unicorn/qemu
Joseph Myers 18b0ae9ebd target/i386: correct fix for pcmpxstrx substring search
This corrects a bug introduced in my previous fix for SSE4.2 pcmpestri
/ pcmpestrm / pcmpistri / pcmpistrm substring search, commit
ae35eea7e4a9f21dd147406dfbcd0c4c6aaf2a60.

That commit fixed a bug that showed up in four GCC tests with one libc
implementation. The tests in question generate random inputs to the
intrinsics and compare results to a C implementation, but they only
test 1024 possible random inputs, and when the tests use the cases of
those instructions that work with word rather than byte inputs, it's
easy to have problematic cases that show up much less frequently than
that. Thus, testing with a different libc implementation, and so a
different random number generator, showed up a problem with the
previous patch.

When investigating the previous test failures, I found the description
of these instructions in the Intel manuals (starting from computing a
16x16 or 8x8 set of comparison results) confusing and hard to match up
with the more optimized implementation in QEMU, and referred to AMD
manuals which described the instructions in a different way. Those
AMD descriptions are very explicit that the whole of the string being
searched for must be found in the other operand, not running off the
end of that operand; they say "If the prototype and the SUT are equal
in length, the two strings must be identical for the comparison to be
TRUE.". However, that statement is incorrect.

In my previous commit message, I noted:

The operation in this case is a search for a string (argument d to
the helper) in another string (argument s to the helper); if a copy
of d at a particular position would run off the end of s, the
resulting output bit should be 0 whether or not the strings match in
the region where they overlap, but the QEMU implementation was
wrongly comparing only up to the point where s ends and counting it
as a match if an initial segment of d matched a terminal segment of
s. Here, "run off the end of s" means that some byte of d would
overlap some byte outside of s; thus, if d has zero length, it is
considered to match everywhere, including after the end of s.

The description "some byte of d would overlap some byte outside of s"
is accurate only when understood to refer to overlapping some byte
*within the 16-byte operand* but at or after the zero terminator; it
is valid to run over the end of s if the end of s is the end of the
16-byte operand. So the fix in the previous patch for the case of d
being empty was correct, but the other part of that patch was not
correct (as it never allowed partial matches even at the end of the
16-byte operand). Nor was the code before the previous patch correct
for the case of d nonempty, as it would always have allowed partial
matches at the end of s.

Fix with a partial revert of my previous change, combined with
inserting a check for the special case of s having maximum length to
determine where it is necessary to check for matches.

In the added test, test 1 is for the case of empty strings, which
failed before my 2017 patch, test 2 is for the bug introduced by my
2017 patch and test 3 deals with the case where a match of an initial
segment at the end of the string is not valid when the string ends
before the end of the 16-byte operand (that is, the case that would be
broken by a simple revert of the non-empty-string part of my 2017
patch).

Backports commit bc921b2711c4e2e8ab99a3045f6c0f134a93b535 from qemu
2020-06-15 13:20:48 -04:00
..
accel tcg: Implement gvec support for rotate by vector 2020-06-14 21:43:46 -04:00
crypto
default-configs target/riscv: Initial introduction of the RISC-V target 2019-03-08 21:46:10 -05:00
docs docs/devel/memory.txt: Document _with_attrs accessors 2018-10-04 04:46:26 -04:00
fpu softfloat: Return bool from all classification predicates 2020-05-21 18:23:11 -04:00
hw Expose different 32-bit ARM CPU models to users via UC_MODE flags (#1165) 2020-01-14 09:37:21 -05:00
include softfloat: Return bool from all classification predicates 2020-05-21 18:23:11 -04:00
qapi qapi: Rewrite string-input-visitor's integer and list parsing 2018-12-18 04:57:25 -05:00
qobject qstring: Move qstring_from_substr()'s @end one to the right 2018-08-02 21:24:19 -04:00
qom cpu: Move icount_decr to CPUNegativeOffsetState 2019-06-13 15:34:28 -04:00
scripts decodetree: Multi-cleanup 2020-06-15 12:49:02 -04:00
target target/i386: correct fix for pcmpxstrx substring search 2020-06-15 13:20:48 -04:00
tcg tcg: Improve move ops in liveness_pass_2 2020-06-14 22:13:04 -04:00
util util/cutils: Turn FIXME comment into QEMU_BUILD_BUG_ON() 2020-01-14 08:04:30 -05:00
aarch64.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
aarch64eb.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
accel.c clean-up: removed duplicate #includes 2018-02-28 08:51:56 -05:00
arm.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
armeb.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
CODING_STYLE.rst docs: split the CODING_STYLE doc into distinct groups 2019-11-28 02:54:44 -05:00
configure configure: Support -static-pie if requested 2020-04-30 07:09:34 -04:00
COPYING
COPYING.LIB
cpus.c Include qapi/error.h exactly where needed 2018-03-07 12:26:38 -05:00
exec.c Memory: Enable writeback for given memory region 2020-01-14 07:44:24 -05:00
gen_all_header.sh
glib_compat.c target/arm: Add VHE system register redirection and aliasing 2020-03-21 15:57:03 -04:00
header_gen.py target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
ioport.c hw: remove pio_addr_t 2018-02-24 02:43:16 -05:00
LICENSE
m68k.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
Makefile Makefile: Rename targets for make recursion 2019-08-08 17:26:49 -04:00
Makefile.objs qapi: Move qapi-schema.json to qapi/, rename generated files 2018-03-09 11:35:11 -05:00
Makefile.target configure: Remove old -fno-gcse workaround for GCC 4.6.x and 4.7.[012] 2018-12-18 03:52:36 -05:00
memory.c Memory: Enable writeback for given memory region 2020-01-14 07:44:24 -05:00
memory_ldst.inc.c memory: Single byte swap along the I/O path 2020-01-07 19:12:04 -05:00
memory_mapping.c
mips.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
mips64.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
mips64el.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
mipsel.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
powerpc.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
qemu-timer.c timer/cpus: fix some typos and update some comments 2018-02-25 23:21:57 -05:00
riscv32.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
riscv64.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
rules.mak build-sys: silence make by default or V=0 2018-03-06 08:58:03 -05:00
sparc.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
sparc64.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00
unicorn_common.h unicorn_common: Fix unicorn memory functions failing 2018-09-03 10:40:14 -04:00
VERSION Open 5.1 development tree 2020-04-30 07:30:38 -04:00
vl.c Use cpu_create(type) instead of cpu_init(cpu_model) 2018-03-20 14:20:30 -04:00
vl.h
x86_64.h target/arm: Split helper_crypto_sm3tt 2020-06-14 23:24:21 -04:00