jtagfs – jtag kernel debugging file system|
jtagfs [ –d debugstr ] [ –b motherbname ] [ –t text ] [ –m mountpoint
] [ –s srvfile ] jtagfile|
Jjagfs presents in /n/jtagfs/ctl a set of process files for debugging
a kernel running on an arm over a jtag device in a manner similarly
to rdbfs(4) but without any need for the kernel collaborating.
In debug mode an arm stops and isolates itself from the surroundings
and can be probed and instructions injected
at will. There are a number of options:|
–d Can be used to set the debug string, see below.
–m and –s Set the mount point and srv name respectively. By default the mount point is /n/jtagfs/ctl.
–b Motherboard kind jtagfs is going to be run against. Valid parameters are sheeva, which stands for the Feroceon Guruplug and the sheevaplug and is the default and gurudisp which stands for the Armada Guru Display.
–t The text file presented is just a copy of text (default /arm/s9plug). It can usually be ignored, since the debuggers open kernel files directly rather than using /proc/n/text.
Kernels can be remotely debugged only when they are stopped and put in debug mode. This can be done through instruction breakpoints, vector catching (on entry to interrupts) or on demand using stop().
An acid library to use with the most common operations called jtag is provided to make most common operations simpler. In particular start(), stop() and waitstop() have jtag specific variants (for example sheevastart() ) which disable and reenable the watchdog. Other than this functions and the symbol translations, this program can be used to debug kernels from other operating systems.
The function veccatch(str) can be used to set a vectorcatch, which
stops the processor right after an interrupt. The string describes
which interrupts to cacth. Each caracter represents a type of
DFile = 'f', /* Reads, writes, flushes*/
bind /n/jtagfs /proc/1
term% acid –l jtag –k 1 /arm/s9plug
/arm/s9plug:ARM plan 9 boot image
Must be 1: 1
Manufacturer id: 0x1e9
Part no: 0xa02
1: SVC/SWI Exception0xc02e1094no instruction
acid: dump(0xc02e1094, 4, "Xi")
0xc02e1094: 0x1204e0ff CMP.S$#0x100,R0
0xc02e109c: 0xe0266003 B.NEetext+0x5fa536bc
0xc02e10a4: 0xe20c2040 AND$#0x8,R12,R0
0xc02e10ac: 0xe20e1080 AND$#0x1,R14,R3
0xc02e10b4: 0xe1811002 ORR(R0<<4),R3,R3
R0 0x5e20a2dc R1 0xf5518723 R20x001d1d00
R3 0x369244e0 R4 0x2b9244fd R50xbbc54739
R6 0x5e20a2dc R7 0x00000eb0 R80xdfd7ceb0
R9 0x00000006 R10 0xc08c1f20 R110xc08c1f04
R12 0x1d00001d R13 0xc08c1ea0 R140x00000000
``ARM9E–S Technical Reference Manual''.
``ARM7TDMI–S Core Technical Reference Manual".
``Application note 205 "Writing JTAG Sequences for Arm 9 Processors".
``Design and Implementation of an On–Chip Debug for Embedded Target Systems", Dominic Rath.
``IEEE Standard 1149–1–2001 Test Access Port and Boundary Scan Architecture", JTag IEEE standard.
``AN2232C–01 Command Processor for MPSSE and MCU Host Bus Emulation Modes", Future Technology Devices International Ltd.
After a while of the machine being on, the jtag will stop working;
maybe an autentication register needs to be set. If this is the
case cpuid() will return error. Reset always works. Reading and
writing from memory is slow. The filesystems needs a lot of cleaning.
Only the feroceon cpu and sheeva/guruplug boards
are supported, though more can be added. Error report is sparse.
Jtagfs should be rewritten using the 9p library and it would shrink