How to debug the STM32N6 using VS Code

Hi @B.Montanari ,

Nice and detailed tutorial! Bravo!
That ‘first’ breakpoint isn’t necessary if you use a simple trick in the Appli main() with a debug flag or a user button.

  BSP_PB_Init (BUTTON_USER1, BUTTON_MODE_GPIO);
  // loop that can be used to catch the application for debug.Set mini to 1, build and flash target as normally.
  // Set BOOT1 switch to the left position, press reset without removing cable.
  // Use the Connect to running debug config to connect, then change mini value from watch.
  // For breakpoints to work they seem to need to be manually changed to ahrdware breakpoint
  static volatile int debugFlag = 1;
  while (debugFlag == 1 && BSP_PB_GetState(BUTTON_USER1) == 0)
  {
    __NOP();
  }

Can't wait to see EWARM tutorial how to use it with STM32N6 and debug code !

@B.Montanari 
Thank you for this precise article. I've run into a problem while trying to debug, I just get an error message:

ST-LINK SN : 004400303234510E37333934
ST-LINK FW : V3J16M9
Board : NUCLEO-N657X0-Q
Voltage : 3.29V
Error: Unable to get core ID
Error: Cannot connect to access port 1! If you are trying to connect to a device with TrustZone enabled please try to connect with HotPlug mode. If you are trying to connect to a device which supports Debug Authentication with certificate or password, please open your device using it.
Encountered Error when opening C:/Users/zsigm/AppData/Local/stm32cube/bundles/programmer/2.20.0/bin\STM32_Programmer_CLI.exe
Error in STM32CubeProgrammer
Error finishing flash operation
cube is killed by signal SIGTERM

What could be causing this? Is there a way to enable HotPlug mode in the launch.json file?

Thank you in advance!

@zsigmons 

You can solve that error by adding following lines to launch.json :

Match the device name to your device

"deviceName": "STM32N657X0H3Q",
"deviceCore": "Cortex-M55",

@B.Montanari current article and this article are outdated by the signing tool "-align" argument while this is updated. Without this argument the EXTMEM_MANAGER header size cannot be reliably configured.

Thanks @Mikk Leini ! I've made the changes and submitted for the update. Much appreciated =)

@B.Montanari first of all - it's great that you and others in ST create these articles because the new MCUs with external memories, loaders and security features get very complicate very quickly.

Based on the instructions (and struggles) I have managed to use external Flash loader to program Application into external Flash and write FSBL into MCU internal SRAM with debugger in development boot mode and debug these two programs. I have also succeeded to program FSBL into external Flash (so Boot ROM copies it into SRAM) with STM32CubeProgrammer and launch the application in Flash boot mode (BOOT1 = 0).

Sidenote: It's a pity that STM32CubeProgrammer cannot load the custom .elf with address info that the post-build step creates.

Now I would like to program FSBL and Application into external Flash and start debugging them just like they would run on the real product. I guess it should be possible? So I changed launch.json to program FSBL signed elf image, but ST link fails to program second image with one go. No matter if FSBL or Appli is programmed first, the second image programming always fails with "failed to erase memory". Then I removed application image from launcher and just tried flashing only the signed FSBL and using original FSBL as symbol file. It finishes programming and then gives an error:

set *(int *)0xE000ED14=*(int *)0xE000ED14|0x10
Cannot access memory at address 0xe000ed14
cube is killed by signal SIGTERM

I see the debugger connects in hot-plug mode and makes a software reset. I am not sure what exactly is supposed to happen after programming. I guess debuggers needs to reset the target in order to make boot ROM copy FSBL into SRAM and launch it? But it's a black box from vscode point of view.

I don't want to pollute this topic with logs (no way to attach regular txt files either), so I would like to ask your advice. I would also like to know if it's possible to debug (and program) in flash boot mode (BOOT1 = 0). That brings me to yet another question - I cannot connect with STM32CubeProgrammer in that mode because it tells to do debug authentication (if device supports), but I have not found any such button or feature for that in GUI. And finally - an article explaining how to program the signature and encryption keys into the target would be nice because there's a lot of OTP bytes and only one chance per board to succeed.

