[Qemu-devel] [PATCH] fpu: Correct edgecase in float64

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PATCH] fpu: Correct edgecase in float64_muladd
@ 2013-04-12 15:37 Peter Maydell
  2013-04-13 13:57 ` Aurelien Jarno
  2013-04-15 14:25 ` Aurelien Jarno
  0 siblings, 2 replies; 3+ messages in thread
From: Peter Maydell @ 2013-04-12 15:37 UTC (permalink / raw)
  To: qemu-devel; +Cc: Blue Swirl, Anthony Liguori, Aurelien Jarno, patches

In handling float64_muladd, if we end up doing a subtraction of the
product and c, and the 128 bit result of this subtraction happens to
have its most significant bit in bit 63, we weren't handling this
correctly when attempting to normalize to put the most significant
bit into bit 126.  We would end up doing a right shift by a negative
number (undefined behaviour in C) so at best we would return an
incorrect result to the guest.  MSB in bit 63 has to be handled as a
special case separately from MSB in 0..62 and MSB in 63..126.  (MSB
in 127 is not possible.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
Specific test vector which triggers this:
 a = 3fffffffffe00000 b = 3fffffffffe00000 c = c00fffffffc00000

Also tested with my usual set of random test vectors.

 fpu/softfloat.c |   12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/fpu/softfloat.c b/fpu/softfloat.c
index 83ccc4b..7ba51b6 100644
--- a/fpu/softfloat.c
+++ b/fpu/softfloat.c
@@ -3898,9 +3898,15 @@ float64 float64_muladd(float64 a, float64 b, float64 c, int flags STATUS_PARAM)
             }
             zExp -= shiftcount;
         } else {
-            shiftcount = countLeadingZeros64(zSig1) - 1;
-            zSig0 = zSig1 << shiftcount;
-            zExp -= (shiftcount + 64);
+            shiftcount = countLeadingZeros64(zSig1);
+            if (shiftcount == 0) {
+                zSig0 = (zSig1 >> 1) | (zSig1 & 1);
+                zExp -= 63;
+            } else {
+                shiftcount--;
+                zSig0 = zSig1 << shiftcount;
+                zExp -= (shiftcount + 64);
+            }
         }
         return roundAndPackFloat64(zSign, zExp, zSig0 STATUS_VAR);
     }
-- 
1.7.9.5

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] [PATCH] fpu: Correct edgecase in float64_muladd
  2013-04-12 15:37 [Qemu-devel] [PATCH] fpu: Correct edgecase in float64_muladd Peter Maydell
@ 2013-04-13 13:57 ` Aurelien Jarno
  2013-04-15 14:25 ` Aurelien Jarno
  1 sibling, 0 replies; 3+ messages in thread
From: Aurelien Jarno @ 2013-04-13 13:57 UTC (permalink / raw)
  To: Peter Maydell; +Cc: Blue Swirl, Anthony Liguori, qemu-devel, patches

