From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:37387)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aurelien@aurel32.net>) id 1TOXyJ-0003PM-T2
	for qemu-devel@nongnu.org; Wed, 17 Oct 2012 14:04:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <aurelien@aurel32.net>) id 1TOXyF-0000Zt-Ko
	for qemu-devel@nongnu.org; Wed, 17 Oct 2012 14:03:59 -0400
Received: from hall.aurel32.net ([88.191.126.93]:57400)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aurelien@aurel32.net>) id 1TOXyF-0000ZY-Ev
	for qemu-devel@nongnu.org; Wed, 17 Oct 2012 14:03:55 -0400
Date: Wed, 17 Oct 2012 20:03:49 +0200
From: Aurelien Jarno <aurelien@aurel32.net>
Message-ID: <20121017180349.GJ14078@ohm.aurel32.net>
References: <1350378950-10614-1-git-send-email-peter.crosthwaite@xilinx.com>
	<CAFEAcA93BHE6Y4TwjpuoT0NfCBT68-ppa5=mB5vQ5dRzUiUOWA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
In-Reply-To: <CAFEAcA93BHE6Y4TwjpuoT0NfCBT68-ppa5=mB5vQ5dRzUiUOWA@mail.gmail.com>
Subject: Re: [Qemu-devel] [PATCH] target-arm/translate: Fix RRX operands
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Peter Crosthwaite <peter.crosthwaite@petalogix.com>, Peter Crosthwaite <peter.crosthwaite@xilinx.com>, qemu-devel@nongnu.org

On Wed, Oct 17, 2012 at 05:43:55PM +0100, Peter Maydell wrote:
> On 16 October 2012 10:15, Peter Crosthwaite
> <peter.crosthwaite@petalogix.com> wrote:
> > Instructions that both use the RRX second operand and update CS were
> > incorrect, as the Carry flag was updated too early. An example of such an
> > instruction would be:
> >
> > ands r12,r13,RRX
> >
> > Ands, because of the "s" flag will update the carry flag. But the RRX second
> > operand rotates through the C flag which should happen before the update.
> > Fixed the ordering of the two, the old carry is read by "r13,RRX" before being
> > updated.
> >
> > Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
> > Reported-by: Vinesh Peringat <vineshp@xilinx.com>
> > ---
> >  target-arm/translate.c |    2 +-
> >  1 files changed, 1 insertions(+), 1 deletions(-)
> >
> > diff --git a/target-arm/translate.c b/target-arm/translate.c
> > index c6840b7..daccb15 100644
> > --- a/target-arm/translate.c
> > +++ b/target-arm/translate.c
> > @@ -516,10 +516,10 @@ static inline void gen_arm_shift_im(TCGv var, int shiftop, int shift, int flags)
> >              tcg_gen_rotri_i32(var, var, shift); break;
> >          } else {
> >              TCGv tmp = tcg_temp_new_i32();
> > +            tcg_gen_shli_i32(tmp, cpu_CF, 31);
> >              if (flags)
> >                  shifter_out_im(var, 0);
> >              tcg_gen_shri_i32(var, var, 1);
> > -            tcg_gen_shli_i32(tmp, cpu_CF, 31);
> >              tcg_gen_or_i32(var, var, tmp);
> >              tcg_temp_free_i32(tmp);
> >          }
> 
> Looks like this was broken by Aurelien's commit 66c374de8; previously
> we loaded CF into a tmp before doing the shifter_out_im() [which updates CF],
> and then used the tmp after the call, rather than directly using CF.

Yes, I am the culprit here, sorry about that.

> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
> 

And applied.


-- 
Aurelien Jarno                          GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net