From: Zack Buhman Date: Tue, 2 Apr 2024 09:37:49 +0000 (+0800) Subject: target/sh4: mac.w: memory accesses are 16-bit words X-Git-Tag: v8.2.3~27 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=be88ed87a6ff7ac2cb9dd60690e9c204dc5b2d17;p=thirdparty%2Fqemu.git target/sh4: mac.w: memory accesses are 16-bit words Before this change, executing a code sequence such as: mova tblm,r0 mov r0,r1 mova tbln,r0 clrs clrmac mac.w @r0+,@r1+ mac.w @r0+,@r1+ .align 4 tblm: .word 0x1234 .word 0x5678 tbln: .word 0x9abc .word 0xdefg Does not result in correct behavior: Expected behavior: first macw : macl = 0x1234 * 0x9abc + 0x0 mach = 0x0 second macw: macl = 0x5678 * 0xdefg + 0xb00a630 mach = 0x0 Observed behavior (qemu-sh4eb, prior to this commit): first macw : macl = 0x5678 * 0xdefg + 0x0 mach = 0x0 second macw: (unaligned longword memory access, SIGBUS) Various SH-4 ISA manuals also confirm that `mac.w` is a 16-bit word memory access, not a 32-bit longword memory access. Signed-off-by: Zack Buhman Reviewed-by: Yoshinori Sato Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20240402093756.27466-1-zack@buhman.org> Signed-off-by: Richard Henderson (cherry picked from commit b0f2f2976b4db05351117b0440b32bf0aac2c5c6) Signed-off-by: Michael Tokarev --- diff --git a/target/sh4/translate.c b/target/sh4/translate.c index 81f825f1257..f3e08028f2b 100644 --- a/target/sh4/translate.c +++ b/target/sh4/translate.c @@ -817,10 +817,10 @@ static void _decode_opc(DisasContext * ctx) TCGv arg0, arg1; arg0 = tcg_temp_new(); tcg_gen_qemu_ld_i32(arg0, REG(B7_4), ctx->memidx, - MO_TESL | MO_ALIGN); + MO_TESW | MO_ALIGN); arg1 = tcg_temp_new(); tcg_gen_qemu_ld_i32(arg1, REG(B11_8), ctx->memidx, - MO_TESL | MO_ALIGN); + MO_TESW | MO_ALIGN); gen_helper_macw(tcg_env, arg0, arg1); tcg_gen_addi_i32(REG(B11_8), REG(B11_8), 2); tcg_gen_addi_i32(REG(B7_4), REG(B7_4), 2);