* [Qemu-devel] [PATCH 1/3] target-i386: Fix CC_OP_CLR vs PF
2014-02-25 7:30 [Qemu-devel] [PATCH 0/3] target-i386 updates Richard Henderson
@ 2014-02-25 7:30 ` Richard Henderson
2014-02-27 15:53 ` [Qemu-devel] [Qemu-stable] " Michael Roth
2014-02-25 7:30 ` [Qemu-devel] [PATCH 2/3] target-i386: Fix SSE status flag corruption Richard Henderson
2014-02-25 7:30 ` [Qemu-devel] [PATCH 3/3] target-i386: Fix ucomis and comis memory access Richard Henderson
2 siblings, 1 reply; 6+ messages in thread
From: Richard Henderson @ 2014-02-25 7:30 UTC (permalink / raw)
To: qemu-devel; +Cc: qemu-stable
Parity should be set for a zero result.
Cc: qemu-stable@nongnu.org
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
target-i386/cc_helper.c | 2 +-
target-i386/translate.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/target-i386/cc_helper.c b/target-i386/cc_helper.c
index ee04092..05dd12b 100644
--- a/target-i386/cc_helper.c
+++ b/target-i386/cc_helper.c
@@ -103,7 +103,7 @@ target_ulong helper_cc_compute_all(target_ulong dst, target_ulong src1,
case CC_OP_EFLAGS:
return src1;
case CC_OP_CLR:
- return CC_Z;
+ return CC_Z | CC_P;
case CC_OP_MULB:
return compute_all_mulb(dst, src1);
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 5dd2450..aa985fa 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -748,7 +748,7 @@ static void gen_compute_eflags(DisasContext *s)
return;
}
if (s->cc_op == CC_OP_CLR) {
- tcg_gen_movi_tl(cpu_cc_src, CC_Z);
+ tcg_gen_movi_tl(cpu_cc_src, CC_Z | CC_P);
set_cc_op(s, CC_OP_EFLAGS);
return;
}
--
1.8.5.3
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [Qemu-devel] [Qemu-stable] [PATCH 1/3] target-i386: Fix CC_OP_CLR vs PF
2014-02-25 7:30 ` [Qemu-devel] [PATCH 1/3] target-i386: Fix CC_OP_CLR vs PF Richard Henderson
@ 2014-02-27 15:53 ` Michael Roth
0 siblings, 0 replies; 6+ messages in thread
From: Michael Roth @ 2014-02-27 15:53 UTC (permalink / raw)
To: Richard Henderson, qemu-devel; +Cc: qemu-stable
Quoting Richard Henderson (2014-02-25 01:30:30)
> Parity should be set for a zero result.
>
> Cc: qemu-stable@nongnu.org
> Signed-off-by: Richard Henderson <rth@twiddle.net>
Ping: last call for 1.7.1 (freeze today)
> ---
> target-i386/cc_helper.c | 2 +-
> target-i386/translate.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/target-i386/cc_helper.c b/target-i386/cc_helper.c
> index ee04092..05dd12b 100644
> --- a/target-i386/cc_helper.c
> +++ b/target-i386/cc_helper.c
> @@ -103,7 +103,7 @@ target_ulong helper_cc_compute_all(target_ulong dst, target_ulong src1,
> case CC_OP_EFLAGS:
> return src1;
> case CC_OP_CLR:
> - return CC_Z;
> + return CC_Z | CC_P;
>
> case CC_OP_MULB:
> return compute_all_mulb(dst, src1);
> diff --git a/target-i386/translate.c b/target-i386/translate.c
> index 5dd2450..aa985fa 100644
> --- a/target-i386/translate.c
> +++ b/target-i386/translate.c
> @@ -748,7 +748,7 @@ static void gen_compute_eflags(DisasContext *s)
> return;
> }
> if (s->cc_op == CC_OP_CLR) {
> - tcg_gen_movi_tl(cpu_cc_src, CC_Z);
> + tcg_gen_movi_tl(cpu_cc_src, CC_Z | CC_P);
> set_cc_op(s, CC_OP_EFLAGS);
> return;
> }
> --
> 1.8.5.3
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Qemu-devel] [PATCH 2/3] target-i386: Fix SSE status flag corruption
2014-02-25 7:30 [Qemu-devel] [PATCH 0/3] target-i386 updates Richard Henderson
2014-02-25 7:30 ` [Qemu-devel] [PATCH 1/3] target-i386: Fix CC_OP_CLR vs PF Richard Henderson
@ 2014-02-25 7:30 ` Richard Henderson
2014-02-25 8:22 ` Paolo Bonzini
2014-02-25 7:30 ` [Qemu-devel] [PATCH 3/3] target-i386: Fix ucomis and comis memory access Richard Henderson
2 siblings, 1 reply; 6+ messages in thread
From: Richard Henderson @ 2014-02-25 7:30 UTC (permalink / raw)
To: qemu-devel
When we restore the mxcsr register with FXRSTOR, or set it with gdb,
we need to update the various SSE status flags in CPUX86State
Reported-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
Differs from Purdie's patch primarily in fixing gdb too. And that
required exporting update_sse_status. Which suggested that the name
and interface be changed to match the norm.
