ARMDisassembler.cpp revision 206274
1//===- ARMDisassembler.cpp - Disassembler for ARM/Thumb ISA -----*- C++ -*-===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This file is part of the ARM Disassembler. 11// It contains code to implement the public interfaces of ARMDisassembler and 12// ThumbDisassembler, both of which are instances of MCDisassembler. 13// 14//===----------------------------------------------------------------------===// 15 16#define DEBUG_TYPE "arm-disassembler" 17 18#include "ARMDisassembler.h" 19#include "ARMDisassemblerCore.h" 20 21#include "llvm/MC/MCInst.h" 22#include "llvm/Target/TargetRegistry.h" 23#include "llvm/Support/Debug.h" 24#include "llvm/Support/MemoryObject.h" 25#include "llvm/Support/ErrorHandling.h" 26#include "llvm/Support/raw_ostream.h" 27 28/// ARMGenDecoderTables.inc - ARMDecoderTables.inc is tblgen'ed from 29/// ARMDecoderEmitter.cpp TableGen backend. It contains: 30/// 31/// o Mappings from opcode to ARM/Thumb instruction format 32/// 33/// o static uint16_t decodeInstruction(uint32_t insn) - the decoding function 34/// for an ARM instruction. 35/// 36/// o static uint16_t decodeThumbInstruction(field_t insn) - the decoding 37/// function for a Thumb instruction. 38/// 39#include "../ARMGenDecoderTables.inc" 40 41namespace llvm { 42 43/// showBitVector - Use the raw_ostream to log a diagnostic message describing 44/// the inidividual bits of the instruction. 45/// 46static inline void showBitVector(raw_ostream &os, const uint32_t &insn) { 47 // Split the bit position markers into more than one lines to fit 80 columns. 48 os << " 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11" 49 << " 10 9 8 7 6 5 4 3 2 1 0 \n"; 50 os << "---------------------------------------------------------------" 51 << "----------------------------------\n"; 52 os << '|'; 53 for (unsigned i = 32; i != 0; --i) { 54 if (insn >> (i - 1) & 0x01) 55 os << " 1"; 56 else 57 os << " 0"; 58 os << (i%4 == 1 ? '|' : ':'); 59 } 60 os << '\n'; 61 // Split the bit position markers into more than one lines to fit 80 columns. 62 os << "---------------------------------------------------------------" 63 << "----------------------------------\n"; 64 os << '\n'; 65} 66 67/// decodeARMInstruction is a decorator function which tries special cases of 68/// instruction matching before calling the auto-generated decoder function. 69static unsigned decodeARMInstruction(uint32_t &insn) { 70 if (slice(insn, 31, 28) == 15) 71 goto AutoGenedDecoder; 72 73 // Special case processing, if any, goes here.... 74 75 // LLVM combines the offset mode of A8.6.197 & A8.6.198 into STRB. 76 // The insufficient encoding information of the combined instruction confuses 77 // the decoder wrt BFC/BFI. Therefore, we try to recover here. 78 // For BFC, Inst{27-21} = 0b0111110 & Inst{6-0} = 0b0011111. 79 // For BFI, Inst{27-21} = 0b0111110 & Inst{6-4} = 0b001 & Inst{3-0} =! 0b1111. 80 if (slice(insn, 27, 21) == 0x3e && slice(insn, 6, 4) == 1) { 81 if (slice(insn, 3, 0) == 15) 82 return ARM::BFC; 83 else 84 return ARM::BFI; 85 } 86 87 // Ditto for ADDSrs, which is a super-instruction for A8.6.7 & A8.6.8. 88 // As a result, the decoder fails to decode UMULL properly. 89 if (slice(insn, 27, 21) == 0x04 && slice(insn, 7, 4) == 9) { 90 return ARM::UMULL; 91 } 92 93 // Ditto for STR_PRE, which is a super-instruction for A8.6.194 & A8.6.195. 94 // As a result, the decoder fails to decode SBFX properly. 