ARMDisassembler.cpp revision 9899f70a7406d632c82849978bf6981f1ee4ccb5
1//===- ARMDisassembler.cpp - Disassembler for ARM/Thumb ISA -----*- C++ -*-===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file is part of the ARM Disassembler. 11// It contains code to implement the public interfaces of ARMDisassembler and 12// ThumbDisassembler, both of which are instances of MCDisassembler. 13// 14//===----------------------------------------------------------------------===// 15 16#define DEBUG_TYPE "arm-disassembler" 17 18#include "ARMDisassembler.h" 19#include "ARMDisassemblerCore.h" 20 21#include "llvm/MC/EDInstInfo.h" 22#include "llvm/MC/MCInst.h" 23#include "llvm/Target/TargetRegistry.h" 24#include "llvm/Support/Debug.h" 25#include "llvm/Support/MemoryObject.h" 26#include "llvm/Support/ErrorHandling.h" 27#include "llvm/Support/raw_ostream.h" 28 29/// ARMGenDecoderTables.inc - ARMDecoderTables.inc is tblgen'ed from 30/// ARMDecoderEmitter.cpp TableGen backend. It contains: 31/// 32/// o Mappings from opcode to ARM/Thumb instruction format 33/// 34/// o static uint16_t decodeInstruction(uint32_t insn) - the decoding function 35/// for an ARM instruction. 36/// 37/// o static uint16_t decodeThumbInstruction(field_t insn) - the decoding 38/// function for a Thumb instruction. 39/// 40#include "../ARMGenDecoderTables.inc" 41 42#include "../ARMGenEDInfo.inc" 43 44using namespace llvm; 45 46/// showBitVector - Use the raw_ostream to log a diagnostic message describing 47/// the inidividual bits of the instruction. 48/// 49static inline void showBitVector(raw_ostream &os, const uint32_t &insn) { 50 // Split the bit position markers into more than one lines to fit 80 columns. 51 os << " 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11" 52 << " 10 9 8 7 6 5 4 3 2 1 0 \n"; 53 os << "---------------------------------------------------------------" 54 << "----------------------------------\n"; 55 os << '|'; 56 for (unsigned i = 32; i != 0; --i) { 57 if (insn >> (i - 1) & 0x01) 58 os << " 1"; 59 else 60 os << " 0"; 61 os << (i%4 == 1 ? '|' : ':'); 62 } 63 os << '\n'; 64 // Split the bit position markers into more than one lines to fit 80 columns. 65 os << "---------------------------------------------------------------" 66 << "----------------------------------\n"; 67 os << '\n'; 68} 69 70/// decodeARMInstruction is a decorator function which tries special cases of 71/// instruction matching before calling the auto-generated decoder function. 72static unsigned decodeARMInstruction(uint32_t &insn) { 73 if (slice(insn, 31, 28) == 15) 74 goto AutoGenedDecoder; 75 76 // Special case processing, if any, goes here.... 77 78 // LLVM combines the offset mode of A8.6.197 & A8.6.198 into STRB. 79 // The insufficient encoding information of the combined instruction confuses 80 // the decoder wrt BFC/BFI. Therefore, we try to recover here. 81 // For BFC, Inst{27-21} = 0b0111110 & Inst{6-0} = 0b0011111. 82 // For BFI, Inst{27-21} = 0b0111110 & Inst{6-4} = 0b001 & Inst{3-0} =! 0b1111. 83 if (slice(insn, 27, 21) == 0x3e && slice(insn, 6, 4) == 1) { 84 if (slice(insn, 3, 0) == 15) 85 return ARM::BFC; 86 else 87 return ARM::BFI; 88 } 89 90 // Ditto for ADDSrs, which is a super-instruction for A8.6.7 & A8.6.8. 91 // As a result, the decoder fails to decode UMULL properly. 92 if (slice(insn, 27, 21) == 0x04 && slice(insn, 7, 4) == 9) { 93 return ARM::UMULL; 94 } 95 96 // Ditto for STR_PRE, which is a super-instruction for A8.6.194 & A8.6.195. 97 // As a result, the decoder fails to decode SBFX properly. 