📄 oemabort.lst
字号:
756 00000048 e200180f AND R1, R0, #ARM_Rn_mask
757 0000004c e2003a0f AND R3, R0, #ARM_Rd_mask
758 00000050
759 00000050 ; Now split according to the major class of the instruction - i.e.
760 00000050 ; bits 27:25.
761 00000050
762 00000050 e200240e AND R2, R0, #(0x7:SHL:25)
763 00000054 e08ffba2 ADD PC, PC, R2, LSR #23
764 00000058
765 00000058 e1a00000 NOP ;Branch table padding
766 0000005c
767 0000005c ea000007 B ARM_Odds_And_Ends ;SWP, LDRH, etc.
768 00000060 ea000004 B ARM_Should_Not_Happen ;(Data processing)
769 00000064 ea00006a B ARM_LDR_STR_Immed
770 00000068 ea00003d B ARM_LDR_STR_Reg
771 0000006c ea000022 B ARM_LDM_STM
772 00000070 ea000000 B ARM_Should_Not_Happen ;(B/BL)
773 00000074 ea00001d B ARM_LDC_STC
774 00000078 ARM_Should_Not_Happen ;(CDP/MRC/MCR/SWI)
775 00000078 e3a06009 MOV R6, #DABORT_ERROR_BAD_INSTR
776 0000007c ea0000c7 B CallOSHandlerWithError
777 00000080
778 00000080 ; Analysis of ARM SWP/SWPB/LDRH/LDRSB/LDRSH/STRH instructions
779 00000080 ; -----------------------------------------------------------
780 00000080 ;
781 00000080 ; Start by distinguishing SWP instructions from the rest.
782 00000080
783 00000080 ARM_Odds_And_Ends
784 00000080
785 00000080 e3100060 TST R0, #0x3 :SHL: 5
786 00000084 1a000007 BNE ARM_LDRH_etc
787 00000088
788 00000088 ; Analysis of ARM SWP/SWPB instructions
789 00000088 ; -------------------------------------
790 00000088 ;
791 00000088 ; This will behave like a pre-indexed instruction with an offset of 0
792 00000088 ; and no writeback - i.e. P=1, U=don't care, W=0. SWP/SWPB
793 00000088 ; instructions should already be like this, and it is an error if they
794 00000088 ; are not.
795 00000088
796 00000088 ARM_SWP
797 00000088
798 00000088 e2007612 AND R7, R0, #ARM_P_bit + ARM_W_bit
799 0000008c e3570401 CMP R7, #ARM_P_bit
800 00000090 1afffff8 BNE ARM_Should_Not_Happen
801 00000094
802 00000094 ; A base register of R15 is also an error.
803 00000094
804 00000094 e351080f CMP R1, #0xF :SHL: ARM_Rn_pos
805 00000098 03a06004 MOVEQ R6, #DABORT_ERROR_BASE_R15
806 0000009c 0a0000bf BEQ CallOSHandlerWithError
807 000000a0
808 000000a0 ; Set an offset of 0 and continue.
809 000000a0
810 000000a0 e3a02000 MOV R2, #0 ;Set offset of 0
811 000000a4 ea0000ad B RegisterAdjust
812 000000a8
813 000000a8 ; Analysis of ARM LDRH/LDRSB/LDRSH/STRH instructions
814 000000a8 ; --------------------------------------------------
815 000000a8 ;
816 000000a8 ; First thing is to force writeback to be set if post-indexed; then
817 000000a8 ; split into immediate and register forms.
818 000000a8
819 000000a8 ARM_LDRH_etc
820 000000a8
821 000000a8 e3100401 TST R0, #ARM_P_bit
822 000000ac 03800602 ORREQ R0, R0, #ARM_W_bit
823 000000b0
824 000000b0 e3100501 TST R0, #ARM_S_bit
825 000000b4 0a000003 BEQ ARM_LDRH_etc_Reg
826 000000b8
827 000000b8 ARM_LDRH_etc_Immed
828 000000b8
829 000000b8 ; We just have to generate the correct offset.
