Re: [PATCH v1] target/loongarch: Fix qemu-loongarch64 hang when executing 'll.d $t0, $t0, 0'

[Richard Henderson]

On 3/18/24 20:32, Song Gao wrote:
> On gen_ll, if a->imm is 0, The value of t0 should be src1.
>
> Links: https://www.openwall.com/lists/musl/2024/03/12/4
>
> Signed-off-by: Song Gao <gaosong@loongson.cn>
> ---
>   target/loongarch/tcg/insn_trans/trans_atomic.c.inc | 8 +++++++-
>   1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/target/loongarch/tcg/insn_trans/trans_atomic.c.inc 
> b/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
> index 80c2e286fd..fab951a892 100644
> --- a/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
> +++ b/target/loongarch/tcg/insn_trans/trans_atomic.c.inc
> @@ -7,7 +7,13 @@ static bool gen_ll(DisasContext *ctx, arg_rr_i *a, MemOp mop)
>   {
>       TCGv dest = gpr_dst(ctx, a->rd, EXT_NONE);
>       TCGv src1 = gpr_src(ctx, a->rj, EXT_NONE);
> -    TCGv t0 = make_address_i(ctx, src1, a->imm);
> +    TCGv t0 = tcg_temp_new();
> +
> +    if (a->imm) {
> +        t0 = make_address_i(ctx, src1, a->imm);
> +    } else {
> +        tcg_gen_mov_tl(t0, src1);
> +    }
>   
>       tcg_gen_qemu_ld_i64(dest, t0, ctx->mem_idx, mop);
>       tcg_gen_st_tl(t0, tcg_env, offsetof(CPULoongArchState, lladdr));

This is definitely wrong, since you're ignoring va32.

But I see the problem with make_address_x returning src1 when addend == NULL, because the 
load to destination may clobber src1.

I suggest always using a new destination instead:

    TCGv src1 = gpr_src(...);
    TCGv t0 = make_address_i(...);
    TCGv t1 = tcg_temp_new();

    tcg_gen_qemu_ld_i64(t1, t0, ...);
    tcg_gen_st_tl(t0, ... lladdr);
    gen_set_gpr(a->rd, t1, EXT_NONE);


r~