98 if (slice(insn, 27, 21) == 0x3d && slice(insn, 6, 4) == 5) 99 return ARM::SBFX; 100 101 // And STRB_PRE, which is a super-instruction for A8.6.197 & A8.6.198. 102 // As a result, the decoder fails to decode UBFX properly. 103 if (slice(insn, 27, 21) == 0x3f && slice(insn, 6, 4) == 5) 104 return ARM::UBFX; 105 106 // Ditto for STRT, which is a super-instruction for A8.6.210 Encoding A1 & A2. 107 // As a result, the decoder fails to deocode SSAT properly. 108 if (slice(insn, 27, 21) == 0x35 && slice(insn, 5, 4) == 1) 109 return slice(insn, 6, 6) == 0 ? ARM::SSATlsl : ARM::SSATasr; 110 111 // Ditto for RSCrs, which is a super-instruction for A8.6.146 & A8.6.147. 112 // As a result, the decoder fails to decode STRHT/LDRHT/LDRSHT/LDRSBT. 113 if (slice(insn, 27, 24) == 0) { 114 switch (slice(insn, 21, 20)) { 115 case 2: 116 switch (slice(insn, 7, 4)) { 117 case 11: 118 return ARM::STRHT; 119 default: 120 break; // fallthrough 121 } 122 break; 123 case 3: 124 switch (slice(insn, 7, 4)) { 125 case 11: 126 return ARM::LDRHT; 127 case 13: 128 return ARM::LDRSBT; 129 case 15: 130 return ARM::LDRSHT; 131 default: 132 break; // fallthrough 133 } 134 break; 135 default: 136 break; // fallthrough 137 } 138 } 139 140 // Ditto for SBCrs, which is a super-instruction for A8.6.152 & A8.6.153. 141 // As a result, the decoder fails to decode STRH_Post/LDRD_POST/STRD_POST 142 // properly. 143 if (slice(insn, 27, 25) == 0 && slice(insn, 20, 20) == 0) { 144 unsigned PW = slice(insn, 24, 24) << 1 | slice(insn, 21, 21); 145 switch (slice(insn, 7, 4)) { 146 case 11: 147 switch (PW) { 148 case 2: // Offset 149 return ARM::STRH; 150 case 3: // Pre-indexed 151 return ARM::STRH_PRE; 152 case 0: // Post-indexed 153 return ARM::STRH_POST; 154 default: 155 break; // fallthrough 156 } 157 break; 158 case 13: 159 switch (PW) { 160 case 2: // Offset 161 return ARM::LDRD; 162 case 3: // Pre-indexed 163 return ARM::LDRD_PRE; 164 case 0: // Post-indexed 165 return ARM::LDRD_POST; 166 default: 167 break; // fallthrough 168 } 169 break; 170 case 15: 171 switch (PW) { 172 case 2: // Offset 173 return ARM::STRD; 174 case 3: // Pre-indexed 175 return ARM::STRD_PRE; 176 case 0: // Post-indexed 177 return ARM::STRD_POST; 178 default: 179 break; // fallthrough 180 } 181 break; 182 default: 183 break; // fallthrough 184 } 185 } 186 187 // Ditto for SBCSSrs, which is a super-instruction for A8.6.152 & A8.6.153. 188 // As a result, the decoder fails to decode LDRH_POST/LDRSB_POST/LDRSH_POST 189 // properly. 190 if (slice(insn, 27, 25) == 0 && slice(insn, 20, 20) == 1) { 191 unsigned PW = slice(insn, 24, 24) << 1 | slice(insn, 21, 21); 192 switch (slice(insn, 7, 4)) { 193 case 11: 194 switch (PW) { 195 case 2: // Offset 196 return ARM::LDRH; 197 case 3: // Pre-indexed 198 return ARM::LDRH_PRE; 199 case 0: // Post-indexed 200 return ARM::LDRH_POST; 201 default: 202 break; // fallthrough 203 } 204 break; 205 case 13: 206 switch (PW) { 207 case 2: // Offset 208 return ARM::LDRSB; 209 case 3: // Pre-indexed 210 return ARM::LDRSB_PRE; 211 case 0: // Post-indexed 212 return ARM::LDRSB_POST; 213 default: 214 break; // fallthrough 215 } 216 break; 217 case 15: 218 switch (PW) { 219 case 2: // Offset 220 return ARM::LDRSH; 221 case 3: // Pre-indexed 222 return ARM::LDRSH_PRE; 223 case 0: // Post-indexed 224 return ARM::LDRSH_POST; 225 default: 226 break; // fallthrough 227 } 228 break; 229 default: 230 break; // fallthrough 231 } 232 } 233 234AutoGenedDecoder: 235 // Calling the auto-generated decoder function. 