diff options
| author | Richard Henderson <richard.henderson@linaro.org> | 2023-01-14 13:05:42 -1000 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2023-02-11 09:07:25 +0100 |
| commit | b14c0098975264ed03144f145bca0179a6763a07 (patch) | |
| tree | 8296781e30c6d0ff58b729095b93d03c7a3e9b32 /target/i386/tcg | |
| parent | 5d62d6649cd367b5b4a3676e7514d2f9ca86cb03 (diff) | |
| download | qemu-b14c0098975264ed03144f145bca0179a6763a07.zip qemu-b14c0098975264ed03144f145bca0179a6763a07.tar.gz qemu-b14c0098975264ed03144f145bca0179a6763a07.tar.bz2 | |
target/i386: Fix BEXTR instruction
There were two problems here: not limiting the input to operand bits,
and not correctly handling large extraction length.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1372
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230114230542.3116013-3-richard.henderson@linaro.org>
Cc: qemu-stable@nongnu.org
Fixes: 1d0b926150e5 ("target/i386: move scalar 0F 38 and 0F 3A instruction to new decoder", 2022-10-18)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'target/i386/tcg')
| -rw-r--r-- | target/i386/tcg/emit.c.inc | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc index 7037ff9..99f6ba6 100644 --- a/target/i386/tcg/emit.c.inc +++ b/target/i386/tcg/emit.c.inc @@ -1078,30 +1078,30 @@ static void gen_ANDN(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) static void gen_BEXTR(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode) { MemOp ot = decode->op[0].ot; - TCGv bound, zero; + TCGv bound = tcg_constant_tl(ot == MO_64 ? 63 : 31); + TCGv zero = tcg_constant_tl(0); + TCGv mone = tcg_constant_tl(-1); /* * Extract START, and shift the operand. * Shifts larger than operand size get zeros. */ tcg_gen_ext8u_tl(s->A0, s->T1); + if (TARGET_LONG_BITS == 64 && ot == MO_32) { + tcg_gen_ext32u_tl(s->T0, s->T0); + } tcg_gen_shr_tl(s->T0, s->T0, s->A0); - bound = tcg_constant_tl(ot == MO_64 ? 63 : 31); - zero = tcg_constant_tl(0); tcg_gen_movcond_tl(TCG_COND_LEU, s->T0, s->A0, bound, s->T0, zero); /* - * Extract the LEN into a mask. Lengths larger than - * operand size get all ones. + * Extract the LEN into an inverse mask. Lengths larger than + * operand size get all zeros, length 0 gets all ones. */ tcg_gen_extract_tl(s->A0, s->T1, 8, 8); - tcg_gen_movcond_tl(TCG_COND_LEU, s->A0, s->A0, bound, s->A0, bound); - - tcg_gen_movi_tl(s->T1, 1); - tcg_gen_shl_tl(s->T1, s->T1, s->A0); - tcg_gen_subi_tl(s->T1, s->T1, 1); - tcg_gen_and_tl(s->T0, s->T0, s->T1); + tcg_gen_shl_tl(s->T1, mone, s->A0); + tcg_gen_movcond_tl(TCG_COND_LEU, s->T1, s->A0, bound, s->T1, zero); + tcg_gen_andc_tl(s->T0, s->T0, s->T1); gen_op_update1_cc(s); set_cc_op(s, CC_OP_LOGICB + ot); |