qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [Qemu-devel] ARM load/store multiple bug
@ 2006-09-09 22:19 Justin Fletcher
  2006-09-09 23:43 ` Paul Brook
  0 siblings, 1 reply; 5+ messages in thread
From: Justin Fletcher @ 2006-09-09 22:19 UTC (permalink / raw)
  To: qemu-devel

Hiya,

I have found a bug in the implementation of the load/store multiple 
instructions in ARM (LDM and STM). These are defined in the ARM ARM to 
ignore bits 0 and 1 of the address when the load takes place - that is the 
base register for these operations is always treated as a 32bit aligned 
value (although its value is only rounded internally). This differs from 
the LDR/STR operation which uses the full width of instructions.

In other words :

    MOV   r0, #9
    LDMIA r0, {r1,r2}

Is equivalent to loading r1 with the value at 8, and r2 with the value at 
12. Contrast this with the following :

    MOV   r0, #9
    LDR   r1, [r0]
    LDR   r2, [r0,#4]

which would load r1 with the value at 8, rotated right 8 bits, and r2 with 
the value at 12, rotated right 8 bits.

I have not confirmed the behaviour or the LDR operation, but have found 
problems with the multiple register operations. My solution would be to 
add the equivalent of a BIC instruction in to the target-arm/translate.c 
to clear off the bottom two bits, around line 1695 :

---8<---
                         if (n != 1)
                             gen_op_addl_T1_im(-((n - 1) * 4));
                     }
                 }
                 j = 0;
/* Insert something like gen_op_bicl_T1_im(3); here */
                 for(i=0;i<16;i++) {
                     if (insn & (1 << i)) {
                         if (insn & (1 << 20)) {
---8<---

However, there isn't any such function and I'm unsure how to make that 
change. Any suggestions would be greatfully received.

-- 
Gerph <http://gerph.org/>
... Find answers on the street, in cracks beneath my feet.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2006-09-10 17:15 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-09 22:19 [Qemu-devel] ARM load/store multiple bug Justin Fletcher
2006-09-09 23:43 ` Paul Brook
2006-09-10 10:43   ` Justin Fletcher
2006-09-10 16:46     ` Fabrice Bellard
2006-09-10 17:15       ` Paul Brook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).