- NXP Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Home
- :
- Product Forums
- :
- OSBDM and TBDML
- :
- Re: Help using USBDM to Debug MCF51JE firmware with no source code
Help using USBDM to Debug MCF51JE firmware with no source code
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Help using USBDM to Debug MCF51JE firmware with no source code
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ERROR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Assuming you have a working set-up i.e. USBDM software installed and the USBDM interface can detect the target and make a connection. Test this by running the flash programmer and confirming it can detect the chip.
1) Downloading the current firmware in the processor from the flash if possible (it should be the same but in case it isn't I need a current copy);
The memory dump program can dump the contents of the flash to a file providing the chip is not secured.
2) Evaluating / downloading the contents of the SRAM;
As above but a futile exercise. The chip would normally be reset when being accessed by the programmer. The contents of RAM would be essentially random data after reset.
3) Debugging in real time during execution with breakpoints set at various addresses e.g. entry to functions, and stepping along and monitoring registers, stack, etc.
I haven't used Codewarrior for a long time so I can't remember details. It does provide those features but a limited number of breakpoints depending on the target chip. I have only used it when debugging a program it is compiling and downloading, I am unsure if it will allow you to debug from an image. If working from an image you would obviously only have an bare assembly language view.
4) Recording branches and jumps and register / memory map etc writes and reads, what have you
I don't believe the codewarrior provides tracing. I am not even sure the chip does either.
If you want help on programming the codewarrior chip or using Codewarrior it would be better to post on the appropriate forum.
For example:
https://community.nxp.com/t5/CodeWarrior/ct-p/codewarrior
https://community.nxp.com/t5/ColdFire-68K-Microcontrollers/bd-p/coldfire
bye
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ERROR
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
You are correct in stating that you can usefully read the RAM if you can arrange for the program to execute then connect to the target. The Memory dump program does not provide that feature but you may be able to juggle connecting to the target to achieve it. I would only try this if you know there is useful data in the RAM (and it's format of course).
It is more likely that settings are saved in the flash since it claims up to 100,000 program/erase cycles and supports erasing on a sector basis.
The back-door key is a program execution feature. The sequence must be written by the CPU executing a program already loaded in the chip - not through the debugging interface. You can't do this if the chip is secured as you do not have the required access. This is unrelated to the chip flash reprogramming which uses a separate protection mechanism. This may be moot - is the chip secured? If the chip is secured (by the image you have) debugging will also be frustrating as it will secure while executing.
Do you have any idea in what language the original program was written in? For example, working with a disassembled image for a C-program would be very difficult.
What origin is the firmware image you have? Is it an actual program image or is a customised file intended for upgrading the chip? If the latter it may not be usable for several reasons e.g. encrypted or simple not in a usable format.
Again most of these questions are related to the chip - not USBDM. Try posting on the appropriate forum for more informative answers. I'm certainly not a expert on Coldfire.
bye
