[PATCH v2 0/2] target/hppa: Fix deposit assert from trans_shrpw

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH v2 0/2] target/hppa: Fix deposit assert from trans_shrpw_imm
@ 2021-12-13 18:56 Philippe Mathieu-Daudé
  2021-12-13 18:56 ` [PATCH v2 1/2] target/hppa: Minor code movement Philippe Mathieu-Daudé
  2021-12-13 18:56 ` [PATCH v2 2/2] target/hppa: Fix deposit assert from trans_shrpw_imm Philippe Mathieu-Daudé
  0 siblings, 2 replies; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-12-13 18:56 UTC (permalink / raw)
  To: qemu-devel
  Cc: Sven Schnelle, Helge Deller, Richard Henderson,
	Philippe Mathieu-Daudé

Since v1:
Add preliminary code movement patch to ease reviewing
Richard patch.

Philippe Mathieu-Daudé (1):
  target/hppa: Minor code movement

Richard Henderson (1):
  target/hppa: Fix deposit assert from trans_shrpw_imm

 target/hppa/translate.c | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

-- 
2.33.1



^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH v2 1/2] target/hppa: Minor code movement
  2021-12-13 18:56 [PATCH v2 0/2] target/hppa: Fix deposit assert from trans_shrpw_imm Philippe Mathieu-Daudé
@ 2021-12-13 18:56 ` Philippe Mathieu-Daudé
  2021-12-13 18:56 ` [PATCH v2 2/2] target/hppa: Fix deposit assert from trans_shrpw_imm Philippe Mathieu-Daudé
  1 sibling, 0 replies; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-12-13 18:56 UTC (permalink / raw)
  To: qemu-devel
  Cc: Sven Schnelle, Helge Deller, Richard Henderson,
	Philippe Mathieu-Daudé

Move the 'a->r1 == 0' if ladder earlier, simply
to ease reviewing the next commit change.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
 target/hppa/translate.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 3b9744deb44..261e4c75c7c 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -3204,14 +3204,14 @@ static bool trans_shrpw_imm(DisasContext *ctx, arg_shrpw_imm *a)
 
     dest = dest_gpr(ctx, a->t);
     t2 = load_gpr(ctx, a->r2);
-    if (a->r1 == a->r2) {
+    if (a->r1 == 0) {
+        tcg_gen_extract_reg(dest, t2, sa, 32 - sa);
+    } else if (a->r1 == a->r2) {
         TCGv_i32 t32 = tcg_temp_new_i32();
         tcg_gen_trunc_reg_i32(t32, t2);
         tcg_gen_rotri_i32(t32, t32, sa);
         tcg_gen_extu_i32_reg(dest, t32);
         tcg_temp_free_i32(t32);
-    } else if (a->r1 == 0) {
-        tcg_gen_extract_reg(dest, t2, sa, 32 - sa);
     } else {
         TCGv_reg t0 = tcg_temp_new();
         tcg_gen_extract_reg(t0, t2, sa, 32 - sa);
-- 
2.33.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH v2 2/2] target/hppa: Fix deposit assert from trans_shrpw_imm
  2021-12-13 18:56 [PATCH v2 0/2] target/hppa: Fix deposit assert from trans_shrpw_imm Philippe Mathieu-Daudé
  2021-12-13 18:56 ` [PATCH v2 1/2] target/hppa: Minor code movement Philippe Mathieu-Daudé
@ 2021-12-13 18:56 ` Philippe Mathieu-Daudé
  2021-12-13 22:22   ` Philippe Mathieu-Daudé
  1 sibling, 1 reply; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-12-13 18:56 UTC (permalink / raw)
  To: qemu-devel; +Cc: Sven Schnelle, Helge Deller, Richard Henderson

From: Richard Henderson <richard.henderson@linaro.org>

Because sa may be 0,

    tcg_gen_deposit_reg(dest, t0, cpu_gr[a->r1], 32 - sa, sa);

may attempt a zero-width deposit at bit 32, which will assert
for TARGET_REGISTER_BITS == 32.

