diff options
author | Paolo Bonzini | 2022-09-15 02:14:31 +0200 |
---|---|---|
committer | Richard Henderson | 2022-11-15 00:34:42 +0100 |
commit | 35d95e4126d83c0bb0de83007494d184f6111b3d (patch) | |
tree | a9e0f2681a61876654f79156aef293abd06ab7a5 /target | |
parent | target/i386: fix cmpxchg with 32-bit register destination (diff) | |
download | qemu-35d95e4126d83c0bb0de83007494d184f6111b3d.tar.gz qemu-35d95e4126d83c0bb0de83007494d184f6111b3d.tar.xz qemu-35d95e4126d83c0bb0de83007494d184f6111b3d.zip |
target/i386: hardcode R_EAX as destination register for LAHF/SAHF
When translating code that is using LAHF and SAHF in combination with the
REX prefix, the instructions should not use any other register than AH;
however, QEMU selects SPL (SP being register 4, just like AH) if the
REX prefix is present. To fix this, use deposit directly without
going through gen_op_mov_v_reg and gen_op_mov_reg_v.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/130
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Diffstat (limited to 'target')
-rw-r--r-- | target/i386/tcg/translate.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/target/i386/tcg/translate.c b/target/i386/tcg/translate.c index dbd6492778..7e0b2a709a 100644 --- a/target/i386/tcg/translate.c +++ b/target/i386/tcg/translate.c @@ -5230,7 +5230,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu) case 0x9e: /* sahf */ if (CODE64(s) && !(s->cpuid_ext3_features & CPUID_EXT3_LAHF_LM)) goto illegal_op; - gen_op_mov_v_reg(s, MO_8, s->T0, R_AH); + tcg_gen_shri_tl(s->T0, cpu_regs[R_EAX], 8); gen_compute_eflags(s); tcg_gen_andi_tl(cpu_cc_src, cpu_cc_src, CC_O); tcg_gen_andi_tl(s->T0, s->T0, CC_S | CC_Z | CC_A | CC_P | CC_C); @@ -5242,7 +5242,7 @@ static bool disas_insn(DisasContext *s, CPUState *cpu) gen_compute_eflags(s); /* Note: gen_compute_eflags() only gives the condition codes */ tcg_gen_ori_tl(s->T0, cpu_cc_src, 0x02); - gen_op_mov_reg_v(s, MO_8, R_AH, s->T0); + tcg_gen_deposit_tl(cpu_regs[R_EAX], cpu_regs[R_EAX], s->T0, 8, 8); break; case 0xf5: /* cmc */ gen_compute_eflags(s); |