830 000000b8
831 000000b8 e200200f AND R2, R0, #0xF
832 000000bc e2007c0f AND R7, R0, #0xF00
833 000000c0 e1822227 ORR R2, R2, R7, LSR #4
834 000000c4 ea0000a5 B RegisterAdjust
835 000000c8
836 000000c8 ARM_LDRH_etc_Reg
837 000000c8
838 000000c8 ; There are a number of errors to detect:
839 000000c8 ;
840 000000c8 ; * An index register of R15.
841 000000c8
842 000000c8 e200200f AND R2, R0, #ARM_Rm_mask
843 000000cc e352000f CMP R2, #0xF :SHL: ARM_Rm_pos
844 000000d0 03a06005 MOVEQ R6, #DABORT_ERROR_INDEX_R15
845 000000d4 0a0000b1 BEQ CallOSHandlerWithError
846 000000d8
847 000000d8 ; * Base register = index register, with writeback.
848 000000d8
849 000000d8 e1520821 CMP R2, R1, LSR #(ARM_Rn_pos - ARM_Rm_pos)
850 000000dc 1a000001 BNE ARM_LDRH_etc_Reg_OK
851 000000e0 e3100602 TST R0, #ARM_W_bit
852 000000e4 1a000046 BNE ARM_LDR_STR_Reg_NotOK ;To shared error code
853 000000e8
854 000000e8 ARM_LDRH_etc_Reg_OK
855 000000e8
856 000000e8 ; Get the index register value and go to common code.
857 000000e8
858 000000e8 e79d2102 LDR R2, [R13, R2, LSL #(2 - ARM_Rm_pos)]
859 000000ec ea00009b B RegisterAdjust
860 000000f0
861 000000f0 ; Analysis of ARM LDC/STC instructions
862 000000f0 ; ------------------------------------
863 000000f0 ;
864 000000f0 ; Offset comes direct from the instruction. M, P, U, W and L bits are
865 000000f0 ; already right.
866 000000f0
867 000000f0 ARM_LDC_STC
868 000000f0 e20020ff AND R2, R0, #0xFF
869 000000f4 e1a02102 MOV R2, R2, LSL #2
870 000000f8 ea00009e B RegisterAdjust2 ;Avoid "load and w/back" check
871 000000fc
872 000000fc ; Analysis of ARM LDM/STM instructions
873 000000fc ; ------------------------------------
874 000000fc ;
875 000000fc ; Offset is implied by number of set bits in register mask; M, U, W
876 000000fc ; and L bits are set correctly. P bit cannot be set in a manner that
877 000000fc ; corresponds properly to the other instructions, so this case doesn't
878 000000fc ; share all of the standard "RegisterAdjust" code.
879 000000fc
880 000000fc ARM_LDM_STM
881 000000fc
882 000000fc ; Need to check for some error conditions:
883 000000fc ;
884 000000fc ; * Base register of R15.
885 000000fc
886 000000fc e351080f CMP R1, #0xF :SHL: ARM_Rn_pos
887 00000100 03a06004 MOVEQ R6, #DABORT_ERROR_BASE_R15
888 00000104 0a0000a5 BEQ CallOSHandlerWithError
889 00000108
890 00000108 ; * Register mask empty. (Calculate register mask at the same time and
891 00000108 ; put it into top end of R3.)
892 00000108
893 00000108 e1b03800 MOVS R3, R0, LSL #16 ;Isolate register mask
894 0000010c 03a06007 MOVEQ R6, #DABORT_ERROR_LDMSTM_EMPTY
895 00000110 0a0000a2 BEQ CallOSHandlerWithError
896 00000114
897 00000114 ; * Writeback and load of same register.
898 00000114
899 00000114 e3100602 TST R0, #ARM_W_bit ;Writeback?
900 00000118 13100601 TSTNE R0, #ARM_L_bit ;And a load?
901 0000011c 11a07821 MOVNE R7, R1, LSR #ARM_Rn_pos
902 00000120 11a07733 MOVNE R7, R3, LSR R7
903 00000124 13170801 TSTNE R7, #0x10000 ;And base in list?
904 00000128 13a06006 MOVNE R6, #DABORT_ERROR_LOAD_WB
905 0000012c 1a00009b BNE CallOSHandlerWithError
906 00000130
907 00000130 ; * Writeback in user bank form.
908 00000130
909 00000130 e3100602 TST R0, #ARM_W_bit ;Writeback?
910 00000134 13100501 TSTNE R0, #ARM_S_bit ;Potentially user bank?
911 00000138 0a000003 BEQ ARM_LDM_STM_OK
912 0000013c e3130102 TST R3, #0x10000 :SHL: 15 ;Is it loading R15?
913 00000140 13100601 TSTNE R0, #ARM_L_bit ;And a load?
914 00000144 03a06008 MOVEQ R6, #DABORT_ERROR_USERBANK_WB
915 00000148 0a000094 BEQ CallOSHandlerWithError
916 0000014c
917 0000014c ARM_LDM_STM_OK
918 0000014c
919 0000014c ; *** Live register values at this point are:
920 0000014c ; R0: M bit (bit 27) indicating multiple vs. single transfer.
921 0000014c ; P bit (bit 24) indicating pre- vs. post-indexing.
922 0000014c ; U bit (bit 23) indicating whether indexing is up or down.
923 0000014c ; W bit (bit 21) indicating whether base register writeback
924 0000014c ; is required.
925 0000014c ; R1: Number of base register, still in instruction position.
926 0000014c ; R3: Register list mask (only the number of set bits matters).
927 0000014c ; R4: Pointer to aborting instruction
928 0000014c ; R5: SPSR value
929 0000014c ; R6: Error code
930 0000014c ; R8: Abort model (if relevant)
931 0000014c ; R13: Stack pointer (pointing to register dump)
932 0000014c ;
933 0000014c ; Calculate offset from mask, by repeatedly isolating and removing the
934 0000014c ; least significant bit in the mask until it is zero. Note we know the
935 0000014c ; mask is non-zero.
936 0000014c
937 0000014c e3a02000 MOV R2, #0
938 00000150
939 00000150 ARM_LDM_STM_OffsetLoop
940 00000150 e2822004 ADD R2, R2, #4
941 00000154 e2637000 RSB R7, R3, #0 ;Unequal above lowest 1, equal
942 00000158 ; at lowest 1 and below
943 00000158 e1d33007 BICS R3, R3, R7 ;So this clears lowest 1
944 0000015c 1afffffb BNE ARM_LDM_STM_OffsetLoop
945 00000160
946 00000160 [ PassXferAddr
968 00000160 ]
969 00000160
970 00000160 ea000084 B RegisterAdjust3
971 00000164
972 00000164 ; Analysis of ARM LDR/STR instructions with register offset
973 00000164 ; ---------------------------------------------------------
974 00000164 ;
975 00000164 ; Offset is Rm, shifted appropriately; force writeback if
976 00000164 ; post-indexed. M, P, U and L bits are already right.
977 00000164
978 00000164 ARM_LDR_STR_Reg
979 00000164
980 00000164 e3100401 TST R0, #ARM_P_bit
981 00000168 03800602 ORREQ R0, R0, #ARM_W_bit
982 0000016c e200200f AND R2, R0, #ARM_Rm_mask
983 00000170
984 00000170 ; Need to check for some error conditions:
985 00000170 ;
986 00000170 ; * An invalid instruction.
987 00000170
988 00000170 e3100010 TST R0, #0x00000010
989 00000174 1affffbf BNE ARM_Should_Not_Happen
990 00000178
991 00000178 ; * An index register of R15.
992 00000178
993 00000178 e352000f CMP R2, #0xF :SHL: ARM_Rm_pos
994 0000017c 03a06005 MOVEQ R6, #DABORT_ERROR_INDEX_R15
995 00000180 0a000086 BEQ CallOSHandlerWithError
996 00000184
997 00000184 ; * Base register = index register, with writeback.
998 00000184
999 00000184 e1520821 CMP R2, R1, LSR #(ARM_Rn_pos - ARM_Rm_pos)
1000 00000188 1a000001 BNE ARM_LDR_STR_Reg_OK
1001 0000018c e3100602 TST R0, #ARM_W_bit
1002 00000190 1a00001b BNE ARM_LDR_STR_Reg_NotOK
1003 00000194
1004 00000194 ARM_LDR_STR_Reg_OK
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -