1 /* Remote debugging interface for Motorola's MVME187BUG monitor, an embedded
4 Copyright 1992, 1993 Free Software Foundation, Inc.
5 Contributed by Cygnus Support. Written by K. Richard Pixley.
7 This file is part of GDB.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place - Suite 330,
22 Boston, MA 02111-1307, USA. */
28 #include "gdb_string.h"
39 #include "remote-utils.h"
44 /* External data declarations */
45 extern int stop_soon_quietly
; /* for wait_for_inferior */
47 /* Forward data declarations */
48 extern struct target_ops bug_ops
; /* Forward declaration */
50 /* Forward function declarations */
51 static int bug_clear_breakpoints (void);
53 static int bug_read_memory (CORE_ADDR memaddr
,
54 unsigned char *myaddr
, int len
);
56 static int bug_write_memory (CORE_ADDR memaddr
,
57 unsigned char *myaddr
, int len
);
59 /* This variable is somewhat arbitrary. It's here so that it can be
60 set from within a running gdb. */
62 static int srec_max_retries
= 3;
64 /* Each S-record download to the target consists of an S0 header
65 record, some number of S3 data records, and one S7 termination
66 record. I call this download a "frame". Srec_frame says how many
67 bytes will be represented in each frame. */
70 static int srec_frame
= SREC_SIZE
;
72 /* This variable determines how many bytes will be represented in each
75 static int srec_bytes
= 40;
77 /* At one point it appeared to me as though the bug monitor could not
78 really be expected to receive two sequential characters at 9600
79 baud reliably. Echo-pacing is an attempt to force data across the
80 line even in this condition. Specifically, in echo-pace mode, each
81 character is sent one at a time and we look for the echo before
82 sending the next. This is excruciatingly slow. */
84 static int srec_echo_pace
= 0;
86 /* How long to wait after an srec for a possible error message.
87 Similar to the above, I tried sleeping after sending each S3 record
88 in hopes that I might actually see error messages from the bug
89 monitor. This might actually work if we were to use sleep
90 intervals smaller than 1 second. */
92 static int srec_sleep
= 0;
94 /* Every srec_noise records, flub the checksum. This is a debugging
95 feature. Set the variable to something other than 1 in order to
96 inject *deliberate* checksum errors. One might do this if one
97 wanted to test error handling and recovery. */
99 static int srec_noise
= 0;
101 /* Called when SIGALRM signal sent due to alarm() timeout. */
103 /* Number of SIGTRAPs we need to simulate. That is, the next
104 NEED_ARTIFICIAL_TRAP calls to bug_wait should just return
105 SIGTRAP without actually waiting for anything. */
107 static int need_artificial_trap
= 0;
110 * Download a file specified in 'args', to the bug.
114 bug_load (args
, fromtty
)
124 dcache_flush (gr_get_dcache ());
126 abfd
= bfd_openr (args
, 0);
129 printf_filtered ("Unable to open file %s\n", args
);
133 if (bfd_check_format (abfd
, bfd_object
) == 0)
135 printf_filtered ("File is not an object file\n");
140 while (s
!= (asection
*) NULL
)
142 srec_frame
= SREC_SIZE
;
143 if (s
->flags
& SEC_LOAD
)
147 char *buffer
= xmalloc (srec_frame
);
149 printf_filtered ("%s\t: 0x%4x .. 0x%4x ", s
->name
, s
->vma
, s
->vma
+ s
->_raw_size
);
150 gdb_flush (gdb_stdout
);
151 for (i
= 0; i
< s
