From: Sven Schnelle <svens@stackframe.org>
Date: Mon, 11 Mar 2019 19:15:58 +0000 (+0100)
Subject: target/hppa: fix b,gate instruction
X-Git-Tag: v4.0.0-rc0~27^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6e5f530025116b0c8c41e1a775d4b1ec87e4bd73;p=thirdparty%2Fqemu.git

target/hppa: fix b,gate instruction

b,gate does GR[t] ← cat(GR[t]{0..29},IAOQ_Front{30..31});
instead of saving the link address to register t.

Signed-off-by: Sven Schnelle <svens@stackframe.org>
Message-Id: <20190311191602.25796-8-svens@stackframe.org>
[rth: Move link check outside of ifndef CONFIG_USER_ONLY;
 use ctx->privilege; nullify the insn earlier.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---

diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index f3e78b8e22d..6ac196804b4 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -3446,6 +3446,8 @@ static bool trans_b_gate(DisasContext *ctx, arg_b_gate *a)
 {
     target_ureg dest = iaoq_dest(ctx, a->disp);
 
+    nullify_over(ctx);
+
     /* Make sure the caller hasn't done something weird with the queue.
      * ??? This is not quite the same as the PSW[B] bit, which would be
      * expensive to track.  Real hardware will trap for
@@ -3483,7 +3485,16 @@ static bool trans_b_gate(DisasContext *ctx, arg_b_gate *a)
     }
 #endif
 
-    return do_dbranch(ctx, dest, a->l, a->n);
+    if (a->l) {
+        TCGv_reg tmp = dest_gpr(ctx, a->l);
+        if (ctx->privilege < 3) {
+            tcg_gen_andi_reg(tmp, tmp, -4);
+        }
+        tcg_gen_ori_reg(tmp, tmp, ctx->privilege);
+        save_gpr(ctx, a->l, tmp);
+    }
+
+    return do_dbranch(ctx, dest, 0, a->n);
 }
 
 static bool trans_blr(DisasContext *ctx, arg_blr *a)