From patchwork Wed Aug 2 16:43:50 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 109249 Delivered-To: patches@linaro.org Received: by 10.140.101.6 with SMTP id t6csp3003347qge; Wed, 2 Aug 2017 09:44:05 -0700 (PDT) X-Received: by 10.223.150.10 with SMTP id b10mr16737356wra.85.1501692244997; Wed, 02 Aug 2017 09:44:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1501692244; cv=none; d=google.com; s=arc-20160816; b=OV1JdcvcdZLaS/0OwU2cqutK1el7oGAr9u51lMvlSipDEZiD48RrCLf/1rLcsTERPD 2PqQ0dlrBoxYt9cfqJRCoCcw/uRgwGr1vg5DHRlL6uu0hV/F/QlxjwcAgrNrIYxZLXHP PuS6qUU6OdMArTqekOamgqAQTJf2OTbqEkAvMkxRMH8G5cMUR1jIhCR4UvvCnjXRB8pm dP7plhnJ1d8TgGII0M009irqZCVuHcOn8/mGCxBGUJ9NAY2Mr6r66DBSGPj8f3qpb2Kp 28qvzbHKLotND0VAdzbzWYkuRuUfdGvAUZcUn7S8M19yXbBX1BJyEWUv+F6b+f6o4vOl d8xA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=xACm1ObE4RWwOUveFdJ0M5TkxnS4WSXWROrEXqq41/Q=; b=YMl5RZJi7lTbP0hVEf18GXe3/srJIoh8PBE6tPpzTDMY6kiddqvc+pWGd7L2mmKPRu aUKtnBkysmpFxGTA56Heb3tNAtEkAofuhE2CUL7bJBnx0uXsAwlLftSj8LDPM+90NF0I 4+EibkeMh4kc50elpBQo1Tfy1Gq88hPqe454JAfP22rFzvD8HKvSF6IUob5ujIXKTHs3 xU3Ud7/us+HDXGSOW6JwAcccxFGFncN6Zvycqjtw3ciSvQtLQwV4vhpmHhwxnuqRAJGp DCzcWnfJEAyrl1MVELlVqmmFFEWjEhqiD/4PcRSYwolsdpwOit3FkCwJ0jttaP45h37h rGKQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted sender) smtp.mailfrom=pm215@archaic.org.uk; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from orth.archaic.org.uk (orth.archaic.org.uk. [2001:8b0:1d0::2]) by mx.google.com with ESMTPS id s6si17326465wrg.389.2017.08.02.09.44.04 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Aug 2017 09:44:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted sender) client-ip=2001:8b0:1d0::2; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of pm215@archaic.org.uk designates 2001:8b0:1d0::2 as permitted sender) smtp.mailfrom=pm215@archaic.org.uk; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from pm215 by orth.archaic.org.uk with local (Exim 4.84_2) (envelope-from ) id 1dcwke-0003x6-Ho; Wed, 02 Aug 2017 17:44:04 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Cc: patches@linaro.org Subject: [PATCH 04/15] target/arm: Tighten up Thumb decode where new v8M insns will be Date: Wed, 2 Aug 2017 17:43:50 +0100 Message-Id: <1501692241-23310-5-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1501692241-23310-1-git-send-email-peter.maydell@linaro.org> References: <1501692241-23310-1-git-send-email-peter.maydell@linaro.org> Tighten up the T32 decoder in the places where new v8M instructions will be: * TT/TTT/TTA/TTAT are in what was nominally LDREX/STREX r15, ... which is UNPREDICTABLE: make the UNPREDICTABLE behaviour be to UNDEF * BXNS/BLXNS are distinguished from BX/BLX via the low 3 bits, which in previous architectural versions are SBZ: enforce the SBZ via UNDEF rather than ignoring it, and move the "ARCH(5)" UNDEF case up so we don't leak a TCG temporary * SG is in the encoding which would be LDRD/STRD with rn = r15; this is UNPREDICTABLE and we currently UNDEF: move this check further up the code so that we don't leak TCG temporaries in the UNDEF case and have a better place to put the SG decode. This means that if a v8M binary is accidentally run on v7M or if a test case hits something that we haven't implemented yet the behaviour will be obvious (UNDEF) rather than obscure (plough on treating it as a different instruction). In the process, add some comments about the instruction patterns at these points in the decode. Our Thumb and ARM decoders are very difficult to understand currently, but gradually adding comments like this should help to clarify what exactly has been decoded when. Signed-off-by: Peter Maydell --- target/arm/translate.c | 48 +++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 39 insertions(+), 9 deletions(-) -- 2.7.4 Reviewed-by: Edgar E. Iglesias Reviewed-by: Richard Henderson diff --git a/target/arm/translate.c b/target/arm/translate.c index d1a5f56..3c14cb0 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -9735,10 +9735,23 @@ static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw abort(); case 4: if (insn & (1 << 22)) { - /* Other load/store, table branch. */ + /* 0b1110_100x_x1xx_xxxx_xxxx_xxxx_xxxx_xxxx + * - load/store doubleword, load/store exclusive, ldacq/strel, + * table branch. + */ if (insn & 0x01200000) { - /* Load/store doubleword. */ + /* 0b1110_1000_x11x_xxxx_xxxx_xxxx_xxxx_xxxx + * - load/store dual (post-indexed) + * 0b1111_1001_x10x_xxxx_xxxx_xxxx_xxxx_xxxx + * - load/store dual (literal and immediate) + * 0b1111_1001_x11x_xxxx_xxxx_xxxx_xxxx_xxxx + * - load/store dual (pre-indexed) + */ if (rn == 15) { + if (insn & (1 << 21)) { + /* UNPREDICTABLE */ + goto illegal_op; + } addr = tcg_temp_new_i32(); tcg_gen_movi_i32(addr, s->pc & ~3); } else { @@ -9772,15 +9785,18 @@ static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw } if (insn & (1 << 21)) { /* Base writeback. */ - if (rn == 15) - goto illegal_op; tcg_gen_addi_i32(addr, addr, offset - 4); store_reg(s, rn, addr); } else { tcg_temp_free_i32(addr); } } else if ((insn & (1 << 23)) == 0) { - /* Load/store exclusive word. */ + /* 0b1110_1000_010x_xxxx_xxxx_xxxx_xxxx_xxxx + * - load/store exclusive word + */ + if (rs == 15) { + goto illegal_op; + } addr = tcg_temp_local_new_i32(); load_reg_var(s, addr, rn); tcg_gen_addi_i32(addr, addr, (insn & 0xff) << 2); @@ -11137,7 +11153,9 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s) break; } if (insn & (1 << 10)) { - /* data processing extended or blx */ + /* 0b0100_01xx_xxxx_xxxx + * - data processing extended, branch and exchange + */ rd = (insn & 7) | ((insn >> 4) & 8); rm = (insn >> 3) & 0xf; op = (insn >> 8) & 3; @@ -11160,10 +11178,21 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s) tmp = load_reg(s, rm); store_reg(s, rd, tmp); break; - case 3:/* branch [and link] exchange thumb register */ - tmp = load_reg(s, rm); - if (insn & (1 << 7)) { + case 3: + { + /* 0b0100_0111_xxxx_xxxx + * - branch [and link] exchange thumb register + */ + bool link = insn & (1 << 7); + + if (insn & 7) { + goto undef; + } + if (link) { ARCH(5); + } + tmp = load_reg(s, rm); + if (link) { val = (uint32_t)s->pc | 1; tmp2 = tcg_temp_new_i32(); tcg_gen_movi_i32(tmp2, val); @@ -11175,6 +11204,7 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s) } break; } + } break; }