[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 64/99] tcg/i386: Fix dup_vec in non-AVX2 codepath
From: |
Michael Roth |
Subject: |
[Qemu-devel] [PATCH 64/99] tcg/i386: Fix dup_vec in non-AVX2 codepath |
Date: |
Mon, 23 Jul 2018 15:17:13 -0500 |
From: Peter Maydell <address@hidden>
The VPUNPCKLD* instructions are all "non-destructive source",
indicated by "NDS" in the encoding string in the x86 ISA manual.
This means that they take two source operands, one of which is
encoded in the VEX.vvvv field. We were incorrectly treating them
as if they were destructive-source and passing 0 as the 'v'
argument of tcg_out_vex_modrm(). This meant we were always
using %xmm0 as one of the source operands, causing incorrect
results if the register allocator happened to want to use
something else. For instance the input AArch64 insn:
DUP v26.16b, w21
which becomes TCG IR ops:
dup_vec v128,e8,tmp2,x21
st_vec v128,e8,tmp2,env,$0xa40
was assembled to:
0x607c568c: c4 c1 7a 7e 86 e8 00 00 vmovq 0xe8(%r14), %xmm0
0x607c5694: 00
0x607c5695: c5 f9 60 c8 vpunpcklbw %xmm0, %xmm0, %xmm1
0x607c5699: c5 f9 61 c9 vpunpcklwd %xmm1, %xmm0, %xmm1
0x607c569d: c5 f9 70 c9 00 vpshufd $0, %xmm1, %xmm1
0x607c56a2: c4 c1 7a 7f 8e 40 0a 00 vmovdqu %xmm1, 0xa40(%r14)
0x607c56aa: 00
when the vpunpcklwd insn should be "%xmm1, %xmm1, %xmm1".
This resulted in our incorrectly setting the output vector to
q26=0000320000003200:0000320000003200
when given an input of x21 == 0000000002803200
rather than the expected all-zeroes.
Pass the correct source register number to tcg_out_vex_modrm()
for these insns.
Fixes: 770c2fc7bb70804a
Cc: address@hidden
Signed-off-by: Peter Maydell <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
(cherry picked from commit 7eb30ef0ba2eb59e7430d4848ae8d4bf4e50f768)
Signed-off-by: Michael Roth <address@hidden>
---
tcg/i386/tcg-target.inc.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tcg/i386/tcg-target.inc.c b/tcg/i386/tcg-target.inc.c
index d7e59e79c5..5357909fff 100644
--- a/tcg/i386/tcg-target.inc.c
+++ b/tcg/i386/tcg-target.inc.c
@@ -854,11 +854,11 @@ static void tcg_out_dup_vec(TCGContext *s, TCGType type,
unsigned vece,
switch (vece) {
case MO_8:
/* ??? With zero in a register, use PSHUFB. */
- tcg_out_vex_modrm(s, OPC_PUNPCKLBW, r, 0, a);
+ tcg_out_vex_modrm(s, OPC_PUNPCKLBW, r, a, a);
a = r;
/* FALLTHRU */
case MO_16:
- tcg_out_vex_modrm(s, OPC_PUNPCKLWD, r, 0, a);
+ tcg_out_vex_modrm(s, OPC_PUNPCKLWD, r, a, a);
a = r;
/* FALLTHRU */
case MO_32:
@@ -867,7 +867,7 @@ static void tcg_out_dup_vec(TCGContext *s, TCGType type,
unsigned vece,
tcg_out8(s, 0);
break;
case MO_64:
- tcg_out_vex_modrm(s, OPC_PUNPCKLQDQ, r, 0, a);
+ tcg_out_vex_modrm(s, OPC_PUNPCKLQDQ, r, a, a);
break;
default:
g_assert_not_reached();
--
2.17.1
- [Qemu-devel] [PATCH 55/99] nbd/client: fix nbd_negotiate_simple_meta_context, (continued)
- [Qemu-devel] [PATCH 55/99] nbd/client: fix nbd_negotiate_simple_meta_context, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 56/99] migration/block-dirty-bitmap: fix memory leak in dirty_bitmap_load_bits, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 57/99] qapi: fill in CpuInfoFast.arch in query-cpus-fast, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 58/99] block/mirror: Make cancel always cancel pre-READY, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 59/99] iotests: Add test for cancelling a mirror job, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 60/99] riscv: spike: allow base == 0, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 61/99] riscv: htif: increase the priority of the htif subregion, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 05/99] s390-ccw: force diag 308 subcode to unsigned long, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 62/99] riscv: requires libfdt, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 63/99] nbd/client: Relax handling of large NBD_CMD_BLOCK_STATUS reply, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 64/99] tcg/i386: Fix dup_vec in non-AVX2 codepath,
Michael Roth <=
- [Qemu-devel] [PATCH 65/99] softfloat: Handle default NaN mode after pickNaNMulAdd, not before, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 66/99] tcg: Limit the number of ops in a TB, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 67/99] RISC-V: Minimal QEMU 2.12 fix for sifive_u machine, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 68/99] blockjob: expose error string via query, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 69/99] target/arm: Fix fp_status_f16 tininess before rounding, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 70/99] fpu/softfloat: Don't set Invalid for float-to-int(MAXINT), Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 06/99] tcg/arm: Fix memory barrier encoding, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 72/99] target/arm: Implement vector shifted FCVT for fp16, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 71/99] target/arm: Implement vector shifted SCVF/UCVF for fp16, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 73/99] target/arm: Fix float16 to/from int16, Michael Roth, 2018/07/23