diff options
author | Stefan Sandstrom <stefans@axis.com> | 2021-02-19 13:44:16 +0100 |
---|---|---|
committer | Edgar E. Iglesias <edgar.iglesias@xilinx.com> | 2021-02-22 09:04:58 +0100 |
commit | fd52deea52d79192c43a1a7a0240a3cabbc55e80 (patch) | |
tree | 253bb5246381e622836ee87cbb60ad06b5f57440 /target/cris/translate_v10.c.inc | |
parent | 91ab6d46960256d21c6c01a1f5948bf1336aa15c (diff) | |
download | qemu-fd52deea52d79192c43a1a7a0240a3cabbc55e80.zip qemu-fd52deea52d79192c43a1a7a0240a3cabbc55e80.tar.gz qemu-fd52deea52d79192c43a1a7a0240a3cabbc55e80.tar.bz2 |
target/cris: Plug leakage of TCG temporaries
Add and fix deallocation of temporary TCG registers in CRIS code
generation.
Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Change-Id: I17fce5d95bdc4418337ba885d53ba97afb1bafcc
Signed-off-by: Stefan Sandström <stefans@axis.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20210219124416.28178-1-stefans@axis.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Diffstat (limited to 'target/cris/translate_v10.c.inc')
-rw-r--r-- | target/cris/translate_v10.c.inc | 70 |
1 files changed, 47 insertions, 23 deletions
diff --git a/target/cris/translate_v10.c.inc b/target/cris/translate_v10.c.inc index 86d78a8..f7cd67b 100644 --- a/target/cris/translate_v10.c.inc +++ b/target/cris/translate_v10.c.inc @@ -228,6 +228,7 @@ static unsigned int dec10_quick_imm(DisasContext *dc) { int32_t imm, simm; int op; + TCGv c; /* sign extend. */ imm = dc->ir & ((1 << 6) - 1); @@ -254,29 +255,37 @@ static unsigned int dec10_quick_imm(DisasContext *dc) LOG_DIS("moveq %d, $r%d\n", simm, dc->dst); cris_cc_mask(dc, CC_MASK_NZVC); + c = tcg_const_tl(simm); cris_alu(dc, CC_OP_MOVE, cpu_R[dc->dst], - cpu_R[dc->dst], tcg_const_tl(simm), 4); + cpu_R[dc->dst], c, 4); + tcg_temp_free(c); break; case CRISV10_QIMM_CMPQ: LOG_DIS("cmpq %d, $r%d\n", simm, dc->dst); cris_cc_mask(dc, CC_MASK_NZVC); + c = tcg_const_tl(simm); cris_alu(dc, CC_OP_CMP, cpu_R[dc->dst], - cpu_R[dc->dst], tcg_const_tl(simm), 4); + cpu_R[dc->dst], c, 4); + tcg_temp_free(c); break; case CRISV10_QIMM_ADDQ: LOG_DIS("addq %d, $r%d\n", imm, dc->dst); cris_cc_mask(dc, CC_MASK_NZVC); + c = tcg_const_tl(imm); cris_alu(dc, CC_OP_ADD, cpu_R[dc->dst], - cpu_R[dc->dst], tcg_const_tl(imm), 4); + cpu_R[dc->dst], c, 4); + tcg_temp_free(c); break; case CRISV10_QIMM_ANDQ: LOG_DIS("andq %d, $r%d\n", simm, dc->dst); cris_cc_mask(dc, CC_MASK_NZVC); + c = tcg_const_tl(simm); cris_alu(dc, CC_OP_AND, cpu_R[dc->dst], - cpu_R[dc->dst], tcg_const_tl(simm), 4); + cpu_R[dc->dst], c, 4); + tcg_temp_free(c); break; case CRISV10_QIMM_ASHQ: LOG_DIS("ashq %d, $r%d\n", simm, dc->dst); @@ -284,15 +293,17 @@ static unsigned int