On 16 October 2012 10:15, Peter Crosthwaite <[email protected]> wrote: > Instructions that both use the RRX second operand and update CS were > incorrect, as the Carry flag was updated too early. An example of such an > instruction would be: > > ands r12,r13,RRX > > Ands, because of the "s" flag will update the carry flag. But the RRX second > operand rotates through the C flag which should happen before the update. > Fixed the ordering of the two, the old carry is read by "r13,RRX" before being > updated. > > Signed-off-by: Peter Crosthwaite <[email protected]> > Reported-by: Vinesh Peringat <[email protected]> > --- > target-arm/translate.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/target-arm/translate.c b/target-arm/translate.c > index c6840b7..daccb15 100644 > --- a/target-arm/translate.c > +++ b/target-arm/translate.c > @@ -516,10 +516,10 @@ static inline void gen_arm_shift_im(TCGv var, int > shiftop, int shift, int flags) > tcg_gen_rotri_i32(var, var, shift); break; > } else { > TCGv tmp = tcg_temp_new_i32(); > + tcg_gen_shli_i32(tmp, cpu_CF, 31); > if (flags) > shifter_out_im(var, 0); > tcg_gen_shri_i32(var, var, 1); > - tcg_gen_shli_i32(tmp, cpu_CF, 31); > tcg_gen_or_i32(var, var, tmp); > tcg_temp_free_i32(tmp); > }
Looks like this was broken by Aurelien's commit 66c374de8; previously we loaded CF into a tmp before doing the shifter_out_im() [which updates CF], and then used the tmp after the call, rather than directly using CF. Reviewed-by: Peter Maydell <[email protected]> -- PMM
