[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-8.1.5 36/36] target/arm: Fix A64 scalar SQSHRN and SQRSHRN
|
From: |
Michael Tokarev |
|
Subject: |
[Stable-8.1.5 36/36] target/arm: Fix A64 scalar SQSHRN and SQRSHRN |
|
Date: |
Sun, 28 Jan 2024 20:48:41 +0300 |
From: Peter Maydell <peter.maydell@linaro.org>
In commit 1b7bc9b5c8bf374dd we changed handle_vec_simd_sqshrn() so
that instead of starting with a 0 value and depositing in each new
element from the narrowing operation, it instead started with the raw
result of the narrowing operation of the first element.
This is fine in the vector case, because the deposit operations for
the second and subsequent elements will always overwrite any higher
bits that might have been in the first element's result value in
tcg_rd. However in the scalar case we only go through this loop
once. The effect is that for a signed narrowing operation, if the
result is negative then we will now return a value where the bits
above the first element are incorrectly 1 (because the narrowfn
returns a sign-extended result, not one that is truncated to the
element size).
Fix this by using an extract operation to get exactly the correct
bits of the output of the narrowfn for element 1, instead of a
plain move.
Cc: qemu-stable@nongnu.org
Fixes: 1b7bc9b5c8bf374dd3 ("target/arm: Avoid tcg_const_ptr in
handle_vec_simd_sqshrn")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2089
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240123153416.877308-1-peter.maydell@linaro.org
(cherry picked from commit 6fffc8378562c7fea6290c430b4f653f830a4c1a)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/target/arm/tcg/translate-a64.c b/target/arm/tcg/translate-a64.c
index 7267f172d7..4e54cb7502 100644
--- a/target/arm/tcg/translate-a64.c
+++ b/target/arm/tcg/translate-a64.c
@@ -8116,7 +8116,7 @@ static void handle_vec_simd_sqshrn(DisasContext *s, bool
is_scalar, bool is_q,
narrowfn(tcg_rd_narrowed, cpu_env, tcg_rd);
tcg_gen_extu_i32_i64(tcg_rd, tcg_rd_narrowed);
if (i == 0) {
- tcg_gen_mov_i64(tcg_final, tcg_rd);
+ tcg_gen_extract_i64(tcg_final, tcg_rd, 0, esize);
} else {
tcg_gen_deposit_i64(tcg_final, tcg_final, tcg_rd, esize * i,
esize);
}
--
2.39.2
- [Stable-8.1.5 29/36] virtio-net: correctly copy vnet header when flushing TX, (continued)
- [Stable-8.1.5 29/36] virtio-net: correctly copy vnet header when flushing TX, Michael Tokarev, 2024/01/28
- [Stable-8.1.5 27/36] block/io: clear BDRV_BLOCK_RECURSE flag after recursing in bdrv_co_block_status, Michael Tokarev, 2024/01/28
- [Stable-8.1.5 28/36] tcg/arm: Fix SIGILL in tcg_out_qemu_st_direct, Michael Tokarev, 2024/01/28
- [Stable-8.1.5 26/36] accel/tcg: Revert mapping of PCREL translation block to multiple virtual addresses, Michael Tokarev, 2024/01/28
- [Stable-8.1.5 32/36] iotests: port 141 to Python for reliable QMP testing, Michael Tokarev, 2024/01/28
- [Stable-8.1.5 30/36] block/blklogwrites: Fix a bug when logging "write zeroes" operations., Michael Tokarev, 2024/01/28
- [Stable-8.1.5 31/36] iotests: add filter_qmp_generated_node_ids(), Michael Tokarev, 2024/01/28
- [Stable-8.1.5 34/36] qtest: bump aspeed_smc-test timeout to 6 minutes, Michael Tokarev, 2024/01/28
- [Stable-8.1.5 33/36] monitor: only run coroutine commands in qemu_aio_context, Michael Tokarev, 2024/01/28
- [Stable-8.1.5 35/36] target/xtensa: fix OOB TLB entry access, Michael Tokarev, 2024/01/28
- [Stable-8.1.5 36/36] target/arm: Fix A64 scalar SQSHRN and SQRSHRN,
Michael Tokarev <=