* [Qemu-devel] [PULL 0/7] target-i386 fixes
@ 2016-03-13 2:17 Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 1/7] target-i386: Avoid repeated calls to the bnd_jmp helper Richard Henderson
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: Richard Henderson @ 2016-03-13 2:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell
This is primarily patches fixing Windows booting regressions
introduced by myself. Many thanks to Herve for reporting them
and Paolo for fixing two of them.
r~
The following changes since commit 3c0f12df65da872d5fbccae469f2cb21ed1c03b7:
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160304' into staging (2016-03-04 11:46:32 +0000)
are available in the git repository at:
git://github.com/rth7680/qemu.git tags/pull-i386-20160312
for you to fetch changes up to 2354c42e1c365ceb2acf5e6163c004c7d17b6be4:
target-i386: Dump unknown opcodes with -d unimp (2016-03-12 16:26:14 -0800)
----------------------------------------------------------------
Collected target-i386 fixes
----------------------------------------------------------------
Alex Pyrgiotis (1):
scsi-bus: Remove tape command from scsi_req_xfer
Daniel P. Berrange (1):
qmp-shell: fix pretty printing of JSON responses
Dr. David Alan Gilbert (1):
Postcopy: Fix sync count in info migrate
Eric Blake (11):
qapi-dealloc: Reduce use outside of generated code
qapi: Rename 'fields' to 'members' in generator
qapi: Rename 'fields' to 'members' in generated C code
qapi-visit: Expose visit_type_FOO_members()
qapi: Update docs to match recent generator changes
chardev: Shorten references into ChardevBackend
util: Shorten references into SocketAddress
ui: Shorten references into InputEvent
qapi: Avoid use of 'data' member of QAPI unions
chardev: Drop useless ChardevDummy type
qapi: Drop useless 'data' member of unions
Fam Zheng (7):
exec: Return RAMBlock pointer from allocating functions
memory: Move assignment to ram_block to memory_region_init_*
memory: Implement memory_region_get_ram_addr with mr->ram_block
memory: Drop MemoryRegion.ram_addr
exec: Pass RAMBlock pointer to qemu_ram_free
exec: Factor out section_covers_addr
exec: Introduce AddressSpaceDispatch.mru_section
Frediano Ziglio (1):
vnc: send cursor when a new client is connecting
Gabriel L. Somlo (5):
fw_cfg: expose control register size in fw_cfg.h
pc: fw_cfg: move ioport base constant to pc.h
acpi: pc: add fw_cfg device node to dsdt
acpi: arm: add fw_cfg device node to dsdt
fw_cfg: document ACPI device node information
Gerd Hoffmann (4):
tests: update acpi test data
input: linux evdev support
input-linux: add option to toggle grab on all devices
input-linux: add switch to enable auto-repeat events
Hervé Poussineau (1):
i8257: fix Terminal Count status
Jason Wang (1):
net: filter: correctly remove filter from the list during finalization
Jiri Pirko (4):
rocker: forbid to change world type
rocker: return -ENOMEM in case of some world alloc fails
rocker: add name field into WorldOps ale let world specify its name
rocker: allow user to specify rocker world by property
Ladi Prosek (1):
rng: switch request queue to QSIMPLEQ
Liang Li (2):
configure: detect ifunc and avx2 attribute
cutils: add avx2 instruction optimization
Paolo Bonzini (5):
log: do not log if QEMU is daemonized but without -D
net: simplify net_init_tap_one logic
target-i386: Avoid repeated calls to the bnd_jmp helper
target-i386: Fix SMSW and LMSW from/to register
target-i386: Fix addr16 prefix
Peter Maydell (9):
Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2016-03-04' into staging
doc/memory.txt: correct description of MemoryRegionOps fields
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
Merge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-for-2.6-2' into staging
Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20160308-1' into staging
Merge remote-tracking branch 'remotes/amit-migration/tags/migration-for-2.6-6' into staging
Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging
Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160309-1' into staging
Pranith Kumar (1):
icount: possible options for sleep are on or off
Prasad J Pandit (2):
net: ne2000: check ring buffer control registers
net: check packet payload length
Ren Kimura (1):
ui/console: add escape sequence \e[5, 6n
Richard Henderson (4):
target-i386: Fix SMSW for 64-bit mode
target-i386: Use gen_nop_modrm for prefetch instructions
target-i386: Fix inhibit irq mask handling
target-i386: Dump unknown opcodes with -d unimp
Samuel Thibault (1):
MAINTAINERS: Add Samuel Thibault as slirp maintainer
Thomas Huth (2):
MAINTAINERS: Add entry for include/sysemu/kvm*.h
MAINTAINERS: Add entries for include/net/ files
Vincenzo Maffione (1):
net: netmap: probe netmap interface for virtio-net header
Wei Yang (1):
kvm/irqchip: use bitmap utility for gsi tracking
xiaoqiang zhao (1):
doc/memory.txt: correct a logic error
zhanghailiang (2):
filter: Add 'status' property for filter object
filter-buffer: Add status_changed callback processing
MAINTAINERS | 4 +
backends/baum.c | 2 +-
backends/msmouse.c | 2 +-
backends/rng-egd.c | 9 +-
backends/rng-random.c | 6 +-
backends/rng.c | 17 +-
