On Wed, May 08, 2013 at 10:42:42PM +0200, Aurelien Jarno wrote: > When setcond2 is rewritten into setcond, the state of the destination > temp should be reset, so that a copy of the previous value is not > used instead of the result. > > Reported-by: Michael Tokarev <m...@tls.msk.ru> > Cc: Richard Henderson <r...@twiddle.net> > Signed-off-by: Aurelien Jarno <aurel...@aurel32.net> > --- > tcg/optimize.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/tcg/optimize.c b/tcg/optimize.c > index 1b6644c..b35868a 100644 > --- a/tcg/optimize.c > +++ b/tcg/optimize.c > @@ -1057,6 +1057,7 @@ static TCGArg *tcg_constant_folding(TCGContext *s, > uint16_t *tcg_opc_ptr, > /* Simplify LT/GE comparisons vs zero to a single compare > vs the high word of the input. */ > s->gen_opc_buf[op_index] = INDEX_op_setcond_i32; > + reset_temp(args[0]); > gen_args[0] = args[0]; > gen_args[1] = args[2]; > gen_args[2] = args[4];
I have just noticed that the problem is there since release 1.3, even if it appeared more clearly only with commit 7eb0cc85. All 64-bit targets on 32-bit hosts are possibly affected. Therefore it should be fixed in the next stable releases. Hence the Cc to qemu-sta...@nongnu.org. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net
