1 /* GNU/Linux on ARM target support.
3 Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
4 2009 Free Software Foundation, Inc.
6 This file is part of GDB.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>. */
25 #include "floatformat.h"
30 #include "solib-svr4.h"
33 #include "trad-frame.h"
34 #include "tramp-frame.h"
35 #include "breakpoint.h"
38 #include "arm-linux-tdep.h"
39 #include "linux-tdep.h"
40 #include "glibc-tdep.h"
42 #include "gdb_string.h"
44 extern int arm_apcs_32;
46 /* Under ARM GNU/Linux the traditional way of performing a breakpoint
47 is to execute a particular software interrupt, rather than use a
48 particular undefined instruction to provoke a trap. Upon exection
49 of the software interrupt the kernel stops the inferior with a
50 SIGTRAP, and wakes the debugger. */
52 static const char arm_linux_arm_le_breakpoint[] = { 0x01, 0x00, 0x9f, 0xef };
54 static const char arm_linux_arm_be_breakpoint[] = { 0xef, 0x9f, 0x00, 0x01 };
56 /* However, the EABI syscall interface (new in Nov. 2005) does not look at
57 the operand of the swi if old-ABI compatibility is disabled. Therefore,
58 use an undefined instruction instead. This is supported as of kernel
59 version 2.5.70 (May 2003), so should be a safe assumption for EABI
62 static const char eabi_linux_arm_le_breakpoint[] = { 0xf0, 0x01, 0xf0, 0xe7 };
64 static const char eabi_linux_arm_be_breakpoint[] = { 0xe7, 0xf0, 0x01, 0xf0 };
66 /* All the kernels which support Thumb support using a specific undefined
67 instruction for the Thumb breakpoint. */
69 static const char arm_linux_thumb_be_breakpoint[] = {0xde, 0x01};
71 static const char arm_linux_thumb_le_breakpoint[] = {0x01, 0xde};
73 /* Description of the longjmp buffer. */
74 #define ARM_LINUX_JB_ELEMENT_SIZE INT_REGISTER_SIZE
75 #define ARM_LINUX_JB_PC 21
78 Dynamic Linking on ARM GNU/Linux
79 --------------------------------
81 Note: PLT = procedure linkage table
82 GOT = global offset table
84 As much as possible, ELF dynamic linking defers the resolution of
85 jump/call addresses until the last minute. The technique used is
86 inspired by the i386 ELF design, and is based on the following
89 1) The calling technique should not force a change in the assembly
90 code produced for apps; it MAY cause changes in the way assembly
91 code is produced for position independent code (i.e. shared
94 2) The technique must be such that all executable areas must not be
95 modified; and any modified areas must not be executed.
97 To do this, there are three steps involved in a typical jump:
101 3) using a pointer from the GOT
103 When the executable or library is first loaded, each GOT entry is
104 initialized to point to the code which implements dynamic name
105 resolution and code finding. This is normally a function in the
106 program interpreter (on ARM GNU/Linux this is usually
107 ld-linux.so.2, but it does not have to be). On the first
108 invocation, the function is located and the GOT entry is replaced
109 with the real function address. Subsequent calls go through steps
110 1, 2 and 3 and end up calling the real code.
117 This is typical ARM code using the 26 bit relative branch or branch
118 and link instructions. The target of the instruction
119 (function_call is usually the address of the function to be called.
120 In position independent code, the target of the instruction is
121 actually an entry in the PLT when calling functions in a shared
122 library. Note that this call is identical to a normal function
123 call, only the target differs.
