git.ipfire.org Git - thirdparty/qemu.git/commit

author	Richard Henderson <richard.henderson@linaro.org>
	Wed, 23 Jul 2025 16:54:54 +0000 (17:54 +0100)
committer	Peter Maydell <peter.maydell@linaro.org>
	Fri, 25 Jul 2025 09:31:45 +0000 (10:31 +0100)
commit	aba39946baaf5ca73aae0b79e2cd0790ddafe291
tree	a3a7a1c43251a6692251f4d513162dd6a69cdc2f	tree
parent	0e171b427b1d2f68d76a2b7cae987432c10ca8aa	commit \| diff

target/arm: Pack mtedesc into upper 32 bits of descriptor

Instead of trying to pack mtedesc into the upper 17 bits of a 32-bit
gvec descriptor, pass the gvec descriptor in the lower 32 bits and
the mte descriptor in the upper 32 bits of a 64-bit operand.

This fixes two bugs:
(1) in gen_sve_ldr() and gen_sve_str() call gen_mte_checkN() with a
length value which is the SVE vector length and can be up to 256
bytes. We don't assert there that it fits in the descriptor, so
we would just fail to do the MTE checks on the right length of memory
if the VL is more than 32 bytes

(2) the new-in-SVE2p1 insns LD3Q, LD4Q, ST3Q, ST4Q also involve
transfers of more than 32 bytes of memory. In this case we would
assert at translate time.

(Note for potential backporting: this commit depends on the previous
"target/arm: Expand the descriptor for SME/SVE memory ops to i64".)

Fixes: 7b1613a1020d2942 ("target/arm: Enable FEAT_SME2p1 on -cpu max")
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20250723165458.3509150-3-peter.maydell@linaro.org
[PMM: expand commit message to clarify that we are fixing bugs here]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

target/arm/internals.h		diff \| blob \| blame \| history
target/arm/tcg/sme_helper.c		diff \| blob \| blame \| history
target/arm/tcg/sve_helper.c		diff \| blob \| blame \| history
target/arm/tcg/translate-sve.c		diff \| blob \| blame \| history