block/nbd.c | 14 +-
blockdev.c | 31 +--
configure | 21 ++
cpus.c | 4 +-
cputlb.c | 4 +-
docs/memory.txt | 11 +-
docs/qapi-code-gen.txt | 340 ++++++++++++++-------------
docs/qmp-spec.txt | 4 +-
docs/specs/fw_cfg.txt | 9 +
exec.c | 107 +++++----
hw/acpi/core.c | 11 +-
hw/arm/virt-acpi-build.c | 15 ++
hw/char/escc.c | 12 +-
hw/dma/i8257.c | 4 +
hw/i386/acpi-build.c | 29 +++
hw/i386/pc.c | 5 +-
hw/input/hid.c | 36 +--
hw/input/ps2.c | 27 ++-
hw/input/virtio-input-hid.c | 33 +--
hw/misc/ivshmem.c | 9 +-
hw/net/ne2000.c | 4 +
hw/net/rocker/rocker.c | 38 +++-
hw/net/rocker/rocker_fp.c | 5 +
hw/net/rocker/rocker_fp.h | 1 +
hw/net/rocker/rocker_of_dpa.c | 1 +
hw/net/rocker/rocker_world.c | 7 +-
hw/net/rocker/rocker_world.h | 1 +
hw/nvram/fw_cfg.c | 4 +-
hw/scsi/scsi-bus.c | 1 -
include/exec/memory.h | 9 +-
include/exec/ram_addr.h | 24 +-
include/hw/i386/pc.h | 2 +
include/hw/nvram/fw_cfg.h | 3 +
include/net/filter.h | 4 +
include/qemu-common.h | 8 +-
include/sysemu/rng.h | 3 +-
include/ui/input.h | 2 +
kvm-all.c | 37 +--
memory.c | 56 +++--
migration/migration.c | 1 +
net/checksum.c | 10 +-
net/filter-buffer.c | 34 ++-
net/filter.c | 44 +++-
net/net.c | 31 +--
net/netmap.c | 59 +++--
net/tap.c | 4 +-
numa.c | 9 +-
qapi-schema.json | 15 +-
qemu-char.c | 179 ++++++++-------
qemu-nbd.c | 9 +-
qemu-options.hx | 19 +-
replay/replay-input.c | 31 ++-
scripts/dump-guest-memory.py | 2 +-
scripts/qapi-commands.py | 4 +-
scripts/qapi-event.py | 4 +-
scripts/qapi-types.py | 19 +-
scripts/qapi-visit.py | 51 ++---
scripts/qapi.py | 20 +-
scripts/qmp/qmp-shell | 23 +-
target-i386/translate.c | 284 +++++++++++++----------
tests/Makefile | 1 -
tests/acpi-test-data/pc/DSDT | Bin 5478 -> 5538 bytes
tests/acpi-test-data/pc/DSDT.bridge | Bin 7337 -> 7397 bytes
tests/acpi-test-data/q35/DSDT | Bin 8321 -> 8381 bytes
tests/acpi-test-data/q35/DSDT.bridge | Bin 8338 -> 8398 bytes
tests/qapi-schema/qapi-schema-test.json | 2 +-
tests/qapi-schema/union-clash-data.err | 0
tests/qapi-schema/union-clash-data.exit | 1 -
tests/qapi-schema/union-clash-data.json | 7 -
tests/qapi-schema/union-clash-data.out | 9 -
tests/test-io-channel-socket.c | 34 +--
tests/test-opts-visitor.c | 10 +-
ui/Makefile.objs | 1 +
ui/console.c | 56 +++--
ui/input-legacy.c | 25 +-
ui/input-linux.c | 391 ++++++++++++++++++++++++++++++++
ui/input.c | 56 +++--
ui/vnc.c | 42 ++--
util/cutils.c | 124 +++++++++-
util/log.c | 7 +-
util/qemu-sockets.c | 11 +-
vl.c | 11 +
88 files changed, 1721 insertions(+), 895 deletions(-)
delete mode 100644 tests/qapi-schema/union-clash-data.err
delete mode 100644 tests/qapi-schema/union-clash-data.exit
delete mode 100644 tests/qapi-schema/union-clash-data.json
delete mode 100644 tests/qapi-schema/union-clash-data.out
create mode 100644 ui/input-linux.c
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 1/7] target-i386: Avoid repeated calls to the bnd_jmp helper
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
@ 2016-03-13 2:17 ` Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 2/7] target-i386: Fix SMSW and LMSW from/to register Richard Henderson
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Richard Henderson @ 2016-03-13 2:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, Paolo Bonzini
From: Paolo Bonzini <pbonzini@redhat.com>
Two flags were tested the wrong way.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1456845145-18891-1-git-send-email-pbonzini@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
[rth: Fixed enable test as well.]
---
target-i386/translate.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 53dee79..cd214a6 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -2409,12 +2409,12 @@ static void gen_reset_hflag(DisasContext *s, uint32_t mask)
/* Clear BND registers during legacy branches. */
static void gen_bnd_jmp(DisasContext *s)
{
- /* Do nothing if BND prefix present, MPX is disabled, or if the
- BNDREGs are known to be in INIT state already. The helper
- itself will check BNDPRESERVE at runtime. */
+ /* Clear the registers only if BND prefix is missing, MPX is enabled,
+ and if the BNDREGs are known to be in use (non-zero) already.
+ The helper itself will check BNDPRESERVE at runtime. */
if ((s->prefix & PREFIX_REPNZ) == 0
- && (s->flags & HF_MPX_EN_MASK) == 0
- && (s->flags & HF_MPX_IU_MASK) == 0) {
+ && (s->flags & HF_MPX_EN_MASK) != 0
+ && (s->flags & HF_MPX_IU_MASK) != 0) {
gen_helper_bnd_jmp(cpu_env);
}
}
--
2.5.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 2/7] target-i386: Fix SMSW and LMSW from/to register
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 1/7] target-i386: Avoid repeated calls to the bnd_jmp helper Richard Henderson
@ 2016-03-13 2:17 ` Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 3/7] target-i386: Fix SMSW for 64-bit mode Richard Henderson
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Richard Henderson @ 2016-03-13 2:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, Paolo Bonzini
From: Paolo Bonzini <pbonzini@redhat.com>
SMSW and LMSW accept register operands, but commit 1906b2a ("target-i386:
Rearrange processing of 0F 01", 2016-02-13) did not account for that.
