| blob | 9e632a7609108588889d5f3f50213f4a55836564 |
1 /* Common target dependent code for GDB on ARM systems.
3 Copyright (C) 1988-2014 Free Software Foundation, Inc.
5 This file is part of GDB.
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>. */
70 /* Macros for setting and testing a bit in a minimal symbol that marks
71 it as Thumb function. The MSB of the minimal symbol's "info" field
72 is used for this purpose.
74 MSYMBOL_SET_SPECIAL Actually sets the "special" bit.
75 MSYMBOL_IS_SPECIAL Tests the "special" bit in a minimal symbol. */
77 #define MSYMBOL_SET_SPECIAL(msym) \
78 MSYMBOL_TARGET_FLAG_1 (msym) = 1
80 #define MSYMBOL_IS_SPECIAL(msym) \
81 MSYMBOL_TARGET_FLAG_1 (msym)
83 /* Per-objfile data used for mapping symbols. */
86 struct arm_mapping_symbol
87 {
88 bfd_vma value;
90 };
94 struct arm_per_objfile
95 {
97 };
99 /* The list of available "set arm ..." and "show arm ..." commands. */
103 /* The type of floating-point to use. Keep this in sync with enum
104 arm_float_model, and the help string in _initialize_arm_tdep. */
106 {
112 NULL
113 };
115 /* A variable that can be configured by the user. */
119 /* The ABI to use. Keep this in sync with arm_abi_kind. */
121 {
125 NULL
126 };
128 /* A variable that can be configured by the user. */
132 /* The execution mode to assume. */
134 {
138 NULL
139 };
144 /* Internal override of the execution mode. -1 means no override,
145 0 means override to ARM mode, 1 means override to Thumb mode.
146 The effect is the same as if arm_force_mode has been set by the
147 user (except the internal override has precedence over a user's
148 arm_force_mode override). */
151 /* Number of different reg name sets (options). */
154 /* The standard register names, and all the valid aliases for them. Note
155 that `fp', `sp' and `pc' are not added in this alias list, because they
156 have been added as builtin user registers in
157 std-regs.c:_initialize_frame_reg. */
158 static const struct
159 {
163 /* Basic register numbers. */
180 /* Synonyms (argument and variable registers). */
193 /* Other platform-specific names for r9. */
196 /* Special names. */
199 /* Names used by GCC (not listed in the ARM EABI). */
201 /* A special name from the older ATPCS. */
203 };
214 /* Valid register name styles. */
217 /* Disassembly style to use. Default to "std" register names. */
220 /* This is used to keep the bfd arch_info in sync with the disassembly
221 style. */
240 struct arm_prologue_cache
241 {
242 /* The stack pointer at the time this frame was created; i.e. the
243 caller's stack pointer when this function was called. It is used
244 to identify this frame. */
245 CORE_ADDR prev_sp;
247 /* The frame base for this frame is just prev_sp - frame size.
248 FRAMESIZE is the distance from the frame pointer to the
249 initial stack pointer. */
253 /* The register used to hold the frame pointer for this frame. */
256 /* Saved register offsets. */
258 };
261 CORE_ADDR prologue_start,
262 CORE_ADDR prologue_end,
265 /* Architecture version for displaced stepping. This effects the behaviour of
266 certain instructions, and really should not be hard-wired. */
268 #define DISPLACED_STEPPING_ARCH_VERSION 5
270 /* Addresses for calling Thumb functions have the bit 0 set.
271 Here are some macros to test, set, or clear bit 0 of addresses. */
272 #define IS_THUMB_ADDR(addr) ((addr) & 1)
273 #define MAKE_THUMB_ADDR(addr) ((addr) | 1)
274 #define UNMAKE_THUMB_ADDR(addr) ((addr) & ~1)
276 /* Set to true if the 32-bit mode is in use. */
280 /* Return the bit mask in ARM_PS_REGNUM that indicates Thumb mode. */
282 int
284 {
287 else
289 }
291 /* Determine if FRAME is executing in Thumb mode. */
293 int
295 {
296 CORE_ADDR cpsr;
299 /* Every ARM frame unwinder can unwind the T bit of the CPSR, either
300 directly (from a signal frame or dummy frame) or by interpreting
301 the saved LR (from a prologue or DWARF frame). So consult it and
302 trust the unwinders. */
306 }
308 /* Callback for VEC_lower_bound. */
313 {
315 }
317 /* Search for the mapping symbol covering MEMADDR. If one is found,
318 return its type. Otherwise, return 0. If START is non-NULL,
319 set *START to the location of the mapping symbol. */
321 static char
323 {
326 /* If there are mapping symbols, consult them. */
329 {
338 {
341 {
345 arm_compare_mapping_symbols);
347 /* VEC_lower_bound finds the earliest ordered insertion
348 point. If the following symbol starts at this exact
349 address, we use that; otherwise, the preceding
350 mapping symbol covers this address. */
352 {
355 {
359 }
360 }
363 {
368 }
369 }
370 }
371 }
374 }
376 /* Determine if the program counter specified in MEMADDR is in a Thumb
377 function. This function should be called for addresses unrelated to
378 any executing frame; otherwise, prefer arm_frame_is_thumb. */
380 int
382 {
388 /* If checking the mode of displaced instruction in copy area, the mode
389 should be determined by instruction on the original address. */
391 {
398 }
400 /* If bit 0 of the address is set, assume this is a Thumb address. */
404 /* Respect internal mode override if active. */
408 /* If the user wants to override the symbol table, let him. */
414 /* ARM v6-M and v7-M are always in Thumb mode. */
418 /* If there are mapping symbols, consult them. */
423 /* Thumb functions have a "special" bit set in minimal symbols. */
428 /* If the user wants to override the fallback mode, let them. */
434 /* If we couldn't find any symbol, but we're talking to a running
435 target, then trust the current value of $cpsr. This lets
436 "display/i $pc" always show the correct mode (though if there is
437 a symbol table we will not reach here, so it still may not be
438 displayed in the mode it will be executed). */
442 /* Otherwise we're out of luck; we assume ARM. */
444 }
446 /* Remove useless bits from addresses in a running program. */
447 static CORE_ADDR
449 {
450 /* On M-profile devices, do not strip the low bit from EXC_RETURN
451 (the magic exception return address). */
458 else
460 }
462 /* Return 1 if PC is the start of a compiler helper function which
463 can be safely ignored during prologue skipping. IS_THUMB is true
464 if the function is known to be a Thumb function due to the way it
465 is being called. */
466 static int
468 {
476 {
479 /* The GNU linker's Thumb call stub to foo is named
480 __foo_from_thumb. */
484 /* On soft-float targets, __truncdfsf2 is called to convert promoted
485 arguments to their argument types in non-prototyped
486 functions. */
492 /* Internal functions related to thread-local storage. */
497 }
498 else
499 {
500 /* If we run against a stripped glibc, we may be unable to identify
501 special functions by name. Check for one important case,
502 __aeabi_read_tp, by comparing the *code* against the default
503 implementation (this is hand-written ARM assembler in glibc). */
511 }
514 }
516 /* Support routines for instruction parsing. */
517 #define submask(x) ((1L << ((x) + 1)) - 1)
518 #define bit(obj,st) (((obj) >> (st)) & 1)
519 #define bits(obj,st,fn) (((obj) >> (st)) & submask ((fn) - (st)))
520 #define sbits(obj,st,fn) \
521 ((long) (bits(obj,st,fn) | ((long) bit(obj,fn) * ~ submask (fn - st))))
522 #define BranchDest(addr,instr) \
523 ((CORE_ADDR) (((unsigned long) (addr)) + 8 + (sbits (instr, 0, 23) << 2)))
525 /* Extract the immediate from instruction movw/movt of encoding T. INSN1 is
526 the first 16-bit of instruction, and INSN2 is the second 16-bit of
527 instruction. */
528 #define EXTRACT_MOVW_MOVT_IMM_T(insn1, insn2) \
529 ((bits ((insn1), 0, 3) << 12) \
530 | (bits ((insn1), 10, 10) << 11) \
531 | (bits ((insn2), 12, 14) << 8) \
532 | bits ((insn2), 0, 7))
534 /* Extract the immediate from instruction movw/movt of encoding A. INSN is
535 the 32-bit instruction. */
536 #define EXTRACT_MOVW_MOVT_IMM_A(insn) \
537 ((bits ((insn), 16, 19) << 12) \
538 | bits ((insn), 0, 11))
540 /* Decode immediate value; implements ThumbExpandImmediate pseudo-op. */
542 static unsigned int
544 {
549 {
559 }
562 }
564 /* Return 1 if the 16-bit Thumb instruction INST might change
565 control flow, 0 otherwise. */
567 static int
569 {
589 }
591 /* Return 1 if the 32-bit Thumb instruction in INST1 and INST2
592 might change control flow, 0 otherwise. */
594 static int
596 {
598 {
599 /* Branches and miscellaneous control instructions. */
602 {
603 /* B, BL, BLX. */
605 }
607 {
608 /* SUBS PC, LR, #imm8. */
610 }
612 {
613 /* Conditional branch. */
615 }
618 }
621 {
622 /* Load multiple or RFE. */
625 {
626 /* LDMIA or POP */
629 }
631 {
632 /* LDMDB */
635 }
637 {
638 /* RFEIA */
640 }
642 {
643 /* RFEDB */
645 }
648 }
651 {
652 /* MOV PC or MOVS PC. */
654 }
657 {
658 /* LDR PC. */
669 }
672 {
673 /* TBB. */
675 }
678 {
679 /* TBH. */
681 }
684 }
686 /* Return 1 if the 16-bit Thumb instruction INSN restores SP in
687 epilogue, 0 otherwise. */
689 static int
691 {
695 }
697 /* Analyze a Thumb prologue, looking for a recognizable stack frame
698 and frame pointer. Scan until we encounter a store that could
699 clobber the stack frame unexpectedly, or an unknown instruction.
700 Return the last address which is definitely safe to skip for an
701 initial breakpoint. */
703 static CORE_ADDR
707 {
714 CORE_ADDR offset;
723 {
729 {
736 /* Bits 0-7 contain a mask for registers R0-R7. Bit 8 says
737 whether to save LR (R14). */
740 /* Calculate offsets of saved R0-R7 and LR. */
743 {
747 }
748 }
750 {
754 }
756 {
757 /* Don't scan past the epilogue. */
759 }
778 {
782 }
784 {
788 }
790 {
791 /* Handle stores to the stack. Normally pushes are used,
792 but with GCC -mtpcs-frame, there may be other stores
793 in the prologue to create the frame. */
795 pv_t addr;
804 }
806 {
809 pv_t addr;
818 }
822 /* Ignore stores of argument registers to the stack. */
823 ;
826 /* Ignore block loads from the stack, potentially copying
827 parameters from memory. */
828 ;
832 /* Similarly ignore single loads from the stack. */
833 ;
836 /* Skip register copies, i.e. saves to another register
837 instead of the stack. */
838 ;
840 /* Recognize constant loads; even with small stacks these are necessary
841 on Thumb. */
844 {
845 /* Constant pool loads, for the same reason. */
847 CORE_ADDR loc;
852 }
854 {
858 byte_order_for_code);
861 {
862 /* BL, BLX. Allow some special function calls when
863 skipping the prologue; GCC generates these before
864 storing arguments to the stack. */
865 CORE_ADDR nextpc;
877 /* For BLX make sure to clear the low bits. */
884 }
887 { registers } */
889 {
896 /* Calculate offsets of saved registers. */
899 {
902 }
906 }
909 [Rn, #+/-imm]{!} */
911 {
919 else
931 }
936 {
943 else
953 }
957 {
959 pv_t addr;
968 }
972 /* Ignore stores of argument registers to the stack. */
973 ;
978 /* Ignore stores of argument registers to the stack. */
979 ;
982 { registers } */
985 /* Ignore block loads from the stack, potentially copying
986 parameters from memory. */
987 ;
990 [Rn, #+/-imm] */
992 /* Similarly ignore dual loads from the stack. */
993 ;
998 /* Similarly ignore single loads from the stack. */
999 ;
1003 /* Similarly ignore single loads from the stack. */
1004 ;
1008 {
1016 }
1020 {
1027 }
1031 {
1039 }
1043 {
1050 }
1053 {
1060 }
1063 {
1064 unsigned int imm
1068 }
1072 {
1076 }
1079 {
1080 /* Constant pool loads. */
1082 CORE_ADDR loc;
1087 else
1092 }
1095 {
1096 /* Constant pool loads. */
1098 CORE_ADDR loc;
1103 else
1111 }
1114 {
1115 /* Don't scan past anything that might change control flow. */
1117 }
1118 else
1119 {
1120 /* The optimizer might shove anything into the prologue,
1121 so we just skip what we don't recognize. */
1123 }
1126 }
1128 {
1129 /* Don't scan past anything that might change control flow. */
1131 }
1132 else
1133 {
1134 /* The optimizer might shove anything into the prologue,
1135 so we just skip what we don't recognize. */
1137 }
1140 }
1150 {
1153 }
1156 {
1157 /* Frame pointer is fp. Frame size is constant. */
1160 }
1162 {
1163 /* Frame pointer is r7. Frame size is constant. */
1166 }
1167 else
1168 {
1169 /* Try the stack pointer... this is a bit desperate. */
1172 }
1180 }
1183 /* Try to analyze the instructions starting from PC, which load symbol
1184 __stack_chk_guard. Return the address of instruction after loading this
1185 symbol, set the dest register number to *BASEREG, and set the size of
1186 instructions for loading symbol in OFFSET. Return 0 if instructions are
1187 not recognized. */
1189 static CORE_ADDR
1192 {
1199 {
1200 unsigned short insn1
1204 {
1209 byte_order_for_code);
1210 }
1212 {
1213 unsigned short insn2
1218 insn1
1220 insn2
1223 /* movt Rd, #const */
1225 {
1230 }
1231 }
1232 }
1233 else
1234 {
1235 unsigned int insn
1239 {
1242 byte_order_for_code);
1246 }
1248 {
1251 insn
1255 {
1260 }
1261 }
1262 }
1265 }
1267 /* Try to skip a sequence of instructions used for stack protector. If PC
1268 points to the first instruction of this sequence, return the address of
1269 first instruction after this sequence, otherwise, return original PC.
1271 On arm, this sequence of instructions is composed of mainly three steps,
1272 Step 1: load symbol __stack_chk_guard,
1273 Step 2: load from address of __stack_chk_guard,
1274 Step 3: store it to somewhere else.
1276 Usually, instructions on step 2 and step 3 are the same on various ARM
1277 architectures. On step 2, it is one instruction 'ldr Rx, [Rn, #0]', and
1278 on step 3, it is also one instruction 'str Rx, [r7, #immd]'. However,
1279 instructions in step 1 vary from different ARM architectures. On ARMv7,
1280 they are,
1282 movw Rn, #:lower16:__stack_chk_guard
1283 movt Rn, #:upper16:__stack_chk_guard
1285 On ARMv5t, it is,
1287 ldr Rn, .Label
1288 ....
1289 .Lable:
1290 .word __stack_chk_guard
1292 Since ldr/str is a very popular instruction, we can't use them as
1293 'fingerprint' or 'signature' of stack protector sequence. Here we choose
1294 sequence {movw/movt, ldr}/ldr/str plus symbol __stack_chk_guard, if not
1295 stripped, as the 'fingerprint' of a stack protector cdoe sequence. */
1297 static CORE_ADDR
1299 {
1305 CORE_ADDR addr;
1307 /* Try to parse the instructions in Step 1. */
1314 /* ADDR must correspond to a symbol whose name is __stack_chk_guard.
1315 Otherwise, this sequence cannot be for stack protector. */
1323 {
1325 unsigned short insn
1328 /* Step 2: ldr Rd, [Rn, #immed], encoding T1. */
1336 byte_order_for_code);
1337 /* Step 3: str Rd, [Rn, #immed], encoding T1. */
1342 }
1343 else
1344 {
1346 unsigned int insn
1349 /* Step 2: ldr Rd, [Rn, #immed], encoding A1. */
1355 /* Step 3: str Rd, [Rn, #immed], encoding A1. */
1362 }
1363 /* The size of total two instructions ldr/str is 4 on Thumb-2, while 8
1364 on arm. */
1367 else
1369 }
1371 /* Advance the PC across any function entry prologue instructions to
1372 reach some "real" code.
1374 The APCS (ARM Procedure Call Standard) defines the following
1375 prologue:
1377 mov ip, sp
1378 [stmfd sp!, {a1,a2,a3,a4}]
1379 stmfd sp!, {...,fp,ip,lr,pc}
1380 [stfe f7, [sp, #-12]!]
1381 [stfe f6, [sp, #-12]!]
1382 [stfe f5, [sp, #-12]!]
1383 [stfe f4, [sp, #-12]!]
1384 sub fp, ip, #nn @@ nn == 20 or 4 depending on second insn. */
1386 static CORE_ADDR
1388 {
1391 CORE_ADDR skip_pc;
1394 /* See if we can determine the end of the prologue via the symbol table.
1395 If so, then return either PC, or the PC after the prologue, whichever
1396 is greater. */
1398 {
1399 CORE_ADDR post_prologue_pc
1404 post_prologue_pc
1408 /* GCC always emits a line note before the prologue and another
1409 one after, even if the two are at the same address or on the
1410 same line. Take advantage of this so that we do not need to
1411 know every instruction that might appear in the prologue. We
1412 will have producer information for most binaries; if it is
1413 missing (e.g. for -gstabs), assuming the GNU tools. */
1422 {
1423 CORE_ADDR analyzed_limit;
1425 /* For non-GCC compilers, make sure the entire line is an
1426 acceptable prologue; GDB will round this function's
1427 return value up to the end of the following line so we
1428 can not skip just part of a line (and we do not want to).
