From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:39614) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1X4Z4a-0003Ip-LY for qemu-devel@nongnu.org; Tue, 08 Jul 2014 13:21:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1X4Z4G-0007cY-QS for qemu-devel@nongnu.org; Tue, 08 Jul 2014 13:20:56 -0400 Received: from e8.ny.us.ibm.com ([32.97.182.138]:49316) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1X4Z4G-0007bs-L6 for qemu-devel@nongnu.org; Tue, 08 Jul 2014 13:20:36 -0400 Received: from /spool/local by e8.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 8 Jul 2014 13:20:36 -0400 From: Michael Roth Date: Tue, 8 Jul 2014 12:16:37 -0500 Message-Id: <1404839947-1086-7-git-send-email-mdroth@linux.vnet.ibm.com> In-Reply-To: <1404839947-1086-1-git-send-email-mdroth@linux.vnet.ibm.com> References: <1404839947-1086-1-git-send-email-mdroth@linux.vnet.ibm.com> Subject: [Qemu-devel] [PATCH 006/156] target-i386: Fix ucomis and comis memory access List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org From: Richard Henderson We were loading 16 bytes for both single and double-precision scalar comparisons. Reported-by: Alexander Bluhm Signed-off-by: Richard Henderson (cherry picked from commit cb48da7f8140b5cbb648d990876720da9cd04d8f) Conflicts: target-i386/translate.c *removed dependency on 323d1876 Signed-off-by: Michael Roth --- target-i386/translate.c | 44 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 35 insertions(+), 9 deletions(-) diff --git a/target-i386/translate.c b/target-i386/translate.c index b19ea14..4a25486 100644 --- a/target-i386/translate.c +++ b/target-i386/translate.c @@ -4565,21 +4565,47 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b, if (is_xmm) { op1_offset = offsetof(CPUX86State,xmm_regs[reg]); if (mod != 3) { + int sz = 4; + gen_lea_modrm(env, s, modrm, ®_addr, &offset_addr); op2_offset = offsetof(CPUX86State,xmm_t0); - if (b1 >= 2 && ((b >= 0x50 && b <= 0x5f && b != 0x5b) || - b == 0xc2)) { - /* specific case for SSE single instructions */ + + switch (b) { + case 0x50 ... 0x5a: + case 0x5c ... 0x5f: + case 0xc2: + /* Most sse scalar operations. */ if (b1 == 2) { - /* 32 bit access */ - gen_op_ld_T0_A0(OT_LONG + s->mem_index); - tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0))); + sz = 2; + } else if (b1 == 3) { + sz = 3; + } + break; + + case 0x2e: /* ucomis[sd] */ + case 0x2f: /* comis[sd] */ + if (b1 == 0) { + sz = 2; } else { - /* 64 bit access */ - gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_t0.XMM_D(0))); + sz = 3; } - } else { + break; + } + + switch (sz) { + case 2: + /* 32 bit access */ + gen_op_ld_T0_A0(OT_LONG + s->mem_index); + tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0))); + break; + case 3: + /* 64 bit access */ + gen_ldq_env_A0(s->mem_index, offsetof(CPUX86State,xmm_t0.XMM_D(0))); + break; + default: + /* 128 bit access */ gen_ldo_env_A0(s->mem_index, op2_offset); + break; } } else { rm = (modrm & 7) | REX_B(s); -- 1.9.1