Message ID | 1368045762-9769-1-git-send-email-aurelien@aurel32.net |
---|---|
State | New |
Headers | show |
On Wed, May 08, 2013 at 10:42:42PM +0200, Aurelien Jarno wrote: > When setcond2 is rewritten into setcond, the state of the destination > temp should be reset, so that a copy of the previous value is not > used instead of the result. > > Reported-by: Michael Tokarev <mjt@tls.msk.ru> > Cc: Richard Henderson <rth@twiddle.net> > Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> > --- > tcg/optimize.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/tcg/optimize.c b/tcg/optimize.c > index 1b6644c..b35868a 100644 > --- a/tcg/optimize.c > +++ b/tcg/optimize.c > @@ -1057,6 +1057,7 @@ static TCGArg *tcg_constant_folding(TCGContext *s, uint16_t *tcg_opc_ptr, > /* Simplify LT/GE comparisons vs zero to a single compare > vs the high word of the input. */ > s->gen_opc_buf[op_index] = INDEX_op_setcond_i32; > + reset_temp(args[0]); > gen_args[0] = args[0]; > gen_args[1] = args[2]; > gen_args[2] = args[4]; I have just noticed that the problem is there since release 1.3, even if it appeared more clearly only with commit 7eb0cc85. All 64-bit targets on 32-bit hosts are possibly affected. Therefore it should be fixed in the next stable releases. Hence the Cc to qemu-stable@nongnu.org.
On 2013-05-08 15:42, Aurelien Jarno wrote: > When setcond2 is rewritten into setcond, the state of the destination > temp should be reset, so that a copy of the previous value is not > used instead of the result. > > Reported-by: Michael Tokarev <mjt@tls.msk.ru> > Cc: Richard Henderson <rth@twiddle.net> > Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Richard Henderson <rth@twiddle.net> r~
diff --git a/tcg/optimize.c b/tcg/optimize.c index 1b6644c..b35868a 100644 --- a/tcg/optimize.c +++ b/tcg/optimize.c @@ -1057,6 +1057,7 @@ static TCGArg *tcg_constant_folding(TCGContext *s, uint16_t *tcg_opc_ptr, /* Simplify LT/GE comparisons vs zero to a single compare vs the high word of the input. */ s->gen_opc_buf[op_index] = INDEX_op_setcond_i32; + reset_temp(args[0]); gen_args[0] = args[0]; gen_args[1] = args[2]; gen_args[2] = args[4];
When setcond2 is rewritten into setcond, the state of the destination temp should be reset, so that a copy of the previous value is not used instead of the result. Reported-by: Michael Tokarev <mjt@tls.msk.ru> Cc: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> --- tcg/optimize.c | 1 + 1 file changed, 1 insertion(+)