1430 RealView does not treat the prologue specially, but does
1431 associate prologue code with the opening brace; so this
1432 lets us skip the first line if we think it is the opening
1433 brace. */
1437 else
1445 }
1446 }
1448 /* Can't determine prologue from the symbol table, need to examine
1449 instructions. */
1451 /* Find an upper limit on the function prologue using the debug
1452 information. If the debug information could not be used to provide
1453 that bound, then use an arbitrary large number as the upper bound. */
1454 /* Like arm_scan_prologue, stop no later than pc + 64. */
1460 /* Check if this is Thumb code. */
1465 {
1468 /* "mov ip, sp" is no longer a required part of the prologue. */
1478 /* Some prologues begin with "str lr, [sp, #-4]!". */
1488 /* Any insns after this point may float into the code, if it makes
1489 for better instruction scheduling, so we skip them only if we
1490 find them, but still consider the function to be frame-ful. */
1492 /* We may have either one sfmfd instruction here, or several stfe
1493 insns, depending on the version of floating point code we
1494 support. */
1517 /* Un-recognized instruction; stop scanning. */
1519 }
1522 }
1524 /* *INDENT-OFF* */
1525 /* Function: thumb_scan_prologue (helper function for arm_scan_prologue)
1526 This function decodes a Thumb function prologue to determine:
1527 1) the size of the stack frame
1528 2) which registers are saved on it
1529 3) the offsets of saved regs
1530 4) the offset from the stack pointer to the frame pointer
1532 A typical Thumb function prologue would create this stack frame
1533 (offsets relative to FP)
1534 old SP -> 24 stack parameters
1535 20 LR
1536 16 R7
1537 R7 -> 0 local variables (16 bytes)
1538 SP -> -12 additional stack space (12 bytes)
1539 The frame size would thus be 36 bytes, and the frame offset would be
1540 12 bytes. The frame register is R7.
1542 The comments for thumb_skip_prolog() describe the algorithm we use
1543 to detect the end of the prolog. */
1544 /* *INDENT-ON* */
1546 static void
1549 {
1550 CORE_ADDR prologue_start;
1551 CORE_ADDR prologue_end;
1555 {
1556 /* See comment in arm_scan_prologue for an explanation of
1557 this heuristics. */
1559 {
1561 }
1562 }
1563 else
1564 /* We're in the boondocks: we have no idea where the start of the
1565 function is. */
1571 }
1573 /* Return 1 if THIS_INSTR might change control flow, 0 otherwise. */
1575 static int
1577 {
1579 /* Unconditional instructions. */
1581 {
1584 /* Branch with Link and change to Thumb. */
1589 /* Coprocessor register transfer. */
1595 }
1596 else
1598 {
1601 {
1602 /* Multiplies and extra load/stores. */
1604 /* Neither multiplies nor extension load/stores are allowed
1605 to modify PC. */
1608 /* Otherwise, miscellaneous instructions. */
1610 /* BX <reg>, BXJ <reg>, BLX <reg> */
1616 /* Other miscellaneous instructions are unpredictable if they
1617 modify PC. */
1619 }
1620 /* Data processing instruction. Fall through. */
1625 else
1630 /* Media instructions and architecturally undefined instructions. */
1634 /* Stores. */
1638 /* Loads. */
1641 else
1645 /* Load/store multiple. */
1648 else
1652 /* Branch and branch with link. */
1657 /* Coprocessor transfers or SWIs can not affect PC. */
1662 }
1663 }
1665 /* Analyze an ARM mode prologue starting at PROLOGUE_START and
1666 continuing no further than PROLOGUE_END. If CACHE is non-NULL,
1667 fill it in. Return the first address not recognized as a prologue
1668 instruction.
1670 We recognize all the instructions typically found in ARM prologues,
1671 plus harmless instructions which can be skipped (either for analysis
1672 purposes, or a more restrictive set that can be skipped when finding
1673 the end of the prologue). */
1675 static CORE_ADDR
1679 {
1690 /* Search the prologue looking for instructions that set up the
1691 frame pointer, adjust the stack pointer, and save registers.
1693 Be careful, however, and if it doesn't look like a prologue,
1694 don't try to scan it. If, for instance, a frameless function
1695 begins with stmfd sp!, then we will tell ourselves there is
1696 a frame, which will confuse stack traceback, as well as "finish"
1697 and other operations that rely on a knowledge of the stack
1698 traceback. */
1708 {
1709 unsigned int insn
1713 {
1716 }
1719 {
1726 }
1729 {
1736 }
1738 [sp, #-4]! */
1739 {
1746 }
1748 /* stmfd sp!, {..., fp, ip, lr, pc}
1749 or
1750 stmfd sp!, {a1, a2, a3, a4} */
1751 {
1757 /* Calculate offsets of saved registers. */
1760 {
1764 }
1765 }
1769 {
1770 /* No need to add this to saved_regs -- it's just an arg reg. */
1772 }
1776 {
1777 /* No need to add this to saved_regs -- it's just an arg reg. */
1779 }
1781 { registers } */
1783 {
1784 /* No need to add this to saved_regs -- it's just arg regs. */
1786 }
1788 {
1793 }
1795 {
1800 }
1802 [sp, -#c]! */
1804 {
1811 }
1813 [sp!] */
1815 {
1823 {
1826 else
1828 }
1829 else
1830 {
1833 else
1835 }
1840 {
1844 }
1845 }
1847 {
1848 /* Allow some special function calls when skipping the
1849 prologue; GCC generates these before storing arguments to
1850 the stack. */
1855 else
1857 }
1861 /* Don't scan past anything that might change control flow. */
1865 /* Ignore block loads from the stack, potentially copying
1866 parameters from memory. */
1870 /* Similarly ignore single loads from the stack. */
1873 /* MOV Rd, Rm. Skip register copies, i.e. saves to another
1874 register instead of the stack. */
1876 else
1877 {
1878 /* The optimizer might shove anything into the prologue,
1879 so we just skip what we don't recognize. */
1882 }
1883 }
1888 /* The frame size is just the distance from the frame register
1889 to the original stack pointer. */
1891 {
1892 /* Frame pointer is fp. */
1895 }
1896 else
1897 {
1898 /* Try the stack pointer... this is a bit desperate. */
1901 }
1904 {
1911 }
1919 }
1921 static void
1924 {
1934 CORE_ADDR offset;
1936 /* Assume there is no frame until proven otherwise. */
1940 /* Check for Thumb prologue. */
1942 {
1945 }
1947 /* Find the function prologue. If we can't find the function in
1948 the symbol table, peek in the stack frame to find the PC. */
1951 {
1952 /* One way to find the end of the prologue (which works well
1953 for unoptimized code) is to do the following:
1955 struct symtab_and_line sal = find_pc_line (prologue_start, 0);
1957 if (sal.line == 0)
1958 prologue_end = prev_pc;
1959 else if (sal.end < prologue_end)
1960 prologue_end = sal.end;
1962 This mechanism is very accurate so long as the optimizer
1963 doesn't move any instructions from the function body into the
1964 prologue. If this happens, sal.end will be the last
1965 instruction in the first hunk of prologue code just before
1966 the first instruction that the scheduler has moved from
1967 the body to the prologue.
1969 In order to make sure that we scan all of the prologue
1970 instructions, we use a slightly less accurate mechanism which
1971 may scan more than necessary. To help compensate for this
1972 lack of accuracy, the prologue scanning loop below contains
1973 several clauses which'll cause the loop to terminate early if
1974 an implausible prologue instruction is encountered.
1976 The expression
1978 prologue_start + 64
1980 is a suitable endpoint since it accounts for the largest
1981 possible prologue plus up to five instructions inserted by
1982 the scheduler. */
1985 {
1987 }
1988 }
1989 else
1990 {
1991 /* We have no symbol information. Our only option is to assume this
1992 function has a standard stack frame and the normal frame register.
1993 Then, we can find the value of our frame pointer on entrance to
1994 the callee (or at the present moment if this is the innermost frame).
1995 The value stored there should be the address of the stmfd + 8. */
1996 CORE_ADDR frame_loc;
1997 LONGEST return_value;
2002 else
2003 {
2004 prologue_start = gdbarch_addr_bits_remove
2007 }
2008 }
2014 }
2018 {
2021 CORE_ADDR unwound_fp;
2034 /* Calculate actual addresses of saved registers using offsets
2035 determined by arm_scan_prologue. */
2041 }
2043 /* Our frame ID for a normal frame is the current function's starting PC
2044 and the caller's SP when we were called. */
2046 static void
2050 {
2059 /* This is meant to halt the backtrace at "_start". */
2064 /* If we've hit a wall, stop. */
2068 /* Use function start address as part of the frame ID. If we cannot
2069 identify the start address (due to missing symbol information),
2070 fall back to just using the current PC. */
2077 }
2083 {
2091 /* If we are asked to unwind the PC, then we need to return the LR
2092 instead. The prologue may save PC, but it will point into this
2093 frame's prologue, not the next frame's resume location. Also
2094 strip the saved T bit. A valid LR may have the low bit set, but
2095 a valid PC never does. */
2097 {
2098 CORE_ADDR lr;
2103 }
2105 /* SP is generally not saved to the stack, but this frame is
2106 identified by the next frame's stack pointer at the time of the call.
2107 The value was already reconstructed into PREV_SP. */
2111 /* The CPSR may have been changed by the call instruction and by the
2112 called function. The only bit we can reconstruct is the T bit,
2113 by checking the low bit of LR as of the call. This is a reliable
2114 indicator of Thumb-ness except for some ARM v4T pre-interworking
2115 Thumb code, which could get away with a clear low bit as long as
2116 the called function did not use bx. Guess that all other
2117 bits are unchanged; the condition flags are presumably lost,
2118 but the processor status is likely valid. */
2120 {
2128 else
2131 }
2134 prev_regnum);
2135 }
2138 NORMAL_FRAME,
2139 default_frame_unwind_stop_reason,
2140 arm_prologue_this_id,
2141 arm_prologue_prev_register,
2142 NULL,
2143 default_frame_sniffer
2144 };
2146 /* Maintain a list of ARM exception table entries per objfile, similar to the
2147 list of mapping symbols. We only cache entries for standard ARM-defined
2148 personality routines; the cache will contain only the frame unwinding
2149 instructions associated with the entry (not the descriptors). */
2153 struct arm_exidx_entry
2154 {
2155 bfd_vma addr;
2157 };
2161 struct arm_exidx_data
2162 {
2164 };
2166 static void
2168 {
2174 }
2179 {
2181 }
2185 {
2191 {
2198 }
2201 }
2203 /* Parse contents of exception table and exception index sections
2204 of OBJFILE, and fill in the exception table entry cache.
2206 For each entry that refers to a standard ARM-defined personality
2207 routine, extract the frame unwinding instructions (from either
2208 the index or the table section). The unwinding instructions
2209 are normalized by:
2210 - extracting them from the rest of the table data
2211 - converting to host endianness
2212 - appending the implicit 0xb0 ("Finish") code
2214 The extracted and normalized instructions are stored for later
2215 retrieval by the arm_find_exidx_entry routine. */
2217 static void
2219 {
2226 LONGEST i;
2228 /* If we've already touched this file, do nothing. */
2233 /* Read contents of exception table and index. */
2236 {
2244 {
2247 }
2248 }
2252 {
2260 {
2263 }
2264 }
2266 /* Allocate exception table data structure. */
2273 /* Fill in exception table. */
2275 {
2284 /* Extract address of start of function. */
2288 /* Find section containing function and compute section offset. */
2294 /* Determine address of exception table entry. */
2296 {
2297 /* EXIDX_CANTUNWIND -- no exception table entry present. */
2298 }
2300 {
2301 /* Exception table entry embedded in .ARM.exidx
2302 -- must be short form. */
2305 }
2307 {
2308 /* Exception table entry in .ARM.extab. */
2313 {
2319 {
2320 /* Short form. */
2322 }
2325 {
2326 /* Long form. */
2329 }
2331 {
2332 bfd_vma pers;
2336 /* Custom personality routine. */
2340 /* Check whether we've got one of the variants of the
2341 GNU personality routines. */
2344 {
2346 {
2351 NULL
2352 };
2360 {
2363 }
2364 }
2366 /* If so, the next word contains a word count in the high
2367 byte, followed by the same unwind instructions as the
2368 pre-defined forms. */
2371 {
2377 }
2378 }
2379 }
2380 }
2382 /* Sanity check address. */
2387 /* The unwind instructions reside in WORD (only the N_BYTES least
2388 significant bytes are valid), followed by N_WORDS words in the
2389 extab section starting at ADDR. */
2391 {
2399 {
2408 }
2410 /* Implied "Finish" to terminate the list. */
2412 }
2414 /* Push entry onto vector. They are guaranteed to always
2415 appear in order of increasing addresses. */
2421 }
2424 }
2426 /* Search for the exception table entry covering MEMADDR. If one is found,
2427 return a pointer to its data. Otherwise, return 0. If START is non-NULL,
2428 set *START to the start of the region covered by this entry. */
2432 {
2437 {
2445 {
2448 {
2452 arm_compare_exidx_entries);
2454 /* VEC_lower_bound finds the earliest ordered insertion
2455 point. If the following symbol starts at this exact
2456 address, we use that; otherwise, the preceding
2457 exception table entry covers this address. */
2459 {
2462 {
2466 }
2467 }
2470 {
2475 }
2476 }
2477 }
2478 }
2481 }
2483 /* Given the current frame THIS_FRAME, and its associated frame unwinding
2484 instruction list from the ARM exception table entry ENTRY, allocate and
2485 return a prologue cache structure describing how to unwind this frame.
2487 Return NULL if the unwinding instruction list contains a "spare",
2488 "reserved" or "refuse to unwind" instruction as defined in section
2489 "9.3 Frame unwinding instructions" of the "Exception Handling ABI
2490 for the ARM Architecture" document. */
2494 {
2503 {
2504 gdb_byte insn;
2506 /* Whenever we reload SP, we actually have to retrieve its
2507 actual value in the current frame. */
2509 {
2511 {
2514 }
2515 else
2516 {
2519 }
2522 }
2524 /* Decode next unwind instruction. */
2528 {
2531 }
2533 {
2536 }
2538 {
2542 /* The special case of an all-zero mask identifies
2543 "Refuse to unwind". We return NULL to fall back
2544 to the prologue analyzer. */
2548 /* Pop registers r4..r15 under mask. */
2551 {
2554 }
2556 /* Special-case popping SP -- we need to reload vsp. */
2559 }
2561 {
2564 /* Reserved cases. */
2568 /* Set SP from another register and mark VSP for reload. */
2571 }
2573 {
2578 /* Pop r4..r[4+count]. */
2580 {
2583 }
2585 /* If indicated by flag, pop LR as well. */
2587 {
2590 }
2591 }
2593 {
2594 /* We could only have updated PC by popping into it; if so, it
2595 will show up as address. Otherwise, copy LR into PC. */
2600 /* We're done. */
2602 }
2604 {
2608 /* All-zero mask and mask >= 16 is "spare". */
2612 /* Pop r0..r3 under mask. */
2615 {
2618 }
2619 }
2621 {
2625 do
2626 {
2629 }
2633 }
2635 {
2640 /* Only registers D0..D15 are valid here. */
2644 /* Pop VFP double-precision registers D[start]..D[start+count]. */
2646 {
2649 }
2651 /* Add an extra 4 bytes for FSTMFDX-style stack. */
2653 }
2655 {
2659 /* Pop VFP double-precision registers D[8]..D[8+count]. */
2661 {
2664 }
2666 /* Add an extra 4 bytes for FSTMFDX-style stack. */
2668 }
2670 {
2675 /* Only registers WR0..WR15 are valid. */
2679 /* Pop iwmmx registers WR[start]..WR[start+count]. */
2681 {
2684 }
2685 }
2687 {
2691 /* All-zero mask and mask >= 16 is "spare". */
2695 /* Pop iwmmx general-purpose registers WCGR0..WCGR3 under mask. */
2698 {
2701 }
2702 }
2704 {
2708 /* Pop iwmmx registers WR[10]..WR[10+count]. */
2710 {
2713 }
2714 }
2716 {
2721 /* Only registers D0..D31 are valid. */
2725 /* Pop VFP double-precision registers
2726 D[16+start]..D[16+start+count]. */
2728 {
2731 }
2732 }
2734 {
2739 /* Pop VFP double-precision registers D[start]..D[start+count]. */
2741 {
2744 }
2745 }
2747 {
2751 /* Pop VFP double-precision registers D[8]..D[8+count]. */
2753 {
2756 }
2757 }
2758 else
2759 {
2760 /* Everything else is "spare". */
2762 }
2763 }
2765 /* If we restore SP from a register, assume this was the frame register.
2766 Otherwise just fall back to SP as frame register. */
2769 else
2772 /* Determine offset to previous frame. */
2773 cache->framesize
2776 /* We already got the previous SP. */
2780 }
2782 /* Unwinding via ARM exception table entries. Note that the sniffer
2783 already computes a filled-in prologue cache, which is then used
2784 with the same arm_prologue_this_id and arm_prologue_prev_register
2785 routines also used for prologue-parsing based unwinding. */
2787 static int
2791 {
2798 /* See if we have an ARM exception table entry covering this address. */
2804 /* The ARM exception table does not describe unwind information
2805 for arbitrary PC values, but is guaranteed to be correct only
2806 at call sites. We have to decide here whether we want to use
2807 ARM exception table information for this frame, or fall back
2808 to using prologue parsing. (Note that if we have DWARF CFI,
2809 this sniffer isn't even called -- CFI is always preferred.)
2811 Before we make this decision, however, we check whether we
2812 actually have *symbol* information for the current frame.
2813 If not, prologue parsing would not work anyway, so we might
2814 as well use the exception table and hope for the best. */
2816 {
2819 /* If the next frame is "normal", we are at a call site in this
2820 frame, so exception information is guaranteed to be valid. */
2825 /* We also assume exception information is valid if we're currently
2826 blocked in a system call. The system library is supposed to
2827 ensure this, so that e.g. pthread cancellation works. */
2829 {
2830 LONGEST insn;
2836 }
2837 else
2838 {
2839 LONGEST insn;
2845 }
2847 /* Bail out if we don't know that exception information is valid. */
2851 /* The ARM exception index does not mark the *end* of the region
2852 covered by the entry, and some functions will not have any entry.
2853 To correctly recognize the end of the covered region, the linker
2854 should have inserted dummy records with a CANTUNWIND marker.
2856 Unfortunately, current versions of GNU ld do not reliably do
2857 this, and thus we may have found an incorrect entry above.
2858 As a (temporary) sanity check, we only use the entry if it
2859 lies *within* the bounds of the function. Note that this check
2860 might reject perfectly valid entries that just happen to cover
2861 multiple functions; therefore this check ought to be removed
2862 once the linker is fixed. */
2865 }
2867 /* Decode the list of unwinding instructions into a prologue cache.