On Fri, Apr 12, 2013 at 04:37:52PM +0100, Peter Maydell wrote:
> In handling float64_muladd, if we end up doing a subtraction of the
> product and c, and the 128 bit result of this subtraction happens to
> have its most significant bit in bit 63, we weren't handling this
> correctly when attempting to normalize to put the most significant
> bit into bit 126.  We would end up doing a right shift by a negative
> number (undefined behaviour in C) so at best we would return an
> incorrect result to the guest.  MSB in bit 63 has to be handled as a
> special case separately from MSB in 0..62 and MSB in 63..126.  (MSB
> in 127 is not possible.)
> 
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> Specific test vector which triggers this:
>  a = 3fffffffffe00000 b = 3fffffffffe00000 c = c00fffffffc00000
> 
> Also tested with my usual set of random test vectors.
> 
>  fpu/softfloat.c |   12 +++++++++---
>  1 file changed, 9 insertions(+), 3 deletions(-)
> 
> diff --git a/fpu/softfloat.c b/fpu/softfloat.c
> index 83ccc4b..7ba51b6 100644
> --- a/fpu/softfloat.c
> +++ b/fpu/softfloat.c
> @@ -3898,9 +3898,15 @@ float64 float64_muladd(float64 a, float64 b, float64 c, int flags STATUS_PARAM)
>              }
>              zExp -= shiftcount;
>          } else {
> -            shiftcount = countLeadingZeros64(zSig1) - 1;
> -            zSig0 = zSig1 << shiftcount;
> -            zExp -= (shiftcount + 64);
> +            shiftcount = countLeadingZeros64(zSig1);
> +            if (shiftcount == 0) {
> +                zSig0 = (zSig1 >> 1) | (zSig1 & 1);
> +                zExp -= 63;
> +            } else {
> +                shiftcount--;
> +                zSig0 = zSig1 << shiftcount;
> +                zExp -= (shiftcount + 64);
> +            }
>          }
>          return roundAndPackFloat64(zSign, zExp, zSig0 STATUS_VAR);
>      }
> 
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Qemu-devel] [PATCH] fpu: Correct edgecase in float64_muladd
  2013-04-12 15:37 [Qemu-devel] [PATCH] fpu: Correct edgecase in float64_muladd Peter Maydell
  2013-04-13 13:57 ` Aurelien Jarno
@ 2013-04-15 14:25 ` Aurelien Jarno
  1 sibling, 0 replies; 3+ messages in thread
From: Aurelien Jarno @ 2013-04-15 14:25 UTC (permalink / raw)
  To: Peter Maydell; +Cc: Blue Swirl, Anthony Liguori, qemu-devel, patches

On Fri, Apr 12, 2013 at 04:37:52PM +0100, Peter Maydell wrote:
> In handling float64_muladd, if we end up doing a subtraction of the
> product and c, and the 128 bit result of this subtraction happens to
> have its most significant bit in bit 63, we weren't handling this
> correctly when attempting to normalize to put the most significant
> bit into bit 126.  We would end up doing a right shift by a negative
> number (undefined behaviour in C) so at best we would return an
> incorrect result to the guest.  MSB in bit 63 has to be handled as a
> special case separately from MSB in 0..62 and MSB in 63..126.  (MSB
> in 127 is not possible.)
> 
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> Specific test vector which triggers this:
>  a = 3fffffffffe00000 b = 3fffffffffe00000 c = c00fffffffc00000
> 
> Also tested with my usual set of random test vectors.
> 
>  fpu/softfloat.c |   12 +++++++++---
>  1 file changed, 9 insertions(+), 3 deletions(-)
> 
> diff --git a/fpu/softfloat.c b/fpu/softfloat.c
> index 83ccc4b..7ba51b6 100644
> --- a/fpu/softfloat.c
> +++ b/fpu/softfloat.c
> @@ -3898,9 +3898,15 @@ float64 float64_muladd(float64 a, float64 b, float64 c, int flags STATUS_PARAM)
>              }
>              zExp -= shiftcount;
>          } else {
> -            shiftcount = countLeadingZeros64(zSig1) - 1;
> -            zSig0 = zSig1 << shiftcount;
> -            zExp -= (shiftcount + 64);
> +            shiftcount = countLeadingZeros64(zSig1);
> +            if (shiftcount == 0) {
> +                zSig0 = (zSig1 >> 1) | (zSig1 & 1);
> +                zExp -= 63;
> +            } else {
> +                shiftcount--;
> +                zSig0 = zSig1 << shiftcount;
> +                zExp -= (shiftcount + 64);
> +            }
>          }
>          return roundAndPackFloat64(zSign, zExp, zSig0 STATUS_VAR);
>      }

Thanks, applied.


-- 
Aurelien Jarno                          GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2013-04-15 14:25 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-04-12 15:37 [Qemu-devel] [PATCH] fpu: Correct edgecase in float64_muladd Peter Maydell
2013-04-13 13:57 ` Aurelien Jarno
2013-04-15 14:25 ` Aurelien Jarno

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).