* [PATCH 00/18] target/i386: decoder changes for 8.2
@ 2023-10-14 10:01 Paolo Bonzini
2023-10-14 10:01 ` [PATCH 01/18] target/i386: group common checks in the decoding phase Paolo Bonzini
` (17 more replies)
0 siblings, 18 replies; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
This includes:
- implementing SHA and CMPccXADD instruction extensions
- introducing a new mechanism for flags writeback that avoids a
tricky failure
- converting the more orthogonal parts of the one-byte opcode
map, as well as the CMOVcc and SETcc instructions.
Tested by booting several 32-bit and 64-bit guests.
Paolo
Paolo Bonzini (18):
target/i386: group common checks in the decoding phase
target/i386: validate VEX.W for AVX instructions
target/i386: implement SHA instructions
tests/tcg/i386: initialize more registers in test-avx
tests/tcg/i386: test-avx: add test cases for SHA new instructions
target/i386: accept full MemOp in gen_ext_tl
target/i386: introduce flags writeback mechanism
target/i386: implement CMPccXADD
target/i386: do not clobber A0 in POP translation
target/i386: reintroduce debugging mechanism
target/i386: move 00-5F opcodes to new decoder
target/i386: adjust decoding of J operand
target/i386: split eflags computation out of gen_compute_eflags
target/i386: move 60-BF opcodes to new decoder
target/i386: move operand load and writeback out of gen_cmovcc1
target/i386: move remaining conditional operations to new decoder
target/i386: remove now converted opcodes from old decoder
target/i386: remove gen_op
target/i386/cpu.c | 4 +-
target/i386/ops_sse.h | 128 ++++
target/i386/tcg/decode-new.c.inc | 605 ++++++++++++++--
target/i386/tcg/decode-new.h | 41 +-
target/i386/tcg/emit.c.inc | 726 ++++++++++++++++++-
target/i386/tcg/ops_sse_header.h.inc | 14 +
target/i386/tcg/translate.c | 1001 +++-----------------------
tests/tcg/i386/Makefile.target | 2 +-
tests/tcg/i386/test-avx.c | 8 +
tests/tcg/i386/test-avx.py | 3 +-
tests/tcg/i386/test-flags.c | 37 +
11 files changed, 1593 insertions(+), 976 deletions(-)
create mode 100644 tests/tcg/i386/test-flags.c
--
2.41.0
^ permalink raw reply [flat|nested] 36+ messages in thread
* [PATCH 01/18] target/i386: group common checks in the decoding phase
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-18 1:23 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 02/18] target/i386: validate VEX.W for AVX instructions Paolo Bonzini
` (16 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
In preparation for adding more similar checks, move the VEX.L=0 check
and several X86_SPECIAL_* checks to a new field, where each bit represent
a common check on unused bits, or a restriction on the processor mode.
Likewise, many SVM intercepts can be checked during the decoding phase,
the main exception being the selective CR0 write, MSR and IOIO intercepts.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 79 +++++++++++++++++++++++---------
target/i386/tcg/decode-new.h | 25 +++++++---
target/i386/tcg/emit.c.inc | 8 ----
3 files changed, 76 insertions(+), 36 deletions(-)
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index 7d76f152758..790339eaf25 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -90,8 +90,6 @@
X86_OP_ENTRY3(op, None, None, None, None, None, None, ## __VA_ARGS__)
#define cpuid(feat) .cpuid = X86_FEAT_##feat,
-#define i64 .special = X86_SPECIAL_i64,
-#define o64 .special = X86_SPECIAL_o64,
#define xchg .special = X86_SPECIAL_Locked,
#define mmx .special = X86_SPECIAL_MMX,
#define zext0 .special = X86_SPECIAL_ZExtOp0,
@@ -114,6 +112,9 @@
#define vex12 .vex_class = 12,
#define vex13 .vex_class = 13,
+#define chk(a) .check = X86_CHECK_##a,
+#define svm(a) .intercept = SVM_EXIT_##a,
+
#define avx2_256 .vex_special = X86_VEX_AVX2_256,
#define P_00 1
@@ -161,8 +162,8 @@ static void decode_group15(DisasContext *s, CPUX86State *env, X86OpEntry *entry,
};
static const X86OpEntry group15_mem[8] = {
- [2] = X86_OP_ENTRYr(LDMXCSR, E,d, vex5),
- [3] = X86_OP_ENTRYw(STMXCSR, E,d, vex5),
+ [2] = X86_OP_ENTRYr(LDMXCSR, E,d, vex5 chk(VEX128)),
+ [3] = X86_OP_ENTRYw(STMXCSR, E,d, vex5 chk(VEX128)),
};
uint8_t modrm = get_modrm(s, env);
@@ -1579,6 +1580,12 @@ static bool validate_vex(DisasContext *s, X86DecodedInsn *decode)
if (s->flags & HF_EM_MASK) {
goto illegal;
}
+
+ if (e->check & X86_CHECK_VEX128) {
+ if (s->vex_l) {
+ goto illegal;
+ }
+ }
return true;
nm_exception:
@@ -1764,6 +1771,25 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
goto illegal_op;
}
+ /* Checks that result in #UD come first. */
+ if (decode.e.check) {
+ if (decode.e.check & X86_CHECK_i64) {
+ if (CODE64(s)) {
+ goto illegal_op;
+ }
+ }
+ if (decode.e.check & X86_CHECK_o64) {
+ if (!CODE64(s)) {
+ goto illegal_op;
+ }
+ }
+ if (decode.e.check & X86_CHECK_prot) {
+ if (!PE(s) || VM86(s)) {
+ goto illegal_op;
+ }
+ }
+ }
+
switch (decode.e.special) {
case X86_SPECIAL_None:
break;
@@ -1774,23 +1800,6 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
}
break;
- case X86_SPECIAL_ProtMode:
- if (!PE(s) || VM86(s)) {
- goto illegal_op;
- }
- break;
-
- case X86_SPECIAL_i64:
- if (CODE64(s)) {
- goto illegal_op;
- }
- break;
- case X86_SPECIAL_o64:
- if (!CODE64(s)) {
- goto illegal_op;
- }
- break;
-
case X86_SPECIAL_ZExtOp0:
assert(decode.op[0].unit == X86_OP_INT);
if (!decode.op[0].has_ea) {
@@ -1820,6 +1829,31 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
if (!validate_vex(s, &decode)) {
return;
}
+
+ /*
+ * Checks that result in #GP or VMEXIT come second. Intercepts are
+ * generally checked after non-memory exceptions (i.e. before all
+ * exceptions if there is no memory operand). Exceptions are
+ * vm86 checks (INTn, IRET, PUSHF/POPF), RSM and XSETBV (!).
+ *
+ * RSM and XSETBV will be handled in the gen_* functions
+ * instead of using chk().
+ */
+ if (decode.e.check & X86_CHECK_cpl0) {
+ if (CPL(s) != 0) {
+ goto gp_fault;
+ }
+ }
+ if (decode.e.intercept && unlikely(GUEST(s))) {
+ gen_helper_svm_check_intercept(tcg_env,
+ tcg_constant_i32(decode.e.intercept));
+ }
+ if (decode.e.check & X86_CHECK_vm86_iopl) {
+ if (VM86(s) && IOPL(s) < 3) {
+ goto gp_fault;
+ }
+ }
+
if (decode.e.special == X86_SPECIAL_MMX &&
!(s->prefix & (PREFIX_REPZ | PREFIX_REPNZ | PREFIX_DATA))) {
gen_helper_enter_mmx(tcg_env);
@@ -1846,6 +1880,9 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
gen_writeback(s, &decode, 0, s->T0);
}
return;
+ gp_fault:
+ gen_exception_gpf(s);
+ return;
illegal_op:
gen_illegal_opcode(s);
return;
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index a542ec16813..631d39220bb 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -130,15 +130,28 @@ typedef enum X86OpUnit {
X86_OP_MMX, /* address in either s->ptrX or s->A0 depending on has_ea */
} X86OpUnit;
+typedef enum X86InsnCheck {
+ /* Illegal or exclusive to 64-bit mode */
+ X86_CHECK_i64 = 1,
+ X86_CHECK_o64 = 2,
+
+ /* Fault outside protected mode */
+ X86_CHECK_prot = 4,
+
+ /* Privileged instruction checks */
+ X86_CHECK_cpl0 = 8,
+ X86_CHECK_vm86_iopl = 16,
+
+ /* Fault if VEX.L=1 */
+ X86_CHECK_VEX128 = 32,
+} X86InsnCheck;
+
typedef enum X86InsnSpecial {
X86_SPECIAL_None,
/* Always locked if it has a memory operand (XCHG) */
X86_SPECIAL_Locked,
- /* Fault outside protected mode */
- X86_SPECIAL_ProtMode,
-
/*
* Register operand 0/2 is zero extended to 32 bits. Rd/Mb or Rd/Mw
* in the manual.
@@ -157,10 +170,6 @@ typedef enum X86InsnSpecial {
* become P/P/Q/N, and size "x" becomes "q".
*/
X86_SPECIAL_MMX,
-
- /* Illegal or exclusive to 64-bit mode */
- X86_SPECIAL_i64,
- X86_SPECIAL_o64,
} X86InsnSpecial;
/*
@@ -224,6 +233,8 @@ struct X86OpEntry {
unsigned vex_class:8;
X86VEXSpecial vex_special:8;
uint16_t valid_prefix:16;
+ uint8_t check:8;
+ uint8_t intercept:8;
bool is_decode:1;
};
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index 88793ba988d..7c36cf8a6df 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -1236,10 +1236,6 @@ static void gen_INSERTQ_r(DisasContext *s, CPUX86State *env, X86DecodedInsn *dec
static void gen_LDMXCSR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
- if (s->vex_l) {
- gen_illegal_opcode(s);
- return;
- }
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T1);
gen_helper_ldmxcsr(tcg_env, s->tmp2_i32);
}
@@ -1832,10 +1828,6 @@ static void gen_VAESKEYGEN(DisasContext *s, CPUX86State *env, X86DecodedInsn *de
static void gen_STMXCSR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
- if (s->vex_l) {
- gen_illegal_opcode(s);
- return;
- }
gen_helper_update_mxcsr(tcg_env);
tcg_gen_ld32u_tl(s->T0, tcg_env, offsetof(CPUX86State, mxcsr));
}
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 02/18] target/i386: validate VEX.W for AVX instructions
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
2023-10-14 10:01 ` [PATCH 01/18] target/i386: group common checks in the decoding phase Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-18 1:24 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 03/18] target/i386: implement SHA instructions Paolo Bonzini
` (15 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Instructions in VEX exception class 6 generally look at the value of
VEX.W. Note that the manual places some instructions incorrectly in
class 4, for example VPERMQ which has no non-VEX encoding and no legacy
SSE analogue. AMD does a mess of its own, as documented in the comment
that this patch adds.
Most of them are checked for VEX.W=0, and are listed in the manual
(though with an omission) in table 2-16; VPERMQ and VPERMPD check for
VEX.W=1, which is only listed in the instruction description. Others,
such as VPSRLV, VPSLLV and the FMA3 instructions, use VEX.W to switch
between a 32-bit and 64-bit operation.
Fix more of the class 4/class 6 mismatches, and implement the check for
VEX.W in TCG.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 133 +++++++++++++++++++++----------
target/i386/tcg/decode-new.h | 6 ++
2 files changed, 99 insertions(+), 40 deletions(-)
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index 790339eaf25..850271e0898 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -43,6 +43,47 @@
* There are a couple cases in which instructions (e.g. MOVD) write the
* whole XMM or MM register but are established incorrectly in the manual
* as "d" or "q". These have to be fixed for the decoder to work correctly.
+ *
+ * Speaking about imprecisions in the manual, the decoder treats all
+ * exception-class 4 instructions as having an optional VEX prefix, and
+ * all exception-class 6 instructions as having a mandatory VEX prefix.
+ * This is true except for a dozen instructions; these are in exception
+ * class 4 but do not ignore the VEX.W bit (which does not even exist
+ * without a VEX prefix). These instructions are mostly listed in Intel's
+ * table 2-16, but with a few exceptions.
+ *
+ * The AMD manual has more precise subclasses for exceptions, and unlike Intel
+ * they list the VEX.W requirements in the exception classes as well (except
+ * when they don't). AMD describes class 6 as "AVX Mixed Memory Argument"
+ * without defining what a mixed memory argument is, but still use 4 as the
+ * primary exception class... except when they don't.
+ *
+ * The summary is:
+ * Intel AMD VEX.W note
+ * -------------------------------------------------------------------
+ * vpblendd 4 4J 0
+ * vpblendvb 4 4E-X 0 (*)
+ * vpbroadcastq 6 6D 0 (+)
+ * vpermd/vpermps 4 4H 0 (§)
+ * vpermq/vpermpd 4 4H-1 1 (§)
+ * vpermilpd/vpermilps 4 6E 0 (^)
+ * vpmaskmovd 6 4K significant (^)
+ * vpsllv 4 4K significant
+ * vpsrav 4 4J 0
+ * vpsrlv 4 4K significant
+ * vtestps/vtestpd 4 4G 0
+ *
+ * (*) AMD lists VPBLENDVB as related to SSE4.1 PBLENDVB, which may
+ * explain why it is considered exception class 4. However,
+ * Intel says that VEX-only instructions should be in class 6...
+ *
+ * (+) Not found in Intel's table 2-16
+ *
+ * (§) 4H and 4H-1 do not mention VEX.W requirements, which are
+ * however present in the description of the instruction
+ *
+ * (^) these are the two cases in which Intel and AMD disagree on the
+ * primary exception class
*/
#define X86_OP_NONE { 0 },
@@ -338,11 +379,11 @@ static const X86OpEntry opcodes_0F38_00toEF[240] = {
[0x07] = X86_OP_ENTRY3(PHSUBSW, V,x, H,x, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66),
[0x10] = X86_OP_ENTRY2(PBLENDVB, V,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
- [0x13] = X86_OP_ENTRY2(VCVTPH2PS, V,x, W,xh, vex11 cpuid(F16C) p_66),
+ [0x13] = X86_OP_ENTRY2(VCVTPH2PS, V,x, W,xh, vex11 chk(W0) cpuid(F16C) p_66),
[0x14] = X86_OP_ENTRY2(BLENDVPS, V,x, W,x, vex4 cpuid(SSE41) p_66),
[0x15] = X86_OP_ENTRY2(BLENDVPD, V,x, W,x, vex4 cpuid(SSE41) p_66),
/* Listed incorrectly as type 4 */
- [0x16] = X86_OP_ENTRY3(VPERMD, V,qq, H,qq, W,qq, vex6 cpuid(AVX2) p_66),
+ [0x16] = X86_OP_ENTRY3(VPERMD, V,qq, H,qq, W,qq, vex6 chk(W0) cpuid(AVX2) p_66), /* vpermps */
[0x17] = X86_OP_ENTRY3(VPTEST, None,None, V,x, W,x, vex4 cpuid(SSE41) p_66),
/*
@@ -363,14 +404,14 @@ static const X86OpEntry opcodes_0F38_00toEF[240] = {
[0x33] = X86_OP_ENTRY3(VPMOVZXWD, V,x, None,None, W,q, vex5 cpuid(SSE41) avx_movx avx2_256 p_66),
[0x34] = X86_OP_ENTRY3(VPMOVZXWQ, V,x, None,None, W,d, vex5 cpuid(SSE41) avx_movx avx2_256 p_66),
[0x35] = X86_OP_ENTRY3(VPMOVZXDQ, V,x, None,None, W,q, vex5 cpuid(SSE41) avx_movx avx2_256 p_66),
- [0x36] = X86_OP_ENTRY3(VPERMD, V,qq, H,qq, W,qq, vex6 cpuid(AVX2) p_66),
+ [0x36] = X86_OP_ENTRY3(VPERMD, V,qq, H,qq, W,qq, vex6 chk(W0) cpuid(AVX2) p_66),
[0x37] = X86_OP_ENTRY3(PCMPGTQ, V,x, H,x, W,x, vex4 cpuid(SSE42) avx2_256 p_66),
[0x40] = X86_OP_ENTRY3(PMULLD, V,x, H,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
[0x41] = X86_OP_ENTRY3(VPHMINPOSUW, V,dq, None,None, W,dq, vex4 cpuid(SSE41) p_66),
/* Listed incorrectly as type 4 */
[0x45] = X86_OP_ENTRY3(VPSRLV, V,x, H,x, W,x, vex6 cpuid(AVX2) p_66),
- [0x46] = X86_OP_ENTRY3(VPSRAV, V,x, H,x, W,x, vex6 cpuid(AVX2) p_66),
+ [0x46] = X86_OP_ENTRY3(VPSRAV, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX2) p_66),
[0x47] = X86_OP_ENTRY3(VPSLLV, V,x, H,x, W,x, vex6 cpuid(AVX2) p_66),
[0x90] = X86_OP_ENTRY3(VPGATHERD, V,x, H,x, M,d, vex12 cpuid(AVX2) p_66), /* vpgatherdd/q */
@@ -392,14 +433,15 @@ static const X86OpEntry opcodes_0F38_00toEF[240] = {
[0x09] = X86_OP_ENTRY3(PSIGNW, V,x, H,x, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66),
[0x0a] = X86_OP_ENTRY3(PSIGND, V,x, H,x, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66),
[0x0b] = X86_OP_ENTRY3(PMULHRSW, V,x, H,x, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66),
- [0x0c] = X86_OP_ENTRY3(VPERMILPS, V,x, H,x, W,x, vex4 cpuid(AVX) p_00_66),
- [0x0d] = X86_OP_ENTRY3(VPERMILPD, V,x, H,x, W,x, vex4 cpuid(AVX) p_66),
- [0x0e] = X86_OP_ENTRY3(VTESTPS, None,None, V,x, W,x, vex4 cpuid(AVX) p_66),
- [0x0f] = X86_OP_ENTRY3(VTESTPD, None,None, V,x, W,x, vex4 cpuid(AVX) p_66),
+ /* Listed incorrectly as type 4 */
+ [0x0c] = X86_OP_ENTRY3(VPERMILPS, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX) p_00_66),
+ [0x0d] = X86_OP_ENTRY3(VPERMILPD, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x0e] = X86_OP_ENTRY3(VTESTPS, None,None, V,x, W,x, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x0f] = X86_OP_ENTRY3(VTESTPD, None,None, V,x, W,x, vex6 chk(W0) cpuid(AVX) p_66),
- [0x18] = X86_OP_ENTRY3(VPBROADCASTD, V,x, None,None, W,d, vex6 cpuid(AVX) p_66), /* vbroadcastss */
- [0x19] = X86_OP_ENTRY3(VPBROADCASTQ, V,qq, None,None, W,q, vex6 cpuid(AVX) p_66), /* vbroadcastsd */
- [0x1a] = X86_OP_ENTRY3(VBROADCASTx128, V,qq, None,None, WM,dq,vex6 cpuid(AVX) p_66),
+ [0x18] = X86_OP_ENTRY3(VPBROADCASTD, V,x, None,None, W,d, vex6 chk(W0) cpuid(AVX) p_66), /* vbroadcastss */
+ [0x19] = X86_OP_ENTRY3(VPBROADCASTQ, V,qq, None,None, W,q, vex6 chk(W0) cpuid(AVX) p_66), /* vbroadcastsd */
+ [0x1a] = X86_OP_ENTRY3(VBROADCASTx128, V,qq, None,None, WM,dq,vex6 chk(W0) cpuid(AVX) p_66),
[0x1c] = X86_OP_ENTRY3(PABSB, V,x, None,None, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66),
[0x1d] = X86_OP_ENTRY3(PABSW, V,x, None,None, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66),
[0x1e] = X86_OP_ENTRY3(PABSD, V,x, None,None, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66),
@@ -408,11 +450,11 @@ static const X86OpEntry opcodes_0F38_00toEF[240] = {
[0x29] = X86_OP_ENTRY3(PCMPEQQ, V,x, H,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
[0x2a] = X86_OP_ENTRY3(MOVDQ, V,x, None,None, WM,x, vex1 cpuid(SSE41) avx2_256 p_66), /* movntdqa */
[0x2b] = X86_OP_ENTRY3(VPACKUSDW, V,x, H,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
- [0x2c] = X86_OP_ENTRY3(VMASKMOVPS, V,x, H,x, WM,x, vex6 cpuid(AVX) p_66),
- [0x2d] = X86_OP_ENTRY3(VMASKMOVPD, V,x, H,x, WM,x, vex6 cpuid(AVX) p_66),
+ [0x2c] = X86_OP_ENTRY3(VMASKMOVPS, V,x, H,x, WM,x, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x2d] = X86_OP_ENTRY3(VMASKMOVPD, V,x, H,x, WM,x, vex6 chk(W0) cpuid(AVX) p_66),
/* Incorrectly listed as Mx,Hx,Vx in the manual */
- [0x2e] = X86_OP_ENTRY3(VMASKMOVPS_st, M,x, V,x, H,x, vex6 cpuid(AVX) p_66),
- [0x2f] = X86_OP_ENTRY3(VMASKMOVPD_st, M,x, V,x, H,x, vex6 cpuid(AVX) p_66),
+ [0x2e] = X86_OP_ENTRY3(VMASKMOVPS_st, M,x, V,x, H,x, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x2f] = X86_OP_ENTRY3(VMASKMOVPD_st, M,x, V,x, H,x, vex6 chk(W0) cpuid(AVX) p_66),
[0x38] = X86_OP_ENTRY3(PMINSB, V,x, H,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
[0x39] = X86_OP_ENTRY3(PMINSD, V,x, H,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
@@ -423,12 +465,13 @@ static const X86OpEntry opcodes_0F38_00toEF[240] = {
[0x3e] = X86_OP_ENTRY3(PMAXUW, V,x, H,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
[0x3f] = X86_OP_ENTRY3(PMAXUD, V,x, H,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
- [0x58] = X86_OP_ENTRY3(VPBROADCASTD, V,x, None,None, W,d, vex6 cpuid(AVX2) p_66),
- [0x59] = X86_OP_ENTRY3(VPBROADCASTQ, V,x, None,None, W,q, vex6 cpuid(AVX2) p_66),
- [0x5a] = X86_OP_ENTRY3(VBROADCASTx128, V,qq, None,None, WM,dq,vex6 cpuid(AVX2) p_66),
+ /* VPBROADCASTQ not listed as W0 in table 2-16 */
+ [0x58] = X86_OP_ENTRY3(VPBROADCASTD, V,x, None,None, W,d, vex6 chk(W0) cpuid(AVX2) p_66),
+ [0x59] = X86_OP_ENTRY3(VPBROADCASTQ, V,x, None,None, W,q, vex6 chk(W0) cpuid(AVX2) p_66),
+ [0x5a] = X86_OP_ENTRY3(VBROADCASTx128, V,qq, None,None, WM,dq,vex6 chk(W0) cpuid(AVX2) p_66),
- [0x78] = X86_OP_ENTRY3(VPBROADCASTB, V,x, None,None, W,b, vex6 cpuid(AVX2) p_66),
- [0x79] = X86_OP_ENTRY3(VPBROADCASTW, V,x, None,None, W,w, vex6 cpuid(AVX2) p_66),
+ [0x78] = X86_OP_ENTRY3(VPBROADCASTB, V,x, None,None, W,b, vex6 chk(W0) cpuid(AVX2) p_66),
+ [0x79] = X86_OP_ENTRY3(VPBROADCASTW, V,x, None,None, W,w, vex6 chk(W0) cpuid(AVX2) p_66),
[0x8c] = X86_OP_ENTRY3(VPMASKMOV, V,x, H,x, WM,x, vex6 cpuid(AVX2) p_66),
[0x8e] = X86_OP_ENTRY3(VPMASKMOV_st, M,x, V,x, H,x, vex6 cpuid(AVX2) p_66),
@@ -555,18 +598,18 @@ static const X86OpEntry opcodes_0F3A[256] = {
* Also the "qq" instructions are sometimes omitted by Table 2-17, but are VEX256
* only.
*/
- [0x00] = X86_OP_ENTRY3(VPERMQ, V,qq, W,qq, I,b, vex6 cpuid(AVX2) p_66),
- [0x01] = X86_OP_ENTRY3(VPERMQ, V,qq, W,qq, I,b, vex6 cpuid(AVX2) p_66), /* VPERMPD */
- [0x02] = X86_OP_ENTRY4(VBLENDPS, V,x, H,x, W,x, vex6 cpuid(AVX2) p_66), /* VPBLENDD */
- [0x04] = X86_OP_ENTRY3(VPERMILPS_i, V,x, W,x, I,b, vex6 cpuid(AVX) p_66),
- [0x05] = X86_OP_ENTRY3(VPERMILPD_i, V,x, W,x, I,b, vex6 cpuid(AVX) p_66),
- [0x06] = X86_OP_ENTRY4(VPERM2x128, V,qq, H,qq, W,qq, vex6 cpuid(AVX) p_66),
+ [0x00] = X86_OP_ENTRY3(VPERMQ, V,qq, W,qq, I,b, vex6 chk(W1) cpuid(AVX2) p_66),
+ [0x01] = X86_OP_ENTRY3(VPERMQ, V,qq, W,qq, I,b, vex6 chk(W1) cpuid(AVX2) p_66), /* VPERMPD */
+ [0x02] = X86_OP_ENTRY4(VBLENDPS, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX2) p_66), /* VPBLENDD */
+ [0x04] = X86_OP_ENTRY3(VPERMILPS_i, V,x, W,x, I,b, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x05] = X86_OP_ENTRY3(VPERMILPD_i, V,x, W,x, I,b, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x06] = X86_OP_ENTRY4(VPERM2x128, V,qq, H,qq, W,qq, vex6 chk(W0) cpuid(AVX) p_66),
[0x14] = X86_OP_ENTRY3(PEXTRB, E,b, V,dq, I,b, vex5 cpuid(SSE41) zext0 p_66),
[0x15] = X86_OP_ENTRY3(PEXTRW, E,w, V,dq, I,b, vex5 cpuid(SSE41) zext0 p_66),
[0x16] = X86_OP_ENTRY3(PEXTR, E,y, V,dq, I,b, vex5 cpuid(SSE41) p_66),
[0x17] = X86_OP_ENTRY3(VEXTRACTPS, E,d, V,dq, I,b, vex5 cpuid(SSE41) p_66),
- [0x1d] = X86_OP_ENTRY3(VCVTPS2PH, W,xh, V,x, I,b, vex11 cpuid(F16C) p_66),
+ [0x1d] = X86_OP_ENTRY3(VCVTPS2PH, W,xh, V,x, I,b, vex11 chk(W0) cpuid(F16C) p_66),
[0x20] = X86_OP_ENTRY4(PINSRB, V,dq, H,dq, E,b, vex5 cpuid(SSE41) zext2 p_66),
[0x21] = X86_OP_GROUP0(VINSERTPS),
@@ -576,7 +619,7 @@ static const X86OpEntry opcodes_0F3A[256] = {
[0x41] = X86_OP_ENTRY4(VDDPD, V,dq, H,dq, W,dq, vex2 cpuid(SSE41) p_66),
[0x42] = X86_OP_ENTRY4(VMPSADBW, V,x, H,x, W,x, vex2 cpuid(SSE41) avx2_256 p_66),
[0x44] = X86_OP_ENTRY4(PCLMULQDQ, V,dq, H,dq, W,dq, vex4 cpuid(PCLMULQDQ) p_66),
- [0x46] = X86_OP_ENTRY4(VPERM2x128, V,qq, H,qq, W,qq, vex6 cpuid(AVX2) p_66),
+ [0x46] = X86_OP_ENTRY4(VPERM2x128, V,qq, H,qq, W,qq, vex6 chk(W0) cpuid(AVX2) p_66),
[0x60] = X86_OP_ENTRY4(PCMPESTRM, None,None, V,dq, W,dq, vex4_unal cpuid(SSE42) p_66),
[0x61] = X86_OP_ENTRY4(PCMPESTRI, None,None, V,dq, W,dq, vex4_unal cpuid(SSE42) p_66),
@@ -599,16 +642,16 @@ static const X86OpEntry opcodes_0F3A[256] = {
[0x0e] = X86_OP_ENTRY4(VPBLENDW, V,x, H,x, W,x, vex4 cpuid(SSE41) avx2_256 p_66),
[0x0f] = X86_OP_ENTRY4(PALIGNR, V,x, H,x, W,x, vex4 cpuid(SSSE3) mmx avx2_256 p_00_66),
- [0x18] = X86_OP_ENTRY4(VINSERTx128, V,qq, H,qq, W,qq, vex6 cpuid(AVX) p_66),
- [0x19] = X86_OP_ENTRY3(VEXTRACTx128, W,dq, V,qq, I,b, vex6 cpuid(AVX) p_66),
+ [0x18] = X86_OP_ENTRY4(VINSERTx128, V,qq, H,qq, W,qq, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x19] = X86_OP_ENTRY3(VEXTRACTx128, W,dq, V,qq, I,b, vex6 chk(W0) cpuid(AVX) p_66),
- [0x38] = X86_OP_ENTRY4(VINSERTx128, V,qq, H,qq, W,qq, vex6 cpuid(AVX2) p_66),
- [0x39] = X86_OP_ENTRY3(VEXTRACTx128, W,dq, V,qq, I,b, vex6 cpuid(AVX2) p_66),
+ [0x38] = X86_OP_ENTRY4(VINSERTx128, V,qq, H,qq, W,qq, vex6 chk(W0) cpuid(AVX2) p_66),
+ [0x39] = X86_OP_ENTRY3(VEXTRACTx128, W,dq, V,qq, I,b, vex6 chk(W0) cpuid(AVX2) p_66),
/* Listed incorrectly as type 4 */
- [0x4a] = X86_OP_ENTRY4(VBLENDVPS, V,x, H,x, W,x, vex6 cpuid(AVX) p_66),
- [0x4b] = X86_OP_ENTRY4(VBLENDVPD, V,x, H,x, W,x, vex6 cpuid(AVX) p_66),
- [0x4c] = X86_OP_ENTRY4(VPBLENDVB, V,x, H,x, W,x, vex6 cpuid(AVX) p_66 avx2_256),
+ [0x4a] = X86_OP_ENTRY4(VBLENDVPS, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x4b] = X86_OP_ENTRY4(VBLENDVPD, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX) p_66),
+ [0x4c] = X86_OP_ENTRY4(VPBLENDVB, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX) p_66 avx2_256),
[0xdf] = X86_OP_ENTRY3(VAESKEYGEN, V,dq, W,dq, I,b, vex4 cpuid(AES) p_66),
@@ -1494,8 +1537,6 @@ static bool validate_vex(DisasContext *s, X86DecodedInsn *decode)
}
}
- /* TODO: instructions that require VEX.W=0 (Table 2-16) */
-
switch (e->vex_class) {
case 0:
if (s->prefix & PREFIX_VEX) {
@@ -1581,9 +1622,21 @@ static bool validate_vex(DisasContext *s, X86DecodedInsn *decode)
goto illegal;
}
- if (e->check & X86_CHECK_VEX128) {
- if (s->vex_l) {
- goto illegal;
+ if (e->check) {
+ if (e->check & X86_CHECK_VEX128) {
+ if (s->vex_l) {
+ goto illegal;
+ }
+ }
+ if (e->check & X86_CHECK_W0) {
+ if (s->vex_w) {
+ goto illegal;
+ }
+ }
+ if (e->check & X86_CHECK_W1) {
+ if (!s->vex_w) {
+ goto illegal;
+ }
}
}
return true;
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index 631d39220bb..ae987dfe0ba 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -144,6 +144,12 @@ typedef enum X86InsnCheck {
/* Fault if VEX.L=1 */
X86_CHECK_VEX128 = 32,
+
+ /* Fault if VEX.W=1 */
+ X86_CHECK_W0 = 64,
+
+ /* Fault if VEX.W=0 */
+ X86_CHECK_W1 = 128,
} X86InsnCheck;
typedef enum X86InsnSpecial {
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 03/18] target/i386: implement SHA instructions
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
2023-10-14 10:01 ` [PATCH 01/18] target/i386: group common checks in the decoding phase Paolo Bonzini
2023-10-14 10:01 ` [PATCH 02/18] target/i386: validate VEX.W for AVX instructions Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 0:25 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 04/18] tests/tcg/i386: initialize more registers in test-avx Paolo Bonzini
` (14 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
The implementation was validated with OpenSSL and with the test vectors in
https://github.com/rust-lang/stdarch/blob/master/crates/core_arch/src/x86/sha.rs.
The instructions provide a ~25% improvement on hashing a 64 MiB file:
runtime goes down from 1.8 seconds to 1.4 seconds; instruction count on
the host goes down from 5.8 billion to 4.8 billion with slightly better
IPC too. Good job Intel. ;)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/cpu.c | 2 +-
target/i386/ops_sse.h | 128 +++++++++++++++++++++++++++
target/i386/tcg/decode-new.c.inc | 11 +++
target/i386/tcg/decode-new.h | 1 +
target/i386/tcg/emit.c.inc | 54 +++++++++++
| 14 +++
6 files changed, 209 insertions(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 3aab05ddadc..8beb989701c 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -714,7 +714,7 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT | \
CPUID_7_0_EBX_CLWB | CPUID_7_0_EBX_MPX | CPUID_7_0_EBX_FSGSBASE | \
CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_RDSEED | \
- CPUID_7_0_EBX_KERNEL_FEATURES)
+ CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_KERNEL_FEATURES)
/* missing:
CPUID_7_0_EBX_HLE
CPUID_7_0_EBX_INVPCID, CPUID_7_0_EBX_RTM */
diff --git a/target/i386/ops_sse.h b/target/i386/ops_sse.h
index 33908c0691f..6a465a35fdb 100644
--- a/target/i386/ops_sse.h
+++ b/target/i386/ops_sse.h
@@ -2527,6 +2527,134 @@ SSE_HELPER_FMAP(helper_fma4ps, ZMM_S, 2 << SHIFT, float32_muladd)
SSE_HELPER_FMAP(helper_fma4pd, ZMM_D, 1 << SHIFT, float64_muladd)
#endif
+#if SHIFT == 1
+#define SSE_HELPER_SHA1RNDS4(name, F, K) \
+ void name(Reg *d, Reg *a, Reg *b) \
+ { \
+ uint32_t A, B, C, D, E, t, i; \
+ \
+ A = a->L(3); \
+ B = a->L(2); \
+ C = a->L(1); \
+ D = a->L(0); \
+ E = 0; \
+ \
+ for (i = 0; i <= 3; i++) { \
+ t = F(B, C, D) + rol32(A, 5) + b->L(3 - i) + E + K; \
+ E = D; \
+ D = C; \
+ C = rol32(B, 30); \
+ B = A; \
+ A = t; \
+ } \
+ \
+ d->L(3) = A; \
+ d->L(2) = B; \
+ d->L(1) = C; \
+ d->L(0) = D; \
+ }
+
+#define SHA1_F0(b, c, d) (((b) & (c)) ^ (~(b) & (d)))
+#define SHA1_F1(b, c, d) ((b) ^ (c) ^ (d))
+#define SHA1_F2(b, c, d) (((b) & (c)) ^ ((b) & (d)) ^ ((c) & (d)))
+
+SSE_HELPER_SHA1RNDS4(helper_sha1rnds4_f0, SHA1_F0, 0x5A827999)
+SSE_HELPER_SHA1RNDS4(helper_sha1rnds4_f1, SHA1_F1, 0x6ED9EBA1)
+SSE_HELPER_SHA1RNDS4(helper_sha1rnds4_f2, SHA1_F2, 0x8F1BBCDC)
+SSE_HELPER_SHA1RNDS4(helper_sha1rnds4_f3, SHA1_F1, 0xCA62C1D6)
+
+void helper_sha1nexte(Reg *d, Reg *a, Reg *b)
+{
+ d->L(3) = b->L(3) + rol32(a->L(3), 30);
+ d->L(2) = b->L(2);
+ d->L(1) = b->L(1);
+ d->L(0) = b->L(0);
+}
+
+void helper_sha1msg1(Reg *d, Reg *a, Reg *b)
+{
+ /* These could be overwritten by the first two assignments, save them. */
+ uint32_t b3 = b->L(3);
+ uint32_t b2 = b->L(2);
+
+ d->L(3) = a->L(3) ^ a->L(1);
+ d->L(2) = a->L(2) ^ a->L(0);
+ d->L(1) = a->L(1) ^ b3;
+ d->L(0) = a->L(0) ^ b2;
+}
+
+void helper_sha1msg2(Reg *d, Reg *a, Reg *b)
+{
+ d->L(3) = rol32(a->L(3) ^ b->L(2), 1);
+ d->L(2) = rol32(a->L(2) ^ b->L(1), 1);
+ d->L(1) = rol32(a->L(1) ^ b->L(0), 1);
+ d->L(0) = rol32(a->L(0) ^ d->L(3), 1);
+}
+
+#define SHA256_CH(e, f, g) (((e) & (f)) ^ (~(e) & (g)))
+#define SHA256_MAJ(a, b, c) (((a) & (b)) ^ ((a) & (c)) ^ ((b) & (c)))
+
+#define SHA256_RNDS0(w) (ror32((w), 2) ^ ror32((w), 13) ^ ror32((w), 22))
+#define SHA256_RNDS1(w) (ror32((w), 6) ^ ror32((w), 11) ^ ror32((w), 25))
+#define SHA256_MSGS0(w) (ror32((w), 7) ^ ror32((w), 18) ^ ((w) >> 3))
+#define SHA256_MSGS1(w) (ror32((w), 17) ^ ror32((w), 19) ^ ((w) >> 10))
+
+void helper_sha256rnds2(Reg *d, Reg *a, Reg *b, uint32_t wk0, uint32_t wk1)
+{
+ uint32_t t, AA, EE;
+
+ uint32_t A = b->L(3);
+ uint32_t B = b->L(2);
+ uint32_t C = a->L(3);
+ uint32_t D = a->L(2);
+ uint32_t E = b->L(1);
+ uint32_t F = b->L(0);
+ uint32_t G = a->L(1);
+ uint32_t H = a->L(0);
+
+ /* Even round */
+ t = SHA256_CH(E, F, G) + SHA256_RNDS1(E) + wk0 + H;
+ AA = t + SHA256_MAJ(A, B, C) + SHA256_RNDS0(A);
+ EE = t + D;
+
+ /* These will be B and F at the end of the odd round */
+ d->L(2) = AA;
+ d->L(0) = EE;
+
+ D = C, C = B, B = A, A = AA;
+ H = G, G = F, F = E, E = EE;
+
+ /* Odd round */
+ t = SHA256_CH(E, F, G) + SHA256_RNDS1(E) + wk1 + H;
+ AA = t + SHA256_MAJ(A, B, C) + SHA256_RNDS0(A);
+ EE = t + D;
+
+ d->L(3) = AA;
+ d->L(1) = EE;
+}
+
+void helper_sha256msg1(Reg *d, Reg *a, Reg *b)
+{
+ /* b->L(0) could be overwritten by the first assignment, save it. */
+ uint32_t b0 = b->L(0);
+
+ d->L(0) = a->L(0) + SHA256_MSGS0(a->L(1));
+ d->L(1) = a->L(1) + SHA256_MSGS0(a->L(2));
+ d->L(2) = a->L(2) + SHA256_MSGS0(a->L(3));
+ d->L(3) = a->L(3) + SHA256_MSGS0(b0);
+}
+
+void helper_sha256msg2(Reg *d, Reg *a, Reg *b)
+{
+ /* Earlier assignments cannot overwrite any of the two operands. */
+ d->L(0) = a->L(0) + SHA256_MSGS1(b->L(2));
+ d->L(1) = a->L(1) + SHA256_MSGS1(b->L(3));
+ /* Yes, this reuses the previously computed values. */
+ d->L(2) = a->L(2) + SHA256_MSGS1(d->L(0));
+ d->L(3) = a->L(3) + SHA256_MSGS1(d->L(1));
+}
+#endif
+
#undef SSE_HELPER_S
#undef LANE_WIDTH
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index 850271e0898..eb2400095f8 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -504,6 +504,13 @@ static const X86OpEntry opcodes_0F38_00toEF[240] = {
[0xbe] = X86_OP_ENTRY3(VFNMSUB231Px, V,x, H,x, W,x, vex6 cpuid(FMA) p_66),
[0xbf] = X86_OP_ENTRY3(VFNMSUB231Sx, V,x, H,x, W,x, vex6 cpuid(FMA) p_66),
+ [0xc8] = X86_OP_ENTRY2(SHA1NEXTE, V,dq, W,dq, cpuid(SHA_NI)),
+ [0xc9] = X86_OP_ENTRY2(SHA1MSG1, V,dq, W,dq, cpuid(SHA_NI)),
+ [0xca] = X86_OP_ENTRY2(SHA1MSG2, V,dq, W,dq, cpuid(SHA_NI)),
+ [0xcb] = X86_OP_ENTRY2(SHA256RNDS2, V,dq, W,dq, cpuid(SHA_NI)),
+ [0xcc] = X86_OP_ENTRY2(SHA256MSG1, V,dq, W,dq, cpuid(SHA_NI)),
+ [0xcd] = X86_OP_ENTRY2(SHA256MSG2, V,dq, W,dq, cpuid(SHA_NI)),
+
[0xdb] = X86_OP_ENTRY3(VAESIMC, V,dq, None,None, W,dq, vex4 cpuid(AES) p_66),
[0xdc] = X86_OP_ENTRY3(VAESENC, V,x, H,x, W,x, vex4 cpuid(AES) p_66),
[0xdd] = X86_OP_ENTRY3(VAESENCLAST, V,x, H,x, W,x, vex4 cpuid(AES) p_66),
@@ -653,6 +660,8 @@ static const X86OpEntry opcodes_0F3A[256] = {
[0x4b] = X86_OP_ENTRY4(VBLENDVPD, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX) p_66),
[0x4c] = X86_OP_ENTRY4(VPBLENDVB, V,x, H,x, W,x, vex6 chk(W0) cpuid(AVX) p_66 avx2_256),
+ [0xcc] = X86_OP_ENTRY3(SHA1RNDS4, V,dq, W,dq, I,b, cpuid(SHA_NI)),
+
[0xdf] = X86_OP_ENTRY3(VAESKEYGEN, V,dq, W,dq, I,b, vex4 cpuid(AES) p_66),
[0xF0] = X86_OP_ENTRY3(RORX, G,y, E,y, I,b, vex13 cpuid(BMI2) p_f2),
@@ -1500,6 +1509,8 @@ static bool has_cpuid_feature(DisasContext *s, X86CPUIDFeature cpuid)
return (s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_BMI2);
case X86_FEAT_AVX2:
return (s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_AVX2);
+ case X86_FEAT_SHA_NI:
+ return (s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_SHA_NI);
}
g_assert_not_reached();
}
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index ae987dfe0ba..ab21fa6db97 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -108,6 +108,7 @@ typedef enum X86CPUIDFeature {
X86_FEAT_FMA,
X86_FEAT_MOVBE,
X86_FEAT_PCLMULQDQ,
+ X86_FEAT_SHA_NI,
X86_FEAT_SSE,
X86_FEAT_SSE2,
X86_FEAT_SSE3,
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index 7c36cf8a6df..82da5488d47 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -1796,6 +1796,60 @@ static void gen_SARX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
tcg_gen_sar_tl(s->T0, s->T0, s->T1);
}
+static void gen_SHA1NEXTE(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_helper_sha1nexte(OP_PTR0, OP_PTR1, OP_PTR2);
+}
+
+static void gen_SHA1MSG1(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_helper_sha1msg1(OP_PTR0, OP_PTR1, OP_PTR2);
+}
+
+static void gen_SHA1MSG2(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_helper_sha1msg2(OP_PTR0, OP_PTR1, OP_PTR2);
+}
+
+static void gen_SHA1RNDS4(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ switch(decode->immediate & 3) {
+ case 0:
+ gen_helper_sha1rnds4_f0(OP_PTR0, OP_PTR0, OP_PTR1);
+ break;
+ case 1:
+ gen_helper_sha1rnds4_f1(OP_PTR0, OP_PTR0, OP_PTR1);
+ break;
+ case 2:
+ gen_helper_sha1rnds4_f2(OP_PTR0, OP_PTR0, OP_PTR1);
+ break;
+ case 3:
+ gen_helper_sha1rnds4_f3(OP_PTR0, OP_PTR0, OP_PTR1);
+ break;
+ }
+}
+
+static void gen_SHA256MSG1(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_helper_sha256msg1(OP_PTR0, OP_PTR1, OP_PTR2);
+}
+
+static void gen_SHA256MSG2(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_helper_sha256msg2(OP_PTR0, OP_PTR1, OP_PTR2);
+}
+
+static void gen_SHA256RNDS2(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ TCGv_i32 wk0 = tcg_temp_new_i32();
+ TCGv_i32 wk1 = tcg_temp_new_i32();
+
+ tcg_gen_ld_i32(wk0, tcg_env, ZMM_OFFSET(0) + offsetof(ZMMReg, ZMM_L(0)));
+ tcg_gen_ld_i32(wk1, tcg_env, ZMM_OFFSET(0) + offsetof(ZMMReg, ZMM_L(1)));
+
+ gen_helper_sha256rnds2(OP_PTR0, OP_PTR1, OP_PTR2, wk0, wk1);
+}
+
static void gen_SHLX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
--git a/target/i386/tcg/ops_sse_header.h.inc b/target/i386/tcg/ops_sse_header.h.inc
index 8a7b2f4e2f6..d92c6faf6d6 100644
--- a/target/i386/tcg/ops_sse_header.h.inc
+++ b/target/i386/tcg/ops_sse_header.h.inc
@@ -399,6 +399,20 @@ DEF_HELPER_3(vpermq_ymm, void, Reg, Reg, i32)
#endif
#endif
+/* SHA helpers */
+#if SHIFT == 1
+DEF_HELPER_3(sha1rnds4_f0, void, Reg, Reg, Reg)
+DEF_HELPER_3(sha1rnds4_f1, void, Reg, Reg, Reg)
+DEF_HELPER_3(sha1rnds4_f2, void, Reg, Reg, Reg)
+DEF_HELPER_3(sha1rnds4_f3, void, Reg, Reg, Reg)
+DEF_HELPER_3(sha1nexte, void, Reg, Reg, Reg)
+DEF_HELPER_3(sha1msg1, void, Reg, Reg, Reg)
+DEF_HELPER_3(sha1msg2, void, Reg, Reg, Reg)
+DEF_HELPER_5(sha256rnds2, void, Reg, Reg, Reg, i32, i32)
+DEF_HELPER_3(sha256msg1, void, Reg, Reg, Reg)
+DEF_HELPER_3(sha256msg2, void, Reg, Reg, Reg)
+#endif
+
#undef SHIFT
#undef Reg
#undef SUFFIX
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 04/18] tests/tcg/i386: initialize more registers in test-avx
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (2 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 03/18] target/i386: implement SHA instructions Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-18 1:30 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 05/18] tests/tcg/i386: test-avx: add test cases for SHA new instructions Paolo Bonzini
` (13 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Some instructions use YMM0 implicitly, or use YMM9 as a read-modify-write
register destination. Initialize those registers as well.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
tests/tcg/i386/test-avx.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/tests/tcg/i386/test-avx.c b/tests/tcg/i386/test-avx.c
index c39c0e5bce8..2a04c1ecf15 100644
--- a/tests/tcg/i386/test-avx.c
+++ b/tests/tcg/i386/test-avx.c
@@ -316,6 +316,8 @@ int main(int argc, char *argv[])
int i;
init_all(&initI);
+ init_intreg(&initI.ymm[0]);
+ init_intreg(&initI.ymm[9]);
init_intreg(&initI.ymm[10]);
init_intreg(&initI.ymm[11]);
init_intreg(&initI.ymm[12]);
@@ -324,6 +326,8 @@ int main(int argc, char *argv[])
dump_regs(&initI);
init_all(&initF16);
+ init_f16reg(&initF16.ymm[0]);
+ init_f16reg(&initF16.ymm[9]);
init_f16reg(&initF16.ymm[10]);
init_f16reg(&initF16.ymm[11]);
init_f16reg(&initF16.ymm[12]);
@@ -333,6 +337,8 @@ int main(int argc, char *argv[])
dump_regs(&initF16);
init_all(&initF32);
+ init_f32reg(&initF32.ymm[0]);
+ init_f32reg(&initF32.ymm[9]);
init_f32reg(&initF32.ymm[10]);
init_f32reg(&initF32.ymm[11]);
init_f32reg(&initF32.ymm[12]);
@@ -342,6 +348,8 @@ int main(int argc, char *argv[])
dump_regs(&initF32);
init_all(&initF64);
+ init_f64reg(&initF64.ymm[0]);
+ init_f64reg(&initF64.ymm[9]);
init_f64reg(&initF64.ymm[10]);
init_f64reg(&initF64.ymm[11]);
init_f64reg(&initF64.ymm[12]);
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 05/18] tests/tcg/i386: test-avx: add test cases for SHA new instructions
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (3 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 04/18] tests/tcg/i386: initialize more registers in test-avx Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-14 10:01 ` [PATCH 06/18] target/i386: accept full MemOp in gen_ext_tl Paolo Bonzini
` (12 subsequent siblings)
17 siblings, 0 replies; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
---
tests/tcg/i386/test-avx.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tests/tcg/i386/test-avx.py b/tests/tcg/i386/test-avx.py
index 641a2ef69eb..6063fb2d11d 100755
--- a/tests/tcg/i386/test-avx.py
+++ b/tests/tcg/i386/test-avx.py
@@ -9,7 +9,7 @@
archs = [
"SSE", "SSE2", "SSE3", "SSSE3", "SSE4_1", "SSE4_2",
"AES", "AVX", "AVX2", "AES+AVX", "VAES+AVX",
- "F16C", "FMA",
+ "F16C", "FMA", "SHA",
]
ignore = set(["FISTTP",
@@ -43,6 +43,7 @@
'vPS[LR][AL][WDQ]': 0x3f,
'vPS[RL]LDQ': 0x1f,
'vROUND[PS][SD]': 0x7,
+ 'SHA1RNDS4': 0x03,
'vSHUFPD': 0x0f,
'vSHUFPS': 0xff,
'vAESKEYGENASSIST': 0xff,
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 06/18] target/i386: accept full MemOp in gen_ext_tl
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (4 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 05/18] tests/tcg/i386: test-avx: add test cases for SHA new instructions Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-18 1:32 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 07/18] target/i386: introduce flags writeback mechanism Paolo Bonzini
` (11 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Use MO_SIGN to indicate signed vs. unsigned extension, and filter out
bits other than MO_SIGN and MO_SIZE.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 30 +++++++++++++++---------------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 4f6f9fa7e52..d7d6c85877d 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -699,18 +699,18 @@ static inline void gen_op_movl_T0_Dshift(DisasContext *s, MemOp ot)
tcg_gen_shli_tl(s->T0, s->T0, ot);
};
-static TCGv gen_ext_tl(TCGv dst, TCGv src, MemOp size, bool sign)
+static TCGv gen_ext_tl(TCGv dst, TCGv src, MemOp ot)
{
- switch (size) {
+ switch (ot & MO_SIZE) {
case MO_8:
- if (sign) {
+ if (ot & MO_SIGN) {
tcg_gen_ext8s_tl(dst, src);
} else {
tcg_gen_ext8u_tl(dst, src);
}
return dst;
case MO_16:
- if (sign) {
+ if (ot & MO_SIGN) {
tcg_gen_ext16s_tl(dst, src);
} else {
tcg_gen_ext16u_tl(dst, src);
@@ -718,7 +718,7 @@ static TCGv gen_ext_tl(TCGv dst, TCGv src, MemOp size, bool sign)
return dst;
#ifdef TARGET_X86_64
case MO_32:
- if (sign) {
+ if (ot & MO_SIGN) {
tcg_gen_ext32s_tl(dst, src);
} else {
tcg_gen_ext32u_tl(dst, src);
@@ -732,12 +732,12 @@ static TCGv gen_ext_tl(TCGv dst, TCGv src, MemOp size, bool sign)
static void gen_extu(MemOp ot, TCGv reg)
{
- gen_ext_tl(reg, reg, ot, false);
+ gen_ext_tl(reg, reg, ot);
}
static void gen_exts(MemOp ot, TCGv reg)
{
- gen_ext_tl(reg, reg, ot, true);
+ gen_ext_tl(reg, reg, ot | MO_SIGN);
}
static void gen_op_j_ecx(DisasContext *s, TCGCond cond, TCGLabel *label1)
@@ -926,7 +926,7 @@ static CCPrepare gen_prepare_eflags_c(DisasContext *s, TCGv reg)
case CC_OP_SUBB ... CC_OP_SUBQ:
/* (DATA_TYPE)CC_SRCT < (DATA_TYPE)CC_SRC */
size = s->cc_op - CC_OP_SUBB;
- t1 = gen_ext_tl(s->tmp0, cpu_cc_src, size, false);
+ t1 = gen_ext_tl(s->tmp0, cpu_cc_src, size);
/* If no temporary was used, be careful not to alias t1 and t0. */
t0 = t1 == cpu_cc_src ? s->tmp0 : reg;
tcg_gen_mov_tl(t0, s->cc_srcT);
@@ -936,8 +936,8 @@ static CCPrepare gen_prepare_eflags_c(DisasContext *s, TCGv reg)
case CC_OP_ADDB ... CC_OP_ADDQ:
/* (DATA_TYPE)CC_DST < (DATA_TYPE)CC_SRC */
size = s->cc_op - CC_OP_ADDB;
- t1 = gen_ext_tl(s->tmp0, cpu_cc_src, size, false);
- t0 = gen_ext_tl(reg, cpu_cc_dst, size, false);
+ t1 = gen_ext_tl(s->tmp0, cpu_cc_src, size);
+ t0 = gen_ext_tl(reg, cpu_cc_dst, size);
add_sub:
return (CCPrepare) { .cond = TCG_COND_LTU, .reg = t0,
.reg2 = t1, .mask = -1, .use_reg2 = true };
@@ -965,7 +965,7 @@ static CCPrepare gen_prepare_eflags_c(DisasContext *s, TCGv reg)
case CC_OP_BMILGB ... CC_OP_BMILGQ:
size = s->cc_op - CC_OP_BMILGB;
- t0 = gen_ext_tl(reg, cpu_cc_src, size, false);
+ t0 = gen_ext_tl(reg, cpu_cc_src, size);
return (CCPrepare) { .cond = TCG_COND_EQ, .reg = t0, .mask = -1 };
case CC_OP_ADCX:
@@ -1017,7 +1017,7 @@ static CCPrepare gen_prepare_eflags_s(DisasContext *s, TCGv reg)
default:
{
MemOp size = (s->cc_op - CC_OP_ADDB) & 3;
- TCGv t0 = gen_ext_tl(reg, cpu_cc_dst, size, true);
+ TCGv t0 = gen_ext_tl(reg, cpu_cc_dst, size | MO_SIGN);
return (CCPrepare) { .cond = TCG_COND_LT, .reg = t0, .mask = -1 };
}
}
@@ -1062,7 +1062,7 @@ static CCPrepare gen_prepare_eflags_z(DisasContext *s, TCGv reg)
default:
{
MemOp size = (s->cc_op - CC_OP_ADDB) & 3;
- TCGv t0 = gen_ext_tl(reg, cpu_cc_dst, size, false);
+ TCGv t0 = gen_ext_tl(reg, cpu_cc_dst, size);
return (CCPrepare) { .cond = TCG_COND_EQ, .reg = t0, .mask = -1 };
}
}
@@ -1088,7 +1088,7 @@ static CCPrepare gen_prepare_cc(DisasContext *s, int b, TCGv reg)
case JCC_BE:
tcg_gen_mov_tl(s->tmp4, s->cc_srcT);
gen_extu(size, s->tmp4);
- t0 = gen_ext_tl(s->tmp0, cpu_cc_src, size, false);
+ t0 = gen_ext_tl(s->tmp0, cpu_cc_src, size);
cc = (CCPrepare) { .cond = TCG_COND_LEU, .reg = s->tmp4,
.reg2 = t0, .mask = -1, .use_reg2 = true };
break;
@@ -1101,7 +1101,7 @@ static CCPrepare gen_prepare_cc(DisasContext *s, int b, TCGv reg)
fast_jcc_l:
tcg_gen_mov_tl(s->tmp4, s->cc_srcT);
gen_exts(size, s->tmp4);
- t0 = gen_ext_tl(s->tmp0, cpu_cc_src, size, true);
+ t0 = gen_ext_tl(s->tmp0, cpu_cc_src, size | MO_SIGN);
cc = (CCPrepare) { .cond = cond, .reg = s->tmp4,
.reg2 = t0, .mask = -1, .use_reg2 = true };
break;
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 07/18] target/i386: introduce flags writeback mechanism
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (5 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 06/18] target/i386: accept full MemOp in gen_ext_tl Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-14 16:06 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 08/18] target/i386: implement CMPccXADD Paolo Bonzini
` (10 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
ALU instructions can write to both memory and flags. If the CC_SRC*
and CC_DST locations have been written already when a memory access
causes a fault, the value in CC_SRC* and CC_DST might be interpreted
with the wrong CC_OP (the one that is in effect before the instruction.