2868 Note that this may fail due to e.g. a "refuse to unwind" code. */
2875 }
2878 NORMAL_FRAME,
2879 default_frame_unwind_stop_reason,
2880 arm_prologue_this_id,
2881 arm_prologue_prev_register,
2882 NULL,
2883 arm_exidx_unwind_sniffer
2884 };
2886 /* Recognize GCC's trampoline for thumb call-indirect. If we are in a
2887 trampoline, return the target PC. Otherwise return 0.
2889 void call0a (char c, short s, int i, long l) {}
2891 int main (void)
2892 {
2893 (*pointer_to_call0a) (c, s, i, l);
2894 }
2896 Instead of calling a stub library function _call_via_xx (xx is
2897 the register name), GCC may inline the trampoline in the object
2898 file as below (register r2 has the address of call0a).
2900 .global main
2901 .type main, %function
2902 ...
2903 bl .L1
2904 ...
2905 .size main, .-main
2907 .L1:
2908 bx r2
2910 The trampoline 'bx r2' doesn't belong to main. */
2912 static CORE_ADDR
2914 {
2915 /* The heuristics of recognizing such trampoline is that FRAME is
2916 executing in Thumb mode and the instruction on PC is 'bx Rm'. */
2918 {
2922 {
2924 enum bfd_endian byte_order_for_code
2926 uint16_t insn
2930 {
2931 CORE_ADDR dest
2934 /* Clear the LSB so that gdb core sets step-resume
2935 breakpoint at the right address. */
2937 }
2938 }
2939 }
2942 }
2946 {
2955 }
2957 /* Our frame ID for a stub frame is the current SP and LR. */
2959 static void
2963 {
2971 }
2973 static int
2977 {
2978 CORE_ADDR addr_in_block;
2986 /* We also use the stub winder if the target memory is unreadable
2987 to avoid having the prologue unwinder trying to read it. */
2996 }
2999 NORMAL_FRAME,
3000 default_frame_unwind_stop_reason,
3001 arm_stub_this_id,
3002 arm_prologue_prev_register,
3003 NULL,
3004 arm_stub_unwind_sniffer
3005 };
3007 /* Put here the code to store, into CACHE->saved_regs, the addresses
3008 of the saved registers of frame described by THIS_FRAME. CACHE is
3009 returned. */
3013 {
3017 CORE_ADDR unwound_sp;
3018 LONGEST xpsr;
3024 ARM_SP_REGNUM);
3026 /* The hardware saves eight 32-bit words, comprising xPSR,
3027 ReturnAddress, LR (R14), R12, R3, R2, R1, R0. See details in
3028 "B1.5.6 Exception entry behavior" in
3029 "ARMv7-M Architecture Reference Manual". */
3039 /* If bit 9 of the saved xPSR is set, then there is a four-byte
3040 aligner between the top of the 32-byte stack frame and the
3041 previous context's stack pointer. */
3048 }
3050 /* Implementation of function hook 'this_id' in
3051 'struct frame_uwnind'. */
3053 static void
3057 {
3064 /* Our frame ID for a stub frame is the current SP and LR. */
3067 }
3069 /* Implementation of function hook 'prev_register' in
3070 'struct frame_uwnind'. */
3076 {
3084 /* The value was already reconstructed into PREV_SP. */
3090 prev_regnum);
3091 }
3093 /* Implementation of function hook 'sniffer' in
3094 'struct frame_uwnind'. */
3096 static int
3100 {
3103 /* No need to check is_m; this sniffer is only registered for
3104 M-profile architectures. */
3106 /* Exception frames return to one of these magic PCs. Other values
3107 are not defined as of v7-M. See details in "B1.5.8 Exception
3108 return behavior" in "ARMv7-M Architecture Reference Manual". */
3114 }
3116 /* Frame unwinder for M-profile exceptions. */
3119 {
3120 SIGTRAMP_FRAME,
3121 default_frame_unwind_stop_reason,
3122 arm_m_exception_this_id,
3123 arm_m_exception_prev_register,
3124 NULL,
3125 arm_m_exception_unwind_sniffer
3126 };
3128 static CORE_ADDR
3130 {
3138 }
3142 arm_normal_frame_base,
3143 arm_normal_frame_base,
3144 arm_normal_frame_base
3145 };
3147 /* Assuming THIS_FRAME is a dummy, return the frame ID of that
3148 dummy frame. The frame ID's base needs to match the TOS value
3149 saved by save_dummy_frame_tos() and returned from
3150 arm_push_dummy_call, and the PC needs to match the dummy frame's
3151 breakpoint. */
3153 static struct frame_id
3155 {
3157 ARM_SP_REGNUM),
3159 }
3161 /* Given THIS_FRAME, find the previous frame's resume PC (which will
3162 be used to construct the previous frame's ID, after looking up the
3163 containing function). */
3165 static CORE_ADDR
3167 {
3168 CORE_ADDR pc;
3171 }
3173 static CORE_ADDR
3175 {
3177 }
3182 {
3188 {
3190 /* The PC is normally copied from the return column, which
3191 describes saves of LR. However, that version may have an
3192 extra bit set to indicate Thumb state. The bit is not
3193 part of the PC. */
3199 /* Reconstruct the T bit; see arm_prologue_prev_register for details. */
3204 else
3211 }
3212 }
3214 static void
3218 {
3220 {
3229 }
3230 }
3232 /* Return true if we are in the function's epilogue, i.e. after the
3233 instruction that destroyed the function's stack frame. */
3235 static int
3237 {
3242 CORE_ADDR scan_pc;
3248 /* The epilogue is a sequence of instructions along the following lines:
3250 - add stack frame size to SP or FP
3251 - [if frame pointer used] restore SP from FP
3252 - restore registers from SP [may include PC]
3253 - a return-type instruction [if PC wasn't already restored]
3255 In a first pass, we scan forward from the current PC and verify the
3256 instructions we find as compatible with this sequence, ending in a
3257 return instruction.
3259 However, this is not sufficient to distinguish indirect function calls
3260 within a function from indirect tail calls in the epilogue in some cases.
3261 Therefore, if we didn't already find any SP-changing instruction during
3262 forward scan, we add a backward scanning heuristic to ensure we actually
3263 are in the epilogue. */
3267 {
3279 {
3282 }
3284 {
3292 {
3295 }
3298 {
3301 }
3304 ;
3305 else
3307 }
3308 else
3310 }
3315 /* Since any instruction in the epilogue sequence, with the possible
3316 exception of return itself, updates the stack pointer, we need to
3317 scan backwards for at most one instruction. Try either a 16-bit or
3318 a 32-bit instruction. This is just a heuristic, so we do not worry
3319 too much about false positives. */
3341 }
3343 /* Return true if we are in the function's epilogue, i.e. after the
3344 instruction that destroyed the function's stack frame. */
3346 static int
3348 {
3360 /* We are in the epilogue if the previous instruction was a stack
3361 adjustment and the next instruction is a possible return (bx, mov
3362 pc, or pop). We could have to scan backwards to find the stack
3363 adjustment, or forwards to find the return, but this is a decent
3364 approximation. First scan forwards. */
3369 {
3371 /* BX. */
3374 /* MOV PC. */
3378 /* POP (LDMIA), including PC or LR. */
3380 }
3385 /* Scan backwards. This is just a heuristic, so do not worry about
3386 false positives from mode changes. */
3394 {
3396 /* ADD SP (register or immediate). */
3399 /* SUB SP (register or immediate). */
3402 /* MOV SP. */
3405 /* POP (LDMIA). */
3408 /* POP of a single register. */
3410 }
3416 }
3419 /* When arguments must be pushed onto the stack, they go on in reverse
3420 order. The code below implements a FILO (stack) to do this. */
3422 struct stack_item
3423 {
3427 };
3431 {
3439 }
3443 {
3449 }
3452 /* Return the alignment (in bytes) of the given type. */
3454 static int
3456 {
3463 {
3465 /* Should never happen. */
3482 /* TODO: What about vector types? */
3489 {
3493 }
3495 }
3496 }
3498 /* Possible base types for a candidate for passing and returning in
3499 VFP registers. */
3501 enum arm_vfp_cprc_base_type
3502 {
3503 VFP_CPRC_UNKNOWN,
3504 VFP_CPRC_SINGLE,
3505 VFP_CPRC_DOUBLE,
3506 VFP_CPRC_VEC64,
3507 VFP_CPRC_VEC128
3508 };
3510 /* The length of one element of base type B. */
3512 static unsigned
3514 {
3516 {
3528 }
3529 }
3531 /* The character ('s', 'd' or 'q') for the type of VFP register used
3532 for passing base type B. */
3534 static int
3536 {
3538 {
3550 }
3551 }
3553 /* Determine whether T may be part of a candidate for passing and
3554 returning in VFP registers, ignoring the limit on the total number
3555 of components. If *BASE_TYPE is VFP_CPRC_UNKNOWN, set it to the
3556 classification of the first valid component found; if it is not
3557 VFP_CPRC_UNKNOWN, all components must have the same classification
3558 as *BASE_TYPE. If it is found that T contains a type not permitted
3559 for passing and returning in VFP registers, a type differently
3560 classified from *BASE_TYPE, or two types differently classified
3561 from each other, return -1, otherwise return the total number of
3562 base-type elements found (possibly 0 in an empty structure or
3563 array). Vector types are not currently supported, matching the
3564 generic AAPCS support. */
3566 static int
3569 {
3572 {
3575 {
3592 }
3596 /* Arguments of complex T where T is one of the types float or
3597 double get treated as if they are implemented as:
3599 struct complexT
3600 {
3601 T real;
3602 T imag;
3603 };
3605 */
3607 {
3624 }
3628 {
3635 {
3638 }
3644 }
3648 {
3653 {
3655 base_type);
3659 }
3661 {
3664 }
3671 }
3674 {
3679 {
3681 base_type);
3685 }
3687 {
3690 }
3697 }
3701 }
3704 }
3706 /* Determine whether T is a VFP co-processor register candidate (CPRC)
3707 if passed to or returned from a non-variadic function with the VFP
3708 ABI in effect. Return 1 if it is, 0 otherwise. If it is, set
3709 *BASE_TYPE to the base type for T and *COUNT to the number of
3710 elements of that base type before returning. */
3712 static int
3715 {
3723 }
3725 /* Return 1 if the VFP ABI should be used for passing arguments to and
3726 returning values from a function of type FUNC_TYPE, 0
3727 otherwise. */
3729 static int
3731 {
3733 /* Variadic functions always use the base ABI. Assume that functions
3734 without debug info are not variadic. */
3737 /* The VFP ABI is only supported as a variant of AAPCS. */
3741 }
3743 /* We currently only support passing parameters in integer registers, which
3744 conforms with GCC's default model, and VFP argument passing following
3745 the VFP variant of AAPCS. Several other variants exist and
3746 we should probably support some of them based on the selected ABI. */
3748 static CORE_ADDR
3752 CORE_ADDR struct_addr)
3753 {
3763 /* Determine the type of this function and whether the VFP ABI
3764 applies. */
3770 /* Set the return address. For the ARM, the return breakpoint is
3771 always at BP_ADDR. */
3776 /* Walk through the list of args and determine how large a temporary
3777 stack is required. Need to take care here as structs may be
3778 passed on the stack, and we have to push them. */
3784 /* The struct_return pointer occupies the first parameter
3785 passing register. */
3787 {
3793 argreg++;
3794 }
3797 {
3815 /* Round alignment up to a whole number of words. */
3817 /* Different ABIs have different maximum alignments. */
3819 {
3820 /* The APCS ABI only requires word alignment. */
3822 }
3823 else
3824 {
3825 /* The AAPCS requires at most doubleword alignment. */
3828 }
3833 {
3839 /* Because this is a CPRC it cannot go in a core register or
3840 cause a core register to be skipped for alignment.
3841 Either it goes in VFP registers and the rest of this loop
3842 iteration is skipped for this argument, or it goes on the
3843 stack (and the stack alignment code is correct for this
3844 case). */
3855 {
3864 {
3870 else
3871 {
3878 }
3879 }
3881 }
3882 else
3883 {
3884 /* This CPRC could not go in VFP registers, so all VFP
3885 registers are now marked as used. */
3887 }
3888 }
3890 /* Push stack padding for dowubleword alignment. */
3892 {
3895 }
3897 /* Doubleword aligned quantities must go in even register pairs. */
3902 argreg++;
3904 /* If the argument is a pointer to a function, and it is a
3905 Thumb function, create a LOCAL copy of the value and set
3906 the THUMB bit in it. */
3910 {
3913 {
3918 }
3919 }
3921 /* Copy the argument to general registers or the stack in
3922 register-sized pieces. Large arguments are split between
3923 registers and stack. */
3925 {
3929 {
3930 /* The argument is being passed in a general purpose
3931 register. */
3932 CORE_ADDR regval
3938 argnum,
3939 gdbarch_register_name
3943 argreg++;
3944 }
3945 else
3946 {
3947 /* Push the arguments onto the stack. */
3953 }
3957 }
3958 }
3959 /* If we have an odd number of words to push, then decrement the stack
3960 by one word now, so first stack argument will be dword aligned. */
3965 {
3969 }
3971 /* Finally, update teh SP register. */
3975 }
3978 /* Always align the frame to an 8-byte boundary. This is required on
3979 some platforms and harmless on the rest. */
3981 static CORE_ADDR
3983 {
3984 /* Align the stack to eight bytes. */
3986 }
3988 static void
3990 {
4002 }
4004 /* Print interesting information about the floating point processor
4005 (if present) or emulator. */
4006 static void
4009 {
4016 else
4018 /* i18n: [floating point unit] mask */
4021 /* i18n: [floating point unit] flags */
4024 }
4026 /* Construct the ARM extended floating point type. */
4029 {
4033 tdep->arm_ext_type
4035 floatformats_arm_ext);
4038 }
4042 {
4046 {
4050 TYPE_CODE_UNION);
4067 }
4070 }
4072 /* FIXME: The vector types are not correctly ordered on big-endian
4073 targets. Just as s0 is the low bits of d0, d0[0] is also the low
4074 bits of d0 - regardless of what unit size is being held in d0. So
4075 the offset of the first uint8 in d0 is 7, but the offset of the
4076 first float is 4. This code works as-is for little-endian
4077 targets. */
4081 {
4085 {
4089 TYPE_CODE_UNION);
4106 }
4109 }
4111 /* Return the GDB type object for the "standard" data type of data in
4112 register N. */
4116 {
4127 /* If the target description has register information, we are only
4128 in this function so that we can override the types of
4129 double-precision registers for NEON. */
4131 {
4138 else
4140 }
4143 {
4148 }
4154 /* These registers are only supported on targets which supply
4155 an XML description. */
4157 else
4159 }
4161 /* Map a DWARF register REGNUM onto the appropriate GDB register
4162 number. */
4164 static int
4166 {
4167 /* Core integer regs. */
4171 /* Legacy FPA encoding. These were once used in a way which
4172 overlapped with VFP register numbering, so their use is
4173 discouraged, but GDB doesn't support the ARM toolchain
4174 which used them for VFP. */
4178 /* New assignments for the FPA registers. */
4182 /* WMMX register assignments. */
4192 /* VFP v2 registers. A double precision value is actually
4193 in d1 rather than s2, but the ABI only defines numbering
4194 for the single precision registers. This will "just work"
4195 in GDB for little endian targets (we'll read eight bytes,
4196 starting in s0 and then progressing to s1), but will be
4197 reversed on big endian targets with VFP. This won't
4198 be a problem for the new Neon quad registers; you're supposed
4199 to use DW_OP_piece for those. */
4201 {
4207 }
4209 /* VFP v3 / Neon registers. This range is also used for VFP v2
4210 registers, except that it now describes d0 instead of s0. */
4212 {
4218 }
4221 }
4223 /* Map GDB internal REGNUM onto the Arm simulator register numbers. */
4224 static int
4226 {
4252 }
4254 /* NOTE: cagney/2001-08-20: Both convert_from_extended() and
4255 convert_to_extended() use floatformat_arm_ext_littlebyte_bigword.
4256 It is thought that this is is the floating-point register format on
4257 little-endian systems. */
4259 static void
4262 {
4263 DOUBLEST d;
4267 else
4271 }
4273 static void
4276 {
4277 DOUBLEST d;
4282 else
4285 }
4287 static int
4289 {
4294 {
4327 }
4329 }
4331 static unsigned long
4334 {
4340 {
4344 }
4345 else
4353 {
4373 else
4376 }
4379 }
4381 /* Return number of 1-bits in VAL. */
4383 static int
4385 {
4390 }
4392 /* Return the size in bytes of the complete Thumb instruction whose
4393 first halfword is INST1. */
4395 static int
4397 {
4400 else
4402 }
4404 static int
4406 {
4407 /* Preserve IT[7:5], the first three bits of the condition. Shift
4408 the upcoming condition flags left by one bit. */
4411 /* If we have finished the IT block, clear the state. */
4416 }
4418 /* Find the next PC after the current instruction executes. In some
4419 cases we can not statically determine the answer (see the IT state
4420 handling in this function); in that case, a breakpoint may be
4421 inserted in addition to the returned PC, which will be used to set
4422 another breakpoint by our caller. */
4424 static CORE_ADDR
4426 {
4442 /* Thumb-2 conditional execution support. There are eight bits in
4443 the CPSR which describe conditional execution state. Once
4444 reconstructed (they're in a funny order), the low five bits
4445 describe the low bit of the condition for each instruction and
4446 how many instructions remain. The high three bits describe the
4447 base condition. One of the low four bits will be set if an IT
4448 block is active. These bits read as zero on earlier
4449 processors. */
4453 /* If-Then handling. On GNU/Linux, where this routine is used, we
4454 use an undefined instruction as a breakpoint. Unlike BKPT, IT
4455 can disable execution of the undefined instruction. So we might
4456 miss the breakpoint if we set it on a skipped conditional
4457 instruction. Because conditional instructions can change the
4458 flags, affecting the execution of further instructions, we may
4459 need to set two breakpoints. */
4462 {
4464 {
4465 /* An IT instruction. Because this instruction does not
4466 modify the flags, we can accurately predict the next
4467 executed instruction. */
4472 {
4474 byte_order_for_code);
4477 }
4480 }
4482 {
4483 /* We are in a conditional block. Check the condition. */
4485 {
4486 /* Advance to the next executed instruction. */
4491 {
4493 byte_order_for_code);
4496 }
4499 }
4501 {
4502 /* This is the last instruction of the conditional
4503 block, and it is executed. We can handle it normally
4504 because the following instruction is not conditional,
4505 and we must handle it normally because it is
4506 permitted to branch. Fall through. */
4507 }
4508 else
4509 {
4512 /* There are conditional instructions after this one.
