Olimex ARM-USB-OCD-H / openocd-0.9.0 / libftd2xx1.1.12 / Raspberry Pi 2 / Ubuntu 15.04

Howto-build-openocd.md

for RPi2 JTAG debugging with Olimex ARM-USB-OCD-H

System constitution

• probe device: Olimex ARM-USB-OCD-H
• target device: Raspberry Pi 2
  • files for booting: bootcode.bin, start.elf, config.txt from here
  • jtag target image armjtag.bin: from here
  • config.txt: edit to add a line kernel=armjtag.bin
• host machine: Ubuntu 15.04
  • openocd-0.9.0 as debugger host:
    • probe device driver: libftd2xx1.1.12
    • probe device configuration: olimex-arm-usb-ocd-h.cfg (@see below)
    • target device configuration: openocd-rpi2.cfg (@see below)
  • debug client: telnet or gdb
• pin assign between Olimex ARM-USB-OCD-H and Raspberry Pi 2

Setup FTDI proprietary D2XX driver

This method is obsolete. By openocd warning message, you should use libftdi.

locate libftd2xx.a libftd2xx.so.1.1.12

• download FTDI proprietary D2XX driver for linux from here
• installation guide is here
• extract to ./libftd2xx1.1.12/
• (optional) locate libraries to /usr/local/lib/

sudo cp libftd2xx1.1.12/build/x86_64/libftd2xx.a /usr/local/lib/
sudo cp libftd2xx1.1.12/build/x86_64/libtd2xx.so.1.1.12 /usr/local/lib/
sudo ln -s /usr/local/lib/libtd2xx.so.1.1.12 /usr/local/lib/libftd2xx.so
sudo chmod 0755 /usr/local/lib/libtd2xx.so.1.1.12

Build OpenOCD

Download "openocd-0.9.0 release" from here

extract to ./openocd-0.9.0

configure options

$ cd openocd-0.9.0
$ ./configure --enable-maintainer-mode --enable-legacy-ft2232_ftd2xx --with-ftd2xx-lib=static --with-ftd2xx-linux-tardir=../libftd2xx1.1.12

Add ld linkage to libpthread

--- src/Makefile.org	2015-07-16 17:51:11.333497970 +0900
+++ src/Makefile	2015-07-16 17:52:06.797236301 +0900
@@ -275,11 +275,11 @@
 INSTALL_SCRIPT = ${INSTALL}
 INSTALL_STRIP_PROGRAM = $(install_sh) -c -s
 LD = /usr/bin/ld -m elf_x86_64
-LDFLAGS =  -L/home/tono/OpenOCD/libftd2xx1.1.12/build/x86_64
+LDFLAGS =  -L/home/tono/OpenOCD/libftd2xx1.1.12/build/x86_64 -L/lib64
 LIBFTDI_CFLAGS = 
 LIBFTDI_LIBS = 
 LIBOBJS = 
-LIBS = -lftd2xx -lrt -ldl 
+LIBS = -lftd2xx -lrt -ldl -lpthread
 LIBTOOL = $(SHELL) $(top_builddir)/libtool
 LIBTOOL_DEPS = ./ltmain.sh
 LIBUSB0_CFLAGS = 

make

$ ldd openocd-0.9.0/src/openocd
	linux-vdso.so.1 =>  (0x00007ffc599bc000)
	libusb-0.1.so.4 => /lib/x86_64-linux-gnu/libusb-0.1.so.4 (0x00007f5dace03000)
	libusb-1.0.so.0 => /lib/x86_64-linux-gnu/libusb-1.0.so.0 (0x00007f5dacbeb000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f5dac8e3000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f5dac6df000)
	libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f5dac4c1000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f5dac0f7000)
	libudev.so.1 => /lib/x86_64-linux-gnu/libudev.so.1 (0x00007f5dabee4000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f5dad00c000)

Paste to olimex-arm-usb-ocd-h.cfg : Configuretion file for openocd 1 of 2

# Olimex ARM-USB-OCD-H
# http://www.olimex.com/dev/arm-usb-ocd-h.html
interface ft2232
ft2232_device_desc "Olimex OpenOCD JTAG ARM-USB-OCD-H"
ft2232_layout olimex-jtag
ft2232_vid_pid 0x15ba 0x002b

Paste to openocd-rpi2.cfg : Configuretion file for openocd 2 of 2

from here Thanks jitomesky! I bought your book!