->_raw_size
; i
+= srec_frame
)
153 if (srec_frame
> s
->_raw_size
- i
)
154 srec_frame
= s
->_raw_size
- i
;
156 bfd_get_section_contents (abfd
, s
, buffer
, i
, srec_frame
);
157 bug_write_memory (s
->vma
+ i
, buffer
, srec_frame
);
158 printf_filtered ("*");
159 gdb_flush (gdb_stdout
);
161 printf_filtered ("\n");
166 sprintf (buffer
, "rs ip %lx", (unsigned long) abfd
->start_address
);
167 sr_write_cr (buffer
);
188 while (*s
&& !isspace (*s
))
194 copy
= xmalloc (len
+ 1);
195 memcpy (copy
, word
, len
);
202 static struct gr_settings bug_settings
=
207 bug_clear_breakpoints
, /* clear_all_breakpoints */
208 bug_read_memory
, /* readfunc */
209 bug_write_memory
, /* writefunc */
210 gr_generic_checkin
, /* checkin */
213 static char *cpu_check_strings
[] =
220 bug_open (args
, from_tty
)
227 gr_open (args
, from_tty
, &bug_settings
);
228 /* decide *now* whether we are on an 88100 or an 88110 */
229 sr_write_cr ("rs cr06");
230 sr_expect ("rs cr06");
232 switch (gr_multi_scan (cpu_check_strings
, 0))
234 case 0: /* this is an m88100 */
235 target_is_m88110
= 0;
237 case 1: /* this is an m88110 */
238 target_is_m88110
= 1;
245 /* Tell the remote machine to resume. */
248 bug_resume (pid
, step
, sig
)
250 enum target_signal sig
;
252 dcache_flush (gr_get_dcache ());
258 /* Force the next bug_wait to return a trap. Not doing anything
259 about I/O from the target means that the user has to type
260 "continue" to see any. FIXME, this should be fixed. */
261 need_artificial_trap
= 1;
269 /* Wait until the remote machine stops, then return,
270 storing status in STATUS just as `wait' would. */
272 static char *wait_strings
[] =
275 "Exception: Data Access Fault (Local Bus Timeout)",
276 "\r8??\?-Bug>", /* The '\?' avoids creating a trigraph */
282 bug_wait (pid
, status
)
284 struct target_waitstatus
*status
;
286 int old_timeout
= sr_get_timeout ();
287 int old_immediate_quit
= immediate_quit
;
289 status
->kind
= TARGET_WAITKIND_EXITED
;
290 status
->value
.integer
= 0;
292 /* read off leftovers from resume so that the rest can be passed
293 back out as stdout. */
294 if (need_artificial_trap
== 0)
296 sr_expect ("Effective address: ");
297 (void) sr_get_hex_word ();
301 sr_set_timeout (-1); /* Don't time out -- user program is running. */
302 immediate_quit
= 1; /* Helps ability to QUIT */
304 switch (gr_multi_scan (wait_strings
, need_artificial_trap
== 0))
306 case 0: /* breakpoint case */
307 status
->kind
= TARGET_WAITKIND_STOPPED
;
308 status
->value
.sig
= TARGET_SIGNAL_TRAP
;
309 /* user output from the target can be discarded here. (?) */
313 case 1: /* bus error */
314 status
->kind
= TARGET_WAITKIND_STOPPED
;
315 status
->value
.sig
= TARGET_SIGNAL_BUS
;
316 /* user output from the target can be discarded here. (?) */
320 case 2: /* normal case */
322 if (need_artificial_trap
!= 0)
325 status
->kind
= TARGET_WAITKIND_STOPPED
;
326 status
->value
.sig
= TARGET_SIGNAL_TRAP
;
327 need_artificial_trap
--;
333 status
->kind
= TARGET_WAITKIND_EXITED
;
334 status
->value
.integer
= 0;
338 case -1: /* trouble */
340 fprintf_filtered (gdb_stderr
,
341 "Trouble reading target during wait\n");
345 sr_set_timeout (old_timeout
);
346 immediate_quit
= old_immediate_quit
;
350 /* Return the name of register number REGNO
351 in the form input and output by bug.