Hi @Mikk Leini 

Yes, debugging in Flash Boot Mode (BOOT1=0, BOOT0=0) is possible on the STM32N6, but it requires a specific workflow. You cannot rely on the standard "one-click" F5 launch in VS Code for two main reasons:

1. Flashing Failure: The VS Code debugger (GDB Server) fails to flash the FSBL-trusted.elf file.

2. Debug Failure: In Flash Boot Mode (BOOT1=0), the BootROM can lock or restrict the debug port, so a normal connect‑and‑reset debug session may fail.

To succeed, you must separate the flashing process from the debugging process and manually re-open the debug port in your firmware.

Why it was failing

• "Failed to erase memory": This error occurs because the ST-LINK GDB Server (used by VS Code's launch.json) fails to correctly parse or flash the signed FSBL-trusted.elf. The GDB Server struggles with the specific headers of the trusted ELF or loses the External Loader context when trying to program it, leading to a failure before the write even begins.

• "Cannot access memory at 0xe000ed14": This error is a direct side effect of the GDB Server failing to handle the signed FSBL-trusted.elf. When the GDB Server attempts to process the signed binary and fails, it loses synchronization with the debug probe or leaves the session in an undefined state. As a result, subsequent commands fail with a generic "Cannot access memory" error, even though the hardware itself is in an open (DEVBOOT) state.

• "Debug Authentication": When switching to Flash Boot Mode (BOOT1=0, BOOT0=0), the BootROM enforces debug restrictions. If no debug authentication or explicit unlock is performed, both VS Code and STM32CubeProgrammer can show a Debug Authentication error and fail to connect or reset.

Solution

Step A: Modify FSBL to re-enable Debug

Since Flash Boot mode can restrict debug, your FSBL should explicitly re‑allow debug access at startup.

At the beginning of main() (or very early in FSBL init), you can add this:

/* Unlock BSEC Access Port */
BSEC->AP_UNLOCK = 0xB4; 

/* Enable Non-Secure and Secure Debug (Mimics DEVBOOT state) */
BSEC->DBGCR = 0xB451B400; 

/* Optional: Blink an LED here to visually confirm FSBL is running */

This way, when the BootROM has finished authenticating and jumps into FSBL, your FSBL “reopens” the debug port, making Hotplug attach feasible in Flash Boot mode.

Step B: Flash using a VS Code Task (DEVBOOT only)

Flashing signed images via the ST‑LINK GDB server in VS Code is fragile in this scenario, especially with external flash and trusted ELFs. A more robust approach is to:

• Put the board in DEVBOOT (BOOT1=1),

• Use STM32_Programmer_CLI with the external loader and explicit addresses,

• And run that via a VS Code task.

Example .vscode/tasks.json:

{
    "version": "2.0.0",
    "tasks": [
        // =========================================================================
        // This task invokes the STM32CubeProgrammer CLI to program the board.
        // REQUIREMENT: Board must be in DEVBOOT mode (BOOT1=1) for this to succeed.
        // =========================================================================
        {
            "label": "Flash STM32N6 (DEVBOOT)",
            "type": "process",
            "command": "STM32_Programmer_CLI",
            
            // AUTOMATION: Automatically runs the "Clean Rebuild" task first.
            // If the rebuild fails, this flash command will not execute.
            "dependsOn": [
                "CMake: clean rebuild"
            ],
            
            "args": [
                // CONNECTION: Use SWD port and connect 'Under Reset' (UR) 
                "-c", "port=SWD", "mode=UR",
                
                // EXTERNAL LOADER: Required to program the external Octal-SPI/HyperFlash.
                // Ensure this path points to the correct loader for the STM32N6 DK.
                "-el", "C:/Program Files/STMicroelectronics/STM32Cube/STM32CubeProgrammer/bin/ExternalLoader/MX66UW1G45G_STM32N6570-DK.stldr",
                
                // FLASHING FSBL (First Stage Boot Loader):
                // Using flat binary (.bin) format requires explicit start address (0x70000000).
                "-d", "${workspaceFolder}/FSBL/build/FSBL-trusted.bin", "0x70000000", "-v", // Verify after write
                
                // FLASHING APPLI (Main Application):
                // Using flat binary (.bin) format requires explicit start address (0x70100000).
                "-d", "${workspaceFolder}/Appli/build/Appli-trusted.bin", "0x70100000", "-v" // Verify after write
            ],
            "problemMatcher": []
        }
    ]
}

After saving tasks.json, run it via:

• Ctrl+Shift+P → Tasks: Run Task → Flash STM32N6 (DEVBOOT)

Step C: Debug using Hotplug (Attach-like)

Once the images are flashed and verified:

• Switch the board to Flash Boot mode (BOOT1=0, BOOT0=0).