Fixes: 1906b2af7c2345037d9b2fdf484b457b5acd09d1
Reported-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1456845134-18812-1-git-send-email-pbonzini@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
target-i386/translate.c | 38 ++++++++++++++++++++++----------------
1 file changed, 22 insertions(+), 16 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index cd214a6..10cc2fa 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -57,11 +57,17 @@
#endif
/* For a switch indexed by MODRM, match all memory operands for a given OP. */
-#define CASE_MEM_OP(OP) \
+#define CASE_MODRM_MEM_OP(OP) \
case (0 << 6) | (OP << 3) | 0 ... (0 << 6) | (OP << 3) | 7: \
case (1 << 6) | (OP << 3) | 0 ... (1 << 6) | (OP << 3) | 7: \
case (2 << 6) | (OP << 3) | 0 ... (2 << 6) | (OP << 3) | 7
+#define CASE_MODRM_OP(OP) \
+ case (0 << 6) | (OP << 3) | 0 ... (0 << 6) | (OP << 3) | 7: \
+ case (1 << 6) | (OP << 3) | 0 ... (1 << 6) | (OP << 3) | 7: \
+ case (2 << 6) | (OP << 3) | 0 ... (2 << 6) | (OP << 3) | 7: \
+ case (3 << 6) | (OP << 3) | 0 ... (3 << 6) | (OP << 3) | 7
+
//#define MACRO_TEST 1
/* global register indexes */
@@ -7038,7 +7044,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
case 0x101:
modrm = cpu_ldub_code(env, s->pc++);
switch (modrm) {
- CASE_MEM_OP(0): /* sgdt */
+ CASE_MODRM_MEM_OP(0): /* sgdt */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_GDTR_READ);
gen_lea_modrm(env, s, modrm);
tcg_gen_ld32u_tl(cpu_T0,
@@ -7094,7 +7100,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_eob(s);
break;
- CASE_MEM_OP(1): /* sidt */
+ CASE_MODRM_MEM_OP(1): /* sidt */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_IDTR_READ);
gen_lea_modrm(env, s, modrm);
tcg_gen_ld32u_tl(cpu_T0, cpu_env, offsetof(CPUX86State, idt.limit));
@@ -7240,7 +7246,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_invlpga(cpu_env, tcg_const_i32(s->aflag - 1));
break;
- CASE_MEM_OP(2): /* lgdt */
+ CASE_MODRM_MEM_OP(2): /* lgdt */
if (s->cpl != 0) {
gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
break;
@@ -7257,7 +7263,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
tcg_gen_st32_tl(cpu_T1, cpu_env, offsetof(CPUX86State, gdt.limit));
break;
- CASE_MEM_OP(3): /* lidt */
+ CASE_MODRM_MEM_OP(3): /* lidt */
if (s->cpl != 0) {
gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
break;
@@ -7274,7 +7280,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
tcg_gen_st32_tl(cpu_T1, cpu_env, offsetof(CPUX86State, idt.limit));
break;
- CASE_MEM_OP(4): /* smsw */
+ CASE_MODRM_OP(4): /* smsw */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_READ_CR0);
#if defined TARGET_X86_64 && defined HOST_WORDS_BIGENDIAN
tcg_gen_ld32u_tl(cpu_T0, cpu_env, offsetof(CPUX86State, cr[0]) + 4);
@@ -7284,7 +7290,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 1);
break;
- CASE_MEM_OP(6): /* lmsw */
+ CASE_MODRM_OP(6): /* lmsw */
if (s->cpl != 0) {
gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
break;
@@ -7296,7 +7302,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_eob(s);
break;
- CASE_MEM_OP(7): /* invlpg */
+ CASE_MODRM_MEM_OP(7): /* invlpg */
if (s->cpl != 0) {
gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
break;
@@ -7778,7 +7784,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
case 0x1ae:
modrm = cpu_ldub_code(env, s->pc++);
switch (modrm) {
- CASE_MEM_OP(0): /* fxsave */
+ CASE_MODRM_MEM_OP(0): /* fxsave */
if (!(s->cpuid_features & CPUID_FXSR)
|| (prefixes & PREFIX_LOCK)) {
goto illegal_op;
@@ -7791,7 +7797,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fxsave(cpu_env, cpu_A0);
break;
- CASE_MEM_OP(1): /* fxrstor */
+ CASE_MODRM_MEM_OP(1): /* fxrstor */
if (!(s->cpuid_features & CPUID_FXSR)
|| (prefixes & PREFIX_LOCK)) {
goto illegal_op;
@@ -7804,7 +7810,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fxrstor(cpu_env, cpu_A0);
break;
- CASE_MEM_OP(2): /* ldmxcsr */
+ CASE_MODRM_MEM_OP(2): /* ldmxcsr */
if ((s->flags & HF_EM_MASK) || !(s->flags & HF_OSFXSR_MASK)) {
goto illegal_op;
}
@@ -7817,7 +7823,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_ldmxcsr(cpu_env, cpu_tmp2_i32);
break;
- CASE_MEM_OP(3): /* stmxcsr */
+ CASE_MODRM_MEM_OP(3): /* stmxcsr */
if ((s->flags & HF_EM_MASK) || !(s->flags & HF_OSFXSR_MASK)) {
goto illegal_op;
}
@@ -7830,7 +7836,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_op_st_v(s, MO_32, cpu_T0, cpu_A0);
break;
- CASE_MEM_OP(4): /* xsave */
+ CASE_MODRM_MEM_OP(4): /* xsave */
if ((s->cpuid_ext_features & CPUID_EXT_XSAVE) == 0
|| (prefixes & (PREFIX_LOCK | PREFIX_DATA
| PREFIX_REPZ | PREFIX_REPNZ))) {
@@ -7842,7 +7848,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_xsave(cpu_env, cpu_A0, cpu_tmp1_i64);
break;
- CASE_MEM_OP(5): /* xrstor */
+ CASE_MODRM_MEM_OP(5): /* xrstor */
if ((s->cpuid_ext_features & CPUID_EXT_XSAVE) == 0
|| (prefixes & (PREFIX_LOCK | PREFIX_DATA
| PREFIX_REPZ | PREFIX_REPNZ))) {
@@ -7859,7 +7865,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_eob(s);
break;
- CASE_MEM_OP(6): /* xsaveopt / clwb */
+ CASE_MODRM_MEM_OP(6): /* xsaveopt / clwb */
if (prefixes & PREFIX_LOCK) {
goto illegal_op;
}
@@ -7883,7 +7889,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
- CASE_MEM_OP(7): /* clflush / clflushopt */
+ CASE_MODRM_MEM_OP(7): /* clflush / clflushopt */
if (prefixes & PREFIX_LOCK) {
goto illegal_op;
}
--
2.5.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 3/7] target-i386: Fix SMSW for 64-bit mode
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 1/7] target-i386: Avoid repeated calls to the bnd_jmp helper Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 2/7] target-i386: Fix SMSW and LMSW from/to register Richard Henderson
@ 2016-03-13 2:17 ` Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 4/7] target-i386: Fix addr16 prefix Richard Henderson
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Richard Henderson @ 2016-03-13 2:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell
In non-64-bit modes, the instruction always stores 16 bits.