r~
---
target-i386/cpu.h | 3 +++
target-i386/fpu_helper.c | 15 ++++++++-------
target-i386/gdbstub.c | 2 +-
3 files changed, 12 insertions(+), 8 deletions(-)
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index 1b94f0f..5d3f143 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -1259,6 +1259,9 @@ static inline void cpu_load_efer(CPUX86State *env, uint64_t val)
}
}
+/* fpu_helper.c */
+void cpu_set_mxcsr(CPUX86State *env, uint32_t val);
+
/* svm_helper.c */
void cpu_svm_check_intercept_param(CPUX86State *env1, uint32_t type,
uint64_t param);
diff --git a/target-i386/fpu_helper.c b/target-i386/fpu_helper.c
index c0427fe..de7ba76 100644
--- a/target-i386/fpu_helper.c
+++ b/target-i386/fpu_helper.c
@@ -1179,7 +1179,7 @@ void helper_fxrstor(CPUX86State *env, target_ulong ptr, int data64)
if (env->cr[4] & CR4_OSFXSR_MASK) {
/* XXX: finish it */
- env->mxcsr = cpu_ldl_data(env, ptr + 0x18);
+ cpu_set_mxcsr(env, cpu_ldl_data(env, ptr + 0x18));
/* cpu_ldl_data(env, ptr + 0x1c); */
if (env->hflags & HF_CS64_MASK) {
nb_xmm_regs = 16;
@@ -1229,12 +1229,14 @@ floatx80 cpu_set_fp80(uint64_t mant, uint16_t upper)
#define SSE_RC_CHOP 0x6000
#define SSE_FZ 0x8000
-static void update_sse_status(CPUX86State *env)
+void cpu_set_mxcsr(CPUX86State *env, uint32_t mxcsr)
{
int rnd_type;
+ env->mxcsr = mxcsr;
+
/* set rounding mode */
- switch (env->mxcsr & SSE_RC_MASK) {
+ switch (mxcsr & SSE_RC_MASK) {
default:
case SSE_RC_NEAR:
rnd_type = float_round_nearest_even;
@@ -1252,16 +1254,15 @@ static void update_sse_status(CPUX86State *env)
set_float_rounding_mode(rnd_type, &env->sse_status);
/* set denormals are zero */
- set_flush_inputs_to_zero((env->mxcsr & SSE_DAZ) ? 1 : 0, &env->sse_status);
+ set_flush_inputs_to_zero((mxcsr & SSE_DAZ) ? 1 : 0, &env->sse_status);
/* set flush to zero */
- set_flush_to_zero((env->mxcsr & SSE_FZ) ? 1 : 0, &env->fp_status);
+ set_flush_to_zero((mxcsr & SSE_FZ) ? 1 : 0, &env->fp_status);
}
void helper_ldmxcsr(CPUX86State *env, uint32_t val)
{
- env->mxcsr = val;
- update_sse_status(env);
+ cpu_set_mxcsr(env, val);
}
void helper_enter_mmx(CPUX86State *env)
diff --git a/target-i386/gdbstub.c b/target-i386/gdbstub.c
index 15bebef..d34e535 100644
--- a/target-i386/gdbstub.c
+++ b/target-i386/gdbstub.c
@@ -222,7 +222,7 @@ int x86_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
return 4;
case IDX_MXCSR_REG:
- env->mxcsr = ldl_p(mem_buf);
+ cpu_set_mxcsr(env, ldl_p(mem_buf));
return 4;
}
}
--
1.8.5.3
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [Qemu-devel] [PATCH 2/3] target-i386: Fix SSE status flag corruption
2014-02-25 7:30 ` [Qemu-devel] [PATCH 2/3] target-i386: Fix SSE status flag corruption Richard Henderson
@ 2014-02-25 8:22 ` Paolo Bonzini
0 siblings, 0 replies; 6+ messages in thread
From: Paolo Bonzini @ 2014-02-25 8:22 UTC (permalink / raw)
To: Richard Henderson, qemu-devel
Il 25/02/2014 08:30, Richard Henderson ha scritto:
> When we restore the mxcsr register with FXRSTOR, or set it with gdb,
> we need to update the various SSE status flags in CPUX86State
>
> Reported-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> Signed-off-by: Richard Henderson <rth@twiddle.net>
> ---
> Differs from Purdie's patch primarily in fixing gdb too. And that
> required exporting update_sse_status. Which suggested that the name
> and interface be changed to match the norm.