Besides just using the wrong result for the flags, something like
subtracting -1 can have disastrous effects if the current CC_OP is
CC_OP_EFLAGS: this is because QEMU does not expect bits outside the ALU
flags to be set in CC_SRC, and env->eflags can end up set to all-ones.
In the case of the attached testcase, this sets IOPL to 3 and would
cause an assertion failure if SUB is moved to the new decoder.
This mechanism is not really needed for BMI instructions, which can
only write to a register, but put it to use anyway for cleanliness.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 20 +++++++++++++++++
target/i386/tcg/decode-new.h | 2 ++
target/i386/tcg/emit.c.inc | 15 +++++++------
tests/tcg/i386/Makefile.target | 2 +-
tests/tcg/i386/test-flags.c | 37 ++++++++++++++++++++++++++++++++
5 files changed, 69 insertions(+), 7 deletions(-)
create mode 100644 tests/tcg/i386/test-flags.c
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index eb2400095f8..bad561ff66d 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -1943,6 +1943,26 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
decode.e.gen(s, env, &decode);
gen_writeback(s, &decode, 0, s->T0);
}
+
+ /*
+ * Write back flags after last memory access. Some newer ALU instructions, as
+ * well as SSE instructions, write flags in the gen_* function, but that can
+ * cause incorrect tracking of CC_OP for instructions that write to both memory
+ * and flags.
+ */
+ if (decode.cc_dst) {
+ tcg_gen_mov_tl(cpu_cc_dst, decode.cc_dst);
+ }
+ if (decode.cc_src) {
+ tcg_gen_mov_tl(cpu_cc_src, decode.cc_src);
+ }
+ if (decode.cc_src2) {
+ tcg_gen_mov_tl(cpu_cc_src, decode.cc_src2);
+ }
+ if (decode.cc_srcT) {
+ tcg_gen_mov_tl(s->cc_srcT, decode.cc_srcT);
+ }
+
return;
gp_fault:
gen_exception_gpf(s);
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index ab21fa6db97..b2879136614 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -265,6 +265,8 @@ struct X86DecodedInsn {
target_ulong immediate;
AddressParts mem;
+ TCGv cc_dst, cc_src, cc_src2, cc_srcT;
+
uint8_t b;
};
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index 82da5488d47..b5dfdc409e5 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -323,6 +323,12 @@ static inline int vector_len(DisasContext *s, X86DecodedInsn *decode)
return s->vex_l ? 32 : 16;
}
+static void prepare_update1_cc(X86DecodedInsn *decode, DisasContext *s, CCOp op)
+{
+ decode->cc_dst = s->T0;
+ set_cc_op(s, op);
+}
+
static void gen_store_sse(DisasContext *s, X86DecodedInsn *decode, int src_ofs)
{
MemOp ot = decode->op[0].ot;
@@ -1073,8 +1079,7 @@ static void gen_ANDN(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
MemOp ot = decode->op[0].ot;
tcg_gen_andc_tl(s->T0, s->T1, s->T0);
- gen_op_update1_cc(s);
- set_cc_op(s, CC_OP_LOGICB + ot);
+ prepare_update1_cc(decode, s, CC_OP_LOGICB + ot);
}
static void gen_BEXTR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
@@ -1105,8 +1110,7 @@ static void gen_BEXTR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
tcg_gen_movcond_tl(TCG_COND_LEU, s->T1, s->A0, bound, s->T1, zero);
tcg_gen_andc_tl(s->T0, s->T0, s->T1);
- gen_op_update1_cc(s);
- set_cc_op(s, CC_OP_LOGICB + ot);
+ prepare_update1_cc(decode, s, CC_OP_LOGICB + ot);
}
static void gen_BLSI(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
@@ -1161,8 +1165,7 @@ static void gen_BZHI(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
tcg_gen_movcond_tl(TCG_COND_LEU, s->A0, s->T1, bound, s->A0, zero);
tcg_gen_andc_tl(s->T0, s->T0, s->A0);
- gen_op_update1_cc(s);
- set_cc_op(s, CC_OP_BMILGB + ot);
+ prepare_update1_cc(decode, s, CC_OP_BMILGB + ot);
}
static void gen_CRC32(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
diff --git a/tests/tcg/i386/Makefile.target b/tests/tcg/i386/Makefile.target
index fdf757c6ce4..ca0f543ef16 100644
--- a/tests/tcg/i386/Makefile.target
+++ b/tests/tcg/i386/Makefile.target
@@ -13,7 +13,7 @@ config-cc.mak: Makefile
I386_SRCS=$(notdir $(wildcard $(I386_SRC)/*.c))
ALL_X86_TESTS=$(I386_SRCS:.c=)
-SKIP_I386_TESTS=test-i386-ssse3 test-avx test-3dnow test-mmx
+SKIP_I386_TESTS=test-i386-ssse3 test-avx test-3dnow test-mmx test-flags
X86_64_TESTS:=$(filter test-i386-adcox test-i386-bmi2 $(SKIP_I386_TESTS), $(ALL_X86_TESTS))
test-i386-sse-exceptions: CFLAGS += -msse4.1 -mfpmath=sse
diff --git a/tests/tcg/i386/test-flags.c b/tests/tcg/i386/test-flags.c
new file mode 100644
index 00000000000..c379e296275
--- /dev/null
+++ b/tests/tcg/i386/test-flags.c
@@ -0,0 +1,37 @@
+#define _GNU_SOURCE
+#include <sys/mman.h>
+#include <signal.h>
+#include <stdio.h>
+#include <assert.h>
+
+volatile unsigned long flags;
+volatile unsigned long flags_after;
+int *addr;
+
+void sigsegv(int sig, siginfo_t *info, ucontext_t *uc)
+{
+ flags = uc->uc_mcontext.gregs[REG_EFL];
+ mprotect(addr, 4096, PROT_READ|PROT_WRITE);
+}
+
+int main()
+{
+ struct sigaction sa = { .sa_handler = (void *)sigsegv, .sa_flags = SA_SIGINFO };
+ sigaction(SIGSEGV, &sa, NULL);
+
+ /* fault in the page then protect it */
+ addr = mmap (NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANON, -1, 0);
+ *addr = 0x1234;
+ mprotect(addr, 4096, PROT_READ);
+
+ asm("# set flags to all ones \n"
+ "mov $-1, %%eax \n"
+ "movq addr, %%rdi \n"
+ "sahf \n"
+ "sub %%eax, (%%rdi) \n"
+ "pushf \n"
+ "pop flags_after(%%rip) \n" : : : "eax", "edi", "memory");
+
+ /* OF can have any value before the SUB instruction. */
+ assert((flags & 0xff) == 0xd7 && (flags_after & 0x8ff) == 0x17);
+}
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 08/18] target/i386: implement CMPccXADD
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (6 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 07/18] target/i386: introduce flags writeback mechanism Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 1:59 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 09/18] target/i386: do not clobber A0 in POP translation Paolo Bonzini
` (9 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
The main difficulty here is that a page fault when writing to the destination
must not overwrite the flags. Therefore, the compute-flags helper must be
called with a temporary destination instead of using gen_jcc1*.
For simplicity, I am using an unconditional cmpxchg operation, that becomes
a NOP if the comparison fails.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/cpu.c | 2 +-
target/i386/tcg/decode-new.c.inc | 30 ++++++++++
target/i386/tcg/decode-new.h | 2 +
target/i386/tcg/emit.c.inc | 98 ++++++++++++++++++++++++++++++++
target/i386/tcg/translate.c | 2 +
5 files changed, 133 insertions(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 8beb989701c..80f0445301b 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -738,7 +738,7 @@ void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1,
#define TCG_7_0_EDX_FEATURES (CPUID_7_0_EDX_FSRM | CPUID_7_0_EDX_KERNEL_FEATURES)
#define TCG_7_1_EAX_FEATURES (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | \
- CPUID_7_1_EAX_FSRC)
+ CPUID_7_1_EAX_FSRC | CPUID_7_1_EAX_CMPCCXADD)
#define TCG_7_1_EDX_FEATURES 0
#define TCG_7_2_EDX_FEATURES 0
#define TCG_APM_FEATURES 0
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index bad561ff66d..01c46e6a789 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -516,6 +516,28 @@ static const X86OpEntry opcodes_0F38_00toEF[240] = {
[0xdd] = X86_OP_ENTRY3(VAESENCLAST, V,x, H,x, W,x, vex4 cpuid(AES) p_66),
[0xde] = X86_OP_ENTRY3(VAESDEC, V,x, H,x, W,x, vex4 cpuid(AES) p_66),
[0xdf] = X86_OP_ENTRY3(VAESDECLAST, V,x, H,x, W,x, vex4 cpuid(AES) p_66),
+
+ /*
+ * REG selects srcdest2 operand, VEX.vvvv selects src3. VEX class not found
+ * in manual, assumed to be 13 from the VEX.L0 = constraint.
+ */
+ [0xe0] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xe1] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xe2] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xe3] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xe4] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xe5] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xe6] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xe7] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+
+ [0xe8] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xe9] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xea] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xeb] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xec] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xed] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xee] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
+ [0xef] = X86_OP_ENTRY3(CMPccXADD, EM,y, G,y, B,y, vex13 xchg chk(o64) cpuid(CMPCCXADD) p_66),
};
/* five rows for no prefix, 66, F3, F2, 66+F2 */
@@ -1273,8 +1295,13 @@ static bool decode_op(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode,
case X86_TYPE_WM: /* modrm byte selects an XMM/YMM memory operand */
op->unit = X86_OP_SSE;
+ goto get_modrm_mem;
+
+ case X86_TYPE_EM: /* modrm byte selects an ALU memory operand */
+ op->unit = X86_OP_INT;
/* fall through */
case X86_TYPE_M: /* modrm byte selects a memory operand */
+ get_modrm_mem:
modrm = get_modrm(s, env);
if ((modrm >> 6) == 3) {
return false;
@@ -1511,6 +1538,9 @@ static bool has_cpuid_feature(DisasContext *s, X86CPUIDFeature cpuid)
return (s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_AVX2);
case X86_FEAT_SHA_NI:
return (s->cpuid_7_0_ebx_features & CPUID_7_0_EBX_SHA_NI);
+
+ case X86_FEAT_CMPCCXADD:
+ return (s->cpuid_7_1_eax_features & CPUID_7_1_EAX_CMPCCXADD);
}
g_assert_not_reached();
}
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index b2879136614..b22de02ce54 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -47,6 +47,7 @@ typedef enum X86OpType {
X86_TYPE_Y, /* string destination */
/* Custom */
+ X86_TYPE_EM, /* modrm byte selects an ALU memory operand */
X86_TYPE_WM, /* modrm byte selects an XMM/YMM memory operand */
X86_TYPE_2op, /* 2-operand RMW instruction */
X86_TYPE_LoBits, /* encoded in bits 0-2 of the operand + REX.B */
@@ -104,6 +105,7 @@ typedef enum X86CPUIDFeature {
X86_FEAT_AVX2,
X86_FEAT_BMI1,
X86_FEAT_BMI2,
+ X86_FEAT_CMPCCXADD,
X86_FEAT_F16C,
X86_FEAT_FMA,
X86_FEAT_MOVBE,
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index b5dfdc409e5..9f70e9dbaa6 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -1168,6 +1168,104 @@ static void gen_BZHI(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
prepare_update1_cc(decode, s, CC_OP_BMILGB + ot);
}
+static void gen_CMPccXADD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ TCGv z_tl = tcg_constant_tl(0);
+ TCGLabel *label_top = gen_new_label();
+ TCGLabel *label_bottom = gen_new_label();
+ TCGv oldv = tcg_temp_new();
+ TCGv memv = tcg_temp_new();
+ TCGv newv = tcg_temp_new();
+ TCGv cmpv = tcg_temp_new();
+ TCGv tmp_cc = tcg_temp_new();
+
+ TCGv cmp_lhs, cmp_rhs;
+ MemOp ot, ot_full;
+
+ int jcc_op = (decode->b >> 1) & 7;
+ static const uint8_t cond[16] = {
+ TCG_COND_NE, /* o, just test OF=1 */
+ TCG_COND_EQ, /* no, just test OF=0 */
+ TCG_COND_LTU, /* b */
+ TCG_COND_GEU, /* ae (nb) */
+ TCG_COND_EQ, /* z */
+ TCG_COND_NE, /* nz */
+ TCG_COND_LEU, /* be */
+ TCG_COND_GTU, /* a (nbe) */
+ TCG_COND_LT, /* s, compares result against 0 */
+ TCG_COND_GE, /* ns, compares result against 0 */
+ TCG_COND_NE, /* p, just test PF=1 */
+ TCG_COND_EQ, /* np, just test PF=0 */
+ TCG_COND_LT, /* l */
+ TCG_COND_GE, /* ge (nl) */
+ TCG_COND_LE, /* le */
+ TCG_COND_GT, /* g (nle) */
+ };
+
+ ot = decode->op[0].ot;
+ ot_full = ot | MO_LE;
+ if (jcc_op >= JCC_S) {
+ /*
+ * Sign-extend values before subtracting for S, P (zero/sign extension
+ * does not matter there) L, LE and their inverses.
+ */
+ ot_full |= MO_SIGN;
+ }
+
+ gen_ext_tl(cmpv, cpu_regs[decode->op[1].n], ot_full);
+
+ /*
+ * Cmpxchg loop starts here.
+ * s->A0: dest address; cmpv: compare operand; s->T1: addition operand.
+ */
+ gen_set_label(label_top);
+ gen_op_ld_v(s, ot_full, memv, s->A0);
+ tcg_gen_sub_tl(s->T0, memv, cmpv);
+
+ /* Compute comparison result but do not clobber cc_* yet. */
+ switch (jcc_op) {
+ case JCC_O:
+ case JCC_P:
+ tcg_gen_sub_tl(s->T0, memv, cmpv);
+ gen_helper_cc_compute_all(tmp_cc, s->T0, cmpv, z_tl,
+ tcg_constant_i32(CC_OP_SUBB + ot));
+ decode->cc_src = tmp_cc;
+ set_cc_op(s, CC_OP_EFLAGS);
+
+ tcg_gen_andi_tl(s->T0, tmp_cc, (jcc_op == JCC_O ? CC_O : CC_P));
+ cmp_lhs = s->T0, cmp_rhs = z_tl;
+ break;
+
+ case JCC_S:
+ cmp_lhs = s->T0, cmp_rhs = z_tl;
+ goto cc_sub;
+
+ default:
+ cmp_lhs = memv, cmp_rhs = cmpv;
+ cc_sub:
+ decode->cc_dst = s->T0;
+ decode->cc_src = cmpv;
+ decode->cc_srcT = memv;
+ set_cc_op(s, CC_OP_SUBB + ot);
+ break;
+ }
+
+ /* Compute new value: if condition does not hold, just store back memv */
+ tcg_gen_add_tl(newv, memv, s->T1);
+ tcg_gen_movcond_tl(cond[decode->b & 15], newv, cmp_lhs, cmp_rhs, newv, memv);
+ tcg_gen_atomic_cmpxchg_tl(oldv, s->A0, memv, newv, s->mem_index, ot_full);
+
+ /* Exit unconditionally if cmpxchg succeeded. */
+ tcg_gen_brcond_tl(TCG_COND_EQ, oldv, memv, label_bottom);
+
+ /* Try again if there was actually a store to make. */
+ tcg_gen_brcond_tl(cond[decode->b & 15], cmp_lhs, cmp_rhs, label_top);
+ gen_set_label(label_bottom);
+
+ /* Store old value only after a successful store. */
+ gen_writeback(s, decode, 1, memv);
+}
+
static void gen_CRC32(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[2].ot;
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index d7d6c85877d..038151a8c3e 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -122,6 +122,7 @@ typedef struct DisasContext {
int cpuid_ext3_features;
int cpuid_7_0_ebx_features;
int cpuid_7_0_ecx_features;
+ int cpuid_7_1_eax_features;
int cpuid_xsave_features;
/* TCG local temps */
@@ -6957,6 +6958,7 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
dc->cpuid_ext3_features = env->features[FEAT_8000_0001_ECX];
dc->cpuid_7_0_ebx_features = env->features[FEAT_7_0_EBX];
dc->cpuid_7_0_ecx_features = env->features[FEAT_7_0_ECX];
+ dc->cpuid_7_1_eax_features = env->features[FEAT_7_1_EAX];
dc->cpuid_xsave_features = env->features[FEAT_XSAVE];
dc->jmp_opt = !((cflags & CF_NO_GOTO_TB) ||
(flags & (HF_TF_MASK | HF_INHIBIT_IRQ_MASK)));
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 09/18] target/i386: do not clobber A0 in POP translation
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (7 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 08/18] target/i386: implement CMPccXADD Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-18 1:33 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 10/18] target/i386: reintroduce debugging mechanism Paolo Bonzini
` (8 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
The new decoder likes to compute the address in A0 very early, so the
gen_lea_v_seg in gen_pop_T0 would clobber the address of the memory
operand. Instead use T0 since it is already available and will be
overwritten immediately after.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 34 ++++++++++++++++++++--------------
1 file changed, 20 insertions(+), 14 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 038151a8c3e..39b5752e780 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -628,17 +628,17 @@ static TCGv eip_cur_tl(DisasContext *s)
}
}
-/* Compute SEG:REG into A0. SEG is selected from the override segment
+/* Compute SEG:REG into DEST. SEG is selected from the override segment
(OVR_SEG) and the default segment (DEF_SEG). OVR_SEG may be -1 to
indicate no override. */
-static void gen_lea_v_seg(DisasContext *s, MemOp aflag, TCGv a0,
- int def_seg, int ovr_seg)
+static void gen_lea_v_seg_dest(DisasContext *s, MemOp aflag, TCGv dest, TCGv a0,
+ int def_seg, int ovr_seg)
{
switch (aflag) {
#ifdef TARGET_X86_64
case MO_64:
if (ovr_seg < 0) {
- tcg_gen_mov_tl(s->A0, a0);
+ tcg_gen_mov_tl(dest, a0);
return;
}
break;
@@ -649,14 +649,14 @@ static void gen_lea_v_seg(DisasContext *s, MemOp aflag, TCGv a0,
ovr_seg = def_seg;
}
if (ovr_seg < 0) {
- tcg_gen_ext32u_tl(s->A0, a0);
+ tcg_gen_ext32u_tl(dest, a0);
return;
}
break;
case MO_16:
/* 16 bit address */
- tcg_gen_ext16u_tl(s->A0, a0);
- a0 = s->A0;
+ tcg_gen_ext16u_tl(dest, a0);
+ a0 = dest;
if (ovr_seg < 0) {
if (ADDSEG(s)) {
ovr_seg = def_seg;
@@ -673,17 +673,23 @@ static void gen_lea_v_seg(DisasContext *s, MemOp aflag, TCGv a0,
TCGv seg = cpu_seg_base[ovr_seg];
if (aflag == MO_64) {
- tcg_gen_add_tl(s->A0, a0, seg);
+ tcg_gen_add_tl(dest, a0, seg);
} else if (CODE64(s)) {
- tcg_gen_ext32u_tl(s->A0, a0);
- tcg_gen_add_tl(s->A0, s->A0, seg);
+ tcg_gen_ext32u_tl(dest, a0);
+ tcg_gen_add_tl(dest, dest, seg);
} else {
- tcg_gen_add_tl(s->A0, a0, seg);
- tcg_gen_ext32u_tl(s->A0, s->A0);
+ tcg_gen_add_tl(dest, a0, seg);
+ tcg_gen_ext32u_tl(dest, dest);
}
}
}
+static void gen_lea_v_seg(DisasContext *s, MemOp aflag, TCGv a0,
+ int def_seg, int ovr_seg)
+{
+ gen_lea_v_seg_dest(s, aflag, s->A0, a0, def_seg, ovr_seg);
+}
+
static inline void gen_string_movl_A0_ESI(DisasContext *s)
{
gen_lea_v_seg(s, s->aflag, cpu_regs[R_ESI], R_DS, s->override);
@@ -2590,8 +2596,8 @@ static MemOp gen_pop_T0(DisasContext *s)
{
MemOp d_ot = mo_pushpop(s, s->dflag);
- gen_lea_v_seg(s, mo_stacksize(s), cpu_regs[R_ESP], R_SS, -1);
- gen_op_ld_v(s, d_ot, s->T0, s->A0);
+ gen_lea_v_seg_dest(s, mo_stacksize(s), s->T0, cpu_regs[R_ESP], R_SS, -1);
+ gen_op_ld_v(s, d_ot, s->T0, s->T0);
return d_ot;
}
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 10/18] target/i386: reintroduce debugging mechanism
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (8 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 09/18] target/i386: do not clobber A0 in POP translation Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-14 10:01 ` [PATCH 11/18] target/i386: move 00-5F opcodes to new decoder Paolo Bonzini
` (7 subsequent siblings)
17 siblings, 0 replies; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 5 ++++-
target/i386/tcg/translate.c | 27 +++++++++++++++++++++++++++
2 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index 01c46e6a789..fb95e0b9268 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -1701,6 +1701,9 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
X86DecodedInsn decode;
X86DecodeFunc decode_func = decode_root;
+#ifdef CONFIG_USER_ONLY
+ if (limit) { --limit; }
+#endif
s->has_modrm = false;
next_byte:
@@ -1987,7 +1990,7 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
tcg_gen_mov_tl(cpu_cc_src, decode.cc_src);
}
if (decode.cc_src2) {
- tcg_gen_mov_tl(cpu_cc_src, decode.cc_src2);
+ tcg_gen_mov_tl(cpu_cc_src2, decode.cc_src2);
}
if (decode.cc_srcT) {
tcg_gen_mov_tl(s->cc_srcT, decode.cc_srcT);
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 39b5752e780..080b56840da 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -2980,6 +2980,9 @@ static void gen_sty_env_A0(DisasContext *s, int offset, bool align)
tcg_gen_qemu_st_i64(s->tmp1_i64, s->tmp0, mem_index, MO_LEUQ);
}
+static bool first = true;
+static unsigned long limit;
+
#include "decode-new.h"
#include "emit.c.inc"
#include "decode-new.c.inc"
@@ -3134,15 +3137,39 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
prefixes = 0;
+ if (first) {
+ const char *env = getenv("QEMU_I386_LIMIT");
+ limit = env ? atol(env) : -1;
+ first = false;
+ }
+ bool use_new = true;
+#ifdef CONFIG_USER_ONLY
+ use_new &= limit > 0;
+#endif
+
next_byte:
s->prefix = prefixes;
b = x86_ldub_code(env, s);
/* Collect prefixes. */
switch (b) {
default:
+#ifndef CONFIG_USER_ONLY
+ use_new &= b <= limit;
+#endif
+ if (use_new && 0) {
+ disas_insn_new(s, cpu, b);
+ return true;
+ }
break;
case 0x0f:
b = x86_ldub_code(env, s) + 0x100;
+#ifndef CONFIG_USER_ONLY
+ use_new &= b <= limit;
+#endif
+ if (use_new && 0) {
+ disas_insn_new(s, cpu, b);
+ return true;
+ }
break;
case 0xf3:
prefixes |= PREFIX_REPZ;
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 11/18] target/i386: move 00-5F opcodes to new decoder
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (9 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 10/18] target/i386: reintroduce debugging mechanism Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 3:24 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 12/18] target/i386: adjust decoding of J operand Paolo Bonzini
` (6 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 116 ++++++++++++++++++
target/i386/tcg/decode-new.h | 3 +
target/i386/tcg/emit.c.inc | 201 +++++++++++++++++++++++++++++++
target/i386/tcg/translate.c | 2 +-
4 files changed, 321 insertions(+), 1 deletion(-)
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index fb95e0b9268..91f79c09b73 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -102,6 +102,8 @@
#define X86_OP_GROUP2(op, op0, s0, op1, s1, ...) \
X86_OP_GROUP3(op, op0, s0, 2op, s0, op1, s1, ## __VA_ARGS__)
+#define X86_OP_GROUPw(op, op0, s0, ...) \
+ X86_OP_GROUP3(op, op0, s0, None, None, None, None, ## __VA_ARGS__)
#define X86_OP_GROUP0(op, ...) \
X86_OP_GROUP3(op, None, None, None, None, None, None, ## __VA_ARGS__)
@@ -127,10 +129,13 @@
X86_OP_ENTRY3(op, op0, s0, None, None, None, None, ## __VA_ARGS__)
#define X86_OP_ENTRYr(op, op0, s0, ...) \
X86_OP_ENTRY3(op, None, None, None, None, op0, s0, ## __VA_ARGS__)
+#define X86_OP_ENTRY1(op, op0, s0, ...) \
+ X86_OP_ENTRY3(op, op0, s0, 2op, s0, None, None, ## __VA_ARGS__)
#define X86_OP_ENTRY0(op, ...) \
X86_OP_ENTRY3(op, None, None, None, None, None, None, ## __VA_ARGS__)
#define cpuid(feat) .cpuid = X86_FEAT_##feat,
+#define nowb .special = X86_SPECIAL_NoWriteback,
#define xchg .special = X86_SPECIAL_Locked,
#define mmx .special = X86_SPECIAL_MMX,
#define zext0 .special = X86_SPECIAL_ZExtOp0,
@@ -1074,7 +1079,114 @@ static void decode_0F(DisasContext *s, CPUX86State *env, X86OpEntry *entry, uint
}
static const X86OpEntry opcodes_root[256] = {
+ [0x00] = X86_OP_ENTRY2(ADD, E,b, G,b),
+ [0x01] = X86_OP_ENTRY2(ADD, E,v, G,v),
+ [0x02] = X86_OP_ENTRY2(ADD, G,b, E,b),
+ [0x03] = X86_OP_ENTRY2(ADD, G,v, E,v),
+ [0x04] = X86_OP_ENTRY2(ADD, 0,b, I,b), /* AL, Ib */
+ [0x05] = X86_OP_ENTRY2(ADD, 0,v, I,z), /* rAX, Iz */
+ [0x06] = X86_OP_ENTRYr(PUSH, ES, w, chk(i64)),
+ [0x07] = X86_OP_ENTRYw(POP, ES, w, chk(i64)),
+
+ [0x10] = X86_OP_ENTRY2(ADC, E,b, G,b),
+ [0x11] = X86_OP_ENTRY2(ADC, E,v, G,v),
+ [0x12] = X86_OP_ENTRY2(ADC, G,b, E,b),
+ [0x13] = X86_OP_ENTRY2(ADC, G,v, E,v),
+ [0x14] = X86_OP_ENTRY2(ADC, 0,b, I,b), /* AL, Ib */
+ [0x15] = X86_OP_ENTRY2(ADC, 0,v, I,z), /* rAX, Iz */
+ [0x16] = X86_OP_ENTRYr(PUSH, SS, w, chk(i64)),
+ [0x17] = X86_OP_ENTRYw(POP, SS, w, chk(i64)),
+
+ [0x20] = X86_OP_ENTRY2(AND, E,b, G,b),
+ [0x21] = X86_OP_ENTRY2(AND, E,v, G,v),
+ [0x22] = X86_OP_ENTRY2(AND, G,b, E,b),
+ [0x23] = X86_OP_ENTRY2(AND, G,v, E,v),
+ [0x24] = X86_OP_ENTRY2(AND, 0,b, I,b), /* AL, Ib */
+ [0x25] = X86_OP_ENTRY2(AND, 0,v, I,z), /* rAX, Iz */
+ [0x26] = {},
+ [0x27] = X86_OP_ENTRY0(DAA, chk(i64)),
+
+ [0x30] = X86_OP_ENTRY2(XOR, E,b, G,b),
+ [0x31] = X86_OP_ENTRY2(XOR, E,v, G,v),
+ [0x32] = X86_OP_ENTRY2(XOR, G,b, E,b),
+ [0x33] = X86_OP_ENTRY2(XOR, G,v, E,v),
+ [0x34] = X86_OP_ENTRY2(XOR, 0,b, I,b), /* AL, Ib */
+ [0x35] = X86_OP_ENTRY2(XOR, 0,v, I,z), /* rAX, Iz */
+ [0x36] = {},
+ [0x37] = X86_OP_ENTRY0(AAA, chk(i64)),
+
+ [0x40] = X86_OP_ENTRY1(INC, 0,v, chk(i64)),
+ [0x41] = X86_OP_ENTRY1(INC, 1,v, chk(i64)),
+ [0x42] = X86_OP_ENTRY1(INC, 2,v, chk(i64)),
+ [0x43] = X86_OP_ENTRY1(INC, 3,v, chk(i64)),
+ [0x44] = X86_OP_ENTRY1(INC, 4,v, chk(i64)),
+ [0x45] = X86_OP_ENTRY1(INC, 5,v, chk(i64)),
+ [0x46] = X86_OP_ENTRY1(INC, 6,v, chk(i64)),
+ [0x47] = X86_OP_ENTRY1(INC, 7,v, chk(i64)),
+
+ [0x50] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+ [0x51] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+ [0x52] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+ [0x53] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+ [0x54] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+ [0x55] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+ [0x56] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+ [0x57] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+
+
+ [0x08] = X86_OP_ENTRY2(OR, E,b, G,b),
+ [0x09] = X86_OP_ENTRY2(OR, E,v, G,v),
+ [0x0A] = X86_OP_ENTRY2(OR, G,b, E,b),
+ [0x0B] = X86_OP_ENTRY2(OR, G,v, E,v),
+ [0x0C] = X86_OP_ENTRY2(OR, 0,b, I,b), /* AL, Ib */
+ [0x0D] = X86_OP_ENTRY2(OR, 0,v, I,z), /* rAX, Iz */
+ [0x0E] = X86_OP_ENTRYr(PUSH, CS, w, chk(i64)),
[0x0F] = X86_OP_GROUP0(0F),
+
+ [0x18] = X86_OP_ENTRY2(SBB, E,b, G,b),
+ [0x19] = X86_OP_ENTRY2(SBB, E,v, G,v),
+ [0x1A] = X86_OP_ENTRY2(SBB, G,b, E,b),
+ [0x1B] = X86_OP_ENTRY2(SBB, G,v, E,v),
+ [0x1C] = X86_OP_ENTRY2(SBB, 0,b, I,b), /* AL, Ib */
+ [0x1D] = X86_OP_ENTRY2(SBB, 0,v, I,z), /* rAX, Iz */
+ [0x1E] = X86_OP_ENTRYr(PUSH, DS, w, chk(i64)),
+ [0x1F] = X86_OP_ENTRYw(POP, DS, w, chk(i64)),
+
+ [0x28] = X86_OP_ENTRY2(SUB, E,b, G,b),
+ [0x29] = X86_OP_ENTRY2(SUB, E,v, G,v),
+ [0x2A] = X86_OP_ENTRY2(SUB, G,b, E,b),
+ [0x2B] = X86_OP_ENTRY2(SUB, G,v, E,v),
+ [0x2C] = X86_OP_ENTRY2(SUB, 0,b, I,b), /* AL, Ib */
+ [0x2D] = X86_OP_ENTRY2(SUB, 0,v, I,z), /* rAX, Iz */
+ [0x2E] = {},
+ [0x2F] = X86_OP_ENTRY0(DAS, chk(i64)),
+
+ [0x38] = X86_OP_ENTRY2(SUB, E,b, G,b, nowb),
+ [0x39] = X86_OP_ENTRY2(SUB, E,v, G,v, nowb),
+ [0x3A] = X86_OP_ENTRY2(SUB, G,b, E,b, nowb),
+ [0x3B] = X86_OP_ENTRY2(SUB, G,v, E,v, nowb),
+ [0x3C] = X86_OP_ENTRY2(SUB, 0,b, I,b, nowb), /* AL, Ib */
+ [0x3D] = X86_OP_ENTRY2(SUB, 0,v, I,z, nowb), /* rAX, Iz */
+ [0x3E] = {},
+ [0x3F] = X86_OP_ENTRY0(AAS, chk(i64)),
+
+ [0x48] = X86_OP_ENTRY1(DEC, 0,v, chk(i64)),
+ [0x49] = X86_OP_ENTRY1(DEC, 1,v, chk(i64)),
+ [0x4A] = X86_OP_ENTRY1(DEC, 2,v, chk(i64)),
+ [0x4B] = X86_OP_ENTRY1(DEC, 3,v, chk(i64)),
+ [0x4C] = X86_OP_ENTRY1(DEC, 4,v, chk(i64)),
+ [0x4D] = X86_OP_ENTRY1(DEC, 5,v, chk(i64)),
+ [0x4E] = X86_OP_ENTRY1(DEC, 6,v, chk(i64)),
+ [0x4F] = X86_OP_ENTRY1(DEC, 7,v, chk(i64)),
+
+ [0x58] = X86_OP_ENTRYw(POP, LoBits,d64),
+ [0x59] = X86_OP_ENTRYw(POP, LoBits,d64),
+ [0x5A] = X86_OP_ENTRYw(POP, LoBits,d64),
+ [0x5B] = X86_OP_ENTRYw(POP, LoBits,d64),
+ [0x5C] = X86_OP_ENTRYw(POP, LoBits,d64),
+ [0x5D] = X86_OP_ENTRYw(POP, LoBits,d64),
+ [0x5E] = X86_OP_ENTRYw(POP, LoBits,d64),
+ [0x5F] = X86_OP_ENTRYw(POP, LoBits,d64),
};
#undef mmx
@@ -1897,6 +2009,10 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
}
break;
+ case X86_SPECIAL_NoWriteback:
+ decode.op[0].unit = X86_OP_SKIP;
+ break;
+
case X86_SPECIAL_ZExtOp0:
assert(decode.op[0].unit == X86_OP_INT);
if (!decode.op[0].has_ea) {
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index b22de02ce54..7b6cd615e16 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -161,6 +161,9 @@ typedef enum X86InsnSpecial {
/* Always locked if it has a memory operand (XCHG) */
X86_SPECIAL_Locked,
+ /* Writeback not needed or done manually in the callback */
+ X86_SPECIAL_NoWriteback,
+
/*
* Register operand 0/2 is zero extended to 32 bits. Rd/Mb or Rd/Mw
* in the manual.
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index 9f70e9dbaa6..ab34d3c3a6d 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -329,6 +329,21 @@ static void prepare_update1_cc(X86DecodedInsn *decode, DisasContext *s, CCOp op)
set_cc_op(s, op);
}
+static void prepare_update2_cc(X86DecodedInsn *decode, DisasContext *s, CCOp op)
+{
+ decode->cc_src = s->T1;
+ decode->cc_dst = s->T0;
+ set_cc_op(s, op);
+}
+
+static void prepare_update3_cc(X86DecodedInsn *decode, DisasContext *s, CCOp op, TCGv reg)
+{
+ decode->cc_src2 = reg;
+ decode->cc_src = s->T1;
+ decode->cc_dst = s->T0;
+ set_cc_op(s, op);
+}
+
static void gen_store_sse(DisasContext *s, X86DecodedInsn *decode, int src_ofs)
{
MemOp ot = decode->op[0].ot;
@@ -1017,6 +1032,36 @@ static void gen_##uname(DisasContext *s, CPUX86State *env, X86DecodedInsn *decod
VSIB_AVX(VPGATHERD, vpgatherd)
VSIB_AVX(VPGATHERQ, vpgatherq)
+static void gen_AAA(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_update_cc_op(s);
+ gen_helper_aaa(tcg_env);
+ set_cc_op(s, CC_OP_EFLAGS);
+}
+
+static void gen_AAS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_update_cc_op(s);
+ gen_helper_aas(tcg_env);
+ set_cc_op(s, CC_OP_EFLAGS);
+}
+
+static void gen_ADC(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ gen_compute_eflags_c(s, s->tmp4);
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_add_tl(s->T0, s->tmp4, s->T1);
+ tcg_gen_atomic_add_fetch_tl(s->T0, s->A0, s->T0,
+ s->mem_index, ot | MO_LE);
+ } else {
+ tcg_gen_add_tl(s->T0, s->T0, s->T1);
+ tcg_gen_add_tl(s->T0, s->T0, s->tmp4);
+ }
+ prepare_update3_cc(decode, s, CC_OP_ADCB + ot, s->tmp4);
+}
+
static void gen_ADCOX(DisasContext *s, CPUX86State *env, MemOp ot, int cc_op)
{
int opposite_cc_op;
@@ -1069,11 +1114,37 @@ static void gen_ADCX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
gen_ADCOX(s, env, decode->op[0].ot, CC_OP_ADCX);
}
+static void gen_ADD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_atomic_add_fetch_tl(s->T0, s->A0, s->T1,
+ s->mem_index, ot | MO_LE);
+ } else {
+ tcg_gen_add_tl(s->T0, s->T0, s->T1);
+ }
+ prepare_update2_cc(decode, s, CC_OP_ADDB + ot);
+}
+
static void gen_ADOX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
gen_ADCOX(s, env, decode->op[0].ot, CC_OP_ADOX);
}
+static void gen_AND(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_atomic_and_fetch_tl(s->T0, s->A0, s->T1,
+ s->mem_index, ot | MO_LE);
+ } else {
+ tcg_gen_and_tl(s->T0, s->T0, s->T1);
+ }
+ prepare_update1_cc(decode, s, CC_OP_LOGICB + ot);
+}
+
static void gen_ANDN(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -1304,6 +1375,36 @@ static void gen_CVTTPx2PI(DisasContext *s, CPUX86State *env, X86DecodedInsn *dec
}
}
+static void gen_DAA(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_update_cc_op(s);
+ gen_helper_daa(tcg_env);
+ set_cc_op(s, CC_OP_EFLAGS);
+}
+
+static void gen_DAS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_update_cc_op(s);
+ gen_helper_das(tcg_env);
+ set_cc_op(s, CC_OP_EFLAGS);
+}
+
+static void gen_DEC(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ tcg_gen_movi_tl(s->T1, -1);
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_atomic_add_fetch_tl(s->T0, s->A0, s->T1,
+ s->mem_index, ot | MO_LE);
+ } else {
+ tcg_gen_add_tl(s->T0, s->T0, s->T1);
+ }
+ gen_compute_eflags_c(s, cpu_cc_src);
+ tcg_gen_mov_tl(cpu_cc_dst, s->T0);
+ set_cc_op(s, CC_OP_DECB + ot);
+}
+
static void gen_EMMS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
gen_helper_emms(tcg_env);
@@ -1322,6 +1423,22 @@ static void gen_EXTRQ_r(DisasContext *s, CPUX86State *env, X86DecodedInsn *decod
gen_helper_extrq_r(tcg_env, OP_PTR0, OP_PTR2);
}
+static void gen_INC(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ tcg_gen_movi_tl(s->T1, 1);
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_atomic_add_fetch_tl(s->T0, s->A0, s->T1,
+ s->mem_index, ot | MO_LE);
+ } else {
+ tcg_gen_add_tl(s->T0, s->T0, s->T1);
+ }
+ gen_compute_eflags_c(s, cpu_cc_src);
+ tcg_gen_mov_tl(cpu_cc_dst, s->T0);
+ set_cc_op(s, CC_OP_INCB + ot);
+}
+
static void gen_INSERTQ_i(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
TCGv_i32 length = tcg_constant_i32(decode->immediate & 63);
@@ -1473,6 +1590,19 @@ static void gen_MULX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
}
+static void gen_OR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_atomic_or_fetch_tl(s->T0, s->A0, s->T1,
+ s->mem_index, ot | MO_LE);
+ } else {
+ tcg_gen_or_tl(s->T0, s->T0, s->T1);
+ }
+ prepare_update1_cc(decode, s, CC_OP_LOGICB + ot);
+}
+
static void gen_PALIGNR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
TCGv_i32 imm = tcg_constant8u_i32(decode->immediate);
@@ -1724,6 +1854,18 @@ static void gen_PMOVMSKB(DisasContext *s, CPUX86State *env, X86DecodedInsn *deco
}
}
+static void gen_POP(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = gen_pop_T0(s);
+ if (decode->op[0].has_ea) {
+ /* NOTE: order is important for MMU exceptions */
+ gen_op_st_v(s, ot, s->T0, s->A0);
+ decode->op[0].unit = X86_OP_SKIP;
+ }
+ /* NOTE: writing back registers after update is important for pop %sp */
+ gen_pop_update(s, ot);
+}
+
static void gen_PSHUFW(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
TCGv_i32 imm = tcg_constant8u_i32(decode->immediate);
@@ -1870,6 +2012,11 @@ static void gen_PSLLDQ_i(DisasContext *s, CPUX86State *env, X86DecodedInsn *deco
}
}
+static void gen_PUSH(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_push_v(s, s->T1);
+}
+
static void gen_RORX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -1897,6 +2044,23 @@ static void gen_SARX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
tcg_gen_sar_tl(s->T0, s->T0, s->T1);
}
+static void gen_SBB(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ gen_compute_eflags_c(s, s->tmp4);
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_add_tl(s->T0, s->T1, s->tmp4);
+ tcg_gen_neg_tl(s->T0, s->T0);
+ tcg_gen_atomic_add_fetch_tl(s->T0, s->A0, s->T0,
+ s->mem_index, ot | MO_LE);
+ } else {
+ tcg_gen_sub_tl(s->T0, s->T0, s->T1);
+ tcg_gen_sub_tl(s->T0, s->T0, s->tmp4);
+ }
+ prepare_update3_cc(decode, s, CC_OP_SBBB + ot, s->tmp4);
+}
+
static void gen_SHA1NEXTE(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
gen_helper_sha1nexte(OP_PTR0, OP_PTR1, OP_PTR2);
@@ -1987,6 +2151,22 @@ static void gen_STMXCSR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decod
tcg_gen_ld32u_tl(s->T0, tcg_env, offsetof(CPUX86State, mxcsr));
}
+static void gen_SUB(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_neg_tl(s->T0, s->T1);
+ tcg_gen_atomic_fetch_add_tl(s->cc_srcT, s->A0, s->T0,
+ s->mem_index, ot | MO_LE);
+ tcg_gen_sub_tl(s->T0, s->cc_srcT, s->T1);
+ } else {
+ tcg_gen_mov_tl(s->cc_srcT, s->T0);
+ tcg_gen_sub_tl(s->T0, s->T0, s->T1);
+ }
+ prepare_update2_cc(decode, s, CC_OP_SUBB + ot);
+}
+
static void gen_VAESIMC(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
assert(!s->vex_l);
@@ -2466,3 +2646,24 @@ static void gen_VZEROUPPER(DisasContext *s, CPUX86State *env, X86DecodedInsn *de
tcg_gen_gvec_dup_imm(MO_64, offset, 16, 16, 0);
}
}
+
+static void gen_XOR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ /* special case XOR reg, reg */
+ if (decode->op[1].unit == X86_OP_INT &&
+ decode->op[2].unit == X86_OP_INT &&
+ decode->op[1].n == decode->op[2].n) {
+ tcg_gen_movi_tl(s->T0, 0);
+ set_cc_op(s, CC_OP_CLR);
+ } else {
+ MemOp ot = decode->op[0].ot;
+
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_atomic_xor_fetch_tl(s->T0, s->A0, s->T1,
+ s->mem_index, ot | MO_LE);
+ } else {
+ tcg_gen_xor_tl(s->T0, s->T0, s->T1);
+ }
+ prepare_update1_cc(decode, s, CC_OP_LOGICB + ot);
+ }
+}
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 080b56840da..e13bf7df591 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -3156,7 +3156,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
#ifndef CONFIG_USER_ONLY
use_new &= b <= limit;
#endif
- if (use_new && 0) {
+ if (use_new && b <= 0x5f) {
disas_insn_new(s, cpu, b);
return true;
}
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 12/18] target/i386: adjust decoding of J operand
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (10 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 11/18] target/i386: move 00-5F opcodes to new decoder Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 3:25 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 13/18] target/i386: split eflags computation out of gen_compute_eflags Paolo Bonzini
` (5 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
gen_jcc() has been changed to accept a relative offset since the
new decoder was written. Adjust the J operand, which is meant
to be used with jump instructions such as gen_jcc(), to not
include the program counter and to not truncate the result, as
both operations are now performed by common code.
The result is that J is now the same as the I operand.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index 91f79c09b73..37ed669bde0 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -1448,19 +1448,9 @@ static bool decode_op(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode,
}
case X86_TYPE_I: /* Immediate */
- op->unit = X86_OP_IMM;
- decode->immediate = insn_get_signed(env, s, op->ot);
- break;
-
case X86_TYPE_J: /* Relative offset for a jump */
op->unit = X86_OP_IMM;
decode->immediate = insn_get_signed(env, s, op->ot);
- decode->immediate += s->pc - s->cs_base;
- if (s->dflag == MO_16) {
- decode->immediate &= 0xffff;
- } else if (!CODE64(s)) {
- decode->immediate &= 0xffffffffu;
- }
break;
case X86_TYPE_L: /* The upper 4 bits of the immediate select a 128-bit register */
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 13/18] target/i386: split eflags computation out of gen_compute_eflags
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (11 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 12/18] target/i386: adjust decoding of J operand Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 3:35 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 14/18] target/i386: move 60-BF opcodes to new decoder Paolo Bonzini
` (4 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
The new x86 decoder wants to compute EFLAGS before writeback, which
can be an issue for some instructions such as ARPL. Extract code
to compute the EFLAGS without clobbering CC_SRC, in case the ARPL
memory write causes a fault.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index e13bf7df591..2da7c357cdc 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -872,18 +872,20 @@ static void gen_op_update_neg_cc(DisasContext *s)
tcg_gen_movi_tl(s->cc_srcT, 0);
}
-/* compute all eflags to cc_src */
-static void gen_compute_eflags(DisasContext *s)
+/* compute all eflags to reg */
+static void gen_mov_eflags(DisasContext *s, TCGv reg)
{
TCGv zero, dst, src1, src2;
int live, dead;
if (s->cc_op == CC_OP_EFLAGS) {
+ if (reg != cpu_cc_src) {
+ tcg_gen_mov_tl(reg, cpu_cc_src);
+ }
return;
}
if (s->cc_op == CC_OP_CLR) {
- tcg_gen_movi_tl(cpu_cc_src, CC_Z | CC_P);
- set_cc_op(s, CC_OP_EFLAGS);
+ tcg_gen_movi_tl(reg, CC_Z | CC_P);
return;
}
@@ -909,7 +911,13 @@ static void gen_compute_eflags(DisasContext *s)
}
gen_update_cc_op(s);
- gen_helper_cc_compute_all(cpu_cc_src, dst, src1, src2, cpu_cc_op);
+ gen_helper_cc_compute_all(reg, dst, src1, src2, cpu_cc_op);
+}
+
+/* compute all eflags to cc_src */
+static void gen_compute_eflags(DisasContext *s)
+{
+ gen_mov_eflags(s, cpu_cc_src);
set_cc_op(s, CC_OP_EFLAGS);
}
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 14/18] target/i386: move 60-BF opcodes to new decoder
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (12 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 13/18] target/i386: split eflags computation out of gen_compute_eflags Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 4:51 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 15/18] target/i386: move operand load and writeback out of gen_cmovcc1 Paolo Bonzini
` (3 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 157 ++++++++++++++
target/i386/tcg/decode-new.h | 3 +
target/i386/tcg/emit.c.inc | 340 +++++++++++++++++++++++++++++++
target/i386/tcg/translate.c | 38 ++--
4 files changed, 522 insertions(+), 16 deletions(-)
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index 37ed669bde0..d03bc5a9720 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -136,6 +136,7 @@
#define cpuid(feat) .cpuid = X86_FEAT_##feat,
#define nowb .special = X86_SPECIAL_NoWriteback,
+#define noseg .special = X86_SPECIAL_NoSeg,
#define xchg .special = X86_SPECIAL_Locked,
#define mmx .special = X86_SPECIAL_MMX,
#define zext0 .special = X86_SPECIAL_ZExtOp0,
@@ -179,6 +180,9 @@
#define p_66_f3_f2 .valid_prefix = P_66 | P_F3 | P_F2,
#define p_00_66_f3_f2 .valid_prefix = P_00 | P_66 | P_F3 | P_F2,
+static X86OpEntry illegal_opcode =
+ X86_OP_ENTRY0(illegal);
+
static uint8_t get_modrm(DisasContext *s, CPUX86State *env)
{
if (!s->has_modrm) {
@@ -1078,6 +1082,46 @@ static void decode_0F(DisasContext *s, CPUX86State *env, X86OpEntry *entry, uint
do_decode_0F(s, env, entry, b);
}
+static void decode_63(DisasContext *s, CPUX86State *env, X86OpEntry *entry, uint8_t *b)
+{
+ static const X86OpEntry arpl = X86_OP_ENTRY2(ARPL, E,w, G,w, chk(prot));
+ static const X86OpEntry mov = X86_OP_ENTRY3(MOV, G,v, E,v, None, None);
+ static const X86OpEntry movsxd = X86_OP_ENTRY3(MOVSXD, G,v, E,d, None, None);
+ if (!CODE64(s)) {
+ *entry = arpl;
+ } else if (REX_W(s)) {
+ *entry = movsxd;
+ } else {
+ *entry = mov;
+ }
+}
+
+static void decode_group1(DisasContext *s, CPUX86State *env, X86OpEntry *entry, uint8_t *b)
+{
+ static const X86GenFunc group1_gen[8] = {
+ gen_ADD, gen_OR, gen_ADC, gen_SBB, gen_AND, gen_SUB, gen_XOR, gen_SUB,
+ };
+ int op = (get_modrm(s, env) >> 3) & 7;
+ entry->gen = group1_gen[op];
+
+ if (op == 7) {
+ /* CMP */
+ entry->special = X86_SPECIAL_NoWriteback;
+ }
+}
+
+static void decode_group1A(DisasContext *s, CPUX86State *env, X86OpEntry *entry, uint8_t *b)
+{
+ int op = (get_modrm(s, env) >> 3) & 7;
+ if (op != 0) {
+ *entry = illegal_opcode;
+ } else {
+ entry->gen = gen_POP;
+ /* The address must use the value of ESP after the pop. */
+ s->popl_esp_hack = 1 << mo_pushpop(s, s->dflag);
+ }
+}
+
static const X86OpEntry opcodes_root[256] = {
[0x00] = X86_OP_ENTRY2(ADD, E,b, G,b),
[0x01] = X86_OP_ENTRY2(ADD, E,v, G,v),
@@ -1133,6 +1177,60 @@ static const X86OpEntry opcodes_root[256] = {
[0x56] = X86_OP_ENTRYr(PUSH, LoBits,d64),
[0x57] = X86_OP_ENTRYr(PUSH, LoBits,d64),
+ [0x60] = X86_OP_ENTRY0(PUSHA, chk(i64)),
+ [0x61] = X86_OP_ENTRY0(POPA, chk(i64)),
+ [0x62] = X86_OP_ENTRY2(BOUND, G,v, M,a, chk(i64)),
+ [0x63] = X86_OP_GROUP0(63),
+ [0x64] = {},
+ [0x65] = {},
+ [0x66] = {},
+ [0x67] = {},
+
+ [0x70] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x71] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x72] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x73] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x74] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x75] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x76] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x77] = X86_OP_ENTRYr(Jcc, J,b),
+
+ [0x80] = X86_OP_GROUP2(group1, E,b, I,b),
+ [0x81] = X86_OP_GROUP2(group1, E,v, I,z),
+ [0x82] = X86_OP_GROUP2(group1, E,b, I,b, chk(i64)),
+ [0x83] = X86_OP_GROUP2(group1, E,v, I,b),
+ [0x84] = X86_OP_ENTRY2(AND, E,b, G,b, nowb),
+ [0x85] = X86_OP_ENTRY2(AND, E,v, G,v, nowb),
+ [0x86] = X86_OP_ENTRY2(XCHG, E,b, G,b, xchg),
+ [0x87] = X86_OP_ENTRY2(XCHG, E,v, G,v, xchg),
+
+ [0x90] = X86_OP_ENTRY2(XCHG, 0,v, LoBits,v),
+ [0x91] = X86_OP_ENTRY2(XCHG, 0,v, LoBits,v),
+ [0x92] = X86_OP_ENTRY2(XCHG, 0,v, LoBits,v),
+ [0x93] = X86_OP_ENTRY2(XCHG, 0,v, LoBits,v),
+ [0x94] = X86_OP_ENTRY2(XCHG, 0,v, LoBits,v),
+ [0x95] = X86_OP_ENTRY2(XCHG, 0,v, LoBits,v),
+ [0x96] = X86_OP_ENTRY2(XCHG, 0,v, LoBits,v),
+ [0x97] = X86_OP_ENTRY2(XCHG, 0,v, LoBits,v),
+
+ [0xA0] = X86_OP_ENTRY3(MOV, 0,b, O,b, None, None), /* AL, Ob */
+ [0xA1] = X86_OP_ENTRY3(MOV, 0,v, O,v, None, None), /* rAX, Ov */
+ [0xA2] = X86_OP_ENTRY3(MOV, O,b, 0,b, None, None), /* Ob, AL */
+ [0xA3] = X86_OP_ENTRY3(MOV, O,v, 0,v, None, None), /* Ov, rAX */
+ [0xA4] = X86_OP_ENTRY2(MOVS, Y,b, X,b, nowb),
+ [0xA5] = X86_OP_ENTRY2(MOVS, Y,v, X,v, nowb),
+ [0xA6] = X86_OP_ENTRY2(CMPS, Y,b, X,b, nowb),
+ [0xA7] = X86_OP_ENTRY2(CMPS, Y,v, X,v, nowb),
+
+ [0xB0] = X86_OP_ENTRY3(MOV, LoBits,b, I,b, None, None),
+ [0xB1] = X86_OP_ENTRY3(MOV, LoBits,b, I,b, None, None),
+ [0xB2] = X86_OP_ENTRY3(MOV, LoBits,b, I,b, None, None),
+ [0xB3] = X86_OP_ENTRY3(MOV, LoBits,b, I,b, None, None),
+ [0xB4] = X86_OP_ENTRY3(MOV, LoBits,b, I,b, None, None),
+ [0xB5] = X86_OP_ENTRY3(MOV, LoBits,b, I,b, None, None),
+ [0xB6] = X86_OP_ENTRY3(MOV, LoBits,b, I,b, None, None),
+ [0xB7] = X86_OP_ENTRY3(MOV, LoBits,b, I,b, None, None),
+
[0x08] = X86_OP_ENTRY2(OR, E,b, G,b),
[0x09] = X86_OP_ENTRY2(OR, E,v, G,v),
@@ -1187,6 +1285,60 @@ static const X86OpEntry opcodes_root[256] = {
[0x5D] = X86_OP_ENTRYw(POP, LoBits,d64),
[0x5E] = X86_OP_ENTRYw(POP, LoBits,d64),
[0x5F] = X86_OP_ENTRYw(POP, LoBits,d64),
+
+ [0x68] = X86_OP_ENTRYr(PUSH, I,z),
+ [0x69] = X86_OP_ENTRY3(IMUL3, G,v, E,v, I,z, nowb),
+ [0x6A] = X86_OP_ENTRYr(PUSH, I,b),
+ [0x6B] = X86_OP_ENTRY3(IMUL3, G,v, E,v, I,b, nowb),
+ [0x6C] = X86_OP_ENTRY2(INS, Y,b, 2,w, nowb), /* DX */
+ [0x6D] = X86_OP_ENTRY2(INS, Y,z, 2,w, nowb), /* DX */
+ [0x6E] = X86_OP_ENTRY2(OUTS, 2,w, X,b, nowb), /* DX */
+ [0x6F] = X86_OP_ENTRY2(OUTS, 2,w, X,b, nowb), /* DX */
+
+ [0x78] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x79] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x7A] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x7B] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x7C] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x7D] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x7E] = X86_OP_ENTRYr(Jcc, J,b),
+ [0x7F] = X86_OP_ENTRYr(Jcc, J,b),
+
+ [0x88] = X86_OP_ENTRY3(MOV, E,b, G,b, None, None),
+ [0x89] = X86_OP_ENTRY3(MOV, E,v, G,v, None, None),
+ [0x8A] = X86_OP_ENTRY3(MOV, G,b, E,b, None, None),
+ [0x8B] = X86_OP_ENTRY3(MOV, G,v, E,v, None, None),
+ [0x8C] = X86_OP_ENTRY3(MOV, E,v, S,w, None, None),
+ [0x8D] = X86_OP_ENTRY3(LEA, G,v, M,v, None, None, noseg),
+ [0x8E] = X86_OP_ENTRY3(MOV, S,w, E,v, None, None),
+ [0x8F] = X86_OP_GROUPw(group1A, E,v),
+
+ [0x98] = X86_OP_ENTRY1(CBW, 0,v), /* rAX */
+ [0x99] = X86_OP_ENTRY3(CWD, 2,v, 0,v, None, None), /* rDX, rAX */
+ [0x9A] = X86_OP_ENTRYr(CALLF, A,p, chk(i64)),
+ [0x9B] = X86_OP_ENTRY0(WAIT),
+ [0x9C] = X86_OP_ENTRY0(PUSHF, chk(vm86_iopl) svm(PUSHF)),
+ [0x9D] = X86_OP_ENTRY0(POPF, chk(vm86_iopl) svm(POPF)),
+ [0x9E] = X86_OP_ENTRY0(SAHF),
+ [0x9F] = X86_OP_ENTRY0(LAHF),
+
+ [0xA8] = X86_OP_ENTRY2(AND, 0,b, I,b, nowb), /* AL, Ib */
+ [0xA9] = X86_OP_ENTRY2(AND, 0,v, I,z, nowb), /* rAX, Iz */
+ [0xAA] = X86_OP_ENTRY2(STOS, Y,b, 0,b, nowb),
+ [0xAB] = X86_OP_ENTRY2(STOS, Y,v, 0,v, nowb),
+ [0xAC] = X86_OP_ENTRY2(LODS, 0,b, X,b, nowb),
+ [0xAD] = X86_OP_ENTRY2(LODS, 0,v, X,v, nowb),
+ [0xAE] = X86_OP_ENTRY2(SCAS, 0,b, Y,b, nowb),
+ [0xAF] = X86_OP_ENTRY2(SCAS, 0,v, Y,v, nowb),
+
+ [0xB8] = X86_OP_ENTRY3(MOV, LoBits,v, I,v, None, None),
+ [0xB9] = X86_OP_ENTRY3(MOV, LoBits,v, I,v, None, None),
+ [0xBA] = X86_OP_ENTRY3(MOV, LoBits,v, I,v, None, None),
+ [0xBB] = X86_OP_ENTRY3(MOV, LoBits,v, I,v, None, None),
+ [0xBC] = X86_OP_ENTRY3(MOV, LoBits,v, I,v, None, None),
+ [0xBD] = X86_OP_ENTRY3(MOV, LoBits,v, I,v, None, None),
+ [0xBE] = X86_OP_ENTRY3(MOV, LoBits,v, I,v, None, None),
+ [0xBF] = X86_OP_ENTRY3(MOV, LoBits,v, I,v, None, None),
};
#undef mmx
@@ -2027,6 +2179,11 @@ static void disas_insn_new(DisasContext *s, CPUState *cpu, int b)
default:
break;
+
+ case X86_SPECIAL_NoSeg:
+ decode.mem.def_seg = -1;
+ s->override = -1;
+ break;
}
if (!validate_vex(s, &decode)) {
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index 7b6cd615e16..98671579abe 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -164,6 +164,9 @@ typedef enum X86InsnSpecial {
/* Writeback not needed or done manually in the callback */
X86_SPECIAL_NoWriteback,
+ /* Do not apply segment base to effective address */
+ X86_SPECIAL_NoSeg,
+
/*
* Register operand 0/2 is zero extended to 32 bits. Rd/Mb or Rd/Mw
* in the manual.
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index ab34d3c3a6d..bd5d74d81ed 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -1153,6 +1153,30 @@ static void gen_ANDN(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
prepare_update1_cc(decode, s, CC_OP_LOGICB + ot);
}
+static void gen_ARPL(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ TCGLabel *label1 = gen_new_label();
+ TCGv rpl_adj = tcg_temp_new();
+
+ gen_mov_eflags(s, s->tmp4);
+ tcg_gen_andi_tl(s->tmp4, s->tmp4, ~CC_Z);
+
+ /* Compute dest[rpl] - src[rpl], adjust if result <0. */
+ tcg_gen_andi_tl(rpl_adj, s->T0, 3);
+ tcg_gen_andi_tl(s->T1, s->T1, 3);
+ tcg_gen_sub_tl(rpl_adj, rpl_adj, s->T1);
+
+ tcg_gen_brcondi_tl(TCG_COND_LT, rpl_adj, 0, label1);
+
+ /* Subtract dest[rpl] - src[rpl] to set dest[rpl] = src[rpl]. */
+ tcg_gen_sub_tl(s->T0, s->T0, rpl_adj);
+ tcg_gen_ori_tl(s->tmp4, s->tmp4, CC_Z);
+ gen_set_label(label1);
+
+ decode->cc_src = s->tmp4;
+ set_cc_op(s, CC_OP_EFLAGS);
+}
+
static void gen_BEXTR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -1217,6 +1241,16 @@ static void gen_BLSR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
set_cc_op(s, CC_OP_BMILGB + ot);
}
+static void gen_BOUND(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
+ if (decode->op[1].ot == MO_16) {
+ gen_helper_boundw(tcg_env, s->A0, s->tmp2_i32);
+ } else {
+ gen_helper_boundl(tcg_env, s->A0, s->tmp2_i32);
+ }
+}
+
static void gen_BZHI(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -1239,6 +1273,43 @@ static void gen_BZHI(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
prepare_update1_cc(decode, s, CC_OP_BMILGB + ot);
}
+static void gen_CALLF(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[2].ot;
+ unsigned int selector, offset;
+
+ if (CODE64(s)) {
+ gen_illegal_opcode(s);
+ return;
+ }
+
+ assert(ot >= MO_16);
+ offset = insn_get(env, s, ot);
+ selector = insn_get(env, s, MO_16);
+ tcg_gen_movi_tl(s->T0, selector);
+ tcg_gen_movi_tl(s->T1, offset);
+ return gen_far_call(s);
+}
+
+static void gen_CBW(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ switch(decode->op[0].ot) {
+#ifdef TARGET_X86_64
+ case MO_64:
+ tcg_gen_ext32s_tl(s->T0, s->T0);
+ break;
+#endif
+ case MO_32:
+ tcg_gen_ext16s_tl(s->T0, s->T0);
+ break;
+ case MO_16:
+ tcg_gen_ext8s_tl(s->T0, s->T0);
+ break;
+ default:
+ abort();
+ }
+}
+
static void gen_CMPccXADD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
TCGv z_tl = tcg_constant_tl(0);
@@ -1337,6 +1408,18 @@ static void gen_CMPccXADD(DisasContext *s, CPUX86State *env, X86DecodedInsn *dec
gen_writeback(s, decode, 1, memv);
}
+static void gen_CMPS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+ if (s->prefix & PREFIX_REPNZ) {
+ gen_repz_cmps(s, ot, 1);
+ } else if (s->prefix & PREFIX_REPZ) {
+ gen_repz_cmps(s, ot, 0);
+ } else {
+ gen_cmps(s, ot);
+ }
+}
+
static void gen_CRC32(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[2].ot;
@@ -1375,6 +1458,24 @@ static void gen_CVTTPx2PI(DisasContext *s, CPUX86State *env, X86DecodedInsn *dec
}
}
+static void gen_CWD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ int shift = 8 << decode->op[0].ot;
+ switch (shift) {
+ case 64:
+ break;
+ case 32:
+ tcg_gen_ext32s_tl(s->T0, s->T0);
+ break;
+ case 16:
+ tcg_gen_ext16s_tl(s->T0, s->T0);
+ break;
+ default:
+ abort();
+ }
+ tcg_gen_sari_tl(s->T0, s->T0, shift - 1);
+}
+
static void gen_DAA(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
gen_update_cc_op(s);
@@ -1423,6 +1524,45 @@ static void gen_EXTRQ_r(DisasContext *s, CPUX86State *env, X86DecodedInsn *decod
gen_helper_extrq_r(tcg_env, OP_PTR0, OP_PTR2);
}
+static void gen_IMUL3(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ int reg = decode->op[0].n;
+ MemOp ot = decode->op[0].ot;
+
+ switch (ot) {
+#ifdef TARGET_X86_64
+ case MO_64:
+ tcg_gen_muls2_i64(cpu_regs[reg], s->T1, s->T0, s->T1);
+ tcg_gen_mov_tl(cpu_cc_dst, cpu_regs[reg]);
+ tcg_gen_sari_tl(cpu_cc_src, cpu_cc_dst, 63);
+ tcg_gen_sub_tl(cpu_cc_src, cpu_cc_src, s->T1);
+ break;
+#endif
+ case MO_32:
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
+ tcg_gen_trunc_tl_i32(s->tmp3_i32, s->T1);
+ tcg_gen_muls2_i32(s->tmp2_i32, s->tmp3_i32,
+ s->tmp2_i32, s->tmp3_i32);
+ tcg_gen_extu_i32_tl(cpu_regs[reg], s->tmp2_i32);
+ tcg_gen_sari_i32(s->tmp2_i32, s->tmp2_i32, 31);
+ tcg_gen_mov_tl(cpu_cc_dst, cpu_regs[reg]);
+ tcg_gen_sub_i32(s->tmp2_i32, s->tmp2_i32, s->tmp3_i32);
+ tcg_gen_extu_i32_tl(cpu_cc_src, s->tmp2_i32);
+ break;
+ default:
+ tcg_gen_ext16s_tl(s->T0, s->T0);
+ tcg_gen_ext16s_tl(s->T1, s->T1);
+ /* XXX: use 32 bit mul which could be faster */
+ tcg_gen_mul_tl(s->T0, s->T0, s->T1);
+ tcg_gen_mov_tl(cpu_cc_dst, s->T0);
+ tcg_gen_ext16s_tl(s->tmp0, s->T0);
+ tcg_gen_sub_tl(cpu_cc_src, s->T0, s->tmp0);
+ gen_op_mov_reg_v(s, ot, reg, s->T0);
+ break;
+ }
+ set_cc_op(s, CC_OP_MULB + ot);
+}
+
static void gen_INC(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -1439,6 +1579,25 @@ static void gen_INC(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
set_cc_op(s, CC_OP_INCB + ot);
}
+static void gen_INS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T1);
+ tcg_gen_ext16u_i32(s->tmp2_i32, s->tmp2_i32);
+ if (!gen_check_io(s, ot, s->tmp2_i32,
+ SVM_IOIO_TYPE_MASK | SVM_IOIO_STR_MASK)) {
+ return;
+ }
+
+ translator_io_start(&s->base);
+ if (s->prefix & (PREFIX_REPZ | PREFIX_REPNZ)) {
+ gen_repz_ins(s, ot);
+ } else {
+ gen_ins(s, ot);
+ }
+}
+
static void gen_INSERTQ_i(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
TCGv_i32 length = tcg_constant_i32(decode->immediate & 63);
@@ -1452,12 +1611,50 @@ static void gen_INSERTQ_r(DisasContext *s, CPUX86State *env, X86DecodedInsn *dec
gen_helper_insertq_r(tcg_env, OP_PTR0, OP_PTR2);
}
+static void gen_Jcc(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_bnd_jmp(s);
+ gen_jcc(s, decode->b & 0xf, decode->immediate);
+}
+
+static void gen_LAHF(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM)) {
+ return gen_illegal_opcode(s);
+ }
+ gen_compute_eflags(s);
+ /* Note: gen_compute_eflags() only gives the condition codes */
+ tcg_gen_ori_tl(s->T0, cpu_cc_src, 0x02);
+ tcg_gen_deposit_tl(cpu_regs[R_EAX], cpu_regs[R_EAX], s->T0, 8, 8);
+}
+
static void gen_LDMXCSR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T1);
gen_helper_ldmxcsr(tcg_env, s->tmp2_i32);
}
+static void gen_LEA(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ tcg_gen_mov_tl(s->T0, s->A0);
+}
+
+static void gen_LODS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+ if (s->prefix & (PREFIX_REPZ | PREFIX_REPNZ)) {
+ gen_repz_lods(s, ot);
+ } else {
+ gen_lods(s, ot);
+ }
+}
+
+static void gen_MOV(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ /* nothing to do! */
+}
+#define gen_NOP gen_MOV
+
static void gen_MASKMOV(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
tcg_gen_mov_tl(s->A0, cpu_regs[R_EDI]);
@@ -1567,6 +1764,21 @@ static void gen_MOVq_dq(DisasContext *s, CPUX86State *env, X86DecodedInsn *decod
return gen_MOVQ(s, env, decode);
}
+static void gen_MOVS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+ if (s->prefix & (PREFIX_REPZ | PREFIX_REPNZ)) {
+ gen_repz_movs(s, ot);
+ } else {
+ gen_movs(s, ot);
+ }
+}
+
+static void gen_MOVSXD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ tcg_gen_ext32s_tl(s->T0, s->T0);
+}
+
static void gen_MULX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -1603,6 +1815,24 @@ static void gen_OR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
prepare_update1_cc(decode, s, CC_OP_LOGICB + ot);
}
+static void gen_OUTS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[1].ot;
+
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
+ tcg_gen_ext16u_i32(s->tmp2_i32, s->tmp2_i32);
+ if (!gen_check_io(s, ot, s->tmp2_i32, SVM_IOIO_STR_MASK)) {
+ return;
+ }
+
+ translator_io_start(&s->base);
+ if (s->prefix & (PREFIX_REPZ | PREFIX_REPNZ)) {
+ gen_repz_outs(s, ot);
+ } else {
+ gen_outs(s, ot);
+ }
+}
+
static void gen_PALIGNR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
TCGv_i32 imm = tcg_constant8u_i32(decode->immediate);
@@ -1866,6 +2096,33 @@ static void gen_POP(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
gen_pop_update(s, ot);
}
+static void gen_POPA(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_popa(s);
+}
+
+static void gen_POPF(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot;
+ int mask = TF_MASK | AC_MASK | ID_MASK | NT_MASK;
+
+ if (CPL(s) == 0) {
+ mask |= IF_MASK | IOPL_MASK;
+ } else if (CPL(s) <= IOPL(s)) {
+ mask |= IF_MASK;
+ }
+ if (s->dflag == MO_16) {
+ mask &= 0xffff;
+ }
+
+ ot = gen_pop_T0(s);
+ gen_helper_write_eflags(tcg_env, s->T0, tcg_constant_i32(mask));
+ gen_pop_update(s, ot);
+ set_cc_op(s, CC_OP_EFLAGS);
+ /* abort translation because TF/AC flag may change */
+ s->base.is_jmp = DISAS_EOB_NEXT;
+}
+
static void gen_PSHUFW(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
TCGv_i32 imm = tcg_constant8u_i32(decode->immediate);
@@ -2017,6 +2274,18 @@ static void gen_PUSH(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
gen_push_v(s, s->T1);
}
+static void gen_PUSHA(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_pusha(s);
+}
+
+static void gen_PUSHF(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_update_cc_op(s);
+ gen_helper_read_eflags(s->T0, tcg_env);
+ gen_push_v(s, s->T0);
+}
+
static void gen_RORX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -2031,6 +2300,18 @@ static void gen_RORX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
}
}
+static void gen_SAHF(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM)) {
+ return gen_illegal_opcode(s);
+ }
+ tcg_gen_shri_tl(s->T0, cpu_regs[R_EAX], 8);
+ gen_compute_eflags(s);
+ tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, CC_O);
+ tcg_gen_andi_tl(s->T0, s->T0, CC_S | CC_Z | CC_A | CC_P | CC_C);
+ tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, s->T0);
+}
+
static void gen_SARX(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -2061,6 +2342,18 @@ static void gen_SBB(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
prepare_update3_cc(decode, s, CC_OP_SBBB + ot, s->tmp4);
}
+static void gen_SCAS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+ if (s->prefix & PREFIX_REPNZ) {
+ gen_repz_scas(s, ot, 1);
+ } else if (s->prefix & PREFIX_REPZ) {
+ gen_repz_scas(s, ot, 0);
+ } else {
+ gen_scas(s, ot);
+ }
+}
+
static void gen_SHA1NEXTE(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
gen_helper_sha1nexte(OP_PTR0, OP_PTR1, OP_PTR2);
@@ -2151,6 +2444,16 @@ static void gen_STMXCSR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decod
tcg_gen_ld32u_tl(s->T0, tcg_env, offsetof(CPUX86State, mxcsr));
}
+static void gen_STOS(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ MemOp ot = decode->op[0].ot;
+ if (s->prefix & (PREFIX_REPZ | PREFIX_REPNZ)) {
+ gen_repz_stos(s, ot);
+ } else {
+ gen_stos(s, ot);
+ }
+}
+
static void gen_SUB(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
MemOp ot = decode->op[0].ot;
@@ -2647,6 +2950,43 @@ static void gen_VZEROUPPER(DisasContext *s, CPUX86State *env, X86DecodedInsn *de
}
}
+static void gen_WAIT(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ if ((s->flags & (HF_MP_MASK | HF_TS_MASK)) == (HF_MP_MASK | HF_TS_MASK)) {
+ gen_NM_exception(s);
+ } else {
+ /* needs to be treated as I/O because of ferr_irq */
+ translator_io_start(&s->base);
+ gen_helper_fwait(tcg_env);
+ }
+}
+
+static void gen_XCHG(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ if (decode->b == 0x90 && !REX_B(s)) {
+ if (s->prefix & PREFIX_REPZ) {
+ gen_update_cc_op(s);
+ gen_update_eip_cur(s);
+ gen_helper_pause(tcg_env, cur_insn_len_i32(s));
+ s->base.is_jmp = DISAS_NORETURN;
+ }
+ /* No writeback. */
+ decode->op[0].unit = X86_OP_SKIP;
+ return;
+ }
+
+ if (s->prefix & PREFIX_LOCK) {
+ tcg_gen_atomic_xchg_tl(s->T0, s->A0, s->T1,
+ s->mem_index, decode->op[0].ot | MO_LE);
+ /* now store old value into register operand */
+ gen_op_mov_reg_v(s, decode->op[2].ot, decode->op[2].n, s->T0);
+ } else {
+ /* move destination value into source operand, source preserved in T1 */
+ gen_op_mov_reg_v(s, decode->op[2].ot, decode->op[2].n, s->T0);
+ tcg_gen_mov_tl(s->T0, s->T1);
+ }
+}
+
static void gen_XOR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
/* special case XOR reg, reg */
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 2da7c357cdc..9c799b5a980 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -2563,6 +2563,23 @@ static void gen_movl_seg_T0(DisasContext *s, X86Seg seg_reg)
}
}
+static void gen_far_call(DisasContext *s)
+{
+ if (PE(s) && !VM86(s)) {
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
+ gen_helper_lcall_protected(tcg_env, s->tmp2_i32, s->T1,
+ tcg_constant_i32(s->dflag - 1),
+ eip_next_tl(s));
+ } else {
+ tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
+ tcg_gen_trunc_tl_i32(s->tmp3_i32, s->T1);
+ gen_helper_lcall_real(tcg_env, s->tmp2_i32, s->tmp3_i32,
+ tcg_constant_i32(s->dflag - 1),
+ eip_next_i32(s));
+ }
+ s->base.is_jmp = DISAS_JUMP;
+}
+
static void gen_svm_check_intercept(DisasContext *s, uint32_t type)
{
/* no SVM activated; fast case */
@@ -3108,6 +3125,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
s->pc = s->base.pc_next;
s->override = -1;
+ s->popl_esp_hack = 0;
#ifdef TARGET_X86_64
s->rex_r = 0;
s->rex_x = 0;
@@ -3164,7 +3182,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
#ifndef CONFIG_USER_ONLY
use_new &= b <= limit;
#endif
- if (use_new && b <= 0x5f) {
+ if (use_new && b <= 0xbf) {
disas_insn_new(s, cpu, b);
return true;
}
@@ -3675,20 +3693,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
gen_op_ld_v(s, ot, s->T1, s->A0);
gen_add_A0_im(s, 1 << ot);
gen_op_ld_v(s, MO_16, s->T0, s->A0);
- do_lcall:
- if (PE(s) && !VM86(s)) {
- tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
- gen_helper_lcall_protected(tcg_env, s->tmp2_i32, s->T1,
- tcg_constant_i32(dflag - 1),
- eip_next_tl(s));
- } else {
- tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
- tcg_gen_trunc_tl_i32(s->tmp3_i32, s->T1);
- gen_helper_lcall_real(tcg_env, s->tmp2_i32, s->tmp3_i32,
- tcg_constant_i32(dflag - 1),
- eip_next_i32(s));
- }
- s->base.is_jmp = DISAS_JUMP;
+ gen_far_call(s);
break;
case 4: /* jmp Ev */
if (dflag == MO_16) {
@@ -5200,7 +5205,8 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
tcg_gen_movi_tl(s->T0, selector);
tcg_gen_movi_tl(s->T1, offset);
}
- goto do_lcall;
+ gen_far_call(s);
+ break;
case 0xe9: /* jmp im */
{
int diff = (dflag != MO_16
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 15/18] target/i386: move operand load and writeback out of gen_cmovcc1
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (13 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 14/18] target/i386: move 60-BF opcodes to new decoder Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 14:56 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 16/18] target/i386: move remaining conditional operations to new decoder Paolo Bonzini
` (2 subsequent siblings)
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Similar to gen_setcc1, make gen_cmovcc1 receive TCGv. This is more friendly
to simultaneous implementation in the old and the new decoder.
