From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33790) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WQ1b0-0003Qa-UJ for qemu-devel@nongnu.org; Tue, 18 Mar 2014 17:30:55 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WQ1aw-0007up-2m for qemu-devel@nongnu.org; Tue, 18 Mar 2014 17:30:50 -0400 Received: from mail-pa0-x233.google.com ([2607:f8b0:400e:c03::233]:49067) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WQ1av-0007uj-Rj for qemu-devel@nongnu.org; Tue, 18 Mar 2014 17:30:46 -0400 Received: by mail-pa0-f51.google.com with SMTP id kq14so7877580pab.24 for ; Tue, 18 Mar 2014 14:30:45 -0700 (PDT) Sender: Richard Henderson From: Richard Henderson Date: Tue, 18 Mar 2014 14:30:33 -0700 Message-Id: <1395178235-29056-3-git-send-email-rth@twiddle.net> In-Reply-To: <1395178235-29056-1-git-send-email-rth@twiddle.net> References: <1395178235-29056-1-git-send-email-rth@twiddle.net> Subject: [Qemu-devel] [PATCH v2 2/4] tcg: Mask shift quantities while folding List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: peter.maydell@linaro.org The TCG result would be undefined, but we can at least produce one plausible result and avoid triggering the wrath of analysis tools. Reported-by: Peter Maydell Signed-off-by: Richard Henderson --- tcg/optimize.c | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/tcg/optimize.c b/tcg/optimize.c index 7777743..2fb708e 100644 --- a/tcg/optimize.c +++ b/tcg/optimize.c @@ -220,34 +220,34 @@ static TCGArg do_constant_folding_2(TCGOpcode op, TCGArg x, TCGArg y) return x ^ y; case INDEX_op_shl_i32: - return (uint32_t)x << (uint32_t)y; + return (uint32_t)x << (y & 31); case INDEX_op_shl_i64: - return (uint64_t)x << (uint64_t)y; + return (uint64_t)x << (y & 63); case INDEX_op_shr_i32: - return (uint32_t)x >> (uint32_t)y; + return (uint32_t)x >> (y & 31); case INDEX_op_shr_i64: - return (uint64_t)x >> (uint64_t)y; + return (uint64_t)x >> (y & 63); case INDEX_op_sar_i32: - return (int32_t)x >> (int32_t)y; + return (int32_t)x >> (y & 31); case INDEX_op_sar_i64: - return (int64_t)x >> (int64_t)y; + return (int64_t)x >> (y & 63); case INDEX_op_rotr_i32: - return ror32(x, y); + return ror32(x, y & 31); case INDEX_op_rotr_i64: - return ror64(x, y); + return ror64(x, y & 63); case INDEX_op_rotl_i32: - return rol32(x, y); + return rol32(x, y & 31); case INDEX_op_rotl_i64: - return rol64(x, y); + return rol64(x, y & 63); CASE_OP_32_64(not): return ~x; @@ -806,29 +806,34 @@ static TCGArg *tcg_constant_folding(TCGContext *s, uint16_t *tcg_opc_ptr, case INDEX_op_sar_i32: if (temps[args[2]].state == TCG_TEMP_CONST) { - mask = (int32_t)temps[args[1]].mask >> temps[args[2]].val; + tmp = temps[args[2]].val & 31; + mask = (int32_t)temps[args[1]].mask >> tmp; } break; case INDEX_op_sar_i64: if (temps[args[2]].state == TCG_TEMP_CONST) { - mask = (int64_t)temps[args[1]].mask >> temps[args[2]].val; + tmp = temps[args[2]].val & 63; + mask = (int64_t)temps[args[1]].mask >> tmp; } break; case INDEX_op_shr_i32: if (temps[args[2]].state == TCG_TEMP_CONST) { - mask = (uint32_t)temps[args[1]].mask >> temps[args[2]].val; + tmp = temps[args[2]].val & 31; + mask = (uint32_t)temps[args[1]].mask >> tmp; } break; case INDEX_op_shr_i64: if (temps[args[2]].state == TCG_TEMP_CONST) { - mask = (uint64_t)temps[args[1]].mask >> temps[args[2]].val; + tmp = temps[args[2]].val & 63; + mask = (uint64_t)temps[args[1]].mask >> tmp; } break; CASE_OP_32_64(shl): if (temps[args[2]].state == TCG_TEMP_CONST) { - mask = temps[args[1]].mask << temps[args[2]].val; + tmp = temps[args[2]].val & (TCG_TARGET_REG_BITS - 1); + mask = temps[args[1]].mask << tmp; } break; -- 1.8.5.3