#280 possibly incorrect using of conditional branch?

4.6.x_development
closed-fixed
gcc (183)
7
2012-03-11
2012-03-02
gosplan
No

JGE instruction check V and N flags in status register, but assumed that only check N (MSB of result?)

a=0b10000111;
b=0b10000101;

if((a^b)&0x80) ...

correct (stable branch):
c050: 6f e1 xor.b @r1, r15
c052: 4f 93 tst.b r15 //V=0, N=MSB of result
c054: 04 34 jge $+10

and in experimental branch:
c05a: 4f ee xor.b r14, r15
c05c: 04 34 jge $+10

Discussion

  • gosplan
    gosplan
    2012-03-02

    source and .lss for experimental and stable mspgcc

     
    Attachments
  • Peter A. Bigot
    Peter A. Bigot
    2012-03-04

    Thanks; turns out there are a variety of issues related to the sign bit, most but not all of which go away when optimization is enabled, and at least some of which are due to the overflow bit being applied when gcc doesn't want it. It'll take a while to work this out.

     
  • Peter A. Bigot
    Peter A. Bigot
    2012-03-04

    • milestone: --> 4.6.x_development
    • priority: 5 --> 7
     
  • Peter A. Bigot
    Peter A. Bigot
    2012-03-11

    • status: open --> closed-fixed
     
  • Peter A. Bigot
    Peter A. Bigot
    2012-03-11

    commit 8f6a458e8ab4681d8f4e764989f884fca8c9d4a9
    Author: Peter A. Bigot <pabigot@users.sourceforge.net>
    Date: Sun Mar 4 16:26:17 2012 -0600

    SF 3496195 possibly incorrect using of conditional branch

    MSP430 jge/jl opcodes use N^V as the trigger. If the V flag is set as a
    side effect of an unsigned operation, this can result in an incorrect
    condition. Ensure that the V flag is reset prior to emitting one of these
    opcodes by preventing the optimizer from discarding the test insn.

    commit adf92c72f6ba8d58d5241a3242cc4b1ed4198280
    Author: Peter A. Bigot <pabigot@users.sourceforge.net>
    Date: Sun Mar 4 14:07:16 2012 -0600

    Refine cc0 implementation

    Correct cc insn attributes to note non-comparison instructions that set the
    V flag, so we can detect when the value of the flag has the potential for
    incorrectly affecting subsequent JLT/JGE opcodes.

    Consistently use the mode attribute on insns using mode iterators, even when
    the iterator currently always generates a one-word value.

    Record in cc_status.flags whether the V flag is cleared (CC_NO_OVERFLOW),
    and whether the V, Z, and C flags are clobbered.