dec10_quick_imm(DisasContext *dc) cris_cc_mask(dc, CC_MASK_NZVC); op = imm & (1 << 5); imm &= 0x1f; + c = tcg_const_tl(imm); if (op) { cris_alu(dc, CC_OP_ASR, cpu_R[dc->dst], - cpu_R[dc->dst], tcg_const_tl(imm), 4); + cpu_R[dc->dst], c, 4); } else { /* BTST */ cris_update_cc_op(dc, CC_OP_FLAGS, 4); gen_helper_btst(cpu_PR[PR_CCS], cpu_env, cpu_R[dc->dst], - tcg_const_tl(imm), cpu_PR[PR_CCS]); + c, cpu_PR[PR_CCS]); } + tcg_temp_free(c); break; case CRISV10_QIMM_LSHQ: LOG_DIS("lshq %d, $r%d\n", simm, dc->dst); @@ -303,22 +314,28 @@ static unsigned int dec10_quick_imm(DisasContext *dc) } imm &= 0x1f; cris_cc_mask(dc, CC_MASK_NZVC); + c = tcg_const_tl(imm); cris_alu(dc, op, cpu_R[dc->dst], - cpu_R[dc->dst], tcg_const_tl(imm), 4); + cpu_R[dc->dst], c, 4); + tcg_temp_free(c); break; case CRISV10_QIMM_SUBQ: LOG_DIS("subq %d, $r%d\n", imm, dc->dst); cris_cc_mask(dc, CC_MASK_NZVC); + c = tcg_const_tl(imm); cris_alu(dc, CC_OP_SUB, cpu_R[dc->dst], - cpu_R[dc->dst], tcg_const_tl(imm), 4); + cpu_R[dc->dst], c, 4); + tcg_temp_free(c); break; case CRISV10_QIMM_ORQ: LOG_DIS("andq %d, $r%d\n", simm, dc->dst); cris_cc_mask(dc, CC_MASK_NZVC); + c = tcg_const_tl(simm); cris_alu(dc, CC_OP_OR, cpu_R[dc->dst], - cpu_R[dc->dst], tcg_const_tl(simm), 4); + cpu_R[dc->dst], c, 4); + tcg_temp_free(c); break; case CRISV10_QIMM_BCC_R0: @@ -760,7 +777,6 @@ static unsigned int dec10_ind_move_m_r(CPUCRISState *env, DisasContext *dc, tcg_gen_mov_tl(env_btarget, cpu_R[dc->dst]); cris_prepare_jmp(dc, JMP_INDIRECT); dc->delayed_branch = 1; - return insn_len; } tcg_temp_free(t); @@ -777,6 +793,7 @@ static unsigned int dec10_ind_move_r_m(DisasContext *dc, unsigned int size) crisv10_prepare_memaddr(dc, addr, size); gen_store_v10(dc, addr, cpu_R[dc->dst], size); insn_len += crisv10_post_memaddr(dc, size); + tcg_temp_free(addr); return insn_len; } @@ -796,11 +813,10 @@ static unsigned int dec10_ind_move_m_pr(CPUCRISState *env, DisasContext *dc) tcg_gen_mov_tl(env_btarget, t); cris_prepare_jmp(dc, JMP_INDIRECT); dc->delayed_branch = 1; - return insn_len; + } else { + tcg_gen_mov_tl(cpu_PR[rd], t); + dc->cpustate_changed = 1; } - - tcg_gen_mov_tl(cpu_PR[rd], t); - dc->cpustate_changed = 1; tcg_temp_free(addr); tcg_temp_free(t); return insn_len; @@ -824,8 +840,8 @@ static unsigned int dec10_ind_move_pr_m(DisasContext *dc) } else { gen_store_v10(dc, addr, cpu_PR[dc->dst], size); } - t0 = tcg_temp_new(); insn_len += crisv10_post_memaddr(dc, size); + tcg_temp_free(addr); cris_lock_irq(dc); return insn_len; @@ -927,7 +943,6 @@ static int dec10_ind_bound(CPUCRISState *env, DisasContext *dc, tcg_gen_mov_tl(env_btarget, cpu_R[dc->dst]); cris_prepare_jmp(dc, JMP_INDIRECT); dc->delayed_branch = 1; - return