Re: [Qemu-devel] [PATCH 2/5] Fix Thumb-1 BE32 execution and disassembly.

Fri, 04 Nov 2016 06:33:09 -0700 

On 3 November 2016 at 17:30, Julian Brown <jul...@codesourcery.com> wrote:
> Thumb-1 code has some issues in BE32 mode (as currently implemented). In
> short, since bytes are swapped within words at load time for BE32
> executables, this also swaps pairs of adjacent Thumb-1 instructions.
>
> This patch un-swaps those pairs of instructions again, both for execution,
> and for disassembly.
>
> Signed-off-by: Julian Brown <jul...@codesourcery.com>
> ---
>  disas/arm.c           | 46 +++++++++++++++++++++++++++++++++++-----------
>  include/disas/bfd.h   |  1 +
>  target-arm/arm_ldst.h | 10 +++++++++-
>  target-arm/cpu.c      |  4 ++++
>  4 files changed, 49 insertions(+), 12 deletions(-)
>
> diff --git a/disas/arm.c b/disas/arm.c
> index 93c6503..4807ba3 100644
> --- a/disas/arm.c
> +++ b/disas/arm.c
> @@ -3863,10 +3863,11 @@ print_insn_arm (bfd_vma pc, struct disassemble_info 
> *info)
>    int           is_data = false;
>    unsigned int size = 4;
>    void         (*printer) (bfd_vma, struct disassemble_info *, long);
> -  int little;
> +  int little, is_thumb1_be32 = false;
>
>    little = (info->endian == BFD_ENDIAN_LITTLE);
>    is_thumb |= (pc & 1);
> +  is_thumb1_be32 = (info->flags & INSN_ARM_THUMB1_BE32) != 0;
>    pc &= ~(bfd_vma)1;
>
>    if (force_thumb)
> @@ -3915,11 +3916,22 @@ print_insn_arm (bfd_vma pc, struct disassemble_info 
> *info)
>        info->bytes_per_chunk = 2;
>        size = 2;
>
> -      status = info->read_memory_func (pc, (bfd_byte *)b, 2, info);
> -      if (little)
> -       given = (b[0]) | (b[1] << 8);
> -      else
> -       given = (b[1]) | (b[0] << 8);
> +      if (is_thumb1_be32) {
> +          status = info->read_memory_func(pc & ~3, (bfd_byte *)b, 4, info);
> +          assert(little);
> +          if ((pc & 2) == 0) {
> +              given = b[2] | (b[3] << 8);
> +          } else {
> +              given = b[0] | (b[1] << 8);
> +          }
> +      } else {
> +          status = info->read_memory_func(pc, (bfd_byte *)b, 2, info);
> +          if (little) {
> +              given = (b[0]) | (b[1] << 8);
> +          } else {

> +              given = (b[1]) | (b[0] << 8);
> +          }
> +      }

Could we do this instead by changing the read_memory_func() so that it
did the appropriate XORing of addresses ? (Chaining through to
the original read_memory_func would be a bit irritating as you'd
need to find a place to stash that function pointer where you
could get at it again from the new read_memory_func.)

thanks
-- PMM

Reply via email to