Patent Application
20130227343
Many electronic devices are implemented with system-on-chip (SoC) and the SoC usually includes embedded firmware that cannot be modified. Ideally, the firmware should be error free, however, errors may be found as the SoC is used and tested. The firmware of the SoC can be replaced by “patch instructions” that may be stored in a random access memory (RAM), thus eliminating the costly process of redesigning the SoC.
A conventional method for patching firmware includes predicting defects that may exist in the firmware to predetermine backup codes that are used to patch the firmware. The firmware can be stored in a read-only memory (ROM), and the backup codes can be stored in a random access memory (RAM). In order to ensure that the backup codes patch all the defects that are uncovered later on, the backup codes may include unnecessary codes, such as backup codes for patching defects that may not exist, and may occupy a considerable large space in the RAM. Moreover, since the prediction result of the defects may not be exactly consistent with the execution result of the firmware, it is still possible that the backup codes cannot patch all the defects that appear in reality. Therefore, it is to a system that enables easy replacement of firmware the present application is primarily directed.
In one embodiment, the invention is an address selector that replaces an address pointing to a defective instruction in a built-in firmware. The address selector includes a comparing unit and a multiplexer. The comparing unit provides a comparison result by comparing a current address received from a processor with a predetermined address pointing to the defective instruction. The multiplexer coupled to the comparing unit receives a backup address pointing to a backup instruction, and the current address and if the current address matches the predetermined address, selects the backup address such that the current address is replaced by the backup address.
In another embodiment, the invention is a controller for replacing a set of defective instructions in a built-in firmware. The controller includes a non-rewritable memory, a backup memory, an address selector and a processor. The non-rewritable memory has multiple original instructions at multiple original addresses. The backup memory has a set of backup instructions at a set of backup addresses to patch the set of defective instructions in the multiple original instructions. The address selector coupled to the non-rewritable memory and the backup memory selects an execution address from a group of addresses by comparing a current address with a predetermined address that points to a defective instruction of the set of defective instructions and provides the set of backup addresses to replace a set of original addresses that point to the set of defective instructions with, wherein the group of addresses includes the multiple original addresses and the set of backup addresses. The processor coupled to the non-rewritable memory, the backup memory, and the address selector provides the current address to the address selector and executes an execution instruction stored at the execution address.
In yet another embodiment, the invention is a method for replacing a defective instruction in a built-in firmware that includes receiving, from a processor, a current address; providing the current address to an address selector; comparing, by the address selector, the current address with a predetermined address pointing to the defective instruction; if the current address matches the predetermined address, selecting a backup address that points to a backup instruction and replacing the current address with the backup address; retrieving the backup instruction stored at the backup address; and executing, by the processor, the backup instruction.
Features and advantages of embodiments of the claimed subject matter will become apparent as the following detailed description proceeds, and upon reference to the drawings, wherein like numerals depict like parts, and in which:
Reference will now be made in detail to the embodiments of the present invention. While the invention will be described in conjunction with these embodiments, it will be understood that they are not intended to limit the invention to these embodiments. On the contrary, the invention is intended to cover alternatives, modifications and equivalents, which may be included within the spirit and scope of the invention as defined by the appended claims. Furthermore, in the following detailed description of the present invention, numerous specific details are set forth in order to provide a thorough understanding of the present invention. However, it will be recognized by one of ordinary skill in the art that the present invention may be practiced without these specific details. In other instances, well known methods, procedures, components, and circuits have not been described in detail as not to unnecessarily obscure aspects of the present invention.
Embodiments in accordance with the present invention provide circuits and methods for replacing defective instructions of a firmware. The firmware stored in a non-rewritable memory may have defects that may not be detected during pre-employment testing. However, these hidden defects may become visible as the firmware is thoroughly executed. To fix these defects that are discovered later, the patch instructions can be stored in a backup memory and these patch instructions will be executed later by the processor in lieu of the defective instructions. Advantageously, since the patch instructions stored in the backup memory are devised after detection of the defects, the patch instructions stored in the backup memory can patch the firmware efficiently and completely. Moreover, since the patch instructions stored in the backup memory do not include unnecessary codes, space of the backup memory can be saved.
