SWI argument with (code pointer | flags)

Tue Oct 31 19:01:47 GMT 2023

Hello,

> On 28/10/2023 12:39 BST Ralph Corderoy <ralph at inputplus.co.uk> wrote:
> 
>  
> Hello Dave,
> 
> > I have been working on riscose and have come across an odd usage of
> > OS_Control in some very old code.  R0 is being passed with bit 31 set.
> 
> Out of interest, it would be interesting to see the surrounding assembly
> to the r0|=1<<31 OS_Control call.  It might job a list subscriber's
> memory.

I've tracked down the code. The author appears to be using "BL" to produce a nearby address in a relocatable manner. The N flag is set on entry, and so we end up with bit 31 of R14 set. Perhaps the author was either unaware of "ADR" or their assembler lacked it?

I've not delved further, but it looks like this code is trying to special-case hardware errors (by checking for bit 31).

The disassembly looks a bit odd (to me) as it's produced by lldb rather than a RISC OS tool.

    0xa7a8: bl     0xa7c8
    0xa7ac: ldr    r4, [pc, #0x10]
    0xa7b0: ldr    r3, [r4, #0x4]
    0xa7b4: tst    r3, #-2147483648
    0xa7b8: bne    0xa7e4
    0xa7bc: ldr    lr, [r4]
    0xa7c0: orrs   pc, lr, #268435456
    0xa7c4: .long  0x0000fcf0                ; unknown opcode
    0xa7c8: mov    r0, lr
    0xa7cc: ldr    r1, [r10, #-0x18]
    0xa7d0: str    r1, [pc, #-0x14]
    0xa7d4: mov    r2, #0
    0xa7d8: mov    r3, #0
->  0xa7dc: svc    #0xf
    0xa7e0: ldmdb  r10, {r9, r10, r12, pc} ^
    0xa7e4: .long  0xe33ff000                ; unknown opcode
    0xa7e8: and    r3, r3, #255

Dave