Page 1 of 1
Can someone explain more about the "break" op-code
Posted: Fri Dec 10, 2004 12:03 am
by bobsbigboy
Hi there,
I've been trying to understand exactly how the break instruction works....the break op-code is defined to be a "breakpoint exception", which seems like it means it's used for error handling,
but when diassembling some various elf files, I"ve seen it used many times in regular code flow (in which the break doesn't seem to be only used in error conditions)...
I've seen it used with many different params passed to it, ie Break #0, Break #FFFFF, break #7, etc...
Any ideas or help?
thanks,
bob
Posted: Fri Dec 10, 2004 1:17 am
by Guest
The parameter to BREAK is defined by the programmer. However, since it is not passed into a register, after the exception is taken, it is necessary to retrieve the instruction word from the program counter and decode it to get whatever value was specified. The SYSCALL exception does this too, but rarely in MIPS code do you see information passed in this field.
Since it is an exception, the exception handler routine prcesses it.
BREAK is a MIPS I instruction generating a Level 1 exception that isn't maskable (this shouldn't be confused with EE hardware breakpoint, which generates a level 2 Debug exception). In the EE core, it is handled by the COMMON interrupt handler. Whatever code is using BREAK clearly has made arrangements for something meaningful to happen there.
Check out any reasonable MIPS instruction manual for more information on BREAK. How or why its used a certain way in specific code that you see is unknown, but the key would be to memdump the exception vector region and reverse it to follow the trail.
Posted: Fri Dec 10, 2004 2:20 am
by MrHTFord
One frequent use for the break instruction is when a division by zero is about to happen. GCC can emit code to test the divisor and break if it's zero, AFAIR, "break 7" is used in this case.
Another common use is as a hook to a debugger.
Posted: Fri Dec 10, 2004 6:27 am
by bobsbigboy
Thanks guys,
I thought it made sense that it was truly just an exception, and not some wierd way of calling into another module somehow....I think I see now that where I see the breaks being used are indeed at points where it should be only if something bails out or goes wrong...
Posted: Fri Dec 10, 2004 2:59 pm
by J.F.
This how Apple originally did system calls on the 68K Mac. The M68K CPU will generate an exception on any opcode of the form 0xA000 to 0xAFFF - but only one exception. The exception code would then use the exception address to fetch the opcode and use the lower 12 bits as flags and an index into two different jump tables.