From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41789)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <elta.era@gmail.com>) id 1XBnK1-0000JA-5p
	for qemu-devel@nongnu.org; Mon, 28 Jul 2014 11:58:54 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <elta.era@gmail.com>) id 1XBnJr-00006s-MO
	for qemu-devel@nongnu.org; Mon, 28 Jul 2014 11:58:45 -0400
Received: from mail-pd0-x22f.google.com ([2607:f8b0:400e:c02::22f]:41998)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <elta.era@gmail.com>) id 1XBnJr-00006e-7u
	for qemu-devel@nongnu.org; Mon, 28 Jul 2014 11:58:35 -0400
Received: by mail-pd0-f175.google.com with SMTP id r10so10052467pdi.6
	for <qemu-devel@nongnu.org>; Mon, 28 Jul 2014 08:58:34 -0700 (PDT)
From: Dongxue Zhang <elta.era@gmail.com>
Date: Mon, 28 Jul 2014 23:58:22 +0800
Message-Id: <1406563102-11035-2-git-send-email-elta.era@gmail.com>
In-Reply-To: <1406563102-11035-1-git-send-email-elta.era@gmail.com>
References: <1406563102-11035-1-git-send-email-elta.era@gmail.com>
Content-Type: text/plain; charset="utf-8"
Subject: [Qemu-devel] [PATCH 2/2] target-mips/translate.c: Add judgement for
	msb and lsb
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Dongxue Zhang <elta.era@gmail.com>, aurelien@aurel32.net

Use 'if' to make sure the real msb greater than the lsb. As the compiler may
not do this.

Signed-off-by: Dongxue Zhang <elta.era@gmail.com>
---
 target-mips/translate.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/target-mips/translate.c b/target-mips/translate.c
index c381366..e2cce31 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -3946,14 +3946,23 @@ static void gen_bitops (DisasContext *ctx, uint32_t opc, int rt,
         break;
 #if defined(TARGET_MIPS64)
     case OPC_DINSM:
+        if (lsb > (msb + 32)) {
+            goto fail;
+        }
         gen_load_gpr(t0, rt);
         tcg_gen_deposit_tl(t0, t0, t1, lsb, msb + 32 - lsb + 1);
         break;
     case OPC_DINSU:
+        if (lsb > msb) {
+            goto fail;
+        }
         gen_load_gpr(t0, rt);
         tcg_gen_deposit_tl(t0, t0, t1, lsb + 32, msb - lsb + 1);
         break;
     case OPC_DINS:
+        if (lsb > msb) {
+            goto fail;
+        }
         gen_load_gpr(t0, rt);
         tcg_gen_deposit_tl(t0, t0, t1, lsb, msb - lsb + 1);
         break;
-- 
1.8.1.2