The controller 102 can be, but not necessarily, used in a digital camera application shown in
More specifically, in operation, the host 108 sends a command, e.g., a command instructing the controller 102 to read data from the SD card 104, to the controller 102 via the host interface 110. The controller 102 receives the command, and executes instructions stored in the controller 102 accordingly so as to fetch data from the SD card 104 and sends the fetched data to the host 108. The host 108, the host interface 110, the SD card 104 and the controller 102 communicate via the bus 106.
In the example of
In operation, when an engineer tests the controller 102 or an end user uses a system that includes the controller 102, the processor 102 receives commands from the host 108 and performs functions accordingly. In one instance, the processor 124 receives a command from the host 108 and performs a function corresponding to the command by executing the set of original instructions. In another instance, the processor 124 receives a command from the host 108 and performs a function not corresponding to the command, e.g., performs an undesired function, by executing the set of original instructions. In the second instance, the set of original instructions may have defects. To achieve the function corresponding to the command, the processor 124 can execute the set of backup instructions instead of defective instructions of the set of original instructions.
In the above example, the set of backup instructions stored in the RAM 128 are used to patch defective instructions of the set of original instructions stored in the ROM 126. More specifically, the processor 124 executes the set of original instructions initially. The result of executing shows the set of original instructions have defects. Therefore, after the processor 124 has executed the set of the original instructions, the set of backup instructions can be determined according to the defective instructions, e.g., devised to fix the defective instructions, and can be stored at the set of backup addresses ADD_B in the RAM 128. In one embodiment, the set of backup instructions are stored in the backup instruction source 112, and the backup instructions are loaded from an external source, such as a website or a server. For electronic devices in use by consumers (or end-users) and have defective instructions, the consumers can obtain the set of backup instructions from manufacturers of the electronic devices. The processor 124 downloads the set of backup instructions from the backup instruction source 112 and stores the set of backup instructions in the RAM 128. In another embodiment, the set of backup instructions are stored in an external storage unit, and the backup instruction source 112 is an interface to an external source. The processor 124 downloads the set of backup instructions from the external storage unit that stores the set of backup instructions via the interface, and the processor 124 then stores the set of backup instructions at the set of backup addresses ADD_B in the RAM 128. In another embodiment, the end users or the engineers stores the set of backup instructions in the host 108, and the host 108 stores the set of backup instructions in the RAM 128.
The address selector 132 selects an address from a group of addresses ADD_G. The group of addresses ADD_G includes the set of original addresses ADD_O pointing to the original instructions stored in the ROM 126 and the set of backup addresses ADD_B pointing to the backup instructions stored in the RAM 128. The processor 124 provides a current address to the address selector 132, and the address selector 132 selects an address according to the current address, and the processor 124 executes the instruction stored at the address selected by the address selector 132.
In one embodiment, if the processor 124 provides an original address from the set of original addresses to the address selector 132, and the original address points to an original instruction having no defects, the address selector 132 selects the original address provided by the processor 124, and the processor 124 executes the original instruction stored at the original address provided by the processor 124. In another embodiment, after the backup instructions have been stored in the RAM 128 and the address selector 132 adjusted accordingly, if the processor 124 provides an original address of the set of original addresses to the address selector 132, and the original address points to an original instruction having defects, the address selector 132 selects a backup address corresponding to the original address provided by the processor 124, and the processor 124 executes a corresponding backup instruction stored at the backup address selected by the address selector 132. The processor 124, the address selector 132, the ROM 126 and the RAM 128 communicate via the bus 106.
More specifically, a predetermined address APRE is determined by an address of the defective instructions. In one embodiment, the predetermined address APRE is the address pointing to the defective instructions to be replaced by the backup instructions. For example, the predetermined address APRE is the address pointing to the first instruction of a block of instructions that includes the defective instructions such as a beginning address A+k+1 of the defective instructions INS_c to INS_d. The address selector 132 selects an execution address from a group of addresses ADD_G by comparing a current address ADD_C provided by the processor 124 with the predetermined address APRE. The “current address” as used herein means the address pointing to an instruction to be executed by a processor at a current/present moment, in one embodiment. The “current address” can be an initial address of a set of addresses pointing to a set of instructions when the controller 102 is powered. Moreover, the “current address” can be an address following a previous address that points to an instruction executed in the previous moment. Furthermore, the “current address” can be set by an instruction. By way of example, the group of addresses ADD_G includes the addresses A to A+n and A′+k+1 to A′+m. In one embodiment, if the current address ADD_C matches the predetermined address A+k+1, the address selector 132 selects a backup address such as the address A′+k+1 corresponding to the predetermined address A+k+1. The backup address A′+k+1 is the beginning address of the set of backup addresses A′+k+1 to A′+m. The address A+k+1 points to the instruction INS_c, and the address A′+k+1 points to the instruction INS_c′. The instruction INS_c′ is corresponding to the instruction INS_c. Thus, if the current address ADD_C matches the predetermined address A+k+1, the processor 124 accordingly executes the instruction INS_c′ instead of the instruction INS_c. If the current address ADD_C mismatches the predetermined address A+k+1, the address selector 132 selects the current address ADD_C.
In operation, in one scenario, the current address ADD_C is equal to A. The address selector 132 compares the current address ADD_C with the predetermined address A+k+1. Since the current address ADD_C is different from the predetermined address A+k+1, the address selector 132 selects the current address ADD_C which is equal to A. After the processor 124 executes the instruction INS_a at the address A, the current address ADD_C is changed to A+1. Similarly, the address selector 132 selects the address A+1 since the address A+1 mismatches the predetermined address A+k+1. In the following process, the address selector 132 selects the addresses A+2 to A+k in a similar manner.
When the current address ADD_C is equal to A+k+1, since the current address ADD_C is the same as the predetermined address A+k+1, the address selector 132 selects the corresponding backup address A′+k+1 of the RAM 128. In one scenario, the instruction INS_c′ at the address A′+k+1 instructs the processor 124 to set the current address to be A′+k+2. Therefore, after the processor 124 executes the instruction INS_c′, the current address ADD_C is changed to A′+k+2. Since the current address ADD_C is different from the predetermined address A+k+1, the address selector 132 selects the address A′+k+2. In the following process, the address selector 132 selects the addresses A′+k+2 to A′+m in a similar manner.
In one embodiment, the instruction INS_d′ at the address A′+m instructs the processor 124 to set the current address ADD_C to be A+m+1. Since the current address ADD_C is different from the predetermined address A+k+1, the address selector 132 selects the address A+m+1, and the processor 124 executes the original instruction INS_e at the address A+m+1.
In another embodiment, the execution result of executing the original instructions INS_a to INS_f indicates that only original instruction INS_c has defects. The original instruction INS_c can be patched by having the processor 124 execute the backup instruction INS_c′ instead of the defective instruction INS_c. Therefore, the predetermined address APRE is set to be A+k+1. When the current address ADD_C is equal to A+k+1, since the current address ADD_C is the same as the predetermined address A+k+1, the address selector 132 selects the corresponding backup address A′+k+1 of the RAM 128. The instruction INS_c′ at the address A′+k+1 does not instruct the processor 124 to set the current address to be an address in the RAM 128. Therefore, after the processor 124 executes the instruction INS_c′, the current address ADD_C is the address A+k+2 following the previous current address A+k+1. Since the current address ADD_C is different from the predetermined address A+k+1, the address selector 132 selects the address A+k+2. In the following process, the address selector 132 selects the addresses A+k+3 to A+m in a similar manner.
In other words, the address selector 132 selects the execution address from a group of addresses ADD_G by comparing a current address ADD_C provided by the processor 124 with a predetermined address APRE. The execution address points to an execution instruction to be executed by the processor 124. The group of addresses ADD_G includes a set of original addresses (e.g., A to A+n) and a set of backup addresses (e.g., A′+K+1 to A′+m). The set of original addresses point to a set of original instructions (e.g., INS_a to INS_f) stored in the non-rewritable memory 126. The set of backup addresses point to a set of backup instructions (e.g., INS_c′ to INS_d′) stored in the backup memory 128. The set of backup instructions (e.g., INS_c′ to INS_d′) patch defective instructions (e.g., INS_c to INS_d) of the set of original instructions (e.g., INS_a to INS_f). The predetermined address APRE (e.g., A+k+1) points to a defective instruction (e.g., INS_c). As such, the address selector 132 can replace a set of original addresses (e.g., A+k+1 to A+m) pointing to the defective instructions with the set of backup addresses. Moreover, the set of backup instructions and the predetermined address are determined according to the execution result of the set of original instructions executed by the processor 124.
Advantageously, since the backup instructions are devised according to the execution result of the original instructions of the firmware rather than a predicting result of the defects of the firmware, the backup instructions can adequately and effectively patch the defective instructions stored in firmware. Moreover, the RAM can, but not necessarily, include only the backup instructions that patch the defective instructions detected by the processor 124 rather than a great number of backup instructions that patch all possible defective instructions predicted. Thus, space of the RAM can be saved.