353 Returns a pointer to a static buffer containing the answer. */
360 "r00", "r01", "r02", "r03", "r04", "r05", "r06", "r07",
361 "r08", "r09", "r10", "r11", "r12", "r13", "r14", "r15",
362 "r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
363 "r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
365 /* these get confusing because we omit a few and switch some ordering around. */
367 "cr01", /* 32 = psr */
368 "fcr62", /* 33 = fpsr */
369 "fcr63", /* 34 = fpcr */
370 "ip", /* this is something of a cheat. */
372 "cr05", /* 36 = snip */
373 "cr06", /* 37 = sfip */
375 "x00", "x01", "x02", "x03", "x04", "x05", "x06", "x07",
376 "x08", "x09", "x10", "x11", "x12", "x13", "x14", "x15",
377 "x16", "x17", "x18", "x19", "x20", "x21", "x22", "x23",
378 "x24", "x25", "x26", "x27", "x28", "x29", "x30", "x31",
384 #if 0 /* not currently used */
385 /* Read from remote while the input matches STRING. Return zero on
386 success, -1 on failure. */
400 printf ("\nNext character is '%c' - %d and s is \"%s\".\n", c
, c
, --s
);
410 bug_srec_write_cr (s
)
418 if (sr_get_debug () > 0)
422 SERIAL_WRITE (sr_get_desc (), p
, 1);
423 while (sr_pollchar () != *p
);
428 /* return(bug_scan (s) || bug_scan ("\n")); */
434 /* Store register REGNO, or all if REGNO == -1. */
437 bug_fetch_register (regno
)
446 for (i
= 0; i
< NUM_REGS
; ++i
)
447 bug_fetch_register (i
);
449 else if (target_is_m88110
&& regno
== SFIP_REGNUM
)
451 /* m88110 has no sfip. */
453 supply_register (regno
, (char *) &l
);
455 else if (regno
< XFP_REGNUM
)
457 char buffer
[MAX_REGISTER_RAW_SIZE
];
460 sr_write_cr (get_reg_name (regno
));
462 store_unsigned_integer (buffer
, REGISTER_RAW_SIZE (regno
),
465 supply_register (regno
, buffer
);
469 /* Float register so we need to parse a strange data format. */
471 unsigned char fpreg_buf
[10];
474 sr_write (get_reg_name (regno
), strlen (get_reg_name (regno
)));
477 sr_expect (get_reg_name (regno
));
482 p
= sr_get_hex_digit (1);
483 fpreg_buf
[0] = p
<< 7;
487 p
= sr_get_hex_digit (1);
488 fpreg_buf
[0] += (p
<< 4);
489 fpreg_buf
[0] += sr_get_hex_digit (1);
491 fpreg_buf
[1] = sr_get_hex_digit (1) << 4;
495 fpreg_buf
[1] += sr_get_hex_digit (1);
497 fpreg_buf
[2] = (sr_get_hex_digit (1) << 4) + sr_get_hex_digit (1);
498 fpreg_buf
[3] = (sr_get_hex_digit (1) << 4) + sr_get_hex_digit (1);
499 fpreg_buf
[4] = (sr_get_hex_digit (1) << 4) + sr_get_hex_digit (1);
500 fpreg_buf
[5] = (sr_get_hex_digit (1) << 4) + sr_get_hex_digit (1);
501 fpreg_buf
[6] = (sr_get_hex_digit (1) << 4) + sr_get_hex_digit (1);
502 fpreg_buf
[7] = (sr_get_hex_digit (1) << 4) + sr_get_hex_digit (1);
507 supply_register (regno
, fpreg_buf
);
513 /* Store register REGNO, or all if REGNO == -1. */
516 bug_store_register (regno
)
526 for (i
= 0; i
< NUM_REGS
; ++i
)
527 bug_store_register (i
);
533 regname
= get_reg_name (regno
);
535 if (target_is_m88110
&& regno
== SFIP_REGNUM
)
537 else if (regno
< XFP_REGNUM
)
538 sprintf (buffer
, "rs %s %08x",
540 read_register (regno
));
543 unsigned char *fpreg_buf
=
544 (unsigned char *) ®isters
[REGISTER_BYTE (regno
)];
546 sprintf (buffer
, "rs %s %1x_%02x%1x_%1x%02x%02x%02x%02x%02x%02x;d",
549 (fpreg_buf
[0] >> 7) & 0xf,
552 (fpreg_buf
[1] >> 8) & 0xf,
563 sr_write_cr (buffer
);
571 bug_xfer_memory (memaddr
, myaddr
, len
, write
, target
)
576 struct target_ops
*target
; /* ignored */
581 return dcache_xfer_memory (gr_get_dcache (), memaddr
, myaddr
, len
, write
);
589 command
= (srec_echo_pace
? "lo 0 ;x" : "lo 0");
591 sr_write_cr (command
);
594 bug_srec_write_cr ("S0030000FC");
598 /* This is an extremely vulnerable and fragile function. I've made
599 considerable attempts to make this deterministic, but I've
600 certainly forgotten something. The trouble is that S-records are
601 only a partial file format, not a protocol. Worse, apparently the
602 m88k bug monitor does not run in real time while receiving
603 S-records. Hence, we must pay excruciating attention to when and
604 where error messages are returned, and what has actually been sent.
