OpenOCD and stm32f7 writing

1

So i have a very minimal code just to see if device is alive.

section .text
.weak Reset_Handler

Reset_Handler:
ldr   r0, =_estack
mov   sp, r0          /* set stack pointer */
ldr   r2, =_sdata

//
b Reset_Handler

According to datasheet, flash starts from 0x0800 0000 on axim bus. here is my linker file

ENTRY(Reset_Handler)

MEMORY
{
  RAM    (xrw)    : ORIGIN = 0x20020000,   LENGTH = 368K
  ROM    (rx)    : ORIGIN = 0x08000000,   LENGTH = 2048K
}

_estack = ORIGIN(RAM)+LENGTH(RAM);


SECTIONS
{
  .text : 
  { 
    . = ALIGN(4);
    *(.text) 
    . = ALIGN(4);
  } > ROM

_sidata = LOADADDR(.data);

  .data :
  {
    . = ALIGN(4);
    _sdata = .;
    *(.data)
    . = ALIGN(4);
    _edata = .;
  } > RAM AT> ROM
}

And here is my symbol table. all looks good.

SYMBOL TABLE:
08000000 l    d  .text  00000000 .text
20020000 l    d  .data  00000000 .data
00000000 l    d  .ARM.attributes        00000000 .ARM.attributes
00000000 l    df *ABS*  00000000 main.o
08000018 g       *ABS*  00000000 _sidata
20020000 g       .data  00000000 _sdata
08000000 g       .text  00000000 Reset_Handler
2007c000 g       .text  00000000 _estack
20020000 g       .data  00000000 _edata

The prblem is, when i try to write to flash adress with OpenOCD it says that there is no flahs bank found at 0x10000000 for some reason. and when i ran openocd flash banks it says my flash start at 0x0. when i write to 0x0 it writes it. but when i ran reset my device and make one step it halts and says it is in hardfault mode now.

here is the datasheet, page 14 table 5. https://www.st.com/content/ccc/resource/technical/document/application_note/0e/53/06/68/ef/2f/4a/cd/DM00169764.pdf/files/DM00169764.pdf/jcr:content/translations/en.DM00169764.pdf

*UPDATE i use openocd -> flash write_image i have saved the previous firmware, and when i flash it to 0x0 adress device works again. so must be smth about the code

*Update 2

pen On-Chip Debugger
> flash write_image erase "/home/legion/Desktop/ARM/Assembly/main.elf"
auto erase enabled
wrote 32768 bytes from file /home/legion/Desktop/ARM/Assembly/main.elf in 1.247269s (25.656 KiB/s)

> reset halt
Unable to match requested speed 2000 kHz, using 1800 kHz
Unable to match requested speed 2000 kHz, using 1800 kHz
target halted due to debug-request, current mode: Thread 
xPSR: 00000000 pc: 0xe1a0d000 msp: 0xe3a00004
> step
target halted due to single-step, current mode: Handler HardFault
xPSR: 0x01000003 pc: 0xeafffffa msp: 0xe39fffe0
halted: PC: 0xeafffffa

@DISASSMBLY

08000000 <Reset_Handler>:
 8000000:       e3a00005        mov     r0, #5
 8000004:       e1a0d000        mov     sp, r0
 8000008:       e51f2000        ldr     r2, [pc, #-0]   ; 8000010 <Reset_Handler+0x10>
 800000c:       eafffffb        b       8000000 <Reset_Handler>
 8000010:       20000000        .word   0x20000000
assembly
arm
openocd
asked on Stack Overflow Feb 4, 2020 by Anton Stafeyev • edited Feb 4, 2020 by Anton Stafeyev

1 Answer

1

Trying on an stm32f7 laying around

flash.ld

MEMORY
{
    fst : ORIGIN = 0x00200000, LENGTH = 0x1000
    rom : ORIGIN = 0x08000000, LENGTH = 0x1000
    ram : ORIGIN = 0x20000000, LENGTH = 0x1000
}
SECTIONS
{
    .text : { *(.text*) } > rom
}

flash.s

.thumb
.thumb_func
.global _start
_start:
stacktop: .word 0x20001000
.word reset
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang
.word hang

.thumb_func
hang:   b .

