[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 3/5] target/hppa: fix log conditions
|
From: |
Richard Henderson |
|
Subject: |
Re: [Qemu-devel] [PATCH 3/5] target/hppa: fix log conditions |
|
Date: |
Mon, 11 Feb 2019 20:30:11 -0800 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 |
On 2/11/19 10:19 AM, Sven Schnelle wrote:
> switch (cf >> 1) {
> - case 4: case 5: case 6:
> - cf &= 1;
> + case 0: /* never */
> + cond = cond_make_f();
> + break;
> + case 1: /* = all bits are zero */
> + cond = cond_make_0(TCG_COND_EQ, res);
> + break;
> + case 2: /* < leftmost bit is 1 */
> + cond = cond_make_0(TCG_COND_LT, res);
> + break;
> + case 3: /* <= leftmost bit is 1 or all bits 0 */
> + cond = cond_make_0(TCG_COND_LE, res);
> + break;
> + case 7: /* OD rightmost bit is 1 */
> + tmp = tcg_temp_new();
> + tcg_gen_andi_reg(tmp, res, 1);
> + cond = cond_make_0(TCG_COND_NE, tmp);
> + tcg_temp_free(tmp);
> + break;
> + default:
> break;
> }
You can't do nothing for cases 4,5,6. That lets a bad guest crash qemu, since
cond will be uninitialized. Also, this patch has to be sorted before the
previous, as otherwise you introduce a regression during bisection.
I've fixed this up locally.
r~
- [Qemu-devel] [PATCH 1/5] target/hppa: move GETPC to HELPER() functions, Sven Schnelle, 2019/02/11
- [Qemu-devel] [PATCH 5/5] target/hppa: fix dcor instruction, Sven Schnelle, 2019/02/11
- [Qemu-devel] [PATCH 4/5] target/hppa: fix sed conditions, Sven Schnelle, 2019/02/11
- [Qemu-devel] [PATCH 3/5] target/hppa: fix log conditions, Sven Schnelle, 2019/02/11
- Re: [Qemu-devel] [PATCH 3/5] target/hppa: fix log conditions,
Richard Henderson <=
- [Qemu-devel] [PATCH 2/5] target/hppa: fix '</<=' conditions, Sven Schnelle, 2019/02/11
- Re: [Qemu-devel] [PATCH 1/5] target/hppa: move GETPC to HELPER() functions, Richard Henderson, 2019/02/11