4513 If this instruction modifies the flags, then we can
4514 not predict what the next executed instruction will
4515 be. Fortunately, this instruction is architecturally
4516 forbidden to branch; we know it will fall through.
4517 Start by skipping past it. */
4521 /* Set a breakpoint on the following instruction. */
4527 /* Skip all following instructions with the same
4528 condition. If there is a later instruction in the IT
4529 block with the opposite condition, set the other
4530 breakpoint there. If not, then set a breakpoint on
4531 the instruction after the IT block. */
4532 do
4533 {
4535 byte_order_for_code);
4538 }
4542 }
4543 }
4544 }
4546 {
4547 /* We are in a conditional block. Check the condition. */
4551 /* Advance to the next instruction. All the 32-bit
4552 instructions share a common prefix. */
4555 /* Otherwise, handle the instruction normally. */
4556 }
4559 {
4560 CORE_ADDR sp;
4562 /* Fetch the saved PC from the stack. It's stored above
4563 all of the other registers. */
4567 }
4569 {
4572 {
4579 }
4582 }
4584 {
4586 }
4588 {
4592 /* Default to the next instruction. */
4597 {
4598 /* Branches and miscellaneous control instructions. */
4601 {
4602 /* B, BL, BLX. */
4614 /* For BLX make sure to clear the low bits. */
4617 }
4619 {
4620 /* SUBS PC, LR, #imm8. */
4623 }
4625 {
4626 /* Conditional branch. */
4628 {
4641 }
4642 }
4643 }
4645 {
4646 /* Load multiple or RFE. */
4651 {
4652 /* LDMIA or POP */
4656 }
4658 {
4659 /* LDMDB */
4663 }
4665 {
4666 /* RFEIA */
4668 }
4670 {
4671 /* RFEDB */
4673 }
4674 else
4678 {
4681 }
4682 }
4684 {
4685 /* MOV PC or MOVS PC. */
4688 }
4690 {
4691 /* LDR PC. */
4692 CORE_ADDR base;
4698 {
4702 else
4704 }
4708 {
4710 {
4713 else
4715 }
4716 }
4718 {
4721 }
4722 else
4723 /* Reserved. */
4728 }
4730 {
4731 /* TBB. */
4737 else
4743 }
4745 {
4746 /* TBH. */
4752 else
4758 }
4759 }
4761 {
4764 else
4766 }
4768 {
4771 else
4775 }
4777 {
4778 /* CBNZ or CBZ. */
4786 }
4788 }
4790 /* Get the raw next address. PC is the current program counter, in
4791 FRAME, which is assumed to be executing in ARM mode.
4793 The value returned has the execution state of the next instruction
4794 encoded in it. Use IS_THUMB_ADDR () to see whether the instruction is
4795 in Thumb-State, and gdbarch_addr_bits_remove () to get the plain memory
4796 address. */
4798 static CORE_ADDR
4800 {
4807 CORE_ADDR nextpc;
4817 {
4820 {
4821 /* Branch with Link and change to Thumb. */
4826 }
4830 /* Coprocessor register transfer. */
4834 }
4836 {
4838 {
4843 {
4855 /* BX <reg>, BLX <reg> */
4858 {
4865 }
4867 /* Multiply into PC. */
4875 {
4880 }
4886 {
4931 /* Always step into a function. */
4942 }
4944 /* In 26-bit APCS the bottom two bits of the result are
4945 ignored, and we always end up in ARM state. */
4948 else
4952 }
4959 {
4960 /* load */
4962 {
4963 /* rd == pc */
4970 /* byte write to PC */
4977 {
4978 /* pre-indexed */
4987 else
4989 }
4990 nextpc =
4993 }
4994 }
5000 {
5001 /* LDM */
5003 {
5004 /* loading pc */
5006 unsigned long rn_val
5011 {
5012 /* up */
5017 }
5021 nextpc =
5025 }
5026 }
5031 {
5034 }
5041 {
5048 }
5054 }
5055 }
5058 }
5060 /* Determine next PC after current instruction executes. Will call either
5061 arm_get_next_pc_raw or thumb_get_next_pc_raw. Error out if infinite
5062 loop is detected. */
5064 CORE_ADDR
5066 {
5067 CORE_ADDR nextpc;
5071 else
5075 }
5077 /* Like insert_single_step_breakpoint, but make sure we use a breakpoint
5078 of the appropriate mode (as encoded in the PC value), even if this
5079 differs from what would be expected according to the symbol tables. */
5081 void
5084 CORE_ADDR pc)
5085 {
5095 }
5097 /* Checks for an atomic sequence of instructions beginning with a LDREX{,B,H,D}
5098 instruction and ending with a STREX{,B,H,D} instruction. If such a sequence
5099 is found, attempt to step through it. A breakpoint is placed at the end of
5100 the sequence. */
5102 static int
5104 {
5118 /* We currently do not support atomic sequences within an IT block. */
5124 /* Assume all atomic sequences start with a ldrex{,b,h,d} instruction. */
5136 /* Assume that no atomic sequence is longer than "atomic_sequence_length"
5137 instructions. */
5139 {
5144 {
5145 /* Assume that there is at most one conditional branch in the
5146 atomic sequence. If a conditional branch is found, put a
5147 breakpoint in its destination address. */
5149 {
5152 fallback to the standard code. */
5155 last_breakpoint++;
5156 }
5158 /* We do not support atomic sequences that use any *other*
5159 instructions but conditional branches to change the PC.
5160 Fall back to standard code to avoid losing control of
5161 execution. */
5164 }
5165 else
5166 {
5170 /* Assume that there is at most one conditional branch in the
5171 atomic sequence. If a conditional branch is found, put a
5172 breakpoint in its destination address. */
5176 {
5191 fallback to the standard code. */
5194 last_breakpoint++;
5195 }
5197 /* We do not support atomic sequences that use any *other*
5198 instructions but conditional branches to change the PC.
5199 Fall back to standard code to avoid losing control of
5200 execution. */
5204 /* If we find a strex{,b,h,d}, we're done. */
5208 }
5209 }
5211 /* If we didn't find the strex{,b,h,d}, we cannot handle the sequence. */
5215 /* Insert a breakpoint right after the end of the atomic sequence. */
5218 /* Check for duplicated breakpoints. Check also for a breakpoint
5219 placed (branch instruction's destination) anywhere in sequence. */
5225 /* Effectively inserts the breakpoints. */
5231 }
5233 static int
5235 {
5248 /* Assume all atomic sequences start with a ldrex{,b,h,d} instruction.
5249 Note that we do not currently support conditionally executed atomic
5250 instructions. */
5256 /* Assume that no atomic sequence is longer than "atomic_sequence_length"
5257 instructions. */
5259 {
5263 /* Assume that there is at most one conditional branch in the atomic
5264 sequence. If a conditional branch is found, put a breakpoint in
5265 its destination address. */
5267 {
5270 to the standard single-step code. */
5273 last_breakpoint++;
5274 }
5276 /* We do not support atomic sequences that use any *other* instructions
5277 but conditional branches to change the PC. Fall back to standard
5278 code to avoid losing control of execution. */
5282 /* If we find a strex{,b,h,d}, we're done. */
5285 }
5287 /* If we didn't find the strex{,b,h,d}, we cannot handle the sequence. */
5291 /* Insert a breakpoint right after the end of the atomic sequence. */
5294 /* Check for duplicated breakpoints. Check also for a breakpoint
5295 placed (branch instruction's destination) anywhere in sequence. */
5301 /* Effectively inserts the breakpoints. */
5306 }
5308 int
5310 {
5313 else
5315 }
5317 /* single_step() is called just before we want to resume the inferior,
5318 if we want to single-step it but there is no hardware or kernel
5319 single-step support. We find the target of the coming instruction
5320 and breakpoint it. */
5322 int
5324 {
5327 CORE_ADDR next_pc;
5336 }
5338 /* Given BUF, which is OLD_LEN bytes ending at ENDADDR, expand
5339 the buffer to be NEW_LEN bytes ending at ENDADDR. Return
5340 NULL if an error occurs. BUF is freed. */
5345 {
5353 {
5356 }
5358 }
5360 /* An IT block is at most the 2-byte IT instruction followed by
5361 four 4-byte instructions. The furthest back we must search to
5362 find an IT block that affects the current instruction is thus
5363 2 + 3 * 4 == 14 bytes. */
5364 #define MAX_IT_BLOCK_PREFIX 14
5366 /* Use a quick scan if there are more than this many bytes of
5367 code. */
5368 #define IT_SCAN_THRESHOLD 32
5370 /* Adjust a breakpoint's address to move breakpoints out of IT blocks.
5371 A breakpoint in an IT block may not be hit, depending on the
5372 condition flags. */
5373 static CORE_ADDR
5375 {
5383 /* If we are using BKPT breakpoints, none of this is necessary. */
5387 /* ARM mode does not have this problem. */
5391 /* We are setting a breakpoint in Thumb code that could potentially
5392 contain an IT block. The first step is to find how much Thumb
5393 code there is; we do not need to read outside of known Thumb
5394 sequences. */
5397 /* Thumb-2 code must have mapping symbols to have a chance. */
5406 /* Search for a candidate IT instruction. We have to do some fancy
5407 footwork to distinguish a real IT instruction from the second
5408 half of a 32-bit instruction, but there is no need for that if
5409 there's no candidate. */
5412 /* No room for an IT instruction. */
5420 {
5423 {
5426 }
5427 }
5429 {
5432 }
5434 /* OK, the code bytes before this instruction contain at least one
5435 halfword which resembles an IT instruction. We know that it's
5436 Thumb code, but there are still two possibilities. Either the
5437 halfword really is an IT instruction, or it is the second half of
5438 a 32-bit Thumb instruction. The only way we can tell is to
5439 scan forwards from a known instruction boundary. */
5441 {
5444 /* There's a lot of code before this instruction. Start with an
5445 optimistic search; it's easy to recognize halfwords that can
5446 not be the start of a 32-bit instruction, and use that to
5447 lock on to the instruction boundaries. */
5455 {
5458 {
5461 }
5462 }
5464 /* At this point, if DEFINITE, BUF[I] is the first place we
5465 are sure that we know the instruction boundaries, and it is far
5466 enough from BPADDR that we could not miss an IT instruction
5467 affecting BPADDR. If ! DEFINITE, give up - start from a
5468 known boundary. */
5470 {
5477 }
5478 }
5479 else
5480 {
5486 }
5488 /* Scan forwards. Find the last IT instruction before BPADDR. */
5492 {
5494 last_it_count--;
5496 {
5504 else
5506 }
5508 }
5513 /* There wasn't really an IT instruction after all. */
5517 /* It was too far away. */
5520 /* This really is a trouble spot. Move the breakpoint to the IT
5521 instruction. */
5523 }
5525 /* ARM displaced stepping support.
5527 Generally ARM displaced stepping works as follows:
5529 1. When an instruction is to be single-stepped, it is first decoded by
5530 arm_process_displaced_insn (called from arm_displaced_step_copy_insn).
5531 Depending on the type of instruction, it is then copied to a scratch
5532 location, possibly in a modified form. The copy_* set of functions
5533 performs such modification, as necessary. A breakpoint is placed after
5534 the modified instruction in the scratch space to return control to GDB.
5535 Note in particular that instructions which modify the PC will no longer
5536 do so after modification.
5538 2. The instruction is single-stepped, by setting the PC to the scratch
5539 location address, and resuming. Control returns to GDB when the
5540 breakpoint is hit.
5542 3. A cleanup function (cleanup_*) is called corresponding to the copy_*
5543 function used for the current instruction. This function's job is to
5544 put the CPU/memory state back to what it would have been if the
5545 instruction had been executed unmodified in its original location. */
5547 /* NOP instruction (mov r0, r0). */
5548 #define ARM_NOP 0xe1a00000
5549 #define THUMB_NOP 0x4600
5551 /* Helper for register reads for displaced stepping. In particular, this
5552 returns the PC as it would be seen by the instruction at its original
5553 location. */
5555 ULONGEST
5558 {
5559 ULONGEST ret;
5563 {
5564 /* Compute pipeline offset:
5565 - When executing an ARM instruction, PC reads as the address of the
5566 current instruction plus 8.
5567 - When executing a Thumb instruction, PC reads as the address of the
5568 current instruction plus 4. */
5572 else
5579 }
5580 else
5581 {
5587 }
5588 }
5590 static int
5592 {
5593 ULONGEST ps;
5599 }
5601 /* Write to the PC as from a branch instruction. */
5603 static void
5605 ULONGEST val)
5606 {
5608 /* Note: If bits 0/1 are set, this branch would be unpredictable for
5609 architecture versions < 6. */
5612 else
5615 }
5617 /* Write to the PC as from a branch-exchange instruction. */
5619 static void
5621 {
5622 ULONGEST ps;
5628 {
5631 }
5633 {
5636 }
5637 else
5638 {
5639 /* Unpredictable behaviour. Try to do something sensible (switch to ARM
5640 mode, align dest to 4 bytes). */
5644 }
5645 }
5647 /* Write to the PC as if from a load instruction. */
5649 static void
5651 ULONGEST val)
5652 {
5655 else
5657 }
5659 /* Write to the PC as if from an ALU instruction. */
5661 static void
5663 ULONGEST val)
5664 {
5667 else
5669 }
5671 /* Helper for writing to registers for displaced stepping. Writing to the PC
5672 has a varying effects depending on the instruction which does the write:
5673 this is controlled by the WRITE_PC argument. */
5675 void
5678 {
5680 {
5685 {
5710 }
5713 }
5714 else
5715 {
5720 }
5721 }
5723 /* This function is used to concisely determine if an instruction INSN
5724 references PC. Register fields of interest in INSN should have the
5725 corresponding fields of BITMASK set to 0b1111. The function
5726 returns return 1 if any of these fields in INSN reference the PC
5727 (also 0b1111, r15), else it returns 0. */
5729 static int
5731 {
5735 {
5739 ;
5750 }
5753 }
5755 /* The simplest copy function. Many instructions have the same effect no
5756 matter what address they are executed at: in those cases, use this. */
5758 static int
5761 {
5765 iname);
5770 }
5772 static int
5776 {
5780 iname);
5787 }
5789 /* Copy 16-bit Thumb(Thumb and 16-bit Thumb-2) instruction without any
5790 modification. */
5791 static int
5795 {
5799 iname);
5804 }
5806 /* Preload instructions with immediate offset. */
5808 static void
5811 {
5815 }
5817 static void
5820 {
5821 ULONGEST rn_val;
5822 /* Preload instructions:
5824 {pli/pld} [rn, #+/-imm]
5825 ->
5826 {pli/pld} [r0, #+/-imm]. */
5834 }
5836 static int
5839 {
5854 }
5856 static int
5859 {
5863 ULONGEST pc_val;
5868 /* PC is only allowed to use in PLI (immediate,literal) Encoding T3, and
5869 PLD (literal) Encoding T1. */
5874 imm12);
5879 /* Rewrite instruction {pli/pld} PC imm12 into:
5880 Prepare: tmp[0] <- r0, tmp[1] <- r1, r0 <- pc, r1 <- imm12
5882 {pli/pld} [r0, r1]
5884 Cleanup: r0 <- tmp[0], r1 <- tmp[1]. */
5895 /* {pli/pld} [r0, r1] */
5902 }
5904 /* Preload instructions with register offset. */
5906 static void
5910 {
5913 /* Preload register-offset instructions:
5915 {pli/pld} [rn, rm {, shift}]
5916 ->
5917 {pli/pld} [r0, r1 {, shift}]. */
5928 }
5930 static int
5934 {
5950 }
5952 /* Copy/cleanup coprocessor load and store instructions. */
5954 static void
5958 {
5965 }
5967 static void
5971 {
5972 ULONGEST rn_val;
5974 /* Coprocessor load/store instructions:
5976 {stc/stc2} [<Rn>, #+/-imm] (and other immediate addressing modes)
5977 ->
5978 {stc/stc2} [r0, #+/-imm].
