On 9/12/19 8:30 PM, Richard Henderson wrote: > The 32-bit product should be sign-extended, not zero-extended. > > Fixes: ea96b374641b > Reported-by: Laurent Desnogues <laurent.desnog...@gmail.com> > Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <phi...@redhat.com> > --- > target/arm/translate.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/target/arm/translate.c b/target/arm/translate.c > index 34bb280e3d..fd2f0e3048 100644 > --- a/target/arm/translate.c > +++ b/target/arm/translate.c > @@ -8045,7 +8045,9 @@ static bool op_smlaxxx(DisasContext *s, arg_rrrr *a, > case 2: > tl = load_reg(s, a->ra); > th = load_reg(s, a->rd); > - t1 = tcg_const_i32(0); > + /* Sign-extend the 32-bit product to 64 bits. */ > + t1 = tcg_temp_new_i32(); > + tcg_gen_sari_i32(t1, t0, 31); > tcg_gen_add2_i32(tl, th, tl, th, t0, t1); > tcg_temp_free_i32(t0); > tcg_temp_free_i32(t1); >
