1 /* Remote debugging interface for Motorola's MVME187BUG monitor, an embedded
4 Copyright 1992, 1993 Free Software Foundation, Inc.
5 Contributed by Cygnus Support. Written by K. Richard Pixley.
7 This file is part of GDB.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
27 #include "gdb_string.h"
38 #include "remote-utils.h"
43 /* External data declarations */
44 extern int stop_soon_quietly; /* for wait_for_inferior */
46 /* Forward data declarations */
47 extern struct target_ops bug_ops; /* Forward declaration */
49 /* Forward function declarations */
50 static int bug_clear_breakpoints PARAMS((void));
52 static int bug_read_memory PARAMS((CORE_ADDR memaddr,
53 unsigned char *myaddr,
56 static int bug_write_memory PARAMS((CORE_ADDR memaddr,
57 unsigned char *myaddr,
60 /* This variable is somewhat arbitrary. It's here so that it can be
61 set from within a running gdb. */
63 static int srec_max_retries = 3;
65 /* Each S-record download to the target consists of an S0 header
66 record, some number of S3 data records, and one S7 termination
67 record. I call this download a "frame". Srec_frame says how many
68 bytes will be represented in each frame. */
71 static int srec_frame = SREC_SIZE;
73 /* This variable determines how many bytes will be represented in each
76 static int srec_bytes = 40;
78 /* At one point it appeared to me as though the bug monitor could not
79 really be expected to receive two sequential characters at 9600
80 baud reliably. Echo-pacing is an attempt to force data across the
81 line even in this condition. Specifically, in echo-pace mode, each
82 character is sent one at a time and we look for the echo before
83 sending the next. This is excruciatingly slow. */
85 static int srec_echo_pace = 0;
87 /* How long to wait after an srec for a possible error message.
88 Similar to the above, I tried sleeping after sending each S3 record
89 in hopes that I might actually see error messages from the bug
90 monitor. This might actually work if we were to use sleep
91 intervals smaller than 1 second. */
93 static int srec_sleep = 0;
95 /* Every srec_noise records, flub the checksum. This is a debugging
96 feature. Set the variable to something other than 1 in order to
97 inject *deliberate* checksum errors. One might do this if one
98 wanted to test error handling and recovery. */
100 static int srec_noise = 0;
102 /* Called when SIGALRM signal sent due to alarm() timeout. */
104 /* Number of SIGTRAPs we need to simulate. That is, the next
105 NEED_ARTIFICIAL_TRAP calls to bug_wait should just return
106 SIGTRAP without actually waiting for anything. */
108 static int need_artificial_trap = 0;
111 * Download a file specified in 'args', to the bug.
115 bug_load (args, fromtty)
125 dcache_flush (gr_get_dcache());
127 abfd = bfd_openr (args, 0);
130 printf_filtered ("Unable to open file %s\n", args);
134 if (bfd_check_format (abfd, bfd_object) == 0)
136 printf_filtered ("File is not an object file\n");
141 while (s != (asection *) NULL)
143 srec_frame = SREC_SIZE;
144 if (s->flags & SEC_LOAD)
148 char *buffer = xmalloc (srec_frame);
150 printf_filtered ("%s\t: 0x%4x .. 0x%4x ", s->name, s->vma, s->vma + s->_raw_size);
151 gdb_flush (gdb_stdout);
