32 bit PPC rlwinm instruction

我是研究僧i 提交于 2019-12-11 02:36:20

问题


I'm having a bit of trouble understanding the rlwinm PPC Assembly instruction (Rotate Left Word Immediate Then AND with Mask).

I am trying to reverse this part of a function

rlwinm r3, r3, 0, 28, 28

I already know what r3 is. r3 in this case is a 4 byte integer but I am not sure exactly what this instruction rlwinm is doing to it.

By the way, this is on a 32 bit machine.


回答1:


Your understanding is not quite right. As per the IBM link on this instruction, the form you're seeing is:

rlwinm <target=r3>, <source=r3>, <shift=0>, <begin-mask=28>, <end-mask=28> 

Hence no actual shift is involved. And the actual mask used for the AND operation is constructed from the begin and end mask positions, it's not given as an explicit argument(a).

In this case, since both positions are 28, the mask is simply a single bit, as per the linked page (slightly paraphrased):

If the begin-mask value is less than the end-mask value plus one, then the mask bits between and including the starting point and the end point are set to ones. All other bits are set to zeros.

So the instruction you're seeing is nothing more complicated than a single AND operation.


(a) There is a form that allows you to specify the actual mask (assuming it consists of contiguous one-bits) but it's the four-argument version and really just syntactic sugar that the assembler can turn into the five-argument one.




回答2:


@paxdiablo's answer is a correct, but to add some more context:

The various r* instructions (rlwinm, rlwimi, etc) are designed for extracting bit fields whose size is known at compile time, for example C struct bitfields, or even just splitting a word into bytes (which may be faster with one lw and four rlwinm instructions than several separate lbzus).

lw r4, r3 ; load the word at the address pointed at by r3
rlwinm r5, r4, 8, 24, 31 ; first byte in r5
rlwinm r6, r4, 16, 24, 31 ; second byte in r6
rlwinm r7, r4, 24, 24, 31 ; third byte in r7
rlwinm r8, r4, 0, 24, 31 ; fourth byte in r8, identical to andi r8, r4, 255

The rlwinm instructions can also be used, as in this case, as a special form of andi for contiguous sets of bits. Since instructions in PowerPC are always 32 bits, instructions taking immediate values have only 16 bits to hold those values - so if you want to mask a set of bits that crosses the high/low half-word boundary, say 23 to 8, you need to use multiple operations.

lis r4, r4, 0x00ff ; first set bits 23 to 16 of the mask
ori r4, r4, 0xff00 ; then bits bits 15 to 8
and r3, r3, r4 ; then perform the actual masking 

However, with the rlwinm instructions, we can perform that same operation in a single instruction:

rlwinm r3, r3, 0, 8, 23

In your case, the value probably holds flags for something and this instruction is extracting one of them. The next instruction is probably a conditional branch on r3.

ETA: Peter Cordes corrected out some of my mistakes, for which I am grateful, and added that it was probably unnecessary to use rlwinm in this case, and that it may simply be a peculiarity of the compiler that causes this instruction to be generated instead of andi.



来源:https://stackoverflow.com/questions/46869705/32-bit-ppc-rlwinm-instruction

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!