M68K: Float disassembly (immediate) broken on BigEndian targets

[michalsc]

Due to the way the code for m68k disassembler is written it outputs broken numbers when disassembling float immediate numbers, e.g. following output is created:

fmul.s  #0.00000E-322, fp5

instead of

fmul.s  #0.69314E0, fp5

This is due to the union (include/capstone/m68k.h):

/// Instruction operand
typedef struct cs_m68k_op {
	union {
		uint64_t imm;               ///< immediate value for IMM operand
		double dimm; 		    ///< double imm
		float simm; 		    ///< float imm
		m68k_reg reg;		    ///< register value for REG operand
		cs_m68k_op_reg_pair reg_pair; ///< register pair in one operand
	};
        ...

The layout of the union members on both little and big endian is as follows:

x x x x x x x x       uint64_t imm
x x x x x x x x       double dimm;
x x x x . . . .       float simm;

Therefore, storing little endian integer, decoded from instruction stream, into 64-bit field imm allows one to read 32-bit float from the very same position. There, the least significant bytes come first. On big endian however, storing 32-bit number in 64-bit variable imm will zero out the top 32 bits, which are the location where float is read from.

I have a fix ready, but it assumes existence of __BYTE_ORDER__ define (supported by gcc) as well as __ORDER_LITTLE_ENDIAN__ or __ORDER_BIG_ENDIAN__.

[huth]

@michalsc : Have you ever tried to propose your fix via a pull request ?

[michalsc]

@michalsc : Have you ever tried to propose your fix via a pull request ?

Nope, because the solution is not compiler agnostic unfortunately.

[huth]

@michalsc : Do you think this would be an acceptable fix:

diff a/arch/M68K/M68KDisassembler.c b/arch/M68K/M68KDisassembler.c
--- a/arch/M68K/M68KDisassembler.c
+++ b/arch/M68K/M68KDisassembler.c
@@ -2057,6 +2057,10 @@ static void d68020_cpgen(m68k_info *info)
 	}
 
 	if (rm == 1) {
+		union {
+			uint32_t imm32;
+			float simm;
+		} op_imm;
 		switch (src) {
 			case 0x00 :
 				ext->op_size.cpu_size = M68K_CPU_SIZE_LONG;
@@ -2077,6 +2081,9 @@ static void d68020_cpgen(m68k_info *info)
 				ext->op_size.type = M68K_SIZE_TYPE_FPU;
 				ext->op_size.fpu_size = M68K_FPU_SIZE_SINGLE;
 				get_ea_mode_op(info, op0, info->ir, 4);
+				/* Take detour via imm32 for big endian hosts */
+				op_imm.imm32 = op0->imm;
+				op0->simm = op_imm.simm;
 				op0->type = M68K_OP_FP_SINGLE;
 				break;
 

?

[Rot127]

@huth Feel free to open a PR for this and add a test.
Regarding the op_imm union. Please use BitsToFloat() in MathExtras.h for it.

[huth]

Ah, sweet, with BitsToFloat() the patch looks even simpler:

diff --git a/arch/M68K/M68KDisassembler.c b/arch/M68K/M68KDisassembler.c
--- a/arch/M68K/M68KDisassembler.c
+++ b/arch/M68K/M68KDisassembler.c
@@ -41,6 +41,7 @@
 #include "../../cs_priv.h"
 #include "../../utils.h"
 
+#include "../../MathExtras.h"
 #include "../../MCInst.h"
 #include "../../MCInstrDesc.h"
 #include "../../MCRegisterInfo.h"
@@ -2077,6 +2078,7 @@ static void d68020_cpgen(m68k_info *info)
 				ext->op_size.type = M68K_SIZE_TYPE_FPU;
 				ext->op_size.fpu_size = M68K_FPU_SIZE_SINGLE;
 				get_ea_mode_op(info, op0, info->ir, 4);
+				op0->simm = BitsToFloat(op0->imm);
 				op0->type = M68K_OP_FP_SINGLE;
 				break;
 

I'll try to come up with a test and will open a PR when I'm ready, thanks!

[Rot127]

Please add the test in suite/cstest/issues.cs.
Because the current CI doesn't have big endian machines, you can add the test and check it locally.

[huth]

I added a test, verified that it fixes the issue on a big endian host, and opened a pull request here:

#2222