"setend" incorrectly handled in thumb mode
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Linaro QEMU |
Fix Released
|
Low
|
Unassigned |
Bug Description
I suspect that "setend" incorrectly is decoded as "cps" in thumb mode. When running qemu-linaro-
> root@linaro-
> #include <stdio.h>
>
> int main(void)
> {
> __asm__ __volatile__ ("setend be");
>
> printf("done!\n");
> }
> root@linaro-
> root@linaro-
> Illegal instruction
> root@linaro-
> root@linaro-
> done!
> root@linaro-
I think it is a perfectly ok limitiation to not support be mode. But it should at least be consistent.
Some minor review of disas_thumb_insn (translate.c) reveal something like:
> switch (insn >> 12) {
>
...
> case 11:
> /* misc */
> op = (insn >> 8) & 0xf;
> switch (op) {
...
> case 6: /* cps */
> ARCH(6);
> if (IS_USER(s))
> break;
That is, to me, "setend" seems to be decoded as "cps", and when running in user mode being silently ignored.
(possibly worse - if executed in priviledged mode, "setend" would actually be executed as "cps"?)
Changed in qemu-linaro: | |
milestone: | none → 2012.04 |
status: | New → Confirmed |
status: | Confirmed → In Progress |
Changed in qemu-linaro: | |
status: | In Progress → Fix Committed |
Changed in qemu-linaro: | |
status: | Fix Committed → Fix Released |
BE8 mode is completely unsupported in QEMU at the moment. We have some patches which will allow the armeb user mode to support an "always in BE8" mode, but dynamic switching via setend is somewhat harder and not currently planned work. You're right that not UNDEFfing on the Thumb encoding of setend is accidental and could perhaps be fixed, though.