Use the newer extract2 when possible, which itself includes the
rotri special case; otherwise mirror the code from trans_shrpw_sar,
using concat and shri.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/635
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211213174248.29222-1-richard.henderson@linaro.org>
---
 target/hppa/translate.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 261e4c75c7c..952027a28e1 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -140,6 +140,7 @@
 #define tcg_gen_deposit_z_reg tcg_gen_deposit_z_i64
 #define tcg_gen_extract_reg  tcg_gen_extract_i64
 #define tcg_gen_sextract_reg tcg_gen_sextract_i64
+#define tcg_gen_extract2_reg tcg_gen_extract2_i64
 #define tcg_const_reg        tcg_const_i64
 #define tcg_const_local_reg  tcg_const_local_i64
 #define tcg_constant_reg     tcg_constant_i64
@@ -234,6 +235,7 @@
 #define tcg_gen_deposit_z_reg tcg_gen_deposit_z_i32
 #define tcg_gen_extract_reg  tcg_gen_extract_i32
 #define tcg_gen_sextract_reg tcg_gen_sextract_i32
+#define tcg_gen_extract2_reg tcg_gen_extract2_i32
 #define tcg_const_reg        tcg_const_i32
 #define tcg_const_local_reg  tcg_const_local_i32
 #define tcg_constant_reg     tcg_constant_i32
@@ -3206,6 +3208,8 @@ static bool trans_shrpw_imm(DisasContext *ctx, arg_shrpw_imm *a)
     t2 = load_gpr(ctx, a->r2);
     if (a->r1 == 0) {
         tcg_gen_extract_reg(dest, t2, sa, 32 - sa);
+    } else if (TARGET_REGISTER_BITS == 32) {
+        tcg_gen_extract2_reg(dest, t2, cpu_gr[a->r1], sa);
     } else if (a->r1 == a->r2) {
         TCGv_i32 t32 = tcg_temp_new_i32();
         tcg_gen_trunc_reg_i32(t32, t2);
@@ -3213,10 +3217,11 @@ static bool trans_shrpw_imm(DisasContext *ctx, arg_shrpw_imm *a)
         tcg_gen_extu_i32_reg(dest, t32);
         tcg_temp_free_i32(t32);
     } else {
-        TCGv_reg t0 = tcg_temp_new();
-        tcg_gen_extract_reg(t0, t2, sa, 32 - sa);
-        tcg_gen_deposit_reg(dest, t0, cpu_gr[a->r1], 32 - sa, sa);
-        tcg_temp_free(t0);
+        TCGv_i64 t64 = tcg_temp_new_i64();
+        tcg_gen_concat_reg_i64(t64, t2, cpu_gr[a->r1]);
+        tcg_gen_shri_i64(t64, t64, sa);
+        tcg_gen_trunc_i64_reg(dest, t64);
+        tcg_temp_free_i64(t64);
     }
     save_gpr(ctx, a->t, dest);
 
-- 
2.33.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH v2 2/2] target/hppa: Fix deposit assert from trans_shrpw_imm
  2021-12-13 18:56 ` [PATCH v2 2/2] target/hppa: Fix deposit assert from trans_shrpw_imm Philippe Mathieu-Daudé
@ 2021-12-13 22:22   ` Philippe Mathieu-Daudé
  0 siblings, 0 replies; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-12-13 22:22 UTC (permalink / raw)
  To: qemu-devel; +Cc: Richard Henderson, Helge Deller, Sven Schnelle

On 12/13/21 19:56, Philippe Mathieu-Daudé wrote:
> From: Richard Henderson <richard.henderson@linaro.org>
> 
> Because sa may be 0,
> 
>     tcg_gen_deposit_reg(dest, t0, cpu_gr[a->r1], 32 - sa, sa);
> 
> may attempt a zero-width deposit at bit 32, which will assert
> for TARGET_REGISTER_BITS == 32.
> 
> Use the newer extract2 when possible, which itself includes the
> rotri special case; otherwise mirror the code from trans_shrpw_sar,
> using concat and shri.
> 
> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/635
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> Message-Id: <20211213174248.29222-1-richard.henderson@linaro.org>