But in 64-bit mode, when the destination is a register, the
instruction can write 32 or 64 bits.
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
target-i386/translate.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 10cc2fa..b73c237 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -7282,12 +7282,14 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
CASE_MODRM_OP(4): /* smsw */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_READ_CR0);
-#if defined TARGET_X86_64 && defined HOST_WORDS_BIGENDIAN
- tcg_gen_ld32u_tl(cpu_T0, cpu_env, offsetof(CPUX86State, cr[0]) + 4);
-#else
- tcg_gen_ld32u_tl(cpu_T0, cpu_env, offsetof(CPUX86State, cr[0]));
-#endif
- gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 1);
+ tcg_gen_ld_tl(cpu_T0, cpu_env, offsetof(CPUX86State, cr[0]));
+ if (CODE64(s)) {
+ mod = (modrm >> 6) & 3;
+ ot = (mod != 3 ? MO_16 : s->dflag);
+ } else {
+ ot = MO_16;
+ }
+ gen_ldst_modrm(env, s, modrm, ot, OR_TMP0, 1);
break;
CASE_MODRM_OP(6): /* lmsw */
--
2.5.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 4/7] target-i386: Fix addr16 prefix
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
` (2 preceding siblings ...)
2016-03-13 2:17 ` [Qemu-devel] [PULL 3/7] target-i386: Fix SMSW for 64-bit mode Richard Henderson
@ 2016-03-13 2:17 ` Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 5/7] target-i386: Use gen_nop_modrm for prefetch instructions Richard Henderson
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Richard Henderson @ 2016-03-13 2:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, Paolo Bonzini
From: Paolo Bonzini <pbonzini@redhat.com>
While ADDSEG will only be false in 16-bit mode for LEA, it can be
false even in other cases when 16-bit addresses are obtained via
the 67h prefix in 32-bit mode. In this case, gen_lea_v_seg forgets
to add a nonzero FS or GS base if CS/DS/ES/SS are all zero. This
case is pretty rare but happens when booting Windows 95/98, and
this patch fixes it.
The bug is visible since commit d6a291498, but it was introduced
together with gen_lea_v_seg and it probably could be reproduced
with a "addr16 gs movsb" instruction as early as in commit
ca2f29f555805d07fb0b9ebfbbfc4e3656530977.
Reported-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <1456931078-21635-1-git-send-email-pbonzini@redhat.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
target-i386/translate.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index b73c237..0b67165 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -466,15 +466,15 @@ static void gen_lea_v_seg(DisasContext *s, TCGMemOp aflag, TCGv a0,
break;
case MO_16:
/* 16 bit address */
- if (ovr_seg < 0) {
- ovr_seg = def_seg;
- }
tcg_gen_ext16u_tl(cpu_A0, a0);
- /* ADDSEG will only be false in 16-bit mode for LEA. */
- if (!s->addseg) {
- return;
- }
a0 = cpu_A0;
+ if (ovr_seg < 0) {
+ if (s->addseg) {
+ ovr_seg = def_seg;
+ } else {
+ return;
+ }
+ }
break;
default:
tcg_abort();
--
2.5.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 5/7] target-i386: Use gen_nop_modrm for prefetch instructions
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
` (3 preceding siblings ...)
2016-03-13 2:17 ` [Qemu-devel] [PULL 4/7] target-i386: Fix addr16 prefix Richard Henderson
@ 2016-03-13 2:17 ` Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 6/7] target-i386: Fix inhibit irq mask handling Richard Henderson
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: Richard Henderson @ 2016-03-13 2:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
target-i386/translate.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 0b67165..2631c77 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -7475,7 +7475,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
case 3: /* prefetchnt0 */
if (mod == 3)
goto illegal_op;
- gen_lea_modrm(env, s, modrm);
+ gen_nop_modrm(env, s, modrm);
/* nothing more to do */
break;
default: /* nop (multi byte) */
@@ -7973,8 +7973,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
mod = (modrm >> 6) & 3;
if (mod == 3)
goto illegal_op;
- gen_lea_modrm(env, s, modrm);
- /* ignore for now */
+ gen_nop_modrm(env, s, modrm);
break;
case 0x1aa: /* rsm */
gen_svm_check_intercept(s, pc_start, SVM_EXIT_RSM);
--
2.5.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 6/7] target-i386: Fix inhibit irq mask handling
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
` (4 preceding siblings ...)
