Re: [Qemu-devel] [PATCH] target/i386: Fix BLSR and BLSI

[Paolo Bonzini]

On 06/06/2018 11:13, Ricardo Ribalda Delgado wrote:
> Hi Richard,
> 
> I cannot find this patch on qemu master branch. Do you need any help
> to get this done?

I queued it now, thanks for the reminder!

Paolo


> Thanks!
> On Wed, Jul 12, 2017 at 8:45 PM Richard Henderson  wrote:
>>
>> The implementation of these two instructions was swapped.
>> At the same time, unify the setup of eflags for the insn group.
>>
>> Reported-by: Ricardo Ribalda Delgado 
>> Signed-off-by: Richard Henderson 
>> ---
>>  target/i386/translate.c | 25 -
>>  1 file changed, 8 insertions(+), 17 deletions(-)
>>
>> diff --git a/target/i386/translate.c b/target/i386/translate.c
>> index 8365a6d..087a2e6 100644
>> --- a/target/i386/translate.c
>> +++ b/target/i386/translate.c
>> @@ -4029,36 +4029,27 @@ static void gen_sse(CPUX86State *env, DisasContext 
>> *s, int b,
>>  goto illegal_op;
>>  }
>>  ot = mo_64_32(s->dflag);
>> -gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
>> +gen_ldst_modrm(env, s, modrm, ot, OR_TMP1, 0);
>>
>>  switch (reg & 7) {
>>  case 1: /* blsr By,Ey */
>> -tcg_gen_neg_tl(cpu_T1, cpu_T0);
>> +tcg_gen_subi_tl(cpu_T0, cpu_T1, 1);
>>  tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
>>  gen_op_mov_reg_v(ot, s->vex_v, cpu_T0);
>> -gen_op_update2_cc();
>> -set_cc_op(s, CC_OP_BMILGB + ot);
>>  break;
>> -
>>  case 2: /* blsmsk By,Ey */
>> -tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
>> -tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
>> -tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_cc_src);
>> -tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
>> -set_cc_op(s, CC_OP_BMILGB + ot);
>> +tcg_gen_subi_tl(cpu_T0, cpu_T1, 1);
>> +tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_T1);
>>  break;
>> -
>>  case 3: /* blsi By, Ey */
>> -tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
>> -tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
>> -tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_cc_src);
>> -tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
>> -set_cc_op(s, CC_OP_BMILGB + ot);
>> +tcg_gen_neg_tl(cpu_T0, cpu_T1);
>> +tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
>>  break;
>> -
>>  default:
>>  goto unknown_op;
>>  }
>> +gen_op_update2_cc();
>> +set_cc_op(s, CC_OP_BMILGB + ot);
>>  break;
>>
>>  default:
>> --
>> 2.9.4
>>
> 
> 

Re: [Qemu-devel] [PATCH] target/i386: Fix BLSR and BLSI

[Ricardo Ribalda Delgado]

Hi Richard,

I cannot find this patch on qemu master branch. Do you need any help
to get this done?

Thanks!
On Wed, Jul 12, 2017 at 8:45 PM Richard Henderson  wrote:
>
> The implementation of these two instructions was swapped.
> At the same time, unify the setup of eflags for the insn group.
>
> Reported-by: Ricardo Ribalda Delgado 
> Signed-off-by: Richard Henderson 
> ---
>  target/i386/translate.c | 25 -
>  1 file changed, 8 insertions(+), 17 deletions(-)
>
> diff --git a/target/i386/translate.c b/target/i386/translate.c
> index 8365a6d..087a2e6 100644
> --- a/target/i386/translate.c
> +++ b/target/i386/translate.c
> @@ -4029,36 +4029,27 @@ static void gen_sse(CPUX86State *env, DisasContext 
> *s, int b,
>  goto illegal_op;
>  }
>  ot = mo_64_32(s->dflag);
> -gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
> +gen_ldst_modrm(env, s, modrm, ot, OR_TMP1, 0);
>
>  switch (reg & 7) {
>  case 1: /* blsr By,Ey */
> -tcg_gen_neg_tl(cpu_T1, cpu_T0);
> +tcg_gen_subi_tl(cpu_T0, cpu_T1, 1);
>  tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
>  gen_op_mov_reg_v(ot, s->vex_v, cpu_T0);
> -gen_op_update2_cc();
> -set_cc_op(s, CC_OP_BMILGB + ot);
>  break;
> -
>  case 2: /* blsmsk By,Ey */
> -tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
> -tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
> -tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_cc_src);
> -tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
> -set_cc_op(s, CC_OP_BMILGB + ot);
> +tcg_gen_subi_tl(cpu_T0, cpu_T1, 1);
> +tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_T1);
>  break;
> -
>  case 3: /* blsi By, Ey */
> -tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
> -tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
> -tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_cc_src);
> -tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
> -set_cc_op(s, CC_OP_BMILGB + ot);
> +tcg_gen_neg_tl(cpu_T0, cpu_T1);
> +tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
>  break;
> -
>  default:
>  goto unknown_op;
>  }
> +gen_op_update2_cc();
> +set_cc_op(s, CC_OP_BMILGB + ot);
>  break;
>
>  default:
> --
> 2.9.4
>


