Search code examples
arminterruptstm32f4discovery

Return Address from Interrupt in STM32F


I want to know the return address from Interrupt in STM32F, especially arm processor.

In normal function, return address is saved in Link Register, but in interrupt, I found that the value of Link Register is 0xFFFFFF9.

So I found the Ref. manual of armv6, but I still don't know where the return address is saved.

enter image description here enter image description here

I attached part of the Ref. Manual.

I guessed that ReturnAddress(ExceptionType); is the place where the return address is saved.

So I checked [SP, #24] but the value was not the return address.


Solution

  • It is all documented, all you have to do is try it.

    .thumb_func
    .global _start
    _start:
    stacktop: 
    .word 0x20001000
    .word reset 
    .word hang
    .word hang
    .word hang
    .word hang
    .word hang
    .word hang
    .word hang
    .word hang
    .word hang
    .word svcall
    .word hang
    .word hang
    .word hang
    .word hang
    
    
    .thumb_func
    .globl TEST
    TEST:
        mov r0,#0
        mov r1,#1
        mov r2,#2
        mov r3,#3
        svc 0
        bx lr
    
    void svcall ( void )
    {
    ...
    }
    

    dumping the stack

    from arm docs

    MemA[frameptr,4]     = R[0];
    MemA[frameptr+0x4,4] = R[1];
    MemA[frameptr+0x8,4] = R[2];
    MemA[frameptr+0xC,4] = R[3];
    MemA[frameptr+0x10,4] = R[12];
    MemA[frameptr+0x14,4] = LR;
    MemA[frameptr+0x18,4] = ReturnAddress();
    MemA[frameptr+0x1C,4] = (xPSR<31:10>:frameptralign:xPSR<8:0>);
    

    compiled svcall has a stack frame

    080001e8 <svcall>:
     80001e8:   b570        push    {r4, r5, r6, lr}
    

    covering the first part of the stack

    00000003 
    00000000 
    00000000 
    FFFFFFF9  lr
    

    then the exception portion of the stack that the logic uses.

    00000000 r0
    00000001 r1
    00000002 r2
    00000003 r3
    00000000 r12
    08000267 lr
    0800005E return address
    21000000 psr
    
    
    08000054 <TEST>:
     8000054:   2000        movs    r0, #0
     8000056:   2101        movs    r1, #1
     8000058:   2202        movs    r2, #2
     800005a:   2303        movs    r3, #3
     800005c:   df00        svc 0
     800005e:   4770        bx  lr
    

    and that is the expected return address.

    Not sure why you would care what the return address is. Note that that is not the address you would branch nor return to (as documented) it would be 800005f in this case, of course. But you would also have to restore the registers manually (r0,1,2,...) if you want to return to that address.