Continue to Site

Welcome to EDAboard.com

Welcome to our site! EDAboard.com is an international Electronics Discussion Forum focused on EDA software, circuits, schematics, books, theory, papers, asic, pld, 8051, DSP, Network, RF, Analog Design, PCB, Service Manuals... and a whole lot more! To participate you need to register. Registration is free. Click here to register now.

Register Log in

Help with explaining ARM7 code

Status
Not open for further replies.
J

janne

Member level 2
Joined
Sep 9, 2003
Messages
49
Helped
0
Reputation
0
Reaction score
0
Trophy points
1,286
Location
Sweden
Activity points
328
I have a application with a ARM7 uP and touch display that is not working. I have connect a debug tool (JTAG, ULink, uVision4) and read out the flash and use the bin code as Executable in uVision4. Then I step through the code it get stuck in a loop, the lines looks like this:

0x00000000 EA000120 B 0x00000488
0x00000004 EA000061 B 0x00000190
...
0x0000047C E1DD90A9 BICS R9,R13,R9,LSR #1
0x00000480 2A000001 BCS 0x0000048C
0x00000484 E2888004 ADD R8,R8,#0x00000004
0x00000488 EAFFFFFB B 0x0000047C
0x0000048C E59F9190 LDR R9,[PC,#0x0190]

0->47C->480->484->488->47C and so one..

Can someone help me with an explanation of what shall happen in each line in the code? I don´t have any schematic but have check all basic as voltage, clocks and so one.
 

can you post the code.. it seems you code in not entering the main function............

---------- Post added at 10:07 ---------- Previous post was at 10:07 ----------

which controller are you using in arm7
 

keil uVision4 may not work
even me faced lot of problems while working with uVision4,
so i changed it to uVision3
 

Its usually due to problem in startup code, the code does not enter the main properly and gets struck in the initialization part itself.. these are very common in keil 2 and 3 also....

it is because it fails to find the main() address and loops in the same position if it fails to get the address
 
Hi embedded partner, keil 3 does not support many ARM7 devices... So there is no option but to use keil4... until the poster tells which controller, we need to wait........
 

There is 2 options:
1) point of entry in the reset event it is not implemented
2) an exception happen=> a interrupt it is trigger but there is not implementation, usually there are while(1){}, to know during development that an exception happened.
By exception I mean event like: IRQ, illegal operation, illegal memory access....
 

ckshivaram said:
can you post the code.. it seems you code in not entering the main function............

---------- Post added at 10:07 ---------- Previous post was at 10:07 ----------

which controller are you using in arm7
Click to expand...

The code (bin file) is attached!

If you mean the uP, it's a Samsung S3C44B0X.

I have another debugger, but I´m not sure it works, will do a test tomorrow!

There is 2 options:
1) point of entry in the reset event it is not implemented
2) an exception happen=> a interrupt it is trigger but there is not implementation, usually there are while(1){}, to know during development that an exception happened.
By exception I mean event like: IRQ, illegal operation, illegal memory access....
Click to expand...

Where is the reset event set?

If an exception has happen could it also be a bad address line (HW fault)?
 

Attachments

  • Bin_File.rar
    784.1 KB · Views: 107
Last edited:

The list of exception is:Exception Vectors
Address Exception Mode in Entry
0x00000000 Reset Supervisor
0x00000004 Undefined instruction Undefined
0x00000008 Software Interrupt
0x0000000C Abort (prefetch)
0x00000010 Abort (data)
0x00000014 Reserved
0x00000018 IRQ
0x0000001C FIQ

[Reference] User manual S3C44B0X

Reset event is point of "normal" entry after the ARM7TDMI core has finished executing internal reset state machine and give access to firmware user to start and it is point before void main(void).

Binary file will not help as to determine exactly the root couse. Post startup code and interrupt allocation files C/asm code.
Are you sure that the binary is for this exactly this microcontroller?
 

This is the only I have, have read out the code from the flash, no C/asm code.

It's the controller part in a amplifier: **broken link removed**
 

i feel that the ARM core has crashed and it gets struck everytime you powerON..

Only if you have the original hex code you can flash it and try...
 

Is the ARM core part of the code?

I don't have the original hex code, I have mail tonewinner but no replay..

I have put out the startup and shut down control uP (AT89C2051) because it only stay on for some sec else. When I put it back and start it up (need to press on button all time..) now it pass the first loop and loop on this lines:


0x00000000 EA000120 B 0x00000488
0x00000004 EA000061 B 0x00000190
0x00000008 EA000066 B 0x000001A8
0x0000000C EA000071 B 0x000001D8
0x00000010 EA00006A B 0x000001C0
....
0x000001C0 E24DD004 SUB R13,R13,#0x00000004
0x000001C4 E92D0001 STMDB R13!,{R0}
0x000001C8 E59F044C LDR R0,[PC,#0x044C]

10->1C0->1C4->10.

