Visible to Intel only — GUID: suc1423162767326
Ixiasoft
Visible to Intel only — GUID: suc1423162767326
Ixiasoft
1.2.1.17. 751471: DBGPCSR Format Is Incorrect
Description
In the Debug Program Counter Sampling (DBGPCSR) register, the Arm* architecture specifies that:
- DBGPCSR[31:2] contain the sampled value of bits [31:2] of the PC.
- The sampled value is an instruction address plus an offset that depends on the processor instruction set state.
- DBGPCSR[1:0] contain the meaning of PC Sample Value, with the following permitted values:
- 2'b00 ((DBGPCSR[31:2] << 2) – 8) references an Arm* state instruction
- 2'bx1 ((DBGPCSR[31:1] << 1) – 4) references a Thumb or ThumbEE state instruction; "x" is a don't care.
- 2'b10 IMPLEMENTATION DEFINED
This field encodes the processor instruction set state, so that the profiling tool can calculate the true instruction address by subtracting the appropriate offset from the value sampled in bits [31:2] of the register.
In Cortex* -A9, the DBGPCSR samples the target address of executed branches (but possibly still speculative to data aborts), with the following encodings:
- DBGPCSR[31:2] contain the address of the target branch instruction, with no offset.
- DBGPCSR[1:0] contains the execution state of the target branch instruction:
- 2'b00 for an Arm* state instruction
- 2'b01 for a Thumb state instruction
- 2'b10 for a Jazelle state instruction
- 2'b11 for a ThumbEE state instruction
Impact
The implication of this erratum is that the debugger tools must not rely on the architected description for the value of DBGPCSR[1:0], nor remove any offset from DBGPCSR[31:2], to obtain the expected PC value.
Subtracting 4 or 8 from the DBGPCSR[31:2] value would lead to an area of code that is unlikely to have been recently executed or might not contain any executable code.
The same might be true for Thumb instructions at half-word boundaries, in which case, PC[1]=1 but DBGPCSR[1]=0; or ThumbEE instructions at word boundaries, with PC[1]=0 and DBGPCSR[1]=1. In Cortex* -A9, because the DBGPCSR is always a branch target (in other words, the start of a basic block to the tool), the debugger should be able to spot many of these cases and attribute the sample to the right basic block.
Workaround
The debugger tools can find the expected PC value and instruction state by reading the DBGPCSR register and consider it as described in the "Description" section of this erratum.
Category
Category 3