From: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-arm@nongnu.org, qemu-devel@nongnu.org, patches@linaro.org
Subject: Re: [Qemu-devel] [Qemu-arm] [PATCH 04/15] target/arm: Tighten up Thumb decode where new v8M insns will be
Date: Wed, 2 Aug 2017 19:47:22 +0200 [thread overview]
Message-ID: <20170802174722.GJ4859@toto> (raw)
In-Reply-To: <1501692241-23310-5-git-send-email-peter.maydell@linaro.org>
On Wed, Aug 02, 2017 at 05:43:50PM +0100, Peter Maydell wrote:
> Tighten up the T32 decoder in the places where new v8M instructions
> will be:
> * TT/TTT/TTA/TTAT are in what was nominally LDREX/STREX r15, ...
> which is UNPREDICTABLE:
> make the UNPREDICTABLE behaviour be to UNDEF
> * BXNS/BLXNS are distinguished from BX/BLX via the low 3 bits,
> which in previous architectural versions are SBZ:
> enforce the SBZ via UNDEF rather than ignoring it, and move
> the "ARCH(5)" UNDEF case up so we don't leak a TCG temporary
> * SG is in the encoding which would be LDRD/STRD with rn = r15;
> this is UNPREDICTABLE and we currently UNDEF:
> move this check further up the code so that we don't leak
> TCG temporaries in the UNDEF case and have a better place
> to put the SG decode.
>
> This means that if a v8M binary is accidentally run on v7M
> or if a test case hits something that we haven't implemented
> yet the behaviour will be obvious (UNDEF) rather than obscure
> (plough on treating it as a different instruction).
>
> In the process, add some comments about the instruction patterns
> at these points in the decode. Our Thumb and ARM decoders are
> very difficult to understand currently, but gradually adding
> comments like this should help to clarify what exactly has
> been decoded when.
>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
> ---
> target/arm/translate.c | 48 +++++++++++++++++++++++++++++++++++++++---------
> 1 file changed, 39 insertions(+), 9 deletions(-)
>
> diff --git a/target/arm/translate.c b/target/arm/translate.c
> index d1a5f56..3c14cb0 100644
> --- a/target/arm/translate.c
> +++ b/target/arm/translate.c
> @@ -9735,10 +9735,23 @@ static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw
> abort();
> case 4:
> if (insn & (1 << 22)) {
> - /* Other load/store, table branch. */
> + /* 0b1110_100x_x1xx_xxxx_xxxx_xxxx_xxxx_xxxx
> + * - load/store doubleword, load/store exclusive, ldacq/strel,
> + * table branch.
> + */
> if (insn & 0x01200000) {
> - /* Load/store doubleword. */
> + /* 0b1110_1000_x11x_xxxx_xxxx_xxxx_xxxx_xxxx
> + * - load/store dual (post-indexed)
> + * 0b1111_1001_x10x_xxxx_xxxx_xxxx_xxxx_xxxx
> + * - load/store dual (literal and immediate)
> + * 0b1111_1001_x11x_xxxx_xxxx_xxxx_xxxx_xxxx
> + * - load/store dual (pre-indexed)
> + */
> if (rn == 15) {
> + if (insn & (1 << 21)) {
> + /* UNPREDICTABLE */
> + goto illegal_op;
> + }
> addr = tcg_temp_new_i32();
> tcg_gen_movi_i32(addr, s->pc & ~3);
> } else {
> @@ -9772,15 +9785,18 @@ static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw
> }
> if (insn & (1 << 21)) {
> /* Base writeback. */
> - if (rn == 15)
> - goto illegal_op;
> tcg_gen_addi_i32(addr, addr, offset - 4);
> store_reg(s, rn, addr);
> } else {
> tcg_temp_free_i32(addr);
> }
> } else if ((insn & (1 << 23)) == 0) {
> - /* Load/store exclusive word. */
> + /* 0b1110_1000_010x_xxxx_xxxx_xxxx_xxxx_xxxx
> + * - load/store exclusive word
> + */
> + if (rs == 15) {
> + goto illegal_op;
> + }
> addr = tcg_temp_local_new_i32();
> load_reg_var(s, addr, rn);
> tcg_gen_addi_i32(addr, addr, (insn & 0xff) << 2);
> @@ -11137,7 +11153,9 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s)
> break;
> }
> if (insn & (1 << 10)) {
> - /* data processing extended or blx */
> + /* 0b0100_01xx_xxxx_xxxx
> + * - data processing extended, branch and exchange
> + */
> rd = (insn & 7) | ((insn >> 4) & 8);
> rm = (insn >> 3) & 0xf;
> op = (insn >> 8) & 3;
> @@ -11160,10 +11178,21 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s)
> tmp = load_reg(s, rm);
> store_reg(s, rd, tmp);
> break;
> - case 3:/* branch [and link] exchange thumb register */
> - tmp = load_reg(s, rm);
> - if (insn & (1 << 7)) {
> + case 3:
> + {
> + /* 0b0100_0111_xxxx_xxxx
> + * - branch [and link] exchange thumb register
> + */
> + bool link = insn & (1 << 7);
> +
> + if (insn & 7) {
> + goto undef;
> + }
> + if (link) {
