EmbeddedIce WP registers - Using chain / range

Development Boards MicroMod
1

Do you folks have any insight on the arm embeddedice wp registers’ usage of the chain and range features? I’ve had success in understanding most of the rest of the features of the watchpoint registers, as documented in the ARM TRMs, but they don’t say much about the chain and range features.

2

These features allow you to trigger a breakpoint when two different conditions are met: simultaneously in the case of RANGE, sequentially for CHAIN.

In either case, the watchpoint unit providing the output is set up as normal, except that its ENABLE bit is cleared. The watchpoint unit receiving the input will have either the CHAIN or RANGE bit set in its control mask, and the corresponding bit in its control register either set or clear, depending on whether you want the first unit’s condition to be true or false to trigger the combined breakpoint. (On ARM7TDMI, only watchpoint unit 1 can provide a chain or range output, and only unit 0 can accept an input. Other ARM architectures might be more flexible here.)

3

Ok, here are the values I’m trying to trap:

I want to trap on the combination of this int32 masked with 0x8 being zero

(arm-elf-gdb) x/x 0x60000f94

0x60000f94 : 0x00000002

And this int8 being equal to 3

(arm-elf-gdb) x/bx 0x60000fb7

0x60000fb7 : 0x03

So, using macraigor’s interface:

mon reg w1dv = 0

mon reg w1dm = 0xfffffff7

mon reg w1av = 0x60000f94

mon reg w1am = 0

mon reg w1cv = 0x000

mon reg w1cm = 0x0ff

any access

mon reg w0dv = 3

mon reg w0dm = 0

mon reg w0av = 0x60000fb7

mon reg w0am = 0

mon reg w0cv = 0x140

mon reg w0cm = 0x0b9

byte-sized access, chained from w1 output

any ideas on what I’m missing?

4

When matching data that’s narrower than a full word, I’m pretty sure you have to duplicate the value throughout the data value register - the watchpoint unit doesn’t shift the bits for you. Try 0x03030303 for w0dv.

The watchpoint units can be globally disabled by setting a bit in the debug control register. I have no idea if clearing that bit would be necessary in the environment you’re using, or how you’d go about doing so.

If these addresses are peripheral registers of some sort, please understand that the watchpoint units can only trigger when the CPU actually reads their value, not when the peripheral has merely changed state internally.

5

Hallelujah! That seemed to do the trick! Thanks a lot!

6

Seems like someone should write a wizard to set these things up… I volunteer someone else. :wink:

7

jasonharper:
When matching data that’s narrower than a full word, I’m pretty sure you have to duplicate the value throughout the data value register - the watchpoint unit doesn’t shift the bits for you. Try 0x03030303 for w0dv.

Similarly, and less confusingly, the following also works:

mon reg w0dv = 0x03

mon reg w0dm = 0xffffff00