1 /* Remote debugging interface for Motorola's MVME187BUG monitor, an embedded
4 Copyright 1992, 1993 Free Software Foundation, Inc.
5 Contributed by Cygnus Support. Written by K. Richard Pixley.
7 This file is part of GDB.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
38 #include "remote-utils.h"
42 /* External data declarations */
43 extern int stop_soon_quietly; /* for wait_for_inferior */
45 /* Forward data declarations */
46 extern struct target_ops bug_ops; /* Forward declaration */
48 /* Forward function declarations */
49 static int bug_clear_breakpoints PARAMS((void));
51 static int bug_read_memory PARAMS((CORE_ADDR memaddr,
52 unsigned char *myaddr,
55 static int bug_write_memory PARAMS((CORE_ADDR memaddr,
56 unsigned char *myaddr,
59 /* This variable is somewhat arbitrary. It's here so that it can be
60 set from within a running gdb. */
62 static int srec_max_retries = 3;
64 /* Each S-record download to the target consists of an S0 header
65 record, some number of S3 data records, and one S7 termination
66 record. I call this download a "frame". Srec_frame says how many
67 bytes will be represented in each frame. */
70 static int srec_frame = SREC_SIZE;
72 /* This variable determines how many bytes will be represented in each
75 static int srec_bytes = 40;
77 /* At one point it appeared to me as though the bug monitor could not
78 really be expected to receive two sequential characters at 9600
79 baud reliably. Echo-pacing is an attempt to force data across the
80 line even in this condition. Specifically, in echo-pace mode, each
81 character is sent one at a time and we look for the echo before
82 sending the next. This is excruciatingly slow. */
84 static int srec_echo_pace = 0;
86 /* How long to wait after an srec for a possible error message.
87 Similar to the above, I tried sleeping after sending each S3 record
88 in hopes that I might actually see error messages from the bug
89 monitor. This might actually work if we were to use sleep
90 intervals smaller than 1 second. */
92 static int srec_sleep = 0;
94 /* Every srec_noise records, flub the checksum. This is a debugging
95 feature. Set the variable to something other than 1 in order to
96 inject *deliberate* checksum errors. One might do this if one
97 wanted to test error handling and recovery. */
99 static int srec_noise = 0;
101 /* Called when SIGALRM signal sent due to alarm() timeout. */
103 /* Number of SIGTRAPs we need to simulate. That is, the next
104 NEED_ARTIFICIAL_TRAP calls to bug_wait should just return
105 SIGTRAP without actually waiting for anything. */
107 static int need_artificial_trap = 0;
110 * Download a file specified in 'args', to the bug.
114 bug_load (args, fromtty)
124 dcache_flush (gr_get_dcache());
126 abfd = bfd_openr (args, 0);
129 printf_filtered ("Unable to open file %s\n", args);
133 if (bfd_check_format (abfd, bfd_object) == 0)
135 printf_filtered ("File is not an object file\n");
140 while (s != (asection *) NULL)
142 srec_frame = SREC_SIZE;
143 if (s->flags & SEC_LOAD)
147 char *buffer = xmalloc (srec_frame);
149 printf_filtered ("%s\t: 0x%4x .. 0x%4x ", s->name, s->vma, s->vma + s->_raw_size);
