{"id":2230521,"url":"http://patchwork.ozlabs.org/api/1.1/patches/2230521/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/patch/20260429170519.2137725-3-joel@airwebreathe.org.uk/","project":{"id":14,"url":"http://patchwork.ozlabs.org/api/1.1/projects/14/?format=json","name":"QEMU Development","link_name":"qemu-devel","list_id":"qemu-devel.nongnu.org","list_email":"qemu-devel@nongnu.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<20260429170519.2137725-3-joel@airwebreathe.org.uk>","date":"2026-04-29T17:03:59","name":"[2/2] target/or1k: fix gen_div INT_MIN / -1 undefined behavior","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"82541a799548f61c8a3a27259414af57bcffb84a","submitter":{"id":71296,"url":"http://patchwork.ozlabs.org/api/1.1/people/71296/?format=json","name":"joel--- via qemu development","email":"qemu-devel@nongnu.org"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/qemu-devel/patch/20260429170519.2137725-3-joel@airwebreathe.org.uk/mbox/","series":[{"id":502145,"url":"http://patchwork.ozlabs.org/api/1.1/series/502145/?format=json","web_url":"http://patchwork.ozlabs.org/project/qemu-devel/list/?series=502145","date":"2026-04-29T17:03:58","name":"target/or1k: fix arithmetic edge cases","version":1,"mbox":"http://patchwork.ozlabs.org/series/502145/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2230521/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2230521/checks/","tags":{},"headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n unprotected) header.d=airwebreathe.org.uk header.i=@airwebreathe.org.uk\n header.a=rsa-sha256 header.s=aaisp1 header.b=l5fFFXZ5;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org\n (client-ip=209.51.188.17; helo=lists1p.gnu.org;\n envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n receiver=patchwork.ozlabs.org)"],"Received":["from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17])\n\t(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5SvX6sWpz1yHX\n\tfor ; Thu, 30 Apr 2026 06:04:56 +1000 (AEST)","from localhost ([::1] helo=lists1p.gnu.org)\n\tby lists1p.gnu.org with esmtp (Exim 4.90_1)\n\t(envelope-from )\n\tid 1wIB7z-0003ZY-Ns; Wed, 29 Apr 2026 16:03:23 -0400","from eggs.gnu.org ([2001:470:142:3::10])\n by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from )\n id 1wI8M7-0005I6-Nt\n for qemu-devel@nongnu.org; Wed, 29 Apr 2026 13:05:47 -0400","from a-painless.mh.aa.net.uk ([2001:8b0:0:30::51])\n by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)\n (Exim 4.90_1) (envelope-from )\n id 1wI8M5-00057y-RV\n for qemu-devel@nongnu.org; Wed, 29 Apr 2026 13:05:47 -0400","from thunderhill.nvidia.com ([216.228.112.22]\n helo=jholdsworth-sail.nvidia.com)\n by painless-a.thn.aa.net.uk with esmtpsa (TLS1.3) tls\n TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2)\n (envelope-from )\n id 1wI8M4-00000003iOT-1VND; Wed, 29 Apr 2026 18:05:44 +0100"],"DKIM-Signature":"v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n d=airwebreathe.org.uk; s=aaisp1; h=Content-Transfer-Encoding:MIME-Version:\n References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender:Reply-To:\n Content-Type:Content-ID:Content-Description:Resent-Date:Resent-From:\n Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:\n List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;\n bh=4HlHIUCCfVNq7SnCRPG2LedBEmtBcE0/hKTviMJSuM0=; b=l5fFFXZ5TkSjTn546RCYxThIZn\n TxN/9TtZXu0Rt5j5SkciMY32IatNtwNbyuUIonZz9RiaNTySTshfYZUyDsuII3XxGr1hQGn1pIWaN\n Z9FOEismvGbLAovnxcySem0nn5WlCP36vnmMmk9mrPu0RQc9zAzH3Z+oZPU33j6y1qB9DeNDmMbh1\n kFfz0QelestFDjrD+FPhEZZM4DjNMGjV12zKvowu/FBblnvW+e7/XL97lLaFuygOY9TRhabe3yE0d\n rl4trVMOdE7Gd2adsPy+baYuoiaHMNiA0450MIDpWJ9M+gw5fj+WiGQ1iQ82yX2Iu2qOZsSwl3hll\n nPmm4k8g==;","To":"qemu-devel@nongnu.org","Cc":"Stafford Horne ,\n =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= ,\n Joel Holdsworth ","Subject":"[PATCH 2/2] target/or1k: fix gen_div INT_MIN / -1 undefined behavior","Date":"Wed, 29 Apr 2026 10:03:59 -0700","Message-ID":"<20260429170519.2137725-3-joel@airwebreathe.org.uk>","X-Mailer":"git-send-email 2.51.2","In-Reply-To":"<20260429170519.2137725-1-joel@airwebreathe.org.uk>","References":"<20260429170519.2137725-1-joel@airwebreathe.org.uk>","MIME-Version":"1.0","Content-Transfer-Encoding":"8bit","Received-SPF":"pass client-ip=2001:8b0:0:30::51;\n envelope-from=joel@airwebreathe.org.uk; helo=a-painless.mh.aa.net.uk","X-Spam_score_int":"-20","X-Spam_score":"-2.1","X-Spam_bar":"--","X-Spam_report":"(-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,\n DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,\n SPF_PASS=-0.001 autolearn=ham autolearn_force=no","X-Spam_action":"no action","X-Mailman-Approved-At":"Wed, 29 Apr 2026 16:03:09 -0400","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"qemu development ","List-Unsubscribe":",\n ","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n ","Reply-to":"joel@airwebreathe.org.uk","From":"joel--- via qemu development ","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org"},"content":"From: Joel Holdsworth \n\nSigned division of INT_MIN (0x80000000) by -1 produces a result that\noverflows a 32-bit signed integer. On many host architectures (x86,\nARM) this triggers a hardware exception. The existing code only guards\nagainst divide-by-zero but not this case.\n\nAdd an explicit check for the INT_MIN / -1 pattern and suppress the\nhost-side exception by substituting a divisor of 1, setting the\noverflow flag instead.\n\nSigned-off-by: Joel Holdsworth \n---\n target/or1k/translate.c | 22 ++++++++++++++++++----\n 1 file changed, 18 insertions(+), 4 deletions(-)","diff":"diff --git a/target/or1k/translate.c b/target/or1k/translate.c\nindex 1602e204fe..68d40111f0 100644\n--- a/target/or1k/translate.c\n+++ b/target/or1k/translate.c\n@@ -279,13 +279,27 @@ static void gen_div(DisasContext *dc, TCGv_i32 dest,\n TCGv_i32 srca, TCGv_i32 srcb)\n {\n TCGv_i32 t0 = tcg_temp_new_i32();\n+ TCGv_i32 ov = tcg_temp_new_i32();\n \n- tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_ov, srcb, 0);\n- /* The result of divide-by-zero is undefined.\n- Suppress the host-side exception by dividing by 1. */\n- tcg_gen_or_i32(t0, srcb, cpu_sr_ov);\n+ /* Check for divide-by-zero. */\n+ tcg_gen_setcondi_i32(TCG_COND_EQ, ov, srcb, 0);\n+\n+ /* Check for INT_MIN / -1 overflow (0x80000000 / -1). */\n+ TCGv_i32 t_is_min = tcg_temp_new_i32();\n+ TCGv_i32 t_is_neg1 = tcg_temp_new_i32();\n+ TCGv_i32 t_intmin_ov = tcg_temp_new_i32();\n+\n+ tcg_gen_setcondi_i32(TCG_COND_EQ, t_is_min, srca, (int32_t)0x80000000);\n+ tcg_gen_setcondi_i32(TCG_COND_EQ, t_is_neg1, srcb, -1);\n+ tcg_gen_and_i32(t_intmin_ov, t_is_min, t_is_neg1);\n+ tcg_gen_or_i32(ov, ov, t_intmin_ov);\n+\n+ /* Suppress the host-side exception by dividing by 1 on overflow. */\n+ tcg_gen_movcond_i32(TCG_COND_NE, t0, ov, tcg_constant_i32(0),\n+ tcg_constant_i32(1), srcb);\n tcg_gen_div_i32(dest, srca, t0);\n \n+ tcg_gen_mov_i32(cpu_sr_ov, ov);\n tcg_gen_neg_i32(cpu_sr_ov, cpu_sr_ov);\n gen_ove_ov(dc);\n }\n","prefixes":["2/2"]}