📄 oemabort.lst
字号:
1005 00000194
1006 00000194 ; Get the index register value.
1007 00000194
1008 00000194 e79d2102 LDR R2, [R13, R2, LSL #(2 - ARM_Rm_pos)]
1009 00000198
1010 00000198 ; Now we need to apply the shift. Split according to the shift type.
1011 00000198
1012 00000198 e2007060 AND R7, R0, #3 :SHL: 5
1013 0000019c e08ff1a7 ADD PC, PC, R7, LSR #3
1014 000001a0
1015 000001a0 e1a00000 NOP ;Branch table padding
1016 000001a4
1017 000001a4 ea000012 B ARM_LDR_STR_Reg_LSL
1018 000001a8 ea00000c B ARM_LDR_STR_Reg_LSR
1019 000001ac ea000006 B ARM_LDR_STR_Reg_ASR
1020 000001b0 ARM_LDR_STR_Reg_ROR
1021 000001b0 e2107d3e ANDS R7, R0, #0x1F :SHL: 7
1022 000001b4 11a073a7 MOVNE R7, R7, LSR #7 ;If amount non-zero,
1023 000001b8 11a02772 MOVNE R2, R2, ROR R7 ; ROR correctly
1024 000001bc 1a000067 BNE RegisterAdjust
1025 000001c0
1026 000001c0 ; We've got an RRX shift. This has got to be silly, but it's just as
1027 000001c0 ; easy to handle it correctly as to produce an error.
1028 000001c0
1029 000001c0 e1b07185 MOVS R7, R5, LSL #3 ;Caller's C -> C
1030 000001c4 e1a02062 MOV R2, R2, RRX
1031 000001c8 ea000064 B RegisterAdjust
1032 000001cc
1033 000001cc ARM_LDR_STR_Reg_ASR
1034 000001cc e2107d3e ANDS R7, R0, #0x1F :SHL: 7
1035 000001d0 11a073a7 MOVNE R7, R7, LSR #7 ;If amount non-zero,
1036 000001d4 11a02752 MOVNE R2, R2, ASR R7 ; ASR correctly
1037 000001d8 01a02042 MOVEQ R2, R2, ASR #32 ;Else ASR by 32
1038 000001dc ea00005f B RegisterAdjust
1039 000001e0
1040 000001e0 ARM_LDR_STR_Reg_LSR
1041 000001e0 e2107d3e ANDS R7, R0, #0x1F :SHL: 7
1042 000001e4 11a073a7 MOVNE R7, R7, LSR #7 ;If amount non-zero,
1043 000001e8 11a02732 MOVNE R2, R2, LSR R7 ; LSR correctly
1044 000001ec 01a02022 MOVEQ R2, R2, LSR #32 ;Else LSR by 32
1045 000001f0 ea00005a B RegisterAdjust
1046 000001f4
1047 000001f4 ARM_LDR_STR_Reg_LSL
1048 000001f4 e2007d3e AND R7, R0, #0x1F :SHL: 7
1049 000001f8 e1a073a7 MOV R7, R7, LSR #7
1050 000001fc e1a02712 MOV R2, R2, LSL R7
1051 00000200 ea000056 B RegisterAdjust
1052 00000204
1053 00000204 ARM_LDR_STR_Reg_NotOK
1054 00000204 e3100401 TST R0, #ARM_P_bit
1055 00000208 03a06002 MOVEQ R6, #DABORT_ERROR_BASEEQINDEX_POST
1056 0000020c 13a06001 MOVNE R6, #DABORT_ERROR_BASEEQINDEX_PRE
1057 00000210 ea000062 B CallOSHandlerWithError
1058 00000214
1059 00000214 ; Analysis of ARM LDR/STR instructions with immediate offset
1060 00000214 ; ----------------------------------------------------------
1061 00000214 ;
1062 00000214 ; Offset comes direct from the instruction; force writeback if
1063 00000214 ; post-indexed. M, P, U and L bits are already right.
1064 00000214
1065 00000214 ARM_LDR_STR_Immed
1066 00000214 e1a02a00 MOV R2, R0, LSL #20
1067 00000218 e1a02a22 MOV R2, R2, LSR #20
1068 0000021c e3100401 TST R0, #ARM_P_bit
1069 00000220 03800602 ORREQ R0, R0, #ARM_W_bit
1070 00000224
1071 00000224 ; Fall through to RegisterAdjust if following code isn't assembled.
1072 00000224
1073 00000224 [ SuptThumb
1074 00000224
1075 00000224 ea00004d B RegisterAdjust
1076 00000228
1077 00000228 LTORG
1078 00000228
1079 00000228 ThumbInstruction
1080 00000228
1081 00000228 ; Thumb instruction analysis
1082 00000228 ; ==========================
1083 00000228 ;
1084 00000228 ; Get the instruction. We can use a normal LDRH instruction to do this,
1085 00000228 ; rather than faking an "LDRHT" from an LDRT, for the same reasons that we
1086 00000228 ; can use LDR rather than LDRT to fetch an ARM instruction - see "ARM
1087 00000228 ; instruction analysis" above.