.thumb_func
reset:
    b hang

arm-none-eabi-as --warn --fatal-warnings -mcpu=cortex-m0 flash.s -o flash.o
arm-none-eabi-ld -o flash.elf -T flash.ld flash.o
arm-none-eabi-objdump -D flash.elf > flash.list

-m0 is fine can use -m7 if you want no biggie.

cat flash.list

flash.elf:     file format elf32-littlearm


Disassembly of section .text:

08000000 <_start>:
 8000000:   20001000    andcs   r1, r0, r0
 8000004:   08000043    stmdaeq r0, {r0, r1, r6}
 8000008:   08000041    stmdaeq r0, {r0, r6}
 800000c:   08000041    stmdaeq r0, {r0, r6}
 8000010:   08000041    stmdaeq r0, {r0, r6}
 8000014:   08000041    stmdaeq r0, {r0, r6}
 8000018:   08000041    stmdaeq r0, {r0, r6}
 800001c:   08000041    stmdaeq r0, {r0, r6}
 8000020:   08000041    stmdaeq r0, {r0, r6}
 8000024:   08000041    stmdaeq r0, {r0, r6}
 8000028:   08000041    stmdaeq r0, {r0, r6}
 800002c:   08000041    stmdaeq r0, {r0, r6}
 8000030:   08000041    stmdaeq r0, {r0, r6}
 8000034:   08000041    stmdaeq r0, {r0, r6}
 8000038:   08000041    stmdaeq r0, {r0, r6}
 800003c:   08000041    stmdaeq r0, {r0, r6}

08000040 <hang>:
 8000040:   e7fe        b.n 8000040 <hang>

08000042 <reset>:
 8000042:   e7fd        b.n 8000040 <hang>

vectors are all good (.thumb_func), addresses are good, this should work.

Within an openocd source build:

../src/openocd -f interface/stlink-v2-1.cfg -f target/stm32f7x.cfg

Open On-Chip Debugger 0.10.0+dev-01000-gdb23c13 (2020-01-06-20:09)
Licensed under GNU GPL v2
For bug reports, read
    http://openocd.org/doc/doxygen/bugs.html
WARNING: interface/stlink-v2-1.cfg is deprecated, please switch to interface/stlink.cfg
Info : auto-selecting first available session transport "hla_swd". To override use 'transport select <transport>'.
Info : The selected transport took over low-level target control. The results might differ compared to plain JTAG/SWD
Info : Listening on port 6666 for tcl connections
Info : Listening on port 4444 for telnet connections
Info : clock speed 2000 kHz
Info : STLINK V2J28M18 (API v2) VID:PID 0483:374B
Info : Target voltage: 3.252736
Info : stm32f7x.cpu: hardware has 8 breakpoints, 4 watchpoints
Info : Listening on port 3333 for gdb connections

in another window

telnet localhost 4444
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Open On-Chip Debugger
> 

Then

> halt
target halted due to debug-request, current mode: Thread 
xPSR: 0x01000000 pc: 0x08000040 msp: 0x20001000
> halt
> flash write_image erase /path/to/flash.elf
device id = 0x10006451
flash size = 2048 kbytes
Single Bank 2048 kiB STM32F76x/77x found
auto erase enabled
wrote 32768 bytes from file /path/to/flash.elf in 0.771285s (41.489 KiB/s)

> 

check it

> mdw 0x08000000 20
0x08000000: 20001000 08000043 08000041 08000041 08000041 08000041 08000041 08000041 
0x08000020: 08000041 08000041 08000041 08000041 08000041 08000041 08000041 08000041 
0x08000040: e7fde7fe ffffffff ffffffff ffffffff 

looks good.

