target-mips: special3 instruction dinsm translation error

Bug #1071149 reported by Nikita Kanunnikov
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QEMU
Fix Released
Undecided
Unassigned

Bug Description

Function decode_opc() in translate.c calls function gen_bitops(), which has such prototype:

/* special3 bitfield operations */
static void gen_bitops (DisasContext *ctx, uint32_t opc, int rt,
                        int rs, int lsb, int msb)

The code for DINSM instruction is:

case OPC_DINSM ... OPC_DINS:
            check_insn(env, ctx, ISA_MIPS64R2);
            check_mips_64(ctx);
            gen_bitops(ctx, op1, rt, rs, sa, rd);
            break;

But rd ≠ msb according to MIPS64R2 standard, rd = msb - 32.

Revision history for this message
Aurelien Jarno (aurel32) wrote :

That's why in gen_bitops() does later:

    case OPC_DINSM:
        if (lsb > msb)
            goto fail;
        mask = ((msb - lsb + 1 + 32 < 64) ? ((1ULL << (msb - lsb + 1 + 32)) - 1) : ~0ULL) << lsb;

...

    case OPC_DINSU:
        if (lsb > msb)
            goto fail;
        mask = ((1ULL << (msb - lsb + 1)) - 1) << (lsb + 32);

...

    case OPC_DINS:
        if (lsb > msb)
            goto fail;
        gen_load_gpr(t0, rt);
        mask = ((1ULL << (msb - lsb + 1)) - 1) << lsb;

For me there is no bug there, but if you believe the contrary, please send a testcase.

Changed in qemu:
status: New → Invalid
Revision history for this message
Aurelien Jarno (aurel32) wrote :

Indeed the (lsb > msb) case is wrong and should be removed. I'll post a patch about that later this week.

Changed in qemu:
status: Invalid → Confirmed
Revision history for this message
Aurelien Jarno (aurel32) wrote :

Fixed in commit e0d002f17d1db1ade2b8d24b4a7c7ab361256726

Changed in qemu:
status: Confirmed → Fix Committed
Aurelien Jarno (aurel32)
Changed in qemu:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers