From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:33724)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1ZluDX-00020X-3R
	for qemu-devel@nongnu.org; Tue, 13 Oct 2015 03:41:51 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1ZluDT-00077Y-SJ
	for qemu-devel@nongnu.org; Tue, 13 Oct 2015 03:41:51 -0400
Received: from mail-wi0-x236.google.com ([2a00:1450:400c:c05::236]:32862)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1ZluDT-00077S-MI
	for qemu-devel@nongnu.org; Tue, 13 Oct 2015 03:41:47 -0400
Received: by wicge5 with SMTP id ge5so44879371wic.0
	for <qemu-devel@nongnu.org>; Tue, 13 Oct 2015 00:41:47 -0700 (PDT)
Sender: Paolo Bonzini <paolo.bonzini@gmail.com>
References: <1444643442-8487-1-git-send-email-pbonzini@redhat.com>
	<561C3120.9080402@twiddle.net>
From: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <561CB5B8.3040307@redhat.com>
Date: Tue, 13 Oct 2015 09:41:44 +0200
MIME-Version: 1.0
In-Reply-To: <561C3120.9080402@twiddle.net>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] target-i386: fix pcmpxstrx equal-ordered
	(strstr) mode
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Richard Henderson <rth@twiddle.net>, qemu-devel@nongnu.org
Cc: fweimer@redhat.com, Eduardo Habkost <ehabkost@redhat.com>



On 13/10/2015 00:16, Richard Henderson wrote:
> On 10/12/2015 08:50 PM, Paolo Bonzini wrote:
>> In this mode, referring an invalid element of the source forces the
>> result to false (table 4-7, last column) but referring an invalid
>> element of the destination forces the result to true, so the outer
>> loop should still be run even if some elements of the destination
>> will be invalid.  They will be culled in the inner loop, which
>> correctly bounds "i" to validd.
>>
>> This fix tst_strstr in glibc 2.17.
>>
>> Reported-by: Florian Weimer <fweimer@redhat.com>
>> Cc: Richard Henderson <rth@twiddle.net>
>> Cc: Eduardo Habkost <ehabkost@redhat.com>
>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>> ---
>>   target-i386/ops_sse.h | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/target-i386/ops_sse.h b/target-i386/ops_sse.h
>> index 7aa693a..268f3e1 100644
>> --- a/target-i386/ops_sse.h
>> +++ b/target-i386/ops_sse.h
>> @@ -2037,7 +2037,7 @@ static inline unsigned pcmpxstrx(CPUX86State
>> *env, Reg *d, Reg *s,
>>           }
>>           break;
>>       case 3:
>> -        for (j = valids - validd; j >= 0; j--) {
>> +        for (j = valids; j >= 0; j--) {
>>               res <<= 1;
>>               v = 1;
>>               for (i = MIN(upper - j, validd); i >= 0; i--) {
> 
> I don't see how the bounding is properly done.  In particular,
> 
>>                 v &= (pcmp_val(s, ctrl, i + j) == pcmp_val(d, ctrl, i));
> 
> We're bounding j by valids, but accessing i+j?

You're absolutely right, the second loop also needs s/upper/valids/.

Paolo