# ref: http://www.raspberrypi.org/forums/viewtopic.php?f=72&t=100268
#    : http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0464f/ch10s06s01.html
 
adapter_khz 1000
adapter_nsrst_delay 400
reset_config none

gdb_breakpoint_override hard

if { [info exists CHIPNAME] } {
set _CHIPNAME $CHIPNAME
} else {
set _CHIPNAME rpi2
}
 
#
# Main DAP
#
if { [info exists DAP_TAPID] } {
   set _DAP_TAPID $DAP_TAPID
} else {
   set _DAP_TAPID 0x4ba00477
}
jtag newtap $_CHIPNAME dap -irlen 4 -ircapture 0x01 -irmask 0xf -expected-id $_DAP_TAPID
 
set _TARGETNAME $_CHIPNAME.cpu.0
target create $_TARGETNAME cortex_a -chain-position $_CHIPNAME.dap -coreid 0 -dbgbase 0x80010000
set _TARGETNAME $_CHIPNAME.cpu.1
target create $_TARGETNAME cortex_a -chain-position $_CHIPNAME.dap -coreid 1 -dbgbase 0x80012000
set _TARGETNAME $_CHIPNAME.cpu.2
target create $_TARGETNAME cortex_a -chain-position $_CHIPNAME.dap -coreid 2 -dbgbase 0x80014000
set _TARGETNAME $_CHIPNAME.cpu.3
target create $_TARGETNAME cortex_a -chain-position $_CHIPNAME.dap -coreid 3 -dbgbase 0x80016000
 
$_TARGETNAME configure -event reset-assert-post "cortex_a dbginit"
 
$_TARGETNAME configure -event gdb-attach { halt }

Run openocd

$ rmmod ftdi_sio usbserial
$ sudo src/openocd -f olimex-arm-usb-ocd-h.cfg -f openocd-rpi2.cfg 
[sudo] password for tono: 
Open On-Chip Debugger 0.9.0 (2015-07-16-17:40)
Licensed under GNU GPL v2
For bug reports, read
	http://openocd.org/doc/doxygen/bugs.html
Info : only one transport option; autoselect 'jtag'
adapter speed: 1000 kHz
adapter_nsrst_delay: 400
none separate
Warn : Using DEPRECATED interface driver 'ft2232'
Info : Consider using the 'ftdi' interface driver, with configuration files in interface/ftdi/...
Info : device: 6 "2232H"
Info : deviceID: 364511275
Info : SerialNumber: OLYPBH2QA
Info : Description: Olimex OpenOCD JTAG ARM-USB-OCD-H A
Info : max TCK change to: 30000 kHz
Info : clock speed 1000 kHz
Info : JTAG tap: rpi2.dap tap/device found: 0x4ba00477 (mfg: 0x23b, part: 0xba00, ver: 0x4)
Info : rpi2.cpu.0: hardware has 6 breakpoints, 4 watchpoints
Info : rpi2.cpu.1: hardware has 6 breakpoints, 4 watchpoints
Info : rpi2.cpu.2: hardware has 6 breakpoints, 4 watchpoints
Info : rpi2.cpu.3: hardware has 6 breakpoints, 4 watchpoints

Now connection established, you can see the brinking LED on top of ARM-USB-OCD-H.

connect to openocd server

open another terminal

$ telnet localhost 4444
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Open On-Chip Debugger
> halt                  
ttbcr 0ttbr0 ca5eaa5attbr1 fd7c7f73
rpi2.cpu.3 rev 5, partnum c07, arch f, variant 0, implementor 41
number of cache level 2
cache l2 present :not supported
rpi2.cpu.3 cluster f core 3 multi core
target state: halted
target halted in ARM state due to debug-request, current mode: Supervisor
cpsr: 0x600001d3 pc: 0x000000c4
MMU: disabled, D-Cache: disabled, I-Cache: disabled

connect to openocd server with using gdb

Download gcc-arm-none-eabi-4_9-2015q1-20150306-linux.tar.bz2 or later from here .

rpi-jtag-pins.png

diff --git a/Makefile b/Makefile
index 1098403..44e0faf 100644
--- a/Makefile
+++ b/Makefile
@@ -126,7 +126,7 @@ cppflags+=$(cpu-cppflags)
 cppflags+=$(board-cppflags)
 cppflags+=$(libs-cppflags-y)
 cc=$(CROSS_COMPILE)gcc
-cflags=-g -Wall -nostdlib --sysroot=$(drivers_dir)/include -fno-builtin -D__VMM__
+cflags=-g -O0 -Wall -nostdlib --sysroot=$(drivers_dir)/include -fno-builtin -D__VMM__
 cflags+=$(board-cflags) 
 cflags+=$(cpu-cflags) 
 cflags+=$(libs-cflags-y) 
diff --git a/arch/arm/cpu/common/include/mmu_lpae.h b/arch/arm/cpu/common/include/mmu_lpae.h
index 4b5a73e..adbdf22 100644
--- a/arch/arm/cpu/common/include/mmu_lpae.h
+++ b/arch/arm/cpu/common/include/mmu_lpae.h
@@ -133,6 +133,8 @@ int mmu_lpae_stage2_chttbl(u8 vmid, struct cpu_ttbl *ttbl);
 #define TTBL_L2_INDEX_SHIFT                21
 #define TTBL_L2_BLOCK_SIZE             0x0000000000200000ULL
 #define TTBL_L2_MAP_MASK               (~(TTBL_L2_BLOCK_SIZE - 1))
+#define TTBL_L2_OUTADDR_MASK           0x000000FFFFE00000ULL
+#define TTBL_L2_OUTADDR_SHIFT          21
 /* L3 index Bit[20:12] */
 #define TTBL_L3_INDEX_MASK             0x00000000001FF000ULL
 #define TTBL_L3_INDEX_SHIFT                12
diff --git a/arch/arm/cpu/common/mmu_lpae_entry_ttbl.c b/arch/arm/cpu/common/mmu_lpae_entry_ttbl.c
index d7a231f..366660f 100644
--- a/arch/arm/cpu/common/mmu_lpae_entry_ttbl.c
+++ b/arch/arm/cpu/common/mmu_lpae_entry_ttbl.c
@@ -92,7 +92,25 @@ void __attribute__ ((section(".entry")))
            ttbl =
                (u64 *) (unsigned long)(ttbl[index] &
                            TTBL_OUTADDR_MASK);
-       } else {
+       } else if (page_addr + TTBL_L2_BLOCK_SIZE < map_end) {
+               /* Update level2 block */
+               ttbl[index] =
+                   (((page_addr - map_start) + pa_start) &
+                    TTBL_OUTADDR_MASK);
+               ttbl[index] |= TTBL_STAGE1_LOWER_AF_MASK;
+               ttbl[index] |= (writeable) ?
+                   (TTBL_AP_SRW_U << TTBL_STAGE1_LOWER_AP_SHIFT) :
+                   (TTBL_AP_SR_U << TTBL_STAGE1_LOWER_AP_SHIFT);
+               ttbl[index] |=
+                   (aindex << TTBL_STAGE1_LOWER_AINDEX_SHIFT)
+                   & TTBL_STAGE1_LOWER_AINDEX_MASK;
+               ttbl[index] |= TTBL_STAGE1_LOWER_NS_MASK;
+               ttbl[index] |= (TTBL_SH_INNER_SHAREABLE
+                       << TTBL_STAGE1_LOWER_SH_SHIFT);
+        ttbl[index] |= TTBL_VALID_MASK;
+        page_addr += TTBL_L2_BLOCK_SIZE;
+        continue;
+    } else {
            /* Allocate new level3 table */
            if (lpae_entry->ttbl_count == TTBL_INITIAL_TABLE_COUNT) {
                while (1) ; /* No initial table available */
@@ -244,4 +262,10 @@ void __attribute__ ((section(".entry")))
     */
    __setup_initial_ttbl(&lpae_entry, exec_start, exec_end, load_start,
                 AINDEX_NORMAL_WB, TRUE);
+
+#define BCM2708_PERI_BASE 0x3F000000
+#define BCM2835_PERI_SIZE 0x01000000
+   __setup_initial_ttbl(&lpae_entry, BCM2708_PERI_BASE
+                      , BCM2708_PERI_BASE + BCM2835_PERI_SIZE
+                      , BCM2708_PERI_BASE, AINDEX_SO, TRUE);
 }

• JtagEnabler
• linux bcm2835 GPIO driver
• armjtag.c

Hi.

Regarding this line :

umm... openocd-0.9 does not recognize Hypervisor mode of Cortex-A7 MPCore architecture correctly.

How did you solve this? It seems that I keep getting this when I run 'halt' :

Error: invalid mode value encountered 26
Info : ttbcr 0ttbr0 6fb52b5bttbr1 8b10bf69
Info : rp2.cpu.1 rev 5, partnum c07, arch f, variant 0, implementor 41
Info : number of cache level 2
Error: cache l2 present :not supported
Info : rp2.cpu.1 cluster f core 1 multi core
target state: halted
Error: unrecognized psr mode: 0x1a
target halted in ARM state due to debug-request, current mode: UNRECOGNIZED
cpsr: 0x600001da pc: 0x000000cc
MMU: disabled, D-Cache: disabled, I-Cache: disabled

Thank you

日本語で失礼します。

target halted in ARM state due to debug-request, current mode: Hypervisor

これはOpenOCDにHypervisor用の実装を加えたものでしょうか？
merioromen氏も書いている通り、par mode: 0x1a の解決方法をご教示下さいませ。
（軽い気持ちで src/target/armv4_5.c に実装を加えたらアボートしてしまいました・・・）
Raspberry Pi 3も同様にHYPモード関連でOpenOCDが使い物になりませんね。
SVCモードでもレジスタが触れないのは悲しいです。
更にAArch64・AArch32と、コンパイラやGDBも使い分けなきゃいけないのはしんどいですｗ

p.s. トノサマン最高です。