> reset
Unable to match requested speed 2000 kHz, using 1800 kHz
Unable to match requested speed 2000 kHz, using 1800 kHz
> halt
target halted due to debug-request, current mode: Thread 
xPSR: 0x01000000 pc: 0x08000040 msp: 0x20001000
> 

looks good.

change the reset handler in flash.s to

.thumb_func
reset:
    ldr r0,=0x20000000
    ldr r1,[r0]
    add r1,r1,#1
    str r1,[r0]
    b hang

build again, test it

> halt
target halted due to debug-request, current mode: Thread 
xPSR: 0x01000000 pc: 0x08000040 msp: 0x20001000
> flash write_image erase /path/to/flash.elf
auto erase enabled
wrote 32768 bytes from file /path/to/flash.elf in 0.772410s (41.429 KiB/s)

> mww 0x20000000 0x12345678
> reset
Unable to match requested speed 2000 kHz, using 1800 kHz
Unable to match requested speed 2000 kHz, using 1800 kHz
> halt
target halted due to debug-request, current mode: Thread 
xPSR: 0x01000000 pc: 0x08000040 msp: 0x20001000
> mdw 0x20000000
0x20000000: 12345679 

> 

now that its loaded, without a power cycle

> reset
Unable to match requested speed 2000 kHz, using 1800 kHz
Unable to match requested speed 2000 kHz, using 1800 kHz
> halt
target halted due to debug-request, current mode: Thread 
xPSR: 0x01000000 pc: 0x08000040 msp: 0x20001000
> mdw 0x20000000
0x20000000: 1234567a 

> 

all looks good. change to the ITCM

MEMORY
{
    fst : ORIGIN = 0x00200000, LENGTH = 0x1000
    rom : ORIGIN = 0x08000000, LENGTH = 0x1000
    ram : ORIGIN = 0x20000000, LENGTH = 0x1000
}
SECTIONS
{
    .text : { *(.text*) } > fst
}

Disassembly of section .text:

00200000 <_start>:
  200000:   20001000    andcs   r1, r0, r0
  200004:   00200043    eoreq   r0, r0, r3, asr #32
  200008:   00200041    eoreq   r0, r0, r1, asr #32
  20000c:   00200041    eoreq   r0, r0, r1, asr #32

looks good

> reset halt
> flash write_image erase /path/to/flash.elf
auto erase enabled
wrote 32768 bytes from file /path/to/flash.elf in 0.769531s (41.584 KiB/s)

> mdw 0x00200000 20
0x00200000: 20001000 00200043 00200041 00200041 00200041 00200041 00200041 00200041 
0x00200020: 00200041 00200041 00200041 00200041 00200041 00200041 00200041 00200041 
0x00200040: 4802e7fe 31016801 e7f96001 20000000 

> mww 0x20000000 0x12345678
> reset
Unable to match requested speed 2000 kHz, using 1800 kHz
Unable to match requested speed 2000 kHz, using 1800 kHz
> halt
target halted due to debug-request, current mode: Thread 
xPSR: 0x01000000 pc: 0x00200040 msp: 0x20001000
> mdw 0x20000000
0x20000000: 12345679 

Looks good. No problems.

EDIT

based on your edits and comments

changed my program to this:

.thumb
.thumb_func
.global _start
_start:
stacktop: .word _estack
.word Reset_Handler

.thumb_func
Reset_Handler:
ldr   r0, =_estack
mov   sp, r0          /* set stack pointer */
ldr   r2, =_sdata

//
b Reset_Handler

and used your linker script as is

Disassembly of section .text:

08000000 <_start>:
 8000000:   2007c000    andcs   r12, r7, r0
 8000004:   08000009    stmdaeq r0, {r0, r3}

08000008 <Reset_Handler>:
 8000008:   4801        ldr r0, [pc, #4]    ; (8000010 <Reset_Handler+0x8>)
 800000a:   4685        mov sp, r0
 800000c:   4a01        ldr r2, [pc, #4]    ; (8000014 <Reset_Handler+0xc>)
 800000e:   e7fb        b.n 8000008 <Reset_Handler>
 8000010:   2007c000    andcs   r12, r7, r0
 8000014:   20020000    andcs   r0, r2, r0

that should boot and work just fine.

answered on Stack Overflow Feb 4, 2020 by old_timer • edited Feb 4, 2020 by old_timer

User contributions licensed under CC BY-SA 3.0