5980 ldc/ldc2 are handled identically. */
5984 /* PC should be 4-byte aligned. */
5992 }
5994 static int
5998 {
6013 }
6015 static int
6019 {
6034 /* This function is called for copying instruction LDC/LDC2/VLDR, which
6035 doesn't support writeback, so pass 0. */
6039 }
6041 /* Clean up branch instructions (actually perform the branch, by setting
6042 PC). */
6044 static void
6047 {
6057 {
6058 /* The value of LR should be the next insn of current one. In order
6059 not to confuse logic hanlding later insn `bx lr', if current insn mode
6060 is Thumb, the bit 0 of LR value should be set to 1. */
6067 CANNOT_WRITE_PC);
6068 }
6071 }
6073 /* Copy B/BL/BLX instructions with immediate destinations. */
6075 static void
6079 {
6080 /* Implement "BL<cond> <label>" as:
6082 Preparation: cond <- instruction condition
6083 Insn: mov r0, r0 (nop)
6084 Cleanup: if (condition true) { r14 <- pc; pc <- label }.
6086 B<cond> similar, but don't set r14 in cleanup. */
6094 /* For BLX, offset is computed from the Align (PC, 4). */
6099 else
6103 }
6104 static int
6107 {
6118 /* For BLX, set bit 0 of the destination. The cleanup_branch function will
6119 then arrange the switch into Thumb mode. */
6121 else
6131 }
6133 static int
6137 {
6149 {
6152 {
6158 }
6160 {
6166 }
6167 }
6168 else
6169 {
6174 }
6186 }
6188 /* Copy B Thumb instructions. */
6189 static int
6192 {
6199 {
6200 /* offset = SignExtend (imm8:0, 32) */
6203 }
6205 {
6208 }
6212 "displaced: copying b immediate insn %.4x "
6225 }
6227 /* Copy BX/BLX with register-specified destinations. */
6229 static void
6233 {
6234 /* Implement {BX,BLX}<cond> <reg>" as:
6236 Preparation: cond <- instruction condition
6237 Insn: mov r0, r0 (nop)
6238 Cleanup: if (condition true) { r14 <- pc; pc <- dest; }.
6240 Don't set r14 in cleanup for BX. */
6250 }
6252 static int
6255 {
6257 /* BX: x12xxx1x
6258 BLX: x12xxx3x. */
6270 }
6272 static int
6276 {
6289 }
6292 /* Copy/cleanup arithmetic/logic instruction with immediate RHS. */
6294 static void
6297 {
6302 }
6304 static int
6307 {
6322 /* Instruction is of form:
6324 <op><cond> rd, [rn,] #imm
6326 Rewrite as:
6328 Preparation: tmp1, tmp2 <- r0, r1;
6329 r0, r1 <- rd, rn
6330 Insn: <op><cond> r0, r1, #imm
6331 Cleanup: rd <- r0; r0 <- tmp1; r1 <- tmp2
6332 */
6344 else
6350 }
6352 static int
6356 {
6365 /* This routine is only called for instruction MOV. */
6375 /* Instruction is of form:
6377 <op><cond> rd, [rn,] #imm
6379 Rewrite as:
6381 Preparation: tmp1, tmp2 <- r0, r1;
6382 r0, r1 <- rd, rn
6383 Insn: <op><cond> r0, r1, #imm
6384 Cleanup: rd <- r0; r0 <- tmp1; r1 <- tmp2
6385 */
6402 }
6404 /* Copy/cleanup arithmetic/logic insns with register RHS. */
6406 static void
6409 {
6410 ULONGEST rd_val;
6419 }
6421 static void
6425 {
6428 /* Instruction is of form:
6430 <op><cond> rd, [rn,] rm [, <shift>]
6432 Rewrite as:
6434 Preparation: tmp1, tmp2, tmp3 <- r0, r1, r2;
6435 r0, r1, r2 <- rd, rn, rm
6436 Insn: <op><cond> r0, r1, r2 [, <shift>]
6437 Cleanup: rd <- r0; r0, r1, r2 <- tmp1, tmp2, tmp3
6438 */
6452 }
6454 static int
6457 {
6470 else
6476 }
6478 static int
6482 {
6501 }
6503 /* Cleanup/copy arithmetic/logic insns with shifted register RHS. */
6505 static void
6509 {
6517 }
6519 static void
6524 {
6528 /* Instruction is of form:
6530 <op><cond> rd, [rn,] rm, <shift> rs
6532 Rewrite as:
6534 Preparation: tmp1, tmp2, tmp3, tmp4 <- r0, r1, r2, r3
6535 r0, r1, r2, r3 <- rd, rn, rm, rs
6536 Insn: <op><cond> r0, r1, r2, <shift> r3
6537 Cleanup: tmp5 <- r0
6538 r0, r1, r2, r3 <- tmp1, tmp2, tmp3, tmp4
6539 rd <- tmp5
6540 */
6555 }
6557 static int
6561 {
6581 else
6587 }
6589 /* Clean up load instructions. */
6591 static void
6594 {
6609 /* Handle register writeback. */
6612 /* Put result in right place. */
6616 }
6618 /* Clean up store instructions. */
6620 static void
6623 {
6635 /* Writeback. */
6638 }
6640 /* Copy "extra" load/store instructions. These are halfword/doubleword
6641 transfers, which have a different encoding to byte/word transfers. */
6643 static int
6646 {
6700 /* {ldr,str}<width><cond> rt, [rt2,] [rn, #imm]
6701 ->
6702 {ldr,str}<width><cond> r0, [r1,] [r2, #imm]. */
6704 else
6705 /* {ldr,str}<width><cond> rt, [rt2,] [rn, +/-rm]
6706 ->
6707 {ldr,str}<width><cond> r0, [r1,] [r2, +/-r3]. */
6713 }
6715 /* Copy byte/half word/word loads and stores. */
6717 static void
6722 {
6747 /* To write PC we can do:
6749 Before this sequence of instructions:
6750 r0 is the PC value got from displaced_read_reg, so r0 = from + 8;
6751 r2 is the Rn value got from dispalced_read_reg.
6753 Insn1: push {pc} Write address of STR instruction + offset on stack
6754 Insn2: pop {r4} Read it back from stack, r4 = addr(Insn1) + offset
6755 Insn3: sub r4, r4, pc r4 = addr(Insn1) + offset - pc
6756 = addr(Insn1) + offset - addr(Insn3) - 8
6757 = offset - 16
6758 Insn4: add r4, r4, #8 r4 = offset - 8
6759 Insn5: add r0, r0, r4 r0 = from + 8 + offset - 8
6760 = from + offset
6761 Insn6: str r0, [r2, #imm] (or str r0, [r2, r3])
6763 Otherwise we don't know what value to write for PC, since the offset is
6764 architecture-dependent (sometimes PC+8, sometimes PC+12). More details
6765 of this can be found in Section "Saving from r15" in
6766 http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0204g/Cihbjifh.html */
6769 }
6772 static int
6776 {
6780 ULONGEST pc_val;
6786 imm12);
6791 /* Rewrite instruction LDR Rt imm12 into:
6793 Prepare: tmp[0] <- r0, tmp[1] <- r2, tmp[2] <- r3, r2 <- pc, r3 <- imm12
6795 LDR R0, R2, R3,
6797 Cleanup: rt <- r0, r0 <- tmp[0], r2 <- tmp[1], r3 <- tmp[2]. */
6818 /* LDR R0, R2, R3 */
6826 }
6828 static int
6833 {
6837 /* In LDR (register), there is also a register Rm, which is not allowed to
6838 be PC, so we don't have to check it. */
6842 dsc);
6855 /* ldr[b]<cond> rt, [rn, #imm], etc.
6856 ->
6857 ldr[b]<cond> r0, [r2, #imm]. */
6858 {
6861 }
6862 else
6863 /* ldr[b]<cond> rt, [rn, rm], etc.
6864 ->
6865 ldr[b]<cond> r0, [r2, r3]. */
6866 {
6869 }
6874 }
6877 static int
6882 {
6904 {
6908 /* {ldr,str}[b]<cond> rt, [rn, #imm], etc.
6909 ->
6910 {ldr,str}[b]<cond> r0, [r2, #imm]. */
6912 else
6913 /* {ldr,str}[b]<cond> rt, [rn, rm], etc.
6914 ->
6915 {ldr,str}[b]<cond> r0, [r2, r3]. */
6917 }
6918 else
6919 {
6920 /* We need to use r4 as scratch. Make sure it's restored afterwards. */
6928 /* As above. */
6931 else
6935 }
6940 }
6942 /* Cleanup LDM instructions with fully-populated register list. This is an
6943 unfortunate corner case: it's impossible to implement correctly by modifying
6944 the instruction. The issue is as follows: we have an instruction,
6946 ldm rN, {r0-r15}
6948 which we must rewrite to avoid loading PC. A possible solution would be to
6949 do the load in two halves, something like (with suitable cleanup
6950 afterwards):
6952 mov r8, rN
6953 ldm[id][ab] r8!, {r0-r7}
6954 str r7, <temp>
6955 ldm[id][ab] r8, {r7-r14}
6956 <bkpt>
6958 but at present there's no suitable place for <temp>, since the scratch space
6959 is overwritten before the cleanup routine is called. For now, we simply
6960 emulate the instruction. */
6962 static void
6965 {
6981 /* If the instruction is ldm rN, {...pc}^, I don't think there's anything
6982 sensible we can do here. Complain loudly. */
6986 /* We don't handle any stores here for now. */
6996 {
7001 regno++;
7002 else
7004 regno--;
7014 }
7018 CANNOT_WRITE_PC);
7019 }
7021 /* Clean up an STM which included the PC in the register list. */
7023 static void
7026 {
7030 CORE_ADDR stm_insn_addr;
7035 /* If condition code fails, there's nothing else to do. */
7040 {
7045 }
7046 else
7047 {
7052 }
7062 /* Rewrite the stored PC to the proper value for the non-displaced original
7063 instruction. */
7066 }
7068 /* Clean up an LDM which includes the PC in the register list. We clumped all
7069 the registers in the transferred list into a contiguous range r0...rX (to
7070 avoid loading PC directly and losing control of the debugged program), so we
7071 must undo that here. */
7073 static void
7077 {
7084 /* The method employed here will fail if the register list is fully populated
7085 (we need to avoid loading PC directly). */
7094 {
7096 {
7100 {
7106 write_reg);
7107 }
7111 write_reg);
7115 num_to_shuffle--;
7116 }
7118 write_reg--;
7119 }
7121 /* Restore any registers we scribbled over. */
7123 {
7125 {
7127 CANNOT_WRITE_PC);
7132 }
7133 }
7135 /* Perform register writeback manually. */
7137 {
7142 else
7146 CANNOT_WRITE_PC);
7147 }
7148 }
7150 /* Handle ldm/stm, apart from some tricky cases which are unlikely to occur
7151 in user-level code (in particular exception return, ldm rn, {...pc}^). */
7153 static int
7157 {
7165 /* Block transfers which don't mention PC can be run directly
7166 out-of-line. */
7171 {
7175 }
7194 {
7196 {
7197 /* LDM with a fully-populated register list. This case is
7198 particularly tricky. Implement for now by fully emulating the
7199 instruction (which might not behave perfectly in all cases, but
7200 these instructions should be rare enough for that not to matter
7201 too much). */
7205 }
7206 else
7207 {
7208 /* LDM of a list of registers which includes PC. Implement by
7209 rewriting the list of registers to be transferred into a
7210 contiguous chunk r0...rX before doing the transfer, then shuffling
7211 registers into the correct places in the cleanup routine. */
7219 /* Writeback makes things complicated. We need to avoid clobbering
7220 the base register with one of the registers in our modified
7221 register list, but just using a different register can't work in
7222 all cases, e.g.:
7224 ldm r14!, {r0-r13,pc}
7226 which would need to be rewritten as:
7228 ldm rN!, {r0-r14}
7230 but that can't work, because there's no free register for N.
7232 Solve this by turning off the writeback bit, and emulating
7233 writeback manually in the cleanup routine. */
7242 "{..., pc}: original reg list %.4x, modified "
7249 }
7250 }
7251 else
7252 {
7253 /* STM of a list of registers which includes PC. Run the instruction
7254 as-is, but out of line: this will store the wrong value for the PC,
7255 so we must manually fix up the memory in the cleanup routine.
7256 Doing things this way has the advantage that we can auto-detect
7257 the offset of the PC write (which is architecture-dependent) in
7258 the cleanup routine. */
7262 }
7265 }
7267 static int
7271 {
7276 /* Block transfers which don't mention PC can be run directly
7277 out-of-line. */
7282 {
7287 }
7293 /* Clear bit 13, since it should be always zero. */
7306 {
7308 {
7309 /* This branch is impossible to happen. */
7311 }
7312 else
7313 {
7328 "{..., pc}: original reg list %.4x, modified "
7337 }
7338 }
7339 else
7340 {
7345 }
7347 }
7349 /* Cleanup/copy SVC (SWI) instructions. These two functions are overridden
7350 for Linux, where some SVC instructions must be treated specially. */
7352 static void
7355 {
7363 }
7366 /* Common copy routine for svc instruciton. */
7368 static int
7371 {
7372 /* Preparation: none.
7373 Insn: unmodified svc.
7374 Cleanup: pc <- insn_addr + insn_size. */
7376 /* Pretend we wrote to the PC, so cleanup doesn't set PC to the next
7377 instruction. */
7380 /* Allow OS-specific code to override SVC handling. */
7383 else
7384 {
7387 }
7388 }
7390 static int
7393 {
7402 }
7404 static int
7407 {
7411 insn);
7416 }
7418 /* Copy undefined instructions. */
7420 static int
7423 {
7432 }
7434 static int
7437 {
7449 }
7451 /* Copy unpredictable instructions. */
7453 static int
7456 {
7464 }
7466 /* The decode_* functions are instruction decoding helpers. They mostly follow
7467 the presentation in the ARM ARM. */
7469 static int
7473 {
7485 dsc);
7491 {
7494 else
7496 }
7501 {
7507 }
7512 {
7518 /* pld/pldw reg. */
7524 }
7525 else
7527 }
7529 static int
7533 {
7536 /* Switch on bits: 0bxxxxx321xxx0xxxxxxxxxxxxxxxxxxxx. */
7538 {
7550 {
7552 /* stc/stc2. */
7560 }
7563 {
7566 {
7568 /* ldc/ldc2 imm (undefined for rn == pc). */
7576 /* ldc/ldc2 lit (undefined for rn != pc). */
7582 }
7583 }
7590 /* ldc/ldc2 lit. */
7592 else
7598 else
7604 else
7609 }
7610 }
7612 /* Decode miscellaneous instructions in dp/misc encoding space. */
7614 static int
7618 {
7624 {
7633 else
7638 /* Not really supported. */
7640 else
7647 else
7657 /* Not really supported. */
7662 }
7663 }
7665 static int
7669 {
7672 {
7684 }
7685 else
7686 {
7702 /* 2nd arg means "unpriveleged". */
7704 dsc);
7705 }
7707 /* Should be unreachable. */
7709 }
7711 static int
7715 {
7745 /* Should be unreachable. */
7747 }
7749 static int
7752 {
7754 {
7768 {
7771 else
7773 }
7774 else
7780 else
7785 {
7788 else
7790 }
7791 else
7797 else
7799 }
7801 /* Should be unreachable. */
7803 }
7805 static int
7809 {
7812 else
7814 }
7816 static int
7820 {
7824 {
7838 /* Note: no writeback for these instructions. Bit 25 will always be
7839 zero though (via caller), so the following works OK. */
7841 }
7843 /* Should be unreachable. */
7845 }
7847 /* Decode shifted register instructions. */
7849 static int
7853 {
7854 /* PC is only allowed to be used in instruction MOV. */
7861 else
7864 }
7867 /* Decode extension register load/store. Exactly the same as
7868 arm_decode_ext_reg_ld_st. */
7870 static int
7874 {
7878 {
7900 }
7902 /* Should be unreachable. */
7904 }
7906 static int
7909 {
7919 /* stc/stc2. */
7923 /* ldc/ldc2 imm/lit. */
7934 {
7937 else
7939 }
7948 else
7950 }
7952 static int
7956 {
7965 {
7969 dsc);
7972 else
7973 {
7974 /*coproc is 101x. SIMD/VFP, ext registers load/store. */
7977 dsc);
7979 {
7986 }
7987 }
7988 }
7989 else
7993 }
7995 static void
7998 {
7999 /* ADR Rd, #imm
8001 Rewrite as:
8003 Preparation: Rd <- PC
8004 Insn: ADD Rd, #imm
8005 Cleanup: Null.
8006 */
8008 /* Rd <- PC */
8011 }
8013 static int
8017 {
8019 /* Encoding T2: ADDS Rd, #imm */
8025 }
8027 static int
8031 {
8041 }
8043 static int
8047 {
8049 /* Since immediate has the same encoding in ADR ADD and SUB, so we simply
8050 extract raw immediate encoding rather than computing immediate. When
8051 generating ADD or SUB instruction, we can simply perform OR operation to
8052 set immediate into ADD. */
8062 {
8063 /* Encoding T3: SUB Rd, Rd, #imm */
8066 }
8068 {
8069 /* Encoding T3: ADD Rd, Rd, #imm */
8072 }
8078 }
8080 static int
8084 {
8090 /* LDR Rd, #imm8
8092 Rwrite as:
8094 Preparation: tmp0 <- R0, tmp2 <- R2, tmp3 <- R3, R2 <- PC, R3 <- #imm8;
8096 Insn: LDR R0, [R2, R3];
8097 Cleanup: R2 <- tmp2, R3 <- tmp3, Rd <- R0, R0 <- tmp0 */
8108 /* The assembler calculates the required value of the offset from the
8109 Align(PC,4) value of this instruction to the label. */
8127 }
8129 /* Copy Thumb cbnz/cbz insruction. */
8131 static int
8135 {
8143 /* CBNZ and CBZ do not affect the condition flags. If condition is true,
8144 set it INST_AL, so cleanup_branch will know branch is taken, otherwise,
8145 condition is false, let it be, cleanup_branch will do nothing. */
8147 {
8150 }
8151 else
8166 }
8168 /* Copy Table Branch Byte/Halfword */
8169 static int
8173 {
8183 {
8188 }
8189 else
8190 {
8195 }
8211 }
8213 static void
8216 {
8217 /* PC <- r7 */
8221 /* r7 <- r8 */
8225 /* r8 <- tmp[0] */
8228 }
8230 static int
8234 {
8237 /* Rewrite instruction: POP {rX, rY, ...,rZ, PC}
8238 to :
8240 (1) register list is full, that is, r0-r7 are used.
8241 Prepare: tmp[0] <- r8
8243 POP {r0, r1, ...., r6, r7}; remove PC from reglist
8244 MOV r8, r7; Move value of r7 to r8;
8245 POP {r7}; Store PC value into r7.
8247 Cleanup: PC <- r7, r7 <- r8, r8 <-tmp[0]
8249 (2) register list is not full, supposing there are N registers in
8250 register list (except PC, 0 <= N <= 7).
8251 Prepare: for each i, 0 - N, tmp[i] <- ri.
8253 POP {r0, r1, ...., rN};
8255 Cleanup: Set registers in original reglist from r0 - rN. Restore r0 - rN
8256 from tmp[] properly.
8257 */
8264 {
8273 }
8274 else
8275 {
8287 "{..., pc}: original reg list %.4x,"
8298 }
8301 }
8303 static void
8307 {
8312 /* 16-bit thumb instructions. */
8314 {
8315 /* Shift (imme), add, subtract, move and compare. */
8319 dsc);
8323 {
8327 dsc);
8330 {
8336 else
8338 dsc);
8339 }
8343 }
8355 {
8357 {
8364 else
8369 /* If-Then makes up to four following instructions conditional.