1088 00000228
1089 00000228 e1d400b0 LDRH R0, [R4]
1090 0000022c
1091 0000022c ; *** Live register values at this point are:
1092 0000022c ; R0: Aborting instruction
1093 0000022c ; R4: Pointer to aborting instruction
1094 0000022c ; R5: SPSR value
1095 0000022c ; R6: Error code
1096 0000022c ; R8: Abort model (if relevant)
1097 0000022c ; R13: Stack pointer (pointing to register dump)
1098 0000022c ;
1099 0000022c ; Now start analysing the instruction. The objective of this stage is
1100 0000022c ; to end up with the same register contents as the ARM instruction analysis,
1101 0000022c ; i.e.:
1102 0000022c ;
1103 0000022c ; R0: M bit (bit 27) indicating multiple vs. single transfer.
1104 0000022c ; P bit (bit 24) indicating pre- vs. post-indexing.
1105 0000022c ; U bit (bit 23) indicating whether indexing is up or down.
1106 0000022c ; W bit (bit 21) indicating whether base register writeback
1107 0000022c ; is required.
1108 0000022c ; [ L bit (bit 20) indicating whether a load or a store, at least
1109 0000022c ; when writeback is involved or there is a potential "user bank"
1110 0000022c ; LDM. Not needed in general for Thumb instructions - the
1111 0000022c ; writebacks for LDM/POP/PUSH/STM will be dealt with specially. ]
1112 0000022c ; R1: Number of base register, in ARM instruction position.
1113 0000022c ; R2: Offset value.
1114 0000022c ; R3: Number of destination register, in ARM instruction position
1115 0000022c ; (for all but LDM/POP/PUSH/STM).
1116 0000022c ;
1117 0000022c ; Unlike the ARM instruction case, we will have to do a lot of "faking" to
1118 0000022c ; get things right. We do at least have the advantage that all the relevant
1119 0000022c ; bits of R0 are known to be zero at this point.
1120 0000022c ;
1121 0000022c ; Set R1 and R3 from the most usual positions of the base and destination
1122 0000022c ; registers in Thumb instructions.
1123 0000022c
1124 0000022c e2001038 AND R1, R0, #Thumb_usual_Rn_mask
1125 00000230 e1a01681 MOV R1, R1, LSL #(ARM_Rn_pos - Thumb_usual_Rn_pos)
1126 00000234 e2003007 AND R3, R0, #Thumb_usual_Rd_mask
1127 00000238 e1a03603 MOV R3, R3, LSL #(ARM_Rd_pos - Thumb_usual_Rd_pos)
1128 0000023c
1129 0000023c ; Now split according to the major class of the instruction - i.e.
1130 0000023c ; bits 15:12.
1131 0000023c
1132 0000023c e2002a0f AND R2, R0, #(0xF:SHL:12)
1133 00000240 e08ff522 ADD PC, PC, R2, LSR #10
1134 00000244
1135 00000244 e1a00000 NOP ;Branch table padding
1136 00000248
1137 00000248 eaffff8a B ARM_Should_Not_Happen ;(Shift imm.)
1138 0000024c eaffff89 B ARM_Should_Not_Happen ;(Shift imm., add/sub)
1139 00000250 eaffff88 B ARM_Should_Not_Happen ;(Add/sub/compare/move
1140 00000254 eaffff87 B ARM_Should_Not_Happen ; immediate)
1141 00000258 ea00002c B Thumb_PCbased ;(Also data processing)
1142 0000025c ea000020 B Thumb_RegOffset
1143 00000260 ea000033 B Thumb_LDR_STR
1144 00000264 ea000036 B Thumb_LDRB_STRB
1145 00000268 ea000039 B Thumb_LDRH_STRH
1146 0000026c ea000020 B Thumb_SPbased
1147 00000270 eaffff80 B ARM_Should_Not_Happen ;(ADR from PC/SP)
1148 00000274 ea000003 B Thumb_PUSH_POP ;(Also SP adjust/Undef)
1149 00000278 ea00000d B Thumb_LDM_STM
1150 0000027c eaffff7d B ARM_Should_Not_Happen ;(Bcc/SWI/Undef)
1151 00000280 eaffff7c B ARM_Should_Not_Happen ;(Uncond. branch/Undef)
1152 00000284 eaffff7b B ARM_Should_Not_Happen ;(BL high/low)
1153 00000288
1154 00000288 ; Analysis of Thumb PC-based PUSH/POP instructions
1155 00000288 ; ------------------------------------------------
1156 00000288
1157 00000288 Thumb_PUSH_POP
1158 00000288
1159 00000288 ; Checks for errors:
1160 00000288 ;
1161 00000288 ; * Instruction not in fact PUSH/POP:
1162 00000288
1163 00000288 e3100b01 TST R0, #0x0400
1164 0000028c 0affff79 BEQ ARM_Should_Not_Happen
1165 00000290
1166 00000290 ; * Empty register mask - register mask gets calculated at the same
1167 00000290 ; time and put in R3. Note that only the number of set bits in the
1168 00000290 ; register mask matters, so we don't have to shift the LR/PC bit to
1169 00000290 ; the correct position.