606 Each call represents a chunk of memory to be sent to the target.
607 We break that chunk into an S0 header record, some number of S3
608 data records each containing srec_bytes, and an S7 termination
611 static char *srecord_strings
[] =
619 bug_write_memory (memaddr
, myaddr
, len
)
621 unsigned char *myaddr
;
628 char *buffer
= alloca ((srec_bytes
+ 8) << 1);
636 if (retries
> srec_max_retries
)
641 if (sr_get_debug () > 0)
642 printf ("\n<retrying...>\n");
644 /* This gr_expect_prompt call is extremely important. Without
645 it, we will tend to resend our packet so fast that it
646 will arrive before the bug monitor is ready to receive
647 it. This would lead to a very ugly resend loop. */
663 if (thisgo
> srec_bytes
)
666 address
= memaddr
+ done
;
667 sprintf (buf
, "S3%02X%08X", thisgo
+ 4 + 1, address
);
670 checksum
+= (thisgo
+ 4 + 1
672 + ((address
>> 8) & 0xff)
673 + ((address
>> 16) & 0xff)
674 + ((address
>> 24) & 0xff));
676 for (idx
= 0; idx
< thisgo
; idx
++)
678 sprintf (buf
, "%02X", myaddr
[idx
+ done
]);
679 checksum
+= myaddr
[idx
+ done
];
685 /* FIXME-NOW: insert a deliberate error every now and then.
686 This is intended for testing/debugging the error handling
688 static int counter
= 0;
689 if (++counter
> srec_noise
)
696 sprintf (buf
, "%02X", ~checksum
& 0xff);
697 bug_srec_write_cr (buffer
);
702 /* This pollchar is probably redundant to the gr_multi_scan
703 below. Trouble is, we can't be sure when or where an
704 error message will appear. Apparently, when running at
705 full speed from a typical sun4, error messages tend to
706 appear to arrive only *after* the s7 record. */
708 if ((x
= sr_pollchar ()) != 0)
710 if (sr_get_debug () > 0)
711 printf ("\n<retrying...>\n");
715 /* flush any remaining input and verify that we are back
716 at the prompt level. */
718 /* start all over again. */
727 bug_srec_write_cr ("S7060000000000F9");
730 /* Having finished the load, we need to figure out whether we
733 while (gr_multi_scan (srecord_strings
, 0) == 0);;
738 /* Copy LEN bytes of data from debugger memory at MYADDR
739 to inferior's memory at MEMADDR. Returns errno value.
740 * sb/sh instructions don't work on unaligned addresses, when TU=1.