2016-03-13 2:17 ` [Qemu-devel] [PULL 5/7] target-i386: Use gen_nop_modrm for prefetch instructions Richard Henderson
@ 2016-03-13 2:17 ` Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 7/7] target-i386: Dump unknown opcodes with -d unimp Richard Henderson
2016-03-14 16:57 ` [Qemu-devel] [PULL 0/7] target-i386 fixes Peter Maydell
7 siblings, 0 replies; 9+ messages in thread
From: Richard Henderson @ 2016-03-13 2:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell
The patch in 7f0b714 was too simplistic, in that we wound up setting
the flag and then resetting it immediately in gen_eob.
Fixes the reported boot problem with Windows XP.
Reported-by: Hervé Poussineau <hpoussin@reactos.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
target-i386/translate.c | 76 ++++++++++++++++++++++++-------------------------
1 file changed, 37 insertions(+), 39 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 2631c77..92cb1c8 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -2425,12 +2425,19 @@ static void gen_bnd_jmp(DisasContext *s)
}
}
-/* generate a generic end of block. Trace exception is also generated
- if needed */
-static void gen_eob(DisasContext *s)
+/* Generate an end of block. Trace exception is also generated if needed.
+ If IIM, set HF_INHIBIT_IRQ_MASK if it isn't already set. */
+static void gen_eob_inhibit_irq(DisasContext *s, bool inhibit)
{
gen_update_cc_op(s);
- gen_reset_hflag(s, HF_INHIBIT_IRQ_MASK);
+
+ /* If several instructions disable interrupts, only the first does it. */
+ if (inhibit && !(s->flags & HF_INHIBIT_IRQ_MASK)) {
+ gen_set_hflag(s, HF_INHIBIT_IRQ_MASK);
+ } else {
+ gen_reset_hflag(s, HF_INHIBIT_IRQ_MASK);
+ }
+
if (s->tb->flags & HF_RF_MASK) {
gen_helper_reset_rf(cpu_env);
}
@@ -2444,6 +2451,12 @@ static void gen_eob(DisasContext *s)
s->is_jmp = DISAS_TB_JUMP;
}
+/* End of block, resetting the inhibit irq flag. */
+static void gen_eob(DisasContext *s)
+{
+ gen_eob_inhibit_irq(s, false);
+}
+
/* generate a jump to eip. No segment change must happen before as a
direct call to the next block may occur */
static void gen_jmp_tb(DisasContext *s, target_ulong eip, int tb_num)
@@ -5177,16 +5190,15 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
ot = gen_pop_T0(s);
gen_movl_seg_T0(s, reg);
gen_pop_update(s, ot);
- if (reg == R_SS) {
- /* if reg == SS, inhibit interrupts/trace. */
- /* If several instructions disable interrupts, only the
- _first_ does it */
- gen_set_hflag(s, HF_INHIBIT_IRQ_MASK);
- s->tf = 0;
- }
+ /* Note that reg == R_SS in gen_movl_seg_T0 always sets is_jmp. */
if (s->is_jmp) {
gen_jmp_im(s->pc - s->cs_base);
- gen_eob(s);
+ if (reg == R_SS) {
+ s->tf = 0;
+ gen_eob_inhibit_irq(s, true);
+ } else {
+ gen_eob(s);
+ }
}
break;
case 0x1a1: /* pop fs */
@@ -5244,16 +5256,15 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
goto illegal_op;
gen_ldst_modrm(env, s, modrm, MO_16, OR_TMP0, 0);
gen_movl_seg_T0(s, reg);
- if (reg == R_SS) {
- /* if reg == SS, inhibit interrupts/trace */
- /* If several instructions disable interrupts, only the
- _first_ does it */
- gen_set_hflag(s, HF_INHIBIT_IRQ_MASK);
- s->tf = 0;
- }
+ /* Note that reg == R_SS in gen_movl_seg_T0 always sets is_jmp. */
if (s->is_jmp) {
gen_jmp_im(s->pc - s->cs_base);
- gen_eob(s);
+ if (reg == R_SS) {
+ s->tf = 0;
+ gen_eob_inhibit_irq(s, true);
+ } else {
+ gen_eob(s);
+ }
}
break;
case 0x8c: /* mov Gv, seg */
@@ -6779,26 +6790,13 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
case 0xfb: /* sti */
- if (!s->vm86) {
- if (s->cpl <= s->iopl) {
- gen_sti:
- gen_helper_sti(cpu_env);
- /* interruptions are enabled only the first insn after sti */
- /* If several instructions disable interrupts, only the
- _first_ does it */
- gen_set_hflag(s, HF_INHIBIT_IRQ_MASK);
- /* give a chance to handle pending irqs */
- gen_jmp_im(s->pc - s->cs_base);
- gen_eob(s);
- } else {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
- }
+ if (s->vm86 ? s->iopl == 3 : s->cpl <= s->iopl) {
+ gen_helper_sti(cpu_env);
+ /* interruptions are enabled only the first insn after sti */
+ gen_jmp_im(s->pc - s->cs_base);
+ gen_eob_inhibit_irq(s, true);
} else {
- if (s->iopl == 3) {
- goto gen_sti;
- } else {
- gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
- }
+ gen_exception(s, EXCP0D_GPF, pc_start - s->cs_base);
}
break;
case 0x62: /* bound */
--
2.5.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel] [PULL 7/7] target-i386: Dump unknown opcodes with -d unimp
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
` (5 preceding siblings ...)
