1 /* GNU/Linux on ARM target support.
3 Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
4 2009 Free Software Foundation, Inc.
6 This file is part of GDB.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>. */
25 #include "floatformat.h"
30 #include "solib-svr4.h"
33 #include "trad-frame.h"
34 #include "tramp-frame.h"
35 #include "breakpoint.h"
38 #include "arm-linux-tdep.h"
39 #include "linux-tdep.h"
40 #include "glibc-tdep.h"
42 #include "gdb_string.h"
44 extern int arm_apcs_32;
46 /* Under ARM GNU/Linux the traditional way of performing a breakpoint
47 is to execute a particular software interrupt, rather than use a
48 particular undefined instruction to provoke a trap. Upon exection
49 of the software interrupt the kernel stops the inferior with a
50 SIGTRAP, and wakes the debugger. */
52 static const char arm_linux_arm_le_breakpoint[] = { 0x01, 0x00, 0x9f, 0xef };
54 static const char arm_linux_arm_be_breakpoint[] = { 0xef, 0x9f, 0x00, 0x01 };
56 /* However, the EABI syscall interface (new in Nov. 2005) does not look at
57 the operand of the swi if old-ABI compatibility is disabled. Therefore,
58 use an undefined instruction instead. This is supported as of kernel
59 version 2.5.70 (May 2003), so should be a safe assumption for EABI
62 static const char eabi_linux_arm_le_breakpoint[] = { 0xf0, 0x01, 0xf0, 0xe7 };
64 static const char eabi_linux_arm_be_breakpoint[] = { 0xe7, 0xf0, 0x01, 0xf0 };
66 /* All the kernels which support Thumb support using a specific undefined
67 instruction for the Thumb breakpoint. */
69 static const char arm_linux_thumb_be_breakpoint[] = {0xde, 0x01};
71 static const char arm_linux_thumb_le_breakpoint[] = {0x01, 0xde};
73 /* Description of the longjmp buffer. */
74 #define ARM_LINUX_JB_ELEMENT_SIZE INT_REGISTER_SIZE
75 #define ARM_LINUX_JB_PC 21
78 Dynamic Linking on ARM GNU/Linux
79 --------------------------------
81 Note: PLT = procedure linkage table
82 GOT = global offset table
84 As much as possible, ELF dynamic linking defers the resolution of
85 jump/call addresses until the last minute. The technique used is
86 inspired by the i386 ELF design, and is based on the following
89 1) The calling technique should not force a change in the assembly
90 code produced for apps; it MAY cause changes in the way assembly
91 code is produced for position independent code (i.e. shared
94 2) The technique must be such that all executable areas must not be
95 modified; and any modified areas must not be executed.
97 To do this, there are three steps involved in a typical jump:
101 3) using a pointer from the GOT
103 When the executable or library is first loaded, each GOT entry is
104 initialized to point to the code which implements dynamic name
105 resolution and code finding. This is normally a function in the
106 program interpreter (on ARM GNU/Linux this is usually
107 ld-linux.so.2, but it does not have to be). On the first
108 invocation, the function is located and the GOT entry is replaced
109 with the real function address. Subsequent calls go through steps
110 1, 2 and 3 and end up calling the real code.
117 This is typical ARM code using the 26 bit relative branch or branch
118 and link instructions. The target of the instruction
119 (function_call is usually the address of the function to be called.
120 In position independent code, the target of the instruction is
121 actually an entry in the PLT when calling functions in a shared
122 library. Note that this call is identical to a normal function
123 call, only the target differs.
127 The PLT is a synthetic area, created by the linker. It exists in
128 both executables and libraries. It is an array of stubs, one per
129 imported function call. It looks like this:
132 str lr, [sp, #-4]! @push the return address (lr)
133 ldr lr, [pc, #16] @load from 6 words ahead
134 add lr, pc, lr @form an address for GOT[0]
135 ldr pc, [lr, #8]! @jump to the contents of that addr
137 The return address (lr) is pushed on the stack and used for
138 calculations. The load on the second line loads the lr with
139 &GOT[3] - . - 20. The addition on the third leaves:
141 lr = (&GOT[3] - . - 20) + (. + 8)
145 On the fourth line, the pc and lr are both updated, so that:
151 NOTE: PLT[0] borrows an offset .word from PLT[1]. This is a little
152 "tight", but allows us to keep all the PLT entries the same size.