743 /* Read LEN bytes from inferior memory at MEMADDR. Put the result
744 at debugger address MYADDR. Returns errno value. */
746 bug_read_memory (memaddr
, myaddr
, len
)
748 unsigned char *myaddr
;
758 unsigned int checksum
;
760 sprintf (request
, "du 0 %x:&%d", memaddr
, len
);
761 sr_write_cr (request
);
763 p
= buffer
= alloca (len
);
765 /* scan up through the header */
766 sr_expect ("S0030000FC");
768 while (p
< buffer
+ len
)
770 /* scan off any white space. */
771 while (sr_readchar () != 'S');;
773 /* what kind of s-rec? */
774 type
= sr_readchar ();
776 /* scan record size */
777 sr_get_hex_byte (&size
);
790 sr_get_hex_byte (&c
);
791 inaddr
= (inaddr
<< 8) + c
;
794 /* intentional fall through */
796 sr_get_hex_byte (&c
);
797 inaddr
= (inaddr
<< 8) + c
;
800 /* intentional fall through */
802 sr_get_hex_byte (&c
);
803 inaddr
= (inaddr
<< 8) + c
;
806 sr_get_hex_byte (&c
);
807 inaddr
= (inaddr
<< 8) + c
;
814 error ("reading s-records.");
818 || (memaddr
+ len
) < (inaddr
+ size
))
819 error ("srec out of memory range.");
821 if (p
!= buffer
+ inaddr
- memaddr
)
822 error ("srec out of sequence.");
824 for (; size
; --size
, ++p
)
830 sr_get_hex_byte (&c
);
831 if (c
!= (~checksum
& 0xff))
832 error ("bad s-rec checksum");
837 if (p
!= buffer
+ len
)
840 memcpy (myaddr
, buffer
, len
);
844 #define MAX_BREAKS 16
845 static int num_brkpts
= 0;
847 bug_insert_breakpoint (addr
, save
)
849 char *save
; /* Throw away, let bug save instructions */
853 if (num_brkpts
< MAX_BREAKS
)
858 sprintf (buffer
, "br %x", addr
);
859 sr_write_cr (buffer
);
865 fprintf_filtered (gdb_stderr
,
866 "Too many break points, break point not installed\n");
872 bug_remove_breakpoint (addr
, save
)
874 char *save
; /* Throw away, let bug save instructions */
881 sprintf (buffer
, "nobr %x", addr
);
882 sr_write_cr (buffer
);
889 /* Clear the bugs notion of what the break points are */
891 bug_clear_breakpoints ()
896 sr_write_cr ("nobr");
904 struct target_ops bug_ops
;
909 bug_ops
.to_shortname
= "bug";
910 "Remote BUG monitor",
911 bug_ops
.to_longname
= "Use the mvme187 board running the BUG monitor connected by a serial line.";
912 bug_ops
.to_doc
= " ";
913 bug_ops
.to_open
= bug_open
;
914 bug_ops
.to_close
= gr_close
;
915 bug_ops
.to_attach
= 0;
916 bug_ops
.to_post_attach
= NULL
;
917 bug_ops
.to_require_attach
= NULL
;
918 bug_ops
.to_detach
= gr_detach
;
919 bug_ops
.to_require_detach
= NULL
;
920 bug_ops
.to_resume
= bug_resume
;
921 bug_ops
.to_wait
= bug_wait
;
922 bug_ops
.to_post_wait
= NULL
;
923 bug_ops
.to_fetch_registers
= bug_fetch_register
;
924 bug_ops
.to_store_registers
= bug_store_register
;
925 bug_ops
.to_prepare_to_store
= gr_prepare_to_store
;
926 bug_ops
.to_xfer_memory
= bug_xfer_memory
;
927 bug_ops
.to_files_info
= gr_files_info
;
928 bug_ops
.to_insert_breakpoint
= bug_insert_breakpoint
;
929 bug_ops
.to_remove_breakpoint
= bug_remove_breakpoint
;
930 bug_ops
.to_terminal_init
= 0;
931 bug_ops
.to_terminal_inferior
= 0;
932 bug_ops
.to_terminal_ours_for_output
= 0;
933 bug_ops
.to_terminal_ours
= 0;
934 bug_ops
.to_terminal_info
= 0;
935 bug_ops
.to_kill
= gr_kill
;
936 bug_ops
.to_load
