qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH RFC v4 01/12] target/rx: TCG translation

From: Yoshinori Sato
Subject: Re: [Qemu-devel] [PATCH RFC v4 01/12] target/rx: TCG translation
Date: Wed, 27 Mar 2019 22:25:34 +0900
User-agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (Gojō) APEL/10.8 EasyPG/1.0.0 Emacs/25.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) 
On Tue, 26 Mar 2019 00:50:53 +0900,
Richard Henderson wrote:
> 
> On 3/25/19 2:38 AM, Yoshinori Sato wrote:
> >>> +static bool trans_EMUL_mr(DisasContext *ctx, arg_EMUL_mr *a)
> >>> +{
> >>> +    TCGv val, mem;
> >>> +    mem = tcg_temp_new();
> >>> +    val = rx_load_source(ctx, mem, a->ld, a->mi, a->rs);
> >>> +    tcg_gen_muls2_i32(cpu_regs[a->rd], cpu_regs[a->rd + 1],
> >>> +                      cpu_regs[a->rd], val);
> >>
> >> Both of these need to check for rd == 15 and return false.
> > 
> > Specifying 15 for rd does not result in an invalid instruction.
> > I made it to output a log.
> 
> Does the hardware wrap around and modify R0, then?
> Whatever you do, you cannot allow the guest to read
> beyond the end of the cpu_regs array.

Sorry. When I tried again,
I had a wraparound to R0.

I also checked translate.c because I confirmed other undefined behavior.

> >>> +    gen_set_label(l1);
> >>> +    tcg_gen_movi_i32(cpu_psw_c, 0);
> >>> +    tcg_gen_movi_i32(cpu_psw_o, 0);
> >>
> >> Likewise.
> > 
> > As this is a two-operand, rd does not change when the shift count is zero.
> 
> The insn may be two operand, but the arg structure is three operand.  You have
> written the entire rest of the function as if rd is relevant.  If you add the
> tcg_gen_mov_i32 you complete that illusion.  However, there will be no mov
> issued, because tcg_gen_mov_i32 checks for dest == src.
> 
> 
> r~
> 

-- 
Yosinori Sato
reply via email to
[Prev in Thread] Current Thread [Next in Thread]