Patent Application
20220197693
Embodiments of the present application relate to the field of computer technologies, and in particular, to a method for patching a chip and a chip.
Patch technology can repair errors in a program, and thus has received more and more attention.
Currently, a program is patched based on a jump instruction, but the jump instruction cannot achieve a long address jump. This has strict requirements on a storage location of a replacement function, which is not beneficial to the layout space design of a chip for a memory.
Embodiments of the present application provide a method for patching a chip and a chip, which can realize a long address jump, and is beneficial to the layout space design of a chip for a memory.
In a first aspect, provided is a method for patching a chip, where the chip includes a first program, and the method includes: when a function that needs to be replaced in the first program is run, executing an interrupt service routine according to a pre-stored correspondence relationship between an address of the function that needs to be replaced and an interrupt instruction, where the interrupt service routine is a service routine scheduled by an interrupt instruction corresponding to the function that needs to be replaced, and a return address of the interrupt service routine is an address of a patch function of the function that needs to be replaced; and running the patch function according to the address of the patch function, to perform patch processing on the first program.
The method performs transfer through an interrupt instruction to obtain a function address of a patch function, thereby replacing a function that needs to be replaced. This method does not need to carry address information of the patch function in the interrupt instruction, but schedules the address of the patch function through an interrupt service routine, and thus can realize a long address jump without limitation of a jump address range.
In some possible implementation manners, the interrupt instruction is a soft interrupt instruction.
In some possible implementation manners, the interrupt instruction is a supervisor call (SVC) instruction.
For an SVC instruction, only one instruction is needed to realize an interrupt, which occupies less system resources. In addition, the SVC can support more interrupt numbers, and thus can implement more patches.
In some possible implementation manners, the first program is an inherent program in the chip.
In some possible implementation manners, a distance between the address of the function that needs to be replaced and the address of the patch function exceeds an address range that can be jumped by a jump instruction.
In some possible implementation manners, the address of the patch function is any address in a register of the chip.
In some possible implementation manners, when the function that needs to be replaced in the first program is run, executing the interrupt service routine according to the pre-stored correspondence relationship between the address of the function that needs to be replaced and the interrupt instruction includes: when the function that needs to be replaced in the first program is run, determining an interrupt instruction corresponding to the function that needs to be replaced according to the pre-stored correspondence relationship between the address of the function that needs to be replaced and the interrupt instruction; determining an interrupt number according to the interrupt instruction; and executing the interrupt service routine corresponding to the interrupt number according to the interrupt number.
In some possible implementation manners, after running the patch function according to the address of the patch function, the method further includes: running a next function of the function that needs to be replaced in the first program.
In some possible implementation manners, the address of the function that needs to be replaced in the first program and the interrupt instruction have a one-to-one correspondence relationship.
In some possible implementation manners, the correspondence relationship between the address of the function that needs to be replaced and the interrupt instruction is pre-stored in a register of a first component of the chip.
In some possible implementation manners, the first component is a flash patch and breakpoint (FPB).
In some possible implementation manners, the chip is a micro control unit (MCU) chip.
In a second aspect, provided is a chip, where the chip includes a processor, and the processor is configured to execute the method in the first aspect and any possible implementation manner of the first aspect.
In some possible implementation manners, the chip further includes a register, and the register is configured to store a correspondence relationship between an address of a function that needs to be replaced in a first program and an interrupt instruction.
In some possible implementation manners, the register is a flash patch and breakpoint (FPB) register.
Technical solutions of the present application are described below in combination with accompanying drawings.
Under the current rapid development of science and technology, development of integrated circuit is quite dramatic, and demand for a micro control unit (micro controller, MCU) chip is also developing rapidly due to the influence of market. However, the MCU chip has a feature, that is, when the chip is manufactured, a piece of code (i.e., a program) is needed to be stored in an internal read-only memory (ROM) space to execute a power-on boot program or other programs with specific functions. After these programs are taped out on the chip, the programs on the chip cannot be modified again. This requires that the stored program must not have any fault, otherwise the faulty chip will not be able to be used again.
In order to solve this high-risk problem, an erroneous function in a program can be replaced by patch technology at present, so that the program can run correctly and the chip can continue to be used. Due to the above functions, patch technology has received more and more attention.