236 return decodeInstruction(insn); 237} 238 239// Helper function for special case handling of LDR (literal) and friends. 240// See, for example, A6.3.7 Load word: Table A6-18 Load word. 241// See A8.6.57 T3, T4 & A8.6.60 T2 and friends for why we morphed the opcode 242// before returning it. 243static unsigned T2Morph2LoadLiteral(unsigned Opcode) { 244 switch (Opcode) { 245 default: 246 return Opcode; // Return unmorphed opcode. 247 248 case ARM::t2LDRDi8: 249 return ARM::t2LDRDpci; 250 251 case ARM::t2LDR_POST: case ARM::t2LDR_PRE: 252 case ARM::t2LDRi12: case ARM::t2LDRi8: 253 case ARM::t2LDRs: 254 return ARM::t2LDRpci; 255 256 case ARM::t2LDRB_POST: case ARM::t2LDRB_PRE: 257 case ARM::t2LDRBi12: case ARM::t2LDRBi8: 258 case ARM::t2LDRBs: 259 return ARM::t2LDRBpci; 260 261 case ARM::t2LDRH_POST: case ARM::t2LDRH_PRE: 262 case ARM::t2LDRHi12: case ARM::t2LDRHi8: 263 case ARM::t2LDRHs: 264 return ARM::t2LDRHpci; 265 266 case ARM::t2LDRSB_POST: case ARM::t2LDRSB_PRE: 267 case ARM::t2LDRSBi12: case ARM::t2LDRSBi8: 268 case ARM::t2LDRSBs: 269 return ARM::t2LDRSBpci; 270 271 case ARM::t2LDRSH_POST: case ARM::t2LDRSH_PRE: 272 case ARM::t2LDRSHi12: case ARM::t2LDRSHi8: 273 case ARM::t2LDRSHs: 274 return ARM::t2LDRSHpci; 275 } 276} 277 278/// decodeThumbSideEffect is a decorator function which can potentially twiddle 279/// the instruction or morph the returned opcode under Thumb2. 280/// 281/// First it checks whether the insn is a NEON or VFP instr; if true, bit 282/// twiddling could be performed on insn to turn it into an ARM NEON/VFP 283/// equivalent instruction and decodeInstruction is called with the transformed 284/// insn. 285/// 286/// Next, there is special handling for Load byte/halfword/word instruction by 287/// checking whether Rn=0b1111 and call T2Morph2LoadLiteral() on the decoded 288/// Thumb2 instruction. See comments below for further details. 289/// 290/// Finally, one last check is made to see whether the insn is a NEON/VFP and 291/// decodeInstruction(insn) is invoked on the original insn. 292/// 293/// Otherwise, decodeThumbInstruction is called with the original insn. 294static unsigned decodeThumbSideEffect(bool IsThumb2, uint32_t &insn) { 295 if (IsThumb2) { 296 uint16_t op1 = slice(insn, 28, 27); 297 uint16_t op2 = slice(insn, 26, 20); 298 299 // A6.3 32-bit Thumb instruction encoding 300 // Table A6-9 32-bit Thumb instruction encoding 301 302 // The coprocessor instructions of interest are transformed to their ARM 303 // equivalents. 304 305 // --------- Transform Begin Marker --------- 306 if ((op1 == 1 || op1 == 3) && slice(op2, 6, 4) == 7) { 307 // A7.4 Advanced SIMD data-processing instructions 308 // U bit of Thumb corresponds to Inst{24} of ARM. 309 uint16_t U = slice(op1, 1, 1); 310 311 // Inst{28-24} of ARM = {1,0,0,1,U}; 312 uint16_t bits28_24 = 9 << 1 | U; 313 DEBUG(showBitVector(errs(), insn)); 314 setSlice(insn, 28, 24, bits28_24); 315 return decodeInstruction(insn); 316 } 317 318 if (op1 == 3 && slice(op2, 6, 4) == 1 && slice(op2, 0, 0) == 0) { 319 // A7.7 Advanced SIMD element or structure load/store instructions 320 // Inst{27-24} of Thumb = 0b1001 321 // Inst{27-24} of ARM = 0b0100 322 DEBUG(showBitVector(errs(), insn)); 323 setSlice(insn, 27, 24, 4); 324 return decodeInstruction(insn); 325 } 326 // --------- Transform End Marker --------- 327 328 // See, for example, A6.3.7 Load word: Table A6-18 Load word. 329 // See A8.6.57 T3, T4 & A8.6.60 T2 and friends for why we morphed the opcode 330 // before returning it to our caller. 331 if (op1 == 3 && slice(op2, 6, 5) == 0 && slice(op2, 0, 0) == 1 332 && slice(insn, 19, 16) == 15) 333 return T2Morph2LoadLiteral(decodeThumbInstruction(insn)); 334 335 // One last check for NEON/VFP instructions. 336 if ((op1 == 1 || op1 == 3) && slice(op2, 6, 6) == 1) 337 return decodeInstruction(insn); 338 339 // Fall through. 340 } 341 342 return decodeThumbInstruction(insn); 343} 344 345static inline bool Thumb2PreloadOpcodeNoPCI(unsigned Opcode) { 346 switch (Opcode) { 347 default: 348 return false; 349 case ARM::t2PLDi12: case ARM::t2PLDi8: 350 case ARM::t2PLDr: case ARM::t2PLDs: 351 case ARM::t2PLDWi12: case ARM::t2PLDWi8: 352 case ARM::t2PLDWr: case ARM::t2PLDWs: 353 case ARM::t2PLIi12: case ARM::t2PLIi8: 354 case ARM::t2PLIr: case ARM::t2PLIs: 355 return true; 356 } 357} 358 359static inline unsigned T2Morph2Preload2PCI(unsigned Opcode) { 360 switch (Opcode) { 361 default: 362 return 0; 363 case ARM::t2PLDi12: case ARM::t2PLDi8: 364 case ARM::t2PLDr: case ARM::t2PLDs: 365 return ARM::t2PLDpci; 366 case ARM::t2PLDWi12: case ARM::t2PLDWi8: 367 case ARM::t2PLDWr: case ARM::t2PLDWs: 368 return ARM::t2PLDWpci; 369 case ARM::t2PLIi12: case ARM::t2PLIi8: 370 case ARM::t2PLIr: case ARM::t2PLIs: 371 return ARM::t2PLIpci; 372 } 373} 374 375// 376// Public interface for the disassembler 377// 378 379bool ARMDisassembler::getInstruction(MCInst &MI, 380 uint64_t &Size, 381 const MemoryObject &Region, 382 uint64_t Address, 383 raw_ostream &os) const { 384 // The machine instruction. 385 uint32_t insn; 386 uint8_t bytes[4]; 387 388 // We want to read exactly 4 bytes of data. 389 if (Region.readBytes(Address, 4, (uint8_t*)bytes, NULL) == -1) 390 return false; 391 392 // Encoded as a small-endian 32-bit word in the stream. 393 insn = (bytes[3] << 24) | 394 (bytes[2] << 16) | 395 (bytes[1] << 8) | 396 (bytes[0] << 0); 397 398 unsigned Opcode = decodeARMInstruction(insn); 399 ARMFormat Format = ARMFormats[Opcode]; 400 Size = 4; 401 402 DEBUG({ 403 errs() << "Opcode=" << Opcode << " Name=" << ARMUtils::OpcodeName(Opcode) 404 << " Format=" << stringForARMFormat(Format) << '(' << (int)Format 405 << ")\n"; 406 showBitVector(errs(), insn); 407 }); 408 409 ARMBasicMCBuilder *Builder = CreateMCBuilder(Opcode, Format); 410 411 if (!Builder) 412 return false; 413 414 if (!Builder->Build(MI, insn)) 415 return false; 416 417 delete Builder; 418 419 return true; 420} 421 422bool ThumbDisassembler::getInstruction(MCInst &MI, 423 uint64_t &Size, 424 const MemoryObject &Region, 425 uint64_t Address, 426 raw_ostream &os) const { 427 // The Thumb instruction stream is a sequence of halhwords. 428 429 // This represents the first halfword as well as the machine instruction 430 // passed to decodeThumbInstruction(). For 16-bit Thumb instruction, the top 431 // halfword of insn is 0x00 0x00; otherwise, the first halfword is moved to 432 // the top half followed by the second halfword. 433 uint32_t insn = 0; 434 // Possible second halfword. 435 uint16_t insn1 = 0; 436 437 // A6.1 Thumb instruction set encoding 438 // 439 // If bits [15:11] of the halfword being decoded take any of the following 440 // values, the halfword is the first halfword of a 32-bit instruction: 441 // o 0b11101 442 // o 0b11110 443 // o 0b11111. 444 // 445 // Otherwise, the halfword is a 16-bit instruction. 446 447 // Read 2 bytes of data first. 448 uint8_t bytes[2]; 449 if (Region.readBytes(Address, 2, (uint8_t*)bytes, NULL) == -1) 450 return false; 451 452 // Encoded as a small-endian 16-bit halfword in the stream. 