1170 00000290
1171 00000290 e3d03cfe BICS R3, R0, #0xFE00
1172 00000294 03a06007 MOVEQ R6, #DABORT_ERROR_LDMSTM_EMPTY
1173 00000298 0a000040 BEQ CallOSHandlerWithError
1174 0000029c
1175 0000029c ; We will branch into the ARM LDM/STM code at the point where all
1176 0000029c ; error checks have been performed. Things we still need to do are:
1177 0000029c ;
1178 0000029c ; * Set the M, P, U and W bits correctly in R0 (1/0/1/1 for POP,
1179 0000029c ; 1/1/0/1 for PUSH).
1180 0000029c ; * Set R1 to the correct base register number (R13).
1181 0000029c
1182 0000029c e3c03cfe BIC R3, R0, #0xFE00
1183 000002a0 e3a0180d MOV R1, #(0xD :SHL: ARM_Rn_pos)
1184 000002a4 e3100b02 TST R0, #Thumb_L_bit
1185 000002a8 03800692 ORREQ R0, R0, #ARM_M_bit + ARM_P_bit + ARM_W_bit
1186 000002ac 1380068a ORRNE R0, R0, #ARM_M_bit + ARM_U_bit + ARM_W_bit
1187 000002b0 eaffffa5 B ARM_LDM_STM_OK
1188 000002b4
1189 000002b4 ; Analysis of Thumb PC-based LDM/STM instructions
1190 000002b4 ; -----------------------------------------------
1191 000002b4
1192 000002b4 Thumb_LDM_STM
1193 000002b4
1194 000002b4 ; Checks for errors:
1195 000002b4
1196 000002b4 ; * Empty register mask - register mask gets calculated at the same
1197 000002b4 ; time and put in R3.
1198 000002b4
1199 000002b4 e3d03cff BICS R3, R0, #0xFF00
1200 000002b8 03a06007 MOVEQ R6, #DABORT_ERROR_LDMSTM_EMPTY
1201 000002bc 0a000037 BEQ CallOSHandlerWithError
1202 000002c0
1203 000002c0 ; * Writeback and load of the same register. We've definitely got
1204 000002c0 ; writeback, so it's just a question of whether the base register
1205 000002c0 ; appears in the register list. First, get the base register number
1206 000002c0 ; into R1 and put it into ARM base register position (where it is
1207 000002c0 ; needed later anyway). Then check whether it appears in the
1208 000002c0 ; register list.
1209 000002c0
1210 000002c0 e2001c07 AND R1, R0, #Thumb_unusual_reg_mask
1211 000002c4 e1a01401 MOV R1, R1, LSL #(ARM_Rn_pos - Thumb_unusual_reg_pos)
1212 000002c8
1213 000002c8 e1a07821 MOV R7, R1, LSR #ARM_Rn_pos
1214 000002cc e1a07733 MOV R7, R3, LSR R7
1215 000002d0 e3170001 TST R7, #1
1216 000002d4 13a06006 MOVNE R6, #DABORT_ERROR_LOAD_WB
1217 000002d8 1a000030 BNE CallOSHandlerWithError
1218 000002dc
1219 000002dc ; We will branch into the ARM LDM/STM code at the point where all
1220 000002dc ; error checks have been performed. The only thing we still need to do
1221 000002dc ; is set the M, P, U and W bits correctly in R0 (1/0/1/1 for both LDM
1222 000002dc ; and STM).
1223 000002dc
1224 000002dc e380068a ORR R0, R0, #ARM_M_bit + ARM_U_bit + ARM_W_bit
1225 000002e0 eaffff99 B ARM_LDM_STM_OK
1226 000002e4
1227 000002e4 ; Analysis of Thumb LDRx/STRx with register offset
1228 000002e4 ; ------------------------------------------------
1229 000002e4 ;
1230 000002e4 ; R0 bits should be M=0, P=1, U=1, W=0. R1 and R3 are right; R2 value
1231 000002e4 ; should be obtained from the Thumb instruction's Rm field. There are
1232 000002e4 ; no problems with an index register of R15 or with writeback with ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -