From: Richard Henderson <richard.henderson@linaro.org>
To: ~vilenka <vilen.kamalov@gmail.com>, qemu-devel@nongnu.org
Cc: philmd@linaro.org, pbonzini@redhat.com
Subject: Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation
Date: Thu, 23 Feb 2023 12:01:08 -1000 [thread overview]
Message-ID: <1ecf3d94-8e0e-94fd-51a0-7772ea8cb786@linaro.org> (raw)
In-Reply-To: <167718710208.23058.11278141733696221981-1@git.sr.ht>
On 2/23/23 11:13, ~vilenka wrote:
> From: Vilen Kamalov <vilen.kamalov@gmail.com>
>
> gen_shift_rm_T1 in the uses wrong tmp0 register, eflags calculation uses tmp4 at target/i386/tcg/translate.c, line 5488
> `tcg_gen_mov_tl(cpu_cc_src, s->tmp4);`
The line you quote only applies to the bit instructions, bt/bts/btr/btc, so your
explanation is clearly incorrect.
> push rcx
> mov dword ptr [rsp], 010000000h
> mov rcx, 01eh
> sar dword ptr [rsp], cl
> jnc pass1
> int 3
> pass1:
> mov dword ptr [rsp], 0ffffffffh
> mov rcx, 01eh
> sar dword ptr [rsp], cl
> jc pass2
> int 3
> pass2:
> pop rcx
Thanks for the test case.
> diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
> index 9d9392b009..9048e22868 100644
> --- a/target/i386/tcg/translate.c
> +++ b/target/i386/tcg/translate.c
> @@ -1686,27 +1686,27 @@ static void gen_shift_rm_T1(DisasContext *s, MemOp ot, int op1,
> }
>
> tcg_gen_andi_tl(s->T1, s->T1, mask);
> - tcg_gen_subi_tl(s->tmp0, s->T1, 1);
> + tcg_gen_subi_tl(s->tmp4, s->T1, 1);
>
> if (is_right) {
> if (is_arith) {
> gen_exts(ot, s->T0);
> - tcg_gen_sar_tl(s->tmp0, s->T0, s->tmp0);
> + tcg_gen_sar_tl(s->tmp4, s->T0, s->tmp4);
> tcg_gen_sar_tl(s->T0, s->T0, s->T1);
> } else {
> gen_extu(ot, s->T0);
> - tcg_gen_shr_tl(s->tmp0, s->T0, s->tmp0);
> + tcg_gen_shr_tl(s->tmp4, s->T0, s->tmp4);
> tcg_gen_shr_tl(s->T0, s->T0, s->T1);
> }
> } else {
> - tcg_gen_shl_tl(s->tmp0, s->T0, s->tmp0);
> + tcg_gen_shl_tl(s->tmp4, s->T0, s->tmp4);
> tcg_gen_shl_tl(s->T0, s->T0, s->T1);
> }
>
> /* store */
> gen_op_st_rm_T0_A0(s, ot, op1);
>
> - gen_shift_flags(s, ot, s->T0, s->tmp0, s->T1, is_right);
> + gen_shift_flags(s, ot, s->T0, s->tmp4, s->T1, is_right);
> }
The use of tmp0 vs tmp4 is completely local to this function.
Within gen_shift_flags, the 4th argument is consistently used, and neither tmp0 nor tmp4
are referenced.
If this does fix the issue, that means there's some other explanation, and possibly some
deeper fix is required.
r~
next prev parent reply other threads:[~2023-02-23 22:01 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-23 21:18 [PATCH qemu 0/1] [bugfix] gen_shift_rm_T1 uses wrong tmp0 register ~vilenka
2023-02-23 21:13 ` [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation ~vilenka
2023-02-23 22:01 ` Richard Henderson [this message]
2023-02-23 22:13 ` Vilen Kamalov
2023-02-23 22:19 ` Vilen Kamalov
2023-02-23 22:23 ` Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1ecf3d94-8e0e-94fd-51a0-7772ea8cb786@linaro.org \
--to=richard.henderson@linaro.org \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=vilen.kamalov@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).