• Power cycle the board so that the BootROM authenticates the FSBL and jumps into it.

• FSBL runs, executes your debug‑unlock sequence, then continues.

Now you want a launch configuration that only attaches and does not reset the target or try to re‑flash anything.

Example .vscode/launch.json:

{
    "version": "0.2.0",
    "configurations": [
        // ====================================================================
        // CONFIGURATION: HOTPLUG / ATTACH MODE
        // Use this when the board is in FLASHBOOT (BOOT1=0).
        // It connects to the running target without resetting it, allowing you to debug in 
        //FLASHBOOT mode
        // ====================================================================
        {
            "name": "STM32N6-DK Hotplug/Debug",
            "type": "stlinkgdbtarget",
            "request": "launch", // logic acts as 'attach' due to serverReset: None
            "origin": "snippet",
            "deviceName": "STM32N657",
            "deviceCore": "Cortex-M55",
            
            // CRITICAL: Tells the debugger NOT to reset the chip upon connection.
            // This preserves the state set by the Boot ROM and your FSBL unlock code.
            "serverReset": "None", 
            
            "cwd": "${workspaceFolder}",
            "svdPath": "C:/ST/STM32CubeCLT_1.20.0/STMicroelectronics_CMSIS_SVD/STM32N657.svd",
            
            // SYMBOLS ONLY: notice 'imageFileName' is missing.
            // This ensures VS Code knows the variable names/line numbers 
            // but DOES NOT attempt to flash the code (which would fail in Secure Boot).
            "imagesAndSymbols": [
                {
                    "symbolFileName": "${workspaceFolder}/Appli/build/STM32N6_ExecuteInPlace_Appli.elf"
                },
                {
                    "symbolFileName": "${workspaceFolder}/FSBL/build/STM32N6_ExecuteInPlace_FSBL.elf"
                }
            ],

            // LOADER WORKAROUND: The extension requires this block to be present.
            // We set 'initialize: false' to prevent the debugger from trying to
            // configure the external flash (which runs safely in the background).
            "serverExtLoader": [
                {
                    "loader": "C:/Program Files/STMicroelectronics/STM32Cube/STM32CubeProgrammer/bin/ExternalLoader/MX66UW1G45G_STM32N6570-DK.stldr",
                    "initialize": false
                }
            ]
        }
    ]
}

With this setup:

• VS Code will not reprogram anything.

• It will attempt to attach to the running core, leaving the FSBL‑based debug unlock logic in place.

• Once attached, you can set breakpoints in FSBL and Appli (both symbol files are loaded).

The Workflow Steps

1. Flash in DEV Mode:

• Set Switch to DEVBOOT mode (BOOT1=1).

• Run Task: "Flash STM32N6 (DEVBOOT)".

• Result: FSBL-trusted.bin and Appli-trusted.bin are correctly written to External Flash.

2. Boot in FLASHBOOT Mode:

• Set Switch to FLASHBOOT mode (BOOT1=0, BOOT0=0).

• Power cycle the board.

• Result: Boot ROM validates FSBL → FSBL runs → FSBL re-enables debug.

3. Debug via Hotplug:

• Press F5 on "STM32N6-DK Hotplug/Debug".

• Result: Debugging with FLASHBOOT mode (BOOT1=0, BOOT0=0) is now possible.

Questions

Q: Is it possible to debug (and program) in Flash boot mode (BOOT1 = 0)?

• Debug: Yes, but only if your FSBL manually unlocks the BSEC registers as shown above.

• Program: Not easily via standard tools. Always program in DEVBOOT (BOOT1 = 1), then switch modes to test.

Q: I cannot connect with STM32CubeProgrammer in that mode…

Without FSBL re‑enabling debug, that is expected. After you flash a FSBL that reopens debug, and once it is running, you can use Hotplug/attach from STM32CubeProgrammer as well.

Q: How do I program signature and encryption keys (OTP)?

We do not have a specific tutorial for programming these exact keys, but we are working to improve our documentation in this area and plan to provide more detailed application notes and examples in future releases.