Errors in the program often exist in one or more functions, and these original functions with errors will be called by other functions. Although it is difficult to find these call functions, it is easy to find the original functions with errors. Therefore, the key operation of patching should be focused on these original functions with errors. The process of patching is: when calling these erroneous original functions, jumping from the erroneous original functions to modified functions (namely, patch functions), and then returning to the original programs after the patch functions have been executed. In this way, the erroneous original functions will never be executed, thus completing the modification to the program.
Patch technology generally requires hardware support, and a core of an MCU chip generally can support patch technology. The number of patches is also limited by hardware resources. The more patches hardware can support, the more functions it can repair, and the less likely a chip is wasted.
Therefore, if it is desired that a chip support more patches, requirements for chip hardware are higher, and costs of the chip increase correspondingly.
An embodiment of the present application does not specifically limit the type of core of a chip. For example, the core of the chip may be ARM, or X86, million instructions per second (MIPS), PowerPC, etc.
Description is made by taking ARM as a core. ARM provides a patch method based on flash patch and breakpoint (FPB) hardware.
Current patch technology refers to replacing an original old function with a new function to achieve the purpose of correcting a program. For example, when the program runs to a patched function, a jump instruction is used to make the program jump to an address of the patch function to run the patch function. After the patch function is executed, the original program is returned to for continuous execution.
Below, patch technology implemented by an FPB mechanism is described with reference to
At present, cores of an ARM cortex-m series all provide an FPB mechanism, which is specially used to patch an ROM code of a chip. The mechanism of FPB is to create a list of function that needs to be replaced, that is, an original function list, and configure the list in a hardware FPB register, and then create another function list, that is, a patch function list which is mainly used to store an address of a new function. The original function list and the patch function list have a correspondence relationship, and these two lists and their correspondence relationship are stored in the FPB register. When a program counter (PC) pointer runs to a function A that needs to be replaced, the FPB automatically responds, and finds an address of a new function, and automatically assigns the address of the new function to the PC pointer, so that the PC pointer will automatically jump to the new function for execution.
As shown in
Such replacement function technology is generally implemented with a jump instruction. Due to structural limitation of the jump instruction, the jump instruction can only achieve a short address jump, rather than a long address jump. For example, a jump instruction is in a structure of instruction+address of patch function, and the instruction+the address of patch function needs to be stored in a register. If the register is in 32 bits, it means that storage space of the instruction+the address of patch function is 32 bits in total. Since the instruction needs to occupy a part of the storage space, the storage space of the address of patch function is less than 32 bits, which causes a system not to be able to perform a full address jump within the range of 32 bits.
It can be understood that a long address jump in an embodiment of the present application can also be understood as a full address jump.
As shown in
In order to realize a long address jump, an embodiment of the present application may be implemented by multiple jump instructions. For example, a long address jump may be implemented through two jump instructions, as shown in
In this method, a distance between a storage location of the transfer function, and an address of the patched function and an address of the patch function should not be too far, and needs to be within a short address jump range, otherwise the jump cannot be realized. Therefore, the method of multiple jumps places higher requirements on the storage address of the transfer function. In addition, the method of multiple jumps results in higher design complexity of instructions.
An embodiment of the present application provides a method for patching a chip, which performs transfer through an interrupt instruction. The method can realize a long address jump without limitation of the range of a jump address, and moreover, implementation manner is relatively simple.
Below, an interrupt processing process is described.
Interrupt means that when a processor is executing a program normally, the processor temporarily suspends the currently executing program due to triggering of an internal or external event or presetting of a program, saves relevant information of the executed program in a stack, and then turns to execute an interrupt service subprogram of the internal or external event, or event preset by the program; and after the interrupt service subroutine is executed, the processor then obtains the information of the interrupted program saved in the stack, and continues to execute the interrupted program. This process is called an interrupt.
There are three types of interrupts: 1. soft interrupt or internal interrupt, 2. external interrupt or hard interrupt, and 3. exception. An interrupt described in an embodiment of the present application may be any one of these three types.
Since a soft interrupt is implemented by an interrupt instruction, it can be set manually according to needs, and is more flexible, simple to implement and easy to operate. Therefore, preferably, an embodiment of the present application adopts a soft interrupt for transfer.
For an external interrupt, an interrupt request signal is generated by an external device and applied to an NMI or INTR pin of a processor, and the processor continuously detects the NMI or INTR pin signal to identify whether an interrupt request occurs. For an internal interrupt, an interrupt request does not require external application of a signal for excitation, but is called by internal interrupt control logic.