A small wart is that s->T0 of CMOV is currently the *second* argument (which
would ordinarily be in T1). Therefore, the condition as to be inverted in
order to overwrite s->T0 with cpu_regs[reg] if the MOV is not performed.
This only applies to the old decoder, and this code will go away soon.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 20 ++++++++------------
1 file changed, 8 insertions(+), 12 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 9c799b5a980..2c4e680a69e 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -2503,26 +2503,20 @@ static void gen_jcc(DisasContext *s, int b, int diff)
gen_jmp_rel(s, s->dflag, diff, 0);
}
-static void gen_cmovcc1(CPUX86State *env, DisasContext *s, MemOp ot, int b,
- int modrm, int reg)
+static void gen_cmovcc1(DisasContext *s, int b, TCGv dest, TCGv src)
{
CCPrepare cc;
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
-
- cc = gen_prepare_cc(s, b, s->T1);
+ cc = gen_prepare_cc(s, b, s->tmp4);
if (cc.mask != -1) {
- TCGv t0 = tcg_temp_new();
- tcg_gen_andi_tl(t0, cc.reg, cc.mask);
- cc.reg = t0;
+ tcg_gen_andi_tl(s->tmp4, cc.reg, cc.mask);
+ cc.reg = s->tmp4;
}
if (!cc.use_reg2) {
cc.reg2 = tcg_constant_tl(cc.imm);
}
- tcg_gen_movcond_tl(cc.cond, s->T0, cc.reg, cc.reg2,
- s->T0, cpu_regs[reg]);
- gen_op_mov_reg_v(s, ot, reg, s->T0);
+ tcg_gen_movcond_tl(cc.cond, dest, cc.reg, cc.reg2, src, dest);
}
static inline void gen_op_movl_T0_seg(DisasContext *s, X86Seg seg_reg)
@@ -5265,7 +5259,9 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
ot = dflag;
modrm = x86_ldub_code(env, s);
reg = ((modrm >> 3) & 7) | REX_R(s);
- gen_cmovcc1(env, s, ot, b, modrm, reg);
+ gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
+ gen_cmovcc1(s, b ^ 1, s->T0, cpu_regs[reg]);
+ gen_op_mov_reg_v(s, ot, reg, s->T0);
break;
/************************/
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 16/18] target/i386: move remaining conditional operations to new decoder
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (14 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 15/18] target/i386: move operand load and writeback out of gen_cmovcc1 Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 15:05 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 17/18] target/i386: remove now converted opcodes from old decoder Paolo Bonzini
2023-10-14 10:01 ` [PATCH 18/18] target/i386: remove gen_op Paolo Bonzini
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Move long-displacement Jcc, SETcc and CMOVcc to the new decoder.
While filling in the tables makes the code seem longer, the new
emitters are all just one line of code.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/decode-new.c.inc | 56 ++++++++++++++++++++++++++++++++
target/i386/tcg/decode-new.h | 1 +
target/i386/tcg/emit.c.inc | 10 ++++++
target/i386/tcg/translate.c | 4 ++-
4 files changed, 70 insertions(+), 1 deletion(-)
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index d03bc5a9720..fdbe7bce968 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -944,6 +944,15 @@ static const X86OpEntry opcodes_0F[256] = {
/* Incorrectly listed as Mq,Vq in the manual */
[0x17] = X86_OP_ENTRY3(VMOVHPx_st, M,q, None,None, V,dq, vex5 p_00_66),
+ [0x40] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x41] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x42] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x43] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x44] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x45] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x46] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x47] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+
[0x50] = X86_OP_ENTRY3(MOVMSK, G,y, None,None, U,x, vex7 p_00_66),
[0x51] = X86_OP_GROUP3(sse_unary, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2), /* sqrtps */
[0x52] = X86_OP_GROUP3(sse_unary, V,x, H,x, W,x, vex4_rep5 p_00_f3), /* rsqrtps */
@@ -971,6 +980,24 @@ static const X86OpEntry opcodes_0F[256] = {
[0x76] = X86_OP_ENTRY3(PCMPEQD, V,x, H,x, W,x, vex4 mmx avx2_256 p_00_66),
[0x77] = X86_OP_GROUP0(0F77),
+ [0x80] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x81] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x82] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x83] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x84] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x85] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x86] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x87] = X86_OP_ENTRYr(Jcc, J,z),
+
+ [0x90] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x91] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x92] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x93] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x94] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x95] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x96] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x97] = X86_OP_ENTRYw(SETcc, E,b),
+
[0x28] = X86_OP_ENTRY3(MOVDQ, V,x, None,None, W,x, vex1 p_00_66), /* MOVAPS */
[0x29] = X86_OP_ENTRY3(MOVDQ, W,x, None,None, V,x, vex1 p_00_66), /* MOVAPS */
[0x2A] = X86_OP_GROUP0(0F2A),
@@ -983,6 +1010,15 @@ static const X86OpEntry opcodes_0F[256] = {
[0x38] = X86_OP_GROUP0(0F38),
[0x3a] = X86_OP_GROUP0(0F3A),
+ [0x48] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x49] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x4a] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x4b] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x4c] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x4d] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x4e] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+ [0x4f] = X86_OP_ENTRY2(CMOVcc, G,v, E,v, cpuid(CMOV)),
+
[0x58] = X86_OP_ENTRY3(VADD, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2),
[0x59] = X86_OP_ENTRY3(VMUL, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2),
[0x5a] = X86_OP_GROUP0(0F5A),
@@ -1008,6 +1044,24 @@ static const X86OpEntry opcodes_0F[256] = {
[0x7e] = X86_OP_GROUP0(0F7E),
[0x7f] = X86_OP_GROUP0(0F7F),
+ [0x88] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x89] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x8a] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x8b] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x8c] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x8d] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x8e] = X86_OP_ENTRYr(Jcc, J,z),
+ [0x8f] = X86_OP_ENTRYr(Jcc, J,z),
+
+ [0x98] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x99] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x9a] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x9b] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x9c] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x9d] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x9e] = X86_OP_ENTRYw(SETcc, E,b),
+ [0x9f] = X86_OP_ENTRYw(SETcc, E,b),
+
[0xae] = X86_OP_GROUP0(group15),
[0xc2] = X86_OP_ENTRY4(VCMP, V,x, H,x, W,x, vex2_rep3 p_00_66_f3_f2),
@@ -1743,6 +1797,8 @@ static bool has_cpuid_feature(DisasContext *s, X86CPUIDFeature cpuid)
switch (cpuid) {
case X86_FEAT_None:
return true;
+ case X86_FEAT_CMOV:
+ return (s->cpuid_features & CPUID_CMOV);
case X86_FEAT_F16C:
return (s->cpuid_ext_features & CPUID_EXT_F16C);
case X86_FEAT_FMA:
diff --git a/target/i386/tcg/decode-new.h b/target/i386/tcg/decode-new.h
index 98671579abe..663dce7384d 100644
--- a/target/i386/tcg/decode-new.h
+++ b/target/i386/tcg/decode-new.h
@@ -105,6 +105,7 @@ typedef enum X86CPUIDFeature {
X86_FEAT_AVX2,
X86_FEAT_BMI1,
X86_FEAT_BMI2,
+ X86_FEAT_CMOV,
X86_FEAT_CMPCCXADD,
X86_FEAT_F16C,
X86_FEAT_FMA,
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index bd5d74d81ed..edcc51e9446 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -1617,6 +1617,16 @@ static void gen_Jcc(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
gen_jcc(s, decode->b & 0xf, decode->immediate);
}
+static void gen_SETcc(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_setcc1(s, decode->b & 0xf, s->T0);
+}
+
+static void gen_CMOVcc(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
+{
+ gen_cmovcc1(s, decode->b & 0xf, s->T0, s->T1);
+}
+
static void gen_LAHF(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
{
if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM)) {
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 2c4e680a69e..1f3cc6361c0 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -3186,7 +3186,9 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
#ifndef CONFIG_USER_ONLY
use_new &= b <= limit;
#endif
- if (use_new && 0) {
+ if (use_new &&
+ ((b >= 0x140 && b <= 0x14f) ||
+ (b >= 0x180 && b <= 0x19f))) {
disas_insn_new(s, cpu, b);
return true;
}
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 17/18] target/i386: remove now converted opcodes from old decoder
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (15 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 16/18] target/i386: move remaining conditional operations to new decoder Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-19 15:15 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 18/18] target/i386: remove gen_op Paolo Bonzini
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 705 +-----------------------------------
1 file changed, 4 insertions(+), 701 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 1f3cc6361c0..6e091fdb7f6 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -3176,7 +3176,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
#ifndef CONFIG_USER_ONLY
use_new &= b <= limit;
#endif
- if (use_new && b <= 0xbf) {
+ if (use_new && 0) {
disas_insn_new(s, cpu, b);
return true;
}
@@ -3186,9 +3186,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
#ifndef CONFIG_USER_ONLY
use_new &= b <= limit;
#endif
- if (use_new &&
- ((b >= 0x140 && b <= 0x14f) ||
- (b >= 0x180 && b <= 0x19f))) {
+ if (use_new && 0) {
disas_insn_new(s, cpu, b);
return true;
}
@@ -3289,119 +3287,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
switch (b) {
/**************************/
/* arith & logic */
- case 0x00 ... 0x05:
- case 0x08 ... 0x0d:
- case 0x10 ... 0x15:
- case 0x18 ... 0x1d:
- case 0x20 ... 0x25:
- case 0x28 ... 0x2d:
- case 0x30 ... 0x35:
- case 0x38 ... 0x3d:
- {
- int f;
- op = (b >> 3) & 7;
- f = (b >> 1) & 3;
-
- ot = mo_b_d(b, dflag);
-
- switch(f) {
- case 0: /* OP Ev, Gv */
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
- mod = (modrm >> 6) & 3;
- rm = (modrm & 7) | REX_B(s);
- if (mod != 3) {
- gen_lea_modrm(env, s, modrm);
- opreg = OR_TMP0;
- } else if (op == OP_XORL && rm == reg) {
- xor_zero:
- /* xor reg, reg optimisation */
- set_cc_op(s, CC_OP_CLR);
- tcg_gen_movi_tl(s->T0, 0);
- gen_op_mov_reg_v(s, ot, reg, s->T0);
- break;
- } else {
- opreg = rm;
- }
- gen_op_mov_v_reg(s, ot, s->T1, reg);
- gen_op(s, op, ot, opreg);
- break;
- case 1: /* OP Gv, Ev */
- modrm = x86_ldub_code(env, s);
- mod = (modrm >> 6) & 3;
- reg = ((modrm >> 3) & 7) | REX_R(s);
- rm = (modrm & 7) | REX_B(s);
- if (mod != 3) {
- gen_lea_modrm(env, s, modrm);
- gen_op_ld_v(s, ot, s->T1, s->A0);
- } else if (op == OP_XORL && rm == reg) {
- goto xor_zero;
- } else {
- gen_op_mov_v_reg(s, ot, s->T1, rm);
- }
- gen_op(s, op, ot, reg);
- break;
- case 2: /* OP A, Iv */
- val = insn_get(env, s, ot);
- tcg_gen_movi_tl(s->T1, val);
- gen_op(s, op, ot, OR_EAX);
- break;
- }
- }
- break;
-
- case 0x82:
- if (CODE64(s))
- goto illegal_op;
- /* fall through */
- case 0x80: /* GRP1 */
- case 0x81:
- case 0x83:
- {
- ot = mo_b_d(b, dflag);
-
- modrm = x86_ldub_code(env, s);
- mod = (modrm >> 6) & 3;
- rm = (modrm & 7) | REX_B(s);
- op = (modrm >> 3) & 7;
-
- if (mod != 3) {
- if (b == 0x83)
- s->rip_offset = 1;
- else
- s->rip_offset = insn_const_size(ot);
- gen_lea_modrm(env, s, modrm);
- opreg = OR_TMP0;
- } else {
- opreg = rm;
- }
-
- switch(b) {
- default:
- case 0x80:
- case 0x81:
- case 0x82:
- val = insn_get(env, s, ot);
- break;
- case 0x83:
- val = (int8_t)insn_get(env, s, MO_8);
- break;
- }
- tcg_gen_movi_tl(s->T1, val);
- gen_op(s, op, ot, opreg);
- }
- break;
-
- /**************************/
- /* inc, dec, and other misc arith */
- case 0x40 ... 0x47: /* inc Gv */
- ot = dflag;
- gen_inc(s, ot, OR_EAX + (b & 7), 1);
- break;
- case 0x48 ... 0x4f: /* dec Gv */
- ot = dflag;
- gen_inc(s, ot, OR_EAX + (b & 7), -1);
- break;
case 0xf6: /* GRP3 */
case 0xf7:
ot = mo_b_d(b, dflag);
@@ -3725,81 +3610,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
}
break;
- case 0x84: /* test Ev, Gv */
- case 0x85:
- ot = mo_b_d(b, dflag);
-
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
-
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
- gen_op_mov_v_reg(s, ot, s->T1, reg);
- gen_op_testl_T0_T1_cc(s);
- set_cc_op(s, CC_OP_LOGICB + ot);
- break;
-
- case 0xa8: /* test eAX, Iv */
- case 0xa9:
- ot = mo_b_d(b, dflag);
- val = insn_get(env, s, ot);
-
- gen_op_mov_v_reg(s, ot, s->T0, OR_EAX);
- tcg_gen_movi_tl(s->T1, val);
- gen_op_testl_T0_T1_cc(s);
- set_cc_op(s, CC_OP_LOGICB + ot);
- break;
-
- case 0x98: /* CWDE/CBW */
- switch (dflag) {
-#ifdef TARGET_X86_64
- case MO_64:
- gen_op_mov_v_reg(s, MO_32, s->T0, R_EAX);
- tcg_gen_ext32s_tl(s->T0, s->T0);
- gen_op_mov_reg_v(s, MO_64, R_EAX, s->T0);
- break;
-#endif
- case MO_32:
- gen_op_mov_v_reg(s, MO_16, s->T0, R_EAX);
- tcg_gen_ext16s_tl(s->T0, s->T0);
- gen_op_mov_reg_v(s, MO_32, R_EAX, s->T0);
- break;
- case MO_16:
- gen_op_mov_v_reg(s, MO_8, s->T0, R_EAX);
- tcg_gen_ext8s_tl(s->T0, s->T0);
- gen_op_mov_reg_v(s, MO_16, R_EAX, s->T0);
- break;
- default:
- g_assert_not_reached();
- }
- break;
- case 0x99: /* CDQ/CWD */
- switch (dflag) {
-#ifdef TARGET_X86_64
- case MO_64:
- gen_op_mov_v_reg(s, MO_64, s->T0, R_EAX);
- tcg_gen_sari_tl(s->T0, s->T0, 63);
- gen_op_mov_reg_v(s, MO_64, R_EDX, s->T0);
- break;
-#endif
- case MO_32:
- gen_op_mov_v_reg(s, MO_32, s->T0, R_EAX);
- tcg_gen_ext32s_tl(s->T0, s->T0);
- tcg_gen_sari_tl(s->T0, s->T0, 31);
- gen_op_mov_reg_v(s, MO_32, R_EDX, s->T0);
- break;
- case MO_16:
- gen_op_mov_v_reg(s, MO_16, s->T0, R_EAX);
- tcg_gen_ext16s_tl(s->T0, s->T0);
- tcg_gen_sari_tl(s->T0, s->T0, 15);
- gen_op_mov_reg_v(s, MO_16, R_EDX, s->T0);
- break;
- default:
- g_assert_not_reached();
- }
- break;
case 0x1af: /* imul Gv, Ev */
- case 0x69: /* imul Gv, Ev, I */
- case 0x6b:
ot = dflag;
modrm = x86_ldub_code(env, s);
reg = ((modrm >> 3) & 7) | REX_R(s);
@@ -4008,53 +3819,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
/**************************/
/* push/pop */
- case 0x50 ... 0x57: /* push */
- gen_op_mov_v_reg(s, MO_32, s->T0, (b & 7) | REX_B(s));
- gen_push_v(s, s->T0);
- break;
- case 0x58 ... 0x5f: /* pop */
- ot = gen_pop_T0(s);
- /* NOTE: order is important for pop %sp */
- gen_pop_update(s, ot);
- gen_op_mov_reg_v(s, ot, (b & 7) | REX_B(s), s->T0);
- break;
- case 0x60: /* pusha */
- if (CODE64(s))
- goto illegal_op;
- gen_pusha(s);
- break;
- case 0x61: /* popa */
- if (CODE64(s))
- goto illegal_op;
- gen_popa(s);
- break;
- case 0x68: /* push Iv */
- case 0x6a:
- ot = mo_pushpop(s, dflag);
- if (b == 0x68)
- val = insn_get(env, s, ot);
- else
- val = (int8_t)insn_get(env, s, MO_8);
- tcg_gen_movi_tl(s->T0, val);
- gen_push_v(s, s->T0);
- break;
- case 0x8f: /* pop Ev */
- modrm = x86_ldub_code(env, s);
- mod = (modrm >> 6) & 3;
- ot = gen_pop_T0(s);
- if (mod == 3) {
- /* NOTE: order is important for pop %sp */
- gen_pop_update(s, ot);
- rm = (modrm & 7) | REX_B(s);
- gen_op_mov_reg_v(s, ot, rm, s->T0);
- } else {
- /* NOTE: order is important too for MMU exceptions */
- s->popl_esp_hack = 1 << ot;
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
- s->popl_esp_hack = 0;
- gen_pop_update(s, ot);
- }
- break;
case 0xc8: /* enter */
{
int level;
@@ -4066,30 +3830,11 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
case 0xc9: /* leave */
gen_leave(s);
break;
- case 0x06: /* push es */
- case 0x0e: /* push cs */
- case 0x16: /* push ss */
- case 0x1e: /* push ds */
- if (CODE64(s))
- goto illegal_op;
- gen_op_movl_T0_seg(s, b >> 3);
- gen_push_v(s, s->T0);
- break;
case 0x1a0: /* push fs */
case 0x1a8: /* push gs */
gen_op_movl_T0_seg(s, (b >> 3) & 7);
gen_push_v(s, s->T0);
break;
- case 0x07: /* pop es */
- case 0x17: /* pop ss */
- case 0x1f: /* pop ds */
- if (CODE64(s))
- goto illegal_op;
- reg = b >> 3;
- ot = gen_pop_T0(s);
- gen_movl_seg_T0(s, reg);
- gen_pop_update(s, ot);
- break;
case 0x1a1: /* pop fs */
case 0x1a9: /* pop gs */
ot = gen_pop_T0(s);
@@ -4099,15 +3844,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
/**************************/
/* mov */
- case 0x88:
- case 0x89: /* mov Gv, Ev */
- ot = mo_b_d(b, dflag);
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
-
- /* generate a generic store */
- gen_ldst_modrm(env, s, modrm, ot, reg, 1);
- break;
case 0xc6:
case 0xc7: /* mov Ev, Iv */
ot = mo_b_d(b, dflag);
@@ -4125,33 +3861,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
gen_op_mov_reg_v(s, ot, (modrm & 7) | REX_B(s), s->T0);
}
break;
- case 0x8a:
- case 0x8b: /* mov Ev, Gv */
- ot = mo_b_d(b, dflag);
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
-
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
- gen_op_mov_reg_v(s, ot, reg, s->T0);
- break;
- case 0x8e: /* mov seg, Gv */
- modrm = x86_ldub_code(env, s);
- reg = (modrm >> 3) & 7;
- if (reg >= 6 || reg == R_CS)
- goto illegal_op;
- gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
- gen_movl_seg_T0(s, reg);
- break;
- case 0x8c: /* mov Gv, seg */
- modrm = x86_ldub_code(env, s);
- reg = (modrm >> 3) & 7;
- mod = (modrm >> 6) & 3;
- if (reg >= 6)
- goto illegal_op;
- gen_op_movl_T0_seg(s, reg);
- ot = mod == 3 ? dflag : MO_16;
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
- break;
case 0x1b6: /* movzbS Gv, Eb */
case 0x1b7: /* movzwS Gv, Eb */
@@ -4203,40 +3912,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
}
break;
- case 0x8d: /* lea */
- modrm = x86_ldub_code(env, s);
- mod = (modrm >> 6) & 3;
- if (mod == 3)
- goto illegal_op;
- reg = ((modrm >> 3) & 7) | REX_R(s);
- {
- AddressParts a = gen_lea_modrm_0(env, s, modrm);
- TCGv ea = gen_lea_modrm_1(s, a, false);
- gen_lea_v_seg(s, s->aflag, ea, -1, -1);
- gen_op_mov_reg_v(s, dflag, reg, s->A0);
- }
- break;
-
- case 0xa0: /* mov EAX, Ov */
- case 0xa1:
- case 0xa2: /* mov Ov, EAX */
- case 0xa3:
- {
- target_ulong offset_addr;
-
- ot = mo_b_d(b, dflag);
- offset_addr = insn_get_addr(env, s, s->aflag);
- tcg_gen_movi_tl(s->A0, offset_addr);
- gen_add_A0_ds_seg(s);
- if ((b & 2) == 0) {
- gen_op_ld_v(s, ot, s->T0, s->A0);
- gen_op_mov_reg_v(s, ot, R_EAX, s->T0);
- } else {
- gen_op_mov_v_reg(s, ot, s->T0, R_EAX);
- gen_op_st_v(s, ot, s->T0, s->A0);
- }
- }
- break;
case 0xd7: /* xlat */
tcg_gen_mov_tl(s->A0, cpu_regs[R_EBX]);
tcg_gen_ext8u_tl(s->T0, cpu_regs[R_EAX]);
@@ -4246,59 +3921,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
gen_op_ld_v(s, MO_8, s->T0, s->A0);
gen_op_mov_reg_v(s, MO_8, R_EAX, s->T0);
break;
- case 0xb0 ... 0xb7: /* mov R, Ib */
- val = insn_get(env, s, MO_8);
- tcg_gen_movi_tl(s->T0, val);
- gen_op_mov_reg_v(s, MO_8, (b & 7) | REX_B(s), s->T0);
- break;
- case 0xb8 ... 0xbf: /* mov R, Iv */
-#ifdef TARGET_X86_64
- if (dflag == MO_64) {
- uint64_t tmp;