insn_len; } tcg_temp_free(t); @@ -953,7 +968,6 @@ static int dec10_alux_m(CPUCRISState *env, DisasContext *dc, int op) tcg_gen_mov_tl(env_btarget, cpu_R[dc->dst]); cris_prepare_jmp(dc, JMP_INDIRECT); dc->delayed_branch = 1; - return insn_len; } tcg_temp_free(t); @@ -1020,7 +1034,7 @@ static unsigned int dec10_ind(CPUCRISState *env, DisasContext *dc) unsigned int size = dec10_size(dc->size); uint32_t imm; int32_t simm; - TCGv t[2]; + TCGv t[2], c; if (dc->size != 3) { switch (dc->opcode) { @@ -1041,8 +1055,10 @@ static unsigned int dec10_ind(CPUCRISState *env, DisasContext *dc) cris_alu_m_alloc_temps(t); insn_len += dec10_prep_move_m(env, dc, 0, size, t[0]); tcg_gen_andi_tl(cpu_PR[PR_CCS], cpu_PR[PR_CCS], ~3); + c = tcg_const_tl(0); cris_alu(dc, CC_OP_CMP, cpu_R[dc->dst], - t[0], tcg_const_tl(0), size); + t[0], c, size); + tcg_temp_free(c); cris_alu_m_free_temps(t); break; case CRISV10_IND_ADD: @@ -1138,7 +1154,9 @@ static unsigned int dec10_ind(CPUCRISState *env, DisasContext *dc) if (dc->mode == CRISV10_MODE_AUTOINC) insn_len += size; - t_gen_mov_preg_TN(dc, dc->dst, tcg_const_tl(dc->pc + insn_len)); + c = tcg_const_tl(dc->pc + insn_len); + t_gen_mov_preg_TN(dc, dc->dst, c); + tcg_temp_free(c); dc->jmp_pc = imm; cris_prepare_jmp(dc, JMP_DIRECT); dc->delayed_branch--; /* v10 has no dslot here. */ @@ -1147,7 +1165,9 @@ static unsigned int dec10_ind(CPUCRISState *env, DisasContext *dc) LOG_DIS("break %d\n", dc->src); cris_evaluate_flags(dc); tcg_gen_movi_tl(env_pc, dc->pc + 2); - t_gen_mov_env_TN(trap_vector, tcg_const_tl(dc->src + 2)); + c = tcg_const_tl(dc->src + 2); + t_gen_mov_env_TN(trap_vector, c); + tcg_temp_free(c); t_gen_raise_exception(EXCP_BREAK); dc->is_jmp = DISAS_UPDATE; return insn_len; @@ -1155,7 +1175,9 @@ static unsigned int dec10_ind(CPUCRISState *env, DisasContext *dc) LOG_DIS("%d: jump.%d %d r%d r%d\n", __LINE__, size, dc->opcode, dc->src, dc->dst); t[0] = tcg_temp_new(); - t_gen_mov_preg_TN(dc, dc->dst, tcg_const_tl(dc->pc + insn_len)); + c = tcg_const_tl(dc->pc + insn_len); + t_gen_mov_preg_TN(dc, dc->dst, c); + tcg_temp_free(c); crisv10_prepare_memaddr(dc, t[0], size); gen_load(dc, env_btarget, t[0], 4, 0); insn_len += crisv10_post_memaddr(dc, size); @@ -1178,7 +1200,9 @@ static unsigned int dec10_ind(CPUCRISState *env, DisasContext *dc) LOG_DIS("jmp pc=%x opcode=%d r%d r%d\n", dc->pc, dc->opcode, dc->dst, dc->src); tcg_gen_mov_tl(env_btarget, cpu_R[dc->src]); - t_gen_mov_preg_TN(dc, dc->dst, tcg_const_tl(dc->pc + insn_len)); + c = tcg_const_tl(dc->pc + insn_len); + t_gen_mov_preg_TN(dc, dc->dst, c); + tcg_temp_free(c); cris_prepare_jmp(dc, JMP_INDIRECT); dc->delayed_branch--; /* v10 has no dslot here. */ break; |