[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-7.2.5 17/36] target/arm: Avoid writing to constant TCGv in trans
|
From: |
Michael Tokarev |
|
Subject: |
[Stable-7.2.5 17/36] target/arm: Avoid writing to constant TCGv in trans_CSEL() |
|
Date: |
Fri, 4 Aug 2023 21:53:30 +0300 |
From: Peter Maydell <peter.maydell@linaro.org>
In commit 0b188ea05acb5 we changed the implementation of
trans_CSEL() to use tcg_constant_i32(). However, this change
was incorrect, because the implementation of the function
sets up the TCGv_i32 rn and rm to be either zero or else
a TCG temp created in load_reg(), and these TCG temps are
then in both cases written to by the emitted TCG ops.
The result is that we hit a TCG assertion:
qemu-system-arm: ../../tcg/tcg.c:4455: tcg_reg_alloc_mov: Assertion
`!temp_readonly(ots)' failed.
(or on a non-debug build, just produce a garbage result)
Adjust the code so that rn and rm are always writeable
temporaries whether the instruction is using the special
case "0" or a normal register as input.
Cc: qemu-stable@nongnu.org
Fixes: 0b188ea05acb5 ("target/arm: Use tcg_constant in trans_CSEL")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230727103906.2641264-1-peter.maydell@linaro.org
(cherry picked from commit 2b0d656ab6484cae7f174e194215a6d50343ecd2)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(Mjt: context fixup in target/arm/tcg/translate.c)
diff --git a/target/arm/translate.c b/target/arm/translate.c
index a06da05640..9cf4a6819e 100644
--- a/target/arm/translate.c
+++ b/target/arm/translate.c
@@ -9030,7 +9030,7 @@ static bool trans_IT(DisasContext *s, arg_IT *a)
/* v8.1M CSEL/CSINC/CSNEG/CSINV */
static bool trans_CSEL(DisasContext *s, arg_CSEL *a)
{
- TCGv_i32 rn, rm, zero;
+ TCGv_i32 rn, rm;
DisasCompare c;
if (!arm_dc_feature(s, ARM_FEATURE_V8_1M)) {
@@ -9048,16 +9048,17 @@ static bool trans_CSEL(DisasContext *s, arg_CSEL *a)
}
/* In this insn input reg fields of 0b1111 mean "zero", not "PC" */
- zero = tcg_constant_i32(0);
+ rn = tcg_temp_new_i32();
+ rm = tcg_temp_new_i32();
if (a->rn == 15) {
- rn = zero;
+ tcg_gen_movi_i32(rn, 0);
} else {
- rn = load_reg(s, a->rn);
+ load_reg_var(s, rn, a->rn);
}
if (a->rm == 15) {
- rm = zero;
+ tcg_gen_movi_i32(rm, 0);
} else {
- rm = load_reg(s, a->rm);
+ load_reg_var(s, rm, a->rm);
}
switch (a->op) {
@@ -9077,7 +9078,7 @@ static bool trans_CSEL(DisasContext *s, arg_CSEL *a)
}
arm_test_cc(&c, a->fcond);
- tcg_gen_movcond_i32(c.cond, rn, c.value, zero, rn, rm);
+ tcg_gen_movcond_i32(c.cond, rn, c.value, tcg_constant_i32(0), rn, rm);
arm_free_cc(&c);
store_reg(s, a->rd, rn);
--
2.39.2
- [PULL 00/24] target-arm queue, Peter Maydell, 2023/08/31
- [PULL 01/24] target/arm: Reduce dcz_blocksize to uint8_t, Peter Maydell, 2023/08/31
- [PULL 04/24] target/arm: When tag memory is not present, set MTE=1, Peter Maydell, 2023/08/31
- [PULL 03/24] target/arm: Support more GM blocksizes, Peter Maydell, 2023/08/31
- [PULL 02/24] target/arm: Allow cpu to configure GM blocksize, Peter Maydell, 2023/08/31
- [PULL 07/24] target/arm: Apply access checks to neoverse-v1 special registers, Peter Maydell, 2023/08/31
- [PULL 06/24] target/arm: Apply access checks to neoverse-n1 special registers, Peter Maydell, 2023/08/31
- [PULL 09/24] target/arm: Implement FEAT_HPDS2 as a no-op, Peter Maydell, 2023/08/31
- [PULL 10/24] target/arm: properly document FEAT_CRC32, Peter Maydell, 2023/08/31
- [PULL 13/24] Add i.MX6UL missing devices., Peter Maydell, 2023/08/31
- [PULL 14/24] Refactor i.MX7 processor code, Peter Maydell, 2023/08/31