From: Richard Henderson <[email protected]> If vd == vm, copy vm to scratch, so that we can pre-zero the output and still access the gather indicies.
Cc: [email protected] Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1612 Signed-off-by: Richard Henderson <[email protected]> Message-id: [email protected] Reviewed-by: Peter Maydell <[email protected]> Signed-off-by: Peter Maydell <[email protected]> (cherry picked from commit a6771f2f5cbfbf312e2fb5b1627f38a6bf6321d0) Signed-off-by: Michael Tokarev <[email protected]> diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c index 521fc9b969..27838fb6e2 100644 --- a/target/arm/sve_helper.c +++ b/target/arm/sve_helper.c @@ -6726,6 +6726,7 @@ void sve_ldff1_z(CPUARMState *env, void *vd, uint64_t *vg, void *vm, intptr_t reg_off; SVEHostPage info; target_ulong addr, in_page; + ARMVectorReg scratch; /* Skip to the first true predicate. */ reg_off = find_next_active(vg, 0, reg_max, esz); @@ -6735,6 +6736,11 @@ void sve_ldff1_z(CPUARMState *env, void *vd, uint64_t *vg, void *vm, return; } + /* Protect against overlap between vd and vm. */ + if (unlikely(vd == vm)) { + vm = memcpy(&scratch, vm, reg_max); + } + /* * Probe the first element, allowing faults. */ -- 2.39.2
