>Number:         33969
>Category:       pkg
>Synopsis:       TME sun3 emulator incorrectly emulates cmp2 and chk2 M68K instructions
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jul 11 00:55:01 +0000 2006
>Originator:     arthur townsend
>Release:        3.0
>Organization:
>Environment:
NetBSD  3.0
>Description:
TME (The Machine Emulator tme-0.4nb1) doesn't correctly emulate the motorola 68020 cmp2 and chk2 instruction (and exits with segmentation violation under certain conditions), so executables that use these instructions may not work correctly.  Specifically:

1) chk2 didn't cause an exception when value was out of bounds.
2) calling cmp2/chk2 with LWORD operand caused segmentation violation and TME exited
3) calling cmp2/chk2 with BYTE or WORD with VALUE in data register didn't extract correct VALUE
4) cmp2/chk2 didn't compare correctly when LOW bounds > HI bounds for
both signed and unsigned comparison.
   ex:  VALUE -> 4
        LOW_BOUND -> 5
        HIGH_BOUND-> 3
   should set carry flag, indicating out_of_bounds.

This bug was not likely found previously, as the NetBSD for Sun 3 operating system and the SunOS 4.1.1 operating system do not use this instruction.  I only found the instruction used by SunOS 4.1.1 executables created by Ada compilers (and by my assembly test program).
>How-To-Repeat:
Easiest way is to generate an assembly file which tests a large variety of ranges, values, operand sizes, and addressing modes.  After I get an e-mail back showing submission of this problem, I'll reply with an example test program.
>Fix:
After I get an e-mail back showing submission of this problem, I'll reply with a fix (corrections to m68k-insns.c).