155 ldr ip, [pc, #4] @load offset from gotoff
156 add ip, pc, ip @add the offset to the pc
157 ldr pc, [ip] @jump to that address
158 gotoff: .word GOT[n+3] - .
160 The load on the first line, gets an offset from the fourth word of
161 the PLT entry. The add on the second line makes ip = &GOT[n+3],
162 which contains either a pointer to PLT[0] (the fixup trampoline) or
163 a pointer to the actual code.
167 The GOT contains helper pointers for both code (PLT) fixups and
168 data fixups. The first 3 entries of the GOT are special. The next
169 M entries (where M is the number of entries in the PLT) belong to
170 the PLT fixups. The next D (all remaining) entries belong to
171 various data fixups. The actual size of the GOT is 3 + M + D.
173 The GOT is also a synthetic area, created by the linker. It exists
174 in both executables and libraries. When the GOT is first
175 initialized , all the GOT entries relating to PLT fixups are
176 pointing to code back at PLT[0].
178 The special entries in the GOT are:
180 GOT[0] = linked list pointer used by the dynamic loader
181 GOT[1] = pointer to the reloc table for this module
182 GOT[2] = pointer to the fixup/resolver code
184 The first invocation of function call comes through and uses the
185 fixup/resolver code. On the entry to the fixup/resolver code:
189 stack[0] = return address (lr) of the function call
190 [r0, r1, r2, r3] are still the arguments to the function call
192 This is enough information for the fixup/resolver code to work
193 with. Before the fixup/resolver code returns, it actually calls
194 the requested function and repairs &GOT[n+3]. */
196 /* The constants below were determined by examining the following files
197 in the linux kernel sources:
199 arch/arm/kernel/signal.c
200 - see SWI_SYS_SIGRETURN and SWI_SYS_RT_SIGRETURN
201 include/asm-arm/unistd.h
202 - see __NR_sigreturn, __NR_rt_sigreturn, and __NR_SYSCALL_BASE */
204 #define ARM_LINUX_SIGRETURN_INSTR 0xef900077
205 #define ARM_LINUX_RT_SIGRETURN_INSTR 0xef9000ad
207 /* For ARM EABI, the syscall number is not in the SWI instruction
208 (instead it is loaded into r7). We recognize the pattern that
209 glibc uses... alternatively, we could arrange to do this by
210 function name, but they are not always exported. */
211 #define ARM_SET_R7_SIGRETURN 0xe3a07077
212 #define ARM_SET_R7_RT_SIGRETURN 0xe3a070ad
213 #define ARM_EABI_SYSCALL 0xef000000
216 arm_linux_sigtramp_cache (struct frame_info *this_frame,
217 struct trad_frame_cache *this_cache,
218 CORE_ADDR func, int regs_offset)
220 CORE_ADDR sp = get_frame_register_unsigned (this_frame, ARM_SP_REGNUM);
221 CORE_ADDR base = sp + regs_offset;
224 for (i = 0; i < 16; i++)
225 trad_frame_set_reg_addr (this_cache, i, base + i * 4);
227 trad_frame_set_reg_addr (this_cache, ARM_PS_REGNUM, base + 16 * 4);
229 /* The VFP or iWMMXt registers may be saved on the stack, but there's
230 no reliable way to restore them (yet). */
232 /* Save a frame ID. */
233 trad_frame_set_id (this_cache, frame_id_build (sp, func));
236 /* There are a couple of different possible stack layouts that
239 Before version 2.6.18, the kernel used completely independent
240 layouts for non-RT and RT signals. For non-RT signals the stack
241 began directly with a struct sigcontext. For RT signals the stack
242 began with two redundant pointers (to the siginfo and ucontext),
243 and then the siginfo and ucontext.
