Don't trash the LR returned from _undefined_handler.

Also modifies the undef-exception test to make sure we can actually recover from an undef exception. And updates the abt-exception test to also check returning, and dealing with both A32 and T32 modes.

Author: thejpster

cortex-a-rt/src/lib.rs

@@ -459,8 +459,6 @@ core::arch::global_asm!(
         ite     eq
         subeq   lr, lr, #4
         subne   lr, lr, #2
-        // save the newly computed LR
-        push    {{lr}}
         // now do our standard exception save
     "#,
     save_context!(),
@@ -475,8 +473,6 @@ core::arch::global_asm!(
     "#,
     restore_context!(),
     r#"
-        // get our saved LR
-        pop     {{lr}}
         // get our real saved R0
         pop     {{r0}}
         // overwrite the saved LR with the adjusted one
@@ -537,6 +533,8 @@ core::arch::global_asm!(
     "#,
     restore_context!(),
     r#"
+        // overwrite the saved LR with the adjusted one
+        str     lr, [sp]
         // Return to the failing instruction which is the recommended approach by ARM.
         rfefd   sp!
     .size _asm_default_abort_handler, . - _asm_default_abort_handler
@@ -566,6 +564,8 @@ core::arch::global_asm!(
     "#,
     restore_context!(),
     r#"
+        // overwrite the saved LR with the adjusted one
+        str     lr, [sp]
         // Return to the failing instruction which is the recommended approach by ARM.
         rfefd   sp!
     .size _asm_default_prefetch_handler, . - _asm_default_prefetch_handler

cortex-r-rt/src/lib.rs

@@ -409,8 +409,6 @@ core::arch::global_asm!(
         ite     eq
         subeq   lr, lr, #4
         subne   lr, lr, #2
-        // save the newly computed LR
-        push    {{lr}}
         // now do our standard exception save
     "#,
     save_context!(),
@@ -425,8 +423,6 @@ core::arch::global_asm!(
     "#,
     restore_context!(),
     r#"
-        // get our saved LR
-        pop     {{lr}}
         // get our real saved R0
         pop     {{r0}}
         // overwrite the saved LR with the adjusted one
@@ -487,6 +483,8 @@ core::arch::global_asm!(
     "#,
     restore_context!(),
     r#"
+        // overwrite the saved LR with the adjusted one
+        str     lr, [sp]
         // Return to the failing instruction which is the recommended approach by ARM.
         rfefd   sp!
     .size _asm_default_abort_handler, . - _asm_default_abort_handler
@@ -516,6 +514,8 @@ core::arch::global_asm!(
     "#,
     restore_context!(),
     r#"
+        // overwrite the saved LR with the adjusted one
+        str     lr, [sp]
         // Return to the failing instruction which is the recommended approach by ARM.
         rfefd   sp!
     .size _asm_default_prefetch_handler, . - _asm_default_prefetch_handler

examples/mps3-an536/reference/abt-exception-armv8r-none-eabihf.out renamed to examples/mps3-an536/reference/abt-exception-a32-armv8r-none-eabihf.out

@@ -2,8 +2,15 @@ Hello, this is an data abort exception example
 data abort occurred
 DFSR (Fault Status Register): DFSR { ext=false wnr=false Domain=0b0010 Status=0b00001 }
 DFSR Status: Ok(AlignmentFault)
-DFAR (Faulting Address Register): Dfar(4097)
+DFAR (Faulting Address Register): Dfar(536870913)
+caught unaligned_from_a32
+caught fault on COUNTER
+Doing it again
 data abort occurred
 DFSR (Fault Status Register): DFSR { ext=false wnr=false Domain=0b0010 Status=0b00001 }
 DFSR Status: Ok(AlignmentFault)
-DFAR (Faulting Address Register): Dfar(4097)
+DFAR (Faulting Address Register): Dfar(536870913)
+caught unaligned_from_a32
+caught fault on COUNTER
+Skipping instruction
+Recovered from fault OK!

examples/mps3-an536/reference/abt-exception-t32-armv8r-none-eabihf.out

@@ -0,0 +1,16 @@
+Hello, this is an data abort exception example
+data abort occurred
+DFSR (Fault Status Register): DFSR { ext=false wnr=false Domain=0b0010 Status=0b00001 }
+DFSR Status: Ok(AlignmentFault)
+DFAR (Faulting Address Register): Dfar(536870913)
+caught unaligned_from_t32
+caught fault on COUNTER
+Doing it again
+data abort occurred
+DFSR (Fault Status Register): DFSR { ext=false wnr=false Domain=0b0010 Status=0b00001 }
+DFSR Status: Ok(AlignmentFault)
+DFAR (Faulting Address Register): Dfar(536870913)
+caught unaligned_from_t32
+caught fault on COUNTER
+Skipping instruction
+Recovered from fault OK!

examples/mps3-an536/reference/prefetch-exception-a32-armv8r-none-eabihf.out

@@ -4,8 +4,11 @@ IFSR (Fault Status Register): IFSR { ext=false Domain=0b0010 Status=0b00010 }
 IFSR Status: Ok(DebugEvent)
 IFAR (Faulting Address Register): Ifar(0)
 caught bkpt_from_a32
+Doing it again
 prefetch abort occurred
 IFSR (Fault Status Register): IFSR { ext=false Domain=0b0010 Status=0b00010 }
 IFSR Status: Ok(DebugEvent)
 IFAR (Faulting Address Register): Ifar(0)
 caught bkpt_from_a32
+Skipping instruction
+Recovered from fault OK!