Regardless of an external interrupt or an internal interrupt, an interrupt processing process can include the following steps: request an interrupt-respond to the interrupt-close the interrupt-reserve a breakpoint-identify an interrupt source-protect the scene-interrupt a service subprogram-restore the scene-return to the interrupt.
In an embodiment of the present application, address information of a patch function can be added to an interrupt return instruction, so that when an interrupt returns, the patch function can be jumped to for execution, so as to realize patch processing of a chip. After jumping from an interrupt service routine to an original program, an original function with an error may not be executed, but the patch function may be executed so as to ensure the normal operation of the program.
For example, after executing an interrupt service routine, a processor can return to a first program and continue execution from a breakpoint of the first program; however, since a return address of the interrupt service routine is an address of a patch function, the processor runs the patch function after returning to the first program. At this time, a PC pointer can be updated to point to a next function of a function that needs to be replaced in the first program. After the patch function is run, a next instruction can be run according to the location pointed to by the PC pointer, so that the function that needs to be replaced can be skipped and is not executed, thereby avoiding program running errors.
A chip provided by an embodiment of the present application may include a first program, and the first program may be any segment of program stored in the chip. For example, the first program may be an inherent program in the chip, that is, an uneditable program. For another example, the first program may be an editable program in the chip.
After the first program is stored in the chip, the processor of the chip can run the program to realize the corresponding function.
The chip may be, for example, an MCU chip described above, and the first program may be a program stored in the MCU chip during the manufacturing process of the MCU chip. Of course, the chip in the embodiment of the present application may also be another type of chip.
However, when some functions in the first program have errors or need to be replaced, the method in the embodiment of the present application can be used for replacement.
As shown in
S410. When a function that needs to be replaced in the first program is run, executing an interrupt service routine according to a pre-stored correspondence relationship between an address of the function that needs to be replaced and an interrupt instruction, where the interrupt service routine is a service routine scheduled by an interrupt instruction corresponding to the function that needs to be replaced, and a return address of the interrupt service routine is an address of a patch function of the function that needs to be replaced.
It can be understood that the first program may be written through an address of a function, the first program may include addresses of multiple functions, and a processor runs the first program by calling the functions stored on the multiple addresses.
Executing the interrupt service routine according to the pre-stored correspondence relationship between the address of the function that needs to be replaced and the interrupt instruction can refer to determining an interrupt instruction corresponding to the function that needs to be replaced according to the pre-stored correspondence relationship between the address of the function that needs to be replaced and the interrupt instruction, then determining an interrupt number according to the interrupt instruction, and executing the interrupt service routine corresponding to the interrupt number according to the interrupt number.
The address of the function in the first program includes an address of a function that has an error or needs to be replaced in the first program. In the embodiment of the present application, a correspondence relationship between an address of a function that needs to be replaced and an interrupt instruction may be created in advance, so that when the function that needs to be replaced is hit, the interrupt instruction can be jumped to according to the correspondence relationship.
The address of the function that needs to be replaced and the interrupt instruction can have a one-to-one correspondence relationship. For example, a list of addresses of functions that need to be replaced and a list of interrupt instructions can be created in advance, and contents of the two lists have a one-to-one correspondence relationship. If there are multiple functions that need to be replaced in the first program, the multiple functions that need to be replaced can correspond to multiple interrupt instructions, and the multiple functions that need to be replaced and the multiple interrupt instructions have a one-to-one correspondence relationship.
During the running process of the first program, when the function that needs to be replaced is run, a system can automatically respond, and find the corresponding interrupt instruction according to the correspondence relationship between the address of the function that needs to be replaced and the interrupt instruction.
That the function that needs to be replaced in the first program is run may mean that a PC pointer points to the function that needs to be replaced.
S420. Running the patch function according to the address of the patch function, to perform patch processing on the first program.
By means of the interrupt instruction, the interrupt service routine that triggers the interrupt can be found. The interrupt instruction may include an interrupt number, and different interrupt sources have different interrupt numbers. Therefore, in the embodiment of the present application, an interrupt number may be used to determine an interrupt source that triggers the interrupt, so as to find the interrupt service routine.
The interrupt number is a code assigned to each interrupt source by a system for identification and processing. The processor can find an entry address of the interrupt service routine through the interrupt number to realize the transfer of the program.
