[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH] arm: Ensure LSB of BLX is set
From: |
meadori |
Subject: |
[Qemu-devel] [PATCH] arm: Ensure LSB of BLX is set |
Date: |
Mon, 6 Jul 2015 11:09:01 -0700 |
From: Meador Inge <address@hidden>
This small patch adds a sanity check when disassembling
the BLX instruction. The use case came to light when
doing toolchain development and a similar check was
upstreamed for Binutils:
* https://sourceware.org/ml/binutils/2011-01/msg00077.html
Patch by Nathan Sidwell.
Signed-off-by: Meador Inge <address@hidden>
---
target-arm/translate.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/target-arm/translate.c b/target-arm/translate.c
index 69ac18c..fedc8f3 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -9912,6 +9912,12 @@ static int disas_thumb2_insn(CPUARMState *env,
DisasContext *s, uint16_t insn_hw
gen_jmp(s, offset);
} else {
/* blx */
+ /* The instruction must have bit zero unset, even
+ though it is part of the offset. Real hardware
+ will abort, so we do too. */
+ if (insn & 1) {
+ goto illegal_op;
+ }
offset &= ~(uint32_t)2;
/* thumb2 bx, no need to check */
gen_bx_im(s, offset);
--
1.8.1.1
- [Qemu-devel] [PATCH] arm: Ensure LSB of BLX is set,
meadori <=