2016-03-13 2:17 ` [Qemu-devel] [PULL 6/7] target-i386: Fix inhibit irq mask handling Richard Henderson
@ 2016-03-13 2:17 ` Richard Henderson
2016-03-14 16:57 ` [Qemu-devel] [PULL 0/7] target-i386 fixes Peter Maydell
7 siblings, 0 replies; 9+ messages in thread
From: Richard Henderson @ 2016-03-13 2:17 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell
We discriminate here between opcodes that are illegal in the current
cpu mode or with illegal arguments (such as modrm.mod == 3) and
encodings that are unknown (such as an unimplemented isa extension).
Signed-off-by: Richard Henderson <rth@twiddle.net>
---
target-i386/translate.c | 127 +++++++++++++++++++++++++++++++-----------------
1 file changed, 83 insertions(+), 44 deletions(-)
diff --git a/target-i386/translate.c b/target-i386/translate.c
index 92cb1c8..dd8d5cc 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -99,6 +99,7 @@ typedef struct DisasContext {
int prefix;
TCGMemOp aflag;
TCGMemOp dflag;
+ target_ulong pc_start;
target_ulong pc; /* pc = eip + cs_base */
int is_jmp; /* 1 = means jump (stop translation), 2 means CPU
static state change (stop translation) */
@@ -2368,6 +2369,30 @@ static void gen_exception(DisasContext *s, int trapno, target_ulong cur_eip)
s->is_jmp = DISAS_TB_JUMP;
}
+/* Generate #UD for the current instruction. The assumption here is that
+ the instruction is known, but it isn't allowed in the current cpu mode. */
+static void gen_illegal_opcode(DisasContext *s)
+{
+ gen_exception(s, EXCP06_ILLOP, s->pc_start - s->cs_base);
+}
+
+/* Similarly, except that the assumption here is that we don't decode
+ the instruction at all -- either a missing opcode, an unimplemented
+ feature, or just a bogus instruction stream. */
+static void gen_unknown_opcode(CPUX86State *env, DisasContext *s)
+{
+ gen_illegal_opcode(s);
+
+ if (qemu_loglevel_mask(LOG_UNIMP)) {
+ target_ulong pc = s->pc_start, end = s->pc;
+ qemu_log("ILLOPC: " TARGET_FMT_lx ":", pc);
+ for (; pc < end; ++pc) {
+ qemu_log(" %02x", cpu_ldub_code(env, pc));
+ }
+ qemu_log("\n");
+ }
+}
+
/* an interrupt is different from an exception because of the
privilege checks */
static void gen_interrupt(DisasContext *s, int intno,
@@ -2887,7 +2912,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
b1 = 0;
sse_fn_epp = sse_op_table1[b][b1];
if (!sse_fn_epp) {
- goto illegal_op;
+ goto unknown_op;
}
if ((b <= 0x5f && b >= 0x10) || b == 0xc6 || b == 0xc2) {
is_xmm = 1;
@@ -2906,15 +2931,19 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
}
if (s->flags & HF_EM_MASK) {
illegal_op:
- gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
+ gen_illegal_opcode(s);
return;
}
- if (is_xmm && !(s->flags & HF_OSFXSR_MASK))
- if ((b != 0x38 && b != 0x3a) || (s->prefix & PREFIX_DATA))
- goto illegal_op;
+ if (is_xmm
+ && !(s->flags & HF_OSFXSR_MASK)
+ && ((b != 0x38 && b != 0x3a) || (s->prefix & PREFIX_DATA))) {
+ goto unknown_op;
+ }
if (b == 0x0e) {
- if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW))
- goto illegal_op;
+ if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW)) {
+ /* If we were fully decoding this we might use illegal_op. */
+ goto unknown_op;
+ }
/* femms */
gen_helper_emms(cpu_env);
return;
@@ -2939,8 +2968,9 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
b |= (b1 << 8);
switch(b) {
case 0x0e7: /* movntq */
- if (mod == 3)
+ if (mod == 3) {
goto illegal_op;
+ }
gen_lea_modrm(env, s, modrm);
gen_stq_env_A0(s, offsetof(CPUX86State, fpregs[reg].mmx));
break;
@@ -3266,7 +3296,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
case 0x172:
case 0x173:
if (b1 >= 2) {
- goto illegal_op;
+ goto unknown_op;
}
val = cpu_ldub_code(env, s->pc++);
if (is_xmm) {
@@ -3285,7 +3315,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
sse_fn_epp = sse_op_table2[((b - 1) & 3) * 8 +
(((modrm >> 3)) & 7)][b1];
if (!sse_fn_epp) {
- goto illegal_op;
+ goto unknown_op;
}
if (is_xmm) {
rm = (modrm & 7) | REX_B(s);
@@ -3509,12 +3539,12 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
reg = ((modrm >> 3) & 7) | rex_r;
mod = (modrm >> 6) & 3;
if (b1 >= 2) {
- goto illegal_op;
+ goto unknown_op;
}
sse_fn_epp = sse_op_table6[b].op[b1];
if (!sse_fn_epp) {
- goto illegal_op;
+ goto unknown_op;
}
if (!(s->cpuid_ext_features & sse_op_table6[b].ext_mask))
goto illegal_op;
@@ -3564,7 +3594,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
}
}
if (sse_fn_epp == SSE_SPECIAL) {
- goto illegal_op;
+ goto unknown_op;
}
tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
@@ -3932,12 +3962,12 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -3949,12 +3979,12 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
reg = ((modrm >> 3) & 7) | rex_r;
mod = (modrm >> 6) & 3;
if (b1 >= 2) {
- goto illegal_op;
+ goto unknown_op;
}
sse_fn_eppi = sse_op_table7[b].op[b1];
if (!sse_fn_eppi) {
- goto illegal_op;
+ goto unknown_op;
}
if (!(s->cpuid_ext_features & sse_op_table7[b].ext_mask))
goto illegal_op;
@@ -4156,12 +4186,14 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
default:
- goto illegal_op;
+ unknown_op:
+ gen_unknown_opcode(env, s);
+ return;
}
} else {
/* generic MMX or SSE operation */
