From patchwork Tue Mar  1 17:35:19 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Maydell <peter.maydell@linaro.org>
X-Patchwork-Id: 270
Return-Path: <pm215@archaic.org.uk>
Delivered-To: unknown
Received: from imap.gmail.com (74.125.159.109) by localhost6.localdomain6
 with IMAP4-SSL; 08 Jun 2011 14:41:21 -0000
Delivered-To: patches@linaro.org
Received: by 10.224.19.208 with SMTP id c16cs150479qab;
 Tue, 1 Mar 2011 09:35:22 -0800 (PST)
Received: by 10.216.73.72 with SMTP id u50mr699615wed.75.1299000921869;
 Tue, 01 Mar 2011 09:35:21 -0800 (PST)
Received: from mnementh.archaic.org.uk (mnementh.archaic.org.uk
 [81.2.115.146]) by mx.google.com with ESMTPS id
 m49si8964600weq.158.2011.03.01.09.35.21
 (version=TLSv1/SSLv3 cipher=OTHER);
 Tue, 01 Mar 2011 09:35:21 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of
 pm215@archaic.org.uk designates 81.2.115.146 as permitted
 sender) client-ip=81.2.115.146; 
Authentication-Results: mx.google.com;
 spf=pass (google.com: best guess record for domain
 of pm215@archaic.org.uk designates 81.2.115.146 as permitted
 sender) smtp.mail=pm215@archaic.org.uk
Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.72)
 (envelope-from <pm215@archaic.org.uk>)
 id 1PuTTj-0008AN-52; Tue, 01 Mar 2011 17:35:19 +0000
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Cc: patches@linaro.org
Subject: [PATCH] target-arm: Handle VMOV between two core and VFP single regs
Date: Tue,  1 Mar 2011 17:35:19 +0000
Message-Id: <1299000919-31368-1-git-send-email-peter.maydell@linaro.org>
X-Mailer: git-send-email 1.7.2.3

Fix two bugs in the translation of the instructions VMOV sa,sb,rx,ry and
VMOV rx,ry,sa,sb (which copy between a pair of ARM core registers and a
pair of VFP single precision registers):

 * An incorrect condition meant these instruction patterns were being
   treated as load/store multiple, which resulted in the generation
   of bad code and a runtime segfault
 * The order of the core register pair was reversed so the values would
   go to the wrong registers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/translate.c |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/target-arm/translate.c b/target-arm/translate.c
index dbd958b..0111a61 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -3232,7 +3232,7 @@ static int disas_vfp_insn(CPUState * env, DisasContext *s, uint32_t insn)
         break;
     case 0xc:
     case 0xd:
-        if (dp && (insn & 0x03e00000) == 0x00400000) {
+        if ((insn & 0x03e00000) == 0x00400000) {
             /* two-register transfer */
             rn = (insn >> 16) & 0xf;
             rd = (insn >> 12) & 0xf;
@@ -3254,10 +3254,10 @@ static int disas_vfp_insn(CPUState * env, DisasContext *s, uint32_t insn)
                 } else {
                     gen_mov_F0_vreg(0, rm);
                     tmp = gen_vfp_mrs();
-                    store_reg(s, rn, tmp);
+                    store_reg(s, rd, tmp);
                     gen_mov_F0_vreg(0, rm + 1);
                     tmp = gen_vfp_mrs();
-                    store_reg(s, rd, tmp);
+                    store_reg(s, rn, tmp);
                 }
             } else {
                 /* arm->vfp */
@@ -3269,10 +3269,10 @@ static int disas_vfp_insn(CPUState * env, DisasContext *s, uint32_t insn)
                     gen_vfp_msr(tmp);
                     gen_mov_vreg_F0(0, rm * 2 + 1);
                 } else {
-                    tmp = load_reg(s, rn);
+                    tmp = load_reg(s, rd);
                     gen_vfp_msr(tmp);
                     gen_mov_vreg_F0(0, rm);
-                    tmp = load_reg(s, rd);
+                    tmp = load_reg(s, rn);
                     gen_vfp_msr(tmp);
                     gen_mov_vreg_F0(0, rm + 1);
                 }