| Message ID | 20170914183516.19537-1-richard.henderson@linaro.org |
|---|---|
| Headers | show |
| Series | Support the Capstone disassembler | expand |
On 09/14/2017 03:35 PM, Richard Henderson wrote: > As occasionally discussed on this list, due to licensing conflicts, > we are restricted to a version of libopcodes that pre-dates its > upstream re-licensing to gplv3. That makes our copy rather old > and dated. > > I've already seen this as problematic for s390x guest. I'm sure > the same problem exists for Power8+, though I haven't looked. > As we go forward with vector operations we'll see this for x86 host. > > An alternative is to use a BSD-licensed disassembler: > > https://www.capstone-engine.org/ > > This is an actively maintained project derived from llvm. Moreover, > it is already in the major Linux distributions, which makes it easy > to phase in its use. > > I've arranged the code such that we attempt to use capstone first, > and if that initialization fails, fall back to the existing code > from binutils. > > > r~ > > > Richard Henderson (10): > target/i386: Convert to disas_set_info hook > target/ppc: Convert to disas_set_info hook > disas: Remove unused flags arguments > disas: Support the Capstone disassembler library > target/i386: Support Capstone in disas_set_info > target/arm: Support Capstone in disas_set_info > target/ppc: Support Capstone in disas_set_info > target/s390x: Support Capstone in disas_set_info > target/sparc: Support Capstone in disas_set_info > target/mips: Support Capstone in disas_set_info At least this msg disappeared: "Disassembler disagrees with translator over instruction decoding" i386 comparison: ---------------- IN: 0xfffffc30: cli -0xfffffc31: mov %eax,%ebp -0xfffffc34: mov $0x1,%al -0xfffffc36: out %al,$0x80 -0xfffffc38: xor %eax,%eax +0xfffffc31: movl %eax, %ebp +0xfffffc34: movb $1, %al +0xfffffc36: outb %al, $0x80 +0xfffffc38: xorl %eax, %eax IN: 0x000fd5b8: cli 0x000fd5b9: cld -0x000fd5ba: push %ds -0x000fd5bb: push %eax +0x000fd5ba: pushw %ds +0x000fd5bb: pushl %eax -0x000fd5bd: mov $0xe000,%eax -0x000fd5c3: mov %ax,%ds -0x000fd5c5: mov 0xf2f8,%eax +0x000fd5bd: movl $0xe000, %eax +0x000fd5c3: movw %ax, %ds +0x000fd5c5: movl 0xf2f8, %eax +0x000fd5c9: subl $0x28, %eax -0x000fd5c9: sub $0x28,%eax +0x000fd5cd: popl 0x1c(%eax) +0x000fd5d2: popw (%eax) -0x000fd5cd: addr32 popl 0x1c(%eax) -0x000fd5d2: addr32 popw (%eax) For i386, arm, mips32/64: Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> This series but patch 4/10: Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Regards, Phil.
[ Just saw this, so missed adding tags to the v2 patch set. ] On 09/14/2017 11:53 PM, Philippe Mathieu-Daudé wrote: > At least this msg disappeared: > > "Disassembler disagrees with translator over instruction decoding" It's back in v2. > For i386, arm, mips32/64: > Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Which patches? Which mips versions? Can you, by any chance, test micro-mips? I'm certain I've got that wrong in the v1 patch, and thus I dropped the mips patch from v2. But in theory capstone supports umips too and should be trivially fixable. r~
On 09/19/2017 01:13 PM, Richard Henderson wrote: > [ Just saw this, so missed adding tags to the v2 patch set. ] > > On 09/14/2017 11:53 PM, Philippe Mathieu-Daudé wrote: >> At least this msg disappeared: >> >> "Disassembler disagrees with translator over instruction decoding" > > It's back in v2. > >> For i386, arm, mips32/64: >> Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> > > Which patches? Which mips versions? full series, Malta board default cpu > Can you, by any chance, test micro-mips? I'm certain I've got that wrong in > the v1 patch, and thus I dropped the mips patch from v2. But in theory > capstone supports umips too and should be trivially fixable. $ mipsel-softmmu/qemu-system-mipsel -machine malta -cpu M14Kc -append "ttyS0 rw" -nographic -d in_asm -kernel vmlinux -initrd initrd.gz IN: kernel_entry 