152 for (i = 0; i < s->_raw_size; i += srec_frame)
154 if (srec_frame > s->_raw_size - i)
155 srec_frame = s->_raw_size - i;
157 bfd_get_section_contents (abfd, s, buffer, i, srec_frame);
158 bug_write_memory (s->vma + i, buffer, srec_frame);
159 printf_filtered ("*");
160 gdb_flush (gdb_stdout);
162 printf_filtered ("\n");
167 sprintf (buffer, "rs ip %lx", (unsigned long) abfd->start_address);
168 sr_write_cr (buffer);
189 while (*s && !isspace (*s))
195 copy = xmalloc (len + 1);
196 memcpy (copy, word, len);
203 static struct gr_settings bug_settings = {
207 bug_clear_breakpoints, /* clear_all_breakpoints */
208 bug_read_memory, /* readfunc */
209 bug_write_memory, /* writefunc */
210 gr_generic_checkin, /* checkin */
213 static char *cpu_check_strings[] = {
219 bug_open (args, from_tty)
226 gr_open(args, from_tty, &bug_settings);
227 /* decide *now* whether we are on an 88100 or an 88110 */
228 sr_write_cr("rs cr06");
229 sr_expect("rs cr06");
231 switch (gr_multi_scan(cpu_check_strings, 0))
233 case 0: /* this is an m88100 */
234 target_is_m88110 = 0;
236 case 1: /* this is an m88110 */
237 target_is_m88110 = 1;
244 /* Tell the remote machine to resume. */
247 bug_resume (pid, step, sig)
249 enum target_signal sig;
251 dcache_flush (gr_get_dcache());
257 /* Force the next bug_wait to return a trap. Not doing anything
258 about I/O from the target means that the user has to type
259 "continue" to see any. FIXME, this should be fixed. */
260 need_artificial_trap = 1;
268 /* Wait until the remote machine stops, then return,
269 storing status in STATUS just as `wait' would. */
271 static char *wait_strings[] = {
273 "Exception: Data Access Fault (Local Bus Timeout)",
274 "\r8??\?-Bug>", /* The '\?' avoids creating a trigraph */
280 bug_wait (pid, status)
282 struct target_waitstatus *status;
284 int old_timeout = sr_get_timeout();
285 int old_immediate_quit = immediate_quit;
287 status->kind = TARGET_WAITKIND_EXITED;
288 status->value.integer = 0;
290 /* read off leftovers from resume so that the rest can be passed
291 back out as stdout. */
292 if (need_artificial_trap == 0)
294 sr_expect("Effective address: ");
295 (void) sr_get_hex_word();
299 sr_set_timeout(-1); /* Don't time out -- user program is running. */
300 immediate_quit = 1; /* Helps ability to QUIT */
302 switch (gr_multi_scan(wait_strings, need_artificial_trap == 0))
304 case 0: /* breakpoint case */
305 status->kind = TARGET_WAITKIND_STOPPED;
306 status->value.sig = TARGET_SIGNAL_TRAP;
307 /* user output from the target can be discarded here. (?) */
311 case 1: /* bus error */
312 status->kind = TARGET_WAITKIND_STOPPED;
313 status->value.sig = TARGET_SIGNAL_BUS;
314 /* user output from the target can be discarded here. (?) */
318 case 2: /* normal case */
320 if (need_artificial_trap != 0)
323 status->kind = TARGET_WAITKIND_STOPPED;
324 status->value.sig = TARGET_SIGNAL_TRAP;
325 need_artificial_trap--;
331 status->kind = TARGET_WAITKIND_EXITED;
332 status->value.integer = 0;
336 case -1: /* trouble */
338 fprintf_filtered (gdb_stderr,
339 "Trouble reading target during wait\n");
343 sr_set_timeout(old_timeout);
344 immediate_quit = old_immediate_quit;
348 /* Return the name of register number REGNO
349 in the form input and output by bug.
