Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calc

From:	Richard Henderson
Subject:	Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation
Date:	Thu, 23 Feb 2023 12:01:08 -1000
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.7.1

On 2/23/23 11:13, ~vilenka wrote:

From: Vilen Kamalov <vilen.kamalov@gmail.com>

gen_shift_rm_T1 in the uses wrong tmp0 register, eflags calculation uses tmp4 
at target/i386/tcg/translate.c, line 5488
`tcg_gen_mov_tl(cpu_cc_src, s->tmp4);`

The line you quote only applies to the bit instructions, bt/bts/btr/btc, so yourexplanation is clearly incorrect.

push rcx
mov dword ptr [rsp], 010000000h
mov rcx, 01eh
sar dword ptr [rsp], cl
jnc pass1
int 3
pass1:
mov dword ptr [rsp], 0ffffffffh
mov rcx, 01eh
sar dword ptr [rsp], cl
jc pass2
int 3
pass2:
pop rcx


Thanks for the test case.

diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c
index 9d9392b009..9048e22868 100644
--- a/target/i386/tcg/translate.c
+++ b/target/i386/tcg/translate.c
@@ -1686,27 +1686,27 @@ static void gen_shift_rm_T1(DisasContext *s, MemOp ot, 
int op1,
      }

tcg_gen_andi_tl(s->T1, s->T1, mask);

-    tcg_gen_subi_tl(s->tmp0, s->T1, 1);
+    tcg_gen_subi_tl(s->tmp4, s->T1, 1);

if (is_right) {

          if (is_arith) {
              gen_exts(ot, s->T0);
-            tcg_gen_sar_tl(s->tmp0, s->T0, s->tmp0);
+            tcg_gen_sar_tl(s->tmp4, s->T0, s->tmp4);
              tcg_gen_sar_tl(s->T0, s->T0, s->T1);
          } else {
              gen_extu(ot, s->T0);
-            tcg_gen_shr_tl(s->tmp0, s->T0, s->tmp0);
+            tcg_gen_shr_tl(s->tmp4, s->T0, s->tmp4);
              tcg_gen_shr_tl(s->T0, s->T0, s->T1);
          }
      } else {
-        tcg_gen_shl_tl(s->tmp0, s->T0, s->tmp0);
+        tcg_gen_shl_tl(s->tmp4, s->T0, s->tmp4);
          tcg_gen_shl_tl(s->T0, s->T0, s->T1);
      }

/* store */

      gen_op_st_rm_T0_A0(s, ot, op1);

- gen_shift_flags(s, ot, s->T0, s->tmp0, s->T1, is_right);

+    gen_shift_flags(s, ot, s->T0, s->tmp4, s->T1, is_right);
  }


The use of tmp0 vs tmp4 is completely local to this function.

Within gen_shift_flags, the 4th argument is consistently used, and neither tmp0 nor tmp4are referenced.

If this does fix the issue, that means there's some other explanation, and possibly somedeeper fix is required.

r~

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH qemu 0/1] [bugfix] gen_shift_rm_T1 uses wrong tmp0 register, ~vilenka, 2023/02/23
- [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation, ~vilenka, 2023/02/23
  - Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation, Richard Henderson <=
    - Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation, Vilen Kamalov, 2023/02/23
    - Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation, Vilen Kamalov, 2023/02/23
  - Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation, Richard Henderson, 2023/02/23

Prev by Date: [PATCH 1/2] linux-user: Fix unaligned memory access in prlimit64 syscall
Next by Date: [PATCH] tests/avocado: Enable TuxRun/mips64 (big-endian) test
Previous by thread: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation
Next by thread: Re: [PATCH qemu 1/1] target/i386: Fix gen_shift_rm_T1, wrong eflags calculation
Index(es):
- Date
- Thread