@@ -4237,11 +4269,12 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
}
switch(b) {
case 0x0f: /* 3DNow! data insns */
- if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW))
- goto illegal_op;
val = cpu_ldub_code(env, s->pc++);
sse_fn_epp = sse_op_table5[val];
if (!sse_fn_epp) {
+ goto unknown_op;
+ }
+ if (!(s->cpuid_ext2_features & CPUID_EXT2_3DNOW)) {
goto illegal_op;
}
tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
@@ -4261,7 +4294,7 @@ static void gen_sse(CPUX86State *env, DisasContext *s, int b,
/* compare insns */
val = cpu_ldub_code(env, s->pc++);
if (val >= 8)
- goto illegal_op;
+ goto unknown_op;
sse_fn_epp = sse_op_table4[val][b1];
tcg_gen_addi_ptr(cpu_ptr0, cpu_env, op1_offset);
@@ -4306,7 +4339,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
target_ulong next_eip, tval;
int rex_w, rex_r;
- s->pc = pc_start;
+ s->pc_start = s->pc = pc_start;
prefixes = 0;
s->override = -1;
rex_w = -1;
@@ -4419,7 +4452,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
b = 0x13a;
break;
default: /* Reserved for future use. */
- goto illegal_op;
+ goto unknown_op;
}
}
s->vex_v = (~vex3 >> 3) & 0xf;
@@ -4769,7 +4802,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -4782,7 +4815,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
rm = (modrm & 7) | REX_B(s);
op = (modrm >> 3) & 7;
if (op >= 2 && b == 0xfe) {
- goto illegal_op;
+ goto unknown_op;
}
if (CODE64(s)) {
if (op == 2 || op == 4) {
@@ -4875,7 +4908,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_push_v(s, cpu_T0);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -5744,7 +5777,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fpop(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
} else {
/* register float ops */
@@ -5768,7 +5801,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fwait(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x0c: /* grp d9/4 */
@@ -5787,7 +5820,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fxam_ST0(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x0d: /* grp d9/5 */
@@ -5822,7 +5855,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fldz_ST0(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
}
break;
@@ -5922,7 +5955,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fpop(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x1c:
@@ -5940,7 +5973,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
case 4: /* fsetpm (287 only, just do nop here) */
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x1d: /* fucomi */
@@ -5992,7 +6025,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_helper_fpop(cpu_env);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x38: /* ffreep sti, undocumented op */
@@ -6007,7 +6040,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_op_mov_reg_v(MO_16, R_EAX, cpu_T0);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
case 0x3d: /* fucomip */
@@ -6053,7 +6086,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
}
break;
@@ -6524,7 +6557,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
val = cpu_ldub_code(env, s->pc++);
tcg_gen_movi_tl(cpu_T1, val);
if (op < 4)
- goto illegal_op;
+ goto unknown_op;
op -= 4;
goto bt_op;
case 0x1a3: /* bt Gv, Ev */
@@ -7035,7 +7068,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
set_cc_op(s, CC_OP_EFLAGS);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -7349,7 +7382,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -7718,7 +7751,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
}
break;
@@ -7940,7 +7973,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
}
break;
}
- goto illegal_op;
+ goto unknown_op;
case 0xf8: /* sfence / pcommit */
if (prefixes & PREFIX_DATA) {
@@ -7962,7 +7995,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
break;
@@ -8018,7 +8051,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
gen_sse(env, s, b, pc_start, rex_r);
break;
default:
- goto illegal_op;
+ goto unknown_op;
}
/* lock generation */
if (s->prefix & PREFIX_LOCK)
@@ -8028,7 +8061,13 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
if (s->prefix & PREFIX_LOCK)
gen_helper_unlock();
/* XXX: ensure that no lock was generated */
- gen_exception(s, EXCP06_ILLOP, pc_start - s->cs_base);
+ gen_illegal_opcode(s);
+ return s->pc;
+ unknown_op:
+ if (s->prefix & PREFIX_LOCK)
+ gen_helper_unlock();
+ /* XXX: ensure that no lock was generated */
+ gen_unknown_opcode(env, s);
return s->pc;
}
--
2.5.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [Qemu-devel] [PULL 0/7] target-i386 fixes
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
` (6 preceding siblings ...)
2016-03-13 2:17 ` [Qemu-devel] [PULL 7/7] target-i386: Dump unknown opcodes with -d unimp Richard Henderson
@ 2016-03-14 16:57 ` Peter Maydell
7 siblings, 0 replies; 9+ messages in thread
From: Peter Maydell @ 2016-03-14 16:57 UTC (permalink / raw)
To: Richard Henderson; +Cc: QEMU Developers
On 13 March 2016 at 02:17, Richard Henderson <rth@twiddle.net> wrote:
> This is primarily patches fixing Windows booting regressions
> introduced by myself. Many thanks to Herve for reporting them
> and Paolo for fixing two of them.