-- 
Ricardo Ribalda

Re: [Qemu-devel] [PATCH] target/i386: Fix BLSR and BLSI

[Ricardo Ribalda Delgado]

This seems to work fine with the example. But my app still throughs sigsegv :(

diff --git a/target/i386/translate.c b/target/i386/translate.c
index 2c64d2b71ec4..564b9c6057c2 100644
--- a/target/i386/translate.c
+++ b/target/i386/translate.c
@@ -4033,32 +4033,23 @@ static void gen_sse(CPUX86State *env,
DisasContext *s, int b,

 switch (reg & 7) {
 case 1: /* blsr By,Ey */
-tcg_gen_neg_tl(cpu_T1, cpu_T0);
+tcg_gen_subi_tl(cpu_T1, cpu_T0, 1);
 tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
 gen_op_mov_reg_v(ot, s->vex_v, cpu_T0);
-gen_op_update2_cc();
-set_cc_op(s, CC_OP_BMILGB + ot);
 break;
-
 case 2: /* blsmsk By,Ey */
-tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
-tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
-tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_cc_src);
-tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
-set_cc_op(s, CC_OP_BMILGB + ot);
+tcg_gen_subi_tl(cpu_T1, cpu_T0, 1);
+tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_T1);
 break;
-
 case 3: /* blsi By, Ey */
-tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
-tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
-tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_cc_src);
-tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
-set_cc_op(s, CC_OP_BMILGB + ot);
+tcg_gen_neg_tl(cpu_T1, cpu_T0);
+tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
 break;
-
 default:
 goto unknown_op;
 }
+gen_op_update2_cc();
+set_cc_op(s, CC_OP_BMILGB + ot);
 break;

 default:

On Wed, Jul 12, 2017 at 9:12 PM, Richard Henderson  wrote:
> On 07/12/2017 08:58 AM, Ricardo Ribalda Delgado wrote:
>>
>> Hi Richard
>>
>> Thanks again!, When I apply this patch I get the following error:
>>
>> /tmp/qemu/tcg/tcg.c:2042: tcg fatal error
>
>
> Bah.  I misremembered that OR_TMP1 is unusable in this context.
>
>
> r~



-- 
Ricardo Ribalda

Re: [Qemu-devel] [PATCH] target/i386: Fix BLSR and BLSI

[Richard Henderson]

On 07/12/2017 08:58 AM, Ricardo Ribalda Delgado wrote:

Hi Richard

Thanks again!, When I apply this patch I get the following error:

/tmp/qemu/tcg/tcg.c:2042: tcg fatal error


Bah.  I misremembered that OR_TMP1 is unusable in this context.


r~

Re: [Qemu-devel] [PATCH] target/i386: Fix BLSR and BLSI

[Ricardo Ribalda Delgado]

Hi Richard

Thanks again!, When I apply this patch I get the following error:

/tmp/qemu/tcg/tcg.c:2042: tcg fatal error

Regards!

