[v1] target/i386: Fix incorrect tcg generation for RCR & RCL instructions

[PATCH] target/i386: Fix incorrect tcg generation for RCR & RCL instructions

Abhigyan Kumar posted 1 patch 2 days, 10 hours ago

Diff against v1 v1 v1
Download mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20260528064941.351917-1-314abh@gmail.com

Maintainers: Paolo Bonzini <pbonzini@redhat.com>, Richard Henderson <richard.henderson@linaro.org>

There is a newer version of this series

target/i386/tcg/emit.c.inc | 2 ++
1 file changed, 2 insertions(+)

Expand all Fold all

[PATCH] target/i386: Fix incorrect tcg generation for RCR & RCL instructions

Posted by Abhigyan Kumar 2 days, 10 hours ago

RCR and RCL instructions of a count of 9 is meaningless for 8-bit
operands. In gen_RCR and gen_RCL functions, gen_rotc_mod converts a
rotation of 9 to 0. But, the can_be_zero flag wasn't updated and hence
we skip the immediate if branch. This causes 0 to underflow into -1 at
tcg_gen_subi_tl(count, count, 1);

Resolves: https://gitlab.com/qemu-project/qemu/-/work_items/3452
---
 target/i386/tcg/emit.c.inc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index ce636b6c5..a71af846d 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -3452,6 +3452,7 @@ static void gen_RCL(DisasContext *s, X86DecodedInsn *decode)
     low_count = tcg_temp_new();
 
     gen_rotc_mod(ot, count);
+    can_be_zero = (ot == MO_8 || ot == MO_16);
     have_1bit_cin = gen_eflags_adcox(s, decode, true, can_be_zero);
     if (can_be_zero) {
         zero_label = gen_new_label();
@@ -3504,6 +3505,7 @@ static void gen_RCR(DisasContext *s, X86DecodedInsn *decode)
     high_count = tcg_temp_new();
 
     gen_rotc_mod(ot, count);
+    can_be_zero = (ot == MO_8 || ot == MO_16);
     have_1bit_cin = gen_eflags_adcox(s, decode, true, can_be_zero);
     if (can_be_zero) {
         zero_label = gen_new_label();
-- 
2.54.0