From: Richard Henderson <[email protected]> The 32-bit product should be sign-extended, not zero-extended.
Fixes: ea96b374641b Reported-by: Laurent Desnogues <[email protected]> Signed-off-by: Richard Henderson <[email protected]> Reviewed-by: Philippe Mathieu-Daudé <[email protected]> Tested-by: Laurent Desnogues <[email protected]> Message-id: [email protected] Signed-off-by: Peter Maydell <[email protected]> --- target/arm/translate.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/target/arm/translate.c b/target/arm/translate.c index 698c594e8ce..96340520ee2 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -8045,7 +8045,9 @@ static bool op_smlaxxx(DisasContext *s, arg_rrrr *a, case 2: tl = load_reg(s, a->ra); th = load_reg(s, a->rd); - t1 = tcg_const_i32(0); + /* Sign-extend the 32-bit product to 64 bits. */ + t1 = tcg_temp_new_i32(); + tcg_gen_sari_i32(t1, t0, 31); tcg_gen_add2_i32(tl, th, tl, th, t0, t1); tcg_temp_free_i32(t0); tcg_temp_free_i32(t1); -- 2.20.1
