* [PATCH v1] target/loongarch: Fix qemu-loongarch64 hang when executing 'll.d $t0, $t0, 0'
@ 2024-03-19 6:32 Song Gao
2024-03-19 15:55 ` Richard Henderson
0 siblings, 1 reply; 2+ messages in thread
From: Song Gao @ 2024-03-19 6:32 UTC (permalink / raw)
To: qemu-devel; +Cc: richard.henderson, c, philmd, maobibo, lixing
On gen_ll, if a->imm is 0, The value of t0 should be src1.
Links: https://www.openwall.com/lists/musl/2024/03/12/4
Signed-off-by: Song Gao <gaosong@loongson.cn>
---
target/loongarch/tcg/insn_trans/trans_atomic.c.inc | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/target/loongarch/tcg/insn_trans/trans_atomic.c.inc b/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
index 80c2e286fd..fab951a892 100644
--- a/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
+++ b/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
@@ -7,7 +7,13 @@ static bool gen_ll(DisasContext *ctx, arg_rr_i *a, MemOp mop)
{
TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
- TCGv t0 = make_address_i(ctx, src1, a->imm);
+ TCGv t0 = tcg_temp_new();
+
+ if (a->imm) {
+ t0 = make_address_i(ctx, src1, a->imm);
+ } else {
+ tcg_gen_mov_tl(t0, src1);
+ }
tcg_gen_qemu_ld_i64(dest, t0, ctx->mem_idx, mop);
tcg_gen_st_tl(t0, tcg_env, offsetof(CPULoongArchState, lladdr));
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH v1] target/loongarch: Fix qemu-loongarch64 hang when executing 'll.d $t0, $t0, 0'
2024-03-19 6:32 [PATCH v1] target/loongarch: Fix qemu-loongarch64 hang when executing 'll.d $t0, $t0, 0' Song Gao
@ 2024-03-19 15:55 ` Richard Henderson
0 siblings, 0 replies; 2+ messages in thread
From: Richard Henderson @ 2024-03-19 15:55 UTC (permalink / raw)
To: Song Gao, qemu-devel; +Cc: c, philmd, maobibo, lixing
On 3/18/24 20:32, Song Gao wrote:
> On gen_ll, if a->imm is 0, The value of t0 should be src1.
>
> Links: https://www.openwall.com/lists/musl/2024/03/12/4
>
> Signed-off-by: Song Gao <gaosong@loongson.cn>
> ---
> target/loongarch/tcg/insn_trans/trans_atomic.c.inc | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/target/loongarch/tcg/insn_trans/trans_atomic.c.inc b/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
> index 80c2e286fd..fab951a892 100644
> --- a/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
> +++ b/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
> @@ -7,7 +7,13 @@ static bool gen_ll(DisasContext *ctx, arg_rr_i *a, MemOp mop)
> {
> TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
> TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
> - TCGv t0 = make_address_i(ctx, src1, a->imm);
> + TCGv t0 = tcg_temp_new();
> +
> + if (a->imm) {
> + t0 = make_address_i(ctx, src1, a->imm);
> + } else {
> + tcg_gen_mov_tl(t0, src1);
> + }
>
> tcg_gen_qemu_ld_i64(dest, t0, ctx->mem_idx, mop);
> tcg_gen_st_tl(t0, tcg_env, offsetof(CPULoongArchState, lladdr));
This is definitely wrong, since you're ignoring va32.
But I see the problem with make_address_x returning src1 when addend == NULL, because the
load to destination may clobber src1.
I suggest always using a new destination instead:
TCGv src1 = gpr_src(...);
TCGv t0 = make_address_i(...);
TCGv t1 = tcg_temp_new();
tcg_gen_qemu_ld_i64(t1, t0, ...);
tcg_gen_st_tl(t0, ... lladdr);
gen_set_gpr(a->rd, t1, EXT_NONE);
r~
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-03-19 15:55 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-19 6:32 [PATCH v1] target/loongarch: Fix qemu-loongarch64 hang when executing 'll.d $t0, $t0, 0' Song Gao
2024-03-19 15:55 ` Richard Henderson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).