Could it be some I/O pin on the uP that misses a hi or lo signal that it's waiting on before it can proceed?

The list of exception is:Exception Vectors
Address Exception Mode in Entry
0x00000000 Reset Supervisor
0x00000004 Undefined instruction Undefined
0x00000008 Software Interrupt
0x0000000C Abort (prefetch)
0x00000010 Abort (data)
0x00000014 Reserved
0x00000018 IRQ
0x0000001C FIQ
Click to expand...

Is the zero line the same as in my code, jump to 488!?

Where can I find this User manual?

And one more thing, the middle row, starts with EA.... Is that the hex code?

0x00000000 EA000120 B 0x00000488
 
Last edited:

**broken link removed**

Replace the microcontroller and flash the original code.
 

Thanx for the link, but I can admit that the programming part is not my "cup of tea".. I'm in to the HW. So please bear with me and explain the basics of the startup (or my code).

I hope that you can help me out explaining if my question was correct or not?
0x00000000 Reset Supervisor = 0x00000000 EA000120 B 0x00000488

I have already changed uP, RAM and flash..
 

0x00000000 EA000120 B 0x00000488 /* jump to address 0x00000488*/
0x00000488 EAFFFFFB B 0x0000047C /* jump to address 0x0000047C*/
0x0000047C E1DD90A9 BICS R9,R13,R9,LSR #1 /* R9 = R13 AND NOT (R9 >> 1)*/
0x00000480 2A000001 BCS 0x0000048C /* jump conditional to 0x0000048C if higher or same flag CS is set*/
0x00000484 E2888004 ADD R8,R8,#0x00000004 /* R8 = R8 +0x00000004*/
0x00000488 EAFFFFFB B 0x0000047C /* branch to address 0x0000047C*/


EA000120 is the opcode.
See reference:
https://netwinder.osuosl.org/pub/netwinder/docs/arm/ARM7500FEvB_3.pdf

---------- Post added at 10:01 ---------- Previous post was at 09:17 ----------
janne said:
I hope that you can help me out explaining if my question was correct or not?
0x00000000 Reset Supervisor = 0x00000000 EA000120 B 0x00000488
Click to expand...

Yes, after reset enter jumps to 0x00000488
 
  • Like
Reactions: janne

    J

    janne

    Points: 2
    Helpful Answer Positive Rating
The code fog is starting to clear up:)

Can we concentrate on this lines:
0x0000047C E1DD90A9 BICS R9,R13,R9,LSR #1 /* R9 = R13 AND NOT (R9 >> 1)*/
Can you explain the BICS command?

0x00000480 2A000001 BCS 0x0000048C /* jump conditional to 0x0000048C if higher or same flag CS is set*/
Can you explain the BCS command and were it gets the flag?

Were are the flag (were can I find it?) set and how?

Yes, after reset enter jumps to 0x00000488
Click to expand...
So what we looking at now is the reset Supervisor code?
 

BCS check the CPSR ( current program status register ) flag C if it is set and jumps if it is true to address
 
  • Like
Reactions: janne

    J

    janne

    Points: 2
    Helpful Answer Positive Rating
Sat some hours yesterday and found the CPSR register and the C flag, did change it and woala, it past 480!

Did some more reading (some more hours..) but it is really hard to understand how a line of code works..
I'm working with this one:

0x000001C4 E92D0001 STMDB R13!,{R0}

What I can understand that the STMDB is a combination of STM and DB? And STM is a store function and DB = Decrement Before. Will it move R0 to R13 or what? And why in my case does it jump to 010 and start over again?
 

STMDB is Store word with with user-mode privilege -> Multiple block data operations ->
Decrement before STM{cond}DB Rd{!}, <reglist>{^}
{!} (if present) requests write-back (W=1), otherwise W=0
{^} (if present) set S bit to load the CPSR along with the PC, or force
transfer of user bank when in privileged mode
<reglist> is a list of registers and register ranges enclosed in {} (e.g. {R0,R2-
R7,R10}).

0x000001C4 E92D0001 STMDB R13!,{R0} /*Store the content of R0 to address specified by R13 register. */
0x00000010 EA00006A B 0x000001C0 /*Data abort, because posibily address does not exist*/
 
  • Like
Reactions: janne

    J

    janne

    Points: 2
    Helpful Answer Positive Rating
Status
Not open for further replies.

Similar threads

Part and Inventory Search

Welcome to EDABoard.com

Sponsor

Back
Top