On Wed, 18 Aug 2021 at 02:04, Richard Henderson
<richard.hender...@linaro.org> wrote:
>
> For A64, any input to an indirect branch can cause this.
>
> For A32, many indirect branch paths force the branch to be aligned,
> but BXWritePC does not. This includes the BX instruction but also
> other interworking changes to PC. Prior to v8, this case is UNDEFINED.
> With v8, this is CONSTRAINED UNDEFINED and may either raise an
> exception or force align the PC.
>
> We choose to raise an exception because we have the infrastructure,
> it makes the generated code for gen_bx simpler, and it has the
> possibility of catching more guest bugs.
>
> Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
> static void arm_post_translate_insn(DisasContext *dc)
> {
> if (dc->condjmp && !dc->base.is_jmp) {
> @@ -9500,7 +9504,25 @@ static void arm_tr_translate_insn(DisasContextBase
> *dcbase, CPUState *cpu)
> CPUARMState *env = cpu->env_ptr;
> unsigned int insn;
>
> - if (arm_pre_translate_insn(dc)) {
> + /* Singlestep exceptions have the highest priority. */
> + if (arm_check_ss_active(dc)) {
> + dc->base.pc_next += 4;
> + return;
> + }
> +
> + if (dc->base.pc_next & 3) {
> + /*
> + * PC alignment fault. This has priority over the instruction abort
> + * that we would receive from a translation fault via arm_ldl_code
> + * (or the execution of the kernelpage entrypoint).
> + */
> + gen_exception_insn(dc, dc->base.pc_next, EXCP_UDEF,
> + syn_pcalignment(), default_exception_el(dc));
> + dc->base.pc_next = QEMU_ALIGN_UP(dc->base.pc_next, 4);
> + return;
> + }
> +
> + if (arm_check_kernelpage(dc)) {
> dc->base.pc_next += 4;
> return;
> }
> @@ -9570,7 +9592,7 @@ static void thumb_tr_translate_insn(DisasContextBase
> *dcbase, CPUState *cpu)
> uint32_t insn;
> bool is_16bit;
>
> - if (arm_pre_translate_insn(dc)) {
> + if (arm_check_ss_active(dc) || arm_check_kernelpage(dc)) {
Is it not possible to get a misaligned PC in the Thumb case ?
> dc->base.pc_next += 2;
> return;
> }
-- PMM