>
>
> r~
> ---
> target-i386/cpu.h | 3 +++
> target-i386/fpu_helper.c | 15 ++++++++-------
> target-i386/gdbstub.c | 2 +-
> 3 files changed, 12 insertions(+), 8 deletions(-)
>
> diff --git a/target-i386/cpu.h b/target-i386/cpu.h
> index 1b94f0f..5d3f143 100644
> --- a/target-i386/cpu.h
> +++ b/target-i386/cpu.h
> @@ -1259,6 +1259,9 @@ static inline void cpu_load_efer(CPUX86State *env, uint64_t val)
> }
> }
>
> +/* fpu_helper.c */
> +void cpu_set_mxcsr(CPUX86State *env, uint32_t val);
> +
> /* svm_helper.c */
> void cpu_svm_check_intercept_param(CPUX86State *env1, uint32_t type,
> uint64_t param);
> diff --git a/target-i386/fpu_helper.c b/target-i386/fpu_helper.c
> index c0427fe..de7ba76 100644
> --- a/target-i386/fpu_helper.c
> +++ b/target-i386/fpu_helper.c
> @@ -1179,7 +1179,7 @@ void helper_fxrstor(CPUX86State *env, target_ulong ptr, int data64)
>
> if (env->cr[4] & CR4_OSFXSR_MASK) {
> /* XXX: finish it */
> - env->mxcsr = cpu_ldl_data(env, ptr + 0x18);
> + cpu_set_mxcsr(env, cpu_ldl_data(env, ptr + 0x18));
> /* cpu_ldl_data(env, ptr + 0x1c); */
> if (env->hflags & HF_CS64_MASK) {
> nb_xmm_regs = 16;
> @@ -1229,12 +1229,14 @@ floatx80 cpu_set_fp80(uint64_t mant, uint16_t upper)
> #define SSE_RC_CHOP 0x6000
> #define SSE_FZ 0x8000
>
> -static void update_sse_status(CPUX86State *env)
> +void cpu_set_mxcsr(CPUX86State *env, uint32_t mxcsr)
> {
> int rnd_type;
>
> + env->mxcsr = mxcsr;
> +
> /* set rounding mode */
> - switch (env->mxcsr & SSE_RC_MASK) {
> + switch (mxcsr & SSE_RC_MASK) {
> default:
> case SSE_RC_NEAR:
> rnd_type = float_round_nearest_even;
> @@ -1252,16 +1254,15 @@ static void update_sse_status(CPUX86State *env)
> set_float_rounding_mode(rnd_type, &env->sse_status);
>
> /* set denormals are zero */
> - set_flush_inputs_to_zero((env->mxcsr & SSE_DAZ) ? 1 : 0, &env->sse_status);
> + set_flush_inputs_to_zero((mxcsr & SSE_DAZ) ? 1 : 0, &env->sse_status);
>
> /* set flush to zero */
> - set_flush_to_zero((env->mxcsr & SSE_FZ) ? 1 : 0, &env->fp_status);
> + set_flush_to_zero((mxcsr & SSE_FZ) ? 1 : 0, &env->fp_status);
> }
>
> void helper_ldmxcsr(CPUX86State *env, uint32_t val)
> {
> - env->mxcsr = val;
> - update_sse_status(env);
> + cpu_set_mxcsr(env, val);
> }
>
> void helper_enter_mmx(CPUX86State *env)
> diff --git a/target-i386/gdbstub.c b/target-i386/gdbstub.c
> index 15bebef..d34e535 100644
> --- a/target-i386/gdbstub.c
> +++ b/target-i386/gdbstub.c
> @@ -222,7 +222,7 @@ int x86_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
> return 4;
>
> case IDX_MXCSR_REG:
> - env->mxcsr = ldl_p(mem_buf);
> + cpu_set_mxcsr(env, ldl_p(mem_buf));
> return 4;
> }
> }
>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [Qemu-devel] [PATCH 3/3] target-i386: Fix ucomis and comis memory access
2014-02-25 7:30 [Qemu-devel] [PATCH 0/3] target-i386 updates Richard Henderson
2014-02-25 7:30 ` [Qemu-devel] [PATCH 1/3] target-i386: Fix CC_OP_CLR vs PF Richard Henderson
2014-02-25 7:30 ` [Qemu-devel] [PATCH 2/3] target-i386: Fix SSE status flag corruption Richard Henderson
@ 2014-02-25 7:30 ` Richard Henderson
2 siblings, 0 replies; 6+ messages in thread
From: Richard Henderson @ 2014-02-25 7:30 UTC (permalink / raw)
To: qemu-devel
We were loading 16 bytes for both single and double-precision
scalar comparisons.
Reported-by: Alexander Bluhm <bluhm@openbsd.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
The original Bluhm patch didn't fix [u]comiss, but was focused on [u]comisd.
r~
---
target-i386/translate.c | 46 ++++++++++++++++++++++++++++++++++++----------
1 file changed, 36 insertions(+), 10 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index aa985fa..707ebd5 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -4284,22 +4284,48 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
if (is_xmm) {
op1_offset = offsetof(CPUX86State,xmm_regs[reg]);
if (mod != 3) {
+ int sz = 4;
+
gen_lea_modrm(env, s, modrm);
op2_offset = offsetof(CPUX86State,xmm_t0);
- if (b1 >= 2 && ((b >= 0x50 && b <= 0x5f && b != 0x5b) ||
- b == 0xc2)) {
- /* specific case for SSE single instructions */
+
+ switch (b) {
+ case 0x50 ... 0x5a:
+ case 0x5c ... 0x5f:
+ case 0xc2:
+ /* Most sse scalar operations. */
if (b1 == 2) {
- /* 32 bit access */
- gen_op_ld_v(s, MO_32, cpu_T[0], cpu_A0);
- tcg_gen_st32_tl(cpu_T[0], cpu_env, offsetof(CPUX86State,xmm_t0.XMM_L(0)));
+ sz = 2;
+ } else if (b1 == 3) {
+ sz = 3;
+ }
+ break;
+
+ case 0x2e: /* ucomis[sd] */
+ case 0x2f: /* comis[sd] */
+ if (b1 == 0) {
+ sz = 2;
} else {
- /* 64 bit access */
- gen_ldq_env_A0(s, offsetof(CPUX86State,
- xmm_t0.XMM_D(0)));
+ sz = 3;
}
- } else {
+ break;
+ }
+
+ switch (sz) {
+ case 2:
+ /* 32 bit access */
+ gen_op_ld_v(s, MO_32, cpu_T[0], cpu_A0);
+ tcg_gen_st32_tl(cpu_T[0], cpu_env,
+ offsetof(CPUX86State,xmm_t0.XMM_L(0)));
+ break;
+ case 3:
+ /* 64 bit access */
+ gen_ldq_env_A0(s, offsetof(CPUX86State, xmm_t0.XMM_D(0)));
+ break;
+ default:
+ /* 128 bit access */
gen_ldo_env_A0(s, op2_offset);
+ break;
}
} else {
rm = (modrm & 7) | REX_B(s);
--
1.8.5.3
^ permalink raw reply related [flat|nested] 6+ messages in thread