Re: [Qemu-devel] [PATCH 12/12 v9] target-tilegx: Generate tcg instructions to execute to 1st system call

[Peter Maydell]

On 10 April 2015 at 22:28, Chen Gang <address@hidden> wrote:
> On 4/10/15 06:19, Peter Maydell wrote:
>> On 27 March 2015 at 11:07, Chen Gang <address@hidden> wrote:
>>> +/*
>>> + * The related functional description for bfextu in isa document:
>>> + *
>>> + * uint64_t mask = 0;
>>> + * mask = (-1ULL) ^ ((-1ULL << ((BFEnd - BFStart) & 63)) << 1);
>>> + * uint64_t rot_src = (((uint64_t) rf[SrcA]) >> BFStart)
>>> + *                    | (rf[SrcA] << (64 - BFStart));
>>> + * rf[Dest] = rot_src & mask;
>>> + */
>>> +static void gen_bfextu(struct DisasContext *dc, uint8_t rdst, uint8_t rsrc,
>>> +                       int8_t start, int8_t end)
>>> +{
>>> +    uint64_t mask = (-1ULL) ^ ((-1ULL << ((end - start) & 63)) << 1);
>>> +    TCGv tmp = dest_gr(dc, rdst);
>>
>> Are the start and end immediates here limited such that we're
>> guaranteed not to hit any of C's undefined behaviour for out
>> of range shifts, and that we don't hit TCG's undefined-value
>> behaviour on bad rotates?
>>
>
> For me, it is correct, it is only the copy of the document, which has
> already considered about any cases (include C's undefined behaviour).

Even if the ISA document implicitly (or explicitly) permits
some values of start and end to be undefined behaviour of the
CPU, you must not either have C code in translate.c that does
undefined behaviour, or emit generated code that is undefined
behaviour by TCG's rules (undefined values may be OK). You
need to make sure QEMU can't crash or misbehave if the guest
passes us badly encoded or meaningless instructions.

You need to work through the possibilities and convince
yourselves (and us) that everything is correctly handled.
It's not enough to just say "it's a copy of the C code from
the ISA so it must be OK".

thanks
-- PMM