https://mp.weixin.qq.com/s/ChXNTbx94WDC72GvmE9bGA
介绍riscv-debug的使用实例:使用三种方法读取内存。
1. Using System Bus Access
1) System Bus Access
除了抽象命令,Program Buffer之外,调试模块可以包含一个系统总线访问模块,以在不依赖核心的情况下,访问系统总线(使用物理地址):
访问大小可以是8/16/32/64/128位:
需要自己保证访问的缓存一致性:
2) sbcs/sbaddress/sbdata
a. sbcs
用于控制系统总线访问,以及获取访问状态:
b. sbaddress0..3
存储要访问的系统总线物理地址。
写sbaddress寄存器可能触发对该地址的读操作:
c. sbdata0..3
保存读取和要写入的数据。
读sbdata0寄存器可能触发系统总线的读操作:
写sbdata0寄存器可能触发系统总线的写操作:
3) 实例:Read a word from memory
A. 写sbcs寄存器:
a. sbaccess=2:访问大小为32bit;
b. sbreadonaddr=1:every write to sbaddress0 automatically triggers a system bus read at the new address.
B. 写sbaddress0寄存器:写入要访问的内存物理地址;由于A中把sbreadonaddr置位,所以这一步写sbaddress0寄存器会触发对刚写入的这个内存地址的读操作,读取的内容存放在sbdata0寄存器中;
C. 读sbdata0寄存器,获取目标内存地址处的内容;
4) 实例:Read block of memory
A. 写sbcs寄存器:
a. sbaccess=2:访问大小为32bit;
b. sbreadonaddr=1:every write to sbaddress0 automatically triggers a system bus read at the new address.
c. sbreadondata=1:every read from sbdata0 automatically triggers a system bus read at the (possibly auto-incremented) address.
d. sbautoincrement=1:sbaddress is incremented by the access size (in bytes) selected in sbaccess after every system bus access.
B. 写sbaddress0寄存器:写入要读取的内存的物理地址;这个写入动作会触发针对目标地址的读取操作,读取的内容存放在sbdata0寄存器;读取之后sbaddress0中的内存地址自动增加4个字节;
C. 读sbdata0寄存器:读取目标地址处的内容;这个读取动作会触发针对sbaddress0中地址的读取动作,读取的内容存放在sbdata0寄存器中,读取之后sbaddress0中的内存地址自动增加4个字节;
D. 连续读取sbdata0寄存器,以获取目标内存地址的内容;
E. 写sbcs寄存器:sbcs=0,亦即sbreadondata=0,下一次读取sbdata0时,不会再出发针对sbaddress0中地址的读取动作;
F. 读sbdata0寄存器:获取最后一个需要的内存数据;
2. Using Program Buffer
1) abstractauto
用于触发抽象命令自动执行的配置寄存器,两种触发方式及配置:
a. 修改Program Buffer;
b. 读取sbdata寄存器;
2) 实例:Read a word from memory
A. 准备Program Buffer:
a. 写progbuf0为指令:lw s0 0(s0),即读取s0中地址的内容,存入s0中;
b. 写progbuf1为指令:ebreak,即停止执行,返回调试环境;
B. 写data0寄存器:存入要读取的目标内存地址;
C. 写command寄存器:写入要执行的抽象命令:
a. regno=0x1008:即访问的对象寄存器为s0;
b. write=1:访问操作为写操作,即把sbdata0寄存器中的数据写入到寄存器s0中;
c. postexec=1:Execute the program in the Program Buffer exactly once after performing the transfer, if any.
D. 写command寄存器:写入要执行的抽象命令:
a. regno=0x1008:即访问的对象寄存器为s0;
b. (补)transfer=1:Do the operation specied by write;
c. write=0:即访问操作为读操作;Copy data from the specified register into arg0 portion of data;
E. 读data0寄存器:读取从s0拷贝过来的数据,即目标内存地址处的内容;
3) 实例:Read block of memory
A. 准备Program Buffer:
a. 写progbuf0为指令:lw s1, 0(s0),即读取s0中地址的内容,存入s1中;
b. 写progbuf1为指令:addi s0, s0, 4,即地址增加4;
c. 写progbuf2为指令:ebreak,即停止执行,返回调试环境;
B. 写data0寄存器:写入目标内存起始地址;
C. 写command寄存器:写入要执行的抽象命令:
a. regno=0x1008:即访问的对象寄存器为s0;
b. write=1:访问操作为写操作,即把sbdata0寄存器中的数据写入到寄存器s0中;
c. postexec=1:Execute the program in the Program Buffer exactly once after performing the transfer, if any.
该命令的效果如下:
a. 把data0中的目标内存地址,写入到s0寄存器;
b. 触发Program Buffer执行;
D. 写command寄存器:写入要执行的抽象命令:
a. regno=0x1009:即访问的对象寄存器为s1;
b. (补)transfer=1:Do the operation specied by write;
c. write=0:即访问操作为读操作;Copy data from the specified register into arg0 portion of data;
d. postexec=1:Execute the program in the Program Buffer exactly once after performing the transfer, if any.
该命令的效果如下:
a. 把s1的值读入data0寄存器;
b. 触发Program Buffer执行;
E. 写abstractauto寄存器:
a. autoexecdata=1:read or write accesses to the corresponding data word cause the command in command to be executed again.
效果是:每次读写data0寄存器都会触发D中命令的执行;
F. 读data0寄存器:
a. 获取目标内存地址处的值;
b. 触发抽象命令的执行:把s1的值读入data0寄存器;
c. 触发Program Buffer执行:读取s0中地址的内容并写入s1,s0中的地址加4;
G. 读data0寄存器:触发连续读取;
H. 写abstractauto寄存器:
a. autoexecdata=0:读取data0寄存器,不会触发抽象命令的执行;
I. 读data0寄存器:获取最后一个数据;
3. Using Abstract Memory Access
1) Access Memory
抽象命令的一种:
其格式如下:
其中:
aam前缀的意义是:Abstract command Access Memory;相较之下,
aar前缀的意义是:Abstract command Access Register;
2) 实例:Read a word from memory
A. 写data1寄存器:存入目标内存地址;
B. 写command寄存器:存入要执行的抽象命令:
a. cmdtype=2:表示命令的类型为Access Memory;
b. aamsize=2:Access the lowest 32 bits of the memory location.
c. aamvirtual=0:Addresses are physical (to the hart they are performed on).
d. write=0:Copy data from the memory location specified in arg1 into arg0 portion of data.
这条命令的效果是:读取data1中地址的内容,并存入data0寄存器;
C. 读data0寄存器:获取从内存地址中读到的内容;
3) 实例:Read block of memory
这里只介绍要点:
a. abstractauto=1:读取data0寄存器后,触发抽象命令执行;
b. aampostincrement=1:After a memory access has completed, if this bit is 1, increment arg1 (which contains the address used) by the number of bytes encoded in aamsize. 即每次读取内存之后,都把目标内存地址加4,即data1寄存器的值加4;