245 As of version 2.6.18, the non-RT signal frame layout starts with
246 a ucontext and the RT signal frame starts with a siginfo and then
247 a ucontext. Also, the ucontext now has a designated save area
248 for coprocessor registers.
250 For RT signals, it's easy to tell the difference: we look for
251 pinfo, the pointer to the siginfo. If it has the expected
252 value, we have an old layout. If it doesn't, we have the new
255 For non-RT signals, it's a bit harder. We need something in one
256 layout or the other with a recognizable offset and value. We can't
257 use the return trampoline, because ARM usually uses SA_RESTORER,
258 in which case the stack return trampoline is not filled in.
259 We can't use the saved stack pointer, because sigaltstack might
260 be in use. So for now we guess the new layout... */
262 /* There are three words (trap_no, error_code, oldmask) in
263 struct sigcontext before r0. */
264 #define ARM_SIGCONTEXT_R0 0xc
266 /* There are five words (uc_flags, uc_link, and three for uc_stack)
267 in the ucontext_t before the sigcontext. */
268 #define ARM_UCONTEXT_SIGCONTEXT 0x14
270 /* There are three elements in an rt_sigframe before the ucontext:
271 pinfo, puc, and info. The first two are pointers and the third
272 is a struct siginfo, with size 128 bytes. We could follow puc
273 to the ucontext, but it's simpler to skip the whole thing. */
274 #define ARM_OLD_RT_SIGFRAME_SIGINFO 0x8
275 #define ARM_OLD_RT_SIGFRAME_UCONTEXT 0x88
277 #define ARM_NEW_RT_SIGFRAME_UCONTEXT 0x80
279 #define ARM_NEW_SIGFRAME_MAGIC 0x5ac3c35a
282 arm_linux_sigreturn_init (const struct tramp_frame *self,
283 struct frame_info *this_frame,
284 struct trad_frame_cache *this_cache,
287 struct gdbarch *gdbarch = get_frame_arch (this_frame);
288 enum bfd_endian byte_order = gdbarch_byte_order (gdbarch);
289 CORE_ADDR sp = get_frame_register_unsigned (this_frame, ARM_SP_REGNUM);
290 ULONGEST uc_flags = read_memory_unsigned_integer (sp, 4, byte_order);
292 if (uc_flags == ARM_NEW_SIGFRAME_MAGIC)
293 arm_linux_sigtramp_cache (this_frame, this_cache, func,
294 ARM_UCONTEXT_SIGCONTEXT
295 + ARM_SIGCONTEXT_R0);
297 arm_linux_sigtramp_cache (this_frame, this_cache, func,
302 arm_linux_rt_sigreturn_init (const struct tramp_frame *self,
303 struct frame_info *this_frame,
304 struct trad_frame_cache *this_cache,
307 struct gdbarch *gdbarch = get_frame_arch (this_frame);
308 enum bfd_endian byte_order = gdbarch_byte_order (gdbarch);
309 CORE_ADDR sp = get_frame_register_unsigned (this_frame, ARM_SP_REGNUM);
310 ULONGEST pinfo = read_memory_unsigned_integer (sp, 4, byte_order);
312 if (pinfo == sp + ARM_OLD_RT_SIGFRAME_SIGINFO)
313 arm_linux_sigtramp_cache (this_frame, this_cache, func,
314 ARM_OLD_RT_SIGFRAME_UCONTEXT
315 + ARM_UCONTEXT_SIGCONTEXT
316 + ARM_SIGCONTEXT_R0);
318 arm_linux_sigtramp_cache (this_frame, this_cache, func,
319 ARM_NEW_RT_SIGFRAME_UCONTEXT
320 + ARM_UCONTEXT_SIGCONTEXT
321 + ARM_SIGCONTEXT_R0);
324 static struct tramp_frame arm_linux_sigreturn_tramp_frame = {