127 The PLT is a synthetic area, created by the linker. It exists in
128 both executables and libraries. It is an array of stubs, one per
129 imported function call. It looks like this:
132 str lr, [sp, #-4]! @push the return address (lr)
133 ldr lr, [pc, #16] @load from 6 words ahead
134 add lr, pc, lr @form an address for GOT[0]
135 ldr pc, [lr, #8]! @jump to the contents of that addr
137 The return address (lr) is pushed on the stack and used for
138 calculations. The load on the second line loads the lr with
139 &GOT[3] - . - 20. The addition on the third leaves:
141 lr = (&GOT[3] - . - 20) + (. + 8)
145 On the fourth line, the pc and lr are both updated, so that:
151 NOTE: PLT[0] borrows an offset .word from PLT[1]. This is a little
152 "tight", but allows us to keep all the PLT entries the same size.
155 ldr ip, [pc, #4] @load offset from gotoff
156 add ip, pc, ip @add the offset to the pc
157 ldr pc, [ip] @jump to that address
158 gotoff: .word GOT[n+3] - .
160 The load on the first line, gets an offset from the fourth word of
161 the PLT entry. The add on the second line makes ip = &GOT[n+3],
162 which contains either a pointer to PLT[0] (the fixup trampoline) or
163 a pointer to the actual code.
167 The GOT contains helper pointers for both code (PLT) fixups and
168 data fixups. The first 3 entries of the GOT are special. The next
169 M entries (where M is the number of entries in the PLT) belong to
170 the PLT fixups. The next D (all remaining) entries belong to
171 various data fixups. The actual size of the GOT is 3 + M + D.
173 The GOT is also a synthetic area, created by the linker. It exists
174 in both executables and libraries. When the GOT is first
175 initialized , all the GOT entries relating to PLT fixups are
176 pointing to code back at PLT[0].
178 The special entries in the GOT are:
180 GOT[0] = linked list pointer used by the dynamic loader
181 GOT[1] = pointer to the reloc table for this module
182 GOT[2] = pointer to the fixup/resolver code
184 The first invocation of function call comes through and uses the
185 fixup/resolver code. On the entry to the fixup/resolver code:
189 stack[0] = return address (lr) of the function call
190 [r0, r1, r2, r3] are still the arguments to the function call
192 This is enough information for the fixup/resolver code to work
193 with. Before the fixup/resolver code returns, it actually calls
194 the requested function and repairs &GOT[n+3]. */
196 /* The constants below were determined by examining the following files
197 in the linux kernel sources:
199 arch/arm/kernel/signal.c
200 - see SWI_SYS_SIGRETURN and SWI_SYS_RT_SIGRETURN
201 include/asm-arm/unistd.h
202 - see __NR_sigreturn, __NR_rt_sigreturn, and __NR_SYSCALL_BASE */
204 #define ARM_LINUX_SIGRETURN_INSTR 0xef900077
205 #define ARM_LINUX_RT_SIGRETURN_INSTR 0xef9000ad
207 /* For ARM EABI, the syscall number is not in the SWI instruction
208 (instead it is loaded into r7). We recognize the pattern that
209 glibc uses... alternatively, we could arrange to do this by
210 function name, but they are not always exported. */
211 #define ARM_SET_R7_SIGRETURN 0xe3a07077
212 #define ARM_SET_R7_RT_SIGRETURN 0xe3a070ad
213 #define ARM_EABI_SYSCALL 0xef000000
216 arm_linux_sigtramp_cache (struct frame_info *this_frame,
217 struct trad_frame_cache *this_cache,
218 CORE_ADDR func, int regs_offset)
220 CORE_ADDR sp = get_frame_register_unsigned (this_frame, ARM_SP_REGNUM);
221 CORE_ADDR base = sp + regs_offset;
224 for (i = 0; i < 16; i++)
225 trad_frame_set_reg_addr (this_cache, i, base + i * 4);
227 trad_frame_set_reg_addr (this_cache, ARM_PS_REGNUM, base + 16 * 4);
229 /* The VFP or iWMMXt registers may be saved on the stack, but there's
230 no reliable way to restore them (yet). */
232 /* Save a frame ID. */
233 trad_frame_set_id (this_cache, frame_id_build (sp, func));
236 /* There are a couple of different possible stack layouts that
239 Before version 2.6.18, the kernel used completely independent
240 layouts for non-RT and RT signals. For non-RT signals the stack
241 began directly with a struct sigcontext. For RT signals the stack
242 began with two redundant pointers (to the siginfo and ucontext),
243 and then the siginfo and ucontext.
