* [Qemu-devel] [PATCH 0/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation @ 2015-07-15 15:26 Paolo Bonzini 2015-07-15 15:27 ` [Qemu-devel] [PATCH 1/2] tcg: aarch64: add ext argument to tcg_out_insn_3310 Paolo Bonzini ` (2 more replies) 0 siblings, 3 replies; 6+ messages in thread From: Paolo Bonzini @ 2015-07-15 15:26 UTC (permalink / raw) To: qemu-devel; +Cc: claudio.fontana, aurelien, rth The register allocator may sometimes pass a 64-bit value to a 32-bit operation if truncations are considered no-ops by the backend. When this happens, user-mode emulation may use an incorrect offset for loads and stores. This affects aarch64 and x86, because other architectures already zero-extend the offset before using it for a load or store. To fix this for aarch64, use the uxtw modifier on load and store instructions. Paolo Paolo Bonzini (2): tcg: aarch64: add ext argument to tcg_out_insn_3310 tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation tcg/aarch64/tcg-target.c | 63 +++++++++++++++++++++++++++--------------------- 1 file changed, 36 insertions(+), 27 deletions(-) -- 2.4.3 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [Qemu-devel] [PATCH 1/2] tcg: aarch64: add ext argument to tcg_out_insn_3310 2015-07-15 15:26 [Qemu-devel] [PATCH 0/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation Paolo Bonzini @ 2015-07-15 15:27 ` Paolo Bonzini 2015-07-15 16:09 ` Aurelien Jarno 2015-07-15 15:27 ` [Qemu-devel] [PATCH 2/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation Paolo Bonzini 2015-07-23 21:19 ` [Qemu-devel] [PATCH 0/2] " Richard Henderson 2 siblings, 1 reply; 6+ messages in thread From: Paolo Bonzini @ 2015-07-15 15:27 UTC (permalink / raw) To: qemu-devel; +Cc: claudio.fontana, aurelien, rth The new argument lets you pick uxtw or uxtx mode for the offset register. For now, all callers pass TCG_TYPE_I64 so that uxtx is generated. The bits for uxtx are removed from I3312_TO_I3310. Reported-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> --- tcg/aarch64/tcg-target.c | 41 ++++++++++++++++++++++------------------- 1 file changed, 22 insertions(+), 19 deletions(-) diff --git a/tcg/aarch64/tcg-target.c b/tcg/aarch64/tcg-target.c index fe44ad7..5395202 100644 --- a/tcg/aarch64/tcg-target.c +++ b/tcg/aarch64/tcg-target.c @@ -280,7 +280,7 @@ typedef enum { I3312_LDRSHX = 0x38000000 | LDST_LD_S_X << 22 | MO_16 << 30, I3312_LDRSWX = 0x38000000 | LDST_LD_S_X << 22 | MO_32 << 30, - I3312_TO_I3310 = 0x00206800, + I3312_TO_I3310 = 0x00200800, I3312_TO_I3313 = 0x01000000, /* Load/store register pair instructions. */ @@ -496,13 +496,14 @@ static void tcg_out_insn_3509(TCGContext *s, AArch64Insn insn, TCGType ext, } static void tcg_out_insn_3310(TCGContext *s, AArch64Insn insn, - TCGReg rd, TCGReg base, TCGReg regoff) + TCGReg rd, TCGReg base, TCGType ext, + TCGReg regoff) { /* Note the AArch64Insn constants above are for C3.3.12. Adjust. */ - tcg_out32(s, insn | I3312_TO_I3310 | regoff << 16 | base << 5 | rd); + tcg_out32(s, insn | I3312_TO_I3310 | regoff << 16 | + 0x4000 | ext << 13 | base << 5 | rd); } - static void