Fix the undef handler.

It was looking at CPSR's Thumb bit, which tells you if the *handler* is in thumb mode, not the code that threw the fault.

Change the test to validate the address of the failing function, to verify that we've got this right.

Also fixes the issue of _asm_default_undefined_handler damaging r4. You have to save all the state first, then you can touch registers.

Author: jonathanpallant

cortex-a-rt/src/lib.rs

@@ -430,28 +430,24 @@ core::arch::global_asm!(
     .global _asm_default_undefined_handler
     .type _asm_default_undefined_handler, %function
     _asm_default_undefined_handler:
-        // First adjust LR for two purposes: Passing the faulting instruction to the C handler,
-        // and to return to the failing instruction after the C handler returns.
-        // Load processor status
-        mrs      r4, cpsr
-        // Occurred in Thumb state?
-        tst      r4, {t_bit}
-        // If not in Thumb mode, branch to not_thumb
-        beq     not_thumb
-        subs    lr, lr, #2
-        b       done
-not_thumb:
-        // Subtract 4 from LR (ARM mode)
-	      subs	lr, lr, #4
-done:
         // state save from compiled code
         srsfd   sp!, {und_mode}
     "#,
     save_context!(),
     r#"
+        // First adjust LR for two purposes: Passing the faulting instruction to the C handler,
+        // and to return to the failing instruction after the C handler returns.
+        // Load processor status for the calling code
+        mrs      r4, spsr
+        // Was the code that triggered the exception in Thumb state?
+        tst      r4, {t_bit}
+        // Subtract 2 in Thumb Mode, 4 in Arm Mode - see p.1206 of the ARMv7-A architecture manual.
+        ite     eq
+        subeq   lr, lr, #4
+        subne   lr, lr, #2
         // Pass the faulting instruction address to the handler.
-        mov r0, lr
-        // call C handler
+        mov     r0, lr
+        // call C handler like `extern "C" fn _undefined_handler(addr: usize);`
         bl      _undefined_handler
     "#,
     restore_context!(),
@@ -461,7 +457,7 @@ done:
     .size _asm_default_undefined_handler, . - _asm_default_undefined_handler
 
 
-    // Called from the vector table when we have an undefined exception.
+    // Called from the vector table when we have an prefetch exception.
     // Saves state and calls a C-compatible handler like
     // `extern "C" fn _prefetch_handler();`
     .global _asm_default_prefetch_handler
@@ -476,7 +472,7 @@ done:
     r#"
         // Pass the faulting instruction address to the handler.
         mov     r0, lr
-        // call C handler
+        // call C handler like `extern "C" fn _prefetch_handler(addr: usize);`
         bl      _prefetch_handler
     "#,
     restore_context!(),
@@ -500,8 +496,8 @@ done:
     save_context!(),
     r#"
         // Pass the faulting instruction address to the handler.
-        mov r0, lr
-        // call C handler
+        mov     r0, lr
+        // call C handler like `extern "C" fn _abort_handler(addr: usize);`
         bl      _abort_handler
     "#,
     restore_context!(),

cortex-r-rt/src/lib.rs

@@ -361,28 +361,24 @@ core::arch::global_asm!(
     .global _asm_default_undefined_handler
     .type _asm_default_undefined_handler, %function
     _asm_default_undefined_handler:
-        // First adjust LR for two purposes: Passing the faulting instruction to the C handler,
-        // and to return to the failing instruction after the C handler returns.
-        // Load processor status
-        mrs      r4, cpsr
-        // Occurred in Thumb state?
-        tst      r4, {t_bit}
-        // If not in Thumb mode, branch to not_thumb
-        beq     not_thumb
-        subs	lr, lr, #2
-        b       done
-not_thumb:
-        // Subtract 4 from LR (ARM mode)
-        subs    lr, lr, #4
-done:
         // state save from compiled code
         srsfd   sp!, {und_mode}
     "#,
     save_context!(),
     r#"
+        // First adjust LR for two purposes: Passing the faulting instruction to the C handler,
+        // and to return to the failing instruction after the C handler returns.
+        // Load processor status for the calling code
+        mrs      r4, spsr
+        // Was the code that triggered the exception in Thumb state?
+        tst      r4, {t_bit}
+        // Subtract 2 in Thumb Mode, 4 in Arm Mode - see p.1206 of the ARMv7-A architecture manual.
+        ite     eq
+        subeq   lr, lr, #4
+        subne   lr, lr, #2
         // Pass the faulting instruction address to the handler.
         mov     r0, lr
-        // call C handler
+        // call C handler like `extern "C" fn _undefined_handler(addr: usize);`
         bl      _undefined_handler
     "#,
     restore_context!(),
@@ -392,22 +388,22 @@ done:
     .size _asm_default_undefined_handler, . - _asm_default_undefined_handler
 