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

> ---
>  target/hppa/translate.c | 13 +++++++++----
>  1 file changed, 9 insertions(+), 4 deletions(-)
> 
> diff --git a/target/hppa/translate.c b/target/hppa/translate.c
> index 261e4c75c7c..952027a28e1 100644
> --- a/target/hppa/translate.c
> +++ b/target/hppa/translate.c
> @@ -140,6 +140,7 @@
>  #define tcg_gen_deposit_z_reg tcg_gen_deposit_z_i64
>  #define tcg_gen_extract_reg  tcg_gen_extract_i64
>  #define tcg_gen_sextract_reg tcg_gen_sextract_i64
> +#define tcg_gen_extract2_reg tcg_gen_extract2_i64
>  #define tcg_const_reg        tcg_const_i64
>  #define tcg_const_local_reg  tcg_const_local_i64
>  #define tcg_constant_reg     tcg_constant_i64
> @@ -234,6 +235,7 @@
>  #define tcg_gen_deposit_z_reg tcg_gen_deposit_z_i32
>  #define tcg_gen_extract_reg  tcg_gen_extract_i32
>  #define tcg_gen_sextract_reg tcg_gen_sextract_i32
> +#define tcg_gen_extract2_reg tcg_gen_extract2_i32
>  #define tcg_const_reg        tcg_const_i32
>  #define tcg_const_local_reg  tcg_const_local_i32
>  #define tcg_constant_reg     tcg_constant_i32
> @@ -3206,6 +3208,8 @@ static bool trans_shrpw_imm(DisasContext *ctx, arg_shrpw_imm *a)
>      t2 = load_gpr(ctx, a->r2);
>      if (a->r1 == 0) {
>          tcg_gen_extract_reg(dest, t2, sa, 32 - sa);
> +    } else if (TARGET_REGISTER_BITS == 32) {
> +        tcg_gen_extract2_reg(dest, t2, cpu_gr[a->r1], sa);
>      } else if (a->r1 == a->r2) {
>          TCGv_i32 t32 = tcg_temp_new_i32();
>          tcg_gen_trunc_reg_i32(t32, t2);
> @@ -3213,10 +3217,11 @@ static bool trans_shrpw_imm(DisasContext *ctx, arg_shrpw_imm *a)
>          tcg_gen_extu_i32_reg(dest, t32);
>          tcg_temp_free_i32(t32);
>      } else {
> -        TCGv_reg t0 = tcg_temp_new();
> -        tcg_gen_extract_reg(t0, t2, sa, 32 - sa);
> -        tcg_gen_deposit_reg(dest, t0, cpu_gr[a->r1], 32 - sa, sa);
> -        tcg_temp_free(t0);
> +        TCGv_i64 t64 = tcg_temp_new_i64();
> +        tcg_gen_concat_reg_i64(t64, t2, cpu_gr[a->r1]);
> +        tcg_gen_shri_i64(t64, t64, sa);
> +        tcg_gen_trunc_i64_reg(dest, t64);
> +        tcg_temp_free_i64(t64);
>      }
>      save_gpr(ctx, a->t, dest);
>  
> 


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-12-13 22:24 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-13 18:56 [PATCH v2 0/2] target/hppa: Fix deposit assert from trans_shrpw_imm Philippe Mathieu-Daudé
2021-12-13 18:56 ` [PATCH v2 1/2] target/hppa: Minor code movement Philippe Mathieu-Daudé
2021-12-13 18:56 ` [PATCH v2 2/2] target/hppa: Fix deposit assert from trans_shrpw_imm Philippe Mathieu-Daudé
2021-12-13 22:22   ` Philippe Mathieu-Daudé

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.