subject:"\[Qemu\-devel\] \[PATCH 00\/10\] Support the Capstone disassembler"

Re: [Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

2017-09-19 Thread Richard Henderson

On 09/19/2017 12:30 PM, Philippe Mathieu-Daudé wrote:
> On 09/19/2017 01:13 PM, Richard Henderson wrote:
>> [ Just saw this, so missed adding tags to the v2 patch set. ]
>>
>> On 09/14/2017 11:53 PM, Philippe Mathieu-Daudé wrote:
>>> At least this msg disappeared:
>>>
>>> "Disassembler disagrees with translator over instruction decoding"
>>
>> It's back in v2.
>>
>>> For i386, arm, mips32/64:
>>> Tested-by: Philippe Mathieu-Daudé 
>>
>> Which patches?  Which mips versions?
> 
> full series, Malta board default cpu
> 
>> Can you, by any chance, test micro-mips?  I'm certain I've got that wrong in
>> the v1 patch, and thus I dropped the mips patch from v2.  But in theory
>> capstone supports umips too and should be trivially fixable.
> 
> $ mipsel-softmmu/qemu-system-mipsel -machine malta -cpu M14Kc -append "ttyS0
> rw" -nographic -d in_asm -kernel vmlinux -initrd initrd.gz
> 
>  IN: kernel_entry
>  0x801039e0:  syscall   0x3f004
>  0x801039e4:  b 0x8011406c
> -0x801039e8:  addu  t2,zero,ra
> -0x801039ec:  c0    0x900028
> -0x801039f0:  0x1f7108
> -0x801039f4:  syscall   0xbf004
> +0x801039e8:  addu $t2, $zero, $ra

This is indicative of the other bug that I fixed in v2, where we would silently
ignore unknown instructions.

>From this and the other hunks it would appear that either (1) I messed up the
CS_MODE_* bits for mips or (2) the capstone backend for mips is not in terribly
good shape.

I think I was right to drop the patch from v2.


r~

Re: [Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

2017-09-19 Thread Philippe Mathieu-Daudé


On 09/19/2017 01:13 PM, Richard Henderson wrote:

[ Just saw this, so missed adding tags to the v2 patch set. ]

On 09/14/2017 11:53 PM, Philippe Mathieu-Daudé wrote:

At least this msg disappeared:

"Disassembler disagrees with translator over instruction decoding"


It's back in v2.


For i386, arm, mips32/64:
Tested-by: Philippe Mathieu-Daudé 


Which patches?  Which mips versions?


full series, Malta board default cpu


Can you, by any chance, test micro-mips?  I'm certain I've got that wrong in
the v1 patch, and thus I dropped the mips patch from v2.  But in theory
capstone supports umips too and should be trivially fixable.


$ mipsel-softmmu/qemu-system-mipsel -machine malta -cpu M14Kc -append 
"ttyS0 rw" -nographic -d in_asm -kernel vmlinux -initrd initrd.gz


 IN: kernel_entry
 0x801039e0:  syscall   0x3f004
 0x801039e4:  b 0x8011406c
-0x801039e8:  addu  t2,zero,ra
-0x801039ec:  c00x900028
-0x801039f0:  0x1f7108
-0x801039f4:  syscall   0xbf004
+0x801039e8:  addu $t2, $zero, $ra

 IN: kernel_entry
-0x801039f8:  blezalc   zero,zero,0x801039fc
-0x801039fc:  lbs0,16808(zero)
-0x80103a00:  xori  t1,s0,0x3108
+0x801039f8:  blez $zero, 0x801039fc
+0x801039fc:  lb   $s0, 0x41a8($zero)
+0x80103a00:  xori $t1, $s0, 0x3108
 0x80103a04:  jal   0x80011620

 IN: kernel_entry
-0x80103a08:  lbt9,16808(at)
-0x80103a0c:  beqzalc   zero,zero,0x8010fe30
-0x80103a10:  0xf808
-0x80103a14:  lbgp,16809(at)
-0x80103a18:  sdr   gp,12585(a1)
-0x80103a1c:  jialc t0,19720
-0x80103a20:  sdr   t0,0(t1)
-0x80103a24:  jal   0x8003ffec
+0x80103a08:  lb   $t9, 0x41a8($at)
+0x80103a0c:  addi $zero, $zero, 0x3108

 IN: kernel_entry
-0x80103a1c:  jialc t0,19720
-0x80103a20:  sdr   t0,0(t1)
-0x80103a24:  jal   0x8003ffec
+0x80103a1c:  sdc2 $8, 0x4d08($zero)