= bug_load
;
937 bug_ops
.to_lookup_symbol
= 0;
938 bug_ops
.to_create_inferior
= gr_create_inferior
;
939 bug_ops
.to_post_startup_inferior
= NULL
;
940 bug_ops
.to_acknowledge_created_inferior
= NULL
;
941 bug_ops
.to_clone_and_follow_inferior
= NULL
;
942 bug_ops
.to_post_follow_inferior_by_clone
= NULL
;
943 bug_ops
.to_insert_fork_catchpoint
= NULL
;
944 bug_ops
.to_remove_fork_catchpoint
= NULL
;
945 bug_ops
.to_insert_vfork_catchpoint
= NULL
;
946 bug_ops
.to_remove_vfork_catchpoint
= NULL
;
947 bug_ops
.to_has_forked
= NULL
;
948 bug_ops
.to_has_vforked
= NULL
;
949 bug_ops
.to_can_follow_vfork_prior_to_exec
= NULL
;
950 bug_ops
.to_post_follow_vfork
= NULL
;
951 bug_ops
.to_insert_exec_catchpoint
= NULL
;
952 bug_ops
.to_remove_exec_catchpoint
= NULL
;
953 bug_ops
.to_has_execd
= NULL
;
954 bug_ops
.to_reported_exec_events_per_exec_call
= NULL
;
955 bug_ops
.to_has_exited
= NULL
;
956 bug_ops
.to_mourn_inferior
= gr_mourn
;
957 bug_ops
.to_can_run
= 0;
958 bug_ops
.to_notice_signals
= 0;
959 bug_ops
.to_thread_alive
= 0;
961 bug_ops
.to_pid_to_exec_file
= NULL
;
962 bug_ops
.to_core_file_to_sym_file
= NULL
;
963 bug_ops
.to_stratum
= process_stratum
;
964 bug_ops
.DONT_USE
= 0;
965 bug_ops
.to_has_all_memory
= 1;
966 bug_ops
.to_has_memory
= 1;
967 bug_ops
.to_has_stack
= 1;
968 bug_ops
.to_has_registers
= 0;
969 bug_ops
.to_has_execution
= 0;
970 bug_ops
.to_sections
= 0;
971 bug_ops
.to_sections_end
= 0;
972 bug_ops
.to_magic
= OPS_MAGIC
; /* Always the last thing */
976 _initialize_remote_bug ()
979 add_target (&bug_ops
);
982 (add_set_cmd ("srec-bytes", class_support
, var_uinteger
,
983 (char *) &srec_bytes
,
985 Set the number of bytes represented in each S-record.\n\
986 This affects the communication protocol with the remote target.",
991 (add_set_cmd ("srec-max-retries", class_support
, var_uinteger
,
992 (char *) &srec_max_retries
,
994 Set the number of retries for shipping S-records.\n\
995 This affects the communication protocol with the remote target.",
1000 /* This needs to set SREC_SIZE, not srec_frame which gets changed at the
1001 end of a download. But do we need the option at all? */
1003 (add_set_cmd ("srec-frame", class_support
, var_uinteger
,
1004 (char *) &srec_frame
,
1006 Set the number of bytes in an S-record frame.\n\
1007 This affects the communication protocol with the remote target.",
1013 (add_set_cmd ("srec-noise", class_support
, var_zinteger
,
1014 (char *) &srec_noise
,
1016 Set number of S-record to send before deliberately flubbing a checksum.\n\
1017 Zero means flub none at all. This affects the communication protocol\n\
1018 with the remote target.",
1023 (add_set_cmd ("srec-sleep", class_support
, var_zinteger
,
1024 (char *) &srec_sleep
,
1026 Set number of seconds to sleep after an S-record for a possible error message to arrive.\n\
1027 This affects the communication protocol with the remote target.",
1032 (add_set_cmd ("srec-echo-pace", class_support
, var_boolean
,
1033 (char *) &srec_echo_pace
,
1035 Set echo-verification.\n\
1036 When on, use verification by echo when downloading S-records. This is\n\
1037 much slower, but generally more reliable.",