245 As of version 2.6.18, the non-RT signal frame layout starts with
246 a ucontext and the RT signal frame starts with a siginfo and then
247 a ucontext. Also, the ucontext now has a designated save area
248 for coprocessor registers.
250 For RT signals, it's easy to tell the difference: we look for
251 pinfo, the pointer to the siginfo. If it has the expected
252 value, we have an old layout. If it doesn't, we have the new
255 For non-RT signals, it's a bit harder. We need something in one
256 layout or the other with a recognizable offset and value. We can't
257 use the return trampoline, because ARM usually uses SA_RESTORER,
258 in which case the stack return trampoline is not filled in.
259 We can't use the saved stack pointer, because sigaltstack might
260 be in use. So for now we guess the new layout... */
262 /* There are three words (trap_no, error_code, oldmask) in
263 struct sigcontext before r0. */
264 #define ARM_SIGCONTEXT_R0 0xc
266 /* There are five words (uc_flags, uc_link, and three for uc_stack)
267 in the ucontext_t before the sigcontext. */
268 #define ARM_UCONTEXT_SIGCONTEXT 0x14
270 /* There are three elements in an rt_sigframe before the ucontext:
271 pinfo, puc, and info. The first two are pointers and the third
272 is a struct siginfo, with size 128 bytes. We could follow puc
273 to the ucontext, but it's simpler to skip the whole thing. */
274 #define ARM_OLD_RT_SIGFRAME_SIGINFO 0x8
275 #define ARM_OLD_RT_SIGFRAME_UCONTEXT 0x88
277 #define ARM_NEW_RT_SIGFRAME_UCONTEXT 0x80
279 #define ARM_NEW_SIGFRAME_MAGIC 0x5ac3c35a
282 arm_linux_sigreturn_init (const struct tramp_frame *self,
283 struct frame_info *this_frame,
284 struct trad_frame_cache *this_cache,
287 CORE_ADDR sp = get_frame_register_unsigned (this_frame, ARM_SP_REGNUM);
288 ULONGEST uc_flags = read_memory_unsigned_integer (sp, 4);
290 if (uc_flags == ARM_NEW_SIGFRAME_MAGIC)
291 arm_linux_sigtramp_cache (this_frame, this_cache, func,
292 ARM_UCONTEXT_SIGCONTEXT
293 + ARM_SIGCONTEXT_R0);
295 arm_linux_sigtramp_cache (this_frame, this_cache, func,
300 arm_linux_rt_sigreturn_init (const struct tramp_frame *self,
301 struct frame_info *this_frame,
302 struct trad_frame_cache *this_cache,
305 CORE_ADDR sp = get_frame_register_unsigned (this_frame, ARM_SP_REGNUM);
306 ULONGEST pinfo = read_memory_unsigned_integer (sp, 4);
308 if (pinfo == sp + ARM_OLD_RT_SIGFRAME_SIGINFO)
309 arm_linux_sigtramp_cache (this_frame, this_cache, func,
310 ARM_OLD_RT_SIGFRAME_UCONTEXT
311 + ARM_UCONTEXT_SIGCONTEXT
312 + ARM_SIGCONTEXT_R0);
314 arm_linux_sigtramp_cache (this_frame, this_cache, func,
315 ARM_NEW_RT_SIGFRAME_UCONTEXT
316 + ARM_UCONTEXT_SIGCONTEXT
317 + ARM_SIGCONTEXT_R0);
320 static struct tramp_frame arm_linux_sigreturn_tramp_frame = {
324 { ARM_LINUX_SIGRETURN_INSTR, -1 },
325 { TRAMP_SENTINEL_INSN }
327 arm_linux_sigreturn_init