 
-    // Called from the vector table when we have an undefined exception.
+    // Called from the vector table when we have an prefetch exception.
     // Saves state and calls a C-compatible handler like
     // `extern "C" fn _prefetch_handler();`
     .global _asm_default_prefetch_handler
     .type _asm_default_prefetch_handler, %function
     _asm_default_prefetch_handler:
         // Subtract 4 from the stored LR, see p.1212 of the ARMv7-A architecture manual.
-        subs	lr, lr, #4
+        subs    lr, lr, #4
         // state save from compiled code
         srsfd   sp!, {abt_mode}
     "#,
     save_context!(),
     r#"
         // Pass the faulting instruction address to the handler.
-        mov r0, lr
-        // call C handler
+        mov     r0, lr
+        // call C handler like `extern "C" fn _prefetch_handler(addr: usize);`
         bl      _prefetch_handler
     "#,
     restore_context!(),
@@ -424,15 +420,15 @@ done:
     .type _asm_default_abort_handler, %function
     _asm_default_abort_handler:
         // Subtract 8 from the stored LR, see p.1214 of the ARMv7-A architecture manual.
-        subs	lr, lr, #8
+        subs    lr, lr, #8
         // state save from compiled code
         srsfd   sp!, {abt_mode}
     "#,
     save_context!(),
     r#"
         // Pass the faulting instruction address to the handler.
         mov     r0, lr
-        // call C handler
+        // call C handler like `extern "C" fn _abort_handler(addr: usize);`
         bl      _abort_handler
     "#,
     restore_context!(),

examples/versatileab/reference/undef-exception-armv7a-none-eabi.out

@@ -1,3 +1,3 @@
 Hello, this is an undefined exception example
-undefined exception occurred
-undefined exception occurred
+caught undef_from_t32
+caught undef_from_a32

examples/versatileab/reference/undef-exception-armv7r-none-eabihf.out

@@ -1,3 +1,3 @@
 Hello, this is an undefined exception example
-undefined exception occurred
-undefined exception occurred
+caught undef_from_t32
+caught undef_from_a32

examples/versatileab/src/bin/undef-exception.rs

@@ -10,6 +10,12 @@ use versatileab as _;
 
 use semihosting::println;
 
+// These functions are written in assembly
+extern "C" {
+    fn undef_from_a32();
+    fn undef_from_t32();
+}
+
 /// The entry-point to the Rust application.
 ///
 /// It is called by the start-up.
@@ -18,25 +24,55 @@ pub extern "C" fn kmain() -> ! {
     main();
 }
 
-static COUNTER: AtomicU32 = AtomicU32::new(0);
-
 /// The main function of our Rust application.
 #[export_name = "main"]
 fn main() -> ! {
     println!("Hello, this is an undefined exception example");
     unsafe {
-        core::arch::asm!("udf #0");
+        // trigger an undefined exception, from T32 (Thumb) mode
+        undef_from_t32();
+        // trigger an undefined exception, from A32 (Arm) mode
+        undef_from_a32();
     }
-    unreachable!("should never be here!");
+
+    semihosting::process::exit(0);
 }
 
+core::arch::global_asm!(
+    r#"
+    // fn undef_from_a32();
+    .arm
+    .global undef_from_a32
+    .type undef_from_a32, %function
+    undef_from_a32:
+        udf     #0
+        bx      lr
+    .size undef_from_a32, . - undef_from_a32
+
+    // fn undef_from_t32();
+    .thumb
+    .global undef_from_t32
+    .type undef_from_t32, %function
+    undef_from_t32:
+        udf     #0
+        bx      lr
+    .size undef_from_t32, . - undef_from_t32
+"#
+);
+
 #[no_mangle]
-unsafe extern "C" fn _undefined_handler(_faulting_instruction: u32) {
-    println!("undefined exception occurred");
-    // For the first iteration, we do a regular exception return, which should
-    // trigger the exception again.
-    let counter_val = COUNTER.fetch_add(1, core::sync::atomic::Ordering::Relaxed) + 1;
-    if counter_val == 2 {
-        semihosting::process::exit(0);
+unsafe extern "C" fn _undefined_handler(faulting_instruction: usize) {
+    if faulting_instruction == undef_from_a32 as usize {
+        println!("caught undef_from_a32");
+    } else if (faulting_instruction + 1) == undef_from_t32 as usize {
+        // note that thumb functions have their LSB set, despite always being a
+        // multiple of two - that's how the CPU knows they are written in T32
+        // machine code.
+        println!("caught undef_from_t32");
+    } else {
+        println!(
+            "Bad fault address {:08x} is not {:08x} or {:08x}",
+            faulting_instruction, undef_from_a32 as usize, undef_from_t32 as usize
+        );
     }
 }