> ARCH(5);
> + }
> + tmp = load_reg(s, rm);
> + if (link) {
> val = (uint32_t)s->pc | 1;
> tmp2 = tcg_temp_new_i32();
> tcg_gen_movi_i32(tmp2, val);
> @@ -11175,6 +11204,7 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s)
> }
> break;
> }
> + }
> break;
> }
>
> --
> 2.7.4
>
>
next prev parent reply other threads:[~2017-08-02 17:47 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-02 16:43 [Qemu-devel] [PATCH 00/15] v7M: cleanups and bugfixes prior to v8M Peter Maydell
2017-08-02 16:43 ` [Qemu-devel] [PATCH 01/15] target/arm: Use MMUAccessType enum rather than int Peter Maydell
2017-08-02 17:27 ` [Qemu-devel] [Qemu-arm] " Edgar E. Iglesias
2017-08-02 21:52 ` Philippe Mathieu-Daudé
2017-08-03 20:13 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 02/15] target/arm: Don't trap WFI/WFE for M profile Peter Maydell
2017-08-02 17:34 ` Edgar E. Iglesias
2017-08-03 20:28 ` Richard Henderson
2017-08-03 20:40 ` [Qemu-devel] [Qemu-arm] " Edgar E. Iglesias
2017-08-03 20:46 ` Richard Henderson
2017-08-03 20:44 ` [Qemu-devel] " Peter Maydell
2017-08-02 16:43 ` [Qemu-devel] [PATCH 03/15] target/arm: Consolidate PMSA handling in get_phys_addr() Peter Maydell
2017-08-02 17:40 ` Edgar E. Iglesias
2017-08-02 21:50 ` Philippe Mathieu-Daudé
2017-08-03 20:33 ` Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 04/15] target/arm: Tighten up Thumb decode where new v8M insns will be Peter Maydell
2017-08-02 17:47 ` Edgar E. Iglesias [this message]
2017-08-03 21:33 ` Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 05/15] hw/intc/armv7m_nvic.c: Remove out of date comment Peter Maydell
2017-08-02 17:48 ` [Qemu-devel] [Qemu-arm] " Edgar E. Iglesias
2017-08-03 21:34 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 06/15] target/arm: Remove incorrect comment about MPU_CTRL Peter Maydell
2017-08-03 15:24 ` [Qemu-devel] [Qemu-arm] " Edgar E. Iglesias
2017-08-03 21:35 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 07/15] target/arm: Fix outdated comment about exception exit Peter Maydell
2017-08-03 15:25 ` Edgar E. Iglesias
2017-08-03 21:36 ` Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 08/15] target/arm: Define and use XPSR bit masks Peter Maydell
2017-08-03 15:32 ` [Qemu-devel] [Qemu-arm] " Edgar E. Iglesias
2017-08-03 21:51 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 09/15] target/arm: Don't store M profile PRIMASK and FAULTMASK in daif Peter Maydell
2017-08-03 15:38 ` [Qemu-devel] [Qemu-arm] " Edgar E. Iglesias
2017-08-03 22:05 ` Richard Henderson
2017-08-05 4:47 ` Edgar E. Iglesias
2017-08-03 22:03 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 10/15] target/arm: Don't use cpsr_write/cpsr_read to transfer M profile XPSR Peter Maydell
2017-08-03 22:13 ` Richard Henderson
2017-08-03 22:15 ` Richard Henderson
2017-08-04 9:51 ` Peter Maydell
2017-08-02 16:43 ` [Qemu-devel] [PATCH 11/15] target/arm: Make arm_cpu_dump_state() handle the M-profile XPSR Peter Maydell
2017-08-03 15:48 ` [Qemu-devel] [Qemu-arm] " Edgar E. Iglesias
2017-08-03 22:14 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 12/15] target/arm: Don't calculate lr in arm_v7m_cpu_do_interrupt() until needed Peter Maydell
2017-08-02 21:46 ` [Qemu-devel] [Qemu-arm] " Philippe Mathieu-Daudé
2017-08-03 15:48 ` Edgar E. Iglesias
2017-08-03 22:16 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:43 ` [Qemu-devel] [PATCH 13/15] target/arm: Create and use new function arm_v7m_is_handler_mode() Peter Maydell
2017-08-02 21:48 ` [Qemu-devel] [Qemu-arm] " Philippe Mathieu-Daudé
2017-08-03 15:56 ` Edgar E. Iglesias
2017-08-03 22:18 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:44 ` [Qemu-devel] [PATCH 14/15] armv7m_nvic.h: Move from include/hw/arm to include/hw/intc Peter Maydell
2017-08-02 21:49 ` [Qemu-devel] [Qemu-arm] " Philippe Mathieu-Daudé
2017-08-03 15:57 ` Edgar E. Iglesias
2017-08-03 22:19 ` [Qemu-devel] " Richard Henderson
2017-08-02 16:44 ` [Qemu-devel] [PATCH 15/15] nvic: Implement "user accesses BusFault" SCS region behaviour Peter Maydell
2017-08-03 15:59 ` [Qemu-devel] [Qemu-arm] " Edgar E. Iglesias
2017-08-03 22:23 ` [Qemu-devel] " Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170802174722.GJ4859@toto \
--to=edgar.iglesias@gmail.com \
--cc=patches@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).