328 { ARM_LINUX_SIGRETURN_INSTR, -1 },
329 { TRAMP_SENTINEL_INSN }
331 arm_linux_sigreturn_init
334 static struct tramp_frame arm_linux_rt_sigreturn_tramp_frame = {
338 { ARM_LINUX_RT_SIGRETURN_INSTR, -1 },
339 { TRAMP_SENTINEL_INSN }
341 arm_linux_rt_sigreturn_init
344 static struct tramp_frame arm_eabi_linux_sigreturn_tramp_frame = {
348 { ARM_SET_R7_SIGRETURN, -1 },
349 { ARM_EABI_SYSCALL, -1 },
350 { TRAMP_SENTINEL_INSN }
352 arm_linux_sigreturn_init
355 static struct tramp_frame arm_eabi_linux_rt_sigreturn_tramp_frame = {
359 { ARM_SET_R7_RT_SIGRETURN, -1 },
360 { ARM_EABI_SYSCALL, -1 },
361 { TRAMP_SENTINEL_INSN }
363 arm_linux_rt_sigreturn_init
366 /* Core file and register set support. */
368 #define ARM_LINUX_SIZEOF_GREGSET (18 * INT_REGISTER_SIZE)
371 arm_linux_supply_gregset (const struct regset *regset,
372 struct regcache *regcache,
373 int regnum, const void *gregs_buf, size_t len)
375 struct gdbarch *gdbarch = get_regcache_arch (regcache);
376 enum bfd_endian byte_order = gdbarch_byte_order (gdbarch);
377 const gdb_byte *gregs = gregs_buf;
380 gdb_byte pc_buf[INT_REGISTER_SIZE];
382 for (regno = ARM_A1_REGNUM; regno < ARM_PC_REGNUM; regno++)
383 if (regnum == -1 || regnum == regno)
384 regcache_raw_supply (regcache, regno,
385 gregs + INT_REGISTER_SIZE * regno);
387 if (regnum == ARM_PS_REGNUM || regnum == -1)
390 regcache_raw_supply (regcache, ARM_PS_REGNUM,
391 gregs + INT_REGISTER_SIZE * ARM_CPSR_GREGNUM);
393 regcache_raw_supply (regcache, ARM_PS_REGNUM,
394 gregs + INT_REGISTER_SIZE * ARM_PC_REGNUM);
397 if (regnum == ARM_PC_REGNUM || regnum == -1)
399 reg_pc = extract_unsigned_integer (gregs
400 + INT_REGISTER_SIZE * ARM_PC_REGNUM,
401 INT_REGISTER_SIZE, byte_order);
402 reg_pc = gdbarch_addr_bits_remove (gdbarch, reg_pc);
403 store_unsigned_integer (pc_buf, INT_REGISTER_SIZE, byte_order, reg_pc);
404 regcache_raw_supply (regcache, ARM_PC_REGNUM, pc_buf);
409 arm_linux_collect_gregset (const struct regset *regset,
410 const struct regcache *regcache,
411 int regnum, void *gregs_buf, size_t len)
413 gdb_byte *gregs = gregs_buf;
416 for (regno = ARM_A1_REGNUM; regno < ARM_PC_REGNUM; regno++)
417 if (regnum == -1 || regnum == regno)
418 regcache_raw_collect (regcache, regno,
419 gregs + INT_REGISTER_SIZE * regno);
421 if (regnum == ARM_PS_REGNUM || regnum == -1)
424 regcache_raw_collect (regcache, ARM_PS_REGNUM,
425 gregs + INT_REGISTER_SIZE * ARM_CPSR_GREGNUM);
427 regcache_raw_collect (regcache, ARM_PS_REGNUM,
428 gregs + INT_REGISTER_SIZE * ARM_PC_REGNUM);
431 if (regnum == ARM_PC_REGNUM || regnum == -1)
432 regcache_raw_collect (regcache, ARM_PC_REGNUM,
433 gregs + INT_REGISTER_SIZE * ARM_PC_REGNUM);
436 /* Support for register format used by the NWFPE FPA emulator. */
438 #define typeNone 0x00
439 #define typeSingle 0x01
440 #define typeDouble 0x02
441 #define typeExtended 0x03
444 supply_nwfpe_register (struct regcache *regcache, int regno,
445 const gdb_byte *regs)
447 const gdb_byte *reg_data;
449 gdb_byte buf[FP_REGISTER_SIZE];
