[gem5-users] Doubt on the ARM exec trace results when compared with disassembly of the executable

[tom jose via gem5-users]

 Hi,
I tried running a simple hello world on ARM and went through the "exec"
debug trace. I also used the disassembly of the executable to compare the
sequence and register values. While doing so,i came across two doubts:
1. On the instruction "adds" being used instead of "cmn" but "xzr" not
mentioned in the trace
2. Does svc instruction update x0 register? If so, how is the value stored
in x0 determined? Can i know it from the disassembly of the executable or
will i need to know about the code executed in the kernel as a result of
svc syscall?

Details described below:

5896098: system.cpu_cluster.cpus: T0 : 0x421324 @_dl_discover_osversion+4
 :   add   x0, sp, #120       : IntAlu :  D=0x0000007ffffefb58
...
....
6007986: system.cpu_cluster.cpus: T0 : 0x439b40 @__uname    :   movz   x8,
#160, #0      : IntAlu :  D=0x00000000000000a0
6007986: system.cpu_cluster.cpus: T0 : 0x439b44 @__uname+4    :   svc   #0x0
              : IntAlu :
6064596: system.cpu_cluster.cpus: T0 : 0x439b48 @__uname+8    :   adds
x0, #4095         : IntAlu :  D=0x0000000000000000
6064929: system.cpu_cluster.cpus: T0 : 0x439b4c @__uname+12    :   b.cs
<__uname+20>      : IntAlu :
6064929: system.cpu_cluster.cpus: T0 : 0x439b50 @__uname+16    :   ret
                 : IntAlu :
6065928: system.cpu_cluster.cpus: T0 : 0x421334 @_dl_discover_osversion+20
   :   add   x3, sp, #250       : IntAlu :  D=0x0000007ffffefbda
6065928: system.cpu_cluster.cpus: T0 : 0x421338 @_dl_discover_osversion+24
   :   cbnz   w0, <_dl_discover_osversion+184> : IntAlu :
6066261: system.cpu_cluster.cpus: T0 : 0x42133c @_dl_discover_osversion+28
   :   movz   w6, #0, #0        : IntAlu :  D=0x0000000000000000
6066594: system.cpu_cluster.cpus: T0 : 0x421340 @_dl_discover_osversion+32
   :   movz   w0, #0, #0        : IntAlu :  D=0x0000000000000000

On doing the disassembly on the executable, we could see the following :
0000000000439b40 <__uname>:
  439b40: d2801408 mov x8, #0xa0                   // #160
  439b44: d4000001 svc #0x0
  439b48: b13ffc1f cmn x0, #0xfff
  439b4c: 54000042 b.cs 439b54 <__uname+0x14>  // b.hs, b.nlast
  439b50: d65f03c0 ret

Doubt : in GEM5, " cmn x0, #0xfff "  is treated as adds instead of cmn. But
from the ARM isa document, cmn is identical to "adds xzr, Xn, #imm". So is
the GEM5 internally following this format with xzr? or does GEM5 update x0
here as the trace doesnt show xzr?

Disassembly on the executable:
0000000000421320 <_dl_discover_osversion>:
  421320: d10803ff sub sp, sp, #0x200
  421324: 9101e3e0 add x0, sp, #0x78
  421328: a9007bfd stp x29, x30, [sp]
  42132c: 910003fd mov x29, sp
  421330: 94006204 bl 439b40 <__uname>
  421334: 9103ebe3 add x3, sp, #0xfa
  421338: 35000500 cbnz w0, 4213d8 <_dl_discover_osversion+0xb8>
  42133c: 52800006 mov w6, #0x0                   // #0
  421340: 52800000 mov w0, #0x0                   // #0

since the cbnz didnt take a branch, it means lower 32 bits of x0 (or w0
register) is having a value 0.

So i tried looking through the ARM document on svc implementation:
https://developer.arm.com/documentation/ddi0487/latest In page number 1957,
description and operation for svc is described. There was no mention on x0
being updated with the syscall return value. But i could see in few other
websites:

https://cit.dixie.edu/cs/2810/arm64-assembly.html

https://azeria-labs.com/writing-arm-shellcode/

that [x0] or [register 0] is updated with the return value.


So could you please provide more insight on how the stored value on x0 is
calculated? Any suggestions would be helpful.

Thanks in advance.
Regards,
Tom


<https://drive.google.com/u/0/settings/storage?hl=en&utm_medium=web&utm_source=gmail&utm_campaign=storage_meter&utm_content=storage_high>

_______________________________________________
gem5-users mailing list -- gem5-users@gem5.org
To unsubscribe send an email to gem5-users-le...@gem5.org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s