Therefore, the processor can suspend the execution of the first program according to the interrupt instruction, and jump to the interrupt service routine to execute the interrupt service routine. After the interrupt service routine is run, the first program is returned to for continuous execution.
After the interrupt service routine is executed, an original program needs to be returned to for continuous execution. Therefore, each interrupt service routine needs an interrupt return instruction so that the processor can return to the original program to continue execution after an interrupt event is processed.
In the embodiment of the present application, address information of the patch function can be added to the interrupt return instruction, so that when the interrupt returns, the system can automatically jump to the patch function to execute the patch function instead of the function that needs to be replaced, so as to realize the patch processing of the chip.
The patching method provided by the embodiment of the present application is a patching process for the running program. The address of the patch function is not stored in the instruction, but is obtained from another segment of program (such as the interrupt service routine). The address information of the patch function is called by the interrupt service routine. Since the interrupt service routine can call a function at any address, the address of the patch function can be an address of any memory space in the chip, and is not limited by a jump address range. Therefore, a long address jump can be realized by performing patching through the interrupt instruction, which is beneficial to a layout design of storage space of an SRAM and a flash.
For example, for a 32-bit register, the interrupt service routine can call any address within the 32-bit range, so that a full address jump can be realized. It can be understood that, the register is the above-described register configured to store the correspondence relationship between the address of the patch function and the interrupt instruction.
In addition, since the address of the original function and the interrupt instruction corresponding to the address of the original function are pre-stored in the chip, the system can automatically respond and execute the corresponding interrupt instruction without human intervention. For the replacement of multiple identical functions in the program, there is also no need to manually replace each function. According to the pre-stored correspondence relationship, the system can implement multiple replacements, and the operation process is simple.
Addresses of different original functions may correspond to different interrupt instructions, different interrupt instructions may trigger different interrupt service routines, and different interrupt service routines may correspond to different return addresses. One return address corresponds to one address of a patch function, and therefore addresses of different original functions may correspond to addresses of different patch functions through interrupt instructions, and multiple locations of the program may be patched through multiple interrupt instructions.
Therefore, when multiple original functions in the program have errors, a correspondence relationship between addresses of the multiple original functions and multiple interrupt instructions can be stored in the register, and addresses of multiple patch functions can be called through the multiple interrupt instructions to perform patch processing on the program.
The method in the embodiment of the present application may also be applied in a system or software upgrade process, which is not specifically limited.
As a preferred implementation manner, the interrupt instruction in the embodiment of the present application may be a soft interrupt instruction, and the soft interrupt instruction may be a supervisor call (SVC) instruction.
An SVC interrupt is a special interrupt, which is mostly used in software development on an operating system. SVC is used to generate a call request for a system function. For example, the operating system does not allow a user program to access hardware directly, but access the hardware indirectly by such a calling method that the user program uses the SVC to issue a call request for a system service function by providing some system service functions. Therefore, when wanting to control specific hardware, the user program will generate an SVC exception, and then an SVC exception service routine provided by the operating system is executed, and calls a related operating system function, thereby completing a service requested by the user program.
An SVC interrupt is an interrupt that must be given a response immediately. Therefore, through the SVC interrupt, the first program can be ensured to be patched immediately.
Another feature of the SVC interrupt is that only one instruction is needed to realize the interrupt, implementation manner is simple, and storage space occupied by the instruction is small.
The setting method of the SVC instruction is simple, generally for example, _SVC #0.
In addition, the SVC interrupt can support more interrupt numbers, such as 256 interrupt numbers, and each interrupt number corresponds to an interrupt service routine. Since each interrupt service routine can return an address of a patch function, the SVC interrupt can support 256 patches. Therefore, through the SVC instruction, a larger number of patches can be supported, hardware of the chip does not need to be improved, and costs are low.
The correspondence relationship between the address of the function in the first program and the interrupt instruction may be pre-stored in a register of the first component in the chip. The first component belongs to a hardware resource of the chip.
The first component may be the FPB described above. In the register of the FPB, two lists are stored, one is a list of address of a function that needs to be replaced, and the other is a list of interrupt instructions, and contents of the two lists have a one-to-one correspondence relationship.