>
>
> r~
>
>
> The following changes since commit 3c0f12df65da872d5fbccae469f2cb21ed1c03b7:
>
> Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160304' into staging (2016-03-04 11:46:32 +0000)
>
> are available in the git repository at:
>
> git://github.com/rth7680/qemu.git tags/pull-i386-20160312
>
> for you to fetch changes up to 2354c42e1c365ceb2acf5e6163c004c7d17b6be4:
>
> target-i386: Dump unknown opcodes with -d unimp (2016-03-12 16:26:14 -0800)
>
> ----------------------------------------------------------------
> Collected target-i386 fixes
Subject says 0/7 but there's a lot more than 7 patches listed below:
> ----------------------------------------------------------------
> Alex Pyrgiotis (1):
> scsi-bus: Remove tape command from scsi_req_xfer
>
> Daniel P. Berrange (1):
> qmp-shell: fix pretty printing of JSON responses
>
> Dr. David Alan Gilbert (1):
> Postcopy: Fix sync count in info migrate
>
> Eric Blake (11):
> qapi-dealloc: Reduce use outside of generated code
> qapi: Rename 'fields' to 'members' in generator
> qapi: Rename 'fields' to 'members' in generated C code
> qapi-visit: Expose visit_type_FOO_members()
> qapi: Update docs to match recent generator changes
> chardev: Shorten references into ChardevBackend
> util: Shorten references into SocketAddress
> ui: Shorten references into InputEvent
> qapi: Avoid use of 'data' member of QAPI unions
> chardev: Drop useless ChardevDummy type
> qapi: Drop useless 'data' member of unions
>
> Fam Zheng (7):
> exec: Return RAMBlock pointer from allocating functions
> memory: Move assignment to ram_block to memory_region_init_*
> memory: Implement memory_region_get_ram_addr with mr->ram_block
> memory: Drop MemoryRegion.ram_addr
> exec: Pass RAMBlock pointer to qemu_ram_free
> exec: Factor out section_covers_addr
> exec: Introduce AddressSpaceDispatch.mru_section
>
> Frediano Ziglio (1):
> vnc: send cursor when a new client is connecting
>
> Gabriel L. Somlo (5):
> fw_cfg: expose control register size in fw_cfg.h
> pc: fw_cfg: move ioport base constant to pc.h
> acpi: pc: add fw_cfg device node to dsdt
> acpi: arm: add fw_cfg device node to dsdt
> fw_cfg: document ACPI device node information
>
> Gerd Hoffmann (4):
> tests: update acpi test data
> input: linux evdev support
> input-linux: add option to toggle grab on all devices
> input-linux: add switch to enable auto-repeat events
>
> Hervé Poussineau (1):
> i8257: fix Terminal Count status
>
> Jason Wang (1):
> net: filter: correctly remove filter from the list during finalization
>
> Jiri Pirko (4):
> rocker: forbid to change world type
> rocker: return -ENOMEM in case of some world alloc fails
> rocker: add name field into WorldOps ale let world specify its name
> rocker: allow user to specify rocker world by property
>
> Ladi Prosek (1):
> rng: switch request queue to QSIMPLEQ
>
> Liang Li (2):
> configure: detect ifunc and avx2 attribute
> cutils: add avx2 instruction optimization
>
> Paolo Bonzini (5):
> log: do not log if QEMU is daemonized but without -D
> net: simplify net_init_tap_one logic
> target-i386: Avoid repeated calls to the bnd_jmp helper
> target-i386: Fix SMSW and LMSW from/to register
> target-i386: Fix addr16 prefix
>
> Peter Maydell (9):
> Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2016-03-04' into staging
> doc/memory.txt: correct description of MemoryRegionOps fields
> Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
> Merge remote-tracking branch 'remotes/jasowang/tags/net-pull-request' into staging
> Merge remote-tracking branch 'remotes/amit-virtio-rng/tags/rng-for-2.6-2' into staging
> Merge remote-tracking branch 'remotes/kraxel/tags/pull-fw-cfg-20160308-1' into staging
> Merge remote-tracking branch 'remotes/amit-migration/tags/migration-for-2.6-6' into staging
> Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging
> Merge remote-tracking branch 'remotes/kraxel/tags/pull-ui-20160309-1' into staging
>
> Pranith Kumar (1):
> icount: possible options for sleep are on or off
>
> Prasad J Pandit (2):
> net: ne2000: check ring buffer control registers
> net: check packet payload length
>
> Ren Kimura (1):
> ui/console: add escape sequence \e[5, 6n
>
> Richard Henderson (4):
> target-i386: Fix SMSW for 64-bit mode
> target-i386: Use gen_nop_modrm for prefetch instructions
> target-i386: Fix inhibit irq mask handling
> target-i386: Dump unknown opcodes with -d unimp
>
> Samuel Thibault (1):
> MAINTAINERS: Add Samuel Thibault as slirp maintainer
>
> Thomas Huth (2):
> MAINTAINERS: Add entry for include/sysemu/kvm*.h
> MAINTAINERS: Add entries for include/net/ files
>
> Vincenzo Maffione (1):
> net: netmap: probe netmap interface for virtio-net header
>
> Wei Yang (1):
> kvm/irqchip: use bitmap utility for gsi tracking
>
> xiaoqiang zhao (1):
> doc/memory.txt: correct a logic error
>
> zhanghailiang (2):
> filter: Add 'status' property for filter object
> filter-buffer: Add status_changed callback processing
Something went wrong in your pull request creation?
thanks
-- PMM
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2016-03-14 16:57 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-03-13 2:17 [Qemu-devel] [PULL 0/7] target-i386 fixes Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 1/7] target-i386: Avoid repeated calls to the bnd_jmp helper Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 2/7] target-i386: Fix SMSW and LMSW from/to register Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 3/7] target-i386: Fix SMSW for 64-bit mode Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 4/7] target-i386: Fix addr16 prefix Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 5/7] target-i386: Use gen_nop_modrm for prefetch instructions Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 6/7] target-i386: Fix inhibit irq mask handling Richard Henderson
2016-03-13 2:17 ` [Qemu-devel] [PULL 7/7] target-i386: Dump unknown opcodes with -d unimp Richard Henderson
2016-03-14 16:57 ` [Qemu-devel] [PULL 0/7] target-i386 fixes Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).