95 if (slice(insn, 27, 21) == 0x3d && slice(insn, 6, 4) == 5) 96 return ARM::SBFX; 97 98 // And STRB_PRE, which is a super-instruction for A8.6.197 & A8.6.198. 99 // As a result, the decoder fails to decode UBFX properly. 100 if (slice(insn, 27, 21) == 0x3f && slice(insn, 6, 4) == 5) 101 return ARM::UBFX; 102 103 // Ditto for STRT, which is a super-instruction for A8.6.210 Encoding A1 & A2. 104 // As a result, the decoder fails to deocode SSAT properly. 105 if (slice(insn, 27, 21) == 0x35 && slice(insn, 5, 4) == 1) 106 return slice(insn, 6, 6) == 0 ? ARM::SSATlsl : ARM::SSATasr; 107 108 // Ditto for RSCrs, which is a super-instruction for A8.6.146 & A8.6.147. 109 // As a result, the decoder fails to decode STRHT/LDRHT/LDRSHT/LDRSBT. 110 if (slice(insn, 27, 24) == 0) { 111 switch (slice(insn, 21, 20)) { 112 case 2: 113 switch (slice(insn, 7, 4)) { 114 case 11: 115 return ARM::STRHT; 116 default: 117 break; // fallthrough 118 } 119 break; 120 case 3: 121 switch (slice(insn, 7, 4)) { 122 case 11: 123 return ARM::LDRHT; 124 case 13: 125 return ARM::LDRSBT; 126 case 15: 127 return ARM::LDRSHT; 128 default: 129 break; // fallthrough 130 } 131 break; 132 default: 133 break; // fallthrough 134 } 135 } 136 137 // Ditto for SBCrs, which is a super-instruction for A8.6.152 & A8.6.153. 138 // As a result, the decoder fails to decode STRH_Post/LDRD_POST/STRD_POST 139 // properly. 140 if (slice(insn, 27, 25) == 0 && slice(insn, 20, 20) == 0) { 141 unsigned PW = slice(insn, 24, 24) << 1 | slice(insn, 21, 21); 142 switch (slice(insn, 7, 4)) { 143 case 11: 144 switch (PW) { 145 case 2: // Offset 146 return ARM::STRH; 147 case 3: // Pre-indexed 148 return ARM::STRH_PRE; 149 case 0: // Post-indexed 150 return ARM::STRH_POST; 151 default: 152 break; // fallthrough 153 } 154 break; 155 case 13: 156 switch (PW) { 157 case 2: // Offset 158 return ARM::LDRD; 159 case 3: // Pre-indexed 160 return ARM::LDRD_PRE; 161 case 0: // Post-indexed 162 return ARM::LDRD_POST; 163 default: 164 break; // fallthrough 165 } 166 break; 167 case 15: 168 switch (PW) { 169 case 2: // Offset 170 return ARM::STRD; 171 case 3: // Pre-indexed 172 return ARM::STRD_PRE; 173 case 0: // Post-indexed 174 return ARM::STRD_POST; 175 default: 176 break; // fallthrough 177 } 178 break; 179 default: 180 break; // fallthrough 181 } 182 } 183 184 // Ditto for SBCSSrs, which is a super-instruction for A8.6.152 & A8.6.153. 185 // As a result, the decoder fails to decode LDRH_POST/LDRSB_POST/LDRSH_POST 186 // properly. 187 if (slice(insn, 27, 25) == 0 && slice(insn, 20, 20) == 1) { 188 unsigned PW = slice(insn, 24, 24) << 1 | slice(insn, 21, 21); 189 switch (slice(insn, 7, 4)) { 190 case 11: 191 switch (PW) { 192 case 2: // Offset 193 return ARM::LDRH; 194 case 3: // Pre-indexed 195 return ARM::LDRH_PRE; 196 case 0: // Post-indexed 197 return ARM::LDRH_POST; 198 default: 199 break; // fallthrough 200 } 201 break; 202 case 13: 203 switch (PW) { 204 case 2: // Offset 205 return ARM::LDRSB; 206 case 3: // Pre-indexed 207 return ARM::LDRSB_PRE; 208 case 0: // Post-indexed 209 return ARM::LDRSB_POST; 210 default: 211 break; // fallthrough 212 } 213 break; 214 case 15: 215 switch (PW) { 216 case 2: // Offset 217 return ARM::LDRSH; 218 case 3: // Pre-indexed 219 return ARM::LDRSH_PRE; 220 case 0: // Post-indexed 221 return ARM::LDRSH_POST; 222 default: 223 break; // fallthrough 224 } 225 break; 226 default: 227 break; // fallthrough 228 } 229 } 230 231AutoGenedDecoder: 232 // Calling the auto-generated decoder function. 