330 static struct tramp_frame arm_linux_rt_sigreturn_tramp_frame = {
334 { ARM_LINUX_RT_SIGRETURN_INSTR, -1 },
335 { TRAMP_SENTINEL_INSN }
337 arm_linux_rt_sigreturn_init
340 static struct tramp_frame arm_eabi_linux_sigreturn_tramp_frame = {
344 { ARM_SET_R7_SIGRETURN, -1 },
345 { ARM_EABI_SYSCALL, -1 },
346 { TRAMP_SENTINEL_INSN }
348 arm_linux_sigreturn_init
351 static struct tramp_frame arm_eabi_linux_rt_sigreturn_tramp_frame = {
355 { ARM_SET_R7_RT_SIGRETURN, -1 },
356 { ARM_EABI_SYSCALL, -1 },
357 { TRAMP_SENTINEL_INSN }
359 arm_linux_rt_sigreturn_init
362 /* Core file and register set support. */
364 #define ARM_LINUX_SIZEOF_GREGSET (18 * INT_REGISTER_SIZE)
367 arm_linux_supply_gregset (const struct regset *regset,
368 struct regcache *regcache,
369 int regnum, const void *gregs_buf, size_t len)
371 const gdb_byte *gregs = gregs_buf;
374 gdb_byte pc_buf[INT_REGISTER_SIZE];
376 for (regno = ARM_A1_REGNUM; regno < ARM_PC_REGNUM; regno++)
377 if (regnum == -1 || regnum == regno)
378 regcache_raw_supply (regcache, regno,
379 gregs + INT_REGISTER_SIZE * regno);
381 if (regnum == ARM_PS_REGNUM || regnum == -1)
384 regcache_raw_supply (regcache, ARM_PS_REGNUM,
385 gregs + INT_REGISTER_SIZE * ARM_CPSR_REGNUM);
387 regcache_raw_supply (regcache, ARM_PS_REGNUM,
388 gregs + INT_REGISTER_SIZE * ARM_PC_REGNUM);
391 if (regnum == ARM_PC_REGNUM || regnum == -1)
393 reg_pc = extract_unsigned_integer (gregs
394 + INT_REGISTER_SIZE * ARM_PC_REGNUM,
396 reg_pc = gdbarch_addr_bits_remove (get_regcache_arch (regcache), reg_pc);
397 store_unsigned_integer (pc_buf, INT_REGISTER_SIZE, reg_pc);
398 regcache_raw_supply (regcache, ARM_PC_REGNUM, pc_buf);
403 arm_linux_collect_gregset (const struct regset *regset,
404 const struct regcache *regcache,
405 int regnum, void *gregs_buf, size_t len)
407 gdb_byte *gregs = gregs_buf;
410 for (regno = ARM_A1_REGNUM; regno < ARM_PC_REGNUM; regno++)
411 if (regnum == -1 || regnum == regno)
412 regcache_raw_collect (regcache, regno,
413 gregs + INT_REGISTER_SIZE * regno);
415 if (regnum == ARM_PS_REGNUM || regnum == -1)
418 regcache_raw_collect (regcache, ARM_PS_REGNUM,
419 gregs + INT_REGISTER_SIZE * ARM_CPSR_REGNUM);
421 regcache_raw_collect (regcache, ARM_PS_REGNUM,
422 gregs + INT_REGISTER_SIZE * ARM_PC_REGNUM);
425 if (regnum == ARM_PC_REGNUM || regnum == -1)
426 regcache_raw_collect (regcache, ARM_PC_REGNUM,
427 gregs + INT_REGISTER_SIZE * ARM_PC_REGNUM);
430 /* Support for register format used by the NWFPE FPA emulator. */
432 #define typeNone 0x00
433 #define typeSingle 0x01
434 #define typeDouble 0x02
435 #define typeExtended 0x03
438 supply_nwfpe_register (struct regcache *regcache, int regno,
439 const gdb_byte *regs)
441 const gdb_byte *reg_data;
443 gdb_byte buf[FP_REGISTER_SIZE];
445 reg_data = regs + (regno - ARM_F0_REGNUM) * FP_REGISTER_SIZE;