451 reg_data = regs + (regno - ARM_F0_REGNUM) * FP_REGISTER_SIZE;
452 reg_tag = regs[(regno - ARM_F0_REGNUM) + NWFPE_TAGS_OFFSET];
453 memset (buf, 0, FP_REGISTER_SIZE);
458 memcpy (buf, reg_data, 4);
461 memcpy (buf, reg_data + 4, 4);
462 memcpy (buf + 4, reg_data, 4);
465 /* We want sign and exponent, then least significant bits,
466 then most significant. NWFPE does sign, most, least. */
467 memcpy (buf, reg_data, 4);
468 memcpy (buf + 4, reg_data + 8, 4);
469 memcpy (buf + 8, reg_data + 4, 4);
475 regcache_raw_supply (regcache, regno, buf);
479 collect_nwfpe_register (const struct regcache *regcache, int regno,
484 gdb_byte buf[FP_REGISTER_SIZE];
486 regcache_raw_collect (regcache, regno, buf);
488 /* NOTE drow/2006-06-07: This code uses the tag already in the
489 register buffer. I've preserved that when moving the code
490 from the native file to the target file. But this doesn't
491 always make sense. */
493 reg_data = regs + (regno - ARM_F0_REGNUM) * FP_REGISTER_SIZE;
494 reg_tag = regs[(regno - ARM_F0_REGNUM) + NWFPE_TAGS_OFFSET];
499 memcpy (reg_data, buf, 4);
502 memcpy (reg_data, buf + 4, 4);
503 memcpy (reg_data + 4, buf, 4);
506 memcpy (reg_data, buf, 4);
507 memcpy (reg_data + 4, buf + 8, 4);
508 memcpy (reg_data + 8, buf + 4, 4);
516 arm_linux_supply_nwfpe (const struct regset *regset,
517 struct regcache *regcache,
518 int regnum, const void *regs_buf, size_t len)
520 const gdb_byte *regs = regs_buf;
523 if (regnum == ARM_FPS_REGNUM || regnum == -1)
524 regcache_raw_supply (regcache, ARM_FPS_REGNUM,
525 regs + NWFPE_FPSR_OFFSET);
527 for (regno = ARM_F0_REGNUM; regno <= ARM_F7_REGNUM; regno++)
528 if (regnum == -1 || regnum == regno)
529 supply_nwfpe_register (regcache, regno, regs);
533 arm_linux_collect_nwfpe (const struct regset *regset,
534 const struct regcache *regcache,
535 int regnum, void *regs_buf, size_t len)
537 gdb_byte *regs = regs_buf;
540 for (regno = ARM_F0_REGNUM; regno <= ARM_F7_REGNUM; regno++)
541 if (regnum == -1 || regnum == regno)
542 collect_nwfpe_register (regcache, regno, regs);
544 if (regnum == ARM_FPS_REGNUM || regnum == -1)
545 regcache_raw_collect (regcache, ARM_FPS_REGNUM,
546 regs + INT_REGISTER_SIZE * ARM_FPS_REGNUM);
549 /* Return the appropriate register set for the core section identified
550 by SECT_NAME and SECT_SIZE. */
552 static const struct regset *
553 arm_linux_regset_from_core_section (struct gdbarch *gdbarch,
554 const char *sect_name, size_t sect_size)
556 struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch);
558 if (strcmp (sect_name, ".reg") == 0
559 && sect_size == ARM_LINUX_SIZEOF_GREGSET)
561 if (tdep->gregset == NULL)
562 tdep->gregset = regset_alloc (gdbarch, arm_linux_supply_gregset,
563 arm_linux_collect_gregset);
564 return tdep->gregset;
567 if (strcmp (sect_name, ".reg2") == 0
568 && sect_size == ARM_LINUX_SIZEOF_NWFPE)
570 if (tdep->fpregset == NULL)
571 tdep->fpregset = regset_alloc (gdbarch, arm_linux_supply_nwfpe,
572 arm_linux_collect_nwfpe);
