diff options
| author | Paolo Bonzini <pbonzini@redhat.com> | 2023-01-31 09:48:03 +0100 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2023-02-11 09:07:25 +0100 |
| commit | 60c7dd22e1383754d5f150bc9f7c2785c662a7b6 (patch) | |
| tree | e0ef4db1c17ebc8850fd3000b98a2abea655070c /tests/qtest/netdev-socket.c | |
| parent | 99282098dc74c2055bde5652bde6cf0067d0c370 (diff) | |
| download | qemu-60c7dd22e1383754d5f150bc9f7c2785c662a7b6.zip qemu-60c7dd22e1383754d5f150bc9f7c2785c662a7b6.tar.gz qemu-60c7dd22e1383754d5f150bc9f7c2785c662a7b6.tar.bz2 | |
target/i386: fix ADOX followed by ADCX
When ADCX is followed by ADOX or vice versa, the second instruction's
carry comes from EFLAGS and the condition codes use the CC_OP_ADCOX
operation. Retrieving the carry from EFLAGS is handled by this bit
of gen_ADCOX:
tcg_gen_extract_tl(carry_in, cpu_cc_src,
ctz32(cc_op == CC_OP_ADCX ? CC_C : CC_O), 1);
Unfortunately, in this case cc_op has been overwritten by the previous
"if" statement to CC_OP_ADCOX. This works by chance when the first
instruction is ADCX; however, if the first instruction is ADOX,
ADCX will incorrectly take its carry from OF instead of CF.
Fix by moving the computation of the new cc_op at the end of the function.
The included exhaustive test case fails without this patch and passes
afterwards.
Because ADCX/ADOX need not be invoked through the VEX prefix, this
regression bisects to commit 16fc5726a6e2 ("target/i386: reimplement
0x0f 0x38, add AVX", 2022-10-18). However, the mistake happened a
little earlier, when BMI instructions were rewritten using the new
decoder framework.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1471
Reported-by: Paul Jolly <https://gitlab.com/myitcv>
Fixes: 1d0b926150e5 ("target/i386: move scalar 0F 38 and 0F 3A instruction to new decoder", 2022-10-18)
Cc: qemu-stable@nongnu.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'tests/qtest/netdev-socket.c')
0 files changed, 0 insertions, 0 deletions