233 return decodeInstruction(insn); 234} 235 236// Helper function for special case handling of LDR (literal) and friends. 237// See, for example, A6.3.7 Load word: Table A6-18 Load word. 238// See A8.6.57 T3, T4 & A8.6.60 T2 and friends for why we morphed the opcode 239// before returning it. 240static unsigned T2Morph2LoadLiteral(unsigned Opcode) { 241 switch (Opcode) { 242 default: 243 return Opcode; // Return unmorphed opcode. 244 245 case ARM::t2LDRDi8: 246 return ARM::t2LDRDpci; 247 248 case ARM::t2LDR_POST: case ARM::t2LDR_PRE: 249 case ARM::t2LDRi12: case ARM::t2LDRi8: 250 case ARM::t2LDRs: 251 return ARM::t2LDRpci; 252 253 case ARM::t2LDRB_POST: case ARM::t2LDRB_PRE: 254 case ARM::t2LDRBi12: case ARM::t2LDRBi8: 255 case ARM::t2LDRBs: 256 return ARM::t2LDRBpci; 257 258 case ARM::t2LDRH_POST: case ARM::t2LDRH_PRE: 259 case ARM::t2LDRHi12: case ARM::t2LDRHi8: 260 case ARM::t2LDRHs: 261 return ARM::t2LDRHpci; 262 263 case ARM::t2LDRSB_POST: case ARM::t2LDRSB_PRE: 264 case ARM::t2LDRSBi12: case ARM::t2LDRSBi8: 265 case ARM::t2LDRSBs: 266 return ARM::t2LDRSBpci; 267 268 case ARM::t2LDRSH_POST: case ARM::t2LDRSH_PRE: 269 case ARM::t2LDRSHi12: case ARM::t2LDRSHi8: 270 case ARM::t2LDRSHs: 271 return ARM::t2LDRSHpci; 272 } 273} 274 275/// decodeThumbSideEffect is a decorator function which can potentially twiddle 276/// the instruction or morph the returned opcode under Thumb2. 277/// 278/// First it checks whether the insn is a NEON or VFP instr; if true, bit 279/// twiddling could be performed on insn to turn it into an ARM NEON/VFP 280/// equivalent instruction and decodeInstruction is called with the transformed 281/// insn. 282/// 283/// Next, there is special handling for Load byte/halfword/word instruction by 284/// checking whether Rn=0b1111 and call T2Morph2LoadLiteral() on the decoded 285/// Thumb2 instruction. See comments below for further details. 286/// 287/// Finally, one last check is made to see whether the insn is a NEON/VFP and 288/// decodeInstruction(insn) is invoked on the original insn. 289/// 290/// Otherwise, decodeThumbInstruction is called with the original insn. 291static unsigned decodeThumbSideEffect(bool IsThumb2, uint32_t &insn) { 292 if (IsThumb2) { 293 uint16_t op1 = slice(insn, 28, 27); 294 uint16_t op2 = slice(insn, 26, 20); 295 296 // A6.3 32-bit Thumb instruction encoding 297 // Table A6-9 32-bit Thumb instruction encoding 298 299 // The coprocessor instructions of interest are transformed to their ARM 300 // equivalents. 301 302 // --------- Transform Begin Marker --------- 303 if ((op1 == 1 || op1 == 3) && slice(op2, 6, 4) == 7) { 304 // A7.4 Advanced SIMD data-processing instructions 305 // U bit of Thumb corresponds to Inst{24} of ARM. 306 uint16_t U = slice(op1, 1, 1); 307 308 // Inst{28-24} of ARM = {1,0,0,1,U}; 309 uint16_t bits28_24 = 9 << 1 | U; 310 DEBUG(showBitVector(errs(), insn)); 311 setSlice(insn, 28, 24, bits28_24); 312 return decodeInstruction(insn); 313 } 314 315 if (op1 == 3 && slice(op2, 6, 4) == 1 && slice(op2, 0, 0) == 0) { 316 // A7.7 Advanced SIMD element or structure load/store instructions 317 // Inst{27-24} of Thumb = 0b1001 318 // Inst{27-24} of ARM = 0b0100 319 DEBUG(showBitVector(errs(), insn)); 320 setSlice(insn, 27, 24, 4); 321 return decodeInstruction(insn); 322 } 323 // --------- Transform End Marker --------- 324 325 // See, for example, A6.3.7 Load word: Table A6-18 Load word. 326 // See A8.6.57 T3, T4 & A8.6.60 T2 and friends for why we morphed the opcode 327 // before returning it to our caller. 