0x801039e0: syscall 0x3f004 0x801039e4: b 0x8011406c -0x801039e8: addu t2,zero,ra -0x801039ec: c0 0x900028 -0x801039f0: 0x1f7108 -0x801039f4: syscall 0xbf004 +0x801039e8: addu $t2, $zero, $ra IN: kernel_entry -0x801039f8: blezalc zero,zero,0x801039fc -0x801039fc: lb s0,16808(zero) -0x80103a00: xori t1,s0,0x3108 +0x801039f8: blez $zero, 0x801039fc +0x801039fc: lb $s0, 0x41a8($zero) +0x80103a00: xori $t1, $s0, 0x3108 0x80103a04: jal 0x80011620 IN: kernel_entry -0x80103a08: lb t9,16808(at) -0x80103a0c: beqzalc zero,zero,0x8010fe30 -0x80103a10: 0xf808 -0x80103a14: lb gp,16809(at) -0x80103a18: sdr gp,12585(a1) -0x80103a1c: jialc t0,19720 -0x80103a20: sdr t0,0(t1) -0x80103a24: jal 0x8003ffec +0x80103a08: lb $t9, 0x41a8($at) +0x80103a0c: addi $zero, $zero, 0x3108 IN: kernel_entry -0x80103a1c: jialc t0,19720 -0x80103a20: sdr t0,0(t1) -0x80103a24: jal 0x8003ffec +0x80103a1c: sdc2 $8, 0x4d08($zero) IN: kernel_entry -0x80103a28: lb t9,16801(at) -0x80103a2c: sltiu a0,t6,-1919 -0x80103a30: lb t9,16801(at) -0x80103a34: sltiu t0,t6,-1887 -0x80103a38: lb t9,16801(at) -0x80103a3c: sltiu t4,t6,-1855 -0x80103a40: lb t9,16801(at) -0x80103a44: sltiu s0,t6,-1823 -0x80103a48: sllv zero,gp,s7 -0x80103a4c: lb s5,16828(at) -0x80103a50: sc zero,13212(zero) -0x80103a54: bltuc ra,zero,0x801108d8 -0x80103a58: balc 0x855048d0 -0x80103a5c: blezalc zero,zero,0x80103a60 -0x80103a60: lb t9,16801(at) -0x80103a64: sltiu t8,t6,-1119 -0x80103a68: sd s0,13245(ra) -0x80103a6c: lwl s6,-11237(s2) -0x80103a70: jal 0x80003000 -Disassembler disagrees with translator over instruction decoding -Please report this to qemu-devel@nongnu.org +0x80103a28: lb $t9, 0x41a1($at) +0x80103a2c: sltiu $a0, $t6, -0x77f +0x80103a30: lb $t9, 0x41a1($at) +0x80103a34: sltiu $t0, $t6, -0x75f +0x80103a38: lb $t9, 0x41a1($at) +0x80103a3c: sltiu $t4, $t6, -0x73f +0x80103a40: lb $t9, 0x41a1($at) +0x80103a44: sltiu $s0, $t6, -0x71f +0x80103a48: sllv $zero, $gp, $s7 +0x80103a4c: lb $s5, 0x41bc($at) +0x80103a50: sc $zero, 0x339c($zero) +0x80103a54: bgtz $ra, 0x801108d8 +0x80103a58: swc2 $16, 0x39d($t2) +0x80103a5c: blez $zero, 0x80103a60 +0x80103a60: lb $t9, 0x41a1($at) +0x80103a64: sltiu $t8, $t6, -0x45f ... IN: try_acquire_console_sem -0x8011fb26: bnezc v1,0x819db12e -0x8011fb2a: 0x41a2a3d4 -0x8011fb2e: jialc v0,-32710 -0x8011fb32: jal 0x818291a0 -0x8011fb36: bc1f $fcc1,0x80122c46 -0x8011fb3a: sdc1 $f9,18182(zero) -Disassembler disagrees with translator over instruction decoding -Please report this to qemu-devel@nongnu.org +0x8011fb26: sdc2 $2, -0x127f($v1)
On 09/19/2017 12:30 PM, Philippe Mathieu-Daudé wrote: > On 09/19/2017 01:13 PM, Richard Henderson wrote: >> [ Just saw this, so missed adding tags to the v2 patch set. ] >> >> On 09/14/2017 11:53 PM, Philippe Mathieu-Daudé wrote: >>> At least this msg disappeared: >>> >>> "Disassembler disagrees with translator over instruction decoding" >> >> It's back in v2. >> >>> For i386, arm, mips32/64: >>> Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org> >> >> Which patches? Which mips versions? > > full series, Malta board default cpu > >> Can you, by any chance, test micro-mips? I'm certain I've got that wrong in >> the v1 patch, and thus I dropped the mips patch from v2. But in theory >> capstone supports umips too and should be trivially fixable. > > $ mipsel-softmmu/qemu-system-mipsel -machine malta -cpu M14Kc -append "ttyS0 > rw" -nographic -d in_asm -kernel vmlinux -initrd initrd.gz > > IN: kernel_entry > 0x801039e0: syscall 0x3f004 > 0x801039e4: b 0x8011406c > -0x801039e8: addu t2,zero,ra > -0x801039ec: c0 0x900028 > -0x801039f0: 0x1f7108 > -0x801039f4: syscall 0xbf004 > +0x801039e8: addu $t2, $zero, $ra This is indicative of the other bug that I fixed in v2, where we would silently ignore unknown instructions. >From this and the other hunks it would appear that either (1) I messed up the CS_MODE_* bits for mips or (2) the capstone backend for mips is not in terribly good shape. I think I was right to drop the patch from v2. r~