Unprivileged load problem?

I am using an oldish version of BASIC (1.64 04 Mar 2017) and Debugger (1.99, 24 Jan 2017), so maybe this has been fixed?

I am using Zap’s Code editor to directly enter certain instructions:

• LDRH PC,&xxxx
• LDRSH PC,&xxxx

However this one fails:

• LDRSHT PC,&xxxx

It is supposed to be an LDRSH (load signed halfword) with unprivileged memory access; however it looks as if it is actually assembled as:

• LDRSH PC,[RC,#-xx]!

It’s the same for LDR[S]BT.

Is this a bug in BASIC or in the disassembler?

PS: These instructions are supposed to fail. That’s the point. ;-)

According to ARMv7 ARM section A8.8.91 and ARMv8 ARM section F5.1.97, LDRHT and LDRSHT only have post indexed forms in ARM mode and a pre indexed without write-back form in Thumb mode. The assembler is buggy for not raising an error.

Using LDRT, LDRHT, LDRSHT, LDRBT, LDRT, etc to load the program counter is UNPREDICTABLE, would be a highly contrived setup where loading the program counter does not defeat the security purpose of of an unprivileged load.

The assembler is buggy for not raising an error.

…and for taking an instruction and giving you something else. ;-)

Could be an interesting look into the inner workings of the assembler that the instruction that it created is what it ‘saw’.

etc to load the program counter is UNPREDICTABLE

I know. I was just fiddling around having spotted the description and (duh, let’s load a signed little value into PC) wondered if the assembler would actually do it or if it would reject the instruction.