aboutsummaryrefslogtreecommitdiff
path: root/target-i386/ops_sse.h
diff options
context:
space:
mode:
authorBlue Swirl <blauwirbel@gmail.com>2011-11-13 11:11:52 +0000
committerBlue Swirl <blauwirbel@gmail.com>2011-11-19 13:51:27 +0000
commitbc4268998d154b9b3cc86a7b6bd932cc974591c9 (patch)
treebb8859652b669d8ac2ae99caf3eca5f988d8f254 /target-i386/ops_sse.h
parent725e14e91f80b6b2c07b75b66b7b042a9fa9340c (diff)
downloadqemu-bc4268998d154b9b3cc86a7b6bd932cc974591c9.zip
qemu-bc4268998d154b9b3cc86a7b6bd932cc974591c9.tar.gz
qemu-bc4268998d154b9b3cc86a7b6bd932cc974591c9.tar.bz2
x86: fix pcmpestrm and pcmpistrm
Fix obvious typos (decrement and off-by-one error) in pcmpestrm and pcmpistrm which resulted in infinite loop. Reported by Frank Mehnert, spotted also by Coverity (bug 84752853). Reported-by: Frank Mehnert <frank.mehnert@oracle.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Diffstat (limited to 'target-i386/ops_sse.h')
-rw-r--r--target-i386/ops_sse.h12
1 files changed, 8 insertions, 4 deletions
diff --git a/target-i386/ops_sse.h b/target-i386/ops_sse.h
index aa41d25..47dde78 100644
--- a/target-i386/ops_sse.h
+++ b/target-i386/ops_sse.h
@@ -1996,11 +1996,13 @@ void glue(helper_pcmpestrm, SUFFIX) (Reg *d, Reg *s, uint32_t ctrl)
if ((ctrl >> 6) & 1) {
if (ctrl & 1)
- for (i = 0; i <= 8; i--, res >>= 1)
+ for (i = 0; i < 8; i++, res >>= 1) {
d->W(i) = (res & 1) ? ~0 : 0;
+ }
else
- for (i = 0; i <= 16; i--, res >>= 1)
+ for (i = 0; i < 16; i++, res >>= 1) {
d->B(i) = (res & 1) ? ~0 : 0;
+ }
} else {
d->Q(1) = 0;
d->Q(0) = res;
@@ -2028,11 +2030,13 @@ void glue(helper_pcmpistrm, SUFFIX) (Reg *d, Reg *s, uint32_t ctrl)
if ((ctrl >> 6) & 1) {
if (ctrl & 1)
- for (i = 0; i <= 8; i--, res >>= 1)
+ for (i = 0; i < 8; i++, res >>= 1) {
d->W(i) = (res & 1) ? ~0 : 0;
+ }
else
- for (i = 0; i <= 16; i--, res >>= 1)
+ for (i = 0; i < 16; i++, res >>= 1) {
d->B(i) = (res & 1) ? ~0 : 0;
+ }
} else {
d->Q(1) = 0;
d->Q(0) = res;