446 reg_tag = regs[(regno - ARM_F0_REGNUM) + NWFPE_TAGS_OFFSET];
447 memset (buf, 0, FP_REGISTER_SIZE);
452 memcpy (buf, reg_data, 4);
455 memcpy (buf, reg_data + 4, 4);
456 memcpy (buf + 4, reg_data, 4);
459 /* We want sign and exponent, then least significant bits,
460 then most significant. NWFPE does sign, most, least. */
461 memcpy (buf, reg_data, 4);
462 memcpy (buf + 4, reg_data + 8, 4);
463 memcpy (buf + 8, reg_data + 4, 4);
469 regcache_raw_supply (regcache, regno, buf);
473 collect_nwfpe_register (const struct regcache *regcache, int regno,
478 gdb_byte buf[FP_REGISTER_SIZE];
480 regcache_raw_collect (regcache, regno, buf);
482 /* NOTE drow/2006-06-07: This code uses the tag already in the
483 register buffer. I've preserved that when moving the code
484 from the native file to the target file. But this doesn't
485 always make sense. */
487 reg_data = regs + (regno - ARM_F0_REGNUM) * FP_REGISTER_SIZE;
488 reg_tag = regs[(regno - ARM_F0_REGNUM) + NWFPE_TAGS_OFFSET];
493 memcpy (reg_data, buf, 4);
496 memcpy (reg_data, buf + 4, 4);
497 memcpy (reg_data + 4, buf, 4);
500 memcpy (reg_data, buf, 4);
501 memcpy (reg_data + 4, buf + 8, 4);
502 memcpy (reg_data + 8, buf + 4, 4);
510 arm_linux_supply_nwfpe (const struct regset *regset,
511 struct regcache *regcache,
512 int regnum, const void *regs_buf, size_t len)
514 const gdb_byte *regs = regs_buf;
517 if (regnum == ARM_FPS_REGNUM || regnum == -1)
518 regcache_raw_supply (regcache, ARM_FPS_REGNUM,
519 regs + NWFPE_FPSR_OFFSET);
521 for (regno = ARM_F0_REGNUM; regno <= ARM_F7_REGNUM; regno++)
522 if (regnum == -1 || regnum == regno)
523 supply_nwfpe_register (regcache, regno, regs);
527 arm_linux_collect_nwfpe (const struct regset *regset,
528 const struct regcache *regcache,
529 int regnum, void *regs_buf, size_t len)
531 gdb_byte *regs = regs_buf;
534 for (regno = ARM_F0_REGNUM; regno <= ARM_F7_REGNUM; regno++)
535 if (regnum == -1 || regnum == regno)
536 collect_nwfpe_register (regcache, regno, regs);
538 if (regnum == ARM_FPS_REGNUM || regnum == -1)
539 regcache_raw_collect (regcache, ARM_FPS_REGNUM,
540 regs + INT_REGISTER_SIZE * ARM_FPS_REGNUM);
543 /* Return the appropriate register set for the core section identified
544 by SECT_NAME and SECT_SIZE. */
546 static const struct regset *
547 arm_linux_regset_from_core_section (struct gdbarch *gdbarch,
548 const char *sect_name, size_t sect_size)
550 struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch);
552 if (strcmp (sect_name, ".reg") == 0
553 && sect_size == ARM_LINUX_SIZEOF_GREGSET)
555 if (tdep->gregset == NULL)
556 tdep->gregset = regset_alloc (gdbarch, arm_linux_supply_gregset,
557 arm_linux_collect_gregset);
558 return tdep->gregset;
561 if (strcmp (sect_name, ".reg2") == 0
562 && sect_size == ARM_LINUX_SIZEOF_NWFPE)
564 if (tdep->fpregset == NULL)
565 tdep->fpregset = regset_alloc (gdbarch, arm_linux_supply_nwfpe,