- /* 64 bit case */
- tmp = x86_ldq_code(env, s);
- reg = (b & 7) | REX_B(s);
- tcg_gen_movi_tl(s->T0, tmp);
- gen_op_mov_reg_v(s, MO_64, reg, s->T0);
- } else
-#endif
- {
- ot = dflag;
- val = insn_get(env, s, ot);
- reg = (b & 7) | REX_B(s);
- tcg_gen_movi_tl(s->T0, val);
- gen_op_mov_reg_v(s, ot, reg, s->T0);
- }
- break;
-
- case 0x91 ... 0x97: /* xchg R, EAX */
- do_xchg_reg_eax:
- ot = dflag;
- reg = (b & 7) | REX_B(s);
- rm = R_EAX;
- goto do_xchg_reg;
- case 0x86:
- case 0x87: /* xchg Ev, Gv */
- ot = mo_b_d(b, dflag);
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
- mod = (modrm >> 6) & 3;
- if (mod == 3) {
- rm = (modrm & 7) | REX_B(s);
- do_xchg_reg:
- gen_op_mov_v_reg(s, ot, s->T0, reg);
- gen_op_mov_v_reg(s, ot, s->T1, rm);
- gen_op_mov_reg_v(s, ot, rm, s->T0);
- gen_op_mov_reg_v(s, ot, reg, s->T1);
- } else {
- gen_lea_modrm(env, s, modrm);
- gen_op_mov_v_reg(s, ot, s->T0, reg);
- /* for xchg, lock is implicit */
- tcg_gen_atomic_xchg_tl(s->T1, s->A0, s->T0,
- s->mem_index, ot | MO_LE);
- gen_op_mov_reg_v(s, ot, reg, s->T1);
- }
- break;
case 0xc4: /* les Gv */
/* In CODE64 this is VEX3; see above. */
op = R_ES;
@@ -4973,91 +4595,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
}
}
break;
- /************************/
- /* string ops */
-
- case 0xa4: /* movsS */
- case 0xa5:
- ot = mo_b_d(b, dflag);
- if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
- gen_repz_movs(s, ot);
- } else {
- gen_movs(s, ot);
- }
- break;
-
- case 0xaa: /* stosS */
- case 0xab:
- ot = mo_b_d(b, dflag);
- if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
- gen_repz_stos(s, ot);
- } else {
- gen_stos(s, ot);
- }
- break;
- case 0xac: /* lodsS */
- case 0xad:
- ot = mo_b_d(b, dflag);
- if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
- gen_repz_lods(s, ot);
- } else {
- gen_lods(s, ot);
- }
- break;
- case 0xae: /* scasS */
- case 0xaf:
- ot = mo_b_d(b, dflag);
- if (prefixes & PREFIX_REPNZ) {
- gen_repz_scas(s, ot, 1);
- } else if (prefixes & PREFIX_REPZ) {
- gen_repz_scas(s, ot, 0);
- } else {
- gen_scas(s, ot);
- }
- break;
-
- case 0xa6: /* cmpsS */
- case 0xa7:
- ot = mo_b_d(b, dflag);
- if (prefixes & PREFIX_REPNZ) {
- gen_repz_cmps(s, ot, 1);
- } else if (prefixes & PREFIX_REPZ) {
- gen_repz_cmps(s, ot, 0);
- } else {
- gen_cmps(s, ot);
- }
- break;
- case 0x6c: /* insS */
- case 0x6d:
- ot = mo_b_d32(b, dflag);
- tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_EDX]);
- tcg_gen_ext16u_i32(s->tmp2_i32, s->tmp2_i32);
- if (!gen_check_io(s, ot, s->tmp2_i32,
- SVM_IOIO_TYPE_MASK | SVM_IOIO_STR_MASK)) {
- break;
- }
- translator_io_start(&s->base);
- if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
- gen_repz_ins(s, ot);
- } else {
- gen_ins(s, ot);
- }
- break;
- case 0x6e: /* outsS */
- case 0x6f:
- ot = mo_b_d32(b, dflag);
- tcg_gen_trunc_tl_i32(s->tmp2_i32, cpu_regs[R_EDX]);
- tcg_gen_ext16u_i32(s->tmp2_i32, s->tmp2_i32);
- if (!gen_check_io(s, ot, s->tmp2_i32, SVM_IOIO_STR_MASK)) {
- break;
- }
- translator_io_start(&s->base);
- if (prefixes & (PREFIX_REPZ | PREFIX_REPNZ)) {
- gen_repz_outs(s, ot);
- } else {
- gen_outs(s, ot);
- }
- break;
/************************/
/* port I/O */
@@ -5188,21 +4725,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
gen_jmp_rel(s, dflag, diff, 0);
}
break;
- case 0x9a: /* lcall im */
- {
- unsigned int selector, offset;
-
- if (CODE64(s))
- goto illegal_op;
- ot = dflag;
- offset = insn_get(env, s, ot);
- selector = insn_get(env, s, MO_16);
-
- tcg_gen_movi_tl(s->T0, selector);
- tcg_gen_movi_tl(s->T1, offset);
- }
- gen_far_call(s);
- break;
case 0xe9: /* jmp im */
{
int diff = (dflag != MO_16
@@ -5232,89 +4754,9 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
gen_jmp_rel(s, dflag, diff, 0);
}
break;
- case 0x70 ... 0x7f: /* jcc Jb */
- {
- int diff = (int8_t)insn_get(env, s, MO_8);
- gen_bnd_jmp(s);
- gen_jcc(s, b, diff);
- }
- break;
- case 0x180 ... 0x18f: /* jcc Jv */
- {
- int diff = (dflag != MO_16
- ? (int32_t)insn_get(env, s, MO_32)
- : (int16_t)insn_get(env, s, MO_16));
- gen_bnd_jmp(s);
- gen_jcc(s, b, diff);
- }
- break;
-
- case 0x190 ... 0x19f: /* setcc Gv */
- modrm = x86_ldub_code(env, s);
- gen_setcc1(s, b, s->T0);
- gen_ldst_modrm(env, s, modrm, MO_8, OR_TMP0, 1);
- break;
- case 0x140 ... 0x14f: /* cmov Gv, Ev */
- if (!(s->cpuid_features & CPUID_CMOV)) {
- goto illegal_op;
- }
- ot = dflag;
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
- gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
- gen_cmovcc1(s, b ^ 1, s->T0, cpu_regs[reg]);
- gen_op_mov_reg_v(s, ot, reg, s->T0);
- break;
/************************/
/* flags */
- case 0x9c: /* pushf */
- gen_svm_check_intercept(s, SVM_EXIT_PUSHF);
- if (check_vm86_iopl(s)) {
- gen_update_cc_op(s);
- gen_helper_read_eflags(s->T0, tcg_env);
- gen_push_v(s, s->T0);
- }
- break;
- case 0x9d: /* popf */
- gen_svm_check_intercept(s, SVM_EXIT_POPF);
- if (check_vm86_iopl(s)) {
- int mask = TF_MASK | AC_MASK | ID_MASK | NT_MASK;
-
- if (CPL(s) == 0) {
- mask |= IF_MASK | IOPL_MASK;
- } else if (CPL(s) <= IOPL(s)) {
- mask |= IF_MASK;
- }
- if (dflag == MO_16) {
- mask &= 0xffff;
- }
-
- ot = gen_pop_T0(s);
- gen_helper_write_eflags(tcg_env, s->T0, tcg_constant_i32(mask));
- gen_pop_update(s, ot);
- set_cc_op(s, CC_OP_EFLAGS);
- /* abort translation because TF/AC flag may change */
- s->base.is_jmp = DISAS_EOB_NEXT;
- }
- break;
- case 0x9e: /* sahf */
- if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM))
- goto illegal_op;
- tcg_gen_shri_tl(s->T0, cpu_regs[R_EAX], 8);
- gen_compute_eflags(s);
- tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, CC_O);
- tcg_gen_andi_tl(s->T0, s->T0, CC_S | CC_Z | CC_A | CC_P | CC_C);
- tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, s->T0);
- break;
- case 0x9f: /* lahf */
- if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM))
- goto illegal_op;
- gen_compute_eflags(s);
- /* Note: gen_compute_eflags() only gives the condition codes */
- tcg_gen_ori_tl(s->T0, cpu_cc_src, 0x02);
- tcg_gen_deposit_tl(cpu_regs[R_EAX], cpu_regs[R_EAX], s->T0, 8, 8);
- break;
case 0xf5: /* cmc */
gen_compute_eflags(s);
tcg_gen_xori_tl(cpu_cc_src, cpu_cc_src, CC_C);
@@ -5527,34 +4969,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
break;
/************************/
/* bcd */
- case 0x27: /* daa */
- if (CODE64(s))
- goto illegal_op;
- gen_update_cc_op(s);
- gen_helper_daa(tcg_env);
- set_cc_op(s, CC_OP_EFLAGS);
- break;
- case 0x2f: /* das */
- if (CODE64(s))
- goto illegal_op;
- gen_update_cc_op(s);
- gen_helper_das(tcg_env);
- set_cc_op(s, CC_OP_EFLAGS);
- break;
- case 0x37: /* aaa */
- if (CODE64(s))
- goto illegal_op;
- gen_update_cc_op(s);
- gen_helper_aaa(tcg_env);
- set_cc_op(s, CC_OP_EFLAGS);
- break;
- case 0x3f: /* aas */
- if (CODE64(s))
- goto illegal_op;
- gen_update_cc_op(s);
- gen_helper_aas(tcg_env);
- set_cc_op(s, CC_OP_EFLAGS);
- break;
case 0xd4: /* aam */
if (CODE64(s))
goto illegal_op;
@@ -5575,32 +4989,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
break;
/************************/
/* misc */
- case 0x90: /* nop */
- /* XXX: correct lock test for all insn */
- if (prefixes & PREFIX_LOCK) {
- goto illegal_op;
- }
- /* If REX_B is set, then this is xchg eax, r8d, not a nop. */
- if (REX_B(s)) {
- goto do_xchg_reg_eax;
- }
- if (prefixes & PREFIX_REPZ) {
- gen_update_cc_op(s);
- gen_update_eip_cur(s);
- gen_helper_pause(tcg_env, cur_insn_len_i32(s));
- s->base.is_jmp = DISAS_NORETURN;
- }
- break;
- case 0x9b: /* fwait */
- if ((s->flags & (HF_MP_MASK | HF_TS_MASK)) ==
- (HF_MP_MASK | HF_TS_MASK)) {
- gen_exception(s, EXCP07_PREX);
- } else {
- /* needs to be treated as I/O because of ferr_irq */
- translator_io_start(&s->base);
- gen_helper_fwait(tcg_env);
- }
- break;
case 0xcc: /* int3 */
gen_interrupt(s, EXCP03_INT3);
break;
@@ -5636,24 +5024,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
gen_eob_inhibit_irq(s, true);
}
break;
- case 0x62: /* bound */
- if (CODE64(s))
- goto illegal_op;
- ot = dflag;
- modrm = x86_ldub_code(env, s);
- reg = (modrm >> 3) & 7;
- mod = (modrm >> 6) & 3;
- if (mod == 3)
- goto illegal_op;
- gen_op_mov_v_reg(s, ot, s->T0, reg);
- gen_lea_modrm(env, s, modrm);
- tcg_gen_trunc_tl_i32(s->tmp2_i32, s->T0);
- if (ot == MO_16) {
- gen_helper_boundw(tcg_env, s->A0, s->tmp2_i32);
- } else {
- gen_helper_boundl(tcg_env, s->A0, s->tmp2_i32);
- }
- break;
case 0x1c8 ... 0x1cf: /* bswap reg */
reg = (b & 7) | REX_B(s);
#ifdef TARGET_X86_64
@@ -6205,72 +5575,6 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
/* nothing to do */
}
break;
- case 0x63: /* arpl or movslS (x86_64) */
-#ifdef TARGET_X86_64
- if (CODE64(s)) {
- int d_ot;
- /* d_ot is the size of destination */
- d_ot = dflag;
-
- modrm = x86_ldub_code(env, s);
- reg = ((modrm >> 3) & 7) | REX_R(s);
- mod = (modrm >> 6) & 3;
- rm = (modrm & 7) | REX_B(s);
-
- if (mod == 3) {
- gen_op_mov_v_reg(s, MO_32, s->T0, rm);
- /* sign extend */
- if (d_ot == MO_64) {
- tcg_gen_ext32s_tl(s->T0, s->T0);
- }
- gen_op_mov_reg_v(s, d_ot, reg, s->T0);
- } else {
- gen_lea_modrm(env, s, modrm);
- gen_op_ld_v(s, MO_32 | MO_SIGN, s->T0, s->A0);
- gen_op_mov_reg_v(s, d_ot, reg, s->T0);
- }
- } else
-#endif
- {
- TCGLabel *label1;
- TCGv t0, t1, t2;
-
- if (!PE(s) || VM86(s))
- goto illegal_op;
- t0 = tcg_temp_new();
- t1 = tcg_temp_new();
- t2 = tcg_temp_new();
- ot = MO_16;
- modrm = x86_ldub_code(env, s);
- reg = (modrm >> 3) & 7;
- mod = (modrm >> 6) & 3;
- rm = modrm & 7;
- if (mod != 3) {
- gen_lea_modrm(env, s, modrm);
- gen_op_ld_v(s, ot, t0, s->A0);
- } else {
- gen_op_mov_v_reg(s, ot, t0, rm);
- }
- gen_op_mov_v_reg(s, ot, t1, reg);
- tcg_gen_andi_tl(s->tmp0, t0, 3);
- tcg_gen_andi_tl(t1, t1, 3);
- tcg_gen_movi_tl(t2, 0);
- label1 = gen_new_label();
- tcg_gen_brcond_tl(TCG_COND_GE, s->tmp0, t1, label1);
- tcg_gen_andi_tl(t0, t0, ~3);
- tcg_gen_or_tl(t0, t0, t1);
- tcg_gen_movi_tl(t2, CC_Z);
- gen_set_label(label1);
- if (mod != 3) {
- gen_op_st_v(s, ot, t0, s->A0);
- } else {
- gen_op_mov_reg_v(s, ot, rm, t0);
- }
- gen_compute_eflags(s);
- tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, ~CC_Z);
- tcg_gen_or_tl(cpu_cc_src, cpu_cc_src, t2);
- }
- break;
case 0x102: /* lar */
case 0x103: /* lsl */
{
@@ -6851,11 +6155,10 @@ static bool disas_insn(DisasContext *s, CPUState *cpu)
set_cc_op(s, CC_OP_POPCNT);
break;
+ case 0 ... 0xbf:
case 0x10e ... 0x117:
case 0x128 ... 0x12f:
- case 0x138 ... 0x13a:
- case 0x150 ... 0x179:
- case 0x17c ... 0x17f:
+ case 0x138 ... 0x19f:
case 0x1c2:
case 0x1c4 ... 0x1c6:
case 0x1d0 ... 0x1fe:
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* [PATCH 18/18] target/i386: remove gen_op
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
` (16 preceding siblings ...)
2023-10-14 10:01 ` [PATCH 17/18] target/i386: remove now converted opcodes from old decoder Paolo Bonzini
@ 2023-10-14 10:01 ` Paolo Bonzini
2023-10-18 1:36 ` Richard Henderson
17 siblings, 1 reply; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-14 10:01 UTC (permalink / raw)
To: qemu-devel
It is not used anymore by the old decoder, inline the CMP case into CMPS and SCAS.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/tcg/translate.c | 145 +++---------------------------------
1 file changed, 12 insertions(+), 133 deletions(-)
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 6e091fdb7f6..3d5cdf4d29a 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -238,21 +238,8 @@ static void gen_eob(DisasContext *s);
static void gen_jr(DisasContext *s);
static void gen_jmp_rel(DisasContext *s, MemOp ot, int diff, int tb_num);
static void gen_jmp_rel_csize(DisasContext *s, int diff, int tb_num);
-static void gen_op(DisasContext *s1, int op, MemOp ot, int d);
static void gen_exception_gpf(DisasContext *s);
-/* i386 arith/logic operations */
-enum {
- OP_ADDL,
- OP_ORL,
- OP_ADCL,
- OP_SBBL,
- OP_ANDL,
- OP_SUBL,
- OP_XORL,
- OP_CMPL,
-};
-
/* i386 shift ops */
enum {
OP_ROL,
@@ -853,13 +840,6 @@ static void gen_op_update2_cc(DisasContext *s)
tcg_gen_mov_tl(cpu_cc_dst, s->T0);
}
-static void gen_op_update3_cc(DisasContext *s, TCGv reg)
-{
- tcg_gen_mov_tl(cpu_cc_src2, reg);
- tcg_gen_mov_tl(cpu_cc_src, s->T1);
- tcg_gen_mov_tl(cpu_cc_dst, s->T0);
-}
-
static inline void gen_op_testl_T0_T1_cc(DisasContext *s)
{
tcg_gen_and_tl(cpu_cc_dst, s->T0, s->T1);
@@ -1288,7 +1268,12 @@ static void gen_scas(DisasContext *s, MemOp ot)
{
gen_string_movl_A0_EDI(s);
gen_op_ld_v(s, ot, s->T1, s->A0);
- gen_op(s, OP_CMPL, ot, R_EAX);
+ gen_op_mov_v_reg(s, ot, s->T0, R_EAX);
+ tcg_gen_mov_tl(cpu_cc_src, s->T1);
+ tcg_gen_mov_tl(s->cc_srcT, s->T0);
+ tcg_gen_sub_tl(cpu_cc_dst, s->T0, s->T1);
+ set_cc_op(s, CC_OP_SUBB + ot);
+
gen_op_movl_T0_Dshift(s, ot);
gen_op_add_reg_T0(s, s->aflag, R_EDI);
}
@@ -1298,7 +1283,12 @@ static void gen_cmps(DisasContext *s, MemOp ot)
gen_string_movl_A0_EDI(s);
gen_op_ld_v(s, ot, s->T1, s->A0);
gen_string_movl_A0_ESI(s);
- gen_op(s, OP_CMPL, ot, OR_TMP0);
+ gen_op_ld_v(s, ot, s->T0, s->A0);
+ tcg_gen_mov_tl(cpu_cc_src, s->T1);
+ tcg_gen_mov_tl(s->cc_srcT, s->T0);
+ tcg_gen_sub_tl(cpu_cc_dst, s->T0, s->T1);
+ set_cc_op(s, CC_OP_SUBB + ot);
+
gen_op_movl_T0_Dshift(s, ot);
gen_op_add_reg_T0(s, s->aflag, R_ESI);
gen_op_add_reg_T0(s, s->aflag, R_EDI);
@@ -1506,117 +1496,6 @@ static bool check_iopl(DisasContext *s)
return false;
}
-/* if d == OR_TMP0, it means memory operand (address in A0) */
-static void gen_op(DisasContext *s1, int op, MemOp ot, int d)
-{
- if (d != OR_TMP0) {
- if (s1->prefix & PREFIX_LOCK) {
- /* Lock prefix when destination is not memory. */
- gen_illegal_opcode(s1);
- return;
- }
- gen_op_mov_v_reg(s1, ot, s1->T0, d);
- } else if (!(s1->prefix & PREFIX_LOCK)) {
- gen_op_ld_v(s1, ot, s1->T0, s1->A0);
- }
- switch(op) {
- case OP_ADCL:
- gen_compute_eflags_c(s1, s1->tmp4);
- if (s1->prefix & PREFIX_LOCK) {
- tcg_gen_add_tl(s1->T0, s1->tmp4, s1->T1);
- tcg_gen_atomic_add_fetch_tl(s1->T0, s1->A0, s1->T0,
- s1->mem_index, ot | MO_LE);
- } else {
- tcg_gen_add_tl(s1->T0, s1->T0, s1->T1);
- tcg_gen_add_tl(s1->T0, s1->T0, s1->tmp4);
- gen_op_st_rm_T0_A0(s1, ot, d);
- }
- gen_op_update3_cc(s1, s1->tmp4);
- set_cc_op(s1, CC_OP_ADCB + ot);
- break;
- case OP_SBBL:
- gen_compute_eflags_c(s1, s1->tmp4);
- if (s1->prefix & PREFIX_LOCK) {
- tcg_gen_add_tl(s1->T0, s1->T1, s1->tmp4);
- tcg_gen_neg_tl(s1->T0, s1->T0);
- tcg_gen_atomic_add_fetch_tl(s1->T0, s1->A0, s1->T0,
- s1->mem_index, ot | MO_LE);
- } else {
- tcg_gen_sub_tl(s1->T0, s1->T0, s1->T1);
- tcg_gen_sub_tl(s1->T0, s1->T0, s1->tmp4);
- gen_op_st_rm_T0_A0(s1, ot, d);
- }
- gen_op_update3_cc(s1, s1->tmp4);
- set_cc_op(s1, CC_OP_SBBB + ot);
- break;
- case OP_ADDL:
- if (s1->prefix & PREFIX_LOCK) {
- tcg_gen_atomic_add_fetch_tl(s1->T0, s1->A0, s1->T1,
- s1->mem_index, ot | MO_LE);
- } else {
- tcg_gen_add_tl(s1->T0, s1->T0, s1->T1);
- gen_op_st_rm_T0_A0(s1, ot, d);
- }
- gen_op_update2_cc(s1);
- set_cc_op(s1, CC_OP_ADDB + ot);
- break;
- case OP_SUBL:
- if (s1->prefix & PREFIX_LOCK) {
- tcg_gen_neg_tl(s1->T0, s1->T1);
- tcg_gen_atomic_fetch_add_tl(s1->cc_srcT, s1->A0, s1->T0,
- s1->mem_index, ot | MO_LE);
- tcg_gen_sub_tl(s1->T0, s1->cc_srcT, s1->T1);
- } else {
- tcg_gen_mov_tl(s1->cc_srcT, s1->T0);
- tcg_gen_sub_tl(s1->T0, s1->T0, s1->T1);
- gen_op_st_rm_T0_A0(s1, ot, d);
- }
- gen_op_update2_cc(s1);
- set_cc_op(s1, CC_OP_SUBB + ot);
- break;
- default:
- case OP_ANDL:
- if (s1->prefix & PREFIX_LOCK) {
- tcg_gen_atomic_and_fetch_tl(s1->T0, s1->A0, s1->T1,
- s1->mem_index, ot | MO_LE);
- } else {
- tcg_gen_and_tl(s1->T0, s1->T0, s1->T1);
- gen_op_st_rm_T0_A0(s1, ot, d);
- }
- gen_op_update1_cc(s1);
- set_cc_op(s1, CC_OP_LOGICB + ot);
- break;
- case OP_ORL:
- if (s1->prefix & PREFIX_LOCK) {
- tcg_gen_atomic_or_fetch_tl(s1->T0, s1->A0, s1->T1,
- s1->mem_index, ot | MO_LE);
- } else {
- tcg_gen_or_tl(s1->T0, s1->T0, s1->T1);
- gen_op_st_rm_T0_A0(s1, ot, d);
- }
- gen_op_update1_cc(s1);
- set_cc_op(s1, CC_OP_LOGICB + ot);
- break;
- case OP_XORL:
- if (s1->prefix & PREFIX_LOCK) {
- tcg_gen_atomic_xor_fetch_tl(s1->T0, s1->A0, s1->T1,
- s1->mem_index, ot | MO_LE);
- } else {
- tcg_gen_xor_tl(s1->T0, s1->T0, s1->T1);
- gen_op_st_rm_T0_A0(s1, ot, d);
- }
- gen_op_update1_cc(s1);
- set_cc_op(s1, CC_OP_LOGICB + ot);
- break;
- case OP_CMPL:
- tcg_gen_mov_tl(cpu_cc_src, s1->T1);
- tcg_gen_mov_tl(s1->cc_srcT, s1->T0);
- tcg_gen_sub_tl(cpu_cc_dst, s1->T0, s1->T1);
- set_cc_op(s1, CC_OP_SUBB + ot);
- break;
- }
-}
-
/* if d == OR_TMP0, it means memory operand (address in A0) */
static void gen_inc(DisasContext *s1, MemOp ot, int d, int c)
{
--
2.41.0
^ permalink raw reply related [flat|nested] 36+ messages in thread
* Re: [PATCH 07/18] target/i386: introduce flags writeback mechanism
2023-10-14 10:01 ` [PATCH 07/18] target/i386: introduce flags writeback mechanism Paolo Bonzini
@ 2023-10-14 16:06 ` Richard Henderson
2023-10-15 14:51 ` Paolo Bonzini
0 siblings, 1 reply; 36+ messages in thread
From: Richard Henderson @ 2023-10-14 16:06 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> +static void prepare_update1_cc(X86DecodedInsn *decode, DisasContext *s, CCOp op)
> +{
> + decode->cc_dst = s->T0;
> + set_cc_op(s, op);
> +}
You must delay the set_cc_op() until the end too, for the same reason. The function call
will emit discard opcodes, which will kill cc_foo while still live via the memory exception.
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 07/18] target/i386: introduce flags writeback mechanism
2023-10-14 16:06 ` Richard Henderson
@ 2023-10-15 14:51 ` Paolo Bonzini
0 siblings, 0 replies; 36+ messages in thread
From: Paolo Bonzini @ 2023-10-15 14:51 UTC (permalink / raw)
To: Richard Henderson; +Cc: qemu-devel
[-- Attachment #1: Type: text/plain, Size: 816 bytes --]
On Sat, Oct 14, 2023 at 6:06 PM Richard Henderson <
richard.henderson@linaro.org> wrote:
>
> On 10/14/23 03:01, Paolo Bonzini wrote:
> > +static void prepare_update1_cc(X86DecodedInsn *decode, DisasContext
*s, CCOp op)
> > +{
> > + decode->cc_dst = s->T0;
> > + set_cc_op(s, op);
> > +}
>
> You must delay the set_cc_op() until the end too, for the same reason.
The function call
> will emit discard opcodes, which will kill cc_foo while still live via
the memory exception.
Right, that can affect previous instructions due to dead code elimination.
I even wrote part of that code. :)
Since I have to add decode->cc_op, I'll add CC_OP_DYNAMIC handling as well,
and
assert that everything is NULL if the gen_* function didn't touch
decode->cc_op.
Thanks!
Paolo
>
>
> r~
>
[-- Attachment #2: Type: text/html, Size: 1119 bytes --]
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 01/18] target/i386: group common checks in the decoding phase
2023-10-14 10:01 ` [PATCH 01/18] target/i386: group common checks in the decoding phase Paolo Bonzini
@ 2023-10-18 1:23 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-18 1:23 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> @@ -224,6 +233,8 @@ struct X86OpEntry {
> unsigned vex_class:8;
> X86VEXSpecial vex_special:8;
> uint16_t valid_prefix:16;
> + uint8_t check:8;
> + uint8_t intercept:8;
> bool is_decode:1;
> };
Unless you have a good reason otherwise, use "unsigned" with bit fields. In this case,
'uint8_t' is really 'unsigned char', and so gdb will print the ascii by defailt.
