1. Patchew
  2. QEMU
  3. [PATCH v2 00/25] tcg: Remove tcg_const_*
  4. View patch

[PATCH v2 12/25] target/m68k: Reject immediate as destination in gen_ea_mode

Richard Henderson posted 25 patches 2 years, 11 months ago
Maintainers: Richard Henderson <richard.henderson@linaro.org>, Peter Maydell <peter.maydell@linaro.org>, Laurent Vivier <laurent@vivier.eu>, Daniel Henrique Barboza <danielhb413@gmail.com>, "Cédric Le Goater" <clg@kaod.org>, David Gibson <david@gibson.dropbear.id.au>, Greg Kurz <groug@kaod.org>, Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
[PATCH v2 12/25] target/m68k: Reject immediate as destination in gen_ea_mode
Posted by Richard Henderson 2 years, 11 months ago 
In theory this should never happen, as all such instructions
are illegal.  This is checked in e.g. gen_lea_mode and
gen_ea_mode_fp but not here.  In case something higher up
isn't checking modes properly, return NULL_QREG.  This will
result in an illegal instruction exception being raised.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
Cc: Laurent Vivier <laurent@vivier.eu>
---
 target/m68k/translate.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/target/m68k/translate.c b/target/m68k/translate.c
index 44c3ac0bc3..fc65dad190 100644
--- a/target/m68k/translate.c
+++ b/target/m68k/translate.c
@@ -894,6 +894,10 @@ static TCGv gen_ea_mode(CPUM68KState *env, DisasContext *s, int mode, int reg0,
         case 3: /* pc index+displacement.  */
             goto do_indirect;
         case 4: /* Immediate.  */
+            /* Should never be used for an output or RMW input. */
+            if (what == EA_STORE || addrp) {
+                return NULL_QREG;
+            }
             /* Sign extend values for consistency.  */
             switch (opsize) {
             case OS_BYTE:
-- 
2.34.1
Re: [PATCH v2 12/25] target/m68k: Reject immediate as destination in gen_ea_mode
Posted by Laurent Vivier 2 years, 11 months ago 
Le 07/03/2023 à 19:34, Richard Henderson a écrit :
> In theory this should never happen, as all such instructions
> are illegal.  This is checked in e.g. gen_lea_mode and
> gen_ea_mode_fp but not here.  In case something higher up
> isn't checking modes properly, return NULL_QREG.  This will
> result in an illegal instruction exception being raised.

NULL_QREG generates an address exception, not illegal instruction.

> 
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> Cc: Laurent Vivier <laurent@vivier.eu>
> ---
>   target/m68k/translate.c | 4 ++++
>   1 file changed, 4 insertions(+)
> 
> diff --git a/target/m68k/translate.c b/target/m68k/translate.c
> index 44c3ac0bc3..fc65dad190 100644
> --- a/target/m68k/translate.c
> +++ b/target/m68k/translate.c
> @@ -894,6 +894,10 @@ static TCGv gen_ea_mode(CPUM68KState *env, DisasContext *s, int mode, int reg0,
>           case 3: /* pc index+displacement.  */
>               goto do_indirect;
>           case 4: /* Immediate.  */
> +            /* Should never be used for an output or RMW input. */
> +            if (what == EA_STORE || addrp) {

Why do you check addrp?

What happens for an instruction that provides addrp to SRC_EA() when it is used with immediate mode?
In this case addrp is unused, but it should not trigger an exception.

Thanks,
Laurent
> +                return NULL_QREG;
> +            }
>               /* Sign extend values for consistency.  */
>               switch (opsize) {
>               case OS_BYTE:
Re: [PATCH v2 12/25] target/m68k: Reject immediate as destination in gen_ea_mode
Posted by Richard Henderson 2 years, 11 months ago 
On 3/9/23 04:32, Laurent Vivier wrote:
> Le 07/03/2023 à 19:34, Richard Henderson a écrit :
>> In theory this should never happen, as all such instructions
>> are illegal.  This is checked in e.g. gen_lea_mode and
>> gen_ea_mode_fp but not here.  In case something higher up
>> isn't checking modes properly, return NULL_QREG.  This will
>> result in an illegal instruction exception being raised.
> 
> NULL_QREG generates an address exception, not illegal instruction.
> 
>>
>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>> ---
>> Cc: Laurent Vivier <laurent@vivier.eu>
>> ---
>>   target/m68k/translate.c | 4 ++++
>>   1 file changed, 4 insertions(+)
>>
>> diff --git a/target/m68k/translate.c b/target/m68k/translate.c
>> index 44c3ac0bc3..fc65dad190 100644
>> --- a/target/m68k/translate.c
>> +++ b/target/m68k/translate.c
>> @@ -894,6 +894,10 @@ static TCGv gen_ea_mode(CPUM68KState *env, DisasContext *s, int 
>> mode, int reg0,
>>           case 3: /* pc index+displacement.  */
>>               goto do_indirect;
>>           case 4: /* Immediate.  */
>> +            /* Should never be used for an output or RMW input. */
>> +            if (what == EA_STORE || addrp) {
> 
> Why do you check addrp?
> 
> What happens for an instruction that provides addrp to SRC_EA() when it is used with 
> immediate mode?
> In this case addrp is unused, but it should not trigger an exception.

Because addrp is *not* unused with SRC_EA.  It is a signal for a read-modify-write operand 
and addrp will be passed to DEST_EA.


r~

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.