566 arm_linux_collect_nwfpe);
567 return tdep->fpregset;
573 /* Insert a single step breakpoint at the next executed instruction. */
576 arm_linux_software_single_step (struct frame_info *frame)
578 CORE_ADDR next_pc = arm_get_next_pc (frame, get_frame_pc (frame));
580 /* The Linux kernel offers some user-mode helpers in a high page. We can
581 not read this page (as of 2.6.23), and even if we could then we couldn't
582 set breakpoints in it, and even if we could then the atomic operations
583 would fail when interrupted. They are all called as functions and return
584 to the address in LR, so step to there instead. */
585 if (next_pc > 0xffff0000)
586 next_pc = get_frame_register_unsigned (frame, ARM_LR_REGNUM);
588 insert_single_step_breakpoint (next_pc);
594 arm_linux_init_abi (struct gdbarch_info info,
595 struct gdbarch *gdbarch)
597 struct gdbarch_tdep *tdep = gdbarch_tdep (gdbarch);
599 tdep->lowest_pc = 0x8000;
600 if (info.byte_order == BFD_ENDIAN_BIG)
602 if (tdep->arm_abi == ARM_ABI_AAPCS)
603 tdep->arm_breakpoint = eabi_linux_arm_be_breakpoint;
605 tdep->arm_breakpoint = arm_linux_arm_be_breakpoint;
606 tdep->thumb_breakpoint = arm_linux_thumb_be_breakpoint;
610 if (tdep->arm_abi == ARM_ABI_AAPCS)
611 tdep->arm_breakpoint = eabi_linux_arm_le_breakpoint;
613 tdep->arm_breakpoint = arm_linux_arm_le_breakpoint;
614 tdep->thumb_breakpoint = arm_linux_thumb_le_breakpoint;
616 tdep->arm_breakpoint_size = sizeof (arm_linux_arm_le_breakpoint);
617 tdep->thumb_breakpoint_size = sizeof (arm_linux_thumb_le_breakpoint);
619 if (tdep->fp_model == ARM_FLOAT_AUTO)
620 tdep->fp_model = ARM_FLOAT_FPA;
622 tdep->jb_pc = ARM_LINUX_JB_PC;
623 tdep->jb_elt_size = ARM_LINUX_JB_ELEMENT_SIZE;
625 set_solib_svr4_fetch_link_map_offsets
626 (gdbarch, svr4_ilp32_fetch_link_map_offsets);
628 /* Single stepping. */
629 set_gdbarch_software_single_step (gdbarch, arm_linux_software_single_step);
631 /* Shared library handling. */
632 set_gdbarch_skip_trampoline_code (gdbarch, find_solib_trampoline_target);
633 set_gdbarch_skip_solib_resolver (gdbarch, glibc_skip_solib_resolver);
635 /* Enable TLS support. */
636 set_gdbarch_fetch_tls_load_module_address (gdbarch,
637 svr4_fetch_objfile_link_map);
639 tramp_frame_prepend_unwinder (gdbarch,
640 &arm_linux_sigreturn_tramp_frame);
641 tramp_frame_prepend_unwinder (gdbarch,
642 &arm_linux_rt_sigreturn_tramp_frame);
643 tramp_frame_prepend_unwinder (gdbarch,
644 &arm_eabi_linux_sigreturn_tramp_frame);
645 tramp_frame_prepend_unwinder (gdbarch,
646 &arm_eabi_linux_rt_sigreturn_tramp_frame);
648 /* Core file support. */
649 set_gdbarch_regset_from_core_section (gdbarch,
650 arm_linux_regset_from_core_section);
652 set_gdbarch_get_siginfo_type (gdbarch, linux_get_siginfo_type);
656 _initialize_arm_linux_tdep (void)
658 gdbarch_register_osabi (bfd_arch_arm, 0, GDB_OSABI_LINUX,