151 for (i = 0; i < s->_raw_size; i += srec_frame)
153 if (srec_frame > s->_raw_size - i)
154 srec_frame = s->_raw_size - i;
156 bfd_get_section_contents (abfd, s, buffer, i, srec_frame);
157 bug_write_memory (s->vma + i, buffer, srec_frame);
158 printf_filtered ("*");
161 printf_filtered ("\n");
166 sprintf (buffer, "rs ip %lx", (unsigned long) abfd->start_address);
167 sr_write_cr (buffer);
188 while (*s && !isspace (*s))
194 copy = xmalloc (len + 1);
195 memcpy (copy, word, len);
202 static struct gr_settings bug_settings = {
206 bug_clear_breakpoints, /* clear_all_breakpoints */
207 bug_read_memory, /* readfunc */
208 bug_write_memory, /* writefunc */
209 gr_generic_checkin, /* checkin */
212 static char *cpu_check_strings[] = {
218 bug_open (args, from_tty)
225 gr_open(args, from_tty, &bug_settings);
226 /* decide *now* whether we are on an 88100 or an 88110 */
227 sr_write_cr("rs cr06");
228 sr_expect("rs cr06");
230 switch (gr_multi_scan(cpu_check_strings, 0))
232 case 0: /* this is an m88100 */
233 target_is_m88110 = 0;
235 case 1: /* this is an m88110 */
236 target_is_m88110 = 1;
243 /* Tell the remote machine to resume. */
246 bug_resume (pid, step, sig)
248 enum target_signal sig;
250 dcache_flush (gr_get_dcache());
256 /* Force the next bug_wait to return a trap. Not doing anything
257 about I/O from the target means that the user has to type
258 "continue" to see any. FIXME, this should be fixed. */
259 need_artificial_trap = 1;
267 /* Wait until the remote machine stops, then return,
268 storing status in STATUS just as `wait' would. */
270 static char *wait_strings[] = {
272 "Exception: Data Access Fault (Local Bus Timeout)",
279 bug_wait (pid, status)
281 struct target_waitstatus *status;
283 int old_timeout = sr_get_timeout();
284 int old_immediate_quit = immediate_quit;
286 status->kind = TARGET_WAITKIND_EXITED;
287 status->value.integer = 0;
289 /* read off leftovers from resume so that the rest can be passed
290 back out as stdout. */
291 if (need_artificial_trap == 0)
293 sr_expect("Effective address: ");
294 (void) sr_get_hex_word();
298 sr_set_timeout(-1); /* Don't time out -- user program is running. */
299 immediate_quit = 1; /* Helps ability to QUIT */
301 switch (gr_multi_scan(wait_strings, need_artificial_trap == 0))
303 case 0: /* breakpoint case */
304 status->kind = TARGET_WAITKIND_STOPPED;
305 status->value.sig = TARGET_SIGNAL_TRAP;
306 /* user output from the target can be discarded here. (?) */
310 case 1: /* bus error */
311 status->kind = TARGET_WAITKIND_STOPPED;
312 status->value.sig = TARGET_SIGNAL_BUS;
313 /* user output from the target can be discarded here. (?) */
317 case 2: /* normal case */
319 if (need_artificial_trap != 0)
322 status->kind = TARGET_WAITKIND_STOPPED;
323 status->value.sig = TARGET_SIGNAL_TRAP;
324 need_artificial_trap--;
330 status->kind = TARGET_WAITKIND_EXITED;
331 status->value.integer = 0;
335 case -1: /* trouble */
337 fprintf_filtered (stderr,
338 "Trouble reading target during wait\n");
342 sr_set_timeout(old_timeout);
343 immediate_quit = old_immediate_quit;
347 /* Return the name of register number REGNO
348 in the form input and output by bug.
350 Returns a pointer to a static buffer containing the answer. */
355 static char *rn[] = {
356 "r00", "r01", "r02", "r03", "r04", "r05", "r06", "r07",
357 "r08", "r09", "r10", "r11", "r12", "r13", "r14", "r15",
358 "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
359 "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
361 /* these get confusing because we omit a few and switch some ordering around. */
363 "cr01", /* 32 = psr */
364 "fcr62", /* 33 = fpsr*/
365 "fcr63", /* 34 = fpcr */
366 "ip", /* this is something of a cheat. */
368 "cr05", /* 36 = snip */
369 "cr06", /* 37 = sfip */
371 "x00", "x01", "x02", "x03", "x04", "x05", "x06", "x07",
372 "x08", "x09", "x10", "x11", "x12", "x13", "x14", "x15",
373 "x16", "x17", "x18", "x19", "x20", "x21", "x22", "x23",
374 "x24", "x25", "x26", "x27", "x28", "x29", "x30", "x31",
380 #if 0 /* not currently used */
381 /* Read from remote while the input matches STRING. Return zero on
382 success, -1 on failure. */
396 printf("\nNext character is '%c' - %d and s is \"%s\".\n", c, c, --s);
406 bug_srec_write_cr (s)
414 if (sr_get_debug() > 0)
418 SERIAL_WRITE(sr_get_desc(), p, 1);
419 while (sr_pollchar() != *p);
424 /* return(bug_scan (s) || bug_scan ("\n")); */
430 /* Store register REGNO, or all if REGNO == -1. */
433 bug_fetch_register(regno)
442 for (i = 0; i < NUM_REGS; ++i)
443 bug_fetch_register(i);
445 else if (target_is_m88110 && regno == SFIP_REGNUM)
447 /* m88110 has no sfip. */
449 supply_register(regno, (char *) &l);
451 else if (regno < XFP_REGNUM)
453 char buffer[MAX_REGISTER_RAW_SIZE];
456 sr_write_cr (get_reg_name(regno));
458 store_unsigned_integer (buffer, REGISTER_RAW_SIZE (regno),
461 supply_register (regno, buffer);
465 /* Float register so we need to parse a strange data format. */
467 unsigned char value[10];
470 sr_write(get_reg_name(regno), strlen(get_reg_name(regno)));
473 sr_expect(get_reg_name(regno));
478 p = sr_get_hex_digit(1);
483 p = sr_get_hex_digit(1);
484 value[0] += (p << 4);
485 value[0] += sr_get_hex_digit(1);
487 value[1] = sr_get_hex_digit(1) << 4;
491 value[1] += sr_get_hex_digit(1);
493 value[2] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
494 value[3] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
495 value[4] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
496 value[5] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
497 value[6] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
498 value[7] = (sr_get_hex_digit(1) << 4) + sr_get_hex_digit(1);
503 supply_register(regno, value);
509 /* Store register REGNO, or all if REGNO == -1. */
512 bug_store_register (regno)
522 for (i = 0; i < NUM_REGS; ++i)
523 bug_store_register(i);
529 regname = get_reg_name(regno);
531 if (target_is_m88110 && regno == SFIP_REGNUM)
533 else if (regno < XFP_REGNUM)
534 sprintf(buffer, "rs %s %08x",
536 read_register(regno));
539 unsigned char *value = ®isters[REGISTER_BYTE(regno)];
541 sprintf(buffer, "rs %s %1x_%02x%1x_%1x%02x%02x%02x%02x%02x%02x;d",
544 (value[0] >> 7) & 0xf,
547 (value[1] >> 8) & 0xf,
566 bug_xfer_memory (memaddr, myaddr, len, write, target)
571 struct target_ops *target; /* ignored */
575 /* Round starting address down to longword boundary. */
576 register CORE_ADDR addr;
578 /* Round ending address up; get number of longwords that makes. */
581 /* Allocate buffer of that many longwords. */
582 register int *buffer;
584 addr = memaddr & -sizeof (int);
585 count = (((memaddr + len) - addr) + sizeof (int) - 1) / sizeof (int);
587 buffer = (int *) alloca (count * sizeof (int));
591 /* Fill start and end extra bytes of buffer with existing memory data. */
593 if (addr != memaddr || len < (int) sizeof (int))
595 /* Need part of initial word -- fetch it. */
596 buffer[0] = gr_fetch_word (addr);
599 if (count > 1) /* FIXME, avoid if even boundary */
602 = gr_fetch_word (addr + (count - 1) * sizeof (int));
605 /* Copy data to be written over corresponding part of buffer */
607 memcpy ((char *) buffer + (memaddr & (sizeof (int) - 1)), myaddr, len);
609 /* Write the entire buffer. */
611 for (i = 0; i < count; i++, addr += sizeof (int))
614 gr_store_word (addr, buffer[i]);
625 /* Read all the longwords */
626 for (i = 0; i < count; i++, addr += sizeof (int))
629 buffer[i] = gr_fetch_word (addr);
637 /* Copy appropriate bytes out of the buffer. */
638 memcpy (myaddr, (char *) buffer + (memaddr & (sizeof (int) - 1)), len);
649 command = (srec_echo_pace ? "lo 0 ;x" : "lo 0");
651 sr_write_cr (command);
654 bug_srec_write_cr ("S0030000FC");
658 /* This is an extremely vulnerable and fragile function. I've made
659 considerable attempts to make this deterministic, but I've
660 certainly forgotten something. The trouble is that S-records are
661 only a partial file format, not a protocol. Worse, apparently the
662 m88k bug monitor does not run in real time while receiving
663 S-records. Hence, we must pay excruciating attention to when and
664 where error messages are returned, and what has actually been sent.