tcg_out_insn_3312(TCGContext *s, AArch64Insn insn, TCGReg rd, TCGReg rn, intptr_t offset) { @@ -677,7 +678,7 @@ static void tcg_out_ldst(TCGContext *s, AArch64Insn insn, /* Worst-case scenario, move offset to temp register, use reg offset. */ tcg_out_movi(s, TCG_TYPE_I64, TCG_REG_TMP, offset); - tcg_out_ldst_r(s, insn, rd, rn, TCG_REG_TMP); + tcg_out_ldst_r(s, insn, rd, rn, TCG_TYPE_I64, TCG_REG_TMP); } static inline void tcg_out_mov(TCGContext *s, @@ -1111,48 +1112,49 @@ static void tcg_out_qemu_ld_direct(TCGContext *s, TCGMemOp memop, TCGType ext, TCGReg data_r, TCGReg addr_r, TCGReg off_r) { const TCGMemOp bswap = memop & MO_BSWAP; + const TCGType otype = TCG_TYPE_I64; switch (memop & MO_SSIZE) { case MO_UB: - tcg_out_ldst_r(s, I3312_LDRB, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_LDRB, data_r, addr_r, otype, off_r); break; case MO_SB: tcg_out_ldst_r(s, ext ? I3312_LDRSBX : I3312_LDRSBW, - data_r, addr_r, off_r); + data_r, addr_r, otype, off_r); break; case MO_UW: - tcg_out_ldst_r(s, I3312_LDRH, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_LDRH, data_r, addr_r, otype, off_r); if (bswap) { tcg_out_rev16(s, data_r, data_r); } break; case MO_SW: if (bswap) { - tcg_out_ldst_r(s, I3312_LDRH, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_LDRH, data_r, addr_r, otype, off_r); tcg_out_rev16(s, data_r, data_r); tcg_out_sxt(s, ext, MO_16, data_r, data_r); } else { - tcg_out_ldst_r(s, ext ? I3312_LDRSHX : I3312_LDRSHW, - data_r, addr_r, off_r); + tcg_out_ldst_r(s, (ext ? I3312_LDRSHX : I3312_LDRSHW), + data_r, addr_r, otype, off_r); } break; case MO_UL: - tcg_out_ldst_r(s, I3312_LDRW, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_LDRW, data_r, addr_r, otype, off_r); if (bswap) { tcg_out_rev32(s, data_r, data_r); } break; case MO_SL: if (bswap) { - tcg_out_ldst_r(s, I3312_LDRW, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_LDRW, data_r, addr_r, otype, off_r); tcg_out_rev32(s, data_r, data_r); tcg_out_sxt(s, TCG_TYPE_I64, MO_32, data_r, data_r); } else { - tcg_out_ldst_r(s, I3312_LDRSWX, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_LDRSWX, data_r, addr_r, otype, off_r); } break; case MO_Q: - tcg_out_ldst_r(s, I3312_LDRX, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_LDRX, data_r, addr_r, otype, off_r); if (bswap) { tcg_out_rev64(s, data_r, data_r); } @@ -1166,31 +1168,32 @@ static void tcg_out_qemu_st_direct(TCGContext *s, TCGMemOp memop, TCGReg data_r, TCGReg addr_r, TCGReg off_r) { const TCGMemOp bswap = memop & MO_BSWAP; + const TCGType otype = TCG_TYPE_I64; switch (memop & MO_SIZE) { case MO_8: - tcg_out_ldst_r(s, I3312_STRB, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_STRB, data_r, addr_r, otype, off_r); break; case MO_16: if (bswap && data_r != TCG_REG_XZR) { tcg_out_rev16(s, TCG_REG_TMP, data_r); data_r = TCG_REG_TMP; } - tcg_out_ldst_r(s, I3312_STRH, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_STRH, data_r, addr_r, otype, off_r); break; case MO_32: if (bswap && data_r != TCG_REG_XZR) { tcg_out_rev32(s, TCG_REG_TMP, data_r); data_r = TCG_REG_TMP; } - tcg_out_ldst_r(s, I3312_STRW, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_STRW, data_r, addr_r, otype, off_r); break; case MO_64: if (bswap && data_r != TCG_REG_XZR) { tcg_out_rev64(s, TCG_REG_TMP, data_r); data_r = TCG_REG_TMP; } - tcg_out_ldst_r(s, I3312_STRX, data_r, addr_r, off_r); + tcg_out_ldst_r(s, I3312_STRX, data_r, addr_r, otype, off_r); break; default: tcg_abort(); -- 2.4.3 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [Qemu-devel] [PATCH 1/2] tcg: aarch64: add ext argument to tcg_out_insn_3310 2015-07-15 15:27 ` [Qemu-devel] [PATCH 1/2] tcg: aarch64: add ext argument to tcg_out_insn_3310 Paolo Bonzini @ 2015-07-15 16:09 ` Aurelien Jarno 0 siblings, 0 replies; 6+ messages in thread From: Aurelien Jarno @ 2015-07-15 16:09 UTC (permalink / raw) To: Paolo Bonzini; +Cc: claudio.fontana, qemu-devel, rth On 2015-07-15 17:27, Paolo Bonzini wrote: > The new argument lets you pick uxtw or uxtx mode for the offset > register. For now, all callers pass TCG_TYPE_I64 so that uxtx > is generated. The bits for uxtx are removed from I3312_TO_I3310. > > Reported-by: Leon Alrae <leon.alrae@imgtec.com> > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > tcg/aarch64/tcg-target.c | 41 ++++++++++++++++++++++------------------- > 1 file changed, 22 insertions(+), 19 deletions(-) > > diff --git a/tcg/aarch64/tcg-target.c b/tcg/aarch64/tcg-target.c > index fe44ad7..5395202 100644 > --- a/tcg/aarch64/tcg-target.c > +++ b/tcg/aarch64/tcg-target.c > @@ -280,7 +280,7 @@ typedef enum { > I3312_LDRSHX = 0x38000000 | LDST_LD_S_X << 22 | MO_16 << 30, > I3312_LDRSWX = 0x38000000 | LDST_LD_S_X << 22 | MO_32 << 30, > > - I3312_TO_I3310 = 0x00206800, > + I3312_TO_I3310 = 0x00200800, > I3312_TO_I3313 = 0x01000000, > > /* Load/store register pair instructions. */ > @@ -496,13 +496,14 @@ static void tcg_out_insn_3509(TCGContext *s, AArch64Insn insn, TCGType ext, > } > > static void tcg_out_insn_3310(TCGContext *s, AArch64Insn insn, > - TCGReg rd, TCGReg base, TCGReg regoff) > + TCGReg rd, TCGReg base, TCGType ext, > + TCGReg regoff) > { > /* Note the AArch64Insn constants above are for C3.3.12. Adjust. */ > - tcg_out32(s, insn | I3312_TO_I3310 | regoff << 16 | base << 5 | rd); > + tcg_out32(s, insn | I3312_TO_I3310 | regoff << 16 | > + 0x4000 | ext << 13 | base << 5 | rd); > } > > - > static void tcg_out_insn_3312(TCGContext *s, AArch64Insn insn, > TCGReg rd, TCGReg rn, intptr_t offset) > { > @@ -677,7 +678,7 @@ static void tcg_out_ldst(TCGContext *s, AArch64Insn insn, > > /* Worst-case scenario, move offset to temp register, use reg offset. */ > tcg_out_movi(s, TCG_TYPE_I64, TCG_REG_TMP, offset); > - tcg_out_ldst_r(s, insn, rd, rn, TCG_REG_TMP); > + tcg_out_ldst_r(s, insn, rd, rn, TCG_TYPE_I64, TCG_REG_TMP); > } > > static inline void tcg_out_mov(TCGContext *s, > @@ -1111,48 +1112,49 @@ static void tcg_out_qemu_ld_direct(TCGContext *s, TCGMemOp memop, TCGType ext, > TCGReg data_r, TCGReg addr_r, TCGReg off_r) > { > const TCGMemOp bswap = memop & MO_BSWAP; > + const TCGType otype = TCG_TYPE_I64; > > switch (memop & MO_SSIZE) { > case MO_UB: > - tcg_out_ldst_r(s, I3312_LDRB, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_LDRB, data_r, addr_r, otype, off_r); > break; > case MO_SB: > tcg_out_ldst_r(s, ext ? I3312_LDRSBX : I3312_LDRSBW, > - data_r, addr_r, off_r); > + data_r, addr_r, otype, off_r); > break; > case MO_UW: > - tcg_out_ldst_r(s, I3312_LDRH, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_LDRH, data_r, addr_r, otype, off_r); > if (bswap) { > tcg_out_rev16(s, data_r, data_r); > } > break; > case MO_SW: > if (bswap) { > - tcg_out_ldst_r(s, I3312_LDRH, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_LDRH, data_r, addr_r, otype, off_r); > tcg_out_rev16(s, data_r, data_r); > tcg_out_sxt(s, ext, MO_16, data_r, data_r); > } else { > - tcg_out_ldst_r(s, ext ? I3312_LDRSHX : I3312_LDRSHW, > - data_r, addr_r, off_r); > + tcg_out_ldst_r(s, (ext ? I3312_LDRSHX : I3312_LDRSHW), > + data_r, addr_r, otype, off_r); > } > break; > case MO_UL: > - tcg_out_ldst_r(s, I3312_LDRW, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_LDRW, data_r, addr_r, otype, off_r); > if (bswap) { > tcg_out_rev32(s, data_r, data_r); > } > break; > case MO_SL: > if (bswap) { > - tcg_out_ldst_r(s, I3312_LDRW, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_LDRW, data_r, addr_r, otype, off_r); > tcg_out_rev32(s, data_r, data_r); > tcg_out_sxt(s, TCG_TYPE_I64, MO_32, data_r, data_r); > } else { > - tcg_out_ldst_r(s, I3312_LDRSWX, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_LDRSWX, data_r, addr_r, otype, off_r); > } > break; > case MO_Q: > - tcg_out_ldst_r(s, I3312_LDRX, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_LDRX, data_r, addr_r, otype, off_r); > if (bswap) { > tcg_out_rev64(s, data_r, data_r); > } > @@ -1166,31 +1168,32 @@ static void tcg_out_qemu_st_direct(TCGContext *s, TCGMemOp memop, > TCGReg data_r, TCGReg addr_r, TCGReg off_r) > { > const TCGMemOp bswap = memop & MO_BSWAP; > + const TCGType otype = TCG_TYPE_I64; > > switch (memop & MO_SIZE) { > case MO_8: > - tcg_out_ldst_r(s, I3312_STRB, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_STRB, data_r, addr_r, otype, off_r); > break; > case MO_16: > if (bswap && data_r != TCG_REG_XZR) { > tcg_out_rev16(s, TCG_REG_TMP, data_r); > data_r = TCG_REG_TMP; > } > - tcg_out_ldst_r(s, I3312_STRH, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_STRH, data_r, addr_r, otype, off_r); > break; > case MO_32: > if (bswap && data_r != TCG_REG_XZR) { > tcg_out_rev32(s, TCG_REG_TMP, data_r); > data_r = TCG_REG_TMP; > } > - tcg_out_ldst_r(s, I3312_STRW, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_STRW, data_r, addr_r, otype, off_r); > break; > case MO_64: > if (bswap && data_r != TCG_REG_XZR) { > tcg_out_rev64(s, TCG_REG_TMP, data_r); > data_r = TCG_REG_TMP; > } > - tcg_out_ldst_r(s, I3312_STRX, data_r, addr_r, off_r); > + tcg_out_ldst_r(s, I3312_STRX, data_r, addr_r, otype, off_r); > break; > default: > tcg_abort(); Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurelien@aurel32.net http://www.aurel32.net ^ permalink raw reply [flat|nested] 6+ messages in thread
