We were mapping this to ld1 (32-bit unpacked unscaled offset),
which discarded the upper 32 bits of the address coming from
the vector argument.

Fixed by setting XS=2, which is the existing translator internal
value for no extension.  Update the comments, which matched the
incorrect code.

Fixes: https://gitlab.com/qemu-project/qemu/-/issues/826
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/arm/sve.decode | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target/arm/sve.decode b/target/arm/sve.decode
index c60b9f0fec..fd96baeb68 100644
--- a/target/arm/sve.decode
+++ b/target/arm/sve.decode
@@ -1576,9 +1576,9 @@ USDOT_zzzz      01000100 .. 0 ..... 011 110 ..... .....  @rda_rn_rm
 ### SVE2 Memory Gather Load Group
 
 # SVE2 64-bit gather non-temporal load
-#   (scalar plus unpacked 32-bit unscaled offsets)
+#   (scalar plus 64-bit unscaled offsets)
 LDNT1_zprz      1100010 msz:2 00 rm:5 1 u:1 0 pg:3 rn:5 rd:5 \
-                &rprr_gather_load xs=0 esz=3 scale=0 ff=0
+                &rprr_gather_load xs=2 esz=3 scale=0 ff=0
 
 # SVE2 32-bit gather non-temporal load (scalar plus 32-bit unscaled offsets)
 LDNT1_zprz      1000010 msz:2 00 rm:5 10 u:1 pg:3 rn:5 rd:5 \
-- 
2.25.1

On Fri, 4 Mar 2022 at 00:17, Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> We were mapping this to ld1 (32-bit unpacked unscaled offset),
> which discarded the upper 32 bits of the address coming from
> the vector argument.
>
> Fixed by setting XS=2, which is the existing translator internal
> value for no extension.  Update the comments, which matched the
> incorrect code.
>
> Fixes: https://gitlab.com/qemu-project/qemu/-/issues/826
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>  target/arm/sve.decode | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

thanks
-- PMM