666 Each call represents a chunk of memory to be sent to the target.
667 We break that chunk into an S0 header record, some number of S3
668 data records each containing srec_bytes, and an S7 termination
671 static char *srecord_strings[] = {
678 bug_write_memory (memaddr, myaddr, len)
680 unsigned char *myaddr;
687 char buffer[(srec_bytes + 8) << 1];
695 if (retries > srec_max_retries)
700 if (sr_get_debug() > 0)
701 printf("\n<retrying...>\n");
703 /* This gr_expect_prompt call is extremely important. Without
704 it, we will tend to resend our packet so fast that it
705 will arrive before the bug monitor is ready to receive
706 it. This would lead to a very ugly resend loop. */
722 if (thisgo > srec_bytes)
725 address = memaddr + done;
726 sprintf (buf, "S3%02X%08X", thisgo + 4 + 1, address);
729 checksum += (thisgo + 4 + 1
731 + ((address >> 8) & 0xff)
732 + ((address >> 16) & 0xff)
733 + ((address >> 24) & 0xff));
735 for (idx = 0; idx < thisgo; idx++)
737 sprintf (buf, "%02X", myaddr[idx + done]);
738 checksum += myaddr[idx + done];
744 /* FIXME-NOW: insert a deliberate error every now and then.
745 This is intended for testing/debugging the error handling
747 static int counter = 0;
748 if (++counter > srec_noise)
755 sprintf(buf, "%02X", ~checksum & 0xff);
756 bug_srec_write_cr (buffer);
761 /* This pollchar is probably redundant to the gr_multi_scan
762 below. Trouble is, we can't be sure when or where an
763 error message will appear. Apparently, when running at
764 full speed from a typical sun4, error messages tend to
765 appear to arrive only *after* the s7 record. */
767 if ((x = sr_pollchar()) != 0)
769 if (sr_get_debug() > 0)
770 printf("\n<retrying...>\n");
774 /* flush any remaining input and verify that we are back
775 at the prompt level. */
777 /* start all over again. */
786 bug_srec_write_cr("S7060000000000F9");
789 /* Having finished the load, we need to figure out whether we
791 } while (gr_multi_scan(srecord_strings, 0) == 0);;
796 /* Copy LEN bytes of data from debugger memory at MYADDR
797 to inferior's memory at MEMADDR. Returns errno value.
798 * sb/sh instructions don't work on unaligned addresses, when TU=1.
