From: Lauro Ramos Venancio <lauro.venancio@indt.org.br>
To: qemu-devel <qemu-devel@nongnu.org>
Subject: [Qemu-devel] Re: qemu-arm: wrong execution of post-indexed loads when Rm and Rd are the same register
Date: Thu, 15 Mar 2007 16:43:50 -0300 [thread overview]
Message-ID: <1173987831.9939.5.camel@edgy-laptop> (raw)
In-Reply-To: <1173987324.9939.0.camel@edgy-laptop>
[-- Attachment #1: Type: text/plain, Size: 486 bytes --]
Now sending the attachment. :)
Lauro
On Thu, 2007-03-15 at 16:35 -0300, Lauro Ramos Venancio wrote:
> Qemu-arm is wrongly executing post-indexed loads when Rm and Rd are
> the same register. For example:
>
> ldr r0, [r1], +r0
>
> Current behavior:
> r0 <- [r1]
> r1 <- r1 + r0
>
> Expected behavior:
> addr <- r1
> r1 <- r1 + r0
> r0 <- [addr]
>
> The attached patch fixes this bug. Patched by me and Rodrigo Vivi.
> This patch was made based on qemu 0.9.
>
>
> Lauro Venancio
[-- Attachment #2: 00_ldr_writeback.patch --]
[-- Type: text/x-patch, Size: 3917 bytes --]
--- target-arm/op.c.orig 2007-03-09 18:40:02.000000000 -0300
+++ target-arm/op.c 2007-03-09 18:40:27.000000000 -0300
@@ -106,6 +106,11 @@ void OPPROTO op_movl_T0_T1(void)
T0 = T1;
}
+void OPPROTO op_movl_T1_T0(void)
+{
+ T1 = T0;
+}
+
void OPPROTO op_movl_T1_im(void)
{
T1 = PARAM1;
--- target-arm/translate.c.orig 2007-03-09 18:40:02.000000000 -0300
+++ target-arm/translate.c 2007-03-09 18:40:32.000000000 -0300
@@ -383,23 +383,19 @@ static inline void gen_add_data_offset(D
}
}
-static inline void gen_add_datah_offset(DisasContext *s, unsigned int insn,
- int extra)
+static inline void gen_add_datah_offset(DisasContext *s, unsigned int insn)
{
int val, rm;
if (insn & (1 << 22)) {
/* immediate */
val = (insn & 0xf) | ((insn >> 4) & 0xf0);
- val += extra;
if (!(insn & (1 << 23)))
val = -val;
if (val != 0)
gen_op_addl_T1_im(val);
} else {
/* register */
- if (extra)
- gen_op_addl_T1_im(extra);
rm = (insn) & 0xf;
gen_movl_T2_reg(s, rm);
if (!(insn & (1 << 23)))
@@ -1534,14 +1530,17 @@ static void disas_arm_insn(CPUState * en
}
}
} else {
- int address_offset;
/* Misc load/store */
rn = (insn >> 16) & 0xf;
rd = (insn >> 12) & 0xf;
gen_movl_T1_reg(s, rn);
- if (insn & (1 << 24))
- gen_add_datah_offset(s, insn, 0);
- address_offset = 0;
+ gen_movl_T0_reg(s, rn);
+ gen_add_datah_offset(s, insn);
+ /* writeback */
+ if (!(insn & (1 << 24))||(insn & (1 << 21)))
+ gen_movl_reg_T1(s, rn);
+ if (!(insn & (1 << 24))) /* pos-indexed */
+ gen_op_movl_T1_T0();
if (insn & (1 << 20)) {
/* load */
switch(sh) {
@@ -1574,20 +1573,11 @@ static void disas_arm_insn(CPUState * en
gen_ldst(ldl, s);
gen_movl_reg_T0(s, rd + 1);
}
- address_offset = -4;
} else {
/* store */
gen_movl_T0_reg(s, rd);
gen_ldst(stw, s);
}
- if (!(insn & (1 << 24))) {
- gen_add_datah_offset(s, insn, address_offset);
- gen_movl_reg_T1(s, rn);
- } else if (insn & (1 << 21)) {
- if (address_offset)
- gen_op_addl_T1_im(address_offset);
- gen_movl_reg_T1(s, rn);
- }
}
break;
case 0x4:
@@ -1607,9 +1597,14 @@ static void disas_arm_insn(CPUState * en
rn = (insn >> 16) & 0xf;
rd = (insn >> 12) & 0xf;
gen_movl_T1_reg(s, rn);
+ gen_movl_T0_reg(s, rn);
i = (IS_USER(s) || (insn & 0x01200000) == 0x00200000);
- if (insn & (1 << 24))
gen_add_data_offset(s, insn);
+ /* writeback */
+ if (!(insn & (1 << 24))||(insn & (1 << 21)))
+ gen_movl_reg_T1(s, rn);
+ if (!(insn & (1 << 24))) /* pos-indexed */
+ gen_op_movl_T1_T0();
if (insn & (1 << 20)) {
/* load */
#if defined(CONFIG_USER_ONLY)
@@ -1656,12 +1651,6 @@ static void disas_arm_insn(CPUState * en
}
#endif
}
- if (!(insn & (1 << 24))) {
- gen_add_data_offset(s, insn);
- gen_movl_reg_T1(s, rn);
- } else if (insn & (1 << 21))
- gen_movl_reg_T1(s, rn); {
- }
break;
case 0x08:
case 0x09:
next prev parent reply other threads:[~2007-03-15 19:45 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-03-15 19:35 [Qemu-devel] qemu-arm: wrong execution of post-indexed loads when Rm and Rd are the same register Lauro Ramos Venancio
2007-03-15 19:43 ` Lauro Ramos Venancio [this message]
2007-03-15 20:03 ` Paul Brook
2007-03-15 20:32 ` Rodrigo Vivi
2007-03-15 21:10 ` Paul Brook
2007-03-15 21:19 ` Rodrigo Vivi
2007-03-15 21:55 ` Laurent Desnogues
2007-03-15 22:04 ` Paul Brook
2007-03-16 20:42 ` Lauro Ramos Venancio
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1173987831.9939.5.camel@edgy-laptop \
--to=lauro.venancio@indt.org.br \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).