[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] TCG sar UB (fwd)
From: |
malc |
Subject: |
Re: [Qemu-devel] TCG sar UB (fwd) |
Date: |
Tue, 6 Sep 2011 19:20:13 +0400 (MSD) |
User-agent: |
Alpine 2.00 (LNX 1167 2008-08-23) |
On Tue, 6 Sep 2011, Richard Henderson wrote:
> On 09/04/2011 08:03 AM, malc wrote:
> > On Sun, 4 Sep 2011, Richard Henderson wrote:
> >
> >> On 09/03/2011 03:47 PM, malc wrote:
> >>> Doesn't make much sense to me, guest clearly asked for 0 and not -1,
> >>> besides -1 violates TCG's sar constraints and PPC obliges by emiting
> >>> illegal instruction in this case.
> >>
> >> The shift that the guest asked for was completely folded away.
> >>
> >> The -1 comes from gen_shift_rm_T1 in the computation of the new
> >> flags value. This could instead be moved inside the test for != 0,
> >> which is the only place that value is actually used anyway.
> >>
> >> Try this. Lightly tested.
> >
> > Now i either get hosts illegal instruction or (with logging enabled) a
> > guest kenrnel panic.
>
> Hum. Well, it's possible I made some silly mistake in the patch.
> You now know where to look for the problem.
Correct me if i'm wrong, previously the code worked like this:
mov tmp, 0
sub tmp, 1
sar r, r, tmp
Still UB as far as TCG is concerned but since no immediates are involved
things worked, now, with constant folding, we are asked to sar by -1
directly.
>
> That said, it seems easier for you in the PPC port to mask the
> immediate operand so that you don't produce an illegal instruction.
> It doesn't really matter what value that insn produces, as the
> result won't be used.
>
I did that when first hit this problem, but decided not to push it.
--
mailto:address@hidden