diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2019-03-08 15:17:01 +0000 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2019-03-08 15:17:01 +0000 |
| commit | 62cfabb52210139843e26c95434356f73a0631b9 (patch) | |
| tree | e3385260417ec92227a29b6c6638a54ebf5d335a /target | |
| parent | 06a1564fcc2f2452b2e2434b6a7770504a2f5183 (diff) | |
| parent | b35aec8597e86911d5553c94769f914a52a8b389 (diff) | |
| download | qemu-62cfabb52210139843e26c95434356f73a0631b9.zip qemu-62cfabb52210139843e26c95434356f73a0631b9.tar.gz qemu-62cfabb52210139843e26c95434356f73a0631b9.tar.bz2 | |
Merge remote-tracking branch 'remotes/rth/tags/pull-hppa-20190307' into staging
Fix use after free on temporary.
Optmize branch to next insn via br r0.
# gpg: Signature made Fri 08 Mar 2019 01:53:16 GMT
# gpg: using RSA key 64DF38E8AF7E215F
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* remotes/rth/tags/pull-hppa-20190307:
target/hppa: Optimize blr r0,rn
target/hppa: Do not return freed temporary
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'target')
| -rw-r--r-- | target/hppa/translate.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/target/hppa/translate.c b/target/hppa/translate.c index b4fd307..dc5636f 100644 --- a/target/hppa/translate.c +++ b/target/hppa/translate.c @@ -2007,16 +2007,15 @@ static TCGv_reg do_ibranch_priv(DisasContext *ctx, TCGv_reg offset) /* Privilege 0 is maximum and is allowed to decrease. */ return offset; case 3: - /* Privilege 3 is minimum and is never allowed increase. */ + /* Privilege 3 is minimum and is never allowed to increase. */ dest = get_temp(ctx); tcg_gen_ori_reg(dest, offset, 3); break; default: - dest = tcg_temp_new(); + dest = get_temp(ctx); tcg_gen_andi_reg(dest, offset, -4); tcg_gen_ori_reg(dest, dest, ctx->privilege); tcg_gen_movcond_reg(TCG_COND_GTU, dest, dest, offset, dest, offset); - tcg_temp_free(dest); break; } return dest; @@ -3489,12 +3488,16 @@ static bool trans_b_gate(DisasContext *ctx, arg_b_gate *a) static bool trans_blr(DisasContext *ctx, arg_blr *a) { - TCGv_reg tmp = get_temp(ctx); - - tcg_gen_shli_reg(tmp, load_gpr(ctx, a->x), 3); - tcg_gen_addi_reg(tmp, tmp, ctx->iaoq_f + 8); - /* The computation here never changes privilege level. */ - return do_ibranch(ctx, tmp, a->l, a->n); + if (a->x) { + TCGv_reg tmp = get_temp(ctx); + tcg_gen_shli_reg(tmp, load_gpr(ctx, a->x), 3); + tcg_gen_addi_reg(tmp, tmp, ctx->iaoq_f + 8); + /* The computation here never changes privilege level. */ + return do_ibranch(ctx, tmp, a->l, a->n); + } else { + /* BLR R0,RX is a good way to load PC+8 into RX. */ + return do_dbranch(ctx, ctx->iaoq_f + 8, a->l, a->n); + } } static bool trans_bv(DisasContext *ctx, arg_bv *a) |