573 return tdep->fpregset;
579 /* Insert a single step breakpoint at the next executed instruction. */
582 arm_linux_software_single_step (struct frame_info *frame)
584 struct gdbarch *gdbarch = get_frame_arch (frame);
585 CORE_ADDR next_pc = arm_get_next_pc (frame, get_frame_pc (frame));
587 /* The Linux kernel offers some user-mode helpers in a high page. We can
588 not read this page (as of 2.6.23), and even if we could then we couldn't
589 set breakpoints in it, and even if we could then the atomic operations
590 would fail when interrupted. They are all called as functions and return
591 to the address in LR, so step to there instead. */
592 if (next_pc > 0xffff0000)
593 next_pc = get_frame_register_unsigned (frame, ARM_LR_REGNUM);
595 insert_single_step_breakpoint (gdbarch, next_pc);
601 arm_linux_init_abi (struct gdbarch_info info,
602 struct gdbarch *gdbarch)
604 struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch);
606 tdep->lowest_pc = 0x8000;
607 if (info.byte_order == BFD_ENDIAN_BIG)
609 if (tdep->arm_abi == ARM_ABI_AAPCS)
610 tdep->arm_breakpoint = eabi_linux_arm_be_breakpoint;
612 tdep->arm_breakpoint = arm_linux_arm_be_breakpoint;
613 tdep->thumb_breakpoint = arm_linux_thumb_be_breakpoint;
617 if (tdep->arm_abi == ARM_ABI_AAPCS)
618 tdep->arm_breakpoint = eabi_linux_arm_le_breakpoint;
620 tdep->arm_breakpoint = arm_linux_arm_le_breakpoint;
621 tdep->thumb_breakpoint = arm_linux_thumb_le_breakpoint;
623 tdep->arm_breakpoint_size = sizeof (arm_linux_arm_le_breakpoint);
624 tdep->thumb_breakpoint_size = sizeof (arm_linux_thumb_le_breakpoint);
626 if (tdep->fp_model == ARM_FLOAT_AUTO)
627 tdep->fp_model = ARM_FLOAT_FPA;
629 tdep->jb_pc = ARM_LINUX_JB_PC;
630 tdep->jb_elt_size = ARM_LINUX_JB_ELEMENT_SIZE;
632 set_solib_svr4_fetch_link_map_offsets
633 (gdbarch, svr4_ilp32_fetch_link_map_offsets);
635 /* Single stepping. */
636 set_gdbarch_software_single_step (gdbarch, arm_linux_software_single_step);
638 /* Shared library handling. */
639 set_gdbarch_skip_trampoline_code (gdbarch, find_solib_trampoline_target);
640 set_gdbarch_skip_solib_resolver (gdbarch, glibc_skip_solib_resolver);
642 /* Enable TLS support. */
643 set_gdbarch_fetch_tls_load_module_address (gdbarch,
644 svr4_fetch_objfile_link_map);
646 tramp_frame_prepend_unwinder (gdbarch,
647 &arm_linux_sigreturn_tramp_frame);
648 tramp_frame_prepend_unwinder (gdbarch,
649 &arm_linux_rt_sigreturn_tramp_frame);
650 tramp_frame_prepend_unwinder (gdbarch,
651 &arm_eabi_linux_sigreturn_tramp_frame);
652 tramp_frame_prepend_unwinder (gdbarch,
653 &arm_eabi_linux_rt_sigreturn_tramp_frame);
655 /* Core file support. */
656 set_gdbarch_regset_from_core_section (gdbarch,
657 arm_linux_regset_from_core_section);
659 set_gdbarch_get_siginfo_type (gdbarch, linux_get_siginfo_type);
662 /* Provide a prototype to silence -Wmissing-prototypes. */
663 extern initialize_file_ftype _initialize_arm_linux_tdep;
666 _initialize_arm_linux_tdep (void)
668 gdbarch_register_osabi (bfd_arch_arm, 0, GDB_OSABI_LINUX,