We are running a survey to help us improve the experience for all of our members. If you see the survey appear, please take the time to tell us about your experience if you can.
Hello,
I have precompiled 3rd party library (driver) for handling device. Library works on my PC with x64 system but when I try to run very simple "Find -> Open -> Close device" program it gives me Illegal instruction. First I thought there is an error in library and someone is calling undefined function pointer or something... But disassembly shows:
[...] 18a6: eb02 1303 add.w r3, r2, r3, lsl #4 18aa: 69d8 ldr r0, [r3, #28] 18ac: f7ff eda6 blx 13fc <usb_close@plt> 18b0: 9900 ldr r1, [sp, #0] 18b2: f8d9 9000 ldr.w r9, [r9] 18b6: f8d1 3118 ldr.w r3, [r1, #280] ; 0x118 18ba: f1b9 0f00 cmp.w r9, #0 18be: f47f af6e bne.w 179e <RY2_Find+0x9a> 18c2: e7e1 b.n 1888 <RY2_Find+0x184> 18c4: 4b0c ldr r3, [pc, #48] ; (18f8 <RY2_Find+0x1f4>) 18c6: 447b add r3, pc 18c8: f8d3 3118 ldr.w r3, [r3, #280] ; 0x118 18cc: e7dc b.n 1888 <RY2_Find+0x184> 18ce: f7ff ecf0 blx 12b0 <__stack_chk_fail@plt> 18d2: bf00 nop 18d4: 0000b9a0 .word 0x0000b9a0 18d8: 00000100 .word 0x00000100 18dc: 0000bab6 .word 0x0000bab6 18e0: 00000110 .word 0x00000110 18e4: 0000ba4e .word 0x0000ba4e 18e8: 0000ba46 .word 0x0000ba46 18ec: 0000ba40 .word 0x0000ba40 18f0: 0000ba38 .word 0x0000ba38 18f4: 0000ba36 .word 0x0000ba36 18f8: 0000b90a .word 0x0000b90a [...]
The problem is with instruction "18dc: 0000bab6 .word 0x0000bab6"
When I load core to gdb and step to this line I got:
[...] 0xb6ef68ba <RY2_Find+438> cmp.w r9, #0 │ 0xb6ef68be <RY2_Find+442> bne.w 0xb6ef679e <RY2_Find+154> │ 0xb6ef68c2 <RY2_Find+446> b.n 0xb6ef6888 <RY2_Find+388> │ 0xb6ef68c4 <RY2_Find+448> ldr r3, [pc, #48] ; (0xb6ef68f8 <RY2_Find+500>) │ 0xb6ef68c6 <RY2_Find+450> add r3, pc │ 0xb6ef68c8 <RY2_Find+452> ldr.w r3, [r3, #280] ; 0x118 │ 0xb6ef68cc <RY2_Find+456> b.n 0xb6ef6888 <RY2_Find+388> │ 0xb6ef68ce <RY2_Find+458> blx 0xb6ef62b0 │ 0xb6ef68d2 <RY2_Find+462> nop │ 0xb6ef68d4 <RY2_Find+464> andeq r11, r0, r0, lsr #19 │ 0xb6ef68d8 <RY2_Find+468> andeq r0, r0, r0, lsl #2 │ 0xb6ef68dc <RY2_Find+472> ; <UNDEFINED> instruction: 0x0000bab6 │ 0xb6ef68e0 <RY2_Find+476> andeq r0, r0, r0, lsl r1 │ 0xb6ef68e4 <RY2_Find+480> andeq r11, r0, lr, asr #20 │ 0xb6ef68e8 <RY2_Find+484> andeq r11, r0, r6, asr #20 │ 0xb6ef68ec <RY2_Find+488> andeq r11, r0, r0, asr #20 │ 0xb6ef68f0 <RY2_Find+492> andeq r11, r0, r8, lsr r10 │ 0xb6ef68f4 <RY2_Find+496> andeq r11, r0, r6, lsr r10 │ 0xb6ef68f8 <RY2_Find+500> andeq r11, r0, r10, lsl #18 [...]
Is it some kind of "special" instruction that my ARM (Raspberry PI B+, ARMv6-compatible processor rev 7 (v6l)) does not have?
I couldn't find any complete list of all ARM instructions with _bytecode_ and which _version of arm core_ supports them. Is there such list?
Hi,
The `STRHEQ' instruction can be rewritten as `STRH.EQ' which makes it a bit easier to read; this is an `STRH' instruction that is conditionally executed based on the ALU flags (condition code `EQ' i.e. `Z==1').
`STRHEQ'
`STRH.EQ'
`STRH'
`EQ'
`Z==1'
Regarding your question though, I would expect this to decode as an illegal instruction if you're in THUMB state at the point that the instruction is decoded:
The opcode you're trying to decode is `0xBAB6' i.e. `0b101101010110010'. In the ARMv5 Architecture Reference Manual §A6.8 "Undefined instruction space" you'll see that any THUMB opcode beginning `0b101110' is undefined, hence it decoding as an illegal instruction.
`0xBAB6'
`0b101101010110010'
`0b101110'
Alternatively you can look in the ARMv7-AR Architecture Reference Manual and search for "1 0 1 1 1 0 1 0 1 0"; you'll get no results.
However if bit [6] were =1 (i.e. opcode `0xBAF6') then that would be a THUMB `REVSH' instruction. You can find this in the ARMv7-AR manual by searching for "1 0 1 1 1 0 1 0 1 1".
[6]
=1
`0xBAF6'
`REVSH'
I'm not sure how much that actually helps you with your issue but hopefully it explains what's happening.
Ash.