| Message ID | 20230127120328.2520624-5-kbastian@mail.uni-paderborn.de (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | TriCore instruction bugfixes | expand |
On 1/27/23 02:03, Bastian Koppelmann wrote: > if cpu_gpr_d[r3] == 0 then we were shifting the lower register to the > right by 32 which is undefined behaviour. In this case the TriCore would > do nothing an just return the higher register cpu_reg_d[r1]. We fixed > that by detecting whether cpu_gpr_d[r3] was zero and cleared the lower > register. > > Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> > --- > target/tricore/translate.c | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) > > diff --git a/target/tricore/translate.c b/target/tricore/translate.c > index 62128c6aae..b8e0969079 100644 > --- a/target/tricore/translate.c > +++ b/target/tricore/translate.c > @@ -8245,10 +8245,19 @@ static void decode_rrrr_extract_insert(DisasContext *ctx) > if (r1 == r2) { > tcg_gen_rotl_tl(cpu_gpr_d[r4], cpu_gpr_d[r1], tmp_pos); > } else { > + TCGv msw = tcg_temp_new(); > + TCGv zero = tcg_const_tl(0); tcg_constant_tl(0), which you then don't need to free at the end. > tcg_gen_shl_tl(tmp_width, cpu_gpr_d[r1], tmp_pos); > + tcg_gen_subfi_tl(msw, 32, tmp_pos); > + tcg_gen_shr_tl(msw, cpu_gpr_d[r2], msw); > + /* if pos == 0, then we do cpu_gpr_d[r2] << 32, which is undefined /* * If ... */ > + * behaviour. So check that case here and set the low bits to zero > + * which effectivly returns cpu_gpr_d[r1] > + */ > + tcg_gen_movcond_tl(TCG_COND_EQ, msw, tmp_pos, zero, zero, msw); > + tcg_gen_or_tl(cpu_gpr_d[r4], tmp_width, msw); > + tcg_temp_free(zero); > + tcg_temp_free(msw); Otherwise, Reviewed-by: Richard Henderson <richard.henderson@linaro.org> r~
diff --git a/target/tricore/translate.c b/target/tricore/translate.c index 62128c6aae..b8e0969079 100644 --- a/target/tricore/translate.c +++ b/target/tricore/translate.c @@ -8245,10 +8245,19 @@ static void decode_rrrr_extract_insert(DisasContext *ctx) if (r1 == r2) { tcg_gen_rotl_tl(cpu_gpr_d[r4], cpu_gpr_d[r1], tmp_pos); } else { + TCGv msw = tcg_temp_new(); + TCGv zero = tcg_const_tl(0); tcg_gen_shl_tl(tmp_width, cpu_gpr_d[r1], tmp_pos); - tcg_gen_subfi_tl(tmp_pos, 32, tmp_pos); - tcg_gen_shr_tl(tmp_pos, cpu_gpr_d[r2], tmp_pos); - tcg_gen_or_tl(cpu_gpr_d[r4], tmp_width, tmp_pos); + tcg_gen_subfi_tl(msw, 32, tmp_pos); + tcg_gen_shr_tl(msw, cpu_gpr_d[r2], msw); + /* if pos == 0, then we do cpu_gpr_d[r2] << 32, which is undefined + * behaviour. So check that case here and set the low bits to zero + * which effectivly returns cpu_gpr_d[r1] + */ + tcg_gen_movcond_tl(TCG_COND_EQ, msw, tmp_pos, zero, zero, msw); + tcg_gen_or_tl(cpu_gpr_d[r4], tmp_width, msw); + tcg_temp_free(zero); + tcg_temp_free(msw); } break; case OPC2_32_RRRR_EXTR:
if cpu_gpr_d[r3] == 0 then we were shifting the lower register to the right by 32 which is undefined behaviour. In this case the TriCore would do nothing an just return the higher register cpu_reg_d[r1]. We fixed that by detecting whether cpu_gpr_d[r3] was zero and cleared the lower register. Signed-off-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> --- target/tricore/translate.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-)