From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.33) id 1CcAXD-0001mQ-3D for qemu-devel@nongnu.org; Wed, 08 Dec 2004 17:43:47 -0500 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.33) id 1CcAXC-0001mI-Qb for qemu-devel@nongnu.org; Wed, 08 Dec 2004 17:43:46 -0500 Received: from [129.104.30.34] (helo=mx1.polytechnique.org) by monty-python.gnu.org with esmtp (Exim 4.34) id 1CcANC-0002wX-N4 for qemu-devel@nongnu.org; Wed, 08 Dec 2004 17:33:27 -0500 Message-ID: <41B7814E.6090100@bellard.org> Date: Wed, 08 Dec 2004 23:33:50 +0100 From: Fabrice Bellard MIME-Version: 1.0 Subject: Re: [Qemu-devel] Qemu arm emulation References: <20041203210758.GD21652@cray.fish.zetnet.co.uk> <200412032113.41066.paul@codesourcery.com> In-Reply-To: <200412032113.41066.paul@codesourcery.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: paul@codesourcery.com Thank you for the patch ! From the spec, I think there are still errors for 0 shifts when shiftop != 3. Have you made a patch for that too ? Fabrice. Paul Brook wrote: > On Friday 03 December 2004 21:07, Charlie Baylis wrote: > >>Hi Fabrice >> >>I have had a look at some faults in the ARM port of Qemu. I have discovered >>a couple of bugs. To avoid difficulties with my employer I can't distribute >>my patch which contains the fixes, but they are fairly trivial so I am >>detailing the changes required here. >> >>1. The RRX operand shift on data processing instructions is incorrectly >>decoded as a rotate right (ROR) of 0 bits. >>RRX should have the effect of an extended rotate right of 1 bit where the >>carry flag is shifted into the top bit of the result. If the S bit is set, >>then the carry flag is set to the bottom bit of the source value. > > > The attached patch fixes this. > > I posted it a while back, but it never got into CVS and I never chased it. > Paul > > > ------------------------------------------------------------------------ > > Index: target-arm/op.c > =================================================================== > RCS file: /cvsroot/qemu/qemu/target-arm/op.c,v > retrieving revision 1.3 > diff -u -p -r1.3 op.c > --- target-arm/op.c 30 Nov 2003 19:40:08 -0000 1.3 > +++ target-arm/op.c 1 Aug 2004 21:43:22 -0000 > @@ -485,6 +502,11 @@ void OPPROTO op_rorl_T1_im(void) > T1 = ((uint32_t)T1 >> shift) | (T1 << (32 - shift)); > } > > +void OPPROTO op_rrxl_T1(void) > +{ > + T1 = ((uint32_t)T1 >> 1) | ((uint32_t)env->CF << 31); > +} > + > /* T1 based, set C flag */ > void OPPROTO op_shll_T1_im_cc(void) > { > @@ -512,6 +534,14 @@ void OPPROTO op_rorl_T1_im_cc(void) > T1 = ((uint32_t)T1 >> shift) | (T1 << (32 - shift)); > } > > +void OPPROTO op_rrxl_T1_cc(void) > +{ > + uint32_t c; > + c = T1 & 1; > + T1 = ((uint32_t)T1 >> 1) | ((uint32_t)env->CF << 31); > + env->CF = c; > +} > + > /* T2 based */ > void OPPROTO op_shll_T2_im(void) > { > Index: target-arm/translate.c > =================================================================== > RCS file: /cvsroot/qemu/qemu/target-arm/translate.c,v > retrieving revision 1.10 > diff -u -p -r1.10 translate.c > --- target-arm/translate.c 22 Jun 2004 10:55:49 -0000 1.10 > +++ target-arm/translate.c 1 Aug 2004 21:43:22 -0000 > @@ -365,6 +484,11 @@ static void disas_arm_insn(DisasContext > } else { > gen_shift_T1_im[shiftop](shift); > } > + } else if (shiftop == 3) { > + if (logic_cc) > + gen_op_rrxl_T1_cc(); > + else > + gen_op_rrxl_T1(); > } > } else { > rs = (insn >> 8) & 0xf; > > > ------------------------------------------------------------------------ > > _______________________________________________ > Qemu-devel mailing list > Qemu-devel@nongnu.org > http://lists.nongnu.org/mailman/listinfo/qemu-devel