After the defects of the set of original instructions are detected, the information of a predetermined address APRE such as the address A+k+1 mentioned above and a backup address, e.g., a beginning address, of a set of backup addresses are provided to the processor 124, via the backup instruction source 112 or the host 108. For the end users, the information is provided as part of a fix-pack by the manufacturer of the controller. The processor 124 stores the predetermined address APRE in the source register 302, and stores the backup address in the destination register 304. The backup address stored in the destination register 304 corresponds to the predetermined address APRE, and can be a beginning backup address of the set of backup addresses. For example, the backup address stored in the destination register 304 is equal to A′+k+1 as mentioned above. The processor 124 sends a current address ADD_C to the comparing unit 308 and the multiplexer 310 via the bus 106. The comparing unit 308 provides a comparison result by comparing the current address ADD_C with the predetermined address APRE (e.g., A+k+1). The comparison result indicates whether the current address ADD_C matches the predetermined address APRE. The multiplexer 310 receives the current address ADD_C and the backup address A′+k+1, and selects an address from the current address ADD_C and the backup address A′+k+1 according to the comparison result of the comparing unit 308.
In one embodiment, the multiplexer 310 selects the backup address A′+k+1 if the current address ADD_C matches the predetermined address APRE so as to replace the current address ADD_C with the backup address A′+k+1, and the multiplexer 310 selects the current address ADD_C and the processor 124 executes an original instruction stored at the current address ADD_C if the current address ADD_C does not match the predetermined address APRE. The processor 124 executes an instruction stored at the selected address.
In the example of
In an alternative embodiment, a source register can store the predetermined address APRE1, and a destination address can store the beginning address of instruction set AS′1 at initially. After the processor 124 has executed the instruction set AS′1 instead of the instruction set AS1, the source register can store the predetermined address APRE2, and the destination address can store the beginning address of instruction set AS′2. After the processor 124 has executed the instruction set AS′2 instead of the instruction set AS2, the source register can store the predetermined address APRE3, and the destination address can store the beginning address of instruction set AS′3. In this embodiment, only one source register and one destination register are needed to patch multiple sets of defective instructions.
In block 402, a set of original instructions such as the aforementioned instructions INS_a to INS_f are executed by a processor 124, e.g., thereby detecting a defect of the original instructions. A set of original addresses such as the aforementioned addresses A to A+n point to the set of original instructions. The set of original instructions are stored in a non-rewritable memory.
In block 404, a set of backup instructions, used to replace a set of defective instructions of the set of original instructions, are downloaded from a storage unit or the host 108, e.g., by the processor 124 or the host 108. The set of backup instructions are further stored in a backup memory, e.g., by the processor 124. A set of backup addresses point to the set of backup instructions.
In block 406, a set of current addresses received from the processor 124 are provided to an address selector 132 in sequence, and the current addresses are compared with a predetermined address by the address selector 132 in sequence. In one embodiment, the predetermined address points to a defective instruction of the set of defective instructions.
In block 408, a set of execution addresses are selected in sequence, using the address selector 132, from a group of addresses according to a set of comparison results between the current addresses and the predetermined address. The group of addresses includes the set of original addresses and the set of backup addresses. In one embodiment, a current address of the set of current addresses is selected as an execution address if the current address does not match the predetermined address, and a backup address corresponding to the predetermined address is selected as the execution address if the current address matches the predetermined address.
In block 410, a set of instructions stored at the set of execution addresses are retrieved and executed, e.g., by the processor 124. If the current address matches the predetermined address, the execution address points to a backup instruction and the processor 124 executes the backup instruction instead of a defective instruction stored at the current address, and desired the execution result is produced. If the current address mismatches the predetermined address, an original instruction stored at the current address is executed by the processor 124.
While the foregoing description and drawings represent embodiments of the present invention, it will be understood that various additions, modifications and substitutions may be made therein without departing from the spirit and scope of the principles of the present invention as defined in the accompanying claims. One skilled in the art will appreciate that the invention may be used with many modifications of form, structure, arrangement, proportions, materials, elements, and components and otherwise, used in the practice of the invention, which are particularly adapted to specific environments and operative requirements without departing from the principles of the present invention. The presently disclosed embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims and their legal equivalents, and not limited to the foregoing description.