* [Qemu-devel] [PATCH 2/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation 2015-07-15 15:26 [Qemu-devel] [PATCH 0/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation Paolo Bonzini 2015-07-15 15:27 ` [Qemu-devel] [PATCH 1/2] tcg: aarch64: add ext argument to tcg_out_insn_3310 Paolo Bonzini @ 2015-07-15 15:27 ` Paolo Bonzini 2015-07-15 16:10 ` Aurelien Jarno 2015-07-23 21:19 ` [Qemu-devel] [PATCH 0/2] " Richard Henderson 2 siblings, 1 reply; 6+ messages in thread From: Paolo Bonzini @ 2015-07-15 15:27 UTC (permalink / raw) To: qemu-devel; +Cc: claudio.fontana, aurelien, rth Thanks to the previous patch, it is now easy for tcg_out_qemu_ld and tcg_out_qemu_st to use a 32-bit zero extended offset. However, the guest base register x28 must be the base and addr_reg must be the index. Reported-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> --- tcg/aarch64/tcg-target.c | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/tcg/aarch64/tcg-target.c b/tcg/aarch64/tcg-target.c index 5395202..4aca883 100644 --- a/tcg/aarch64/tcg-target.c +++ b/tcg/aarch64/tcg-target.c @@ -1109,10 +1109,10 @@ static void tcg_out_tlb_read(TCGContext *s, TCGReg addr_reg, TCGMemOp s_bits, #endif /* CONFIG_SOFTMMU */ static void tcg_out_qemu_ld_direct(TCGContext *s, TCGMemOp memop, TCGType ext, - TCGReg data_r, TCGReg addr_r, TCGReg off_r) + TCGReg data_r, TCGReg addr_r, + TCGType otype, TCGReg off_r) { const TCGMemOp bswap = memop & MO_BSWAP; - const TCGType otype = TCG_TYPE_I64; switch (memop & MO_SSIZE) { case MO_UB: @@ -1165,10 +1165,10 @@ static void tcg_out_qemu_ld_direct(TCGContext *s, TCGMemOp memop, TCGType ext, } static void tcg_out_qemu_st_direct(TCGContext *s, TCGMemOp memop, - TCGReg data_r, TCGReg addr_r, TCGReg off_r) + TCGReg data_r, TCGReg addr_r, + TCGType otype, TCGReg off_r) { const TCGMemOp bswap = memop & MO_BSWAP; - const TCGType otype = TCG_TYPE_I64; switch (memop & MO_SIZE) { case MO_8: @@ -1210,12 +1210,15 @@ static void tcg_out_qemu_ld(TCGContext *s, TCGReg data_reg, TCGReg addr_reg, tcg_insn_unit *label_ptr; tcg_out_tlb_read(s, addr_reg, s_bits, &label_ptr, mem_index, 1); - tcg_out_qemu_ld_direct(s, memop, ext, data_reg, addr_reg, TCG_REG_X1); + tcg_out_qemu_ld_direct(s, memop, ext, data_reg, addr_reg, + TCG_TYPE_I64, TCG_REG_X1); add_qemu_ldst_label(s, true, oi, ext, data_reg, addr_reg, s->code_ptr, label_ptr); #else /* !CONFIG_SOFTMMU */ - tcg_out_qemu_ld_direct(s, memop, ext, data_reg, addr_reg, - GUEST_BASE ? TCG_REG_GUEST_BASE : TCG_REG_XZR); + const TCGType otype = TARGET_LONG_BITS == 64 ? TCG_TYPE_I64 : TCG_TYPE_I32; + tcg_out_qemu_ld_direct(s, memop, ext, data_reg, + GUEST_BASE ? TCG_REG_GUEST_BASE : TCG_REG_XZR, + otype, addr_reg); #endif /* CONFIG_SOFTMMU */ } @@ -1229,12 +1232,15 @@ static void tcg_out_qemu_st(TCGContext *s, TCGReg data_reg, TCGReg addr_reg, tcg_insn_unit *label_ptr; tcg_out_tlb_read(s, addr_reg, s_bits, &label_ptr, mem_index, 0); - tcg_out_qemu_st_direct(s, memop, data_reg, addr_reg, TCG_REG_X1); + tcg_out_qemu_st_direct(s, memop, data_reg, addr_reg, + TCG_TYPE_I64, TCG_REG_X1); add_qemu_ldst_label(s, false, oi, s_bits == MO_64, data_reg, addr_reg, s->code_ptr, label_ptr); #else /* !CONFIG_SOFTMMU */ - tcg_out_qemu_st_direct(s, memop, data_reg, addr_reg, - GUEST_BASE ? TCG_REG_GUEST_BASE : TCG_REG_XZR); + const TCGType otype = TARGET_LONG_BITS == 64 ? TCG_TYPE_I64 : TCG_TYPE_I32; + tcg_out_qemu_st_direct(s, memop, data_reg, + GUEST_BASE ? TCG_REG_GUEST_BASE : TCG_REG_XZR, + otype, addr_reg); #endif /* CONFIG_SOFTMMU */ } -- 2.4.3 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [Qemu-devel] [PATCH 2/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation 2015-07-15 15:27 ` [Qemu-devel] [PATCH 2/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation Paolo Bonzini @ 2015-07-15 16:10 ` Aurelien Jarno 0 siblings, 0 replies; 6+ messages in thread From: Aurelien Jarno @ 2015-07-15 16:10 UTC (permalink / raw) To: Paolo Bonzini; +Cc: claudio.fontana, qemu-devel, rth On 2015-07-15 17:27, Paolo Bonzini wrote: > Thanks to the previous patch, it is now easy for tcg_out_qemu_ld and > tcg_out_qemu_st to use a 32-bit zero extended offset. However, the > guest base register x28 must be the base and addr_reg must be the > index. > > Reported-by: Leon Alrae <leon.alrae@imgtec.com> > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > tcg/aarch64/tcg-target.c | 26 ++++++++++++++++---------- > 1 file changed, 16 insertions(+), 10 deletions(-) > > diff --git a/tcg/aarch64/tcg-target.c b/tcg/aarch64/tcg-target.c > index 5395202..4aca883 100644 > --- a/tcg/aarch64/tcg-target.c > +++ b/tcg/aarch64/tcg-target.c > @@ -1109,10 +1109,10 @@ static void tcg_out_tlb_read(TCGContext *s, TCGReg addr_reg, TCGMemOp s_bits, > #endif /* CONFIG_SOFTMMU */ > > static void tcg_out_qemu_ld_direct(TCGContext *s, TCGMemOp memop, TCGType ext, > - TCGReg data_r, TCGReg addr_r, TCGReg off_r) > + TCGReg data_r, TCGReg addr_r, > + TCGType otype, TCGReg off_r) > { > const TCGMemOp bswap = memop & MO_BSWAP; > - const TCGType otype = TCG_TYPE_I64; > > switch (memop & MO_SSIZE) { > case MO_UB: > @@ -1165,10 +1165,10 @@ static void tcg_out_qemu_ld_direct(TCGContext *s, TCGMemOp memop, TCGType ext, > } > > static void tcg_out_qemu_st_direct(TCGContext *s, TCGMemOp memop, > - TCGReg data_r, TCGReg addr_r, TCGReg off_r) > + TCGReg data_r, TCGReg addr_r, > + TCGType otype, TCGReg off_r) > { > const TCGMemOp bswap = memop & MO_BSWAP; > - const TCGType otype = TCG_TYPE_I64; > > switch (memop & MO_SIZE) { > case MO_8: > @@ -1210,12 +1210,15 @@ static void tcg_out_qemu_ld(TCGContext *s, TCGReg data_reg, TCGReg addr_reg, > tcg_insn_unit *label_ptr; > > tcg_out_tlb_read(s, addr_reg, s_bits, &label_ptr, mem_index, 1); > - tcg_out_qemu_ld_direct(s, memop, ext, data_reg, addr_reg, TCG_REG_X1); > + tcg_out_qemu_ld_direct(s, memop, ext, data_reg, addr_reg, > + TCG_TYPE_I64, TCG_REG_X1); > add_qemu_ldst_label(s, true, oi, ext, data_reg, addr_reg, > s->code_ptr, label_ptr); > #else /* !CONFIG_SOFTMMU */ > - tcg_out_qemu_ld_direct(s, memop, ext, data_reg, addr_reg, > - GUEST_BASE ? TCG_REG_GUEST_BASE : TCG_REG_XZR); > + const TCGType otype = TARGET_LONG_BITS == 64 ? TCG_TYPE_I64 : TCG_TYPE_I32; > + tcg_out_qemu_ld_direct(s, memop, ext, data_reg, > + GUEST_BASE ? TCG_REG_GUEST_BASE : TCG_REG_XZR, > + otype, addr_reg); > #endif /* CONFIG_SOFTMMU */ > } > > @@ -1229,12 +1232,15 @@ static void tcg_out_qemu_st(TCGContext *s, TCGReg data_reg, TCGReg addr_reg, > tcg_insn_unit *label_ptr; > > tcg_out_tlb_read(s, addr_reg, s_bits, &label_ptr, mem_index, 0); > - tcg_out_qemu_st_direct(s, memop, data_reg, addr_reg, TCG_REG_X1); > + tcg_out_qemu_st_direct(s, memop, data_reg, addr_reg, > + TCG_TYPE_I64, TCG_REG_X1); > add_qemu_ldst_label(s, false, oi, s_bits == MO_64, data_reg, addr_reg, > s->code_ptr, label_ptr); > #else /* !CONFIG_SOFTMMU */ > - tcg_out_qemu_st_direct(s, memop, data_reg, addr_reg, > - GUEST_BASE ? TCG_REG_GUEST_BASE : TCG_REG_XZR); > + const TCGType otype = TARGET_LONG_BITS == 64 ? TCG_TYPE_I64 : TCG_TYPE_I32; > + tcg_out_qemu_st_direct(s, memop, data_reg, > + GUEST_BASE ? TCG_REG_GUEST_BASE : TCG_REG_XZR, > + otype, addr_reg); > #endif /* CONFIG_SOFTMMU */ > } > Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurelien@aurel32.net http://www.aurel32.net ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [Qemu-devel] [PATCH 0/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation 2015-07-15 15:26 [Qemu-devel] [PATCH 0/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation Paolo Bonzini 2015-07-15 15:27 ` [Qemu-devel] [PATCH 1/2] tcg: aarch64: add ext argument to tcg_out_insn_3310 Paolo Bonzini 2015-07-15 15:27 ` [Qemu-devel] [PATCH 2/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation Paolo Bonzini @ 2015-07-23 21:19 ` Richard Henderson 2 siblings, 0 replies; 6+ messages in thread From: Richard Henderson @ 2015-07-23 21:19 UTC (permalink / raw) To: Paolo Bonzini, qemu-devel; +Cc: claudio.fontana, aurelien On 07/15/2015 08:26 AM, Paolo Bonzini wrote: > The register allocator may sometimes pass a 64-bit value to a 32-bit > operation if truncations are considered no-ops by the backend. > When this happens, user-mode emulation may use an incorrect offset > for loads and stores. This affects aarch64 and x86, because other > architectures already zero-extend the offset before using it for a > load or store. > > To fix this for aarch64, use the uxtw modifier on load and store > instructions. > > Paolo > > Paolo Bonzini (2): > tcg: aarch64: add ext argument to tcg_out_insn_3310 > tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation > > tcg/aarch64/tcg-target.c | 63 +++++++++++++++++++++++++++--------------------- > 1 file changed, 36 insertions(+), 27 deletions(-) > Applied to tcg-for-2.4. r~ ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2015-07-23 21:19 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2015-07-15 15:26 [Qemu-devel] [PATCH 0/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation Paolo Bonzini 2015-07-15 15:27 ` [Qemu-devel] [PATCH 1/2] tcg: aarch64: add ext argument to tcg_out_insn_3310 Paolo Bonzini 2015-07-15 16:09 ` Aurelien Jarno 2015-07-15 15:27 ` [Qemu-devel] [PATCH 2/2] tcg: aarch64: use 32-bit offset for 32-bit user-mode emulation Paolo Bonzini 2015-07-15 16:10 ` Aurelien Jarno 2015-07-23 21:19 ` [Qemu-devel] [PATCH 0/2] " Richard Henderson
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.