On Wed, Jul 12, 2017 at 8:45 PM, Richard Henderson  wrote:
> The implementation of these two instructions was swapped.
> At the same time, unify the setup of eflags for the insn group.
>
> Reported-by: Ricardo Ribalda Delgado 
> Signed-off-by: Richard Henderson 
> ---
>  target/i386/translate.c | 25 -
>  1 file changed, 8 insertions(+), 17 deletions(-)
>
> diff --git a/target/i386/translate.c b/target/i386/translate.c
> index 8365a6d..087a2e6 100644
> --- a/target/i386/translate.c
> +++ b/target/i386/translate.c
> @@ -4029,36 +4029,27 @@ static void gen_sse(CPUX86State *env, DisasContext 
> *s, int b,
>  goto illegal_op;
>  }
>  ot = mo_64_32(s->dflag);
> -gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
> +gen_ldst_modrm(env, s, modrm, ot, OR_TMP1, 0);
>
>  switch (reg & 7) {
>  case 1: /* blsr By,Ey */
> -tcg_gen_neg_tl(cpu_T1, cpu_T0);
> +tcg_gen_subi_tl(cpu_T0, cpu_T1, 1);
>  tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
>  gen_op_mov_reg_v(ot, s->vex_v, cpu_T0);
> -gen_op_update2_cc();
> -set_cc_op(s, CC_OP_BMILGB + ot);
>  break;
> -
>  case 2: /* blsmsk By,Ey */
> -tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
> -tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
> -tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_cc_src);
> -tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
> -set_cc_op(s, CC_OP_BMILGB + ot);
> +tcg_gen_subi_tl(cpu_T0, cpu_T1, 1);
> +tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_T1);
>  break;
> -
>  case 3: /* blsi By, Ey */
> -tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
> -tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
> -tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_cc_src);
> -tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
> -set_cc_op(s, CC_OP_BMILGB + ot);
> +tcg_gen_neg_tl(cpu_T0, cpu_T1);
> +tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
>  break;
> -
>  default:
>  goto unknown_op;
>  }
> +gen_op_update2_cc();
> +set_cc_op(s, CC_OP_BMILGB + ot);
>  break;
>
>  default:
> --
> 2.9.4
>



-- 
Ricardo Ribalda

[Qemu-devel] [PATCH] target/i386: Fix BLSR and BLSI

[Richard Henderson]

The implementation of these two instructions was swapped.
At the same time, unify the setup of eflags for the insn group.

Reported-by: Ricardo Ribalda Delgado 
Signed-off-by: Richard Henderson 
---
 target/i386/translate.c | 25 -
 1 file changed, 8 insertions(+), 17 deletions(-)

diff --git a/target/i386/translate.c b/target/i386/translate.c
index 8365a6d..087a2e6 100644
--- a/target/i386/translate.c
+++ b/target/i386/translate.c
@@ -4029,36 +4029,27 @@ static void gen_sse(CPUX86State *env, DisasContext *s, 
int b,
 goto illegal_op;
 }
 ot = mo_64_32(s->dflag);
-gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 0);
+gen_ldst_modrm(env, s, modrm, ot, OR_TMP1, 0);
 
 switch (reg & 7) {
 case 1: /* blsr By,Ey */
-tcg_gen_neg_tl(cpu_T1, cpu_T0);
+tcg_gen_subi_tl(cpu_T0, cpu_T1, 1);
 tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
 gen_op_mov_reg_v(ot, s->vex_v, cpu_T0);
-gen_op_update2_cc();
-set_cc_op(s, CC_OP_BMILGB + ot);
 break;
-
 case 2: /* blsmsk By,Ey */
-tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
-tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
-tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_cc_src);
-tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
-set_cc_op(s, CC_OP_BMILGB + ot);
+tcg_gen_subi_tl(cpu_T0, cpu_T1, 1);
+tcg_gen_xor_tl(cpu_T0, cpu_T0, cpu_T1);
 break;
-
 case 3: /* blsi By, Ey */
-tcg_gen_mov_tl(cpu_cc_src, cpu_T0);
-tcg_gen_subi_tl(cpu_T0, cpu_T0, 1);
-tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_cc_src);
-tcg_gen_mov_tl(cpu_cc_dst, cpu_T0);
-set_cc_op(s, CC_OP_BMILGB + ot);
+tcg_gen_neg_tl(cpu_T0, cpu_T1);
+tcg_gen_and_tl(cpu_T0, cpu_T0, cpu_T1);
 break;
-
 default:
 goto unknown_op;
 }
+gen_op_update2_cc();
+set_cc_op(s, CC_OP_BMILGB + ot);
 break;
 
 default:
-- 
2.9.4