801 /* Read LEN bytes from inferior memory at MEMADDR. Put the result
802 at debugger address MYADDR. Returns errno value. */
804 bug_read_memory (memaddr, myaddr, len)
806 unsigned char *myaddr;
816 unsigned int checksum;
818 sprintf(request, "du 0 %x:&%d", memaddr, len);
819 sr_write_cr(request);
821 p = buffer = alloca(len);
823 /* scan up through the header */
824 sr_expect("S0030000FC");
826 while (p < buffer + len)
828 /* scan off any white space. */
829 while (sr_readchar() != 'S') ;;
831 /* what kind of s-rec? */
832 type = sr_readchar();
834 /* scan record size */
835 sr_get_hex_byte(&size);
849 inaddr = (inaddr << 8) + c;
852 /* intentional fall through */
855 inaddr = (inaddr << 8) + c;
858 /* intentional fall through */
861 inaddr = (inaddr << 8) + c;
865 inaddr = (inaddr << 8) + c;
872 error("reading s-records.");
876 || (memaddr + len) < (inaddr + size))
877 error("srec out of memory range.");
879 if (p != buffer + inaddr - memaddr)
880 error("srec out of sequence.");
882 for (; size; --size, ++p)
889 if (c != (~checksum & 0xff))
890 error("bad s-rec checksum");
895 if (p != buffer + len)
898 memcpy(myaddr, buffer, len);
902 #define MAX_BREAKS 16
903 static int num_brkpts = 0;
905 bug_insert_breakpoint (addr, save)
907 char *save; /* Throw away, let bug save instructions */
911 if (num_brkpts < MAX_BREAKS)
916 sprintf (buffer, "br %x", addr);
917 sr_write_cr (buffer);
923 fprintf_filtered (stderr,
924 "Too many break points, break point not installed\n");
930 bug_remove_breakpoint (addr, save)
932 char *save; /* Throw away, let bug save instructions */
939 sprintf (buffer, "nobr %x", addr);
940 sr_write_cr (buffer);
947 /* Clear the bugs notion of what the break points are */
949 bug_clear_breakpoints ()
954 sr_write_cr ("nobr");
962 struct target_ops bug_ops =
964 "bug", "Remote BUG monitor",
965 "Use the mvme187 board running the BUG monitor connected\n\
969 0, gr_detach, bug_resume, bug_wait, /* attach */
970 bug_fetch_register, bug_store_register,
974 bug_insert_breakpoint, bug_remove_breakpoint, /* Breakpoints */
975 0, 0, 0, 0, 0, /* Terminal handling */
976 gr_kill, /* FIXME, kill */
978 0, /* lookup_symbol */
979 gr_create_inferior, /* create_inferior */
980 gr_mourn, /* mourn_inferior FIXME */
982 0, /* notice_signals */
983 process_stratum, 0, /* next */
984 1, 1, 1, 1, 1, /* all mem, mem, stack, regs, exec */
985 0, 0, /* Section pointers */
986 OPS_MAGIC, /* Always the last thing */
990 _initialize_remote_bug ()
992 add_target (&bug_ops);
995 (add_set_cmd ("srec-bytes", class_support, var_uinteger,
996 (char *) &srec_bytes,
998 Set the number of bytes represented in each S-record.\n\
999 This affects the communication protocol with the remote target.",
1004 (add_set_cmd ("srec-max-retries", class_support, var_uinteger,
1005 (char *) &srec_max_retries,
1007 Set the number of retries for shipping S-records.\n\
1008 This affects the communication protocol with the remote target.",
1013 /* This needs to set SREC_SIZE, not srec_frame which gets changed at the
1014 end of a download. But do we need the option at all? */
1016 (add_set_cmd ("srec-frame", class_support, var_uinteger,
1017 (char *) &srec_frame,
1019 Set the number of bytes in an S-record frame.\n\
1020 This affects the communication protocol with the remote target.",
1026 (add_set_cmd ("srec-noise", class_support, var_zinteger,
1027 (char *) &srec_noise,
1029 Set number of S-record to send before deliberately flubbing a checksum.\n\
1030 Zero means flub none at all. This affects the communication protocol\n\
1031 with the remote target.",
1036 (add_set_cmd ("srec-sleep", class_support, var_zinteger,
1037 (char *) &srec_sleep,
1039 Set number of seconds to sleep after an S-record for a possible error message to arrive.\n\
1040 This affects the communication protocol with the remote target.",
1045 (add_set_cmd ("srec-echo-pace", class_support, var_boolean,
1046 (char *) &srec_echo_pace,
1048 Set echo-verification.\n\
1049 When on, use verification by echo when downloading S-records. This is\n\
1050 much slower, but generally more reliable.",
projects / platform / upstream / binutils.git / blob