Otherwise,
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 02/18] target/i386: validate VEX.W for AVX instructions
2023-10-14 10:01 ` [PATCH 02/18] target/i386: validate VEX.W for AVX instructions Paolo Bonzini
@ 2023-10-18 1:24 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-18 1:24 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> Instructions in VEX exception class 6 generally look at the value of
> VEX.W. Note that the manual places some instructions incorrectly in
> class 4, for example VPERMQ which has no non-VEX encoding and no legacy
> SSE analogue. AMD does a mess of its own, as documented in the comment
> that this patch adds.
>
> Most of them are checked for VEX.W=0, and are listed in the manual
> (though with an omission) in table 2-16; VPERMQ and VPERMPD check for
> VEX.W=1, which is only listed in the instruction description. Others,
> such as VPSRLV, VPSLLV and the FMA3 instructions, use VEX.W to switch
> between a 32-bit and 64-bit operation.
>
> Fix more of the class 4/class 6 mismatches, and implement the check for
> VEX.W in TCG.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/decode-new.c.inc | 133 +++++++++++++++++++++----------
> target/i386/tcg/decode-new.h | 6 ++
> 2 files changed, 99 insertions(+), 40 deletions(-)
>
> diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
> index 790339eaf25..850271e0898 100644
> --- a/target/i386/tcg/decode-new.c.inc
> +++ b/target/i386/tcg/decode-new.c.inc
> @@ -43,6 +43,47 @@
> * There are a couple cases in which instructions (e.g. MOVD) write the
> * whole XMM or MM register but are established incorrectly in the manual
> * as "d" or "q". These have to be fixed for the decoder to work correctly.
> + *
> + * Speaking about imprecisions in the manual, the decoder treats all
> + * exception-class 4 instructions as having an optional VEX prefix, and
> + * all exception-class 6 instructions as having a mandatory VEX prefix.
> + * This is true except for a dozen instructions; these are in exception
> + * class 4 but do not ignore the VEX.W bit (which does not even exist
> + * without a VEX prefix). These instructions are mostly listed in Intel's
> + * table 2-16, but with a few exceptions.
> + *
> + * The AMD manual has more precise subclasses for exceptions, and unlike Intel
> + * they list the VEX.W requirements in the exception classes as well (except
> + * when they don't). AMD describes class 6 as "AVX Mixed Memory Argument"
> + * without defining what a mixed memory argument is, but still use 4 as the
> + * primary exception class... except when they don't.
> + *
> + * The summary is:
> + * Intel AMD VEX.W note
> + * -------------------------------------------------------------------
> + * vpblendd 4 4J 0
> + * vpblendvb 4 4E-X 0 (*)
> + * vpbroadcastq 6 6D 0 (+)
> + * vpermd/vpermps 4 4H 0 (§)
> + * vpermq/vpermpd 4 4H-1 1 (§)
> + * vpermilpd/vpermilps 4 6E 0 (^)
> + * vpmaskmovd 6 4K significant (^)
> + * vpsllv 4 4K significant
> + * vpsrav 4 4J 0
> + * vpsrlv 4 4K significant
> + * vtestps/vtestpd 4 4G 0
> + *
> + * (*) AMD lists VPBLENDVB as related to SSE4.1 PBLENDVB, which may
> + * explain why it is considered exception class 4. However,
> + * Intel says that VEX-only instructions should be in class 6...
> + *
> + * (+) Not found in Intel's table 2-16
> + *
> + * (§) 4H and 4H-1 do not mention VEX.W requirements, which are
> + * however present in the description of the instruction
> + *
> + * (^) these are the two cases in which Intel and AMD disagree on the
> + * primary exception class
Oof.
Acked-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 04/18] tests/tcg/i386: initialize more registers in test-avx
2023-10-14 10:01 ` [PATCH 04/18] tests/tcg/i386: initialize more registers in test-avx Paolo Bonzini
@ 2023-10-18 1:30 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-18 1:30 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> Some instructions use YMM0 implicitly, or use YMM9 as a read-modify-write
> register destination. Initialize those registers as well.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 06/18] target/i386: accept full MemOp in gen_ext_tl
2023-10-14 10:01 ` [PATCH 06/18] target/i386: accept full MemOp in gen_ext_tl Paolo Bonzini
@ 2023-10-18 1:32 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-18 1:32 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> Use MO_SIGN to indicate signed vs. unsigned extension, and filter out
> bits other than MO_SIGN and MO_SIZE.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/translate.c | 30 +++++++++++++++---------------
> 1 file changed, 15 insertions(+), 15 deletions(-)
>
> diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
> index 4f6f9fa7e52..d7d6c85877d 100644
> --- a/target/i386/tcg/translate.c
> +++ b/target/i386/tcg/translate.c
> @@ -699,18 +699,18 @@ static inline void gen_op_movl_T0_Dshift(DisasContext *s, MemOp ot)
> tcg_gen_shli_tl(s->T0, s->T0, ot);
> };
>
> -static TCGv gen_ext_tl(TCGv dst, TCGv src, MemOp size, bool sign)
> +static TCGv gen_ext_tl(TCGv dst, TCGv src, MemOp ot)
> {
> - switch (size) {
> + switch (ot & MO_SIZE) {
> case MO_8:
> - if (sign) {
> + if (ot & MO_SIGN) {
> tcg_gen_ext8s_tl(dst, src);
> } else {
> tcg_gen_ext8u_tl(dst, src);
> }
> return dst;
> case MO_16:
> - if (sign) {
> + if (ot & MO_SIGN) {
> tcg_gen_ext16s_tl(dst, src);
> } else {
> tcg_gen_ext16u_tl(dst, src);
A reminder yet again that I should make this generic -- we've several copies in the code
base...
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 09/18] target/i386: do not clobber A0 in POP translation
2023-10-14 10:01 ` [PATCH 09/18] target/i386: do not clobber A0 in POP translation Paolo Bonzini
@ 2023-10-18 1:33 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-18 1:33 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> The new decoder likes to compute the address in A0 very early, so the
> gen_lea_v_seg in gen_pop_T0 would clobber the address of the memory
> operand. Instead use T0 since it is already available and will be
> overwritten immediately after.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/translate.c | 34 ++++++++++++++++++++--------------
> 1 file changed, 20 insertions(+), 14 deletions(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 18/18] target/i386: remove gen_op
2023-10-14 10:01 ` [PATCH 18/18] target/i386: remove gen_op Paolo Bonzini
@ 2023-10-18 1:36 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-18 1:36 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> It is not used anymore by the old decoder, inline the CMP case into CMPS and SCAS.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/translate.c | 145 +++---------------------------------
> 1 file changed, 12 insertions(+), 133 deletions(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 03/18] target/i386: implement SHA instructions
2023-10-14 10:01 ` [PATCH 03/18] target/i386: implement SHA instructions Paolo Bonzini
@ 2023-10-19 0:25 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 0:25 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> The implementation was validated with OpenSSL and with the test vectors in
> https://github.com/rust-lang/stdarch/blob/master/crates/core_arch/src/x86/sha.rs.
>
> The instructions provide a ~25% improvement on hashing a 64 MiB file:
> runtime goes down from 1.8 seconds to 1.4 seconds; instruction count on
> the host goes down from 5.8 billion to 4.8 billion with slightly better
> IPC too. Good job Intel. ;)
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/cpu.c | 2 +-
> target/i386/ops_sse.h | 128 +++++++++++++++++++++++++++
> target/i386/tcg/decode-new.c.inc | 11 +++
> target/i386/tcg/decode-new.h | 1 +
> target/i386/tcg/emit.c.inc | 54 +++++++++++
> target/i386/tcg/ops_sse_header.h.inc | 14 +++
> 6 files changed, 209 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
I don't immediately see anything that could be shared with arm and riscv, to be abstracted
akin to include/crypto/aes-round.h. But there's probably something there somewhere.
Something for later...
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 08/18] target/i386: implement CMPccXADD
2023-10-14 10:01 ` [PATCH 08/18] target/i386: implement CMPccXADD Paolo Bonzini
@ 2023-10-19 1:59 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 1:59 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> +static void gen_CMPccXADD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
> +{
> + TCGv z_tl = tcg_constant_tl(0);
> + TCGLabel *label_top = gen_new_label();
> + TCGLabel *label_bottom = gen_new_label();
> + TCGv oldv = tcg_temp_new();
> + TCGv memv = tcg_temp_new();
> + TCGv newv = tcg_temp_new();
> + TCGv cmpv = tcg_temp_new();
> + TCGv tmp_cc = tcg_temp_new();
> +
> + TCGv cmp_lhs, cmp_rhs;
> + MemOp ot, ot_full;
> +
> + int jcc_op = (decode->b >> 1) & 7;
> + static const uint8_t cond[16] = {
TCGCond.
> + TCG_COND_NE, /* o, just test OF=1 */
> + TCG_COND_EQ, /* no, just test OF=0 */
> + TCG_COND_LTU, /* b */
> + TCG_COND_GEU, /* ae (nb) */
> + TCG_COND_EQ, /* z */
> + TCG_COND_NE, /* nz */
> + TCG_COND_LEU, /* be */
> + TCG_COND_GTU, /* a (nbe) */
> + TCG_COND_LT, /* s, compares result against 0 */
> + TCG_COND_GE, /* ns, compares result against 0 */
> + TCG_COND_NE, /* p, just test PF=1 */
> + TCG_COND_EQ, /* np, just test PF=0 */
> + TCG_COND_LT, /* l */
> + TCG_COND_GE, /* ge (nl) */
> + TCG_COND_LE, /* le */
> + TCG_COND_GT, /* g (nle) */
> + };
You don't need the full table here:
cond = cond_table[jcc_op];
if (decode->b & 1)
cond = tcg_invert_cond(cond)
> + /* Compute comparison result but do not clobber cc_* yet. */
> + switch (jcc_op) {
> + case JCC_O:
> + case JCC_P:
> + tcg_gen_sub_tl(s->T0, memv, cmpv);
> + gen_helper_cc_compute_all(tmp_cc, s->T0, cmpv, z_tl,
> + tcg_constant_i32(CC_OP_SUBB + ot));
> + decode->cc_src = tmp_cc;
> + set_cc_op(s, CC_OP_EFLAGS);
> +
> + tcg_gen_andi_tl(s->T0, tmp_cc, (jcc_op == JCC_O ? CC_O : CC_P));
> + cmp_lhs = s->T0, cmp_rhs = z_tl;
I'm not keen on the weight of the helper function within a cmpxchg loop.
I think you should compute these two cases explicitly:
JCC_O:
// Need operands sign-extended.
// cond_table[JCC_O] = TCG_COND_LT -- sign bit set.
tcg_gen_xor_tl(tmp, cmpv, memv);
tcg_gen_xor_tl(cmp_lhs, cmpv, s->T0);
tcg_gen_and_tl(cmp_lhs, cmp_lhs, tmp);
cmp_rhs = z_tl;
break;
JCC_P:
// cond_table[JCC_P] = TCG_COND_EQ -- even parity.
tcg_gen_ext8u_tl(cmp_lhs, s->T0);
tcg_gen_ctpop_tl(cmp_lhs, cmp_lhs);
tcg_gen_andi_tl(cmp_lhs, cmp_lhs, 1);
cmp_rhs = z_tl;
break;
> + cc_sub:
> + decode->cc_dst = s->T0;
> + decode->cc_src = cmpv;
> + decode->cc_srcT = memv;
> + set_cc_op(s, CC_OP_SUBB + ot);
> + break;
At which point this is common to all cases.
> + }
> +
> + /* Compute new value: if condition does not hold, just store back memv */
> + tcg_gen_add_tl(newv, memv, s->T1);
> + tcg_gen_movcond_tl(cond[decode->b & 15], newv, cmp_lhs, cmp_rhs, newv, memv);
> + tcg_gen_atomic_cmpxchg_tl(oldv, s->A0, memv, newv, s->mem_index, ot_full);
> +
> + /* Exit unconditionally if cmpxchg succeeded. */
> + tcg_gen_brcond_tl(TCG_COND_EQ, oldv, memv, label_bottom);
> +
> + /* Try again if there was actually a store to make. */
> + tcg_gen_brcond_tl(cond[decode->b & 15], cmp_lhs, cmp_rhs, label_top);
I'm tempted to have this unlikely case sync the pc and exit the tb.
This would restart the current instruction after testing for exit request.
But I suppose we have plenty of other places with unbounded cmpxchg loops...
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 11/18] target/i386: move 00-5F opcodes to new decoder
2023-10-14 10:01 ` [PATCH 11/18] target/i386: move 00-5F opcodes to new decoder Paolo Bonzini
@ 2023-10-19 3:24 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 3:24 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> + [0x28] = X86_OP_ENTRY2(SUB, E,b, G,b),
> + [0x29] = X86_OP_ENTRY2(SUB, E,v, G,v),
> + [0x2A] = X86_OP_ENTRY2(SUB, G,b, E,b),
> + [0x2B] = X86_OP_ENTRY2(SUB, G,v, E,v),
> + [0x2C] = X86_OP_ENTRY2(SUB, 0,b, I,b), /* AL, Ib */
> + [0x2D] = X86_OP_ENTRY2(SUB, 0,v, I,z), /* rAX, Iz */
> + [0x2E] = {},
> + [0x2F] = X86_OP_ENTRY0(DAS, chk(i64)),
> +
> + [0x38] = X86_OP_ENTRY2(SUB, E,b, G,b, nowb),
> + [0x39] = X86_OP_ENTRY2(SUB, E,v, G,v, nowb),
> + [0x3A] = X86_OP_ENTRY2(SUB, G,b, E,b, nowb),
> + [0x3B] = X86_OP_ENTRY2(SUB, G,v, E,v, nowb),
> + [0x3C] = X86_OP_ENTRY2(SUB, 0,b, I,b, nowb), /* AL, Ib */
> + [0x3D] = X86_OP_ENTRY2(SUB, 0,v, I,z, nowb), /* rAX, Iz */
> + [0x3E] = {},
> + [0x3F] = X86_OP_ENTRY0(AAS, chk(i64)),
...
> + case X86_SPECIAL_NoWriteback:
> + decode.op[0].unit = X86_OP_SKIP;
> + break;
...
> +static void gen_SUB(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
> +{
> + MemOp ot = decode->op[0].ot;
> +
> + if (s->prefix & PREFIX_LOCK) {
> + tcg_gen_neg_tl(s->T0, s->T1);
> + tcg_gen_atomic_fetch_add_tl(s->cc_srcT, s->A0, s->T0,
> + s->mem_index, ot | MO_LE);
> + tcg_gen_sub_tl(s->T0, s->cc_srcT, s->T1);
> + } else {
> + tcg_gen_mov_tl(s->cc_srcT, s->T0);
> + tcg_gen_sub_tl(s->T0, s->T0, s->T1);
> + }
> + prepare_update2_cc(decode, s, CC_OP_SUBB + ot);
> +}
Missing a check for CMP vs PREFIX_LOCK.
I'm not sure where the best place to put that.
Whether you use a chk bit or simply hard-code a check for (!lock || !skip).
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 12/18] target/i386: adjust decoding of J operand
2023-10-14 10:01 ` [PATCH 12/18] target/i386: adjust decoding of J operand Paolo Bonzini
@ 2023-10-19 3:25 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 3:25 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> gen_jcc() has been changed to accept a relative offset since the
> new decoder was written. Adjust the J operand, which is meant
> to be used with jump instructions such as gen_jcc(), to not
> include the program counter and to not truncate the result, as
> both operations are now performed by common code.
>
> The result is that J is now the same as the I operand.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 13/18] target/i386: split eflags computation out of gen_compute_eflags
2023-10-14 10:01 ` [PATCH 13/18] target/i386: split eflags computation out of gen_compute_eflags Paolo Bonzini
@ 2023-10-19 3:35 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 3:35 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> The new x86 decoder wants to compute EFLAGS before writeback, which
> can be an issue for some instructions such as ARPL. Extract code
> to compute the EFLAGS without clobbering CC_SRC, in case the ARPL
> memory write causes a fault.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/translate.c | 18 +++++++++++++-----
> 1 file changed, 13 insertions(+), 5 deletions(-)
>
> diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
> index e13bf7df591..2da7c357cdc 100644
> --- a/target/i386/tcg/translate.c
> +++ b/target/i386/tcg/translate.c
> @@ -872,18 +872,20 @@ static void gen_op_update_neg_cc(DisasContext *s)
> tcg_gen_movi_tl(s->cc_srcT, 0);
> }
>
> -/* compute all eflags to cc_src */
> -static void gen_compute_eflags(DisasContext *s)
> +/* compute all eflags to reg */
> +static void gen_mov_eflags(DisasContext *s, TCGv reg)
> {
> TCGv zero, dst, src1, src2;
> int live, dead;
>
> if (s->cc_op == CC_OP_EFLAGS) {
> + if (reg != cpu_cc_src) {
> + tcg_gen_mov_tl(reg, cpu_cc_src);
> + }
tcg_gen_mov_tl already takes care of eliding the nop move.
> return;
> }
> if (s->cc_op == CC_OP_CLR) {
> - tcg_gen_movi_tl(cpu_cc_src, CC_Z | CC_P);
> - set_cc_op(s, CC_OP_EFLAGS);
> + tcg_gen_movi_tl(reg, CC_Z | CC_P);
> return;
> }
>
> @@ -909,7 +911,13 @@ static void gen_compute_eflags(DisasContext *s)
> }
>
> gen_update_cc_op(s);
> - gen_helper_cc_compute_all(cpu_cc_src, dst, src1, src2, cpu_cc_op);
> + gen_helper_cc_compute_all(reg, dst, src1, src2, cpu_cc_op);
> +}
You don't want to gen_update_cc_op.
I think you want
TCGv_i32 cc_op = cpu_cc_op;
if (s->cc_op != CC_OP_DYNAMIC)
cc_op = tcg_constant_i32(s->cc_op);
gen_helper_cc_compute_all(..., cc_op);
No write to cpu_cc_op required at all, since...
> +/* compute all eflags to cc_src */
> +static void gen_compute_eflags(DisasContext *s)
> +{
> + gen_mov_eflags(s, cpu_cc_src);
> set_cc_op(s, CC_OP_EFLAGS);
> }
... this will modify it again anyway.
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 14/18] target/i386: move 60-BF opcodes to new decoder
2023-10-14 10:01 ` [PATCH 14/18] target/i386: move 60-BF opcodes to new decoder Paolo Bonzini
@ 2023-10-19 4:51 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 4:51 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> @@ -179,6 +180,9 @@
> #define p_66_f3_f2 .valid_prefix = P_66 | P_F3 | P_F2,
> #define p_00_66_f3_f2 .valid_prefix = P_00 | P_66 | P_F3 | P_F2,
>
> +static X86OpEntry illegal_opcode =
> + X86_OP_ENTRY0(illegal);
const.
> +static void gen_ARPL(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
> +{
> + TCGLabel *label1 = gen_new_label();
> + TCGv rpl_adj = tcg_temp_new();
> +
> + gen_mov_eflags(s, s->tmp4);
> + tcg_gen_andi_tl(s->tmp4, s->tmp4, ~CC_Z);
> +
> + /* Compute dest[rpl] - src[rpl], adjust if result <0. */
> + tcg_gen_andi_tl(rpl_adj, s->T0, 3);
> + tcg_gen_andi_tl(s->T1, s->T1, 3);
> + tcg_gen_sub_tl(rpl_adj, rpl_adj, s->T1);
> +
> + tcg_gen_brcondi_tl(TCG_COND_LT, rpl_adj, 0, label1);
> +
> + /* Subtract dest[rpl] - src[rpl] to set dest[rpl] = src[rpl]. */
> + tcg_gen_sub_tl(s->T0, s->T0, rpl_adj);
> + tcg_gen_ori_tl(s->tmp4, s->tmp4, CC_Z);
> + gen_set_label(label1);
> +
> + decode->cc_src = s->tmp4;
> + set_cc_op(s, CC_OP_EFLAGS);
> +}
If you're going to adjust the algorithm here,
you might as well make it branchless:
tcg_gen_negsetcond_tl(TCG_COND_GE, mask, rpl_adj, tcg_constant_tl(0));
tcg_gen_and_tl(rpl_adj, rpl_adj, mask);
tcg_gen_sub_tl(t0, t0, rpl_adj);
tcg_gen_andi_tl(mask, mask, CC_Z);
tcg_gen_or_tl(tmp4, tmp4, mask);
> +static void gen_CBW(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
> +{
> + switch(decode->op[0].ot) {
> +#ifdef TARGET_X86_64
> + case MO_64:
> + tcg_gen_ext32s_tl(s->T0, s->T0);
> + break;
> +#endif
> + case MO_32:
> + tcg_gen_ext16s_tl(s->T0, s->T0);
> + break;
> + case MO_16:
> + tcg_gen_ext8s_tl(s->T0, s->T0);
> + break;
> + default:
> + abort();
> + }
> +}
Reuse gen_ext_tl(t0, t0, (ot - 1) | MO_SIGN)?
> +static void gen_CWD(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
> +{
> + int shift = 8 << decode->op[0].ot;
> + switch (shift) {
> + case 64:
> + break;
> + case 32:
> + tcg_gen_ext32s_tl(s->T0, s->T0);
> + break;
> + case 16:
> + tcg_gen_ext16s_tl(s->T0, s->T0);
> + break;
> + default:
> + abort();
> + }
> + tcg_gen_sari_tl(s->T0, s->T0, shift - 1);
Better as
tcg_gen_sextract_tl(t0, t0, shift - 1, 1)
to just extract and replicate the one bit you wanted.
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 15/18] target/i386: move operand load and writeback out of gen_cmovcc1
2023-10-14 10:01 ` [PATCH 15/18] target/i386: move operand load and writeback out of gen_cmovcc1 Paolo Bonzini
@ 2023-10-19 14:56 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 14:56 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> Similar to gen_setcc1, make gen_cmovcc1 receive TCGv. This is more friendly
> to simultaneous implementation in the old and the new decoder.
>
> A small wart is that s->T0 of CMOV is currently the *second* argument (which
> would ordinarily be in T1). Therefore, the condition as to be inverted in
> order to overwrite s->T0 with cpu_regs[reg] if the MOV is not performed.
>
> This only applies to the old decoder, and this code will go away soon.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/translate.c | 20 ++++++++------------
> 1 file changed, 8 insertions(+), 12 deletions(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 16/18] target/i386: move remaining conditional operations to new decoder
2023-10-14 10:01 ` [PATCH 16/18] target/i386: move remaining conditional operations to new decoder Paolo Bonzini
@ 2023-10-19 15:05 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 15:05 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> Move long-displacement Jcc, SETcc and CMOVcc to the new decoder.
> While filling in the tables makes the code seem longer, the new
> emitters are all just one line of code.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/decode-new.c.inc | 56 ++++++++++++++++++++++++++++++++
> target/i386/tcg/decode-new.h | 1 +
> target/i386/tcg/emit.c.inc | 10 ++++++
> target/i386/tcg/translate.c | 4 ++-
> 4 files changed, 70 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
* Re: [PATCH 17/18] target/i386: remove now converted opcodes from old decoder
2023-10-14 10:01 ` [PATCH 17/18] target/i386: remove now converted opcodes from old decoder Paolo Bonzini
@ 2023-10-19 15:15 ` Richard Henderson
0 siblings, 0 replies; 36+ messages in thread
From: Richard Henderson @ 2023-10-19 15:15 UTC (permalink / raw)
To: Paolo Bonzini, qemu-devel
On 10/14/23 03:01, Paolo Bonzini wrote:
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> target/i386/tcg/translate.c | 705 +-----------------------------------
> 1 file changed, 4 insertions(+), 701 deletions(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 36+ messages in thread
end of thread, other threads:[~2023-10-19 15:16 UTC | newest]
Thread overview: 36+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-10-14 10:01 [PATCH 00/18] target/i386: decoder changes for 8.2 Paolo Bonzini
2023-10-14 10:01 ` [PATCH 01/18] target/i386: group common checks in the decoding phase Paolo Bonzini
2023-10-18 1:23 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 02/18] target/i386: validate VEX.W for AVX instructions Paolo Bonzini
2023-10-18 1:24 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 03/18] target/i386: implement SHA instructions Paolo Bonzini
2023-10-19 0:25 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 04/18] tests/tcg/i386: initialize more registers in test-avx Paolo Bonzini
2023-10-18 1:30 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 05/18] tests/tcg/i386: test-avx: add test cases for SHA new instructions Paolo Bonzini
2023-10-14 10:01 ` [PATCH 06/18] target/i386: accept full MemOp in gen_ext_tl Paolo Bonzini
2023-10-18 1:32 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 07/18] target/i386: introduce flags writeback mechanism Paolo Bonzini
2023-10-14 16:06 ` Richard Henderson
2023-10-15 14:51 ` Paolo Bonzini
2023-10-14 10:01 ` [PATCH 08/18] target/i386: implement CMPccXADD Paolo Bonzini
2023-10-19 1:59 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 09/18] target/i386: do not clobber A0 in POP translation Paolo Bonzini
2023-10-18 1:33 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 10/18] target/i386: reintroduce debugging mechanism Paolo Bonzini
2023-10-14 10:01 ` [PATCH 11/18] target/i386: move 00-5F opcodes to new decoder Paolo Bonzini
2023-10-19 3:24 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 12/18] target/i386: adjust decoding of J operand Paolo Bonzini
2023-10-19 3:25 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 13/18] target/i386: split eflags computation out of gen_compute_eflags Paolo Bonzini
2023-10-19 3:35 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 14/18] target/i386: move 60-BF opcodes to new decoder Paolo Bonzini
2023-10-19 4:51 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 15/18] target/i386: move operand load and writeback out of gen_cmovcc1 Paolo Bonzini
2023-10-19 14:56 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 16/18] target/i386: move remaining conditional operations to new decoder Paolo Bonzini
2023-10-19 15:05 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 17/18] target/i386: remove now converted opcodes from old decoder Paolo Bonzini
2023-10-19 15:15 ` Richard Henderson
2023-10-14 10:01 ` [PATCH 18/18] target/i386: remove gen_op Paolo Bonzini
2023-10-18 1:36 ` Richard Henderson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).