328 if (op1 == 3 && slice(op2, 6, 5) == 0 && slice(op2, 0, 0) == 1 329 && slice(insn, 19, 16) == 15) 330 return T2Morph2LoadLiteral(decodeThumbInstruction(insn)); 331 332 // One last check for NEON/VFP instructions. 333 if ((op1 == 1 || op1 == 3) && slice(op2, 6, 6) == 1) 334 return decodeInstruction(insn); 335 336 // Fall through. 337 } 338 339 return decodeThumbInstruction(insn); 340} 341 342static inline bool Thumb2PreloadOpcodeNoPCI(unsigned Opcode) { 343 switch (Opcode) { 344 default: 345 return false; 346 case ARM::t2PLDi12: case ARM::t2PLDi8: 347 case ARM::t2PLDr: case ARM::t2PLDs: 348 case ARM::t2PLDWi12: case ARM::t2PLDWi8: 349 case ARM::t2PLDWr: case ARM::t2PLDWs: 350 case ARM::t2PLIi12: case ARM::t2PLIi8: 351 case ARM::t2PLIr: case ARM::t2PLIs: 352 return true; 353 } 354} 355 356static inline unsigned T2Morph2Preload2PCI(unsigned Opcode) { 357 switch (Opcode) { 358 default: 359 return 0; 360 case ARM::t2PLDi12: case ARM::t2PLDi8: 361 case ARM::t2PLDr: case ARM::t2PLDs: 362 return ARM::t2PLDpci; 363 case ARM::t2PLDWi12: case ARM::t2PLDWi8: 364 case ARM::t2PLDWr: case ARM::t2PLDWs: 365 return ARM::t2PLDWpci; 366 case ARM::t2PLIi12: case ARM::t2PLIi8: 367 case ARM::t2PLIr: case ARM::t2PLIs: 368 return ARM::t2PLIpci; 369 } 370} 371 372// 373// Public interface for the disassembler 374// 375 376bool ARMDisassembler::getInstruction(MCInst &MI, 377 uint64_t &Size, 378 const MemoryObject &Region, 379 uint64_t Address, 380 raw_ostream &os) const { 381 // The machine instruction. 382 uint32_t insn; 383 uint8_t bytes[4]; 384 385 // We want to read exactly 4 bytes of data. 386 if (Region.readBytes(Address, 4, (uint8_t*)bytes, NULL) == -1) 387 return false; 388 389 // Encoded as a small-endian 32-bit word in the stream. 390 insn = (bytes[3] << 24) | 391 (bytes[2] << 16) | 392 (bytes[1] << 8) | 393 (bytes[0] << 0); 394 395 unsigned Opcode = decodeARMInstruction(insn); 396 ARMFormat Format = ARMFormats[Opcode]; 397 Size = 4; 398 399 DEBUG({ 400 errs() << "Opcode=" << Opcode << " Name=" << ARMUtils::OpcodeName(Opcode) 401 << " Format=" << stringForARMFormat(Format) << '(' << (int)Format 402 << ")\n"; 403 showBitVector(errs(), insn); 404 }); 405 406 ARMBasicMCBuilder *Builder = CreateMCBuilder(Opcode, Format); 407 408 if (!Builder) 409 return false; 410 411 if (!Builder->Build(MI, insn)) 412 return false; 413 414 delete Builder; 415 416 return true; 417} 418 419bool ThumbDisassembler::getInstruction(MCInst &MI, 420 uint64_t &Size, 421 const MemoryObject &Region, 422 uint64_t Address, 423 raw_ostream &os) const { 424 // The Thumb instruction stream is a sequence of halhwords. 425 426 // This represents the first halfword as well as the machine instruction 427 // passed to decodeThumbInstruction(). For 16-bit Thumb instruction, the top 428 // halfword of insn is 0x00 0x00; otherwise, the first halfword is moved to 429 // the top half followed by the second halfword. 430 uint32_t insn = 0; 431 // Possible second halfword. 432 uint16_t insn1 = 0; 433 434 // A6.1 Thumb instruction set encoding 435 // 436 // If bits [15:11] of the halfword being decoded take any of the following 437 // values, the halfword is the first halfword of a 32-bit instruction: 438 // o 0b11101 439 // o 0b11110 440 // o 0b11111. 441 // 442 // Otherwise, the halfword is a 16-bit instruction. 443 444 // Read 2 bytes of data first. 445 uint8_t bytes[2]; 446 if (Region.readBytes(Address, 2, (uint8_t*)bytes, NULL) == -1) 447 return false; 448 449 // Encoded as a small-endian 16-bit halfword in the stream. 