \
--with-ppl=$HOME/local \
--with-cloog=$HOME/local \
--with-libelf=$HOME/local \
--with-python=$HOME/local \
--enable-lto
gmake
sudo gmake install
cd ../
#
# after you're having a working cross compiler environment
#
# if you like to have support for USB devices you will need the libusb library
# available at http://libusb.sourceforge.net
# or at http://libusb-win32.sourceforge.net
# - at UNIX you have imedeatly access to USB devices (as long as you are super user)
# - at Windows using cygwin you have to install the driver (it isn't installed
# since it is a potential security hole.)
# Installing this driver can be done by calling
# /usr/sbin/libusb-install
# additional you may have to create the .inf file
cd jtag/jtag_gdbserver
# edit Makefile if required
#
# jtag_gdbserver.exe
#
gmake
# Now you can do a cable test WITHOUT the target board.
# -- never connect it !! --
# Verify the Voltage presents and its level with a voltmeter.
su root -c ./jtag_gdbserver -driver=tls -iotest
# or
sudo ./jtag_gdbserver -driver=tls -iotest
# if and only if all JTAG signals seems to be correct
# try a test-scenario (that are build by yourself see jt_jtag_test.c)
sudo ./jtag_gdbserver -driver=tls -testjtag 0,1,2
# if this seems to be reasonable, too
# you may try the gdbserver
sudo ./jtag_gdbserver -driver tls :1234
# start debugger
arm-elf-eabi-gdb
# this is a (useless) example session
(gdb) target remote :1234
Remote debugging using :1234
0x00000000 in ?? ()
(gdb) monitor SysInfo
embedded ICE revision 4
endian: little
vendor: vendor unknown
core: ARM7TDMI revision 4
memory type: unknown
capability: unknown
without Coprocessor CP15
(gdb) monitor MemMap.MaxNum= 2
(gdb) monitor MemMap.MaxEntrys[0]= 64
(gdb) monitor MemMap[0][0]= rom,32, 0x0, 128 KByte
(gdb) monitor MemMap[0][1]= sfa,32, 0x3fff8000, 36 Byte
(gdb) monitor MemMap[0][2]= ram,32, 0x40000000, 63 KByte
(gdb) monitor MemMap[0][3]= work,32, 0x4000fc00, 1024 Byte
(gdb) monitor MemMap[0][4]= rom,32, 0x7FFFe000, 8 KByte
(gdb) monitor MemMap[0][5]= sfa,32, 0xE0000000, 2 MByte
(gdb) monitor MemMap[0][6]= sfa,32, 0xFFE00000, 2 MByte
(gdb) monitor CmdSequence.MaxNum= 4
(gdb) monitor CmdSequence.MaxEntrys[0]= 3
(gdb) monitor CmdSequence.MaxEntrys[1]= 1
(gdb) monitor CmdSequence[1][0]= 32, 0xe01fc040 , 1
(gdb) monitor CmdSequence.MaxEntrys[2]= 1
(gdb) monitor CmdSequence[2][0]= 32, 0xe01fc040 , 2
(gdb) monitor CmdSequence.MaxEntrys[3]= 1
(gdb) monitor CmdSequence[3][0]= 32, 0xe01fc040 , 0
(gdb) monitor modeWorkspace = 1
(gdb) monitor UseMemMap[0]
(gdb) monitor cmd 1
(gdb) monitor LPCfrequence = 14745
(gdb) p/x $pc
$1 = 0x0
(gdb) x/10i $pc
0x0: b 0x44
0x4: ldr pc, [pc, #24] ; 0x24
0x8: ldr pc, [pc, #24] ; 0x28
0xc: ldr pc, [pc, #24] ; 0x2c
0x10: ldr pc, [pc, #24] ; 0x30
0x14: strltb r5, [r0], #-3937
0x18: ldr pc, [pc, #24] ; 0x38
0x1c: ldr pc, [pc, #24] ; 0x3c
0x20: undefined instruction 0xffffffff
0x24: andeq r0, r0, r0, asr #32
(gdb) x/10i 0x44
0x44: ldr r3, [pc, #200] ; 0x114
0x48: cmp r3, #0 ; 0x0
0x4c: beq 0x4c
0x50: mov sp, r3
0x54: mrs r2, CPSR
0x58: tst r2, #15 ; 0xf
0x5c: beq 0x5c
0x60: msr CPSR_c, #219 ; 0xdb
0x64: mov sp, r3
0x68: msr CPSR_c, #215 ; 0xd7
(gdb) si
Program received signal SIGEMT, Emulation trap.
0x00000044 in ?? ()
(gdb) p/x $pc
$2 = 0x44
(gdb) info registers
r0 0x0 0
r1 0x0 0
r2 0x0 0
r3 0x0 0
r4 0x0 0
r5 0x0 0
r6 0x0 0
r7 0x0 0
r8 0x0 0
r9 0x0 0
r10 0x0 0
r11 0x0 0
r12 0x0 0
sp 0x0 0
lr 0x0 0
pc 0x44 68
fps 0x0 0
cpsr 0xd3 211
(gdb) x/4i $pc
0x44: ldr r3, [pc, #200] ; 0x114
0x48: cmp r3, #0 ; 0x0
0x4c: beq 0x4c
0x50: mov sp, r3
(gdb) x/x 0x44 + 200 + 8
0x114: 0x40004010
(gdb) p/x $r3
$3 = 0x0
(gdb) si
Program received signal SIGEMT, Emulation trap.
0x00000048 in ?? ()
(gdb) p/x $r3
$4 = 0x40004010
(gdb)
#
# Todo: tell something about Thread osabi support
# - look up symbols ("Symbol")
# - symbol main may have an other name ("mainSymbol")
# - give examples of command sequences with machine code functionality
# - extend bind sequences to
# MultiThreadActive, MinimalThreadId , GetCurrentThreadId
# GetSavedRegisterSet, IsTheadIdAlive, GetTLSAddr, GetThreadInfo
#