[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 2/5] Fix Thumb-1 BE32 execution and disassembly.
From: |
Peter Maydell |
Subject: |
Re: [Qemu-devel] [PATCH 2/5] Fix Thumb-1 BE32 execution and disassembly. |
Date: |
Fri, 4 Nov 2016 13:30:12 +0000 |
On 3 November 2016 at 17:30, Julian Brown <address@hidden> wrote:
> Thumb-1 code has some issues in BE32 mode (as currently implemented). In
> short, since bytes are swapped within words at load time for BE32
> executables, this also swaps pairs of adjacent Thumb-1 instructions.
>
> This patch un-swaps those pairs of instructions again, both for execution,
> and for disassembly.
>
> Signed-off-by: Julian Brown <address@hidden>
> ---
> disas/arm.c | 46 +++++++++++++++++++++++++++++++++++-----------
> include/disas/bfd.h | 1 +
> target-arm/arm_ldst.h | 10 +++++++++-
> target-arm/cpu.c | 4 ++++
> 4 files changed, 49 insertions(+), 12 deletions(-)
>
> diff --git a/disas/arm.c b/disas/arm.c
> index 93c6503..4807ba3 100644
> --- a/disas/arm.c
> +++ b/disas/arm.c
> @@ -3863,10 +3863,11 @@ print_insn_arm (bfd_vma pc, struct disassemble_info
> *info)
> int is_data = false;
> unsigned int size = 4;
> void (*printer) (bfd_vma, struct disassemble_info *, long);
> - int little;
> + int little, is_thumb1_be32 = false;
>
> little = (info->endian == BFD_ENDIAN_LITTLE);
> is_thumb |= (pc & 1);
> + is_thumb1_be32 = (info->flags & INSN_ARM_THUMB1_BE32) != 0;
> pc &= ~(bfd_vma)1;
>
> if (force_thumb)
> @@ -3915,11 +3916,22 @@ print_insn_arm (bfd_vma pc, struct disassemble_info
> *info)
> info->bytes_per_chunk = 2;
> size = 2;
>
> - status = info->read_memory_func (pc, (bfd_byte *)b, 2, info);
> - if (little)
> - given = (b[0]) | (b[1] << 8);
> - else
> - given = (b[1]) | (b[0] << 8);
> + if (is_thumb1_be32) {
> + status = info->read_memory_func(pc & ~3, (bfd_byte *)b, 4, info);
> + assert(little);
> + if ((pc & 2) == 0) {
> + given = b[2] | (b[3] << 8);
> + } else {
> + given = b[0] | (b[1] << 8);
> + }
> + } else {
> + status = info->read_memory_func(pc, (bfd_byte *)b, 2, info);
> + if (little) {
> + given = (b[0]) | (b[1] << 8);
> + } else {
> + given = (b[1]) | (b[0] << 8);
> + }
> + }
Could we do this instead by changing the read_memory_func() so that it
did the appropriate XORing of addresses ? (Chaining through to
the original read_memory_func would be a bit irritating as you'd
need to find a place to stash that function pointer where you
could get at it again from the new read_memory_func.)
thanks
-- PMM
[Qemu-devel] [PATCH 3/5] Fix arm_semi_flen_cb for BE32 system mode., Julian Brown, 2016/11/03