 IN: kernel_entry
-0x80103a28:  lbt9,16801(at)
-0x80103a2c:  sltiu a0,t6,-1919
-0x80103a30:  lbt9,16801(at)
-0x80103a34:  sltiu t0,t6,-1887
-0x80103a38:  lbt9,16801(at)
-0x80103a3c:  sltiu t4,t6,-1855
-0x80103a40:  lbt9,16801(at)
-0x80103a44:  sltiu s0,t6,-1823
-0x80103a48:  sllv  zero,gp,s7
-0x80103a4c:  lbs5,16828(at)
-0x80103a50:  sczero,13212(zero)
-0x80103a54:  bltuc ra,zero,0x801108d8
-0x80103a58:  balc  0x855048d0
-0x80103a5c:  blezalc   zero,zero,0x80103a60
-0x80103a60:  lbt9,16801(at)
-0x80103a64:  sltiu t8,t6,-1119
-0x80103a68:  sds0,13245(ra)
-0x80103a6c:  lwl   s6,-11237(s2)
-0x80103a70:  jal   0x80003000
-Disassembler disagrees with translator over instruction decoding
-Please report this to qemu-devel@nongnu.org
+0x80103a28:  lb   $t9, 0x41a1($at)
+0x80103a2c:  sltiu$a0, $t6, -0x77f
+0x80103a30:  lb   $t9, 0x41a1($at)
+0x80103a34:  sltiu$t0, $t6, -0x75f
+0x80103a38:  lb   $t9, 0x41a1($at)
+0x80103a3c:  sltiu$t4, $t6, -0x73f
+0x80103a40:  lb   $t9, 0x41a1($at)
+0x80103a44:  sltiu$s0, $t6, -0x71f
+0x80103a48:  sllv $zero, $gp, $s7
+0x80103a4c:  lb   $s5, 0x41bc($at)
+0x80103a50:  sc   $zero, 0x339c($zero)
+0x80103a54:  bgtz $ra, 0x801108d8
+0x80103a58:  swc2 $16, 0x39d($t2)
+0x80103a5c:  blez $zero, 0x80103a60
+0x80103a60:  lb   $t9, 0x41a1($at)
+0x80103a64:  sltiu$t8, $t6, -0x45f

...

 IN: try_acquire_console_sem
-0x8011fb26:  bnezc v1,0x819db12e
-0x8011fb2a:  0x41a2a3d4
-0x8011fb2e:  jialc v0,-32710
-0x8011fb32:  jal   0x818291a0
-0x8011fb36:  bc1f  $fcc1,0x80122c46
-0x8011fb3a:  sdc1  $f9,18182(zero)
-Disassembler disagrees with translator over instruction decoding
-Please report this to qemu-devel@nongnu.org
+0x8011fb26:  sdc2 $2, -0x127f($v1)

Re: [Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

2017-09-19 Thread Richard Henderson

[ Just saw this, so missed adding tags to the v2 patch set. ]

On 09/14/2017 11:53 PM, Philippe Mathieu-Daudé wrote:
> At least this msg disappeared:
> 
> "Disassembler disagrees with translator over instruction decoding"

It's back in v2.

> For i386, arm, mips32/64:
> Tested-by: Philippe Mathieu-Daudé 

Which patches?  Which mips versions?

Can you, by any chance, test micro-mips?  I'm certain I've got that wrong in
the v1 patch, and thus I dropped the mips patch from v2.  But in theory
capstone supports umips too and should be trivially fixable.

r~

Re: [Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

2017-09-14 Thread Philippe Mathieu-Daudé


On 09/14/2017 03:35 PM, Richard Henderson wrote:

As occasionally discussed on this list, due to licensing conflicts,
we are restricted to a version of libopcodes that pre-dates its
upstream re-licensing to gplv3.  That makes our copy rather old
and dated.

I've already seen this as problematic for s390x guest.  I'm sure
the same problem exists for Power8+, though I haven't looked.
As we go forward with vector operations we'll see this for x86 host.

An alternative is to use a BSD-licensed disassembler:

   https://www.capstone-engine.org/

This is an actively maintained project derived from llvm.  Moreover,
it is already in the major Linux distributions, which makes it easy
to phase in its use.

I've arranged the code such that we attempt to use capstone first,
and if that initialization fails, fall back to the existing code
from binutils.


r~


Richard Henderson (10):
   target/i386: Convert to disas_set_info hook
   target/ppc: Convert to disas_set_info hook
   disas: Remove unused flags arguments
   disas: Support the Capstone disassembler library
   target/i386: Support Capstone in disas_set_info
   target/arm: Support Capstone in disas_set_info
   target/ppc: Support Capstone in disas_set_info
   target/s390x: Support Capstone in disas_set_info
   target/sparc: Support Capstone in disas_set_info
   target/mips: Support Capstone in disas_set_info


At least this msg disappeared:

"Disassembler disagrees with translator over instruction decoding"

i386 comparison:

 
 IN:
 0xfc30:  cli
-0xfc31:  mov%eax,%ebp
-0xfc34:  mov$0x1,%al
-0xfc36:  out%al,$0x80
-0xfc38:  xor%eax,%eax
+0xfc31:  movl %eax, %ebp
+0xfc34:  movb $1, %al
+0xfc36:  outb %al, $0x80
+0xfc38:  xorl %eax, %eax

 IN:
 0x000fd5b8:  cli
 0x000fd5b9:  cld
-0x000fd5ba:  push   %ds
-0x000fd5bb:  push   %eax
+0x000fd5ba:  pushw%ds
+0x000fd5bb:  pushl%eax
-0x000fd5bd:  mov$0xe000,%eax
-0x000fd5c3:  mov%ax,%ds
-0x000fd5c5:  mov0xf2f8,%eax
+0x000fd5bd:  movl $0xe000, %eax
+0x000fd5c3:  movw %ax, %ds
+0x000fd5c5:  movl 0xf2f8, %eax
+0x000fd5c9:  subl $0x28, %eax
-0x000fd5c9:  sub$0x28,%eax
+0x000fd5cd:  popl 0x1c(%eax)
+0x000fd5d2:  popw (%eax)
-0x000fd5cd:  addr32 popl 0x1c(%eax)
-0x000fd5d2:  addr32 popw (%eax)

For i386, arm, mips32/64:
Tested-by: Philippe Mathieu-Daudé 

This series but patch 4/10:
Reviewed-by: Philippe Mathieu-Daudé 

Regards,

Phil.

[Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

2017-09-14 Thread Richard Henderson

As occasionally discussed on this list, due to licensing conflicts,
we are restricted to a version of libopcodes that pre-dates its
upstream re-licensing to gplv3.  That makes our copy rather old
and dated.

I've already seen this as problematic for s390x guest.  I'm sure
the same problem exists for Power8+, though I haven't looked.
As we go forward with vector operations we'll see this for x86 host.

An alternative is to use a BSD-licensed disassembler:

  https://www.capstone-engine.org/

This is an actively maintained project derived from llvm.  Moreover,
it is already in the major Linux distributions, which makes it easy
to phase in its use.

I've arranged the code such that we attempt to use capstone first,
and if that initialization fails, fall back to the existing code
from binutils.


r~


Richard Henderson (10):
  target/i386: Convert to disas_set_info hook
  target/ppc: Convert to disas_set_info hook
  disas: Remove unused flags arguments
  disas: Support the Capstone disassembler library
  target/i386: Support Capstone in disas_set_info
  target/arm: Support Capstone in disas_set_info
  target/ppc: Support Capstone in disas_set_info
  target/s390x: Support Capstone in disas_set_info
  target/sparc: Support Capstone in disas_set_info
  target/mips: Support Capstone in disas_set_info

 include/disas/bfd.h   |   4 ++
 include/disas/capstone.h  |  38 ++
 include/disas/disas.h |   4 +-
 include/exec/log.h|   4 +-
 target/mips/cpu.h |   2 +
 disas.c   | 161 +++---
 monitor.c |  29 +---
 target/alpha/translate.c  |   2 +-
 target/arm/cpu.c  |  21 +-
 target/arm/translate-a64.c|   3 +-
 target/arm/translate.c|   3 +-
 target/cris/translate.c   |   3 +-
 target/hppa/translate.c   |   2 +-
 target/i386/cpu.c |  19 +
 target/i386/translate.c   |   8 +--
 target/lm32/translate.c   |   2 +-
 target/m68k/translate.c   |   2 +-
 target/microblaze/translate.c |   2 +-
 target/mips/cpu.c |   8 ---
 target/mips/translate.c   |   2 +-
 target/mips/translate_init.c  |  36 ++
 target/nios2/translate.c  |   2 +-
 target/openrisc/translate.c   |   2 +-
 target/ppc/translate.c|   5 +-
 target/ppc/translate_init.c   |  27 +++
 target/s390x/cpu.c|   2 +
 target/s390x/translate.c  |   2 +-
 target/sh4/translate.c|   2 +-
 target/sparc/cpu.c|   3 +
 target/sparc/translate.c  |   2 +-
 target/tricore/translate.c|   2 +-
 target/unicore32/translate.c  |   2 +-
 target/xtensa/translate.c |   2 +-
 configure |  17 +
 34 files changed, 279 insertions(+), 146 deletions(-)
 create mode 100644 include/disas/capstone.h

-- 
2.13.5

Re: [Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

Re: [Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

Re: [Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

Re: [Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

[Qemu-devel] [PATCH 00/10] Support the Capstone disassembler

5 matches

Site Navigation

Mail list logo

Footer information