Below, a patching process of a chip is described by an example of an SVC instruction with reference to
As shown in
In the lists shown in
The significance of storing the list of SVC interrupt instructions in the FPB register is that when the address of the original function in the list is hit, a processor can determine the SVC instruction corresponding to the address of the original function according to the correspondence relationship in the list. Then the SVC instruction triggers the SVC interrupt, and the SVC instruction may include an interrupt number, so that a system can obtain an SVC interrupt service routine corresponding to the interrupt number according to the interrupt number. After the SVC interrupt service routine is executed, an SVC interrupt return can be performed, and then the processor can run a patch function corresponding to a return address according to the return address of the SVC interrupt. In
It can be understood that, the interrupt service routine in the embodiment of the present application may also be referred to as an interrupt processing function.
In
After the function B is executed, the PC pointer is updated and points to a next instruction after the function A in the program, so that the processor can skip the function A after executing the function B and execute a next function after the function A.
In the embodiment of the present application, a chip may be further patched in a manner of a jump instruction combined with an SVC interrupt.
Two lists can be stored in an FPB register, one list is a list of address of an original function, and the other list is a list of the combination of SVC instruction and address of a new function. As shown in
In the embodiment of the present application, the chip may be patched through the above interrupt methods in any case. In this case, an address of a patch function may be any address in a register, or only when a distance between the address of the function that needs to be replaced and the address of the patch function exceeds an address range that can be jumped by a jump instruction, patching is performed in the method described above.
For example, when the distance between the address of the patch function and the address of the original function is within the address range that can be jumped by the jump instruction, the jump instruction can be used for jumping so as to realize the patch processing of the chip; and when the distance between the address of the patch function and the address of the original function exceeds the address range that can be jumped by the jump instruction, the SVC interrupt can be used to obtain the address of the patched function so as to realize the patch processing of the chip.
The address range that can be jumped by the jump instruction can be understood as a short address jump range.
It can be understood that for different cores, a range of a short address jump can be different. For an ARM core, a range of a short address jump is 0˜32M; and if the ARM core uses a thumb instruction set, a range of a short address jump is 0˜4M. For a PowerPC core, a range of a short address jump is 0˜16M. It should be noted that an address range that can be jumped by a jump instruction may also be a preset address range, which can be preset according to user needs or different core settings.
In addition, an embodiment of the present application further provides a chip. As shown in
Optionally, the chip 1010 further includes a register 1020 configured to store a correspondence relationship between an address of a function that needs to be replaced and an interrupt instruction.
Optionally, the register is an FPB register.
It should be noted that terms used in embodiments of the present application and the claims appended hereto are merely for the purpose of describing particular embodiments, and are not intended to limit the embodiments of the present application.
For example, the use of a singular form of “a”, “the”, “the above” and “said” in the embodiments of the present application and the claims appended hereto are also intended to include a plural form, unless otherwise clearly indicated herein by context.
A person skilled in the art may be aware that units and algorithm steps of the examples described in the embodiments disclosed in the text may be implemented by electronic hardware or a combination of computer software and the electronic hardware. Whether these functions are implemented in the form of hardware or software depends upon particular applications and design constraints of the technical solutions. A person skilled in the art may use different methods to implement the described functions for each particular application, but it should not be considered that the implementation goes beyond the scope of the embodiments of present application.
If the function is implemented in the form of a software functional unit and is sold or used as an independent product, it may be stored in a computer readable storage medium. Based on such understanding, the nature of the technical solutions of the embodiments of the present application, or the part making contribution to the prior art, or a part of the technical solutions may be embodied in the form of a software product, and the computer software product is stored in a storage medium, including several instructions that cause a computer device (which may be a personal computer, a server, a network device, or the like) to execute all or part of steps in the method of the embodiments of the present application. The foregoing storage medium includes: various media that may store program codes, such as a U-disk, a removable hard disk, a read-only memory, a random access memory, a magnetic disk, a compact disk, and so on.
The foregoing contents are merely specific implementation manners of the embodiments of the present application. However, the protection scope of the embodiments of the present application is not limited thereto, and a person skilled in the art who is familiar with the art could readily think of variations or substitutions within the technical scope disclosed by the embodiments of the present application, and these variations or substitutions shall fall within the protection scope of the embodiments of the present application. Therefore, the protection scope of the embodiments of the present application shall be subject to the protection scope of the claims.
This application is a continuation of International Application No. PCT/CN2020/072675, filed on Jan. 17, 2020, the disclosure of which is hereby incorporated by reference in its entirety.
| Number | Date | Country | |
|---|---|---|---|
| Parent | PCT/CN2020/072675 | Jan 2020 | US |
| Child | 17689368 | US |
