[Qemu-devel] TCG sar UB

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] TCG sar UB

From:	malc
Subject:	[Qemu-devel] TCG sar UB
Date:	Mon, 22 Aug 2011 14:47:09 +0400 (MSD)
User-agent:	Alpine 2.00 (LNX 1167 2008-08-23)

While booting linux-test 0.2 following sequence of instructions is seen:

IN: 
0xc03227aa:  mov    %esi,%edx
0xc03227ac:  xor    %ecx,%ecx
0xc03227ae:  movzwl 0x12(%esp),%ebp
0xc03227b3:  mov    %edi,%eax
0xc03227b5:  sar    %cl,%eax
0xc03227b7:  and    $0x1,%eax
0xc03227ba:  je     0xc0322802

OP after liveness analysis:
 mov_i32 tmp0,esi
 mov_i32 edx,tmp0
 nopn $0x2,$0x2
 movi_i32 ecx,$0x0
 discard cc_src
 movi_i32 cc_dst,$0x0
 mov_i32 tmp2,esp
 movi_i32 tmp13,$0x12
 add_i32 tmp2,tmp2,tmp13
 qemu_ld16u tmp0,tmp2,$0x0
 mov_i32 ebp,tmp0
 mov_i32 tmp0,edi
 mov_i32 eax,tmp0
 nopn $0x2,$0x2
 mov_i32 tmp0,eax
 nopn $0x2,$0x2
 movi_i32 tmp1,$0x0
 nopn $0x2,$0x2
 movi_i32 tmp10,$0xffffffff
 sar_i32 tmp3,tmp0,tmp10

Doesn't make much sense to me, guest clearly asked for 0 and not -1,
besides -1 violates TCG's sar constraints and PPC obliges by emiting
illegal instruction in this case.

-- 
mailto:address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] TCG sar UB, malc <=

Prev by Date: Re: [Qemu-devel] [PATCH 0/2] Fix wide ioport access cracking
Next by Date: Re: [Qemu-devel] kvm PCI assignment & VFIO ramblings
Previous by thread: [Qemu-devel] [PATCH 06/11] Goldfish: Added a nand controller.
Next by thread: [Qemu-devel] [Bug 739088] [NEW] I/O errors after "Save/Restore"
Index(es):
- Date
- Thread