453 insn = (bytes[1] << 8) | bytes[0]; 454 unsigned bits15_11 = slice(insn, 15, 11); 455 bool IsThumb2 = false; 456 457 // 32-bit instructions if the bits [15:11] of the halfword matches 458 // { 0b11101 /* 0x1D */, 0b11110 /* 0x1E */, ob11111 /* 0x1F */ }. 459 if (bits15_11 == 0x1D || bits15_11 == 0x1E || bits15_11 == 0x1F) { 460 IsThumb2 = true; 461 if (Region.readBytes(Address + 2, 2, (uint8_t*)bytes, NULL) == -1) 462 return false; 463 // Encoded as a small-endian 16-bit halfword in the stream. 464 insn1 = (bytes[1] << 8) | bytes[0]; 465 insn = (insn << 16 | insn1); 466 } 467 468 // The insn could potentially be bit-twiddled in order to be decoded as an ARM 469 // NEON/VFP opcode. In such case, the modified insn is later disassembled as 470 // an ARM NEON/VFP instruction. 471 // 472 // This is a short term solution for lack of encoding bits specified for the 473 // Thumb2 NEON/VFP instructions. The long term solution could be adding some 474 // infrastructure to have each instruction support more than one encodings. 475 // Which encoding is used would be based on which subtarget the compiler/ 476 // disassembler is working with at the time. This would allow the sharing of 477 // the NEON patterns between ARM and Thumb2, as well as potential greater 478 // sharing between the regular ARM instructions and the 32-bit wide Thumb2 479 // instructions as well. 480 unsigned Opcode = decodeThumbSideEffect(IsThumb2, insn); 481 482 // A8.6.117/119/120/121. 483 // PLD/PLDW/PLI instructions with Rn==15 is transformed to the pci variant. 484 if (Thumb2PreloadOpcodeNoPCI(Opcode) && slice(insn, 19, 16) == 15) 485 Opcode = T2Morph2Preload2PCI(Opcode); 486 487 ARMFormat Format = ARMFormats[Opcode]; 488 Size = IsThumb2 ? 4 : 2; 489 490 DEBUG({ 491 errs() << "Opcode=" << Opcode << " Name=" << ARMUtils::OpcodeName(Opcode) 492 << " Format=" << stringForARMFormat(Format) << '(' << (int)Format 493 << ")\n"; 494 showBitVector(errs(), insn); 495 }); 496 497 ARMBasicMCBuilder *Builder = CreateMCBuilder(Opcode, Format); 498 Builder->setSession(const_cast<Session *>(&SO)); 499 500 if (!Builder) 501 return false; 502 503 if (!Builder->Build(MI, insn)) 504 return false; 505 506 delete Builder; 507 508 return true; 509} 510 511// A8.6.50 512static unsigned short CountITSize(unsigned ITMask) { 513 // First count the trailing zeros of the IT mask. 514 unsigned TZ = CountTrailingZeros_32(ITMask); 515 assert(TZ <= 3 && "Encoding error"); 516 return (4 - TZ); 517} 518 519/// Init ITState. 520void Session::InitIT(unsigned short bits7_0) { 521 ITCounter = CountITSize(slice(bits7_0, 3, 0)); 522 ITState = bits7_0; 523} 524 525/// Update ITState if necessary. 526void Session::UpdateIT() { 527 assert(ITCounter); 528 --ITCounter; 529 if (ITCounter == 0) 530 ITState = 0; 531 else { 532 unsigned short NewITState4_0 = slice(ITState, 4, 0) << 1; 533 setSlice(ITState, 4, 0, NewITState4_0); 534 } 535} 536 537static MCDisassembler *createARMDisassembler(const Target &T) { 538 return new ARMDisassembler; 539} 540 541static MCDisassembler *createThumbDisassembler(const Target &T) { 542 return new ThumbDisassembler; 543} 544 545extern "C" void LLVMInitializeARMDisassembler() { 546 // Register the disassembler. 547 TargetRegistry::RegisterMCDisassembler(TheARMTarget, 548 createARMDisassembler); 549 TargetRegistry::RegisterMCDisassembler(TheThumbTarget, 550 createThumbDisassembler); 551} 552 553EDInstInfo *ARMDisassembler::getEDInfo() const { 554 return instInfoARM; 555} 556 557EDInstInfo *ThumbDisassembler::getEDInfo() const { 558 return instInfoARM; 559} 560