351 Returns a pointer to a static buffer containing the answer. */
356 static char *rn[] = {
357 "r00", "r01", "r02", "r03", "r04", "r05", "r06", "r07",
358 "r08", "r09", "r10", "r11", "r12", "r13", "r14", "r15",
359 "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
360 "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
362 /* these get confusing because we omit a few and switch some ordering around. */
364 "cr01", /* 32 = psr */
365 "fcr62", /* 33 = fpsr*/
366 "fcr63", /* 34 = fpcr */
367 "ip", /* this is something of a cheat. */
369 "cr05", /* 36 = snip */
370 "cr06", /* 37 = sfip */
372 "x00", "x01", "x02", "x03", "x04", "x05", "x06", "x07",
373 "x08", "x09", "x10", "x11", "x12", "x13", "x14", "x15",
374 "x16", "x17", "x18", "x19", "x20", "x21", "x22", "x23",
375 "x24", "x25", "x26", "x27", "x28", "x29", "x30", "x31",
381 #if 0 /* not currently used */
382 /* Read from remote while the input matches STRING. Return zero on
383 success, -1 on failure. */
397 printf("\nNext character is '%c' - %d and s is \"%s\".\n", c, c, --s);
407 bug_srec_write_cr (s)
415 if (sr_get_debug() > 0)
419 SERIAL_WRITE(sr_get_desc(), p, 1);
420 while (sr_pollchar() != *p);
425 /* return(bug_scan (s) || bug_scan ("\n")); */
431 /* Store register REGNO, or all if REGNO == -1. */
434 bug_fetch_register(regno)
443 for (i = 0; i < NUM_REGS; ++i)
444 bug_fetch_register(i);
446 else if (target_is_m88110 && regno == SFIP_REGNUM)
448 /* m88110 has no sfip. */
450 supply_register(regno, (char *) &l);
452 else if (regno < XFP_REGNUM)
454 char buffer[MAX_REGISTER_RAW_SIZE];
457 sr_write_cr (get_reg_name(regno));
459 store_unsigned_integer (buffer, REGISTER_RAW_SIZE (regno),
462 supply_register (regno, buffer);
466 /* Float register so we need to parse a strange data format. */
468 unsigned char fpreg_buf[10];
471 sr_write(get_reg_name(regno), strlen(get_reg_name(regno)));
474 sr_expect(get_reg_name(regno));
479 p = sr_get_hex_digit(1);
480 fpreg_buf[0] = p << 7;
484 p = sr_get_hex_digit(1);
485 fpreg_buf[0] += (p << 4);
486 fpreg_buf[0] += sr_get_hex_digit(1);
488 fpreg_buf[1] = sr_get_hex_digit(1) << 4;
492 fpreg_buf[1] += sr_get_hex_digit(1);
494 fpreg_buf[2] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
495 fpreg_buf[3] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
496 fpreg_buf[4] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
497 fpreg_buf[5] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
498 fpreg_buf[6] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
499 fpreg_buf[7] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
504 supply_register(regno, fpreg_buf);
510 /* Store register REGNO, or all if REGNO == -1. */
513 bug_store_register (regno)
523 for (i = 0; i < NUM_REGS; ++i)
524 bug_store_register(i);
530 regname = get_reg_name(regno);
532 if (target_is_m88110 && regno == SFIP_REGNUM)
534 else if (regno < XFP_REGNUM)
535 sprintf(buffer, "rs %s %08x",
537 read_register(regno));
540 unsigned char *fpreg_buf =
541 (unsigned char *)®isters[REGISTER_BYTE(regno)];
543 sprintf(buffer, "rs %s %1x_%02x%1x_%1x%02x%02x%02x%02x%02x%02x;d",
546 (fpreg_buf[0] >> 7) & 0xf,
549 (fpreg_buf[1] >> 8) & 0xf,
568 bug_xfer_memory (memaddr, myaddr, len, write, target)
573 struct target_ops *target; /* ignored */
577 /* Round starting address down to longword boundary. */
578 register CORE_ADDR addr;
580 /* Round ending address up; get number of longwords that makes. */
583 /* Allocate buffer of that many longwords. */
584 register int *buffer;
586 addr = memaddr & -sizeof (int);
587 count = (((memaddr + len) - addr) + sizeof (int) - 1) / sizeof (int);
589 buffer = (int *) alloca (count * sizeof (int));
593 /* Fill start and end extra bytes of buffer with existing memory data. */
595 if (addr != memaddr || len < (int) sizeof (int))
597 /* Need part of initial word -- fetch it. */
598 buffer[0] = gr_fetch_word (addr);
601 if (count > 1) /* FIXME, avoid if even boundary */
604 = gr_fetch_word (addr + (count - 1) * sizeof (int));
607 /* Copy data to be written over corresponding part of buffer */
609 memcpy ((char *) buffer + (memaddr & (sizeof (int) - 1)), myaddr, len);
611 /* Write the entire buffer. */
613 for (i = 0; i < count; i++, addr += sizeof (int))
616 gr_store_word (addr, buffer[i]);
627 /* Read all the longwords */
628 for (i = 0; i < count; i++, addr += sizeof (int))
631 buffer[i] = gr_fetch_word (addr);
639 /* Copy appropriate bytes out of the buffer. */
640 memcpy (myaddr, (char *) buffer + (memaddr & (sizeof (int) - 1)), len);
651 command = (srec_echo_pace ? "lo 0 ;x" : "lo 0");
653 sr_write_cr (command);
656 bug_srec_write_cr ("S0030000FC");
660 /* This is an extremely vulnerable and fragile function. I've made
661 considerable attempts to make this deterministic, but I've
662 certainly forgotten something. The trouble is that S-records are
663 only a partial file format, not a protocol. Worse, apparently the
664 m88k bug monitor does not run in real time while receiving
665 S-records. Hence, we must pay excruciating attention to when and
666 where error messages are returned, and what has actually been sent.
668 Each call represents a chunk of memory to be sent to the target.
669 We break that chunk into an S0 header record, some number of S3
670 data records each containing srec_bytes, and an S7 termination
673 static char *srecord_strings[] = {
680 bug_write_memory (memaddr, myaddr, len)
682 unsigned char *myaddr;
689 char *buffer = alloca ((srec_bytes + 8) << 1);
697 if (retries > srec_max_retries)
702 if (sr_get_debug() > 0)
703 printf("\n<retrying...>\n");
705 /* This gr_expect_prompt call is extremely important. Without
706 it, we will tend to resend our packet so fast that it
707 will arrive before the bug monitor is ready to receive
708 it. This would lead to a very ugly resend loop. */
724 if (thisgo > srec_bytes)
727 address = memaddr + done;
728 sprintf (buf, "S3%02X%08X", thisgo + 4 + 1, address);
731 checksum += (thisgo + 4 + 1
733 + ((address >> 8) & 0xff)
734 + ((address >> 16) & 0xff)
735 + ((address >> 24) & 0xff));
737 for (idx = 0; idx < thisgo; idx++)
739 sprintf (buf, "%02X", myaddr[idx + done]);
740 checksum += myaddr[idx + done];
746 /* FIXME-NOW: insert a deliberate error every now and then.
747 This is intended for testing/debugging the error handling
749 static int counter = 0;
750 if (++counter > srec_noise)
757 sprintf(buf, "%02X", ~checksum & 0xff);
758 bug_srec_write_cr (buffer);
763 /* This pollchar is probably redundant to the gr_multi_scan
764 below. Trouble is, we can't be sure when or where an
765 error message will appear. Apparently, when running at
766 full speed from a typical sun4, error messages tend to
767 appear to arrive only *after* the s7 record. */
769 if ((x = sr_pollchar()) != 0)
771 if (sr_get_debug() > 0)
772 printf("\n<retrying...>\n");
776 /* flush any remaining input and verify that we are back
777 at the prompt level. */
779 /* start all over again. */
788 bug_srec_write_cr("S7060000000000F9");
791 /* Having finished the load, we need to figure out whether we
793 } while (gr_multi_scan(srecord_strings, 0) == 0);;
798 /* Copy LEN bytes of data from debugger memory at MYADDR
799 to inferior's memory at MEMADDR. Returns errno value.
800 * sb/sh instructions don't work on unaligned addresses, when TU=1.
803 /* Read LEN bytes from inferior memory at MEMADDR. Put the result
804 at debugger address MYADDR. Returns errno value. */
806 bug_read_memory (memaddr, myaddr, len)
808 unsigned char *myaddr;
818 unsigned int checksum;
820 sprintf(request, "du 0 %x:&%d", memaddr, len);
821 sr_write_cr(request);
823 p = buffer = alloca(len);
825 /* scan up through the header */
826 sr_expect("S0030000FC");
828 while (p < buffer + len)
830 /* scan off any white space. */
831 while (sr_readchar() != 'S') ;;
833 /* what kind of s-rec? */
834 type = sr_readchar();
836 /* scan record size */
837 sr_get_hex_byte(&size);
851 inaddr = (inaddr << 8) + c;
854 /* intentional fall through */
857 inaddr = (inaddr << 8) + c;
860 /* intentional fall through */
863 inaddr = (inaddr << 8) + c;
867 inaddr = (inaddr << 8) + c;
874 error("reading s-records.");
878 || (memaddr + len) < (inaddr + size))
879 error("srec out of memory range.");
881 if (p != buffer + inaddr - memaddr)
882 error("srec out of sequence.");
884 for (; size; --size, ++p)
891 if (c != (~checksum & 0xff))
892 error("bad s-rec checksum");
897 if (p != buffer + len)
900 memcpy(myaddr, buffer, len);
904 #define MAX_BREAKS 16
905 static int num_brkpts = 0;
907 bug_insert_breakpoint (addr, save)
909 char *save; /* Throw away, let bug save instructions */
913 if (num_brkpts < MAX_BREAKS)
918 sprintf (buffer, "br %x", addr);
919 sr_write_cr (buffer);
925 fprintf_filtered (gdb_stderr,
926 "Too many break points, break point not installed\n");
932 bug_remove_breakpoint (addr, save)
934 char *save; /* Throw away, let bug save instructions */
941 sprintf (buffer, "nobr %x", addr);
942 sr_write_cr (buffer);
949 /* Clear the bugs notion of what the break points are */
951 bug_clear_breakpoints ()
956 sr_write_cr ("nobr");
964 struct target_ops bug_ops ;
969 bug_ops.to_shortname = "bug"; "Remote BUG monitor",
970 bug_ops.to_longname = "Use the mvme187 board running the BUG monitor connected by a serial line.";
971 bug_ops.to_doc = " ";
972 bug_ops.to_open = bug_open;
973 bug_ops.to_close = gr_close;
974 bug_ops.to_attach = 0;
975 bug_ops.to_post_attach = NULL;
976 bug_ops.to_require_attach = NULL;
977 bug_ops.to_detach = gr_detach;
978 bug_ops.to_require_detach = NULL;
979 bug_ops.to_resume = bug_resume;
980 bug_ops.to_wait = bug_wait;
981 bug_ops.to_post_wait = NULL;
982 bug_ops.to_fetch_registers = bug_fetch_register;
983 bug_ops.to_store_registers = bug_store_register;
984 bug_ops.to_prepare_to_store = gr_prepare_to_store;
985 bug_ops.to_xfer_memory = bug_xfer_memory;
986 bug_ops.to_files_info = gr_files_info;
987 bug_ops.to_insert_breakpoint = bug_insert_breakpoint;
988 bug_ops.to_remove_breakpoint = bug_remove_breakpoint;
989 bug_ops.to_terminal_init = 0;
990 bug_ops.to_terminal_inferior = 0;
991 bug_ops.to_terminal_ours_for_output = 0;
992 bug_ops.to_terminal_ours = 0;
993 bug_ops.to_terminal_info = 0;
994 bug_ops.to_kill = gr_kill;
995 bug_ops.to_load = bug_load;
996 bug_ops.to_lookup_symbol = 0;
997 bug_ops.to_create_inferior = gr_create_inferior;
998 bug_ops.to_post_startup_inferior = NULL;
999 bug_ops.to_acknowledge_created_inferior = NULL;
1000 bug_ops.to_clone_and_follow_inferior = NULL;
1001 bug_ops.to_post_follow_inferior_by_clone = NULL;
1002 bug_ops.to_insert_fork_catchpoint = NULL;
1003 bug_ops.to_remove_fork_catchpoint = NULL;
1004 bug_ops.to_insert_vfork_catchpoint = NULL;
1005 bug_ops.to_remove_vfork_catchpoint = NULL;
1006 bug_ops.to_has_forked = NULL;
1007 bug_ops.to_has_vforked = NULL;
1008 bug_ops.to_can_follow_vfork_prior_to_exec = NULL;
1009 bug_ops.to_post_follow_vfork = NULL;
1010 bug_ops.to_insert_exec_catchpoint = NULL;
1011 bug_ops.to_remove_exec_catchpoint = NULL;
1012 bug_ops.to_has_execd = NULL;
1013 bug_ops.to_reported_exec_events_per_exec_call = NULL;
1014 bug_ops.to_has_exited = NULL;
1015 bug_ops.to_mourn_inferior = gr_mourn;
1016 bug_ops.to_can_run = 0;
1017 bug_ops.to_notice_signals = 0;
1018 bug_ops.to_thread_alive = 0 ;
1019 bug_ops.to_stop = 0;
1020 bug_ops.to_pid_to_exec_file = NULL;
1021 bug_ops.to_core_file_to_sym_file = NULL;
1022 bug_ops.to_stratum = process_stratum ;
1023 bug_ops.DONT_USE = 0;
1024 bug_ops.to_has_all_memory = 1;
1025 bug_ops.to_has_memory = 1;
1026 bug_ops.to_has_stack = 1;
1027 bug_ops.to_has_registers = 0;
1028 bug_ops.to_has_execution = 0;
1029 bug_ops.to_sections = 0 ;
1030 bug_ops.to_sections_end = 0 ;
1031 bug_ops.to_magic = OPS_MAGIC; /* Always the last thing */
1032 } /* init_bug_ops */
1035 _initialize_remote_bug ()
1038 add_target (&bug_ops);
1041 (add_set_cmd ("srec-bytes", class_support, var_uinteger,
1042 (char *) &srec_bytes,
1044 Set the number of bytes represented in each S-record.\n\
1045 This affects the communication protocol with the remote target.",
1050 (add_set_cmd ("srec-max-retries", class_support, var_uinteger,
1051 (char *) &srec_max_retries,
1053 Set the number of retries for shipping S-records.\n\
1054 This affects the communication protocol with the remote target.",
1059 /* This needs to set SREC_SIZE, not srec_frame which gets changed at the
1060 end of a download. But do we need the option at all? */
1062 (add_set_cmd ("srec-frame", class_support, var_uinteger,
1063 (char *) &srec_frame,
1065 Set the number of bytes in an S-record frame.\n\
1066 This affects the communication protocol with the remote target.",
1072 (add_set_cmd ("srec-noise", class_support, var_zinteger,
1073 (char *) &srec_noise,
1075 Set number of S-record to send before deliberately flubbing a checksum.\n\
1076 Zero means flub none at all. This affects the communication protocol\n\
1077 with the remote target.",
1082 (add_set_cmd ("srec-sleep", class_support, var_zinteger,
1083 (char *) &srec_sleep,
1085 Set number of seconds to sleep after an S-record for a possible error message to arrive.\n\
1086 This affects the communication protocol with the remote target.",
1091 (add_set_cmd ("srec-echo-pace", class_support, var_boolean,
1092 (char *) &srec_echo_pace,
1094 Set echo-verification.\n\
1095 When on, use verification by echo when downloading S-records. This is\n\
1096 much slower, but generally more reliable.",
projects / platform / upstream / binutils.git / blob