8370 IT instruction itself is not conditional, so handle it as a
8371 common unmodified instruction. */
8373 dsc);
8374 else
8379 }
8380 }
8391 else
8399 }
8404 }
8406 static int
8411 {
8418 {
8421 {
8423 /* PLD literal or Encoding T3 of PLI(immediate, literal). */
8425 else
8428 }
8429 else
8430 {
8434 else
8437 dsc);
8438 }
8445 else
8446 {
8450 else
8453 }
8456 {
8465 {
8467 /* LDR (immediate) */
8473 else
8474 /* LDR (register) */
8477 }
8479 }
8483 }
8485 }
8487 static void
8491 {
8497 {
8499 {
8501 {
8504 {
8505 /* Load/store {dual, execlusive}, table branch. */
8509 dsc);
8510 else
8511 /* PC is not allowed to use in load/store {dual, exclusive}
8512 instructions. */
8515 }
8517 {
8519 {
8527 }
8528 }
8532 /* Data-processing (shift register). */
8534 dsc);
8539 }
8541 }
8544 {
8549 else
8552 }
8553 else
8554 {
8556 {
8562 else
8565 }
8569 }
8573 {
8581 dsc);
8585 {
8598 }
8603 }
8607 }
8613 }
8615 static void
8619 {
8621 uint16_t insn1
8631 {
8632 uint16_t insn2
8635 }
8636 else
8638 }
8640 void
8644 {
8649 /* Most displaced instructions use a 1-instruction scratch space, so set this
8650 here and override below if/when necessary. */
8671 {
8691 }
8696 }
8698 /* Actually set up the scratch space for a displaced instruction. */
8700 void
8703 {
8711 /* Poke modified instruction(s). */
8713 {
8715 {
8727 }
8729 byte_order_for_code,
8732 }
8734 /* Choose the correct breakpoint instruction. */
8736 {
8739 }
8740 else
8741 {
8744 }
8746 /* Put breakpoint afterwards. */
8752 }
8754 /* Entry point for copying an instruction into scratch space for displaced
8755 stepping. */
8761 {
8768 }
8770 /* Entry point for cleaning things up after a displaced instruction has been
8771 single-stepped. */
8773 void
8778 {
8786 }
8791 static int
8793 {
8797 {
8805 {
8806 /* Create a fake symbol vector containing a Thumb symbol.
8807 This is solely so that the code in print_insn_little_arm()
8808 and print_insn_big_arm() in opcodes/arm-dis.c will detect
8809 the presence of a Thumb symbol and switch to decoding
8810 Thumb instructions. */
8819 }
8823 }
8824 else
8829 else
8831 }
8833 /* The following define instruction sequences that will cause ARM
8834 cpu's to take an undefined instruction trap. These are used to
8835 signal a breakpoint to GDB.
8837 The newer ARMv4T cpu's are capable of operating in ARM or Thumb
8838 modes. A different instruction is required for each mode. The ARM
8839 cpu's can also be big or little endian. Thus four different
8840 instructions are needed to support all cases.
8842 Note: ARMv4 defines several new instructions that will take the
8843 undefined instruction trap. ARM7TDMI is nominally ARMv4T, but does
8844 not in fact add the new instructions. The new undefined
8845 instructions in ARMv4 are all instructions that had no defined
8846 behaviour in earlier chips. There is no guarantee that they will
8847 raise an exception, but may be treated as NOP's. In practice, it
8848 may only safe to rely on instructions matching:
8850 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
8851 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
8852 C C C C 0 1 1 x x x x x x x x x x x x x x x x x x x x 1 x x x x
8854 Even this may only true if the condition predicate is true. The
8855 following use a condition predicate of ALWAYS so it is always TRUE.
8857 There are other ways of forcing a breakpoint. GNU/Linux, RISC iX,
8858 and NetBSD all use a software interrupt rather than an undefined
8859 instruction to force a trap. This can be handled by by the
8860 abi-specific code during establishment of the gdbarch vector. */
8862 #define ARM_LE_BREAKPOINT {0xFE,0xDE,0xFF,0xE7}
8863 #define ARM_BE_BREAKPOINT {0xE7,0xFF,0xDE,0xFE}
8864 #define THUMB_LE_BREAKPOINT {0xbe,0xbe}
8865 #define THUMB_BE_BREAKPOINT {0xbe,0xbe}
8872 /* Determine the type and size of breakpoint to insert at PCPTR. Uses
8873 the program counter value to determine whether a 16-bit or 32-bit
8874 breakpoint should be used. It returns a pointer to a string of
8875 bytes that encode a breakpoint instruction, stores the length of
8876 the string to *lenptr, and adjusts the program counter (if
8877 necessary) to point to the actual memory location where the
8878 breakpoint should be inserted. */
8882 {
8887 {
8890 /* If we have a separate 32-bit breakpoint instruction for Thumb-2,
8891 check whether we are replacing a 32-bit instruction. */
8893 {
8896 {
8900 {
8903 }
8904 }
8905 }
8909 }
8910 else
8911 {
8914 }
8915 }
8917 static void
8920 {
8924 /* The documented magic value for a 32-bit Thumb-2 breakpoint, so
8925 that this is not confused with a 32-bit ARM breakpoint. */
8927 }
8929 /* Extract from an array REGBUF containing the (raw) register state a
8930 function return value of type TYPE, and copy that, in virtual
8931 format, into VALBUF. */
8933 static void
8936 {
8941 {
8943 {
8945 {
8946 /* The value is in register F0 in internal format. We need to
8947 extract the raw value and then convert it to the desired
8948 internal type. */
8954 }
8959 /* ARM_FLOAT_VFP can arise if this is a variadic function so
8960 not using the VFP ABI code. */
8973 }
8974 }
8981 {
8982 /* If the type is a plain integer, then the access is
8983 straight-forward. Otherwise we have to play around a bit
8984 more. */
8987 ULONGEST tmp;
8990 {
8991 /* By using store_unsigned_integer we avoid having to do
8992 anything special for small big-endian values. */
9000 }
9001 }
9002 else
9003 {
9004 /* For a structure or union the behaviour is as if the value had
9005 been stored to word-aligned memory and then loaded into
9006 registers with 32-bit load instruction(s). */
9012 {
9018 }
9019 }
9020 }
9023 /* Will a function return an aggregate type in memory or in a
9024 register? Return 0 if an aggregate type can be returned in a
9025 register, 1 if it must be returned in memory. */
9027 static int
9029 {
9035 /* In the ARM ABI, "integer" like aggregate types are returned in
9036 registers. For an aggregate type to be integer like, its size
9037 must be less than or equal to INT_REGISTER_SIZE and the
9038 offset of each addressable subfield must be zero. Note that bit
9039 fields are not addressable, and all addressable subfields of
9040 unions always start at offset zero.
9042 This function is based on the behaviour of GCC 2.95.1.
9043 See: gcc/arm.c: arm_return_in_memory() for details.
9045 Note: All versions of GCC before GCC 2.95.2 do not set up the
9046 parameters correctly for a function returning the following
9047 structure: struct { float f;}; This should be returned in memory,
9048 not a register. Richard Earnshaw sent me a patch, but I do not
9049 know of any way to detect if a function like the above has been
9050 compiled with the correct calling convention. */
9052 /* All aggregate types that won't fit in a register must be returned
9053 in memory. */
9055 {
9057 }
9059 /* The AAPCS says all aggregates not larger than a word are returned
9060 in a register. */
9064 /* The only aggregate types that can be returned in a register are
9065 structs and unions. Arrays must be returned in memory. */
9068 {
9070 }
9072 /* Assume all other aggregate types can be returned in a register.
9073 Run a check for structures, unions and arrays. */
9077 {
9079 /* Need to check if this struct/union is "integer" like. For
9080 this to be true, its size must be less than or equal to
9081 INT_REGISTER_SIZE and the offset of each addressable
9082 subfield must be zero. Note that bit fields are not
9083 addressable, and unions always start at offset zero. If any
9084 of the subfields is a floating point type, the struct/union
9085 cannot be an integer type. */
9087 /* For each field in the object, check:
9088 1) Is it FP? --> yes, nRc = 1;
9089 2) Is it addressable (bitpos != 0) and
9090 not packed (bitsize == 0)?
9091 --> yes, nRc = 1
9092 */
9095 {
9098 i)));
9100 /* Is it a floating point type field? */
9102 {
9105 }
9107 /* If bitpos != 0, then we have to care about it. */
9109 {
9110 /* Bitfields are not addressable. If the field bitsize is
9111 zero, then the field is not packed. Hence it cannot be
9112 a bitfield or any other packed type. */
9114 {
9117 }
9118 }
9119 }
9120 }
9123 }
9125 /* Write into appropriate registers a function return value of type
9126 TYPE, given in virtual format. */
9128 static void
9131 {
9136 {
9140 {
9150 /* ARM_FLOAT_VFP can arise if this is a variadic function so
9151 not using the VFP ABI code. */
9164 }
9165 }
9172 {
9174 {
9175 /* Values of one word or less are zero/sign-extended and
9176 returned in r0. */
9182 }
9183 else
9184 {
9185 /* Integral values greater than one word are stored in consecutive
9186 registers starting with r0. This will always be a multiple of
9187 the regiser size. */
9192 {
9196 }
9197 }
9198 }
9199 else
9200 {
9201 /* For a structure or union the behaviour is as if the value had
9202 been stored to word-aligned memory and then loaded into
9203 registers with 32-bit load instruction(s). */
9209 {
9215 }
9216 }
9217 }
9220 /* Handle function return values. */
9222 static enum return_value_convention
9226 {
9234 {
9239 {
9241 {
9249 }
9250 else
9251 {
9264 }
9265 }
9267 }
9272 {
9276 }
9278 /* AAPCS returns complex types longer than a register in memory. */
9291 }
9294 static int
9296 {
9300 CORE_ADDR jb_addr;
9306 INT_REGISTER_SIZE))
9311 }
9313 /* Recognize GCC and GNU ld's trampolines. If we are in a trampoline,
9314 return the target PC. Otherwise return 0. */
9316 CORE_ADDR
9318 {
9321 CORE_ADDR start_addr;
9323 /* Find the starting address and name of the function containing the PC. */
9325 {
9326 /* Trampoline 'bx reg' doesn't belong to any functions. Do the
9327 check here. */
9333 }
9335 /* If PC is in a Thumb call or return stub, return the address of the
9336 target PC, which is in a register. The thunk functions are called
9337 _call_via_xx, where x is the register name. The possible names
9338 are r0-r9, sl, fp, ip, sp, and lr. ARM RealView has similar
9339 functions, named __ARM_call_via_r[0-7]. */
9342 {
9343 /* Use the name suffix to determine which register contains the
9344 target PC. */
9348 };
9355 }
9357 /* GNU ld generates __foo_from_arm or __foo_from_thumb for
9358 non-interworking calls to foo. We could decode the stubs
9359 to find the target but it's easier to use the symbol table. */
9368 {
9377 else
9389 else
9391 }
9394 }
9396 static void
9398 {
9402 }
9404 static void
9406 {
9408 }
9410 static void
9412 {
9415 /* If the current architecture is not ARM, we have nothing to do. */
9419 /* Update the architecture. */
9424 }
9426 static void
9429 {
9434 {
9437 }
9441 current_fp_model);
9444 }
9446 static void
9449 {
9457 else
9461 }
9463 static void
9466 {
9471 {
9474 }
9478 arm_abi_string);
9481 }
9483 static void
9486 {
9494 else
9496 arm_abi_string);
9497 }
9499 static void
9502 {
9506 arm_fallback_mode_string);
9507 }
9509 static void
9512 {
9518 arm_force_mode_string);
9519 }
9521 /* If the user changes the register disassembly style used for info
9522 register and other commands, we have to also switch the style used
9523 in opcodes for disassembly output. This function is run in the "set
9524 arm disassembly" command, and does that. */
9526 static void
9529 {
9531 }
9532 \f
9533 /* Return the ARM register name corresponding to register I. */
9536 {
9541 {
9547 };
9550 }
9554 {
9558 };
9561 }
9564 /* These registers are only supported on targets which supply
9565 an XML description. */
9569 }
9571 static void
9573 {
9576 /* Find the style that the user wants. */
9582 /* Synchronize the disassembler. */
9584 }
9586 /* Test whether the coff symbol specific value corresponds to a Thumb
9587 function. */
9589 static int
9591 {
9597 }
9599 /* arm_coff_make_msymbol_special()
9600 arm_elf_make_msymbol_special()
9602 These functions test whether the COFF or ELF symbol corresponds to
9603 an address in thumb code, and set a "special" bit in a minimal
9604 symbol to indicate that it does. */
9606 static void
9608 {
9612 }
9614 static void
9616 {
9619 }
9621 static void
9623 {
9629 }
9631 static void
9634 {
9646 {
9653 }
9659 /* Assume that most mapping symbols appear in order of increasing
9660 value. If they were randomly distributed, it would be faster to
9661 always push here and then sort at first use. */
9663 {
9668 {
9671 arm_compare_mapping_symbols);
9674 }
9675 }
9678 }
9680 static void
9682 {
9686 /* If necessary, set the T bit. */
9688 {
9695 else
9698 }
9699 }
9701 /* Read the contents of a NEON quad register, by reading from two
9702 double registers. This is used to implement the quad pseudo
9703 registers, and for argument passing in case the quad registers are
9704 missing; vectors are passed in quad registers when using the VFP
9705 ABI, even if a NEON unit is not present. REGNUM is the index of
9706 the quad register, in [0, 15]. */
9708 static enum register_status
9711 {
9721 /* d0 is always the least significant half of q0. */
9724 else
9739 }
9741 static enum register_status
9744 {
9754 /* Quad-precision register. */
9756 else
9757 {
9760 /* Single-precision register. */
9763 /* s0 is always the least significant half of d0. */
9766 else
9777 }
9778 }
9780 /* Store the contents of BUF to a NEON quad register, by writing to
9781 two double registers. This is used to implement the quad pseudo
9782 registers, and for argument passing in case the quad registers are
9783 missing; vectors are passed in quad registers when using the VFP
9784 ABI, even if a NEON unit is not present. REGNUM is the index
9785 of the quad register, in [0, 15]. */
9787 static void
9790 {
9798 /* d0 is always the least significant half of q0. */
9801 else
9807 }
9809 static void
9812 {
9822 /* Quad-precision register. */
9824 else
9825 {
9826 /* Single-precision register. */
9829 /* s0 is always the least significant half of d0. */
9832 else
9842 }
9843 }
9847 {
9850 }
9851 \f
9852 static enum gdb_osabi
9854 {
9861 /* GNU tools use this value. Check note sections in this case,
9862 as well. */
9864 generic_elf_osabi_sniff_abi_tag_sections,
9867 /* Anything else will be handled by the generic ELF sniffer. */
9869 }
9871 static int
9874 {
9875 /* FPS register's type is INT, but belongs to float_reggroup. Beside
9876 this, FPS register belongs to save_regroup, restore_reggroup, and
9877 all_reggroup, of course. */
9883 else
9885 }
9887 \f
9888 /* For backward-compatibility we allow two 'g' packet lengths with
9889 the remote protocol depending on whether FPA registers are
9890 supplied. M-profile targets do not have FPA registers, but some
9891 stubs already exist in the wild which use a 'g' packet which
9892 supplies them albeit with dummy values. The packet format which
9893 includes FPA registers should be considered deprecated for
9894 M-profile targets. */
9896 static void
9898 {
9900 {
9901 /* If we know from the executable this is an M-profile target,
9902 cater for remote targets whose register set layout is the
9903 same as the FPA layout. */
9905 /* r0-r12,sp,lr,pc; f0-f7; fps,xpsr */
9909 tdesc_arm_with_m_fpa_layout);
9911 /* The regular M-profile layout. */
9913 /* r0-r12,sp,lr,pc; xpsr */
9916 tdesc_arm_with_m);
9918 /* M-profile plus M4F VFP. */
9920 /* r0-r12,sp,lr,pc; d0-d15; fpscr,xpsr */
9924 tdesc_arm_with_m_vfp_d16);
9925 }
9927 /* Otherwise we don't have a useful guess. */
9928 }
9930 \f
9931 /* Initialize the current architecture based on INFO. If possible,
9932 re-use an architecture from ARCHES, which is a list of
9933 architectures already created during this debugging session.
9935 Called e.g. at program startup, when reading a core file, and when
9936 reading a binary file. */
9940 {
9953 /* If we have an object to base this architecture on, try to determine
9954 its ABI. */
9957 {
9961 {
9963 /* Assume it's an old APCS-style ABI. */
9968 /* Assume it's an old APCS-style ABI. */
9969 /* XXX WinCE? */
9978 {
9979 /* GNU tools used to use this value, but do not for EABI
9980 objects. There's nowhere to tag an EABI version
9981 anyway, so assume APCS. */
9983 }
9985 {
9990 {
9992 /* Assume GNU tools. */
9999 /* EABI binaries default to VFP float ordering.
10000 They may also contain build attributes that can
10001 be used to identify if the VFP argument-passing
10002 ABI is in use. */
10004 {
10005 #ifdef HAVE_ELF
10007 OBJ_ATTR_PROC,
10008 Tag_ABI_VFP_args))
10009 {
10011 /* "The user intended FP parameter/result
10012 passing to conform to AAPCS, base
10013 variant". */
10017 /* "The user intended FP parameter/result
10018 passing to conform to AAPCS, VFP
10019 variant". */
10023 /* "The user intended FP parameter/result
10024 passing to conform to tool chain-specific
10025 conventions" - we don't know any such
10026 conventions, so leave it as "auto". */
10029 /* Attribute value not mentioned in the
10030 October 2008 ABI, so leave it as
10031 "auto". */
10033 }
10034 #else
10036 #endif
10037 }
10041 /* Leave it as "auto". */
10044 }
10046 #ifdef HAVE_ELF
10047 /* Detect M-profile programs. This only works if the
10048 executable file includes build attributes; GCC does
10049 copy them to the executable, but e.g. RealView does
10050 not. */
10052 Tag_CPU_arch);
10054 OBJ_ATTR_PROC,
10055 Tag_CPU_arch_profile);
10056 /* GCC specifies the profile for v6-M; RealView only
10057 specifies the profile for architectures starting with
10058 V7 (as opposed to architectures with a tag
10059 numerically greater than TAG_CPU_ARCH_V7). */
10065 #endif
10066 }
10069 {
10073 {
10075 /* Leave it as "auto". Strictly speaking this case
10076 means FPA, but almost nobody uses that now, and
10077 many toolchains fail to set the appropriate bits
10078 for the floating-point model they use. */
10089 }
10090 }
10098 /* Leave it as "auto". */
10100 }
10101 }
10103 /* Check any target description for validity. */
10105 {
10106 /* For most registers we require GDB's default names; but also allow
10107 the numeric names for sp / lr / pc, as a convenience. */
10118 {
10123 else
10125 }
10134 ARM_SP_REGNUM,
10135 arm_sp_names);
10137 ARM_LR_REGNUM,
10138 arm_lr_names);
10140 ARM_PC_REGNUM,
10141 arm_pc_names);
10145 else
10150 {
10153 }
10158 {
10164 {
10167 }
10168 }
10169 else
10175 {
10181 };
10185 valid_p
10189 /* Check for the control registers, but do not fail if they
10190 are missing. */
10196 valid_p
10201 {
10204 }
10205 }
10207 /* If we have a VFP unit, check whether the single precision registers
10208 are present. If not, then we will synthesize them as pseudo
10209 registers. */
10213 {
10219 };
10221 /* Require the double precision registers. There must be either
10222 16 or 32. */
10225 {
10231 }
10235 /* Also require FPSCR. */
10239 {
10242 }
10249 /* If we have VFP, also check for NEON. The architecture allows
10250 NEON without VFP (integer vector operations only), but GDB
10251 does not support that. */
10255 {
10256 /* NEON requires 32 double-precision registers. */
10258 {
10261 }
10263 /* If there are quad registers defined by the stub, use
10264 their type; otherwise (normally) provide them with
10265 the default type. */
10270 }
10271 }
10272 }
10274 /* If there is already a candidate, use it. */
10278 {
10287 /* There are various other properties in tdep that we do not
10288 need to check here: those derived from a target description,
10289 since gdbarches with a different target description are
10290 automatically disqualified. */
10292 /* Do check is_m, though, since it might come from the binary. */
10296 /* Found a match. */
10298 }
10301 {
10305 }
10310 /* Record additional information about the architecture we are defining.
10311 These are gdbarch discriminators, like the OSABI. */
10323 /* Breakpoints. */
10325 {
10345 }
10347 /* On ARM targets char defaults to unsigned. */
10350 /* Note: for displaced stepping, this includes the breakpoint, and one word
10351 of additional scratch space. This setting isn't used for anything beside
10352 displaced stepping at present. */
10355 /* This should be low enough for everything. */
10359 /* The default, for both APCS and AAPCS, is to return small
10360 structures in registers. */
10368 /* Frame handling. */
10375 /* Address manipulation. */
10378 /* Advance PC across function entry code. */
10381 /* Detect whether PC is in function epilogue. */
10384 /* Skip trampolines. */
10387 /* The stack grows downward. */
10390 /* Breakpoint manipulation. */
10393 arm_remote_breakpoint_from_pc);
10395 /* Information about registers, etc. */
10402 /* This "info float" is FPA-specific. Use the generic version if we
10403 do not have FPA. */
10407 /* Internal <-> external register number maps. */
10413 /* Returning results. */
10416 /* Disassembly. */
10419 /* Minsymbol frobbing. */
10422 arm_coff_make_msymbol_special);
10425 /* Thumb-2 IT block support. */
10427 arm_adjust_breakpoint_address);
10429 /* Virtual tables. */
10432 /* Hook in the ABI-specific overrides, if they have been registered. */
10437 /* Add some default predicates. */
10445 /* Now we have tuned the configuration, set a few final things,
10446 based on what the OS ABI has told us. */
10448 /* If the ABI is not otherwise marked, assume the old GNU APCS. EABI
10449 binaries are always marked. */
10453 /* Watchpoints are not steppable. */
10456 /* We used to default to FPA for generic ARM, but almost nobody
10457 uses that now, and we now provide a way for the user to force
10458 the model. So default to the most useful variant. */
10465 /* Floating point sizes and format. */
10468 {
10469 set_gdbarch_double_format
10471 set_gdbarch_long_double_format
10473 }
10474 else
10475 {
10478 }
10481 {
10482 /* NOTE: These are the only pseudo registers used by
10483 the ARM target at the moment. If more are added, a
10484 little more care in numbering will be needed. */
10492 }
10495 {
10500 /* Override tdesc_register_type to adjust the types of VFP
10501 registers for NEON. */
10503 }
10505 /* Add standard register aliases. We add aliases even for those
10506 nanes which are used by the current architecture - it's simpler,
10507 and does no harm, since nothing ever lists user registers. */
10513 }
10515 static void
10517 {
10525 }
10529 void
10531 {
10545 arm_objfile_data_key
10548 /* Add ourselves to objfile event chain. */
10550 arm_exidx_data_key
10553 /* Register an ELF OS ABI sniffer for ARM binaries. */
10555 bfd_target_elf_flavour,
10556 arm_elf_osabi_sniffer);
10558 /* Initialize the standard target descriptions. */
10567 /* Get the number of possible sets of register names defined in opcodes. */
10570 /* Add root prefix command for all "set arm"/"show arm" commands. */
10579 /* Sync the opcode insn printer with our register viewer. */
10582 /* Initialize the array that will be passed to
10583 add_setshow_enum_cmd(). */
10584 valid_disassembly_styles
10587 {
10593 /* When we find the default names, tell the disassembler to use
10594 them. */
10596 {
10599 }
10600 }
10601 /* Mark the end of valid options. */
10604 /* Create the help text. */
10608 regdesc,
10617 helptext,
10618 set_disassembly_style_sfunc,
10620 \"%s\". */
10627 NULL,
10629 mode is %s. */
10632 /* Add a command to allow the user to force the FPU model. */
10644 /* Add a command to allow the user to force the ABI. */
10651 /* Add two commands to allow the user to force the assumed
10652 execution mode. */
10666 /* Debugging flag. */
10671 NULL,
10674 }
10676 /* ARM-reversible process record data structures. */
10678 #define ARM_INSN_SIZE_BYTES 4
10679 #define THUMB_INSN_SIZE_BYTES 2
10680 #define THUMB2_INSN_SIZE_BYTES 4
10683 /* Position of the bit within a 32-bit ARM instruction
10684 that defines whether the instruction is a load or store. */
10685 #define INSN_S_L_BIT_NUM 20
10687 #define REG_ALLOC(REGS, LENGTH, RECORD_BUF) \
10688 do \
10689 { \
10690 unsigned int reg_len = LENGTH; \
10691 if (reg_len) \
10692 { \
10693 REGS = XNEWVEC (uint32_t, reg_len); \
10694 memcpy(®S[0], &RECORD_BUF[0], sizeof(uint32_t)*LENGTH); \
10695 } \
10696 } \
10697 while (0)
10699 #define MEM_ALLOC(MEMS, LENGTH, RECORD_BUF) \
10700 do \
10701 { \
10702 unsigned int mem_len = LENGTH; \
10703 if (mem_len) \
10704 { \
10705 MEMS = XNEWVEC (struct arm_mem_r, mem_len); \
10706 memcpy(&MEMS->len, &RECORD_BUF[0], \
10707 sizeof(struct arm_mem_r) * LENGTH); \
10708 } \
10709 } \
10710 while (0)
10712 /* Checks whether insn is already recorded or yet to be decoded. (boolean expression). */
10713 #define INSN_RECORDED(ARM_RECORD) \
10714 (0 != (ARM_RECORD)->reg_rec_count || 0 != (ARM_RECORD)->mem_rec_count)
10716 /* ARM memory record structure. */
10717 struct arm_mem_r
10718 {
10721 };
10723 /* ARM instruction record contains opcode of current insn
10724 and execution state (before entry to decode_insn()),
10725 contains list of to-be-modified registers and
10726 memory blocks (on return from decode_insn()). */
10729 {
10744 /* Checks ARM SBZ and SBO mandatory fields. */
10746 static int
10748 {
10758 {
10760 {
10762 }
10764 }
10766 }
10768 enum arm_record_result
10769 {
10772 };
10775 {
10777 ARM_RECORD_STRD
10781 {
10783 THUMB_RECORD,
10784 THUMB2_RECORD
10788 static int
10791 {
10806 {
10807 /* 1) Handle misc store, immediate offset. */
10814 {
10815 /* If R15 was used as Rn, hence current PC+8. */
10817 }
10819 /* Calculate target store address. */
10821 {
10823 }
10824 else
10825 {
10827 }
10829 {
10833 }
10835 {
10841 }
10842 }
10844 {
10845 /* 2) Store, register offset. */
10846 /* Get Rm. */
10848 /* Get Rn. */
10853 {
10854 /* If R15 was used as Rn, hence current PC+8. */
10856 }
10857 /* Calculate target store address, Rn +/- Rm, register offset. */
10859 {
10861 }
10862 else
10863 {
10865 }
10867 {
10871 }
10873 {
10879 }
10880 }
10883 {
10884 /* 3) Store, immediate pre-indexed. */
10885 /* 5) Store, immediate post-indexed. */
10891 /* Calculate target store address, Rn +/- Rm, register offset. */
10893 {
10895 }
10896 else
10897 {
10899 }
10901 {
10905 }
10907 {
10913 }
10914 /* Record Rn also as it changes. */
10917 }
10920 {
10921 /* 4) Store, register pre-indexed. */
10922 /* 6) Store, register post -indexed. */
10927 /* Calculate target store address, Rn +/- Rm, register offset. */
10929 {
10931 }
10932 else
10933 {
10935 }
10937 {
10941 }
10943 {
10949 }
10950 /* Record Rn also as it changes. */
10953 }
10955 }
10957 /* Handling ARM extension space insns. */
10959 static int
10961 {
10971 /* Handle unconditional insn extension space. */
10976 {
10977 /* PLD has no affect on architectural state, it just affects
10978 the caches. */
10980 {
10981 /* BLX(1) */
10985 }
10986 /* STC2, LDC2, MCR2, MRC2, CDP2: <TBD>, co-processor insn. */
10987 }
10992 {
10994 /* Undefined instruction on ARM V5; need to handle if later
10995 versions define it. */
10996 }
11002 /* Handle arithmetic insn extension space. */
11005 {
11006 /* Handle MLA(S) and MUL(S). */
11008 {
11012 }
11014 {
11015 /* Handle SMLAL(S), SMULL(S), UMLAL(S), UMULL(S). */
11020 }
11021 }
11027 /* Handle control insn extension space. */
11031 {
11033 {
11035 {
11037 {
11038 /* MRS. */
11041 }
11043 {
11044 /* CSPR is going to be changed. */
11047 }
11049 {
11050 /* SPSR is going to be changed. */
11051 /* We need to get SPSR value, which is yet to be done. */
11058 }
11059 }
11061 {
11063 {
11064 /* BX. */
11067 }
11069 {
11070 /* CLZ. */
11073 }
11074 }
11076 {
11077 /* BLX. */
11081 }
11083 {
11084 /* QADD, QSUB, QDADD, QDSUB */
11088 }
11090 {
11091 /* BKPT. */
11096 /* Save SPSR also;how? */
11102 }
11107 )
11108 {
11110 {
11111 /* SMLA<x><y>, SMLAW<y>, SMULW<y>. */
11112 /* We dont do optimization for SMULW<y> where we
11113 need only Rd. */
11117 }
11119 {
11120 /* SMLAL<x><y>. */
11124 }
11126 {
11127 /* SMUL<x><y>. */
11130 }
11131 }
11132 }
11133 else
11134 {
11135 /* MSR : immediate form. */
11137 {
11138 /* CSPR is going to be changed. */
11141 }
11143 {
11144 /* SPSR is going to be changed. */
11145 /* we need to get SPSR value, which is yet to be done */
11152 }
11153 }
11154 }
11160 /* Handle load/store insn extension space. */
11165 {
11166 /* SWP/SWPB. */
11168 {
11169 /* These insn, changes register and memory as well. */
11170 /* SWP or SWPB insn. */
11171 /* Get memory address given by Rn. */
11174 /* SWP insn ?, swaps word. */
11176 {
11178 }
11179 else
11180 {
11181 /* SWPB insn, swaps only byte. */
11183 }
11188 }
11190 {
11191 /* STRH. */
11193 ARM_RECORD_STRH);
11194 }
11196 {
11197 /* LDRD. */
11201 }
11203 {
11204 /* STRD. */
11206 ARM_RECORD_STRD);
11207 }
11209 {
11210 /* LDRH, LDRSB, LDRSH. */
11213 }
11215 }
11220 {
11222 /* Handle coprocessor insn extension space. */
11223 }
11225 /* To be done for ARMv5 and later; as of now we return -1. */
11236 }
11238 /* Handling opcode 000 insns. */
11240 static int
11242 {
11255 /* Data processing insn /multiply insn. */
11259 {
11260 /* Handle multiply instructions. */
11261 /* MLA, MUL, SMLAL, SMULL, UMLAL, UMULL. */
11263 {
11264 /* Handle MLA and MUL. */
11268 }
11270 {
11271 /* Handle SMLAL, SMULL, UMLAL, UMULL. */
11276 }
11277 }
11280 {
11281 /* Handle misc load insns, as 20th bit (L = 1). */
11282 /* LDR insn has a capability to do branching, if
11283 MOV LR, PC is precceded by LDR insn having Rn as R15
11284 in that case, it emulates branch and link insn, and hence we
11285 need to save CSPR and PC as well. I am not sure this is right
11286 place; as opcode = 010 LDR insn make this happen, if R15 was
11287 used. */
11290 {
11293 }
11294 else
11295 {
11299 }
11300 }
11305 {
11306 /* Handle MSR insn. */
11308 {
11309 /* CSPR is going to be changed. */
11312 }
11313 else
11314 {
11315 /* SPSR is going to be changed. */
11316 /* How to read SPSR value? */
11322 }
11323 }
11327 {
11328 /* Handling SWP, SWPB. */
11329 /* These insn, changes register and memory as well. */
11330 /* SWP or SWPB insn. */
11334 /* SWP insn ?, swaps word. */
11336 {
11338 }
11339 else
11340 {
11341 /* SWPB insn, swaps only byte. */
11343 }
11348 }
11351 {
11352 /* Handle BLX, branch and link/exchange. */
11354 {
11355 /* Branch is chosen by setting T bit of CSPR, bitp[0] of Rm,
11356 and R14 stores the return address. */
11360 }
11361 }
11363 {
11364 /* Handle enhanced software breakpoint insn, BKPT. */
11365 /* CPSR is changed to be executed in ARM state, disabling normal
11366 interrupts, entering abort mode. */
11367 /* According to high vector configuration PC is set. */
11368 /* user hit breakpoint and type reverse, in
11369 that case, we need to go back with previous CPSR and
11370 Program Counter. */
11375 /* Save SPSR also; how? */
11381 }
11384 {
11385 /* Handle enhanced store insns and DSP insns (e.g. LDRD). */
11387 /* Handle str(x) insn */
11389 ARM_RECORD_STRH);
11390 }
11393 {
11394 /* Handle BX, branch and link/exchange. */
11395 /* Branch is chosen by setting T bit of CSPR, bitp[0] of Rm. */
11398 }
11402 {
11403 /* Count leading zeros: CLZ. */
11406 }
11411 )
11412 {
11413 /* Handle MRS insn. */
11416 }
11418 {
11419 /* Normal data processing insns. */
11420 /* Out of 11 shifter operands mode, all the insn modifies destination
11421 register, which is specified by 13-16 decode. */
11425 }
11426 else
11427 {
11429 }
11434 }
11436 /* Handling opcode 001 insns. */
11438 static int
11440 {
11449 )
11450 {
11451 /* Handle MSR insn. */
11453 {
11454 /* CSPR is going to be changed. */
11457 }
11458 else
11459 {
11460 /* SPSR is going to be changed. */
11461 }
11462 }
11464 {
11465 /* Normal data processing insns. */
11466 /* Out of 11 shifter operands mode, all the insn modifies destination
11467 register, which is specified by 13-16 decode. */
11471 }
11472 else
11473 {
11475 }
11480 }
11482 /* Handle ARM mode instructions with opcode 010. */
11484 static int
11486 {
11493 ULONGEST u_regval;
11495 /* Calculate wback. */
11503 {
11504 /* LDR (immediate), LDR (literal), LDRB (immediate), LDRB (literal), LDRBT
11505 and LDRT. */
11510 /* The LDR instruction is capable of doing branching. If MOV LR, PC
11511 preceeds a LDR instruction having R15 as reg_base, it
11512 emulates a branch and link instruction, and hence we need to save
11513 CPSR and PC as well. */
11517 /* If wback is true, also save the base register, which is going to be
11518 written to. */
11521 }
11522 else
11523 {
11524 /* STR (immediate), STRB (immediate), STRBT and STRT. */
11529 /* Handle bit U. */
11531 {
11532 /* U == 1: Add the offset. */
11534 }
11535 else
11536 {
11537 /* U == 0: subtract the offset. */
11539 }
11541 /* Bit 22 tells us whether the store instruction writes 1 byte or 4
11542 bytes. */
11544 {
11545 /* STRB and STRBT: 1 byte. */
11547 }
11548 else
11549 {
11550 /* STR and STRT: 4 bytes. */
11552 }
11554 /* Handle bit P. */
11557 else
11562 /* If wback is true, also save the base register, which is going to be
11563 written to. */
11566 }
11571 }
11573 /* Handling opcode 011 insns. */
11575 static int
11577 {
11585 LONGEST s_word;
11591 /* Handle enhanced store insns and LDRD DSP insn,
11592 order begins according to addressing modes for store insns
11593 STRH insn. */
11595 /* LDR or STR? */
11597 {
11599 /* LDR insn has a capability to do branching, if
11600 MOV LR, PC is precedded by LDR insn having Rn as R15
11601 in that case, it emulates branch and link insn, and hence we
11602 need to save CSPR and PC as well. */
11604 {
11607 }
11608 else
11609 {
11613 }
11614 }
11615 else
11616 {
11618 {
11619 /* Store insn, register offset and register pre-indexed,
11620 register post-indexed. */
11621 /* Get Rm. */
11623 /* Get Rn. */
11630 {
11631 /* If R15 was used as Rn, hence current PC+8. */
11632 /* Pre-indexed mode doesnt reach here ; illegal insn. */
11634 }
11635 /* Calculate target store address, Rn +/- Rm, register offset. */
11636 /* U == 1. */
11638 {
11640 }
11641 else
11642 {
11644 }
11647 {
11648 /* STR. */
11651 /* STR. */
11654 /* STRT. */
11657 /* STR. */
11663 /* STRB. */
11666 /* STRB. */
11669 /* STRBT. */
11672 /* STRB. */
11681 }
11691 )
11692 {
11693 /* Rn is going to be changed in pre-indexed mode and
11694 post-indexed mode as well. */
11697 }
11698 }
11699 else
11700 {
11701 /* Store insn, scaled register offset; scaled pre-indexed. */
11703 /* Get Rm. */
11705 /* Get Rn. */
11707 /* Get shift_imm. */
11712 /* Offset_12 used as shift. */
11714 {
11716 /* Offset_12 used as index. */
11726 {
11728 {
11730 }
11731 else
11732 {
11734 }
11735 }
11736 else
11737 {
11738 /* This is arithmetic shift. */
11740 }
11745 {
11748 /* Get C flag value and shift it by 31. */
11751 }
11752 else
11753 {
11757 }
11763 }
11766 /* bit U set. */
11768 {
11770 }
11771 else
11772 {
11774 }
11777 {
11778 /* STR. */
11781 /* STR. */
11784 /* STRT. */
11787 /* STR. */
11793 /* STRB. */
11796 /* STRB. */
11799 /* STRBT. */
11802 /* STRB. */
11811 }
11821 )
11822 {
11823 /* Rn is going to be changed in register scaled pre-indexed