450 insn = (bytes[1] << 8) | bytes[0]; 451 unsigned bits15_11 = slice(insn, 15, 11); 452 bool IsThumb2 = false; 453 454 // 32-bit instructions if the bits [15:11] of the halfword matches 455 // { 0b11101 /* 0x1D */, 0b11110 /* 0x1E */, ob11111 /* 0x1F */ }. 456 if (bits15_11 == 0x1D || bits15_11 == 0x1E || bits15_11 == 0x1F) { 457 IsThumb2 = true; 458 if (Region.readBytes(Address + 2, 2, (uint8_t*)bytes, NULL) == -1) 459 return false; 460 // Encoded as a small-endian 16-bit halfword in the stream. 461 insn1 = (bytes[1] << 8) | bytes[0]; 462 insn = (insn << 16 | insn1); 463 } 464 465 // The insn could potentially be bit-twiddled in order to be decoded as an ARM 466 // NEON/VFP opcode. In such case, the modified insn is later disassembled as 467 // an ARM NEON/VFP instruction. 468 // 469 // This is a short term solution for lack of encoding bits specified for the 470 // Thumb2 NEON/VFP instructions. The long term solution could be adding some 471 // infrastructure to have each instruction support more than one encodings. 472 // Which encoding is used would be based on which subtarget the compiler/ 473 // disassembler is working with at the time. This would allow the sharing of 474 // the NEON patterns between ARM and Thumb2, as well as potential greater 475 // sharing between the regular ARM instructions and the 32-bit wide Thumb2 476 // instructions as well. 477 unsigned Opcode = decodeThumbSideEffect(IsThumb2, insn); 478 479 // A8.6.117/119/120/121. 480 // PLD/PLDW/PLI instructions with Rn==15 is transformed to the pci variant. 481 if (Thumb2PreloadOpcodeNoPCI(Opcode) && slice(insn, 19, 16) == 15) 482 Opcode = T2Morph2Preload2PCI(Opcode); 483 484 ARMFormat Format = ARMFormats[Opcode]; 485 Size = IsThumb2 ? 4 : 2; 486 487 DEBUG({ 488 errs() << "Opcode=" << Opcode << " Name=" << ARMUtils::OpcodeName(Opcode) 489 << " Format=" << stringForARMFormat(Format) << '(' << (int)Format 490 << ")\n"; 491 showBitVector(errs(), insn); 492 }); 493 494 ARMBasicMCBuilder *Builder = CreateMCBuilder(Opcode, Format); 495 Builder->setSession(const_cast<Session *>(&SO)); 496 497 if (!Builder) 498 return false; 499 500 if (!Builder->Build(MI, insn)) 501 return false; 502 503 delete Builder; 504 505 return true; 506} 507 508// A8.6.50 509static unsigned short CountITSize(unsigned ITMask) { 510 // First count the trailing zeros of the IT mask. 511 unsigned TZ = CountTrailingZeros_32(ITMask); 512 assert(TZ <= 3 && "Encoding error"); 513 return (4 - TZ); 514} 515 516/// Init ITState. 517void Session::InitIT(unsigned short bits7_0) { 518 ITCounter = CountITSize(slice(bits7_0, 3, 0)); 519 ITState = bits7_0; 520} 521 522/// Update ITState if necessary. 523void Session::UpdateIT() { 524 assert(ITCounter); 525 --ITCounter; 526 if (ITCounter == 0) 527 ITState = 0; 528 else { 529 unsigned short NewITState4_0 = slice(ITState, 4, 0) << 1; 530 setSlice(ITState, 4, 0, NewITState4_0); 531 } 532} 533 534static MCDisassembler *createARMDisassembler(const Target &T) { 535 return new ARMDisassembler; 536} 537 538static MCDisassembler *createThumbDisassembler(const Target &T) { 539 return new ThumbDisassembler; 540} 541 542extern "C" void LLVMInitializeARMDisassembler() { 543 // Register the disassembler. 544 TargetRegistry::RegisterMCDisassembler(TheARMTarget, 545 createARMDisassembler); 546 TargetRegistry::RegisterMCDisassembler(TheThumbTarget, 547 createThumbDisassembler); 548} 549 550} // namespace llvm 551