From 86d6bb4d434dfa65b238e8ea91691126b81e560f Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Fri, 17 Aug 2018 13:49:37 -0400
Subject: [PATCH] target/arm: Fix offset for LD1R instructions

The immediate should be scaled by the size of the memory reference,
not the size of the elements into which it is loaded.

Backports commit d0e372b0298f897993f831dbff7ad4f1c70f138e from qemu
---
 qemu/target/arm/translate-sve.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qemu/target/arm/translate-sve.c b/qemu/target/arm/translate-sve.c
index 789a49fc..cae1e7b3 100644
--- a/qemu/target/arm/translate-sve.c
+++ b/qemu/target/arm/translate-sve.c
@@ -4993,6 +4993,7 @@ static bool trans_LD1R_zpri(DisasContext *s, arg_rpri_load *a, uint32_t insn)
     unsigned vsz = vec_full_reg_size(s);
     unsigned psz = pred_full_reg_size(s);
     unsigned esz = dtype_esz[a->dtype];
+    unsigned msz = dtype_msz(a->dtype);
     TCGLabel *over = gen_new_label(tcg_ctx);
     TCGv_i64 temp;
 
@@ -5016,7 +5017,7 @@ static bool trans_LD1R_zpri(DisasContext *s, arg_rpri_load *a, uint32_t insn)
 
     /* Load the data.  */
     temp = tcg_temp_new_i64(tcg_ctx);
-    tcg_gen_addi_i64(tcg_ctx, temp, cpu_reg_sp(s, a->rn), a->imm << esz);
+    tcg_gen_addi_i64(tcg_ctx, temp, cpu_reg_sp(s, a->rn), a->imm << msz);
     tcg_gen_qemu_ld_i64(s->uc, temp, temp, get_mem_index(s),
                         s->be_data | dtype_mop[a->dtype]);