11824 mode,and scaled post indexed mode. */
11827 }
11828 }
11829 }
11834 }
11836 /* Handle ARM mode instructions with opcode 100. */
11838 static int
11840 {
11846 ULONGEST u_regval;
11848 /* Fetch the list of registers. */
11852 /* Fetch the base register that contains the address we are loading data
11853 to. */
11856 /* Calculate wback. */
11860 {
11861 /* LDM/LDMIA/LDMFD, LDMDA/LDMFA, LDMDB and LDMIB. */
11863 /* Find out which registers are going to be loaded from memory. */
11865 {
11869 register_count++;
11870 }
11873 /* If wback is true, also save the base register, which is going to be
11874 written to. */
11878 /* Save the CPSR register. */
11880 }
11881 else
11882 {
11883 /* STM (STMIA, STMEA), STMDA (STMED), STMDB (STMFD) and STMIB (STMFA). */
11889 /* Find out how many registers are going to be stored to memory. */
11891 {
11893 register_count++;
11895 }
11898 {
11899 /* STMDA (STMED): Decrement after. */
11904 /* STM (STMIA, STMEA): Increment after. */
11908 /* STMDB (STMFD): Decrement before. */
11913 /* STMIB (STMFA): Increment before. */
11920 }
11925 /* If wback is true, also save the base register, which is going to be
11926 written to. */
11929 }
11934 }
11936 /* Handling opcode 101 insns. */
11938 static int
11940 {
11943 /* Handle B, BL, BLX(1) insns. */
11944 /* B simply branches so we do nothing here. */
11945 /* Note: BLX(1) doesnt fall here but instead it falls into
11946 extension space. */
11948 {
11951 }
11956 }
11958 /* Handling opcode 110 insns. */
11960 static int
11962 {
11968 }
11970 /* Record handler for vector data transfer instructions. */
11972 static int
11974 {
11985 /* Handle VMOV instruction. */
11987 {
11990 }
11992 {
11993 /* Handle VMOV instruction. */
11995 {
11998 else
12003 }
12004 /* Handle VMRS instruction. */
12006 {
12012 }
12013 }
12015 {
12016 /* Handle VMOV instruction. */
12018 {
12021 else
12026 }
12027 /* Handle VMSR instruction. */
12029 {
12032 }
12033 }
12035 {
12036 /* Handle VMOV instruction. */
12038 {
12042 }
12043 /* Handle VDUP instruction. */
12044 else
12045 {
12047 {
12052 }
12053 else
12054 {
12058 }
12059 }
12060 }
12064 }
12066 /* Record handler for extension register load/store instructions. */
12068 static int
12070 {
12083 /* Handle VMOV instructions. */
12085 {
12087 {
12091 }
12092 else
12093 {
12098 {
12102 }
12103 else
12104 {
12107 }
12108 }
12109 }
12110 /* Handle VSTM and VPUSH instructions. */
12113 {
12125 else
12129 {
12132 }
12135 {
12137 {
12142 }
12143 else
12144 {
12151 }
12152 memory_count--;
12153 }
12155 }
12156 /* Handle VLDM instructions. */
12159 {
12168 else
12175 {
12178 else
12181 reg_count--;
12182 }
12184 }
12185 /* VSTR Vector store register. */
12187 {
12199 else
12203 {
12207 }
12208 else
12209 {
12215 }
12216 }
12217 /* VLDR Vector load register. */
12219 {
12223 {
12226 }
12227 else
12228 {
12231 }
12233 }
12238 }
12240 /* Record handler for arm/thumb mode VFP data processing instructions. */
12242 static int
12244 {
12258 /* Handle VMLA, VMLS. */
12260 {
12262 {
12265 else
12267 }
12268 else
12269 {
12272 else
12274 }
12275 }
12276 /* Handle VNMLA, VNMLS, VNMUL. */
12278 {
12281 else
12283 }
12284 /* Handle VMUL. */
12286 {
12288 {
12291 else
12293 }
12294 else
12295 {
12298 else
12300 }
12301 }
12302 /* Handle VADD, VSUB. */
12304 {
12306 {
12309 else
12311 }
12312 else
12313 {
12316 else
12318 }
12319 }
12320 /* Handle VDIV. */
12322 {
12325 else
12327 }
12328 /* Handle all other vfp data processing instructions. */
12330 {
12331 /* Handle VMOV. */
12333 {
12335 {
12338 else
12340 }
12341 else
12342 {
12345 else
12347 }
12348 }
12349 /* Handle VNEG and VABS. */
12352 {
12354 {
12357 else
12359 }
12360 else
12361 {
12364 else
12366 }
12367 }
12368 /* Handle VSQRT. */
12370 {
12373 else
12375 }
12376 /* Handle VCVT. */
12378 {
12381 else
12383 }
12385 {
12386 /* Handle VCVT. */
12388 {
12391 else
12392 {
12395 else
12397 }
12398 }
12399 /* Handle VCVT. */
12401 {
12404 else
12406 }
12407 /* Handle VCVTB, VCVTT. */
12410 /* Handle VCMP, VCMPE. */
12413 }
12414 }
12417 {
12445 }
12449 }
12451 /* Handling opcode 110 insns. */
12453 static int
12455 {
12463 {
12464 /* Handle extension register ld/st instructions. */
12468 /* 64-bit transfers between arm core and extension registers. */
12471 }
12472 else
12473 {
12474 /* Handle coprocessor ld/st instructions. */
12476 {
12477 /* Store. */
12480 else
12481 /* Load. */
12483 }
12485 /* Move to coprocessor from two arm core registers. */
12489 /* Move to two arm core registers from coprocessor. */
12491 {
12500 }
12501 }
12503 }
12505 /* Handling opcode 111 insns. */
12507 static int
12509 {
12521 /* Handle arm SWI/SVC system call instructions. */
12523 {
12525 {
12536 }
12537 else
12538 {
12541 }
12542 }
12545 {
12546 /* VFP data-processing instructions. */
12550 /* Advanced SIMD, VFP instructions. */
12553 }
12554 else
12555 {
12556 /* Coprocessor data operations. */
12560 /* Move to Coprocessor from ARM core register. */
12564 /* Move to arm core register from coprocessor. */
12566 {
12575 record_buf);
12577 }
12578 }
12581 }
12583 /* Handling opcode 000 insns. */
12585 static int
12587 {
12600 }
12603 /* Handling opcode 001 insns. */
12605 static int
12607 {
12620 }
12622 /* Handling opcode 010 insns. */
12624 static int
12626 {
12638 {
12639 /* Handle load/store register offset. */
12642 {
12643 /* LDR(2), LDRB(2) , LDRH(2), LDRSB, LDRSH. */
12647 }
12649 {
12650 /* STR(2), STRB(2), STRH(2) . */
12663 }
12664 }
12666 {
12667 /* Handle load from literal pool. */
12668 /* LDR(3). */
12672 }
12674 {
12678 {
12679 /* Branch with exchange. */
12682 }
12683 else
12684 {
12685 /* Format 8; special data processing insns. */
12690 }
12691 }
12692 else
12693 {
12694 /* Format 5; data processing insns. */
12697 {
12699 }
12703 }
12707 record_buf_mem);
12710 }
12712 /* Handling opcode 001 insns. */
12714 static int
12716 {
12728 {
12729 /* LDR(1). */
12733 }
12734 else
12735 {
12736 /* STR(1). */
12743 }
12747 record_buf_mem);
12750 }
12752 /* Handling opcode 100 insns. */
12754 static int
12756 {
12768 {
12769 /* LDR(4). */
12773 }
12775 {
12776 /* LDRH(1). */
12780 }
12782 {
12783 /* STR(3). */
12789 }
12791 {
12792 /* STRH(1). */
12799 }
12803 record_buf_mem);
12806 }
12808 /* Handling opcode 101 insns. */
12810 static int
12812 {
12828 {
12829 /* POP. */
12832 {
12836 register_count++;
12837 }
12841 }
12843 {
12844 /* PUSH. */
12848 {
12850 register_count++;
12852 }
12857 {
12861 register_count--;
12862 }
12865 }
12867 {
12868 /* BKPT insn. */
12869 /* Handle enhanced software breakpoint insn, BKPT. */
12870 /* CPSR is changed to be executed in ARM state, disabling normal
12871 interrupts, entering abort mode. */
12872 /* According to high vector configuration PC is set. */
12873 /* User hits breakpoint and type reverse, in that case, we need to go back with
12874 previous CPSR and Program Counter. */
12878 /* We need to save SPSR value, which is not yet done. */
12885 }
12887 {
12888 /* ADD(5), ADD(6). */
12892 }
12894 {
12895 /* ADD(7), SUB(4). */
12899 }
12903 record_buf_mem);
12906 }
12908 /* Handling opcode 110 insns. */
12910 static int
12912 {
12928 {
12930 /* LDMIA. */
12932 /* Get Rn. */
12935 {
12939 register_count++;
12940 }
12943 }
12945 {
12946 /* It handles both STMIA. */
12948 /* Get Rn. */
12952 {
12954 register_count++;
12956 }
12960 {
12964 register_count--;
12965 }
12966 }
12968 {
12969 /* Handle arm syscall insn. */
12971 {
12974 }
12975 else
12976 {
12979 }
12980 }
12982 /* B (1), conditional branch is automatically taken care in process_record,
12983 as PC is saved there. */
12987 record_buf_mem);
12990 }
12992 /* Handling opcode 111 insns. */
12994 static int
12996 {
13003 {
13004 /* BL */
13007 }
13009 {
13010 /* BLX(1). */
13014 }
13016 /* B(2) is automatically taken care in process_record, as PC is
13017 saved there. */
13022 }
13024 /* Handler for thumb2 load/store multiple instructions. */
13026 static int
13028 {
13042 {
13044 {
13045 /* Handle RFE instruction. */
13048 }
13049 else
13050 {
13051 /* Handle SRS instruction after reading banked SP. */
13053 }
13054 }
13056 {
13058 {
13059 /* Handle LDM/LDMIA/LDMFD and LDMDB/LDMEA instructions. */
13062 {
13066 register_count++;
13068 }
13072 }
13073 else
13074 {
13075 /* Handle STM/STMIA/STMEA and STMDB/STMFD. */
13079 {
13081 register_count++;
13084 }
13087 {
13088 /* Start address calculation for LDMDB/LDMEA. */
13090 }
13092 {
13093 /* Start address calculation for LDMDB/LDMEA. */
13095 }
13099 {
13103 register_count--;
13104 }
13108 }
13109 }
13112 record_buf_mem);
13114 record_buf);
13116 }
13118 /* Handler for thumb2 load/store (dual/exclusive) and table branch
13119 instructions. */
13121 static int
13123 {
13131 LONGEST s_word;
13140 {
13142 {
13147 }
13150 {
13154 }
13155 }
13156 else
13157 {
13162 {
13163 /* Handle STREX. */
13172 }
13174 {
13182 {
13183 /* Handle STREXB. */
13186 }
13188 {
13189 /* Handle STREXH. */
13192 }
13194 {
13195 /* Handle STREXD. */
13201 }
13202 }
13203 else
13204 {
13208 {
13211 else
13215 }
13216 else
13226 }
13227 }
13230 record_buf);
13232 record_buf_mem);
13234 }
13236 /* Handler for thumb2 data processing (shift register and modified immediate)
13237 instructions. */
13239 static int
13241 {
13249 {
13252 }
13253 else
13254 {
13258 }
13261 record_buf);
13263 }
13265 /* Generic handler for thumb2 instructions which effect destination and PS
13266 registers. */
13268 static int
13270 {
13281 record_buf);
13283 }
13285 /* Handler for thumb2 branch and miscellaneous control instructions. */
13287 static int
13289 {
13297 /* Handle MSR insn. */
13299 {
13301 {
13302 /* CPSR is going to be changed. */
13305 }
13306 else
13307 {
13310 }
13311 }
13313 {
13314 /* BLX. */
13318 }
13321 record_buf);
13323 }
13325 /* Handler for thumb2 store single data item instructions. */
13327 static int
13329 {
13345 {
13346 /* T2 encoding. */
13350 }
13351 else
13352 {
13353 /* T3 encoding. */
13355 {
13356 /* Handle STRB (register). */
13362 }
13363 else
13364 {
13367 {
13370 else
13374 }
13375 else
13377 }
13378 }
13381 {
13382 /* Store byte instructions. */
13387 /* Store half word instructions. */
13392 /* Store word instructions. */
13401 }
13409 record_buf);
13411 record_buf_mem);
13413 }
13415 /* Handler for thumb2 load memory hints instructions. */
13417 static int
13419 {
13427 {
13434 record_buf);
13436 }
13439 }
13441 /* Handler for thumb2 load word instructions. */
13443 static int
13445 {
13454 record_buf);
13456 }
13458 /* Handler for thumb2 long multiply, long multiply accumulate, and
13459 divide instructions. */
13461 static int
13463 {
13472 {
13473 /* Handle SMULL, UMULL, SMULAL. */
13474 /* Handle SMLAL(S), SMULL(S), UMLAL(S), UMULL(S). */
13479 }
13481 {
13482 /* Handle SDIV and UDIV. */
13487 }
13488 else
13492 record_buf);
13494 }
13496 /* Record handler for thumb32 coprocessor instructions. */
13498 static int
13500 {
13503 else
13505 }
13507 /* Record handler for advance SIMD structure load/store instructions. */
13509 static int
13511 {
13530 {
13536 {
13537 /* Handle VST1. */
13539 {
13548 else
13552 {
13554 {
13559 }
13560 }
13561 }
13562 /* Handle VST2. */
13564 {
13569 else
13574 {
13576 {
13580 }
13582 }
13583 }
13584 /* Handle VST3. */
13586 {
13588 {
13590 {
13594 }
13596 }
13597 }
13598 /* Handle VST4. */
13600 {
13602 {
13604 {
13608 }
13610 }
13611 }
13612 }
13613 else
13614 {
13623 else
13626 /* Handle VST1. */
13629 /* Handle VST2. */
13632 /* Handle VST3. */
13635 /* Handle VST4. */
13640 {
13643 }
13644 }
13645 }
13646 else
13647 {
13649 {
13650 /* Handle VLD1. */
13653 /* Handle VLD2. */
13656 /* Handle VLD3. */
13659 /* Handle VLD4. */
13662 }
13663 else
13664 {
13665 /* Handle VLD1. */
13668 /* Handle VLD2. */
13671 /* Handle VLD3. */
13674 /* Handle VLD4. */
13680 }
13681 }
13684 {
13687 }
13690 record_buf);
13692 record_buf_mem);
13694 }
13696 /* Decodes thumb2 instruction type and invokes its record handler. */
13698 static unsigned int
13700 {
13708 {
13710 {
13711 /* Load/store multiple instruction. */
13713 }
13715 {
13716 /* Load/store (dual/exclusive) and table branch instruction. */
13718 }
13720 {
13721 /* Data-processing (shifted register). */
13723 }
13725 {
13726 /* Co-processor instructions. */
13728 }
13729 }
13731 {
13733 {
13734 /* Branches and miscellaneous control instructions. */
13736 }
13738 {
13739 /* Data-processing (plain binary immediate) instruction. */
13741 }
13742 else
13743 {
13744 /* Data-processing (modified immediate). */
13746 }
13747 }
13749 {
13751 {
13752 /* Store single data item. */
13754 }
13756 {
13757 /* Advanced SIMD or structure load/store instructions. */
13759 }
13761 {
13762 /* Load byte, memory hints instruction. */
13764 }
13766 {
13767 /* Load halfword, memory hints instruction. */
13769 }
13771 {
13772 /* Load word instruction. */
13774 }
13776 {
13777 /* Data-processing (register) instruction. */
13779 }
13781 {
13782 /* Multiply, multiply accumulate, abs diff instruction. */
13784 }
13786 {
13787 /* Long multiply, long multiply accumulate, and divide. */
13789 }
13791 {
13792 /* Co-processor instructions. */
13794 }
13795 }
13798 }
13800 /* Extracts arm/thumb/thumb2 insn depending on the size, and returns 0 on success
13801 and positive val on fauilure. */
13803 static int
13805 {
13813 insn_size,
13816 }
13820 /* Decode arm/thumb insn depending on condition cods and opcodes; and
13821 dispatch it. */
13823 static int
13826 {
13828 /* (Starting from numerical 0); bits 25, 26, 27 decodes type of arm instruction. */
13830 {
13838 arm_record_coproc_data_proc /* 111. */
13839 };
13841 /* (Starting from numerical 0); bits 13,14,15 decodes type of thumb instruction. */
13843 { \
13851 thumb_record_branch /* 111. */
13852 };
13858 {
13860 {
13864 }
13866 }
13868 {
13872 /* If this insn has fallen into extension space
13873 then we need not decode it anymore. */
13875 {
13877 }
13878 }
13880 {
13881 /* As thumb does not have condition codes, we set negative. */
13885 }
13887 {
13888 /* As thumb does not have condition codes, we set negative. */
13891 /* Swap first half of 32bit thumb instruction with second half. */
13892 arm_record->arm_insn
13898 {
13901 }
13902 }
13903 else
13904 {
13905 /* Throw assertion. */
13907 }
13910 }
13913 /* Cleans up local record registers and memory allocations. */
13915 static void
13917 {
13920 }
13923 /* Parse the current instruction and record the values of the registers and
13924 memory that will be changed in current instruction to record_arch_list".
13925 Return -1 if something is wrong. */
13927 int
13929 CORE_ADDR insn_addr)
13930 {
13939 insn_decode_record arm_record;
13948 {
13952 }
13955 {
13957 {
13962 }
13964 }
13966 /* Check the insn, whether it is thumb or arm one. */
13973 {
13974 /* We are decoding arm insn. */
13976 }
13977 else
13978 {
13980 /* is it thumb2 insn? */
13982 {
13984 THUMB2_INSN_SIZE_BYTES);
13985 }
13986 else
13987 {
13988 /* We are decoding thumb insn. */
13990 }
13991 }
13994 {
13995 /* Record registers. */
13998 {
14000 {
14004 }
14005 }
14006 /* Record memories. */
14008 {
14010 {
14015 }
14016 }
14020 }
14026 }