examples/mps3-an536/reference/prefetch-exception-t32-armv8r-none-eabihf.out

@@ -4,8 +4,11 @@ IFSR (Fault Status Register): IFSR { ext=false Domain=0b0010 Status=0b00010 }
 IFSR Status: Ok(DebugEvent)
 IFAR (Faulting Address Register): Ifar(0)
 caught bkpt_from_t32
+Doing it again
 prefetch abort occurred
 IFSR (Fault Status Register): IFSR { ext=false Domain=0b0010 Status=0b00010 }
 IFSR Status: Ok(DebugEvent)
 IFAR (Faulting Address Register): Ifar(0)
 caught bkpt_from_t32
+Skipping instruction
+Recovered from fault OK!

examples/mps3-an536/reference/undef-exception-a32-armv8r-none-eabihf.out

@@ -1,5 +1,8 @@
 Hello, this is a undef exception example
 undefined abort occurred
 caught udf_from_a32
+Doing it again
 undefined abort occurred
 caught udf_from_a32
+Skipping instruction
+Recovered from fault OK!

examples/mps3-an536/reference/undef-exception-t32-armv8r-none-eabihf.out

@@ -1,5 +1,8 @@
 Hello, this is a undef exception example
 undefined abort occurred
 caught udf_from_t32
+Doing it again
 undefined abort occurred
 caught udf_from_t32
+Skipping instruction
+Recovered from fault OK!

examples/mps3-an536/src/bin/abt-exception.rs renamed to examples/mps3-an536/src/bin/abt-exception-a32.rs

@@ -3,14 +3,15 @@
 #![no_std]
 #![no_main]
 
-use core::sync::atomic::AtomicU32;
+use core::sync::atomic::{AtomicU32, Ordering};
 
 use cortex_ar::register::{Dfar, Dfsr, Sctlr};
 // pull in our start-up code
 use mps3_an536 as _;
 
 use semihosting::println;
 
+#[no_mangle]
 static COUNTER: AtomicU32 = AtomicU32::new(0);
 
 /// The entry-point to the Rust application.
@@ -30,19 +31,36 @@ fn main() -> ! {
     enable_alignment_check();
 
     println!("Hello, this is an data abort exception example");
-    // Unaligned read
     unsafe {
-        let addr: *const u32 = 0x1001 as *const u32; // Unaligned address (not 4-byte aligned)
-        core::arch::asm!(
-            "ldr r0, [{addr}]",  // Attempt unaligned load (should trigger Data Abort)
-            addr = in(reg) addr, // Pass unaligned pointer
-            options(nostack, preserves_flags) // No stack usage, preserves flags
-        );
+        // Unaligned read
+        unaligned_from_a32();
     }
 
-    unreachable!("should never be here!");
+    println!("Recovered from fault OK!");
+
+    semihosting::process::exit(0);
 }
 
+// These functions are written in assembly
+extern "C" {
+    fn unaligned_from_a32();
+}
+
+core::arch::global_asm!(
+    r#"
+    // fn unaligned_from_a32();
+    .arm
+    .global unaligned_from_a32
+    .type unaligned_from_a32, %function
+    unaligned_from_a32:
+        ldr     r0, =COUNTER
+        add     r0, r0, 1
+        ldr     r0, [r0]
+        bx      lr
+    .size unaligned_from_a32, . - unaligned_from_a32
+"#
+);
+
 fn enable_alignment_check() {
     let mut sctrl = Sctlr::read();
     sctrl.set_a(true);
@@ -77,11 +95,47 @@ unsafe extern "C" fn _abort_handler(addr: usize) -> usize {
     let dfar = Dfar::read();
     println!("DFAR (Faulting Address Register): {:?}", dfar);
     enable_alignment_check();
-    // For the first iteration, we do a regular exception return, which should
-    // trigger the exception again. The second time around we quit.
-    if COUNTER.fetch_add(1, core::sync::atomic::Ordering::Relaxed) == 1 {
-        semihosting::process::exit(0);
+
+    // note the fault isn't at the start of the function
+    let expect_fault_at = unaligned_from_a32 as usize + 8;
+
+    if addr == expect_fault_at {
+        println!("caught unaligned_from_a32");
+    } else {
+        println!(
+            "Bad fault address {:08x} is not {:08x}",
+            addr, expect_fault_at
+        );
     }
 
-    addr
+    let expect_fault_from = core::ptr::addr_of!(COUNTER) as usize + 1;
+
+    if dfar.0 as usize == expect_fault_from {
+        println!("caught fault on COUNTER");
+    } else {
+        println!(
+            "Bad DFAR address {:08x} is not {:08x}",
+            dfar.0, expect_fault_from
+        );
+    }
+
+    match COUNTER.fetch_add(1, Ordering::Relaxed) {
+        0 => {
+            // first time, huh?
+            // go back and do it again
+            println!("Doing it again");
+            addr
+        }
+        1 => {
+            // second time, huh?
+            // go back but skip the instruction
+            println!("Skipping instruction");
+            addr + 4
+        }
+        _ => {
+            // we've faulted thrice - time to quit
+            println!("We triple faulted");
+            semihosting::process::abort();
+        }
+    }
 }